Hello,
I currently have an astaro setup with 1 Internal Interface and 1 External WAN Interface (WAN1). They were created by the installation wizard.
I have multiple IPSEC tunnels and Remote Access users connecting to this WAN interface.
There is no other traffic (i.e. http etC) on the system - just remote ipsec sites connecting to this astaro unit for access to network resources.
All works fine.
I would like to have a second WAN interface and get some of the ipsec tunnels and remote access users connect to this new WAN interface (WAN2).
This would balance my incoming ipsec tunnels across 2 internet connections giving me better resilience in case 1 connection went down.
(At least half the sites would still be able to connect!)
To test this idea:
I created a new network interface called it WAN2 and gave it the static ip address.
I did not select the "IPv4 Default GW" option as that remains with WAN1
I then went to remote access - ipsec and edited a connection:
Changed the interface from "External (WAN) to "WAN2" and saved.
However when the remote user tries to connect using the new want ip address he is unable to do so.
All other settings remain the same.
(If I change back to "External (WAN)" then user is able to connect without issue.
I assume I am being a naive in thinking that is all the changes I need to do on the astaro. [[:)]]
I am not concerned with load balancing as such i.e. if WAN1 went down and my local users did not have internet connectivity this would not be an issue.
My only concern is that remote users can connect to the head office site using either WAN1 or WAN2.
I would appreciate any help to guide me as to what other changes I need to make.
** Since my last message as a test I set the firewall to "Firewall is ping visible"
I found that from the internet I could ping WAN1 but not WAN2
Which I assume confirms that the issue is due to my failure to set the WAN2 properly as a second WAN interface.
Any guidance appreciated [[:)]]
Thank you.
This thread was automatically locked due to age.
