Technical Tip: SSL VPN Redundancy
Description
This article describes how to achieve SSL VPN redundancy using two WAN links.
Solution
Use the following steps in order to guarantee VPN connectivity to any of both WAN interfaces.
Define them in VPN -> SSL-VPN Settings -> Listen on Interface(s) and make sure that both are added.
Or by CLI:
config vpn ssl settings
set source-interface "wan1" "wan2"
end
set source-interface "wan1" "wan2"
end
Note:
Adding multiple interfaces in the 'Listen on Interface(s)' field does not require a reboot or cause any disconnections for the existing connected SSL VPN users.
If a secondary WAN IP is needed, follow this KB article:
Create a firewall policy for each WAN interface as shown in the document: