MPLS VPN failover via Ipsec

Forum|Forum|1 year ago
May 22, 2025
2 replies
523 views

Hello, we have a requirement to have a backup connectivity via Ipsec in case our MPLS P2P fails. I am trying to figure out how to do this since there are multiple vrf's involved.
The easiest way to achieve this would be to haveaBGP over ipsec per vrf and control the routing through BGP policies. But that would mean creating an Ipsec VPN for each vrf ?
Is there any easier way to do this ? Looking for some suggestions.

Thank you !

FortiGate

Anthony_E

Staff

Hello,

Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.

Thanks,

Best Regards

Yurisk

SuperUser

If you have multiple VRFs configured on the Fortigate, then yes - creating IPsec tunnels, then associating each tunnel & BGP with a specific VRF is probably the only one (easy or not) way to do it.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded