Hey all,
I've configured WAN Link Load Balancing with 2 providers.
The problem is: How to configure the VPN tunnel to work with the 2 connections (configured with static ip on main firewall) without configuring 2 seperate tunnels?
Thanks in advance.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello. You can use two VPNs to the same end point with one as a backup but both can't be up at the same time. Unless you have two separate LAN networks to connect both at the same time throught two separate VPN..
My installations is as follow:
1 MPLS direct to main office using wan1, prioritized using routing
2 internet connections using wan2 and int2 with load-balance for external connections
1 internal network on lan1 connected to my switch
When wan1 in unavailable, routing dictates that the first VPN has to come up on wan2.
When wan2 is unavailable, routing dictates that the second VPN has to come up on lan2.
I also have WAN Status Check to disable static routes for inactive interfaces
Static Routes
MPLS - Distance 10 Priority 0
VPN1 - Distance 10 Priority 10
VPN2 - Distance 15 Priority 10
I had problems with both VPN coming UP at the same time and causing disconnections. I fixed it by turning of auto-negotiate and keepalive on the second VPN.
My main office expects a connection from wan1, by ICMP monitoring my ISP router. When my ISP router is unavailable main office expects a connections from the VPN. My mains office does not distinguish connections from wan2 or lan2.
I hope that i have helped.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1698 | |
1092 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.