We just implemented a dedicated connection between two of our plants in difference states. So, our current setup on our 110c at this facility, for example, is this: [ul] wan1 is internet connection ...
See more...
We just implemented a dedicated connection between two of our plants in difference states. So, our current setup on our 110c at this facility, for example, is this: [ul] wan1 is internet connection wan2 is a direct connection to the other plant there is an IPsec VPN created over wan1 that connects to fortigate at the other plant we have static routes setup for both of these connections for the same remote subnet, but use priority to pick which one is "turned on"[/ul] Usually we have the route that goes over the direct connection set to priority 0 so that it is used, and the VPN backup is set to priority 10. But if the direct connection goes down for some reason, we have to login and manually swap the priorities on the routes for traffic to start flowing over the IPsec VPN again. We would like this to be automatic, so that if direct connection on wan2 goes down, traffic starts flowing automatically over the IPsec VPN on wan1 instead to get to the remote facilities subnet. This thread makes it seem like this has been achieved before, although they don't say how (only complain about how existing sessions work when both are up again, which I don't think would be an issue for us): https://forum.fortinet.com/tm.aspx?m=107052 Any help or thoughts would be appreciated. Here is relevant bits of our static routes, currently configured in "use the backup IPSEC VPN mode":
Thanks!