Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
lostboy10
New Contributor II

Created on ‎09-28-2023 11:01 AM

GRE Tunnels with Zscaler

I am looking to configure 2 GRE Tunnels with Zscaler for my internet traffic on a forti 7.4 cluster. If i understand this correctly i have to configure a GRE Interface , assign tunnel end IPs , add route towards GRE Tunnel.

 

But how do i setup 2 GRE Tunnels in Active/Passive mode ? does both of them are setup with Port1 and different remote end endpoints ? how is the switchover handled in case say GRE1 tunnel fails ? 

 

any help is appreciated.

Labels:
1962
0 Kudos
1 Solution
spoojary
Staff
Staff

Created on ‎09-28-2023 01:31 PM

You can do that based on the static route of the destination.

Change the ad distance of the secondary one to a higher number.


To ensure that the primary tunnel (GRE Tunnel 1) is used as the active path and the second tunnel (GRE Tunnel 2) is used as a backup, you can manipulate the route metric. Set the metric lower on the primary route.

 

 

Siddhanth Poojary

View solution in original post

1939
2 REPLIES 2
spoojary
Staff
Staff

Created on ‎09-28-2023 01:31 PM

You can do that based on the static route of the destination.

Change the ad distance of the secondary one to a higher number.


To ensure that the primary tunnel (GRE Tunnel 1) is used as the active path and the second tunnel (GRE Tunnel 2) is used as a backup, you can manipulate the route metric. Set the metric lower on the primary route.

 

 

Siddhanth Poojary
1940
lostboy10
New Contributor II
In response to spoojary

Created on ‎09-28-2023 10:40 PM

Thanks..so for tunnel 1 and 2 ..i can use my cluster vip and the other end will be zscalar endpoint 1 and 2 ?

And both of them can be setup on port1 ? 

 

1923
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.