How to set the VPN client connection failover?
Zyxel Employee
How do I set the VPN client connection failover?
The customer has 2 WAN IPs with two VPN connections at the branch site. One of them is a dynamic IP. The VPN connection must failover to WAN2 once the WAN1 connection is down.
Answer
Step1: In the web GUI, go to the Configuration > Network > Interface > Trunk > User configuration > Add screen. Set WAN2’s mode to Passive.
Step2. Enable Disconnect Connections Before Falling Back. |
Step3: Go to Configuration > VPN > IPSec VPN > VPN Gateway.
Set My Address to "0.0.0.0" (The USG will dial-up with the active WAN interface first).
Since WAN2’s interface IP is dynamic, you can use Dynamic VPN in this case.
Step4:
Please use the command line "Router(config)# client-side-vpn-failover-fallback activate"
The tunnel will fall back to WAN1 automatically once the WAN1 connection has recovered.
Categories
- All Categories
- 441 Beta Program
- 2.9K Nebula
- 208 Nebula Ideas
- 127 Nebula Status and Incidents
- 6.4K Security
- 528 USG FLEX H Series
- 331 Security Ideas
- 1.7K Switch
- 84 Switch Ideas
- 1.3K Wireless
- 50 Wireless Ideas
- 6.9K Consumer Product
- 293 Service & License
- 461 News and Release
- 90 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 4.7K FAQ
- 34 Documents
- 86 About Community
- 99 Security Highlight