How to set the VPN client connection failover?
Guru Member
How do I set the VPN client connection failover?
The customer has 2 WAN IPs with two VPN connections at the branch site. One of them is a dynamic IP. The VPN connection must failover to WAN2 once the WAN1 connection is down.
Answer
Step1: In the web GUI, go to the Configuration > Network > Interface > Trunk > User configuration > Add screen. Set WAN2’s mode to Passive.
Step2. Enable Disconnect Connections Before Falling Back. |
Step3: Go to Configuration > VPN > IPSec VPN > VPN Gateway.
Set My Address to "0.0.0.0" (The USG will dial-up with the active WAN interface first).
Since WAN2’s interface IP is dynamic, you can use Dynamic VPN in this case.
Step4:
Please use the command line "Router(config)# client-side-vpn-failover-fallback activate"
The tunnel will fall back to WAN1 automatically once the WAN1 connection has recovered.
Categories
- 7.7K All Categories
- 1.6K Nebula
- 53 Nebula Ideas
- 53 Nebula Status and Incidents
- 4.3K Security
- 215 Security Ideas
- 903 Switch
- 40 Switch Ideas
- 793 WirelessLAN
- 14 WLAN Ideas
- 5K Consumer Product
- 129 Service & License
- 260 News and Release
- 49 Security Advisories
- 6 Education Center
- 573 FAQ
- 273 Nebula FAQ
- 132 Security FAQ
- 73 Switch FAQ
- 72 WirelessLAN FAQ
- 7 Consumer Product FAQ
- Documents
- 34 Nebula Monthly Express
- 67 About Community
- 40 Security Highlight