How to set the VPN client connection failover?
Guru Member
How do I set the VPN client connection failover?
The customer has 2 WAN IPs with two VPN connections at the branch site. One of them is a dynamic IP. The VPN connection must failover to WAN2 once the WAN1 connection is down.
Answer
Step1: In the web GUI, go to the Configuration > Network > Interface > Trunk > User configuration > Add screen. Set WAN2’s mode to Passive.
Step2. Enable Disconnect Connections Before Falling Back. |
Step3: Go to Configuration > VPN > IPSec VPN > VPN Gateway.
Set My Address to "0.0.0.0" (The USG will dial-up with the active WAN interface first).
Since WAN2’s interface IP is dynamic, you can use Dynamic VPN in this case.
Step4:
Please use the command line "Router(config)# client-side-vpn-failover-fallback activate"
The tunnel will fall back to WAN1 automatically once the WAN1 connection has recovered.
Categories
- 7.2K All Categories
- 6 Education Center
- 1.4K Nebula
- 39 Nebula Ideas
- 46 Nebula Status and Incidents
- 4.1K Security
- 206 Security Ideas
- 791 Switch
- 34 Switch Ideas
- 681 WirelessLAN
- 11 WLAN Ideas
- 4.7K Consumer Product
- 113 Service & License
- 234 News and Release
- 43 Security Advisories
- 546 FAQ
- 258 Nebula FAQ
- 124 Security FAQ
- 73 Switch FAQ
- 68 WirelessLAN FAQ
- 7 Consumer Product FAQ
- Documents
- 30 Nebula Monthly Express
- 54 About Community
- 34 Security Highlight