Setting up Site-to-Site VPN with multiple wan IP on both sides

HyungKim0105
HyungKim0105 Posts: 5  Freshman Member
Zyxel Certified Network Administrator - Security First Comment
in Security

I see the primary and secondary Peer Gateway address, which would be for the other site but what if "My address" also has 2 IP's for load balancing/failover?

I think if I was to select wan 1 or wan 2, it would not failover correctly when one of the link is down.

any help would be appreciated.

Thank you.

All Replies

  • Zyxel_Melen
    Zyxel_Melen Posts: 2,619  Zyxel Employee
    Zyxel Certified Network Engineer Level 1 - Switch Zyxel Certified Network Administrator - Switch Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate

    Hi @HyungKim0105,

    You may consider setting up DDNS for this requirement. In addition, the Nebula firewall supports auto-selecting the VPN outgoing interface.

    image.png

    After setting up, the Nebula control center will provide you with a domain to connect.

    Zyxel Melen


  • HyungKim0105
    HyungKim0105 Posts: 5  Freshman Member
    Zyxel Certified Network Administrator - Security First Comment

    Thank you for your reply.

    If I didnt want to go through the DDNS route, would setting up multiple site-to-site ipsec solve the problem?

    example - site 1 has ip 1.1.1.1 and 3.3.3.3. site 2 has ip 2.2.2.2 and 4.4.4.4.

    setup site to site 1.1.1.1 to 2.2.2.2 and 4.4.4.4.

    also set up 3.3.3.3 to 2.2.2.2 and 4.4.4.4.

    would this also work?

    Thank you.

Categories

Security Help Center

EnglishTiếng ViệtРусскийไทย中文(台灣)