Wan fail-over setup with site to site VPN
Freshman Member
I have a test setup with dual wan (4 public IPs) and VPN setup with "Primary" and "Secondary". also setting the ip as 0.0.0.0 instead of interface.
My understanding is with this setup wan should fail-over if one goes down.
(Wan trunking is setup up as least load first)
It seems to fail-over but when I ping the other site, it would intermittently "time out" and reconnect for a while, then "time out" again. VPN connection seems unstable after fail-over. I have set icmp check for all connections but its every 5 seconds (for testing), would that be why? or would it be something else?
any input would be greatly appreciated.
Thank you.
All Replies
-
If you unplug a WAN does it work correctly?
If one WAN is connected and does ping ok ping fail ping ok then it may think that the interface is ok at times so you may need to set the ping check to be longer or more tolerance
0 -
Do you also have routeing rules with ping check? as I have found that interface ping check and routeing ping check for the same WAN interface don't play nice
0 -
Thank you for your reply.
I changed the load balancing to "Weighted Round Robin" and it kind of stopped timing out.
now just checking if its the ISP.
I guess "Least-Load First" does calculations every time it sends out packets, hence the intermittent "time-out"
0
Guru Member
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 151 Nebula Ideas
- 98 Nebula Status and Incidents
- 5.7K Security
- 271 USG FLEX H Series
- 274 Security Ideas
- 1.4K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 42 Wireless Ideas
- 6.4K Consumer Product
- 250 Service & License
- 389 News and Release
- 84 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.6K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 74 Security Highlight
