How to implement failover on VPN connection ?
Freshman MemberHello,
I want to set up a failover between two VPN connections, so when one of them fails, I switch automatically to the second one. I tested the use of VTI with a dedicated trunk. It worked once, but I saw that I had to create new firewall rules for the subnet that tests the connection between remote VTI interfaces.
I also tested the configuration of two remote gateways on the VPN gateway. The connection is active but when I disconnect an interface, the switch does not work. I think it comes from the fixed interface defined.
Are these the right solutions? Or is there something more strategic to implement?
All Replies
-
Hi @Piroux
Since it is vague of your question, could you please specific your model and the type of VPN? It helps us to understand your issue before providing a solutiona or workaround for you.
Zyxel Melen0 -
Hi everyone,
I’m also interested in this topic because I’ve been trying to set up VPN failover too. In my case, I noticed the same issue where the connection doesn’t automatically switch when one interface goes down.
Could anyone share if there’s a recommended method (like using SD-WAN, VPN trunk, or another approach) to make the failover more seamless?
Thanks!
0 -
Try to setup DDNS for your firewall and use this DDNS in your VPN configuration.
Zyxel Melen0
Guru Member
Categories
- All Categories
- 439 Beta Program
- 2.8K Nebula
- 196 Nebula Ideas
- 121 Nebula Status and Incidents
- 6.3K Security
- 475 USG FLEX H Series
- 312 Security Ideas
- 1.6K Switch
- 82 Switch Ideas
- 1.3K Wireless
- 45 Wireless Ideas
- 6.8K Consumer Product
- 283 Service & License
- 446 News and Release
- 88 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 4.3K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 93 Security Highlight
