FLEX 200 VPN Failover
Ally Member
I have a client with 2 sites
Site A: ZyXEL FLEX 200 with dual WAN (2 different ISP's) enabled, both ISP's static IP
LAN1: 192.168.25.0/24
VLAN13: 192.168.13.0/24
VPN Tunnels:
- Local_LAN1<->Remote_LAN1 (S2S with static peer)
- Local_VLAN13<->Remote_LAN1 (S2S with static peer)
- Failover_Local_LAN1<->Remote_LAN1 (S2S with dynamic peer)
- Failover_Local_VLAN13<->Remote_LAN1 (S2S with dynamic peer)
Site B: ZyXEL FLEX 200 with dual WAN (2 different ISP's) enabled, 1 ISP Static IP, other wan dynamic)
LAN1: 10.0.0.0/24
VPN Tunnel:
- Local_LAN1 <-> Remote_LAN1 (Peer gateway Address primary and secondary configured
- Local_LAN1 <-> Remote VLAN13 (Peer gateway Address primary and secondary configured)
The internet failover works fine, also the VPN tunnel failover works fine. However, when it failovers, the hosts still can't see the other side anymore, unless I add routing rule and add "Next-Hop" and then insert the other tunnel as Next Hop on Site A. I tried to add 2 routing rules and thought it would work through priority, but this doesn't work.
Or am I doing this completely wrong and should I work with DynDNS or something like that and then only connect these addresses?
Or should I enter on both sides on "My Address" 0.0.0.0 and then only insert the static addresses in Peer gateway address from the other side?
Categories
- All Categories
- 442 Beta Program
- 3K Nebula
- 228 Nebula Ideas
- 130 Nebula Status and Incidents
- 6.6K Security
- 642 USG FLEX H Series
- 357 Security Ideas
- 1.8K Switch
- 86 Switch Ideas
- 1.4K Wireless
- 54 Wireless Ideas
- 7K Consumer Product
- 303 Service & License
- 496 News and Release
- 93 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 4.8K FAQ
- 34 Documents
- 89 About Community
- 110 Security Highlight
