Configuring VPN with redundant ISP

Reply
Highlighted
L3 Networker

Configuring VPN with redundant ISP

Hi guys,

I want to know it`s possible to configure a VPN with redundant ISP.

I configure the VPN to use a 1 ISP , when this 1 ISP fail , my vpn go to my 2 ISP.

It`s possible to do it ?

Best Regards.

Thiago Lima.

Highlighted
L6 Presenter

Re: Configuring VPN with redundant ISP

Hi...Are you asking about SSL VPN for mobile users or site-to-site VPN?

Highlighted
L3 Networker

Re: Configuring VPN with redundant ISP

Site-to-Site

Highlighted
L6 Presenter

Re: Configuring VPN with redundant ISP

You can create 2 VPN tunnels, 1 tunnel on each ISP, and let dynamic routing handle the failover.  Thanks.

Highlighted
L3 Networker

Re: Configuring VPN with redundant ISP

My other Firewall doesn't support two tunnels for the same network destination.  I  need establish vpn through link 1,  when this link fails the vpn needs renegotiate in link 2.

In the other Firewall (Sonicwall Pro 2040) there are just one Link for internet/VPN. The VPN configuration don't have the IP of peer,  it's set 0.0.0.0. No matter what IP Palo Alto uses for initiate VPN, becauses Sonicwall accept any of IP in source.

Thanks

Highlighted
L6 Presenter

Re: Configuring VPN with redundant ISP

You can try the method discussed here:   https://live.paloaltonetworks.com/docs/DOC-3376

Thanks.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!