Dual VPNs with Dual ISPs with a Single Firewall to a Remote Site

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Dual VPNs with Dual ISPs with a Single Firewall to a Remote Site

Dual isp with tunnels have been configured. primary isp is on eth0/1 and secondary is on eth0/5.

Tunnel monitoring has been configured on primary tunnel. when primary isp goes down tunnel traffic will be shifted to secondary isp tunnel.

 

Physically i have tested by removing primary isp at firewall, automatically all traffic get shifted to secondary tunnel and secondary isp ethernet as expected.

 

the concern what has been observed that during live isp failover. when primary isp goes down, still i have observed primary ethernet at firewall level showing status as up even enabled path monitoring . and tunnel shifting to secondary tunnel. and in the route forwarding table still i can see the gateway was reaching at primary isp only.

 

need the support the concern.

1 REPLY 1

Cyber Elite
Cyber Elite

Hello,

All the UP status means is that the port sees a connection. I would recommend the monitor IP be at the remote site on the inside of the firewall, like its port. This way the port can still be up but the path will be down and should fail over properly.

Hope this helps.

Regards,

  • 665 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!