we have two isp link with ecmp load-balancing enabled. we only have one virtual router setup. we have configured GP vpn portal with one isp interface and how can i configure the GP vpn with second isp link as well. we would like to have two external Gateway.But global protect portal only showing to choose one outgoing interface.any help?
If you're trying to configure multiple outgoing interface under single portal then it won't allow you. You can select single interface only. But you can add new Global Protect Portal which will be used for 2nd ISP interface.
One question here, do you need both VPN setups separate or you are looking for something like failover?
Yes you can have multiple GP portals on same gateway. This shouldn't create any issue. I had done one of such POC in my environment and everything was fine. But i had kept both VPN setups separate. There was nothing like failover.
For failover part, you can refer below KB article.
I have the setup you are describing and Sutare is correct. You would have to have multiple Portals (for each ISP) for your GlobalProtect users.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!