07-13-2018 10:24 AM
We have setup a PBF to route traffic to a new ISP link we have in case our primary fails.
Both ISP interfaces are in one virtual router.
Once we change the default route to the Backup ISP and enable the PBF to forward all traffic to the Primary unless it fails, users can no longer connect to our GlobalProtect portal with the GlobalProtect client.
I know it is because of the new default route pointing at the secondary ISP, but is there a route I can create to fix?
07-13-2018 10:42 AM
Hi,
create 2 virtual routers with 2 seperate default gateways.That will be better. you can then create 2 different global protect 1 for main,1 for second isp.your Lan and isp1 will be at default, your isp2 will be at new virtual router.Then you will also add a LAN- next vr default vr route at new virtual router.
you can use pbf for main with monitor and 2nd pbf rule will route clients to isp2
Regards
07-23-2018 05:50 AM
The only thing I have tried as of yet, is to move the Global Protect Gateway and Portal to the ISP two connection. When I did this, the clients could successfully connect. The only problem I had at that point was that once connected, the users could not access the local network.
The VPN is used by a small number of users. The second ISP is only used to roll over for outbound access for internal users.
Is there a routing issue I am missing to allow the VPN to work on the second ISP?
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
