Below link explains about vpn failover with dual isp and dual vr, but cant I use same VR.
Why its mandtory to use two VR.
for you to be able to make an outbound ipsec connection ,you need to initiate a connection from you rsystem out to the internet
for your packets to reach their final destination ,a route lookup needs to occur an d a routing decission to which interface your packets should egrtess out of
If you only have 1 VR, only 1 default route can be active so both your tunnels will egress out of the same interface
If you are able to add host routes you could try to point each tunnel's destination IP out of a different interface, this could allow for a single VR setup.
If you are not able to add a host route (if your ISP assigns you a dynamic IP for example) you will need to rely on the default route. In this case, you will need an additional VR so each ISP can have it's own default route and each tunnel will only be active on the VR with the preferred ISP's default route
to confirm this is not possible with single VR going to same public IP?
I have VPN 1 - going through unique public IP to branch public IP
I have VPN 2 - going through unique public IP to same branch public IP
This is the same VR. To confirm this is not possible? I tried to move to dual VR but i caused a ton of routing issues and I had to revert. Will try dual VR set up again if its the only way possible.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!