10-14-2025 04:07 AM
Hi All,
We are using one isp link for internet browsing and 2 site to site tunnel. Now we have procure another isp link and want to configure it as a primary for internet traffic and one location (India) site to site vpn.
Below my approach to achieve this
1. Configure new isp link with lesser priority for interent traffic and one location (India) site to site and if its fails traffic divert to secondary isp. Will my secondary tunnel works with secondary isp, as im not creating with primary isp.
2. Create pbf rule to route internet traffic from primary isp and above create no pbf rule for site to site vpn, so vpn traffic will follow via normal static route and security policies.
10-29-2025 11:53 AM
Hey Vishal,
Just to confirm, you want the new ISP to be the primary link for internet and for the India VPN, and if it goes down, all traffic should switch to the secondary ISP, right? That can definitely work, but make sure the VPN is configured to use both ISPs, either by defining two IKE gateways or by setting up a proper failover. Otherwise, the tunnel won’t re-establish automatically through the backup link when the primary goes down.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
