IPSEC routing with 2 WAN's



  • So this is what im trying to accomplish -

    IPSEC –> Main Site (has 2 wan's)

    I need to be able to route specific traffic out of each WAN via the remote IPSEC.

    So for example - Website-A needs to go out over WAN-1 |  Website-B needs to go out over WAN-2.

    Locally I am able to get the firewall/routing to work correctly, A goes over Wan-1 and B goes over Wan-2.

    I cant seem to get this to work over the IPSEC tunnel....can anyone provide direction?



  • Determining which IPSEC goes out which WAN is determined by your phase 1 entries for each IPSEC.
    So if you edit the tunnel that is for WAN-1, ensure that under general that the interface selected is WAN-1 or one of it's CARP's, same thing for the tunnel you wish you go out WAN-2. Then verify the config on the remote side of things. Also, please better explain your design, are the tunnels going out over WAN-1 and WAN-2 hitting the same destination? if so are you just splitting the phase 2 entries between them?



  • Also, on your identifiers, I usually manually type those, as different versions have captured and relayed this differently.