Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IPSEC Failover - how to implement?

    Scheduled Pinned Locked Moved IPsec
    4 Posts 4 Posters 1.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Z
      zanthos
      last edited by

      I'm planning to implement a failover IPSEC tunnel between two sites.

      Site A will have to independent static connections to the internet with to ISPs.
      Site B will have one static connection to the internet.

      Main problem is, if one of the two connections from site A fail, the IPSEC tunnel should switch to ISP B.

      How to implement this?
      Would openVPN be a better option?
      site2site.png
      site2site.png_thumb

      1 Reply Last reply Reply Quote 0
      • M
        mannyjacobs73
        last edited by

        I believe this can only be done with the help of the ISP, but I am not 100%.

        I'd be interested to know if anyone provides some other idea.

        1 Reply Last reply Reply Quote 0
        • dotdashD
          dotdash
          last edited by

          OpenVPN is a better option for this situation. You could use a dyndns target which would switch between the ISP's at site A.
          There is no way to have two targets for the same connection like you can do in some commercial firewalls.

          1 Reply Last reply Reply Quote 0
          • A
            acc4ever
            last edited by

            I accomplish what you request, using WAN groups and dyndns..

            I attach my configurations, hope this helps you

            ![Screen Shot 2016-07-25 at 5.43.41 PM.png](/public/imported_attachments/1/Screen Shot 2016-07-25 at 5.43.41 PM.png)
            ![Screen Shot 2016-07-25 at 5.43.41 PM.png_thumb](/public/imported_attachments/1/Screen Shot 2016-07-25 at 5.43.41 PM.png_thumb)
            ![Screen Shot 2016-07-25 at 5.43.50 PM.png](/public/imported_attachments/1/Screen Shot 2016-07-25 at 5.43.50 PM.png)
            ![Screen Shot 2016-07-25 at 5.43.50 PM.png_thumb](/public/imported_attachments/1/Screen Shot 2016-07-25 at 5.43.50 PM.png_thumb)
            ![Screen Shot 2016-07-25 at 5.46.08 PM.png](/public/imported_attachments/1/Screen Shot 2016-07-25 at 5.46.08 PM.png)
            ![Screen Shot 2016-07-25 at 5.46.08 PM.png_thumb](/public/imported_attachments/1/Screen Shot 2016-07-25 at 5.46.08 PM.png_thumb)
            ![Screen Shot 2016-07-25 at 5.47.26 PM.png](/public/imported_attachments/1/Screen Shot 2016-07-25 at 5.47.26 PM.png)
            ![Screen Shot 2016-07-25 at 5.47.26 PM.png_thumb](/public/imported_attachments/1/Screen Shot 2016-07-25 at 5.47.26 PM.png_thumb)

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.