VIP is not set in IPSec configuration

  • Hi all, I have set up an IPSec tunnel with Azure. In the Interface field I initially specified the interface which has the VIP address of my cluster. When I connect, all is fine and everything works perfect.

    Though, at the same time I have created a failover Gateway Group because I use a dual WAN. This group I am using it as the Default Gateway of my system.

    Now, if I go back to the IPSec tunnel and instead of the interface with VIP address, I set the Gateway Group, then I notice that the IPSec tunnel never connects, because it is using the physical IP address instead of the VIP. I am going in the ipsec.conf and I can confirm that instead of the VIP, the leftid is the IP address of the physical interface of node 1 in the cluster.

    Any idea why this happens? Do I do anything wrong in my configuration?

    Thank you

  • OK, the solution is that in the failover security group, in the "Interface Address" field, I had to specify the VIP address. When I did this, then the right IP was showed in the config file.

Log in to reply