Automated recovery of Tunnels
-
I am sure I missed this somewhere, but I have had a couple of instances where I lost power and the router recovered well. However, I had to manually go in and reestablish the tunnels. Can this be automated?
Jon
-
2.0 is much better about re-establishing an IPsec tunnel. also, OpenVPN site-to-site seems to be bullet proof in just about every way.
Roy…
-
I am on 2.0, now the newest RC candidate. After a WAN failure I have to manually re-establish each tunnel. I thought maybe that I had just missed a config option somewhere. But it sounds like this is expected on IPSEC?
Jon
-
if you have traffic trying to go out the tunnel, the links should re-establish. do you have pfs 2.0 on both ends?
Roy…
-
Thanks Roy,
That is about a simple answer I have had to any issue. When I would look at IPSEC status and see the connection dropped and the "connect VPN" icon next to it, I thought I had to manually intervene. Two of my VPN connections are to training rooms that aren't always active. I tried it out and you were correct.
Thanks for setting my mind at ease.
Jon
-
If you specify a keep-alive IP that's in the remote subnet (inside the remote phase 2 network), it will bring up the tunnels automatically every time.
The connect button just sends a ping on the tunnel, nothing fancy.
