English Čeština Deutsch Italiano Nederlands Türkçe

How to set the VPN client connection failover? Commercial Gateways icon

Avatar
Maurice Lejeune
  • Updated
Follow

 

 

How do I set the VPN client connection failover?

The customer has 2 WAN IPs with two VPN connections at the branch site. One of them is a dynamic IP. The VPN connection must failover to WAN2 once the WAN1 connection is down.

 

Answer

 

Step1: In the web GUI, go to the Configuration > Network > Interface > Trunk > User configuration > Add screen. Set WAN2’s mode to Passive.

 

Step2. Enable Disconnect Connections Before Falling Back.

 

Step3: Go to Configuration > VPN > IPSec VPN > VPN Gateway.

Set My Address to "0.0.0.0" (The USG will dial-up with the active WAN interface first).

Since WAN2’s interface IP is dynamic, you can use Dynamic VPN in this case.

 

Step4:

Please use the command line  "Router(config)# client-side-vpn-failover-fallback activate"

The tunnel will fall back to WAN1 automatically once the WAN1 connection has recovered.

 

KB-00146

Comments

0 comments

Please sign in to leave a comment.

console.log("Chat Department");