8904 questions

10557 answers

16569 comments

15947 members

0 votes
139 views 2 comments
by
HI all

I successfully get to have 2 IPSEC Tunnel to same site but the one used is not the good one.

Explanation :

I have a central site (FORTIGATE) with 2 WAN Connection (An SDSL on nominal and a VSAT on BackUp). This 2 interfaces are Up at same time (not a failover, only the static routes priority make that the trafic will fo to SAT interface in case of no connection on SDSL).

On distance Site I have a RUT950 with a 4G Connection.

I need to join Central By the SDSL at first and by the VSAT if not possible.

RUT950 2 VPN are up and working but the router allways choose the VPN To the SAT IP when I make a ping.

Usually, on full fortigates config, I reach to make that using static routes and creating a static route for each the VPN Interface with adapted Priority/distances  ..

Can I make something like that on the RUT950 ?

From my part I search but I never have the possibility to choose the VPN Interface on the static route

Many thanks in advance for your help.

Manuel
by
I try using static route on Fortigate but same thing.

I Really think that I have to make that on RUT950 and i think its with something with the static route/priority added to the VPN interfaces or something like that...

Something like a link monitor on the interface isnt possible ? :

The 2 VPN Activated and UP but :
- When the VPN to the SDSL Central is UP, this will be the default route.
- When the VPN to the SDSL central is Down , the way will have to be the other VPN

Well I wait for your help and opinion on the suject. Thanks in advance.

Thanks

1 Answer

0 votes
by
Hello,

Unfortunately, right now we do not have such a feature implemented to monitor IPsec interface status, that would allow you to failover to back up interface. That would require additional development from us. Please contact the sales manager at Teltonika to begin an additional development project.

Regards.
by
Hi

Thanks for your reply.

I understood but I just want to be sure that you understand my question :

When we have 2 VPN IPSEC to same site BUT on 2 different public IP ...

Why Teltonika take ONE of them and not the other one ?
How it consider his "better" route ?

Impossible to change it ?

Thanks again

Manuel