subscribe to our Youtube


14455 questions

17168 answers


0 members

We are migrating to our new platform at Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.
0 votes
196 views 2 comments
by anonymous
We use RUT 955 to repatriate data.
We set up an IPsec VPN from the RUT to our Fortigate firewall.
But we have 2 fibers (backup and normal) reaching our Forti. We created 2 VPN conf, one per fiber IP address.
Our problem is that the RUT mounts the 2 VPN conf.
What is the best solution to have a secure connection?
Can we prioritize VPN connections?
You can prevent the second connection on the forti, but this implies having to make a modification to the firewall.

1 Answer

0 votes
by anonymous
Hello, I'm sorry, but I didn't really understand what two IPsec tunnels are used for?

You have one VPN server on which there are 2 external channels, most likely with the possibility of automatic reservation. Please describe in more detail (preferably with a diagram) the topology you want to get in the end.

Best regards, Anton
by anonymous

I try to explain with this schema

by anonymous
Hello, there is no IPsec failover in our devices.

I think there are two options here: this is to immediately raise 2 tunnels, and if the main channel breaks, the backup VPN will continue to work. Or use a small bash script that will ping the ip of the main channel and, if it is unavailable, will raise the backup IPsec. Run the script with the cron scheduler, for example, once every 5 minutes.

Best regards, Anton