Hello:
We have a RUT-901 connecting via IPSec to a Sangfor fw. Everything is working fine.
What we would like to do is bring up a second IPSec tunnel to the Sangfor on a “standby” ip address and we would like to prioritize the tunnels so that the standby would be used in teh event the main went down.
Is it possible to do this?
Cheers,
john
Greetings,
Could you please provide some additional details?
- Could you share a simple sketch of your network topology, including IP addresses (don’t include any sensitive information)?
- Could you specify the conditions under which the tunnel should be considered down?
- How should the tunnel be monitored, by using ping inside the tunnel or via the IPsec DPD mechanism?
- What conditions should be met for the tunnel to switch back?
- Does the Sangfor firewall have two public IP addresses?
- Are you using Route-Based IPsec or Policy-Based IPsec?
Best regards,
Justinas