I´d like to use our RUTX09 and RUTX50 (RUTX_R_00.07.14.2) with different access media / cellular networks. Using IPsec is working fine so far. Due to our IT infrastructure there are different IPSec remote endpoints within different IP ranges for each access media. Currently I´m just able to add one remote endpoint that matches just one media. Is there any way to define two endpoints in order to setup an access media redundancy? Adding the same IPsec tunnel twice with different endpoints doesn´t exactly work, as they are both trying to set up a tunnel, what is prohibited by the vpn endpoint.
By default, each IPsec instance allows configuring only one remote endpoint. This means you cannot directly configure two different remote endpoints for a single IPsec tunnel to achieve access media redundancy by simply adding the same tunnel twice with different endpoints, as both tunnels attempt to establish simultaneously and conflict with the VPN endpoint restrictions.
To implement redundancy with multiple cellular networks or access media, you have a few options:
Multiple IPsec instances: You can create separate IPsec tunnel instances for each remote endpoint (i.e., for each access media). However, since both tunnels cannot be active simultaneously if they use the same local and remote subnets, you would need a mechanism to manage which tunnel is active at a given time (failover). This can be done by scripting or using routing policies to enable/disable tunnels or change default routes dynamically depending on the active cellular interface.