Hello together,
we are using a RUTX11 in our Firefighter Command vehicle. With the new update 07.05.3 the WLAN will not disconnect (WAN Inferface will not go in Status Down) when the vehicle left our building.
So the IPSEC VPN will not disconnect and reconnect over mob1s1a1.
I already set Station inactivity limit to 10.
Failover doesn’t work with IPSEC VPN if I’m correct.
That is very critical for us. Can some one help me?!
regards
Sebi
Hi Sebi,
so just to clarify: while the vehicle is in your station, you are connected to your stationary WIFI and as soon as you leave the building you want to switch to mobile, correct?
My suggestion would have been to use Ping/Reboot, but upon checking i found out that there is no setting to reconnect the IPSEC VPN from within that function.
Do you also need the IPSEC VPN within your stationary WIFI? If not, you could configure it only on mob1s1a1 and not on your WIFI network, then leave both connections online all the time and just prioritize WAN over GSM when it’s connected. maybe that way it way it will work.
Hi silentdrummer,
yes you are correct. In Station we have WLAN to connect over VPN to our Controlcenter and when we leave the building to a Mission the RUTX have to Switch to Mobile and the VPN have to reconnect over mobile.
With older Firmware we never had problems like that before!
All time the Command vehicle left the building the WAN Interface for WLAN went immediately to state Down so Internet and VPN switched to Mobile.
In the building we want to use WLAN because of performance and save mobile data volume.
Reboot Router everytime is a bad option! I’ll not rebote the System 3-4 Times a day!
Hi Sebi,
and you definitely need the VPN also within you stationary WIFI? The Ping/Reboot can also only restart the mobile connection for example, so the downtime is minimal.
You could try to create two separate IPSEC Connections for each interface, maybe then the failover works?
Hi Silentdrummer,
Yes, I need VPN over WIFI and Mobile to the same target! So I can’t create it zwo times.
The WIFI WAN Interface have only go into down state when the vehicle left the WLAN Range like the other FW-Versions before. It is not only a problem for the VPN, also for Internet access when the Router Still tring to use WIFI - WAN and not swaping to Mobile WAN.
Hello,
Thank you for reaching out!
While it’s hard to say what could be causing the issue here, one easy fix for now would be to setup failover. This would ensure that instead of relying on the physical state of WAN connection (connected/disconnected), the device will constantly check if ICMP packets can reach the internet and determine the state of connection this way.
To configure failover, please navigate to Network → Failover, and enable mob1s1a1 (SIM1) and your created WLAN interface. It is also important edit both enabled interfaces, and in the Flush connections on field add Connected and Disconnected options. Adding these options will ensure that all of the traffic that was flowing via the WLAN connection will be broken and re-established via the mobile connection. This will also apply when connecting back to WiFi - connections on mobile interface will be broken and will re-establish on the WiFi WAN. This will help save on data.
Once everything is configured, Save & Apply the configuration and test if everything is working as intended. It may take a few seconds to switch to mobile data, but failover rules can be adjusted to check the connection more frequently according to your needs.
As for the issue with WiFi WAN not showing a disconnected state, if my suggested solution works well, we can investigate it further.
Best regards,
Hello Daumantas,
thank you for these greate Update!
One question, I read in the past (have only in mind) that VPN is not working together with the Failover configuration. But you think that would not have any problems together?
regards
Sebi
Hello,
There should be no issues with the VPN connection, as upon a change of the active interface all connections should be broken.
If you experience any issues, try adding the option
closeaction=restart
To the advanced connection settings.
Let me know how it goes!
Best regards,
Hello,
I test it, but the VPN Connection wasn’t using any of the settings for Failover.
It always used the first Up WAN Interface (Network / WAN) for the Clients behind the Router the Sessions Swaped between WIFI and Mobile based on the Failover Rules. But the VPN wasn’t interesting in my Failover configurations. It ignored them all!
And now?
Hello,
The VPNs most likely ignored the failover service because of this:
If these options are not added, the existing connections are not broken and will continue going through the interface that the connection was established on until the next reconnection, which could be days later. Make sure to add these options to all interfaces and recheck.
Best regards,
This topic was automatically closed after 15 days. New replies are no longer allowed.