TL-ER6120 VPN Load balancing
This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
TL-ER6120 VPN Load balancing
Model :
Hardware Version :
Firmware Version :
ISP :
Hi,
We have 2 VDSL (ADSL+) lines for internet Access at the office, and I bought a month ago 2 TL-ER6120 (V2) in order to balance the load of internet traffic AND site to site VPN on the 2 VDSL lines.
The scope is double: Take advantage of the 2 line's added bandwidth, and not lose connectivity if one of the VDSL lines fails.
I discovered that the TL-ER6120 doesn't allow to build the same VPN on 2 different WANs (same local network, same remote network)... Bad luck!
So I built this weird topology (see figure above) so that I can have 2 concurrent VPNs links (through sub-networks). This happens to work!
TL1 at bottom is in charge of load-balancing
[*]TL2 above is in charge of VPN links
But my issue is about failover: I have setup online detection on the 4 WANs of TL1:
WAN1 and WAN2 : ping on google (8.8.8.8)
[*]WAN3 and WAN4 : ping on remote Sophos firewall (internal interface)
What I would like is easy:
If WAN1 online detection fails, I want TL1 to route the traffic to WAN2 (and vice-versa)
[*]If WAN3 online detection fails, I want TL1 to route the traffic to WAN4 (and vice-versa)
Online detection doesn't seem to work: I need to disconnect the cable from the failing WAN interface of TL1 so that it stops using it.
This means that for example if VDSL line on the left goes down, I'll have to disconnect physically both blue cables (WAN1 and WAN3) from the TL1... That is what I would like to avoid.
Can anybody help?
Thanks in advance,
Eric.
PS: I can give more details on how I configured this if someone is interested.
Hardware Version :
Firmware Version :
ISP :
Hi,
We have 2 VDSL (ADSL+) lines for internet Access at the office, and I bought a month ago 2 TL-ER6120 (V2) in order to balance the load of internet traffic AND site to site VPN on the 2 VDSL lines.
The scope is double: Take advantage of the 2 line's added bandwidth, and not lose connectivity if one of the VDSL lines fails.
I discovered that the TL-ER6120 doesn't allow to build the same VPN on 2 different WANs (same local network, same remote network)... Bad luck!
So I built this weird topology (see figure above) so that I can have 2 concurrent VPNs links (through sub-networks). This happens to work!
TL1 at bottom is in charge of load-balancing
[*]TL2 above is in charge of VPN links
But my issue is about failover: I have setup online detection on the 4 WANs of TL1:
WAN1 and WAN2 : ping on google (8.8.8.8)
[*]WAN3 and WAN4 : ping on remote Sophos firewall (internal interface)
What I would like is easy:
If WAN1 online detection fails, I want TL1 to route the traffic to WAN2 (and vice-versa)
[*]If WAN3 online detection fails, I want TL1 to route the traffic to WAN4 (and vice-versa)
Online detection doesn't seem to work: I need to disconnect the cable from the failing WAN interface of TL1 so that it stops using it.
This means that for example if VDSL line on the left goes down, I'll have to disconnect physically both blue cables (WAN1 and WAN3) from the TL1... That is what I would like to avoid.
Can anybody help?
Thanks in advance,
Eric.
PS: I can give more details on how I configured this if someone is interested.
