Site-to-site VPN stopped working
I've had a site-to-site VPN working for some time. Today I noticed it is no longer working. How do I troubleshoot this? I dont see any indicator of an error or problem.
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
OK I figured out what I changed to cause this to happen. I enabled the WAN/LAN1 port to WAN mode. I wanted to create a WAN link backup. Why would site-to-site VPN stop working when I have this enabled. I have this currently disabled to allow site-to-site VPN to work. Do I need to recreate the site-to-site VPN policy if I re-enable the WAN/LAN1 port WAN?
- Copy Link
- Report Inappropriate Content
When you set the VPN, you need to choose the WAN Interface. I think it is the issue.
If you change the WAN port, then the you also need to change the WAN interface in VPN settings.
- Copy Link
- Report Inappropriate Content
I too configure all my routers with WAN and WAN/LAN1 as WAN ports, just in case I ever need to jack a cellular backup in.
Because I have 2 WAN options, the VPN Server provides a field where you pick which one will be used by that particular VPN config. I would imagine you may need to recreate the VPN definition after a signfiicant change (Like a second WAN port). That said, you could create a second VPN server config on the backup link...this is necessary and even makes sense because each of your WAN's will have a different IP address from their respective ISPs. If you have dynamic DNS at work, you still need to have two VPNs defined, because the DNS will just tell clients out on the internet which interface is active at that time.
I'm not saying that Omada couldn't be recoded to make your life easier and duplicate configs behind the scenes, but I think forcing people to think about what they are doing is still the better approach from a system design perspective, especially when it's security related.
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 568
Replies: 3
Voters 0
No one has voted for it yet.