VPN IPSec Failover

VPN IPSec Failover

VPN IPSec Failover
VPN IPSec Failover
2024-07-27 06:45:41 - last edited 2024-07-30 01:28:27
Tags: #VPN

Hi, is there a way to configure the VPN IPSec Failover for Omada GUI ?

 

 

https://www.tp-link.com/us/support/faq/3575/ this is for standalone mode and i cannot get to work with my setup.

 

i have both site with both two active wan, my current setup is site-to-site with Manual IPsec and with multple subnets.

If i change this to Auto IPSec could i get what i am looking for?

 

 

It is getting a little bit of annoying switching manually.

 

Thanks

  0      
  0      
#1
Options
1 Accepted Solution
Re:VPN IPSec Failover-Solution
2024-07-29 01:31:30 - last edited 2024-07-30 01:28:27

Hi @Jeesoon1 

Thanks for posting in our business forum.

Proceed with the manual creation of the tunnel and follow the guide standalone. The parameters should be matched in two tunnels. Then you go back to the page and choose them.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
Recommended Solution
  2  
  2  
#2
Options
7 Reply
Re:VPN IPSec Failover-Solution
2024-07-29 01:31:30 - last edited 2024-07-30 01:28:27

Hi @Jeesoon1 

Thanks for posting in our business forum.

Proceed with the manual creation of the tunnel and follow the guide standalone. The parameters should be matched in two tunnels. Then you go back to the page and choose them.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
Recommended Solution
  2  
  2  
#2
Options
Re:VPN IPSec Failover
2024-07-29 08:01:54

  @Clive_A 

Thank you, this works.

Another question, does this need to be create for every subnet ?

  0  
  0  
#3
Options
Re:VPN IPSec Failover
2024-07-30 01:28:21

Hi @Jeesoon1 

Thanks for posting in our business forum.

Jeesoon1 wrote

  @Clive_A 

Thank you, this works.

Another question, does this need to be create for every subnet ?

Aren't the subnets picked during IPsec creation?

You can have multiple subnets picked.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
  1  
  1  
#4
Options
Re:VPN IPSec Failover
2024-07-30 05:53:07

  @Clive_A 

 

Hi, unfortunately as per the guide the policy should use the IKEv1 which a single subnet only.

 

 

This is the warning when adding a either remote subnet or local networks

  0  
  0  
#5
Options
Re:VPN IPSec Failover
2024-07-31 01:17:31

Hi @Jeesoon1

Thanks for posting in our business forum.

Jeesoon1 wrote

  @Clive_A 

 

Hi, unfortunately as per the guide the policy should use the IKEv1 which a single subnet only.

 

 

This is the warning when adding a either remote subnet or local networks

Then use IKEv2. The guide did not use it because it does not require more than one subnet.

In different situation, play differently. The baseline is still the guide.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
  1  
  1  
#6
Options
Re:VPN IPSec Failover
2024-07-31 01:53:21

  @Clive_A 

 

Thanks! that works.

 

How about if i have both 2 ISP per site? what should be the best approach for this vpn ipsec fail-over ?

  0  
  0  
#7
Options
Re:VPN IPSec Failover
a week ago

  @Jeesoon1

Good question, got the same problem. Main site is connected with two ISP's and every of three branch offices also has two links.

LolleQ, Szczecin, ZS, PL
  0  
  0  
#8
Options