2 VPN tunnels with same subnets through different WAN ports
This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
2 VPN tunnels with same subnets through different WAN ports
Model :
Hardware Version : Not Clear
Firmware Version :
ISP :
Hello to all,
I'm using two TP-Link TL-ER604W. For each router I have two different ISPs each configured on both WANs - ISP1 on WAN1 and ISP2 on WAN2. I had set under load balancing section the link back up option to "Backup when any primary WAN failed". I had set WAN1 as primary and WAN2 as secondary. In this configuration WAN2 starts only when WAN1 port is down or there is no traffic. So I had mad the WANs redundant.
Next step was to set a VPN between both router. I had established successfully one VPN tunnel (VPN1) over WAN 1 on both routers.
Next step was to set another VPN tunnel (VPN2) to have redundancy on the VPN too with almost the same settings (same local and remote subnets) and different IKE and IP sec settings and all to go through WAN2. This is where I've got the problem. When I trying to save the IPSec setting with same local and remote subnets which were saved already in the first VPN tunnel (VPN1) I receive the following message "This Policy is in conflict with the No.1 IPsec Policy. The Policies cannot have the same Local Subnet and Remote Subnet." here Policy No.1 is VPN1.
Some how the router do NOT recognize the configuration of the "Link back up" option because WAN2 is not active until there is something wrong with WAN1. So following this logic I should be able to save and establish such tunnel only when WAN1 is not active and if it is not active that means that VPN1 will not be active. So there will be no overlapping or same routing in same time between VPN1 and VPN2 and I should be able to save the IPSec Policy.
I do need some help from anyone who had performed such or close to this scenario configuration to achieve my goal - redundancy on WAN port and redundancy on VPN tunnels. How to configure this with TL-ER604W?
Thank you in advance to the responders
Hardware Version : Not Clear
Firmware Version :
ISP :
Hello to all,
I'm using two TP-Link TL-ER604W. For each router I have two different ISPs each configured on both WANs - ISP1 on WAN1 and ISP2 on WAN2. I had set under load balancing section the link back up option to "Backup when any primary WAN failed". I had set WAN1 as primary and WAN2 as secondary. In this configuration WAN2 starts only when WAN1 port is down or there is no traffic. So I had mad the WANs redundant.
Next step was to set a VPN between both router. I had established successfully one VPN tunnel (VPN1) over WAN 1 on both routers.
Next step was to set another VPN tunnel (VPN2) to have redundancy on the VPN too with almost the same settings (same local and remote subnets) and different IKE and IP sec settings and all to go through WAN2. This is where I've got the problem. When I trying to save the IPSec setting with same local and remote subnets which were saved already in the first VPN tunnel (VPN1) I receive the following message "This Policy is in conflict with the No.1 IPsec Policy. The Policies cannot have the same Local Subnet and Remote Subnet." here Policy No.1 is VPN1.
Some how the router do NOT recognize the configuration of the "Link back up" option because WAN2 is not active until there is something wrong with WAN1. So following this logic I should be able to save and establish such tunnel only when WAN1 is not active and if it is not active that means that VPN1 will not be active. So there will be no overlapping or same routing in same time between VPN1 and VPN2 and I should be able to save the IPSec Policy.
I do need some help from anyone who had performed such or close to this scenario configuration to achieve my goal - redundancy on WAN port and redundancy on VPN tunnels. How to configure this with TL-ER604W?
Thank you in advance to the responders
