Hi
Iam new to Microtik and to this forum and I have a question regarding IPsec VPN.
I have two headend devices at 2 different locations. Iam trying to set up IP sec VPN connection to both of them.
However I cannot make them to Auto failover.
I configured policies and peers and VPN to both the head-ends come up. However only one policy is active.
When the primary VPN tunnel fails,how can I get the second tunnel working.
The second policy under IP>ip SEC is always in red highlighting it invalid.
If I want to use the second VPn then I have to enable that policy manually
Thanks for your reply sergejs, but I need redundancy for my VPN so I need to use same networks.
I need to have failover between tunnels. The router allows me to configures second peer but does not allow me to configure second policy.
The policy becomes invalid after adding.
Please advise if this can be done via script ?
regards
Nik
What about IPSec over GRE tunnel ?
You need to setup failover of two GRE tunnels to differnet destinations.
IPSec over GRE has then only one policy…it does not care where the GRE is actually terminated. GRE network simply needs to be up.
Yes, either you can follow Bartosz advise, or alternative option to setup script that disable first policy and enable second policy, when specific case is met (and vice versa second policy is disabled and first is enabled on opposite conditions).