Community discussions

 
ik3umt
Member Candidate
Member Candidate
Topic Author
Posts: 248
Joined: Tue Jul 08, 2014 3:58 pm

How should I manage a VPN over two WAN interfaces ?

Thu Jun 04, 2015 10:29 am

Two sites with two DSL internet connections each (static IP from ISP), I need to :

Create VPN tunnel to make the two LAN reachable each other (usually I use GRE with RIP)
Internet navigation
Failover/load-balancing/higher-speed using both connection each site.

How can I achieve all three together ??

I'm able to share two connections with PCC, to set up a VPN over a single one, but never tried all this together.
When I declare a remote IP endpoint for VPN , what if there are two on remote site ?
How can I keep VPN up if one of the endpoint becomes unreachable ?

Any suggestion ?

Thank you
 
ik3umt
Member Candidate
Member Candidate
Topic Author
Posts: 248
Joined: Tue Jul 08, 2014 3:58 pm

Re: How should I manage a VPN over two WAN interfaces ?

Mon Jun 08, 2015 5:36 pm

This is the scenario :
Image

Should I perhaps create two tunnel and bind them together some way ?
Or is it possible to create a "virtual" endpoint over PCC binding ?

Any help very appreciated.
 
User avatar
pukkita
Trainer
Trainer
Posts: 2984
Joined: Wed Dec 04, 2013 11:09 am
Location: Spain

Re: How should I manage a VPN over two WAN interfaces ?

Mon Jun 08, 2015 6:27 pm

You could use policy routing (routing mark) along with PCC so that each VPN is run across the desired WAN.

Regarding tunnels, once VPNs are established you are in control of both ends, opening possibilities; you can use nth to "spread" over available VPNs, or you can use BCP
Simplicity is the Ultimate Sophistication - Da Vinci
Getting the most out of this forum
 
ik3umt
Member Candidate
Member Candidate
Topic Author
Posts: 248
Joined: Tue Jul 08, 2014 3:58 pm

Re: How should I manage a VPN over two WAN interfaces ?

Mon Jun 08, 2015 11:29 pm

So, you're talking about multiple VPN , one per WAN connection ? Or better...like I supposed, run two tunnels , one each wan , and manage traffic between lan by routing over existing tunnels ??

I should have no problem to run a single (gre) tunnel on a single wan connection (i.e. a.a.a.a to c.c.c.c) and leave load balancing for internet purpose, but it would be interesting to achieve also failover for VPN other than simply internet.... (or better , failover would be preferable for VPN rather than internet bandwidth..)
 
User avatar
pukkita
Trainer
Trainer
Posts: 2984
Joined: Wed Dec 04, 2013 11:09 am
Location: Spain

Re: How should I manage a VPN over two WAN interfaces ?

Tue Jun 09, 2015 12:22 am

I'd load balance / failover Internet using PCC and routing marks which will also used to route each tunnel accross each WAN.

Then you bridge those two tunnels, and aggregate them by BCP.
Simplicity is the Ultimate Sophistication - Da Vinci
Getting the most out of this forum
 
User avatar
lyberis1979
Frequent Visitor
Frequent Visitor
Posts: 58
Joined: Mon Oct 20, 2014 2:43 am
Location: Athens, Greece
Contact:

Re: How should I manage a VPN over two WAN interfaces ?

Sun Jun 14, 2015 9:15 pm

I'd load balance / failover Internet using PCC and routing marks which will also used to route each tunnel accross each WAN.

Then you bridge those two tunnels, and aggregate them by BCP.


Hello, nice solution can you give us an example on this.


cheers.
 
User avatar
pukkita
Trainer
Trainer
Posts: 2984
Joined: Wed Dec 04, 2013 11:09 am
Location: Spain

Re: How should I manage a VPN over two WAN interfaces ?

Tue Jun 16, 2015 12:27 pm

Have a look at this presentation.
Simplicity is the Ultimate Sophistication - Da Vinci
Getting the most out of this forum
 
User avatar
lyberis1979
Frequent Visitor
Frequent Visitor
Posts: 58
Joined: Mon Oct 20, 2014 2:43 am
Location: Athens, Greece
Contact:

Re: How should I manage a VPN over two WAN interfaces ?

Tue Jun 16, 2015 12:52 pm

Have a look at this presentation.

Thanks that was very helpful.
Cheers.

Who is online

Users browsing this forum: Google [Bot] and 90 guests