Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted

How to configure Remote Access VPN with multiple external links

Hi Check Point Guys!

 

I'm wondering regarding how to configure Remote Access VPN more than 1 external link,  I have Check Point 5400 Appliance with 2 wan links, one is an Active link and the other is the Backup link as the following diagram

 

rta1.png

 

I have selected the first primarily as ISP-A from the topology table

rta 2.png

 

And also configure ISP redundancy with Primary/Backup mode

rta 3.png

 

I would like to know how to setup Remote Access VPN when the Active link is unavailable and the Backup becomes an Active where the client does not need to reconnect VPN, Can we do that?

 

Appreciate all comments

 

Thank you in advance.

 

Regards,

Sarm

 

0 Kudos
3 Replies
Highlighted
Admin
Admin

Technically it has to renegotiate the VPN since it's now terminating on a different IP.
There are also specific Link Selection options for Remote Access VPN as well.
See: https://sc1.checkpoint.com/documents/R80.40/WebAdminGuides/EN/CP_R80.40_RemoteAccessVPN_AdminGuide/C...
0 Kudos
Highlighted

Hi PhoneBoy

 

Thank you for your comment.

 

To use multiple external links with remote access clients, I have to enable "Support connectivity enhancement for gateways
with multiple external interfaces" right?

rta 4.png

And Link Selection under IPSec VPN menu, I just select the address with the primary link, right?

When the primary link goes down for some reason then the backup link becomes an Active, I must re-connect the VPN with External IP of Backup link? 

 

Regards,

Sarm

0 Kudos
Highlighted
Admin
Admin

That all sounds correct.
0 Kudos