Create a Post
Showing results for 
Search instead for 
Did you mean: 

Dual site / Dual ISP redundant VPN


I'm new to VPN setups and I need to setup a resilient VPN between ourselves and a 3rd party. We have 2 data centers each with their own ISP link, the 3rd party only has a single data center.

I want to make us of both of our ISPs in an active/active setup for resilience and maintenance windows.

What is the best way to achieve this?

What needs to be done to enable internal users make use of either of our ISP's? How do I deal with a failure of one of our ISP links, is an internal load balancer required that can monitor each link for failure.

VPN topologyVPN topology?

0 Kudos
1 Reply

will make this easier.

You posted this in the SMB forum.
Are you using a 600/700/1200R/1400 for this or different appliances?
Are you having a pair of gateways for each ISP, one gateway for each ISP, or both gateways connected to both ISPs?
More details about the environment will definitely help us advise you accordingly.

In general, client systems do not cope well with multiple default routes, which is implied by your diagram.
Clustering the gateways and configuring both ISPs on both gateways will probably be the best approach.
0 Kudos