Creating fault-tolerant RRAS VPN connection

  • Thread starter Thread starter Anton Panyushkin
  • Start date Start date
A

Anton Panyushkin

Our headquarteers is connected to Internet via two ISPs and has two
blocks of registered IP adresses obtained from these ISPs. A Windows
RRAS VPN server is located in headquarteers LAN and it's private
IP-address is NATed into two registered IP-addresses: first IP-address
belongs to IP-address block that was given to us by the first ISP and
the second registered IP-address of VPN server pertains to IP-address
block that was given to us by our second ISP.
Also there are a number of brunch offices that are conected to
headquarteers network with RRAS VPN and they use IP adress of VPN
server that belongs to the block that was given to us by the first
ISP. That's how it looks in a figure.


Headquarteers /---------- ISP 1 ---- Internet ----
Brunch Office
/
RRAS VPN server---------/
\
\--------- ISP 2 ---- Internet



Since headquarteers has two Internet access points I presume that it's
theoretically possible to make brunch office VPN connection
fault-tolerant i.e. to configure RRAS to use two IP addresses of
headquarteers VPN servers in round-robin way.

Any ideas how to inplement this configuration?
 
Set up two VPN-connections with the two different IP-numbers from your ISP
in each brunch office.
Give one a higher metric and that will then act as the failover connection.

/Dennis
 
But it won't automatically switch back again when the first connection
is available. It will only switch if the second connection dies. You
probably need a third party solution to do connection sharing and load
balancing.
 
Back
Top