Failover for VPN
Posted on 2004-04-19
We are running a Sonicwall PRO 3060 on our network and have 2 DSL lines connected to it for Load Balancing. Currently, I have internet traffic piped out through one of the connections, and all of our VPN's using the other connection so as to prevent our internet traffic from interfering with out VPN traffic. Now I would like to make it so that if the DSL connection that is running the VPN's goes down, they will all switch to the other DSL line's address. I am told I can do this by putting in a DNS name rather than an IP address in the remote VPN router's IPSec Gateway field for that particular Security Association. That part I understand. What I want to know is how then do I automatically manipulate that DNS record to change back and forth between the 2 addresses as connections go down and come back up. Is there a way to do it with a Windows 2000 DNS server, or something that will run on Windows? Something that will monitor an IP address, and if it goes down (misses x number of heartbeats or whatever), changes the DNS entry to another address. As soon as that IP comes back up and stays up for x number of hearbeats, it will switch it back again. Any ideas?