<div>
If you have it set up with the correct weighting, then your B Firewall will fail back over to your M Firewall once it's able to re-establish connectivity. &nbsp; &nbsp;
</div>


If you have it set up with the correct weighting, then your B Firewall will fail back over to your M Firewall once it's able to re-establish connectivity.    

<div>
So your saying that a SSG5 can do a &quot;Active/Active&quot; Dual ISPs?<br />
<br />
What about the VPN situation, can I weight that in a sense, that it will re-eastablish the VPN on the secondary connection should the primary become un-available?<br />
<br />
And I can weight it that all &quot;HTTP/HTTPS&quot; type traffic goes out the secondary, and weight it so the traffic destined for the VPN goes out the Primary?<br />
<br />
Right now, the default failover is &quot;Active/In-Active&quot; since the Primary port is being used and the Secondary port is always set to Down status until failover.<br />
<br />

</div>


So your saying that a SSG5 can do a "Active/Active" Dual ISPs?

What about the VPN situation, can I weight that in a sense, that it will re-eastablish the VPN on the secondary connection should the primary become un-available?

And I can weight it that all "HTTP/HTTPS" type traffic goes out the secondary, and weight it so the traffic destined for the VPN goes out the Primary?

Right now, the default failover is "Active/In-Active" since the Primary port is being used and the Secondary port is always set to Down status until failover.



<div>
<div class="content wysiwyg-content">
I have a Juniper SSG5 Screen OS 6.2.0 running in Failover mode, everything works fine.<br />
But I have been hit up with a scenario, that I do not know if it is possible.<br />
<br />
Eth 0/0 ISP1<br />
Eth 0/1 ISP2<br />
<br />
Can I have a VPN on Eth 0/0 that if ISP1 goes down, will failover to Eth 0/1 ISP2? (Simply Yes, but please read on)<br />
While with the above VPN failover, can I have all other traffic go out Eth 0/1 ISP2, and fail over to Eth 0/0 ISP1 if ISP2 goes down?<br />
<br />
Hope that makes sense.<br />
Thanks In Advance for any responses.
</div>
</div>


I have a Juniper SSG5 Screen OS 6.2.0 running in Failover mode, everything works fine.
But I have been hit up with a scenario, that I do not know if it is possible.

Eth 0/0 ISP1
Eth 0/1 ISP2

Can I have a VPN on Eth 0/0 that if ISP1 goes down, will failover to Eth 0/1 ISP2? (Simply Yes, but please read on)
While with the above VPN failover, can I have all other traffic go out Eth 0/1 ISP2, and fail over to Eth 0/0 ISP1 if ISP2 goes down?

Hope that makes sense.
Thanks In Advance for any responses.

Juniper SSG5 Failover

Hardware-based firewalls provide more sophisticated protection for inbound and outbound traffic than the simple Windows software firewall or the basic NAT firewalls found in routers. These devices implement techniques such as stateful packet inspection, deep packet inspection, and content filtering; and may include built-in antivirus and anti-malware protection.

Hardware Firewalls

Networking hardware includes the physical devices facilitating the use of a computer network. Typically, networking hardware includes gateways, routers, network bridges, modems, wireless access points, networking cables, line drivers, switches, hubs, and repeaters. But it also includes hybrid network devices such as multilayer switches, protocol converters, bridge routers, proxy servers, firewalls, network address translators, multiplexers, network interface controllers, wireless network interface controllers, ISDN terminal adapters and other related hardware.