Link to home
Start Free TrialLog in
Avatar of gthmpd
gthmpd

asked on

Create a VPN tunnel to the same private network.

Looking to find out if this scenario is possible and if so, a little nudge in the direction I should look up to implement.

I have to Offices seperated by 40 miles.  Branch A and B are connected with point to point fiber connection with an Ethernet hand off.  For all intensive purposes, both offices function as one subnet.

I have MPLS Internet service in both offices.  Branch A is the only one actually connected to the Internet.  Branch B comes across the Point to Point for and goes out Branch A's default gateway(10.0.0.1).  The Internet service in Branch B is directly connected to a video camera, for now.  But that can be taken down anytime.

What I'd like to know, is it possible after connecting another firewall to Branch B, with a gateway of 10.0.0.2, to create a VPN tunnel to Branch A's firewall and have it work as a redundant connection in case the Point to Point ever goes down?  Configuring the network to with the secondary gateway?

Both my Firewalls are Watchguard Core series.
Any help would be appreciated,
ASKER CERTIFIED SOLUTION
Avatar of TheTull
TheTull

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of gthmpd
gthmpd

ASKER

Thanks for the replies, I believe I'm following you so far.

If I use the subnet of 10.0.x.x for Branch A   and 10.1.x.x for Branch B, where would I place the routers? On either side of the current Point to Point?
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of gthmpd

ASKER

It does, Thanks Jon

At the risk of exposing my knowledge (as in lack there of) let me see I can break this down

I'll need a total of 4 Routers and 2 firewalls?

"A router to the point-to-point: Eth0/0 to your private LAN and Eth0/1 to your point-to-point fiber."
This isnt a routed connection now, so I'm assumming eth0/1 from Branch A would have the same IP as eth0/0 in Branch B and vice versa?

My Firewall in Brach A now has our public IP on the external port and the DG 10.0.0.1 on the trusted port.
I'm assuming I'll be doing Branch B the same way with the other Public IP on the External and a DG of say 10.1.0.1 ??

So you're saying I also need a router between my Firewall and the ISP provided hardware?

Thanks again,
also
~Jon


SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of gthmpd

ASKER

Thanks for your patience Jon,

We have broadband.

So one router off the Point to Point in each location,  where does the other router go?  Before the firewall?


Jon
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of gthmpd

ASKER

Ok, thanks again for everything.  I still need to get the HP routers.  Here goes nothing!


Jon