Why Experts Exchange?
Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.
Jim Murphy
Programmer at Smart IT Solutions
When asked, what has been your best career decision?
Deciding to stick with EE.
Mohamed Asif
Technical Department Head
Being involved with EE helped me to grow personally and professionally.
Carl Webster
CTP, Sr Infrastructure Consultant
Ask ANY Question
Connect with Certified Experts to gain insight and support on specific technology challenges including:
Troubleshooting
Research
Professional Opinions
Ask a QuestionDid You Know?
We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE
troubleshooting Question
Multiple site-to-site VPN connections between two networks
Qualitycomputer asked on
I have a client running a site-to-site VPN connection in order to allow secure RDP access to users at a remote site. The remote users are on a completely separate Windows domain and use the tunnel purely for port 3389 access to virtual workstations and RDP servers at my client's site. My client maintains two WAN connections - one from a DSL provider (on which the VPN tunnel lives), the other from a cable provider. They each have their own separate static IP address blocks.
My client uses a SonicWall TZ210 and utilitzes some of the bandwidth management features to optimize Internet traffic between their two WAN links. What we don't have is a redundant VPN connection to the remote site. The remote site apparently uses Cisco routers on their end which hasn't been any problem at all for the site-to-site VPN connection.
Is it practical to set up two VPN tunnels between the two sites so that if the DSL connection fails the cable connection can act as a failover? Would the remote site also need two separate IP blocks on their end or can they do something akin to a one-to-many relationship? Even if it is not practicle to have true failover capability, it would still be nice if I could uncheck the primary tunnel in the event of a DSL outage and instead mark the cable connection as the active tunnel. Is this easy to do?
My client uses a SonicWall TZ210 and utilitzes some of the bandwidth management features to optimize Internet traffic between their two WAN links. What we don't have is a redundant VPN connection to the remote site. The remote site apparently uses Cisco routers on their end which hasn't been any problem at all for the site-to-site VPN connection.
Is it practical to set up two VPN tunnels between the two sites so that if the DSL connection fails the cable connection can act as a failover? Would the remote site also need two separate IP blocks on their end or can they do something akin to a one-to-many relationship? Even if it is not practicle to have true failover capability, it would still be nice if I could uncheck the primary tunnel in the event of a DSL outage and instead mark the cable connection as the active tunnel. Is this easy to do?
Our community of experts have been thoroughly vetted for their expertise and industry experience.
The Distinguished Expert awards are presented to the top veteran and rookie experts to earn the most points in the top 50 topics.