I have an installation that I access remotely. So, not killing remote access is important here. Well, brief interruptions are OK but permanent ones would be very inconvenient.
I need to run some rather comprehensive tests on the SSG-5 which has been introducing some issues and has been temporarily replaced with an RV042. I need to switch the SSG-5 back into the production role in order to test it.
(This is NOT about failover. I want this to be manual.)
A block of public internet addresses. They are accessed through a managed "internet switch'
A managed LAN switch.
A workstation on the LAN that is accessed via 3rd party VPN.
An RV042 in use as temporary internet gateway with it's own public IP and an internal LAN address of 10.0.0.1
An SSG-5 which had been in use as the internet gateway with it's own public IP and an internal LAN address of 10.0.0.2
10.0.0.1 is the gateway for all the site workstations, etc. and I want to leave this alone. There is no DHCP enabled; all IP addresses are static.
I have other LAN addresses available if needed. Let's just say 10.0.0.3 and 10.0.0.4.
My preference is to manage the gateway devices from inside the LAN.
Here is the notion:
Start with both devices plugged into the internet switch and into the LAN switch.
Somehow switch between them re: being in the gateway role.
Either this means using some interim router as the gateway or changing their LAN IP addresses.
1) I'm not too sure about doing this but:
What if I install another RV042 on the LAN and give *it* the gateway address and give the actual gateways other LAN addresses?
Then, add a route to this added router that will point 0.0.0.0 to one of the devices mentioned above?
And change that route whenever a switchover is needed.
Would this all be on the LAN side? That's all I can imagine.
2) Assign 10.0.0.1 to both devices and switch their access on the managed LAN switch by turning their respective ports on and off?
If I turn one port on before turning the other off then there will be an IP conflict BUT that will last only as long as the other port is on. But, it could affect my remote connection in the interim even at that.
If I turn one port off befor turning the other on, then I'll lose the connection for sure. So that seems not an option.
3) Enter multiple default gateways for my workstation IP.
Change the active gateway to a have new LAN IP; one that's listed as a gateway on my workstation. Then I won't lose the remote connection (?).
Change the dormant gateway to have the gateway IP.
Change the old active gateway IP to a 4th IP that is not listed as a gateway anywhere - to avoid confusion on my workstation.
I don't like #1 as it inserts an "extra" device that's not really needed and would be involved in the testing.
I'm sure someone has had to deal with this situation. What are things that work?