DX Infrastructure Manager

Expand all | Collapse all

Redudancy for Tunnel Cleint

  • 1.  Redudancy for Tunnel Cleint

    Posted 11-29-2017 04:44 AM


      In one of the customer place we have configured the tunnel client and the Tunnel server is  in another location. Customer is having 2 ISP link's and the tunneling was configured using one of the ISP link. Due to some reason my ISP link is down. customer has a facility to switch over to other ISP in case of failure and same has been done here. Due to the switch over my tunnel client is assigned a new IP because of which connectivity with the Tunnel server is down. can some one suggest if i can add 2 different IP's on the Tunnel client, and is there any solution available so that my Tunnel client is always Up.

  • 2.  Re: Redudancy for Tunnel Cleint

    Posted 11-29-2017 05:18 AM

    You might like to try to setup the second tunnel on the different IP and then this will just fail to connect, and continue to fail.

    Then "failover” to the other ISP and see if the second tunnel reconnects.

    I think this will work but it will need to be tested and check the queues reconnect as well.

    The customer will need to ignore the alarms that are raised for the failing tunnel, or delete them in a NAS pre-process.


  • 3.  Re: Redudancy for Tunnel Cleint

    Posted 11-29-2017 07:20 AM

    I am sorry to say - from Tech Support perspective, it might never been tested.

    So simply Tunnel connection is peer to peer.

    so we will never know how HUB Tunnel behaves in case IP's systematic failover even if dual sessions (always-on) are established.

  • 4.  Re: Redudancy for Tunnel Cleint

    Posted 11-29-2017 05:42 PM

    Hello, can you make an client to site IPSec tunnel with each one of the ISP and then let the dinamic routing choose the link, that way for the UIM the hubs IPS will persist.

  • 5.  Re: Redudancy for Tunnel Cleint

    Posted 12-01-2017 02:12 AM

    can you tell me how to do it and test the same.

  • 6.  Re: Redudancy for Tunnel Cleint

    Posted 12-01-2017 06:55 AM

    Hello aln1976 that's much more a network problem then a software problem and depends on what are your network infrastructure and your clients, so I suggest to consult your network team, and another possible solution is based on DNS, if you can register the hub's IP's on each ISP on one name i think that the nimsoft tunnel will work