We'd love to hear about it! Click here to go to the product suggestion community
According to XG Firewall v17.5 specification:
„VPN and SD-WAN Failover and Failback including new IPSec failover and failback controls and SD-WAN link failback options.”
Does it really works between two XGs with two WAN ports each ? - 4 variants of the IPSec list are theoretically possible:
XG1-WAN1 to XG2-WAN1
XG1-WAN1 to XG2-WAN2
XG1-WAN2 to XG2-WAN1
XG1-WAN2 to XG2-WAN2
Does it really works, automatic?
Best Regards Peter
It does if configured correctly.
In reply to MasterRoshi:
OK. Thank you. I had just tested it between 2 XGs. It works.
To build Failover groups only on the Branch Office side - seems to be the best solution
Can you confirm this?
In reply to Piotr Szmyt:
Failover and Failback works. Now I test "route branch office internet traffic through the head office ISP gateway" via VPN IPSec connection
according to: https://community.sophos.com/kb/en-us/123261
In my XGs based police routing and internet traffic works only on primary site-to-site VPN IPSec connection. I had defined failover group on BO XG and 4 VPN IPSec connections between 2 XGs . Failover i Failback, after automatic switch to second or third VPN IPSec connection - works with communication between LANs but does not works internet traffic. Internet traffic works only on primary site-to-site connection...
Can you help me?