Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Brainstorming for multi-site LAN (local), WAN (w/IPsec VPN), LAN (Metro Ethernet) setup

Hello,

Sorry if this is a bit broad, but just need a nudge in the right direction.

Struggling with how to utilize Metro Ethernet as an SD-WAN path for RO WAN traffic through HO, and if it is even possible.

Also, similar issue, how to approach using IPsec failover for local LAN traffic in the event Metro Ethernet is down.

All sites at v18-EAP3.

Goals are:

  1. To provide failover for LAN and WAN traffic at remotes using IPsec and HO WAN
  2. To provide load balancing for LAN traffic at ROs to HO

Current schema:

  1. Network LAN traffic is passing over Metro Ethernet to Head Office fine, with OSPF configured and working for 13 RO subnets.
  2. Local internet traffic is passing over local internet interfaces.

Remote Offices

Port 1 – LAN (local networks) 192.168.x.x

Port 2 – WAN (internet and testing IPsec VPN to HO)

Port 4 – LAN (Metro Ethernet handoff) 172.30.255.x

 

Head Office

Port 1 – LAN (local networks)

Port 2 – WAN (HO internet, and planned backup internet for ROs) 192.168.x.x

Port 3 – DMZ

Port 4 – LAN (Metro Ethernet handoff) 172.30.255.x

Port 5 – WAN (testing IPsec VPN to ROs)

 

Thanks,

Paul



This thread was automatically locked due to age.
Parents Reply Children
No Data