This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IPsec VPN Failover Groups between two firewalls

Hello, everybody! Got a quick question for the experts out there.

I'm trying to set up an IPsec VPN Failover Group between two XGS firewalls, HQ and Branch, each with two WAN connections. I created 4 tunnels (two for each WAN connection) and added them to a failover group on both firewalls.

However, when the groups on both firewalls are enabled, they can't connect most of the time. The connection is only stablished when both firewalls try the same tunnel at the same time.

So my question is, are there any recommended ways to accomplish this? I've found a thread ( IPsec vpn failover between 2 XG with both 2 WAN connections ) where it's suggested to use only one failover group, on the branch firewall, but it's been 3 years since it was created and maybe something's changed.


This thread was automatically locked due to age.