Hi,
we need a solution for the following issue:
- We started with one WAN interface on our UTM 9. All incoming VPNs (site-to-site and client) are configured to it.
- China seems to now block this IP. We can’t bring up the site-to-site VPN or client VPNs to this IP.
- As a workaround we configured an additional interface as 2nd WAN interface with a different IP from our WAN IP range. (unfortunately additional IPs on the WAN interface can’t be used as VPN endpoint). The site-to-site VPN from China comes up on this interface/IP.
- Now the problems start. The ISP router sometimes gets the wrong MAC for some of our IPs.
So .. two WAN interfaces in the same network subnet/segment aren’t supported.
Changing the IP on the primary WAN link is barely possible because of all the client VPNs we have out.
Can someone advice on a different approach?
This thread was automatically locked due to age.