This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UTM to UTM LAN interconnect via RED L2 tunnels: how to deploy WAN Uplink Redundancy?

We implemented a working L2 LAN interconnect with a single UTM9 to UTM9 RED tunnel. The RED server site has 3 WAN uplinks. The RED client site has a single WAN uplink. Is it possible to deploy the WAN Uplink Redundancy? Something like setting up 3 RED tunnels, each using a different WAN uplink on the RED server. If the primary RED tunnel fails, the LAN interconnect automatically  falls back to one of the other two tunnels. Or, perhaps even better, to use all 3 tunnels in parallel. Does this sound feasible?



This thread was automatically locked due to age.
Parents
  • This can work, Jocky, but not if you bridge the two ends as I suggested in your thread about DHCP.  Frankly, this would seem more valuable than the bridged solution and could be done easily with Multipath rules.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • This can work, Jocky, but not if you bridge the two ends as I suggested in your thread about DHCP.  Frankly, this would seem more valuable than the bridged solution and could be done easily with Multipath rules.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
  • Hm, that's a pity then, because we use a L2 RED tunnel where at both ends we bridge the red nic with the internal lan nic. We require interconnected LAN with same IP network address at both ends. I agree, the redundancy is valuable, but since the interconnected LAN is only a temporary solution for a couple of weeks we can survive w/o redundancy. Why is it multipath and uplink balancing cannot work with RED L2 tunnels?

  • Multipath rules only apply to Uplink interfaces, and that requires a default gateway.  Hmmmm...

    I've never tried this, but what happens if you add the IP on the Client UTMs LAN interface as a default Gateway to the LAN interface on the Server UTM?  Make sure the Server UTM has Multipath rules that capture all other traffic.  The rule for RED traffic would need to be at the top of the list.

    If that works, then try adding a second and third RED connection.

    An interesting thought experiment.  If it works, please let us know!

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA