SD-WAN with 2 WAN/External IP addresses

Hello, we have a WatchGuard m200 device in hosting center with a current ATT Fiber Internet circuit. The WAN/External IP is used for several site-to-site and client VPN connections so important that IP remains the same. We would like to add a secondary/backup Internet service from another provider like Comcast or possibly another connection from ATT, like their Cellular service. We can configure WAN fail-over to switch to the secondary/backup WAN connection, however we need to keep the Primary External IP as there are many site-to-site VPN connections that use the Primary IP. Does SD-WAN solve this problem where we can add a secondary/backup Internet service and configure policy to fail-over to secondary connection but still maintain the Primary WAN IP address on secondary connection?? As mentioned, need the External IP to be in place to not impact external connections. Please advise if SD-WAN configuration would solve this. Thank you.


  • Options

    No, SD-WAN does not help as SD-WAN is only for outgoing sessions, not incoming ones.
    XTM supports BOVPNs set up for 2 WANs, with failover to a secondary WAN.

    A public IP addr is usually associated with a particular ISP, thus it i s not trivial to have a public IP addr access via 2 different ISPs. You would have to contact your current ISP to find out options that may be available to you.

    Access can be to a DNS name instead of an IP addr.
    You can have primary & secondary IP addrs associated with a DNS name.
    Also there are ways to quickly change the IP addr associated with a DNS name to be changed to a backup IP addr.

  • Options

    Bruce, thanks for reply. I suspected I have to go down the DNS name path. Thanks

Sign In to comment.