Route clients to internet if VPN is down
Hi,
We are connecting our ERP over a site to site tunnel, just to make it a litte bit more secure. We are also able to reach the ERP over internet on public IP´s
If our VPN goes down, or clients cannot not access the servers on there privare IP´s even if tunnel are up, then I would like to clients to access the ERP over Internet instead.
Do you know if I could setup it up to do that somehow?
Connections to ERP are made by HTTPS
I use a firebox M370 cluster.
Br, Pelle
0
Sign In to comment.
Comments
Hi @PDD
You could likely do this with a BOVPN Virtual interface, which allows you to set metrics for your routes:
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/bovpn/manual/bovpn_vif_metric_failover_c.html
-James Carson
WatchGuard Customer Support
Potentially could also couple the BOVPN Virtual Interface with a SDWAN rule specific to the traffic for the ERP system (so priority to the BOVPN virtual interface, but fail over to the Internet route).
I recall having to do something like this for a client's hosted ERP system although their routes were MPLS WAN link first then BOVPN [over Internet] as failover, but concept still being the same.