VPN with Load Balancer

Unanswered Question
Oct 2nd, 2007
User Badges:

Hi All,

i wan to create site to site vpn between two offices.

at my HO i have third part UTM.

at branch office i have two ISP and using load balancer for traffic sharing as well redundancy. both ISP has given different public ip address.

still i wan to create site to site vpn between branch having two different ip address and HO (single ip address)

is that possible to create two site to site vpn configuration on HO UTM for both the public ip address, thus whenever one link goes down and if load balancer switch to another ISP than VPN tunnel can get up by using another one.?

please post your suggetions...

- Dhaval Tandel

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
lcipriani Thu, 10/04/2007 - 06:17
User Badges:

You need to be careful when using load balancers in an IPSEC VPN environment. If the load balancer redirects traffic mid-session it will break your tunnel. The VPN server will think it's a replay attack and drop it. There are some load balancers that work with VPNs and some may require you to use their VPN solution to maintain the state of the tunnel.

There are easier ways to provide failover for VPNs if that's what you're looking for.


This Discussion