Forum Discussion
Jack_39703
Nimbostratus
Nimbostratusvpn through LC
one vpn is set from branch to head office using one of the peer 1.1.1.1 at head office. sonic wall support backup peer so 1.1.1.1 and 2.2.2.2 are configured. however, the LC will use 3.3.3.3 and 4.4.4.4 by round robin. is there any suggestion? thanks
5 Replies
Cspillane_18296Hello Jack,
I'm not sure that I fully understand your query, would you be able to provide further information please?
You'll probably want to use a forwarding Virtual Server to forward VPN traffic straight through to an internal firewall, based on my own experience.
Thanks,
Chris
Jack_39703Hi Chris
I understand that I need to configure vs for incoming traffic. but how about the the outgoing traffic from HQ? i configured outgoing traffic from hq using load balance from 4 different ISP. as a result, the outgoing traffic may have 1.1.1.1, 2.2.2.2, 3.3.3.3, 4.4.4.4 as it's source but branch accept only 1.1.1.1 or 2.2.2.2.
Thanks.
Jack- JRahm
Admin
are you licensed for LTM? If so, you could write a simple iRule to source traffic to your branches with a snatpool. Without the license, another possibility to is to policy route your VPN traffic with your L3 gear to the LC on a specific virtual where a snatpool with only 1.1.1.1/2.2.2.2 defined in a snatpool. Of course, this assumes snatpools are available on LC, and I don't have any exposure to that product. HTH...Jason - Jack_39703thanks for the reply, Jason. we do not have the LTM license and those L3 equipment controlled by ISP. i attached a revised diagram, any hint?
- JRahmI don't see the attachment. Have you tried an iRule, it's not obvious in the 10.2.1 LC manual, but it appears there is iRule support. Sorry I don't have more helpful info, LC isn't a product I've used before.
