Filter
Top Products
Chapter 6 Device Security Settings
Vantage CNM User’s Guide
127
There are two sets of VPN screens, VPN version 1.0 and VPN version 1.1. The version
depends on the device’s type and firmware version.
6.3 IPSec High Availability
IPSec high availability (also known as VPN high availability) allows you to use a redundant
(backup) VPN connection to another WAN interface on the remote IPSec router if the primary
(regular) VPN connection goes down.
In the following figure, if the primary VPN tunnel (A) goes down, the device uses the
redundant VPN tunnel (B).
Figure 58 IPSec High Availability
When setting up a IPSec high availability VPN tunnel, the remote IPSec router:
• Must have multiple WAN connections
• Only needs the configure one corresponding IPSec rule
• Should only have IPSec high availability settings in its corresponding IPSec rule if your
device has multiple WAN connections
• Should ideally identify itself by a domain name or dynamic domain name (it must
otherwise have My Address set to 0.0.0.0)
• Should use a WAN connectivity check to this device’s WAN IP address
If the remote IPSec router is not a device, you may also want to avoid setting the IPSec rule to
nailed up.
6.3.1 VPN Rules (IKE)
To open this screen, select a device, click Device Operation in the menu bar and then click
Device Operation > Device Configuration > Security > VPN in the navigation panel.