[Mikrotik] Backup standby IPsec tunnel?
Hi Mikrotikers! Need some input. Anyone ever setup a script or have a sample config that would allow for a backup IPSec tunnel? I have 750GL working now with two tunnels to our Management centers. I'm just wondering if it can be setup to have the 750 have an active tunnel to the primary center, and a backup tunnel waiting to establish to the backup center if the primary goes down. Thanks, Jerry Roy -- next part -- An HTML attachment was scrubbed... URL: http://mail.butchevans.com/pipermail/mikrotik/attachments/20150625/68baa825/attachment.html ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://mail.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
Re: [Mikrotik] Backup standby IPsec tunnel?
I suspect you could configure the backup tunnel then disable it. Then use netwatch to check reachabilty of a host across the primary tunnel on down status, may involve changing route(s) as well. On up status disable the backup tunnel and change the routes back. I do something similar to enable / disable a vpn across a dsl link just to cut down on syslog noise when the dsl is down. Depending on the cost of bytes across your backup link, you might leave the backup tunnel connected all the time and just change route costs. On June 25, 2015 11:15:47 AM CDT, Roy, Jerry jerry@toltsolutions.com wrote: Hi Mikrotikers! Need some input. Anyone ever setup a script or have a sample config that would allow for a backup IPSec tunnel? I have 750GL working now with two tunnels to our Management centers. I'm just wondering if it can be setup to have the 750 have an active tunnel to the primary center, and a backup tunnel waiting to establish to the backup center if the primary goes down. Thanks, Jerry Roy -- next part -- An HTML attachment was scrubbed... URL: http://mail.butchevans.com/pipermail/mikrotik/attachments/20150625/68baa825/attachment.html ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://mail.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS -- Sent from my Android device with K-9 Mail. Please excuse my brevity. -- next part -- An HTML attachment was scrubbed... URL: http://mail.butchevans.com/pipermail/mikrotik/attachments/20150625/60a003b0/attachment.html ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://mail.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
Re: [Mikrotik] Backup standby IPsec tunnel?
+1 Netwatch being the easiest way Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Thu, Jun 25, 2015 at 10:50 PM, Scott Lambert lamb...@lambertfam.org wrote: I suspect you could configure the backup tunnel then disable it. Then use netwatch to check reachabilty of a host across the primary tunnel on down status, may involve changing route(s) as well. On up status disable the backup tunnel and change the routes back. I do something similar to enable / disable a vpn across a dsl link just to cut down on syslog noise when the dsl is down. Depending on the cost of bytes across your backup link, you might leave the backup tunnel connected all the time and just change route costs. On June 25, 2015 11:15:47 AM CDT, Roy, Jerry jerry@toltsolutions.com wrote: Hi Mikrotikers! Need some input. Anyone ever setup a script or have a sample config that would allow for a backup IPSec tunnel? I have 750GL working now with two tunnels to our Management centers. I'm just wondering if it can be setup to have the 750 have an active tunnel to the primary center, and a backup tunnel waiting to establish to the backup center if the primary goes down. Thanks, Jerry Roy -- next part -- An HTML attachment was scrubbed... URL: http://mail.butchevans.com/pipermail/mikrotik/attachments/20150625/68baa825/attachment.html ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://mail.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS -- Sent from my Android device with K-9 Mail. Please excuse my brevity. -- next part -- An HTML attachment was scrubbed... URL: http://mail.butchevans.com/pipermail/mikrotik/attachments/20150625/60a003b0/attachment.html ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://mail.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS -- next part -- An HTML attachment was scrubbed... URL: http://mail.butchevans.com/pipermail/mikrotik/attachments/20150625/fe2668d4/attachment.html ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://mail.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
