12-08-2015 06:28 AM
I have a Vyatta router that we use to serve up close to 100 VPN tunnels to different customers. We have some customers that have dual/failover internet connections and want the VPN to failover whenever their internet does. Currently we have each VPN set up so that it points to a static WAN address for the customer. When their internet moves to the secondary connection their IP changes and so the VPN fails to connect. I have experiemented with using 0.0.0.0 as the peer but that doesn't seem to work well with other VPN tunnels set to go to a specific IP. If a regular VPN tunnel goes to reconnect it hits the 0.0.0.0 instead of the specific tunnel configured for it.
Any thoughts on how to get this to work?
I have considered changing everybody to 0.0.0.0 but then everybody has the same preshared key and I am not sure if there is a limit to the number of tunnels under one VPN policy.
Any help or insight is greatly appreciated.