Redundant gateway
SN VPN Client Exclusive can be used to manage a redundant VPN gateway.
When combined with Dead Peer Detection (DPD) settings, this function allows the VPN Client to automatically switch to the redundant gateway as soon as the main gateway is detected as being down or unavailable.
If a peer is lost and a redundant gateway has been configured, the tunnel will automatically try to open again. You can configure a redundant gateway that is identical to the main one, in order to benefit from the automatic reopening mode without actually having to use two gateways.
The algorithm for taking into account the redundant gateway is as follows:
-
The VPN Client contacts the initial gateway to open the VPN tunnel.
-
If the tunnel cannot be opened after N attempts, the VPN Client contacts the redundant gateway.
The same algorithm applies to the redundant gateway:
-
If the redundant gateway is unavailable, the VPN Client will try to open the VPN tunnel with the initial gateway.
-
The VPN Client will not try to contact the redundant gateway if the initial gateway can be reached, but issues are experienced when opening the tunnel.
-
The VPN Client will not try to contact the redundant gateway if the initial gateway cannot be reached due to a DNS resolution issue.
IMPORTANT
The Redundant Gateway function cannot be configured together with the Fallback Tunnel function. You must choose one or the other, failing which the VPN Client could invoke undefined behavior.