I am in the process of setting up the second tunnel to GCP
The first Tunnel is currently working on WAN1
The second Tunnel form GCP points to my WAN 2
Has anyone run redundant tunnels to a cloud provider?
Is there a way to disable a tunnel to verify if redundancy works?
How would you verify tunnel operation?
I am not aware how to get this working as the external VPNs are always terminated on the primary WAN (or the secondary WAN if the primary fails).
The way to go is set up a vMX in GCP and integrate it into AutoVPN. There you have the full SD-WAN flexibility.
GCP will initiate phase 1 and phase 2 to WAN 2
There is no Phase1, Phase2 in AutoVPN. It's just an option to choose if and how you would like to load balance your traffic over WAN1 and WAN2.
I can see GCP initiating on WAN 2.
It is failing since it is not configured yet.
The question is how do you disable a tunnel
@JED2021 wrote:I can see GCP initiating on WAN 2.
This is because you configured the cloud gateway that way.
@JED2021 wrote:It is failing since it is not configured yet.
The question is how do you disable a tunnel
remove the first tunnel config.
And again: You won't get happy with Extranet-VPNs on the MX if it has to be slightly more complex.
You can disable wan1. Or set wan2 to primary uplink (at the traffic shaping settings page)
But this is doing more than disabling the VPN on WAN1 as it shifts the full VPN functionality to WAN2. It will show the working VPN on WAN1 but not that both VPNs could operate.
Or, @JED2021, is that all that you want? Just a backup-tunnel and no simultaneous tunnels? I think I misinterpreted your whole post at the beginning.