Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
421
Views
5
Helpful
3
Replies

FTD Remote Access 2 FQDN 1 link

andype
Level 1
Level 1

‎02-14-2023 01:30 PM

Hi guys,

I'm trying to use an interface (Outside) to be used as VPN RA with 2 different FQDN. Both ISP's are connected in differents DC's and differents networking devices but via vlnas all comes to the same inteface from FTD, so I have 1 intefaces to outside zone, and NAT is configured to resolve each ISP goes to the same IP-Interface FTD.

I have one FQDN working (principal.domain.io - ISP1) and I would like the users be able to connect to another FQDN (backup.domain.io - ISP2) using the same RA Policy.

The certificate are configured to CN=principal.domain.io but have SAN added with the second ISP.

At the end, be able to used the backup ISP (configured in VPN Profile) and switch the ISP, if principal fails.

Thanks.

Labels:
0 Helpful
3 Replies 3

andype
Level 1
Level 1
In response to Rob Ingram

‎02-14-2023 01:49 PM

Hi Rob.

I understand your point. But in my case, I just have one only link/interface/IP to reach both ISP's as the image. Today RAVPN with ISP1 is working, but RAVPN with ISP2 fails.

The goal is get both FQDN's working in the same RAVPN Policy. it's possible this?

 

case.png

Rob Ingram
VIP
VIP
In response to andype

‎02-14-2023 01:53 PM

@andype but you have 2 FTD interfaces, so a default route via only one of the ISPs?

 

0 Helpful

andype
Level 1
Level 1
In response to Rob Ingram

‎02-14-2023 01:56 PM - edited ‎02-14-2023 01:59 PM

Yes, I just have one route to reach both ISP's. The switch core decides which ISP use if any of those fails.

0 Helpful
Customers Also Viewed These Support Documents