How to setup VPN Backup ?

How to setup VPN Backup ?

 
1. Create n different LAN-to-LAN Dial-out profiles.
2. Create a VPN trunk and give it a name.
3. Add those LAN-to-LAN profiles into the VPN trunk. Now in 1 trunk there are n members.
4. Choose a backup mode (ERD).
5. Dial out on VPN connection to start the VPN backup process.

When member-1 is dropped, member-2 will be initiated automatically. If member can't be established or dropped, member-3 will be started automatically... if member-n can't be established or dropped, member-1 will be started automatically, and so on ( Default mode ).

Note : 
1. Now we only support n=2. In the future we will support more profiles in a trunk.
2. You may create more than one trunks.


Choose a Backup ERD ( Environment Recovers Detection ) mode.

There are 3 VPN backup modes:

1. None Mode
This is the default mode. The priorities of all the members in one trunk are equal. The process has been described above.

When member-1 is dropped, member-2 will be initiated automatically. If member-2 can't be established or dropped, member-3 will be started automatically...if member-n can't be established or dropped, member-1 will be started automatically, and so on.

2. AutoDrop Mode
Member-1 has the highest priority. The other memebers have equal priority. We can say member-1 is the Primary member and the others are Backup members.

If member-1 is down and member-m ( 1 < m <= n ) is up, router will try to connect member-1 periodically at predefined interval time. If member-1 can be established, it will drop member-m immediately. I will take some examples to explain the process.

If interval == 3600 seconds

Case1 :
Member-1(Primary member) is dropped -> router dials member-2 -> member-2 is up -> after member-2 has been up for 3530 seconds (3600-30), router starts the attempt to dial member-1 -> router will try 5 times connection every 6 seconds -> member-1 still can't be built up, now time is 3600 seconds -> after 3530 seconds member-2 is still up, router re-starts the attempt to dial member-1 -> within 30 seconds the member-1 is established -> drop member-2 immediately....

Case2 :
Member-1(Primary member) is dropped -> router dials member-2 -> member-2 has problem can't be established -> router dials member-3 -> member-3 is up -> after member-3 has been up for 3530 seconds (3600-30), router starts the attempt to dial member-1....

Case3 :
Member-1(Primary member) is dropped -> router dials member-2 -> member-2 is up -> after member-2 has been up for m seconds ( m < 3530 ), member-2 is dropped -> router dials member-3 -> member-3 is up -> after member-3 has been up for m seconds ( m < 3530 ), member-3 is dropped -> router dials member-4 -> member-4 is up -> after member-4 has been up for 3530 seconds (3600-30), router starts the attempt to dial member-1....

If the interval==0 second

The time when member-m ( 1 < m <= n ) is up, router will dial member-1 every 6 seconds.

If the interval<=30 seconds, treat it as 0 second.

Note :

1. Now we only support n=2.
2. You must define the interval time.

3. Resume Mode
Member-1 has the highest priority. The other members have equal priority. We can say member-1 is the Primary member and the others are Backup members.

When member-m (1 < m <= n ) is dropped, router doesn't dial member-( m + 1 ). Instead the router will return to dial member-1. There is no interval time setting, so when member-m is up, it will not be dropped by member-1.

Please refer to the following process for example. 
Member-1 is dropped -> dials member-1 -> member-1 can't be established -> dials member-2 -> member-2 can't be established -> dials member-3 -> member-3 is up -> member-3 is dropped -> dials member-1 -> member-1 can't be established -> dials member-2....

Note :

Now we only support n=2.


Steps for setting up VPN Backup

1. Create 2 different LAN-to-LAN Dial-out VPN profiles. 

This must be done via Web-UI. Go to VPN and Remote Access >> LAN to LAN and add 2 LAN-to-LAN profiles. Make sure the direction is OUT. There is no limitation to the VPN type, destination IP, etc.

Telnet to the router and type the command "vpn Trunk show_usable" to list all available LAN-to-LAN Dial-out profiles.



2. Create a VPN trunk and give it a name.

3. Add 2 LAN-to-LAN profiles into the VPN trunk. 
Run telnet command "vpn Trunk backup add test 1 2".



For more details, please run telnet command "vpn Trunk backup ? "

4. Choose a backup mode (ERD).
Run telnet command "vpn Trunk backup ERD test Resume".



For more details, please run telnet command "vpn Trunk backup ? "

5. Dial out one VPN connection to start the VPN backup process.

Note : 
One VPN profile can just join one VPN backup trunk. You may find in the Web-UI, when one profile has been added into one trunk, it will not be listed in the pull-down menu of Member1/Member2 field.

I don't introduce the Web-UI here because the next version will make huge changes.

NEWSLETTER

Nom (*)
Please let us know your name.
Email (*)
Please let us know your email address.