Scenario 6 - Gre Over Ipsec Vpn Tunnel -Vpn Fail Over; Application Scenario; Configuration Guide - ZyXEL Communications ZyWALL USG Series Application Notes

Scenario 6 — GRE over IPSec VPN
Tunnel –VPN Failover

6.1 Application scenario

We want to use VPN tunnels to transfer important files between the branch Office
and HQ. To prevent the network from getting disconnected, we configure four WAN
interfaces to do redundancy. Now, we want to establish two VPN tunnels between
the two USGs to perform failover, to ensure that the transfer will not be interrupted
when the first connection encounters a problem. This will create a stable
environment for the transfer.

6.2 Configuration Guide

Network conditions:
USG1
- WAN1 IP: 192.168.1.33
- WAN2 IP: 192.168.2.33
- GRE tunnel interface1: 10.0.0.1
- GRE tunnel interface2: 10.10.0.2
Goals to achieve:
Use GRE over IPSec VPN to perform the VPN fail-over.
USG configuration
Step 1. Add two GRE tunnels on USG1. Go to CONFIGURATION > Tunnel.
ZyXEL – USG Application Notes
USG2
- WAN1 IP: 192.168.3.33
- WAN2 IP: 192.168.4.33
- GRE tunnel interface1: 10.0.0.3
- GRE tunnel interface2: 10.10.0.4
40