1

My network is below, it's currently just an ordinary 192.168.0.0/24, the branch offices needs to have access to resources on the main site. Currently all internet traffic go across the bridge and through the Watchguards WAN connection. The Watchguard issues all DHCP leases to both sites.

enter image description here

Currently the Branch site WAN connection isn't operational but when it is, I want to make it so if the wireless bridge fails all traffic to the Main Site is routed over a VPN over the internet automatically.

How can I achieve this using the products and their features at hand? I'm not very familiar with the products. I understand that the Watchguard has a BOVPN feature and the SSG20 has VPN support but how would I also setup the routing? Is it possible to convert the wireless bridge into a WAN and just try to setup a Multi-WAN setup (with one WAN being a VPN) on both products?

tombull89
  • 2,964
  • 8
  • 41
  • 52
5graeham5
  • 13
  • 3

1 Answers1

0

You might want to look at a dynamic routing protocol like OSPF which both devices seem to support. However that would require that you give the main office one network range, and the branch office another. Whether that's the case now or not isn't clear from your question!

With OSPF, both paths would be active at the same time, however your wireless bridge would have a lower cost. In the case of failure, the higher cost of the VPN would suddenly become acceptable, and the traffic should start routing over that.

Niall Donegan
  • 3,869
  • 20
  • 17
  • The whole network is just 192.168.0.0/24, at the moment each host has to be able to access every other host on the network. – 5graeham5 Mar 01 '12 at 10:11
  • If it's pure routing with the firewall rules setup as necessary on each side, there's no reason they wouldn't be able to continue to connect directly. Putting each office on a separate network will make life easier further down the line as well when and if more are added. – Niall Donegan Mar 01 '12 at 15:11
  • 1
    http://www.watchguard.com/help/configuration-examples/vpn_failover_configuration_example_%28en-US%29.pdf – 5graeham5 Apr 06 '12 at 01:41