Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

TZ500 Redundancy Tunnel

Hi,

We have a TZ500 in our office and created a VPN tunnel with our branch through 3rd party partner, and our branch is using the Fortinet firewall for the VPN establishment.


The partner would like to know how to establish a redundancy tunnel on TZ500. Have anyone the experience with the redundancy tunnel on TZ500?


The firmware version is 6.5.4.8-89n.

Category: Firewall Security Services
Reply
Tagged:

Best Answer

Answers

  • AjishlalAjishlal All-Knowing Sage ✭✭✭✭

    Hi @MarkCheng

    Fortigate and Sonicwall are setup with interface based tunnels. On the Sonicwall you don't specify the subnets in the tunnel policy using this method, instead you create static routes or use OSPF to control the routing.

    You create a tunnel for the primary connection and a backup connection. So if the Sonicwall has one ISP, and the Fortigate has two ISP's you have two tunnels on the Sonicwall, each negotiating to different ISP's on the Fortigate.

  • MarkChengMarkCheng Newbie ✭

    @shiprasahu93 Thank you for your references. I will take time to try the configuration.

    @Ajishlal Thank you for your suggestions. Yes, the SonicWall has one ISP only, and the Fortigate has two ISP's. I tried to put two of Fortigate's IPs as the primary and secondary gateway. Still, I observed it couldn't switch the gateway from the primary to secondary automatically when I turn off the primary IP. So even I short the primary gateway detection interval. Any suggestions?



  • ArkwrightArkwright Newbie ✭

    Try with just the non-working Fortigate IP address in the Primary gateway first, observe the logs. If you cannot get it working by itself, it's never going to be able to fail over to it.

Sign In or Register to comment.