Cradlepoint to Sonicwall Redundant Tunnel
Current Setup -
Home Office - Stacked NSA2700s with a single 500x500 DIA from Charter
Mobile Units - 30x Cradlepoint IBR1700
Setup- Site-to-Site IPSEC tunnel from Each IBR1700 back to the Head Office. We operate in the tunnel-all mode because of specific security policies our field traffic must come from our public at the home office.
Home Office - We've added a backup 100x100 DIA from Horizon
The Goal - is to add redundant VPN tunnels from each mobile, so if the charter fails, Horizon will become active, etc etc
The issue - when using standard Site-to-Site IPSEC tunnels, the NSA's error with overlapping subnets is defined on the destination policy of the tunnel.
Is it possible to route based tunnels from the Cradlepoint to each IP of the NSA2700's? What would be your best practice in this scenario?