Hi Team,
I have a Vyos set it up in cloud and wanted to establish redundant site-to-site tunnel with customer. However I would like to make a automatic failover hence trying to set up VTI tunnel with R1 and R2 and will exchange the BGP Routes. Now the challenge is customer has a Check Point firewall below Router and has two ISP link again terminated on firewall and with Check Point technology they have achieved ISP redundancy.
Now even if I create a tunnel with R1 and R2; and achieved the failover with BGP. I wont be able to achieve redundancy with Check Point since I need to reach 192.168.10.0/24 from 10.10.10.0/24. To overcome this I am thinking to configure the iBGP between CP and R1/R2 and redistribute routes?
Is this fine approach? Can someone please suggest any other alternative?
TIA
Blason R
