Creating a redundant IPsec VPN
To use VPN resiliency/redundancy, configure a list of FortiGate IP/FQDN servers, instead of just one:
This is a balanced but incomplete XML configuration fragment. All closing tags are included, but some important elements to complete the IPsec VPN configuration are omitted.
redundant_sort_method = 1
This XML tag sets the IPsec VPN connection as ping-response-based. The VPN connects to the FortiGate that responds the fastest.
redundant_sort_method = 0
By default, redundant_sort_method =0, and the IPsec VPN connection is priority-based. Priority-based configuration attempts to connect to FortiGates by starting with the first FortiGate on the configured list.