VPN Setup with MuleSoft CloudHub 2.0

In this blog, I will talk about the ideal design to set up a VPN that works in a PRODUCTION environment.

Customers often require MuleSoft CloudHub to connect with their on-premises or data centers, and VPN is a commonly chosen connectivity method.

One of the most frequent oversights encountered in Virtual Private Network (VPN) configuration is the employment of a single tunnel instead of deploying two tunnels. This is a common blunder that can have serious repercussions, leading to vulnerabilities and reliability within the network infrastructure. It is recommended to ensure that VPNs are set up using dual tunnels to guarantee maximum reliability.

Let’s dive more into it. Why does a single tunnel cause an issue? What is the significance of two tunnels?

Given below is the VPN (IPsec Tunnel) set up at a high level with just a single tunnel.

This is the most common mistake that has been observed in many projects and is realized during the later stage of SDLC or production.

Routine maintenance can briefly disable the tunnel of your VPN connection. Your VPN connection stops working during this time. For this reason, you must configure both tunnels on your endpoint.

The most robust and Ideal way is shown below by setting up two tunnels.

Routine maintenance can briefly disable one of the two tunnels of your VPN connection. Your VPN connection automatically fails over to the second tunnel during this time, so access is not interrupted. For this reason, you must configure both tunnels on your endpoint. Tunnel selection depends on your VPN endpoint capabilities and the routing type selection.

Hope this article is helpful.