<p>Scenario: I have a server in the cloud that needs to connect to an internal server in the office. There are 2 incoming connections into my office, ISP &quot;A&quot; and ISP &quot;B&quot;. The primary connection is A, but if A goes down, we can use B. The app running on the cloud server has no automatic failover ability (i.e., if A goes down, someone must change the app&#39;s conf to point to B).</p>

<p>My thought: If I can make a tunnel from the server to the FortiGate firewall currently guarding the HQ, the cloud app can simply be configured to connect to the internal IP address of the internal server. No need to manually change the app&#39;s conf.</p>

<p>The need: a VPN client that:<br>
+ can selectively send packets fulfilling a criteria (in this case, dest= IP address of internal server)*<br>
+ has automatic failover and failback ability</p>
<p>*solutions involving iptables and iproute2 are also acceptable</p>
<p>Can anyone point me to the right direction re: what package and the relevant howto?</p>
<p>Thanks in advance.</p>
<p>Rgds,<br>
</p>