I am successfully using the LAN-to-LAN VPN and BOND between a ZS server (Site A) and a single ZS client (Site B). Site A has a single high bandwidth WAN connection and Site B has 2 x VDSL connections. It all works really great!
What I want to know is can I add another ZS client site to this existing setup (Site C) by using the exiting port/VPN/BOND established on the ZS server in Site A? Or is a LAN-to-LAN VPN and BOND a 1 to 1 configuration?
My ZS server at Site A has 2 x LAN-to-LAN VPN interfaces each on their own port 1194 and 1195 and I have created BOND00 with these two VPN interfaces.
My ZS client at Site B has 2 x LAN-to-LAN VPN interfaces (in client mode) using the 1194 and 1195 ports and I have created a BOND00 with these two VPN interfaces.
ZS Server at Site A BOND00 interface is configured with 192.168.50.1/24
ZS Client at Site B BOND00 interface is configured with 192.168.50.2/24
I use Netbalancer in Site B to route WAN traffic over the BOND and out the WAN of Site A (Works Great!).
Can I add another client site, Site C with exactly the same setup as Site B (LAN-to-LAN VPNs connecting to ZS server in Site A on same port numbers 1194, 1195) except provide its BOND00 interface with 192.168.50.3/24. Is this possible or are LAN-to-LAN VPNs and the BOND designed to work on a 1 to 1 basis?
Note – currently in my two sites I’m only using PSK on the VPN but if multiple client bonds is possible I presume I could issue X.509 certs from the ZS server Site A.