Site 2 Site OpenVPN with dual WAN

ashima

Hello,

I  have all my branches connecting to head Office through OpenVPN. Few of the branches  have pfsense boxes and others have cisco  e900 with ddwrt flashed. They are all working fine.

The head office is getting another Internet line.

I have gone through the article  https://doc.pfsense.org/index.php/Multi-WAN_OpenVPN.

I have configured the Server by setting the OpenVPN interface as localhost and port forwarding.    I have few questions :

1) At the client site how should I configure so that if  WAN1 of headoffice goes down, it should automatically connect through WAN2 of headoffice.

2) Do I have to distribute the certificates to the branches again after dual WAN change in the server. ( For road warriors I had to again download the certificates from the OpenVPN export client utility and reinstall it at the client side)

3) In ddwrt, can I just give 2nd wan IP and port in the additional config ?

Any Pointers ?

Regards,
Ashima

ashima

@ashima:

1. At the client site how should I configure so that if  WAN1 of headoffice goes down, it should automatically connect through WAN2 of headoffice.

I just realised custom option in Advanced Configuration  can have

remote WAN2 port udp

This will connect to the WAN2 if  WAN1 at headoffice fails.

But do I have to redistribute the certificates to the client after making the changes at Server.

Thanks,
Ashima