Site 2 Site OpenVPN with dual WAN
I have all my branches connecting to head Office through OpenVPN. Few of the branches have pfsense boxes and others have cisco e900 with ddwrt flashed. They are all working fine.
The head office is getting another Internet line.
I have gone through the article https://doc.pfsense.org/index.php/Multi-WAN_OpenVPN.
I have configured the Server by setting the OpenVPN interface as localhost and port forwarding. I have few questions :
1) At the client site how should I configure so that if WAN1 of headoffice goes down, it should automatically connect through WAN2 of headoffice.
2) Do I have to distribute the certificates to the branches again after dual WAN change in the server. ( For road warriors I had to again download the certificates from the OpenVPN export client utility and reinstall it at the client side)
3) In ddwrt, can I just give 2nd wan IP and port in the additional config ?
Any Pointers ?
- At the client site how should I configure so that if WAN1 of headoffice goes down, it should automatically connect through WAN2 of headoffice.
I just realised custom option in Advanced Configuration can have
remote WAN2 port udp
This will connect to the WAN2 if WAN1 at headoffice fails.
But do I have to redistribute the certificates to the client after making the changes at Server.