multiple vpn clients failsafe



  • Let me start by saying im a complete noob. So let me try to explain and good luck figuring out what im talking about. I use a vpn service like PIA and sometimes the server im connected to goes down for maintenance. Though not often it does happen and seems to happen when im away for a week or more.....of course right. Anyway what id like pfsense to do is try to connect to the first vpn client if that doesn't work then try and different one. Or maybe there is a much easier solution that I've completely overlooked? Any help would be appreciated thank you.


  • LAYER 8 Netgate

    If PIA has multiple sites that can accept the same credentials, you should be able to add secondary remote entries to the custom options in the client configuration.

    https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage



  • @lightdark

    My solution is to check "Authentication Retry: (Check) Do not retry connection when authentication fails" and add the package Service_Watchdog, then set it to "watch" the PIAopenVPN service.

    Most failures I have seen from PIA were "Auth Failed" so it would keep retrying the same server, this way the service exits, Watchdog restarts it with a new DNS lookup thus new server.

    Might not be the only option but it seems to work great for me.


  • LAYER 8 Netgate

    Yeah. It depends on what the nature of the "failure" is. In this case it sounds like just the provider changing things around. Do they tell you to connect to an IP address or a hostname? Seems there's an infinite retry on DNS resolution that might also help.



  • Check out the following guide which explains quite well how to set up multiple OpenVPN client connections in pfSense:

    https://www.techhelpguides.com/2017/06/12/ultimate-pfsense-openvpn-guide/


Log in to reply