Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Failover OpenVPN mirrored/load balanced Servers with one WAN Address shared

    Scheduled Pinned Locked Moved OpenVPN
    2 Posts 2 Posters 358 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      MeltedTiger
      last edited by MeltedTiger

      Hi,

      I've been using pfsense for a while and i've been experimenting what I can achieve, one of the issues is that I'm not at home much, so in my free time I threw together a Frankenstein build to get a OpenVPN server up and working so I could remote back home. (I have a port forward for my main router to the pfsense box)

      Since due to the Frankenstein build (2003 HP Thin Client with a 1Ghz Processor/512MB of RAM - Memory Stick as the hard drive for pfsense) it's had a habit of breaking sometimes. Due to this it's cutting off my access back home.

      I've been researching but I can't find anything solid on whether I could setup a mirrored OpenVPN server between two pfsense boxes on my network and mirror the OpenVPN configuration between the two so I can still use the same port and same client configuration as I want to have a VM on one of my hypervisors running as the backup.

      Thanks in advance for any help and my apologies if this is a repost/wrong section post.

      -Dan

      1 Reply Last reply Reply Quote 0
      • DerelictD
        Derelict LAYER 8 Netgate
        last edited by

        High Availability would solve that. You would port forward OpenVPN traffic to the CARP VIP. If the primary goes down, the traffic will hit the secondary instead.

        XMLRPC sync would sync the OpenVPN server configurations between the two.

        It is an active/passive configuration though. The would be no "load balancing."

        Chattanooga, Tennessee, USA
        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.