4. (SOLVED) IPSEC on WAN and OpenVPN on WAN2 connection to same server

(SOLVED) IPSEC on WAN and OpenVPN on WAN2 connection to same server

  • N

    Hi,

    I have 3 sites, A, B and C. Site A and B have WAN1 with dedicated IPs and WAN2 over cellular (NAT-ed). Site C is cabled but also NAT-ed.

    I currently have an IPSEC connection between Site A and B on WAN1. I'd like to setup a backup OpenVPN connection on WAN2 for A and B. Devices on A and/or B should Failover to OpenVPN when IPSEC is down.

    Site C will connect to either Site A or B on the same backup OpenVPN connection, or a different one if required.

    I don't know how to approach this, because IPSEC P2 and OpenVPN will have access the same subnets on the remotes, but I want IPSEC to be a primary route.

    0
    N
     1 Reply
  • N

    My solution ATM is to use FRR and OSPF. I've setup IPSEC VTI on the WANs with public ips, and one openvpn pair for each WAN2 over the natted cellular connections. I have 3 vpn connections in total between A and B. OSPF will usually default on the IPSEC connection and use OpenVPN when IPSEC is down.

    I'd have set it up faster with some gateway groups and port forwards, but I expected it'd got too dirty when throwing site C in the mix. Haven't setup site C yet but I expect it will work in this setup.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy