openvpn client failover ... fails
-
Hi, just posted a successful HA setup diagram in another thread (also attached below). It's successful when I have a LAN and GUEST firewall rule that ignores the VPN. But when I have rules for VPN running the secondary/failover HA box does not make a connection, and after weeks of messing with it I still can't figure out why. Primary works perfectly, always, so I think the RULES are fine. I think. Do any of you have any idea what's going on ?? Could it be related to resolver settings?
I have policy routing set up as follows:
LAN Firewall rules set up like this:
- where alias DEST_VPN_BYPASS is a list of ip addresses that will go to WAN regardless of which device access the IP (primarily work VPN IP)
- where HOST_VPN_BYPASS is a list of internal IPs that will always bypass the VPN for various reasons, including a NGINX reverse proxy that's accessible through a dynamic IP service.