Accessing IROUTE LANs AFTER a reconnect of associated client/router
-
# server # / | \ | This setup is duplicated # (OpenVPN via Internet) | for each customer site. # / | \ | # me - | -- site-gw | Running 20+ instances. # | - plc | # backup - hmi | All in pfSense on GCP. # logger - loggerI have pfSense running numerous OpenVPN servers to provide remote support at my customer sites. The VPN allows my laptop to program customer side devices remotely without the need for a PC at site. This works great!
The router placed at the customer site is as well configured as a VPN client. It connects to the server whenever online and allows any VPN users to 'see' its devices. This works great!
My problem occurs when the site router disconnect/reconnects. VPN clients are unable to access devices at the customer site following reconnection. Restarting the server fixes the problem until the gateway again reconnects and the server must again be recycled.
My best guess so far is something in the routing/irouting is not rejigging on reconnect. Right now I'm chasing down whether a static IP will help keep the routes in better shape thought the reconnect. I'm testing variations of ifconfig-push and ifconfig-pool-persist. I can make 'push' assign a static IP, but I haven't be able to get on from the persistence file (yet:).
I'd like the server to recover and allow devices to again be visible once the router reconnects without having to manually restart the server. Any suggestions? Anyone with this use case and similar problems when the gateway goes up/down?
Thanks!
Dave.