Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Issue with Gateway Group as OpenVPN Client Interface

    Scheduled Pinned Locked Moved
    General pfSense Questions
    2
    2
    54
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      milindhvijay
      last edited by

      Hi,

      I am facing some challenges using a gateway group as the OpenVPN client interface. My setup includes two ISPs, with the secondary ISP set as tier 1 and the primary ISP as tier 2 in the VPN gateway group.

      The issue arises when the secondary ISP goes down. OpenVPN correctly reconnects using the primary ISP. However, once the secondary ISP is back online, OpenVPN does not switch back to it automatically. I have to manually restart the OpenVPN client to force it to reconnect via the secondary ISP.

      I’m wondering if this behavior is due to using a gateway group as the OpenVPN interface or if it’s related to the existing bug in pfSense where the failover does not revert to the primary ISP, as many users have reported.

      Has anyone else experienced this issue?

      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        Probably the latter. It will not kill the connection to fail back. I assume you mean for an OpenVPN client running in pfSense? Though for external clients connecting to a gateway group the same would apply. In both cases the system prioritises maintaining the connection over failing back.

        Though in 24.03 this can be overidden:
        https://docs.netgate.com/pfsense/en/latest/config/advanced-misc.html#state-killing-on-gateway-recovery

        1 Reply Last reply Reply Quote 0
        • First post
          Last post