Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Openvpn Failover

    Scheduled Pinned Locked Moved OpenVPN
    5 Posts 3 Posters 521 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      rajukarthik
      last edited by

      How to configure failover in pfsense for Openvpn, so that it automatically switches to working wan if one wan goes down
      Can anyone please help me on this ?

      GertjanG K 2 Replies Last reply Reply Quote 0
      • GertjanG
        Gertjan @rajukarthik
        last edited by

        @rajukarthik

        Here : pfSense HA setup

        No "help me" PM's please. Use the forum, the community will thank you.
        Edit : and where are the logs ??

        1 Reply Last reply Reply Quote 0
        • K
          Konan 0 @rajukarthik
          last edited by

          @rajukarthik Outbound or inbound?

          R 1 Reply Last reply Reply Quote 0
          • R
            rajukarthik @Konan 0
            last edited by

            @Konan-0 Openvpn Clients will connect to our Pfsense network so Inbound traffic comes to our Network

            K 1 Reply Last reply Reply Quote 0
            • K
              Konan 0 @rajukarthik
              last edited by

              @rajukarthik As I'm sure you've found, you can bind the OpenVPN to both WAN interfaces, so that's the first part.

              After that, I can think of a couple of ways to sort out incoming clients.

              1. Quick and dirty - publish 2 A records for vpn.mycompany.com with the respective WAN IPs in each. The downside is that there's no real way to have the clients 'prefer' one WAN over the other (so not great if you have a fast leased line primary and DSL backup, for instance) and that if you have a failure it'll take a while for clients to sort themselves out and use the other IP.

              2. Use DDNS - sign up a DDNS address to use for VPN. You should be able to configure configure PFsense to update it with the 'main' WAN when that is in use and then drop back to the backup if you loose your connection. I'm sure there are guides about on this.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.