Dual wan failover + Openvpn client



  • Hy

    I've have a problem with dual WAN failover with openvpn client.

    Pfsense interfaces configuration is

    • WAN1 a.b.c.d/24  gateway WAN1GTY
    • WAN2 x.y.z.k/24  gateway WAN2GTY
    • OpenVpnClient dynamic

    I have three gateways
    WAN1GTY - interface WAN1 - gw a.b.c.1 - Monitor ip 1.2.3.4 - Group priority 1
    WAN2GTY - interface WAN2 - gw x.y.z.1 - Monitor ip 5.6.7.8 - Group priority 1
    VPNGTY  - interface vpn

    and 1 group GRPWAN with
    WAN1GTY tier 1
    WAN2GTY tier 2

    Firewall is configured in this mode:

    • All VPN traffic (destination network 10.0.X.0/24) goes into VPNGTY
    • All traffic LAN to * goes into GRPWAN

    Now,

    • When WAN1 and WAN2 are connected, public traffic (via GRPWAN) and openvpn client traffic (via VPNGTY) work fine with WAN1 connection.
    • When WAN1 failed, public traffic (via GRPWAN) and openvpn client traffic (via VPNGTY) work fine with WAN2 connection.
    • When WAN1 restored, public traffic (via GRPWAN) switches fine to WAN1 and openvpn stays on WAN2 (becouse it's already  connected?) but it still works.
    • When WAN2 failed, public traffic (via GRPWAN) stays on WAN1 (and works) but openvpn stop to works becouse pfsense can't connect to vpn server. In this case, default gateway is on WAN2 (gw x.y.z.1)

    What's is wrong in my configuration?

    Before write this post, I've reads this post http://forum.pfsense.org/index.php/topic,35264.0.html
    and I updated to last snapshot (13 April) pfsense.

    I hope I was clear.
    Thank you
    Mic



  • Hi,

    I've tried set  group GRPWAN  to

    • WAN1GTY tier 1
    • WAN2GTY tier 1
      but i've the same problem: the default route stay on WAN2 gateway and openvpn client stop to work.

    Is it a bug or a configuration problem?


Locked