Dual wan failover + Openvpn client
I've have a problem with dual WAN failover with openvpn client.
Pfsense interfaces configuration is
- WAN1 a.b.c.d/24 gateway WAN1GTY
- WAN2 x.y.z.k/24 gateway WAN2GTY
- OpenVpnClient dynamic
I have three gateways
WAN1GTY - interface WAN1 - gw a.b.c.1 - Monitor ip 220.127.116.11 - Group priority 1
WAN2GTY - interface WAN2 - gw x.y.z.1 - Monitor ip 18.104.22.168 - Group priority 1
VPNGTY - interface vpn
and 1 group GRPWAN with
WAN1GTY tier 1
WAN2GTY tier 2
Firewall is configured in this mode:
- All VPN traffic (destination network 10.0.X.0/24) goes into VPNGTY
- All traffic LAN to * goes into GRPWAN
- When WAN1 and WAN2 are connected, public traffic (via GRPWAN) and openvpn client traffic (via VPNGTY) work fine with WAN1 connection.
- When WAN1 failed, public traffic (via GRPWAN) and openvpn client traffic (via VPNGTY) work fine with WAN2 connection.
- When WAN1 restored, public traffic (via GRPWAN) switches fine to WAN1 and openvpn stays on WAN2 (becouse it's already connected?) but it still works.
- When WAN2 failed, public traffic (via GRPWAN) stays on WAN1 (and works) but openvpn stop to works becouse pfsense can't connect to vpn server. In this case, default gateway is on WAN2 (gw x.y.z.1)
What's is wrong in my configuration?
Before write this post, I've reads this post http://forum.pfsense.org/index.php/topic,35264.0.html
and I updated to last snapshot (13 April) pfsense.
I hope I was clear.
I've tried set group GRPWAN to
- WAN1GTY tier 1
- WAN2GTY tier 1
but i've the same problem: the default route stay on WAN2 gateway and openvpn client stop to work.
Is it a bug or a configuration problem?