OpenVPN DR Testing

eric_ng

I have a production network 192.168.0.0/24 and an offiste DR network 10.0.1.0/24

In my production network I have two virtual servers running in proxmox ve.
In my DR network, I have another proxmox ve server with backups of the two production servers.

I have a point to point openvpn setup with pfsense.  Traffic is flowing fine, i can access resources on either side.

I have also setup a client to site vpn with pfsense that allows me to connect to the 10.0.1.0 network with no issues.

As part of a formal DR exercise, I can take the DR server to the recovery site which has a matching 192.168.0.0/24 network.

I’d also like to be able to test it informally with the client to site vpn connection.  If I startup the VMs in the DR, they will have 192.168.0.0 addresses and the client to site vpn connection will have a 10.0.1.0 address.  If I try to access a 192.168.0.0 address from the 10.0.1.0, pfSense routes it over the site to site vpn.

Do I need to remove the site to site vpn before I test and recreate it after I’m done?

mhab12

Bump - I've had the same thoughts and have basically the same setup.  Is there a way to have the same subnet on either side of an oVPN link and have clients transparently use the DR server if the on-site server were to fail?  How have other people solved this issue.