Restart Service on OPT1 UP



  • Here is what I am trying to accomplish. I have an openvpn client setup on my PF box. I also have dual WAN set up.

    I want the VPN client to run on my OPT1 connection which is a 4G tether (20mb/20mb) that is only up when I am home and fail over to my WAN which is DSL (1.5mb/.5mb) when I am away.

    I have it set up where it fails over to the WAN when the OPT1 goes down, but the only way to get it to fail-back is to restart the OpenVPN service.

    I have tried to make every rule I could think of to make it work, but just can't get it to work. So what I would like to do is set it up so when apinger sees the line as up again it restarts the OpenVPN service…

    Anyone have any way to accomplish what I am trying to to or another way that would work just as well?



  • On 2.1-BETA1 you can put OpenVPN server/clients on a gateway group (rather than a particular interface). When an interface in the gateway group goes down/up the OpenVPN server/clients get restarted and will be attached to the highest tier working gateway/interface in the group.
    If you are willing to try 2.1 then you should get the functionality.



  • I will try this thanks for the advice!



  • Alright I found out I needed to rebuild my Gateway Groups for them to show up and work after the update.



  • @phil.davis:

    On 2.1-BETA1 you can put OpenVPN server/clients on a gateway group (rather than a particular interface). When an interface in the gateway group goes down/up the OpenVPN server/clients get restarted and will be attached to the highest tier working gateway/interface in the group.
    If you are willing to try 2.1 then you should get the functionality.

    Does this only work for failover and not failback? Because I cannot get it to work for the life of me.



  • Some work on this functionality a few weeks ago was not finalised/successful. I did some work on it just now, and with this pull request OpenVPN clients/servers using gateway groups will failover/failback to the highest tier available interface as interfaces go down/up:
    https://github.com/pfsense/pfsense/pull/625
    When that is reviewed, committed and comes out in a snapshot build it will all work!



  • @phil.davis:

    Some work on this functionality a few weeks ago was not finalised/successful. I did some work on it just now, and with this pull request OpenVPN clients/servers using gateway groups will failover/failback to the highest tier available interface as interfaces go down/up:
    https://github.com/pfsense/pfsense/pull/625
    When that is reviewed, committed and comes out in a snapshot build it will all work!

    Just wanted to let you know that this first method didn't make any change for my setup, but your second change did. https://github.com/pfsense/pfsense/pull/627

    Thanks for the work you put into this.



  • That's fine - I have been wanting this to work optimally for my systems, I had been on 4 weeks leave away from easy access to test systems (withdrawal symptoms:) and it was a good opportunity to have a proper look at it.


Log in to reply