3 shops, 2 internet providers, OpenVpn connection between them.
-
Hello!
I'm having 3 points around city, which i need to connect all together using 2 network providers, and "openvpn failover"…
I already set two pfSense servers up and connected them through openvpn(using one prov, everything went smooth, i can see lan hosts of both networks, behind ovpn, with no problem.
Now, how can i set up layout with 2 openvpn connections through two provs from filials to main office, so when 1 ovpn connection fails, second one goes up, so i always will be having file exchange(for example) between them.
Thanks.
-
You could use the different push and route commands.
In openVPN, if a tunnel goes down all dynamically added routing entries are being removed, and the original routingtable is restored.
I never tried that but i think if you have 2 tunnels that add the same routing entries they should do kind of a "failover".[speculation]
initialisation:
1: tunnel1 comes up and add his dynamic entries.
2: tunnel2 comes up, memorizes the table, and overwrites the first entry with his own entry.scenario1 following the initialisation:
- if tunnel2 goes down he will remove his entry and restores the entry of tunnel1 –> failover to tunnel1
- when tunnel2 comes back up he will take over again.
scenario2 following the initialisation:
- tunnel1 goes down --> tunnel2 is still active.
- If tunnel1 comes back up, he memorizes the entries of tunnel2 and overwrites them with his own. --> tunnel1 takes over.
each vice versa.
[/speculation]I think you best consult the openVPN MAN-pages about how openVPN manages the different scenarios.
-
Thanks, for reply…. I'l try it today, and tell the result.
-
If i understand correctly…. When connection through first provider is not a vpn connection(connected directly to main office by dsl), then when openvpn(on second prov) is up - it'll be primary connection(primary for certain network). And when ovpn drops, pfsense will use dsl then, right?
