Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Multi WAN OpenVPN

    OpenVPN
    2
    3
    496
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      streetsfinest last edited by

      Hi at all,

      i want to do something like that:

      https://doc.pfsense.org/index.php/Multi-WAN_OpenVPN

      The difference between this solution and what i want to do is the following:

      I have two static WAN IPs - One WAN IP is configured to listen on port 1194/udp, and the other WAN IP (which uses dynamic dns) should listen on port 443/tcp

      If a roadwarrior connect via openvpn it should connect with WAN IP over 1194/udp and when the connection is refused it should try over the second WAN IP with port 443/tcp

      Is something like that possible? In the tutorial link above there is only the oppertunity to connect via UDP or TCP and not both like a failover…

      Thanks in advance

      1 Reply Last reply Reply Quote 0
      • jimp
        jimp Rebel Alliance Developer Netgate last edited by

        That would be possible but you would have some manual management to do:

        You would need one server on each WAN. One set for TCP, the other for UDP. Both should use the same certs, but different tunnel networks

        In the client export package you would need to use the advanced options box to add your own custom remote statement for the second server.

        You may as well run both servers on both WANs as the doc wiki suggests, then they could use either TCP or UDP on either WAN, though again you'd have to add more custom remote statements.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • S
          streetsfinest last edited by

          Hi jimp,

          your sentence "Both should use the same certs, but different tunnel networks" was the right answer to make that work!
          Thank you a lot :)

          Cheers

          1 Reply Last reply Reply Quote 0
          • First post
            Last post