Multi-WAN and OpenVPN Load Balacing/Failover: 2nd VPN tunnel isn't established
-
I've been working on this problem for three weeks now, and can't for the life of me figure out what's wrong. What's really weird is that my configuration used to work for several days, and then all of a sudden stopped working - without any changes to both pfSense systems involved.
Overview:
-
System A: 1 x WAN, 2 x OpenVPN Server (pfSense 2.2.2, two different tunnel networks, "local network" and "remote network" entries empty)
-
System B: 2 x WAN, 2 x OpenVPN Client (pfSense 2.2.2, WAN1 is Default Gateway)
The idea is to have a redundant OpenVPN connection which will load balance traffic (not entirely neccessary per se, but a nice bonus because of limited upstream on both B's WANs) and perform failover if one of the WANs on B goes offline.
Multi-WAN on B is working perfectly fine, using a Gateway Group and a corresponding firewall rule on the LAN interface. The first OpenVPN connection (bound to WAN1) is established without problems. I can't establish the second connection, though (bound to WAN2). The OpenVPN log doesn't show any errors, even with increased verbosity - the connection simply isn't established at all, without any additional information or error message. When I change the interface of the second connection to "WAN1" or "localhost" the OpenVPN client connects instantly - but then traffic is being routed through WAN1, of course. Using the WAN gateway group as the OpenVPN interface doesn't work at all (no connection is being established).
Is someone using a similar setup successfully? Could you guys help me fix this problem? I can provide more details if neccesary. Any help or information is highly appreciated.
-
-
Hi SaschaITM,
how do you setup the routing, so PFsense B tries to reach A first on WAN1 and second tunnel on WAN2?
I am working currently on a similar setup but use two one connections on both sides and IPsec/GRE (but also having troubles)
best regards
Thomas