Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
18.1 Legacy Series
»
Is VPN failover possible with OPNsense?
« previous
next »
Print
Pages: [
1
]
Author
Topic: Is VPN failover possible with OPNsense? (Read 2938 times)
vince
Newbie
Posts: 31
Karma: 4
Is VPN failover possible with OPNsense?
«
on:
July 11, 2018, 09:36:54 am »
I'm trying different approaches, but so far failed to get somewthing working put together.
Architecture would be something a HA-Setup connected to a PPPoE router on each site. So there is HA for internet access which is pretty seemless, is it possible to achieve something equally seamless for VPNs?
From what I´ve read and tried I recon that:
1) IPsec would need two tunnels per HA box, so four for site-to-site, and I don´t have an idea on how to make the boxes failover to the other tunnel.
2) OpenVPN needs a central server? Client failover seems to be possible, but what about server failover?
3a) ZeroTier seems promissing, but using CARP sometimes works and then doesn´t. When it was working and I tested the failover it stopped working completely. And there is not a lot of documentation on that to work from.
3b) ZeroTier with OSPF seems to be another possibility, but from what I gathered it would take to long to switch to the other route to call it seemless?
Some may ask why I need seemless, well, we have, among other things, SIP traffic running over those tunnels and the calls may not be disconnected.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
18.1 Legacy Series
»
Is VPN failover possible with OPNsense?