OPNsense Forum

English Forums => High availability => Topic started by: cardoso.cristian on August 25, 2022, 02:56:39 pm

Title: Openvpn and HA
Post by: cardoso.cristian on August 25, 2022, 02:56:39 pm

Hello

I have two opnsense servers using HA mode with Carp, virtual IP and xmlrpc configured.

I'm using OpenVPN and I was trying to HA this connection too, I currently have the service up on the virtual IP of my external interface, but I noticed that in a possible fall of the primary server, OpenVPN does not turn to the secondary, I don't know if this is standard or should I configure something else, in the documentation I didn't find anything very clear about this.

Title: Re: Openvpn and HA
Post by: Patrick M. Hausen on August 25, 2022, 03:12:25 pm

You will have to run OpenVPN on both the primary and the backup node. And use the HA CARP address for your clients to connect to.

Failover of active sessions is not implemented, but clients will eventually timeout and reconnect.

Title: Re: Openvpn and HA
Post by: cardoso.cristian on August 25, 2022, 03:45:50 pm

From the tests I did, that was the conclusion I had reached, as I couldn't find an opnsense documentation with this information, I decided to ask here.

Question clarified, thank you.