Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - gwaitsi

Pages 1 2
#16
16.7 Legacy Series / Re: newbie help with initial setup
November 01, 2016, 11:54:56 AM
I think you misunderstand. I opened with the reasons i moved to opnsense. that's all.

Current status is;

Problem 1
- i have defined 3x vpn clients defined (from the same provider)

I have tested enabling all three at the same time and at any one time, i have two online. the 3rd one doesn't come up till i stop on of the others.

i want to have them so that if the 1st is down, the vpn will switch to the 2nd one and so on.
i.e. i always want my traffic going over the vpn

Question:
How can i configure this to always have/use an alternate vpn if one is down - I see System/Gateways only works with the Interfaces and not the OpenVPNs. Load Balancing refers to Gateways for multiWAN. can i be notified if one is down via smtp?

Problem 2
- i can switch the client/s on, and they all come online but i am not  certain there is routing over the vpn - or indeed which one as the two are shown connected.

I set a rule on the lan0
- source lan0 to any

I set a rule on the vpn0
- source lan0 to any

but traceroutes from the clients are being blocked and a traceroute from ssh on the box, is not going through the vpn.

what am i doing wrong please?

thanks of the help
 
#17
16.7 Legacy Series / newbie help setup 3x VPN Clients to Provider locations [solved]
October 31, 2016, 08:12:50 PM
Hi All,
Just played with IPFire and concluded it is not user friendly enough for me.
Have decided to go for opnsense as it looks easier to get the important aspects up and running for me.

two areas, where i failed with ipfire and need assistance with please.

I have two internal nets green and blue (contains media and game systems connecting to internet)
green 192.168.2.x
blue 192.168.3.x

I setup under ipfire an OpenVPN client and had some problems
- it needs multiple vpn client locations to round robin in case the first one fails
- no notifications, etc if the vpn can't be established
- routing would only work if i routed 192.168.0.0 if i tried the two individual nets, it didn't work.
- when i routed 192.168.0.0, everything worked expect for gigaset phone....
  i could only get the directory to connect but no voice channel.
- i have a work laptop that can go on either network (both have WAPs connected). It has it's own VPN and therefore does not need to be routed over the firewall vpn. (i guess that could be the solution for the SIP phone as well, but would prefer the SIP phone over an encrypted connection out of country.

i basically followed this guide on https://www.ovpn.se/en/guides/ipfire/ for setting up the vpn client.

can someone give a newbie pointers please on;
- setup vpn client with round robin i.e. 4 or 5 alternates
- setup notifications if vpn is down
- setup split vpn routing based on mac addr and/or ip addr
- setup sip client to work over the vpn and the non-vpn with vpn is down.

muchas gracias






Pages 1 2