Openvpn and HA

cardoso.cristian · August 25, 2022, 02:56:39 PM

Hello

I have two opnsense servers using HA mode with Carp, virtual IP and xmlrpc configured.

I'm using OpenVPN and I was trying to HA this connection too, I currently have the service up on the virtual IP of my external interface, but I noticed that in a possible fall of the primary server, OpenVPN does not turn to the secondary, I don't know if this is standard or should I configure something else, in the documentation I didn't find anything very clear about this.

Patrick M. Hausen · August 25, 2022, 03:12:25 PM

You will have to run OpenVPN on both the primary and the backup node. And use the HA CARP address for your clients to connect to.

Failover of active sessions is not implemented, but clients will eventually timeout and reconnect.

cardoso.cristian · August 25, 2022, 03:45:50 PM

From the tests I did, that was the conclusion I had reached, as I couldn't find an opnsense documentation with this information, I decided to ask here.

Question clarified, thank you.

Openvpn and HA

cardoso.cristian

August 25, 2022, 02:56:39 PM

Patrick M. Hausen

August 25, 2022, 03:12:25 PM #1

cardoso.cristian

August 25, 2022, 03:45:50 PM #2