Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
20.1 Legacy Series
»
OpenVPN failover, routing issue
« previous
next »
Print
Pages: [
1
]
Author
Topic: OpenVPN failover, routing issue (Read 1966 times)
alexandre.dulche
Newbie
Posts: 3
Karma: 0
OpenVPN failover, routing issue
«
on:
March 09, 2020, 01:45:11 pm »
Hello,
First of all, I've been a pfSense user for over 10 years now and I must say I'm very pleased discovering and making the switch to OPNsense.
Now to the problem I'm facing.
I'm running OPNsense 20.1.2 inside a VMware VM and using VLAN to access two WAN routers (xDSL + 4G).
When I create a single OpenVPN tunnel to NordVPN using either WAN access, it works.
However I'd like to have some failover to my VPN access.
Unlike pfSense, OPNsense doesn't offer to use a gateway group as the OpenvPN interface.
As a workaround I tried to :
- create two NordVPN tunnels, one using WAN1 and one using WAN2
- create 2 interfaces
- create a gateway group
On the paper, it's supposed to work :
- both tunnels are up
- both OpenVPN tunnels are not overlapping (one is 10.8.x.0/24, the other is 10.7.x.0/24)
- I use firewall rules to route the traffic through the gateway group of my choosing
- routing table looks fine, eg:
Proto Destination Gateway Flags Use MTU Netif Netif (name)
ipv4 10.8.2.0/24 10.8.2.1 UGS 0 1500 ovpnc1 NORDVPN_1
ipv4 10.8.2.1 link#20 UH 0 1500 ovpnc1 NORDVPN_1
ipv4 10.8.2.22 link#20 UHS 0 16384 lo0
ipv4 10.7.1.0/24 10.7.1.1 UGS 0 1500 ovpnc2 NORDVPN_2
ipv4 10.7.1.1 link#21 UH 0 1500 ovpnc2 NORDVPN_2
ipv4 10.7.1.10 link#21 UHS 0 16384 lo0
However routing gets messed up, and both tunnels are unreachable (traceroute KO).
Looks like when the second tunnel goes up it conflicts/breaks the first one.
Any idea what I could be missing ?
«
Last Edit: March 09, 2020, 01:48:57 pm by alexandre.dulche
»
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
20.1 Legacy Series
»
OpenVPN failover, routing issue