Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
22.1 Legacy Series
»
VPN + WAN failover
« previous
next »
Print
Pages: [
1
]
Author
Topic: VPN + WAN failover (Read 1343 times)
akke
Newbie
Posts: 6
Karma: 0
VPN + WAN failover
«
on:
July 18, 2022, 07:54:25 am »
I'm using wireguard VPN and multiple WAN's.
Now, when there is a WAN failover everything works as expected. It's switching from the first WAN to the second and the VPN keeps working. The problem is when the first WAN comes back online.
It's switching back to the first WAN except that the VPN stays connected over the second WAN and won't switch back to the main WAN connection.
This causes the VPN the slow (the second WAN is much slower) until someone restarts the VPN tunnel.
How can this be resolved?
Logged
iMx
Full Member
Posts: 202
Karma: 15
Re: VPN + WAN failover
«
Reply #1 on:
July 18, 2022, 03:20:07 pm »
Whilst I haven't used it for a while, I ended up hacking together a script that ran from cron every minute:
https://github.com/opnsense/core/issues/3516#issuecomment-620415211
Basically if the default route is via the primary WAN, and there is more than 1 state (gateway monitoring) on the Secondary (4G in my case) kill all states to force it to reconnect.
Obviously you could also fairly easily modify it to restart the tunnel instead, or both...or not.
There is also the following, although I've not tested this:
- Firewall, Settings, Advanced, Dynamic state reset
...not sure if this works on fail over/IP change
«
Last Edit: July 18, 2022, 03:35:28 pm by iMx
»
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
22.1 Legacy Series
»
VPN + WAN failover