On Tue, Mar 3, 2009 at 6:57 PM, Mark Slatem <nitro...@gmail.com> wrote: > Hi all. > > I have about 50 Alix embedded firewalls running at branches. All the > branches connect to a central pfsense at our data centre via an openvpn > tunnel. This solution works absolutely beautifully and allows all the > branches to be on one private network. The problem is some of the branches > are in locations where the ADSL links have intermittent connectivty problems > and can go down for extended periods. We have countered this by putting down > 3G routers at these branches and having a Dual Wan with load balancing pools > for failover. This works well and when one link goes down the traffic is > routed via the other link. However this does not work for the openvpn tunnel > that refuses to establish down the secondary WAN link, I have tried and > tried but can not get it to work. >
You have to add a static route to direct the traffic. Manual failover works fine with appropriate routes. Automatic failover would require configuration of a routing protocol. None of the existing supported ones are a good fit, though we'll likely see OSPF support at some point in the not too distant future. --------------------------------------------------------------------- To unsubscribe, e-mail: discussion-unsubscr...@pfsense.com For additional commands, e-mail: discussion-h...@pfsense.com Commercial support available - https://portal.pfsense.org