On 5/23/2013 11:42 AM, Chris Bagnall wrote:
On 23/5/13 4:38 pm, Vick Khera wrote:
As far as I know, there is no automatic way to have a "backup" IPsec
connection.
I wonder if the situation is any better with another 'type' of VPN -
i.e. OpenVPN?
I wonder if you could, for example, create two OpenVPN connections
which run at all times - WAN1 to WAN1 and WAN2 to WAN2, then load
balance or failover between those?
Kind regards,
Chris
You hit the nail on the head. That is what I do. And I use Quagga OSPF
to handle the routing/failover. When one route goes down, it takes the
other open vpn connection. It works fairly well, although with my
connections, I have the OSPF dead timer set to 3 minutes or else it
randomly drops routes in heavy traffic. There is no way to prioritize
the ospf packets over an open vpn connection on pfsense.
Jonathon
_______________________________________________
List mailing list
[email protected]
http://lists.pfsense.org/mailman/listinfo/list
