Solved

Connect two openvpn servers

Posted on 2013-06-14
5
549 Views
Last Modified: 2013-06-14
Hello,

How can I connect two openvpn servers together - so that they are the client of each other as well, and so clients of each can talk to each other - please see attached.

They will also act as a fail over for each other, So Client 1 will connect to OpenVPN2 if OpenVPN1 goes down etc

Any ideas?

the second answer here: http://serverfault.com/questions/211761/openvpn-multiple-servers-on-the-same-subnet-high-availability?rq=1 kind of is what I am after, but not sure from that how each openvpn server is connected to each other.

thanks
network-d.png
0
Comment
Question by:AUCKLANDIT
  • 3
5 Comments
 
LVL 76

Accepted Solution

by:
arnold earned 500 total points
ID: 39249193
On each OpenVPN "server" you need to setup the openVPN client component to the other to establish a site to site VPN.

You then within the push route rules for the connecting clients, include the IP segments of the remote openVPN server

http://openvpn.net/index.php/access-server/section-faq-openvpn-as/27-server-config/209-how-do-i-setup-openvpn-access-server-to-use-site-to-site.html
0
 
LVL 20

Expert Comment

by:Daniel McAllister
ID: 39249258
Setting up 2 OpenVPN servers to talk to each other (and route between them) is not difficult (so long as the LAN routes are compatible)... the hard part will be the failover -- I'm not sure how that would work, because each OpenVPN server should have a unique set of keys.


Dan
IT4SOHO

PS: If you want to move forward with setting up the two OpenVPN servers & setting the routing to pass between them, I'd be happy to write a quick HOTWO (probably make an article of it)
0
 
LVL 1

Author Comment

by:AUCKLANDIT
ID: 39249362
Thanks.

I bought a couple of cheap VPS last night and had it working within minutes once I realised you can have client running on a Access Server as well.

The failover is just using DNS with users cert on both Access Servers - have done that before.
0
 
LVL 1

Author Closing Comment

by:AUCKLANDIT
ID: 39249365
Thanks
0
 
LVL 1

Author Comment

by:AUCKLANDIT
ID: 39249531
I think I was a bit premature in accepting this one as thought I had it right but don't seem to.

I have opened another one:
http://www.experts-exchange.com/Software/System_Utilities/Remote_Access/VPN/Q_28158098.html
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

If you have a server on collocation with the super-fast CPU, that doesn't mean that you get it running at full power. Here is a preamble. When doing inventory of Linux servers, that I'm administering, I've found that some of them are running on l…
Little introduction about CP: CP is a command on linux that use to copy files and folder from one location to another location. Example usage of CP as follow: cp /myfoder /pathto/destination/folder/ cp abc.tar.gz /pathto/destination/folder/ab…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now