OpenVPN/High-Availability

From Secure Computing Wiki
Revision as of 22:05, 9 October 2014 by Ecrist (Talk | contribs) (Created page with "OpenVPN does not have built-in support for high availability, or HA. Generally, in HA systems, there exists a primary and failover system where, with the failure of the prima...")

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

OpenVPN does not have built-in support for high availability, or HA. Generally, in HA systems, there exists a primary and failover system where, with the failure of the primary, the secondary takes over with no apparent outage to the end users, or traffic passing through the devices. These are common with firewalls in pass-through scenarios. Web servers are an example of end point devices.

OpenVPN does support multiple --remote lines within a client config, allowing the client to automatically try subsequent server entries upon connection loss. During the re-negotiation with the new server, traffic cannot pass across the VPN.

Multi-remote.png Multi-router.png