From Secure Computing Wiki
Revision as of 23:12, 9 October 2014 by Ecrist (talk | contribs)
Jump to navigation Jump to search
Multiple OpenVPN servers with multiple --remote lines in client config.
A single OpenVPN server with transit through a pair of HA routers.

OpenVPN does not have built-in support for high availability, or HA. Generally, in HA systems, there exists a primary and failover system where, with the failure of the primary, the secondary takes over with no apparent outage to the end users, or traffic passing through the devices. These are common with firewalls in pass-through scenarios. Web servers are an example of end point devices.

OpenVPN does support multiple --remote lines within a client config, allowing the client to automatically try subsequent server entries upon connection loss. During the re-negotiation with the new server, traffic cannot pass across the VPN.