OpenVPN client is unreliable when you have multiple tunnels
I've installed a new pfSense router to route my (Gigabit) WAN connection. My goal was to have it setup such that it both bridges two networks (site-to-site w/ two pfSense boxes) as well as route all outbound traffic over a VPN to anonymize the traffic. To accomplish this, I use two independent VPN providers to avoid SPoF in a gateway group
I was able to establish the connections just fine and was able to establish the VPN connections to all three VPN end-points and have traffic flowing through trough the two public VPN providers.
For a few days, things work fine, but later the connections randomly to dies. The WAN works fine and there's nothing wrong with the VPN end-points.
My expectation is that pfSense would automatically respawn the connections, which it appears to be doing to some degree. At some point, however, it appears to stop retrying and you end up like as the attached screenshot shows.
The strange thing is that even if the system indicates that the link is down, I can still see the ovpncX interface being up and running.
However, since all outbound traffic from the LAN is routed over the VPN, the connection for the clients goes down.
My theory is that it is some internal health checker inside pfSense that is failing, which makes the system think the VPN links are down.
What's also worth noting is that even if I have two VPN links in the gateway group, if one VPN connection goes down, so does the full internet connectivity for the entire LAN (unless the VPN link is manually disabled).
I'm happy to provide logs, but I haven't spotted anything of significant interest.
Updated by Jim Pingle almost 2 years ago
- Status changed from New to Incomplete