Re: [Openvpn-users] Load balancing between multiple OpenVPN endpoints in a site-to-site configurati

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Erich,

On 2/29/08, Erich Titl <eri...@th...> wrote:
> Hi Josh

Hello!

>  josh wrote:
>  > Hi.
>
> :.
>
>  >         We thought about using a VIP on the front end served up via CARP, then
>  >         running ripng on the back end for announcing the routes into the Cisco
>  >         environment, but I am open to suggestions.
>  >
>  >         Another option is to just split the clients, pointing half and one T1000
>  >         and the other half at another, but then the problem is if you lose one
>  >         of them, you have to either assign a secondary IP to the "live" and make
>  >         manual route changes.
>  >
>  >         I know that you can use the "remote-random" feature to alternate between
>  >         several vpn servers, but that does not address the issue of determining
>  >         from the internal networks which T1000 one would use to get back to the
>  >         VPN client. (this is a site-to-site VPN scenario)
>
>
> Why can't you just NAT the VPN traffic on the two endpoints?

I don't quite follow.

Currently the servers have the following configuration:

bge0: 216.x.x.x (internet facing)
bge1: 172.35.1.x (private facing)

Then behind the bge1 interface there's a whole internal network setup
with multiple routes, etc.

So I would need to somehow tell the router behind bge1 which client
networks are connected to which T1000's.

Josh

Re: [Openvpn-users] Load balancing between multiple OpenVPN endpoints in a site-to-site configurati

Robust and flexible VPN network tunnelling

Re: [Openvpn-users] Load balancing between multiple OpenVPN endpoints in a site-to-site configuration.