[Openswan Users] Failover using two ISP
Aurimas Skirgaila
a.skirgaila at gmail.com
Thu Jun 17 05:16:00 EDT 2010
Hello,
my Openswan machines are almost 20 hops away each other, so internet
problems somewhere in the middle break my VPN.
at host A I have eth1 and eth2 for two ISP, so I want, that if tunnel A.eth1
<==> B would fail, the A.eth2 <==> B would come up.
I bet this is not an uniqe problem, so what is the standard way to
accomplish this kind of automatic failover?
currently my config is :
version 2.0 # Openswan U2.6.26
# basic configuration
config setup
protostack=netkey
nat_traversal=no
virtual_private=
oe=off
conn VNO1-OSL
#authby = secret
left=19.*.*.202
leftnexthop=19.*.*.201
leftsubnet=10.1.0.0/24
leftid=@vilnius.loc
leftrsasigkey=0sAQOIg...
right=84.*.*.138
rightsubnet=10.72.0.0/24
rightid=@oslo.loc
rightrsasigkey=0sAQOoU...
#leftupdown=/tmp/tunnel1_down.sh #should I be using this??
dpddelay=6
dpdtimeout=14
dpdaction=hold
auto=add
conn VNO2-OSL
left=21.*.*.210 # Public Internet IP address of LTU
leftnexthop=21.*.*..209 # ISP Gateway
leftsubnet=10.1.0.0/24
leftid=@vilnius.loc
leftrsasigkey=0sAQOIg...
right=84.*.*.138
rightsubnet=10.72.0.0/24
rightid=@oslo.loc
rightrsasigkey=0sAQOoU...
#leftupdown=/tmp/tunnel2_down.sh #should I be using this??
dpddelay=6
dpdtimeout=14
dpdaction=hold
auto=add
--
Mvh,
Aurimas Skirgaila
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20100617/75b4c451/attachment.html
More information about the Users
mailing list