Multiple WAN failover

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
milan187
Posts: 4
Joined: Wed Nov 14, 2018 7:11 pm

Multiple WAN failover

Post by milan187 » Wed Nov 14, 2018 7:16 pm

I have a SoftEther VPN Server running on a Windows Server 2016 machine.
Only clients connect, there is no site-site.

If WAN1 fails on the router it automatically switches to WAN2. So we have internet. However clients don't seem to be able to connect while WAN2 is active. I was only able to try for about 5 minutes. Ports are forwarded for both WANs.
Should this work? Anyone have any ideas?

thisjun
Posts: 2210
Joined: Mon Feb 24, 2014 11:03 am

Re: Multiple WAN failover

Post by thisjun » Thu Nov 22, 2018 8:21 am

Did you change the hostname of destination VPN server?

milan187
Posts: 4
Joined: Wed Nov 14, 2018 7:11 pm

Re: Multiple WAN failover

Post by milan187 » Thu Nov 22, 2018 2:03 pm

I have not changed anything. What does softether when internet IP changes, in this case router switches to WAN2.

centeredki69
Posts: 81
Joined: Wed Sep 18, 2013 1:49 pm

Re: Multiple WAN failover

Post by centeredki69 » Sun Dec 09, 2018 10:57 pm

@Milan187


How are your clients finding your Softether VPN server originally, prior to the WAN 2 failover?

Are they using a static IP or a Hostname?

milan187
Posts: 4
Joined: Wed Nov 14, 2018 7:11 pm

Re: Multiple WAN failover

Post by milan187 » Sun Dec 09, 2018 11:29 pm

Just hostname xxxx.softether.net

centeredki69
Posts: 81
Joined: Wed Sep 18, 2013 1:49 pm

Re: Multiple WAN failover

Post by centeredki69 » Mon Dec 10, 2018 3:15 am

Just to verify. Your softether VPN server is at the location where the router Wan-1 & Wan-2 failover takes place and It uses the softether built in "Dynamic DNS function" to update/associates your WAN IP address with the VPNXXXXX.softether.net hostname. Which the clients use to connect.

If So, Then when the failover occurs your VPNXXXXX.softether.net hostname (which all the clients are using to find the VPN server) is still associated globally with the original WAN-1 IP address i.e.( 11.22.33.44). But of course nothing connects because WAN-1 is offline and the SoftEther VPN server is NOW listening on the failover WAN-2 IP address i.e.(55.66.77.88).
If the WAN-2 connections stays up long enough for the built in "Dynamic DNS function" to update VPNXXXXX.softether.net to the new WAN-2 IP address (55.66.77.88) the clients would then have access using the VPNXXXXX.softether.net hostname. As long as all ports are forwarded like you said. However I'm not sure how often the updates happen. Most likely ever 10-15 minutes. Also if your setup falls back to the preferred WAN-1 when its back online then it's the same scenario in reverse.

milan187
Posts: 4
Joined: Wed Nov 14, 2018 7:11 pm

Re: Multiple WAN failover

Post by milan187 » Mon Dec 10, 2018 4:04 am

Yes your assumption is correct. One router both at same location as vpn server.

Thanks for the explanation, it's probably the case. I only waited about 5 minutes after I killed WAN1. Probably takes longer. I'll try again.

Thanks.

Post Reply