Page 1 of 1

Multiple WAN failover

Posted: Wed Nov 14, 2018 7:16 pm
by milan187
I have a SoftEther VPN Server running on a Windows Server 2016 machine.
Only clients connect, there is no site-site.

If WAN1 fails on the router it automatically switches to WAN2. So we have internet. However clients don't seem to be able to connect while WAN2 is active. I was only able to try for about 5 minutes. Ports are forwarded for both WANs.
Should this work? Anyone have any ideas?

Re: Multiple WAN failover

Posted: Thu Nov 22, 2018 8:21 am
by thisjun
Did you change the hostname of destination VPN server?

Re: Multiple WAN failover

Posted: Thu Nov 22, 2018 2:03 pm
by milan187
I have not changed anything. What does softether when internet IP changes, in this case router switches to WAN2.

Re: Multiple WAN failover

Posted: Sun Dec 09, 2018 10:57 pm
by centeredki69
@Milan187


How are your clients finding your Softether VPN server originally, prior to the WAN 2 failover?

Are they using a static IP or a Hostname?

Re: Multiple WAN failover

Posted: Sun Dec 09, 2018 11:29 pm
by milan187
Just hostname xxxx.softether.net

Re: Multiple WAN failover

Posted: Mon Dec 10, 2018 3:15 am
by centeredki69
Just to verify. Your softether VPN server is at the location where the router Wan-1 & Wan-2 failover takes place and It uses the softether built in "Dynamic DNS function" to update/associates your WAN IP address with the VPNXXXXX.softether.net hostname. Which the clients use to connect.

If So, Then when the failover occurs your VPNXXXXX.softether.net hostname (which all the clients are using to find the VPN server) is still associated globally with the original WAN-1 IP address i.e.( 11.22.33.44). But of course nothing connects because WAN-1 is offline and the SoftEther VPN server is NOW listening on the failover WAN-2 IP address i.e.(55.66.77.88).
If the WAN-2 connections stays up long enough for the built in "Dynamic DNS function" to update VPNXXXXX.softether.net to the new WAN-2 IP address (55.66.77.88) the clients would then have access using the VPNXXXXX.softether.net hostname. As long as all ports are forwarded like you said. However I'm not sure how often the updates happen. Most likely ever 10-15 minutes. Also if your setup falls back to the preferred WAN-1 when its back online then it's the same scenario in reverse.

Re: Multiple WAN failover

Posted: Mon Dec 10, 2018 4:04 am
by milan187
Yes your assumption is correct. One router both at same location as vpn server.

Thanks for the explanation, it's probably the case. I only waited about 5 minutes after I killed WAN1. Probably takes longer. I'll try again.

Thanks.

Re: Multiple WAN failover

Posted: Thu Jan 24, 2019 5:47 am
by thisjun
How did you prevent WAN2 take over the DDNS name in normal situation?

Re: Multiple WAN failover

Posted: Thu Jan 24, 2019 2:10 pm
by milan187
WAN2 is set to fall-back only, so it's only activated by router if WAN1 fails.

Re: Multiple WAN failover

Posted: Fri Mar 15, 2019 7:38 am
by thisjun
Could you try to restart the VPN server service when the failover is detected?