Multiple remote endpoints (client only)
In remote access mode, the remote-host argument must be specified on the client endpoints so that the clients can initiate the VPN sessions. In some environments, the administrator may want the clients to have a list of servers to provide some redundancy— if one of the servers fails, a client can try the next one. In the vRouter, this server list can be configured by specifying multiple remote-host entries.
To configure multiple endpoints on V2, perform the following steps in configuration mode.
Step | Command |
---|---|
Create the vtun0 configuration node. |
|
Enter configuration commands. |
|
Specify the physical IP address of the first remote host. |
|
Specify the physical IP address of the second remote host. |
|
Specify the physical IP address of the third remote host. |
|
Set the firewall rule for inbound traffic on the vtun0 interface. |
|
Enter configuration commands. |
|
Commit the change. |
|
Show the OpenVPN configuration. |
|
When multiple entries are specified, a client starts from the beginning of the list and attempts to establish a VPN tunnel with the first remote host. If the first host does not work, the client tries the second one, and so on.
Note that multiple remote-host entries can also be specified in site-to-site mode. However, because the two endpoints are most likely fixed in this mode, such usage probably does not make sense in most cases.