SSL VPN Multiple FQDN for failover

Had a quick search through docs and discussions around getting SSL vpn working on multiple wan ports. It seems the recommendation is to set Multiple DNS A records which will provide a bad failover solution due to the round robin nature of multiple A records.

I run some openvpn systems at my home and have it set up to connect to 3 different FQDNs. this means if one connection is down and the others are up you will still be able to establish a VPN connection. If this was done via a single FQDN + multiple A Records and the connection for the first  A record was offline the client would not connect.

A records are also fine if all your WAN connections have public static addresses. However not everyone has that luxury and would mean needing to use a DDNS services + multiple CNAME records all pointing to the same FQDN... but that's not possible with CNAME records

Id like to have the option to set multiple FQDNs for the "Override hostname" property in the SSL VPN settings. Its already possible with Open VPN and I probably could just modify the config file but it would be nice to have it implemented globally so that when users download the config & setup files from the user portal it all just works.



Edited TAGs
[edited by: emmosophos at 7:44 PM (GMT -7) on 10 Jun 2021]
Parents Reply Children
No Data