SoftEther VPN User Forum

SoftEther VPN User Forum
https://www.vpnusers.com/

Site-to-Site High-Availability VPN

https://www.vpnusers.com/viewtopic.php?f=7&t=3111

Page 1 of 1

Site-to-Site High-Availability VPN

Posted: Wed May 14, 2014 9:42 am
by onkelstony
I'm trying to build a Layer-2 Site-to-Site VPN with high availability.

Now on site A of the I can install a cluster of VPN Servers.

On site B however I cannot install a VPN Server cluster, because Cascade Connections are not supported on clusters.

I can also not make use of a VPN Bridge on site B, because that does not support clustering.

Any hints, how to setup a high-availability site-to-site VPN?

Thanks

Re: Site-to-Site High-Availability VPN

Posted: Fri May 16, 2014 12:15 pm
by onkelstony
Some more information. Currently the Site-to-Site VPN runs on pfSense/OpenVPN, but the flexibility and features of SoftEther look very promising and that's the reason for my question.

Re: Site-to-Site High-Availability VPN

Posted: Wed May 28, 2014 5:27 am
by thisjun
Usually clustering is used on only center server. In another place, VPN Bridge is used. And VPN Bridge can't become clustering member.

Re: Site-to-Site High-Availability VPN

Posted: Wed May 28, 2014 6:36 am
by onkelstony
thisjun wrote:
> And VPN Bridge can't become clustering member.

Thanks for your answer.

Is there any plans to enable clustering for VPN Bridge? Or any other hint on how to enable high availability on both sides of the Site-to-Site VPN?

Re: Site-to-Site High-Availability VPN

Posted: Fri Jun 06, 2014 12:46 pm
by dnobori
There are no function of clustering VPN Bridge on the current version.

However, you can establish the site-to-site high-availability VPN connection by using two pairs of VPN computers and a pair of STP (Spanning Tree Protocol) with STP-supporting Layer-2 switches.

In this model, you should establish isolated two site-to-site Ethernet bridging line. Each line is like a Cat5e network cable. After that, you place each layer-2 switch on each site with the STP configuration. Then the Site-to-Site High-Availability VPN will be realized.

Re: Site-to-Site High-Availability VPN

Posted: Fri Jun 06, 2014 1:25 pm
by onkelstony
I thought of that too. It's ugly, but it should work.

I'll give it a shot...

Re: Site-to-Site High-Availability VPN

Posted: Wed Jul 09, 2014 9:43 am
by petergsnm
I understand, it is recommended to use VPN Bridge on the Branch office and VPN Server on the Main office and VPN Server at the main office can be clustered. This works in most of the cases.

But, what if I need a cluster on my local site(Branch Office), We have added more users on my local site and my local site is not able to handle the load.

The local site does not need to be a VPN Bridge, it can be a VPN Server too. But, when these two VPN servers are connected through cascade connection, I can't enable cluster on the local site too (same problem as bridge).

Any plans of having clustering on the local site ?
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/