right now I'm expiriencing huge problems in deploying an HA-OpenVPN service, based on OVAS.
Here is a brief summary about the infrastrukture:
2 servers, separate continents, let's say Asia and the USA.
Both servers have one public IP address and one private.
Also, I have a VPN-address-pool 10.10.10.0/24 for static assignments. (This is really important for me)
Now, I deployed the current version of OVAS on both sides, added my licenses and configured server1 as mentioned above, added users.
Afterwards I rsynced the cert- and userprop db files to server2.
Wonderful, now users can authenticate to both servers and the static IP addresses will be assigned.
Now my issue starts, I have to make sure that clients that connect to server1 are able to talk to clients logged in to server2.
I thought about creating two static routes, which will route traffic to 10.10.10.0 to the other server, but I guess this might mess up.
I'd be very happy if somebody could share some expiriences, I think it's a common requirement to VPN-HA.
Also, it's highly important that clients keep their static IPs as they are all talking to each other.
Thanks very much
Thorsten