Setting up automatic connection to another IP in the config file when the connection with the first one is lost

stepik · Post by **stepik** » Fri Jun 09, 2023 8:07 am

Hi all! From two different config files with unique certificates, one config file was made. It was made so that the connection to the second IP from the config occurs automatically when the connection with the first one is lost. Faced with the fact that the client connects to the last IP specified in the config file, a script was made and a link to it, which allows you to switch addresses. The question is how to make it all work together? Can someone tell me how to solve this problem for me, I would be very happy
example config file:
client
dev tun
proto tcp
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
auth SHA512
cipher AES-256-CBC
ignore-unknown-option block-outside-dns
block-outside-dns
verb 0

script-security 2
up "C:/Users/Администратор/OpenVPN/config/test/vpn_reconnect.bat"

remote 111.111.11.11 443
ca ca1.crt
cert client1.crt
key client1.key
tls-auth tls1.key 1
dh dh1.pem

remote 222.222.22.22 443
ca ca2.crt
cert client2.crt
key client2.key
tls-auth tls2.key 1
dh dh2.pem

script example:
# Путь к конфигурационному файлу
$configPath = "C:\Users\Администратор\OpenVPN\config\test\test.ovpn"

# IP-адреса для подключения
$ipAddress1 = "111.111.11.11"
$ipAddress2 = "222.222.22.22"

# Функция для проверки доступности IP-адреса
function Test-ConnectionStatus {
param (
[string]$ipAddress
)

$pingResult = Test-NetConnection -ComputerName $ipAddress -Port 443 -Count 1 -WarningAction SilentlyContinue
return $pingResult.TcpTestSucceeded
}

# Проверка доступности первого IP-адреса
if (Test-ConnectionStatus $ipAddress1) {
Write-Host "Подключение к $ipAddress1..."
$configContent = Get-Content $configPath -Raw
$configContent = $configContent -replace "remote $ipAddress2", "remote $ipAddress1"
$configContent | Set-Content $configPath
Write-Host "IP-адрес в конфигурационном файле изменен на $ipAddress1."
}
else {
Write-Host "Подключение к $ipAddress1 недоступно. Переключение на $ipAddress2..."
$configContent = Get-Content $configPath -Raw
$configContent = $configContent -replace "remote $ipAddress1", "remote $ipAddress2"
$configContent | Set-Content $configPath
Write-Host "IP-адрес в конфигурационном файле изменен на $ipAddress2."
}

the error i get when i try to connect:
NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
WARNING: Failed running command (--up/--down): returned error code 255