Dual WAN and failover with an OpenVPN - will VPN reconnect?

Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking
Author Message
AlaskaJason190
DD-WRT Novice


Joined: 15 Dec 2022
Posts: 7

PostPosted: Sun Jan 08, 2023 7:30    Post subject: Dual WAN and failover with an OpenVPN - will VPN reconnect? Reply with quote
So, I spent the time getting my router all configured with the DD-WRT firmware working well, OpenVPN client running and passing the necessary ports over the VPN to the lan and so on.

My client asked if we can use the old HUGHESNET connection as a failover backup, we're installing a starlink dish in the remote bush of Alaska,-- Old, clunky and near death the hughesnet is still a secondary connection.

https://forum.dd-wrt.com/wiki/index.php/Dual_WAN_with_failover [url]

I found the Wiki and am mostly familiar with the setup, although I would like to use DHCP perhaps on the starlink side since its coming from the dish not the NOC (net operations Center) like with hughesnet and my static IP.

So my questions are this,,,,

1. if we get the second WAN running on the second Vlan and the failover script dialed in - will the VPN reconnect automatically?
2. If the VPN doesn't connect - will the firewall rules and ports need to be configured on the GUI just like in the VPN settings? Currently they're not configured since no traffic is expected to enter through the WAN IP address over starlink (CGNAT) but could be (i think) if the hughesnet becomes the new primary WAN.

3. Question on the Wiki - the scripts configuring the vlan's and the IP addressing for the WAN - How do we use DHCP
- do we have to use starlinks dns servers behind the CGNAT or still ok to use openvpn or google ect.
- Where is the easybutton located....


Code:
#WEBRELAY_RUBENS_PEAK_CAMERA
iptables -I FORWARD 1 -i tun1 -p udp -d 192.168.100.5 --dport 8080 -j ACCEPT
iptables -I FORWARD 1 -i tun1 -p tcp -d 192.168.100.5 --dport 8080 -j ACCEPT
iptables -t nat -I PREROUTING -i tun1 -p tcp --dport 8080 -j DNAT --to-destination 192.168.100.5:8080
iptables -t nat -I PREROUTING -i tun1 -p udp --dport 8080 -j DNAT --to-destination 192.168.100.5:8080
#RUBENS_PEAK_CAMERA
iptables -I FORWARD 1 -i tun1 -p udp -d 192.168.100.7 --dport 8081 -j ACCEPT
iptables -I FORWARD 1 -i tun1 -p tcp -d 192.168.100.7 --dport 8081 -j ACCEPT
iptables -t nat -I PREROUTING -i tun1 -p tcp --dport 8081 -j DNAT --to-destination 192.168.100.7:80
iptables -t nat -I PREROUTING -i tun1 -p udp --dport 8081 -j DNAT --to-destination 192.168.100.7:80
#NETBITTER
iptables -I FORWARD 1 -i tun1 -p udp -d 192.168.100.6 --dport 8082 -j ACCEPT
iptables -I FORWARD 1 -i tun1 -p tcp -d 192.168.100.6 --dport 8082 -j ACCEPT
iptables -I FORWARD 1 -i tun1 -p tcp -d 192.168.100.6 --dport 502 -j ACCEPT
iptables -t nat -I PREROUTING -i tun1 -p tcp --dport 8082 -j DNAT --to-destination 192.168.100.6:80
iptables -t nat -I PREROUTING -i tun1 -p udp --dport 8082 -j DNAT --to-destination 192.168.100.6:80
iptables -t nat -I PREROUTING -i tun1 -p tcp --dport 502 -j DNAT --to-destination 192.168.100.6:502
#WEBRELAY_NETBITTER
iptables -I FORWARD 1 -i tun1 -p udp -d 192.168.100.9 --dport 8083 -j ACCEPT
iptables -I FORWARD 1 -i tun1 -p tcp -d 192.168.100.9 --dport 8083 -j ACCEPT
iptables -t nat -I PREROUTING -i tun1 -p tcp --dport 8083 -j DNAT --to-destination 192.168.100.9:80
iptables -t nat -I PREROUTING -i tun1 -p udp --dport 8083 -j DNAT --to-destination 192.168.100.9:80
#TERM_SVC_PORT_PC1
iptables -I FORWARD 1 -i tun1 -p udp -d 192.168.100.10 --dport 4030 -j ACCEPT
iptables -I FORWARD 1 -i tun1 -p tcp -d 192.168.100.10 --dport 4030 -j ACCEPT
iptables -t nat -I PREROUTING -i tun1 -p tcp --dport 4030 -j DNAT --to-destination 192.168.100.10:3389
iptables -t nat -I PREROUTING -i tun1 -p udp --dport 4030 -j DNAT --to-destination 192.168.100.10:3389
#WEBRELAY_TURBINE_CAMERA
iptables -I FORWARD 1 -i tun1 -p udp -d 192.168.100.11 --dport 80 -j ACCEPT
iptables -I FORWARD 1 -i tun1 -p tcp -d 192.168.100.11 --dport 80 -j ACCEPT
iptables -t nat -I PREROUTING -i tun1 -p tcp --dport 8080 -j DNAT --to-destination 192.168.100.11:80
iptables -t nat -I PREROUTING -i tun1 -p udp --dport 8080 -j DNAT --to-destination 192.168.100.11:80
Sponsor
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum