[alphaswe]

Hello!

I am trying to setup a multiple OpenVPN solution with failover, fallback and killswitch on a router.

What I am trying to setup is:
prioritize VPN-1, but failover to backup VPN-2 if VPN-1 is down. And fallback to VPN-1 when it is back online. Never connect to the internet without a VPN.


The only solution I could find is this below, maybe you guys know a smarter way?

Failover:
When the router is connected to VPN-1 and it goes offline, a tool called "watchdog" detects the issue by pinging 8.8.8.8 every minute. If no response is received, it triggers a reboot — either of the router or the LAN interface (we’re not entirely sure which). After rebooting, the router first tries to reconnect to VPN-1. If VPN-1 still isn’t available, it then attempts to connect to VPN-2.
(Yes, this method is a bit slow, but it works).

Fallback:
The router is set to reboot automatically every night. This allows it to switch back to VPN-1 in case it has come back online.
(Yes, it's a bit of a bad solution. For example, if VPN-1 fails in the morning, the router won’t try to reconnect to it until the nightly reboot).

Killswitch:
We’ve set up firewall rules to ensure that all internet traffic is forced through the VPN tunnels. If the VPN connection is down, no traffic is allowed through.

Thank you very much!
(I asked about WireGuard before, but i have understood I need OpenVPN, not WireGuard).