VPN connection problems with masternode

Forum for all technical support and trouble shooting of the WinGate VPN.

Moderator: Qbik Staff

VPN connection problems with masternode

Postby jeff » Jan 22 08 10:34 pm

Hi !

I'm having a big problem using Wingate VPN with 2 masternodes.
We just bought 50 wingate vpn licences

I'm connecting many clients (actually about 40) together (full mesh network) using a "masternode" architecture.
I have a "MasterNode" VPN server on which all clients are connected and on witch they learn the routes to all other clients. (The masterNode doesn't host any service, only a VPN server)

This works fine.

The problem is that when the VPN server crash, all connections are broken.

I have a second MasterNode somewhere else on the network (with other certificates) on which all client also connect and learn all other clients routes.

When each masterNode is working alone (the other is "shutdown"), all is fine.
But when both MasterNodes are on the network, sometimes it works fine, but most of the time, the result is unpredictable. (Some links do not establish).

Is there a way to give a priority to the learned routes (as far as a client learns each routes twice - from each server), or is there no issue to this kind of architecture.

We are now switching manually from one server to the other by adding/removing rights on the VPN (host) on both servers.

In fact, our need is to be able to keep all the network "up" (all the links between clients), even if a masternode crash. (automatic switching to another server).

Best regards. Waiting for your answer

Jeff
Jeff
jeff
 
Posts: 37
Joined: Apr 22 04 8:57 am

Postby adrien » Jan 25 08 9:42 am

Hi Jeff

the architecture for Nodes to connect to each other is a basic star arrangement, and there is no facility built in for a backup master node.

The problem with connecting to more than one VPN, is that if you learn the same routes from both VPNs, then there will be route conflicts in the client nodes - they will learn that a route is available in more than one place (a conflict).

Another option that comes to mind (not a nice one however) would be to get all nodes to directly connect to each other, rather than all through a single central node. You can join any number of VPNs, so if each node hosted their own one, then the single point of failure would be removed. It's not a great solution for many nodes, but even a partial move in this direction could alleviate some pain.

What is causing the VPN gateway to crash? Is there anything that can be done to improve reliability there?

Sorry for delay in reply.

Regards

Adrien
adrien
Qbik Staff
 
Posts: 5441
Joined: Sep 03 03 2:54 pm
Location: Auckland

Postby jeff » Jan 26 08 12:39 pm

Hi thanks for your answer,
I'll continue this topic thru the Ticket.
Jeff
jeff
 
Posts: 37
Joined: Apr 22 04 8:57 am


Return to WinGate VPN

Who is online

Users browsing this forum: No registered users and 2 guests

cron