Hi list, Recently I have installed openbsd routers at our six locations. All of these boxes have two internet connections from two different ISPs and are connected via IPSsec with each other. Currently I'm using the one of the two internet uplinks as the endpoint for the VPN. This has the disadvantage that the VPN goes down if the internet connection of the IPSec uplink fails. Is there a way to fail over to the second inetnetlink or even better use both ISP uplink as a tunnel endpoint.
I've thought about creating a tunnel from both internetuplinks to each uplink but this generates a lot of tunnels and I'm not sure if this best way to do this. Is there any advice / best pratice on how to establish a IPSec tunnel failover over two different ISP connections? Thanks, Dora