I have 2 WANs (2 pppoe accounts, each have its own local address and gateway)
Both are from the same ISP.
I have both WANs loadbalanced and have PCC (2/1 and 2/2) and failover (routing) and are going through a bridge called "Bridge-Local".
WAN1's gateway is x.x.x.x (local address assigned dynamically, i mean when you go to IP > Addresses, you will see a dynamic Address for WAN1)
WAN2's gateway is y.y.y.y (same as above but for WAN2)
I recently setup an OpenVPN on the cloud (static IP) and made my mikrotik router (RB951) connect to it using PPP > OpenVPN-Client
I have a local address for the VPN which is: 10.8.0.2
I am doing a prerouting using a mangle rule, which catches tcp port 22 connections and mark route them with a name of "ssh-conn"
and then they are being routed through IP > Route into the VPN by: dst-address=0.0.0.0/0 gateway=ovpn routing-mark="ssh-conn"
Also I have manually sat the address for the VPN in IP > Route as: dst-address=10.8.0.2 gateway=ovpn
and there's a masquerade rule for the ovpn with srcnat and out interface as ovpn.
What I would like to do is:
preroute all of the ssh traffic via the VPN (as I did) BUT without loosing connectivity when WAN1 or WAN2 goes down.
what i'm facing now is, if VPN is connecting through WAN1 and it goes down, my ssh connection doesn't keep going and reset immediately or close.
Should I bond the VPN with those two WANs?
should I create a failover? if so how can I do it? i know it's in IP > Route
should I create a second VPN and forward the traffic into it from the first VPN?
what am I missing?
I don't want my ssh connection (which is being routed through the VPN) to cut off if any of the WANs go down, or in other words, if the WAN that the VPN is connected to goes down