High Availability of two Ipfire openvpn


I have an IPFire setup with OpenVPN, where I’ve created many OpenVPN configurations for my users. However, due to High Availability requirements, I cloned one of my IPFire instances, resulting in two IPFire systems with identical configurations. Now, I want to create an OpenVPN configuration on one of my IPFire instances and ensure that the other IPFire instance also has that configuration. How can I achieve this?

One solution I’m considering is importing the configuration from a certificate. But what exactly is a certificate? When I create a configuration for my users, these files are generated:

  • user.key
  • user.pem
  • user-TO-IPFire.ovpn
  • cacert.pem
  • ta.key

As the second IPFire is a clone of the first then just make an IPFire backup on the first system, download the backup to a separate machine and then connect the second IPFire and restore from that backup.

You will then have the same configuration on both systems including all certificates for the WUI access, IPSec and OpenVPN.

You will also have a complete identical set of client connection configurations including all the client certificates.

1 Like

Thank you so much, dear @bonnietwin . I used the backup method, and my work has started.
But is there any way to import USER.ovpn from ipfire_1 to ipfire_2 when creating a new configuration?