Our exposure to ClearOS started when our then current proxy was discontinued and a replacement was needed. As I had some personal exposure to ClarkConnect, as it was then, for a personal web server, we decided to try the proxy function. It worked.
This is how things were for a year or so and then when one of our satellite offices needed proxy/firewall duties we decided to install a second system, this time it was ClearOS, again it went in and just worked.
Over the next while there were additional systems installed, one more in Europe and then a whole raft of systems in our offices in the Far East.
At this point we were only using them for firewall/proxy duties. All inter site traffic was over a managed WAN, with static routes on all their routers.
We then acquired a new company and while we were waiting for our managed network supplier to get the necessary infrastructure installed at the remote location we needed a way for the new office to connect to the corporate WAN. OpenVPN was tried and used in a server to server configuration.
The next request was for some way of configuring multiple OpenVPN tunnels to our primary location that would automatically route traffic in the event the managed network failed. Investigation showed that ClearOS couldn’t do it without a lot of background/command line tweaking and so the project was shelved.
The latest upgrade to our corporate firewall meant it was now able to handle dynamic routing and so the OpenVPN failover was revisited.
After extensive testing we have now had the WAN routers reconfigured for OSPF and the WAN router in each location reconfigured with the relevant ClearOS as its default gateway.
Each PC is configured with its gateway to be the WAN router.
In the event of any given WAN link failing traffic is routed over the OpenVPN tunnel.
Currently the situation is one office with no WAN provider and solely a ClearOS OpenVPN tunnel to head office, 11 Asian sites OpenVPNing to a single Asian location for failover,and 4 European offices with OpenVPN failover back to head office.
On more than one occasion a WAN connection has failed and the remote office has seamlessly switched.
Long learning curve but ultimately a very productive solution, at little to no extra cost.