A virtual private network (VPN), or other similar data communication system, is commonly implemented to communicate data to and from a secure private network, such as from a company network to a remote office location and/or to roaming users and business travelers. A VPN is typically implemented to authenticate users and encrypt data for secure data transfer from one secure location to another via the Internet, such as when two devices are not on the same private network. Additionally, network firewalls and other data communication restrictions can be bypassed by tunneling a network connection between devices that communicate via the Internet. A tunnel connection can be utilized to deliver data packets over a network that has an incompatible network protocol, such as to deliver IP data packets with private network addresses via the Internet using delivery packets with public IP addresses.
In VPN systems, traditional load balancing or failover techniques for network load balancing or cluster solutions are not effective in deployments that have secure tunnels terminating at a server without having access to the cryptographic keys. Conventional standard load balancing technologies can load balance data communication across multiple servers. However for secure tunnel connections, redirecting the data communication from one server to another server in a server cluster is complicated because of the need to synchronize state-machines across cluster nodes and access cryptographic keys. Accordingly, load-balancing the data traffic between two network devices, across a server cluster, and with a single secure tunnel or other type of secure data connection is a difficult implementation.