2.4.5 OpenVPN and NAS Synology link aggregation issue
-
Hello,
I wish to report a trouble which bothered me for days before I started to understand.
The configuration:
- Netgate 7100 fw 2.4.5 with an openvpn client lan-to-lan
- On the lan, I have a NAS Synology RS1219+ (it has 4 ethernet ports),
I have port 1 and 2 connected and configured as "Adaptative Load Balancing".
Before I installed the NetGate device, the openvpn client was handled by a tomato
router. No problem for years.As soon as I installed the NetGate using the embeded openvpn client some PCs (but not all) couldn't anymore acces the NAS. But could access all other devices on the same LAN, so I assume my openvpn settings were fine.
This is the only change made to the network.For these PC, "pings" towards the NAS gave no answer.
I could verify with tcpdump running on the NAS that these pings request reached the NAS but no reply are returned:12:06:55.677049 In 00:08:a2:22:4c:21 ethertype IPv4 (0x0800), length 76: 10.Y.X.14 > 10.X.X.224: ICMP echo request, id 2, seq 35503, length 40
12:06:55.677049 In 00:08:a2:22:4c:21 ethertype IPv4 (0x0800), length 76: 10.Y.X.14 > 10.X.X.224: ICMP echo request, id 2, seq 35503, length 40
12:06:58.682524 In 00:00:00:00:00:00 ethertype IPv4 (0x0800), length 104: 10.X.X.224 > 10.X.X.224: ICMP host 10.8.0.14 unreachable, length 68
12:07:04.174522 In 00:00:00:00:00:00 ethertype IPv4 (0x0800), length 265: 10.X.X.224 > 10.X.X.224: ICMP host 10.8.0.30 unreachable, length 229
12:07:04.174532 In 00:00:00:00:00:00 ethertype IPv4 (0x0800), length 265: 10.X.X.224 > 10.X.X.224: ICMP host 10.8.0.30 unreachable, length 229No "out" packet, and these strange MAC adress with zeros
10.Y.X is the VPN, 10.X.X is the LAN
As soon as the second cable (on port 2) was removed, problem solved, these openvpn clients could access the NAS again.
Any ideas ?
Any suggestions about this issue would be very appreciated
Thanks
Phil