Unable to Run two OVPN servers

OpenVPN
Log in to reply
  • X

    Does anyone else have this issue.
    Running 2.1-BETA0 (amd64)
    built on Tue Sep 25 12:35:17 EDT 2012
    FreeBSD 8.3-RELEASE-p4

    When two OVPN servers are setup on the same host, only one host remains up after awhile. If one of the ovpn services goes down for what ever reason, when you try and restart the service this is logged in syslog:

    Oct 8 15:29:16 kernel: ovpns3: link state changed to UP
    Oct 8 15:29:16 kernel: ifa_add_loopback_route: insertion failed
    Oct 8 15:29:16 check_reload_status: Reloading filter
    Oct 8 15:29:16 kernel: ovpns3: link state changed to DOWN

    I have tried on two different boxes with the same result.

    Many thanks!

    0
  • chpalmer

    Running 2.0.2  I do not.

    0
  • C

    Using the same tunnel network on both maybe? The same route(s) on both? Can't do either of those.

    0
  • X

    So the Ovpnserver will fail if it has the same gateway at the next hop?

    How can I go about just setting it up for failover, so the VPN server will jump from WAN to WAN2 if WAN fails and vice versa?

    0
  • C

    @xternal:

    How can I go about just setting it up for failover, so the VPN server will jump from WAN to WAN2 if WAN fails and vice versa?

    By removing the routes from OpenVPN on both sides and using OSPF. What you're attempting, trying to static route the same thing on multiple instances, isn't a valid configuration.

    0
  • P

    If you just have a simple network and don't want to install and setup OSPF, then you can:

    1. Port forward the OpenVPN server listening port (e.g. 1194 or whatever you use) on WAN1 and WAN2 to LAN.
    2. Set the OpenVPN server to listen on LAN.
      Then clients can initiate connections into either WAN IP address and get through to the OpenVPN server. The client has to be setup to try both WAN addresses.
      If a WAN goes down, then a client connected through that WAN will have to time out, then go through a cycle of trying to connect again to each WAN until it finds connectivity. So the failover takes a minute or 2 - you don't have multiple OpenVPN logical links running from real site A to B all the time.
    0
  • X

    I am using Quagga and the dual vpn connection works fine initally. Its only when one of the connection drops, that error appears.
    Its looks like a potential bug when the loopback interface is trying to use a route already in use by the other VPN instance?

    0

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2021 Rubicon Communications, LLC | Privacy Policy