Unable to Run two OVPN servers
-
Does anyone else have this issue.
Running 2.1-BETA0 (amd64)
built on Tue Sep 25 12:35:17 EDT 2012
FreeBSD 8.3-RELEASE-p4When two OVPN servers are setup on the same host, only one host remains up after awhile. If one of the ovpn services goes down for what ever reason, when you try and restart the service this is logged in syslog:
Oct 8 15:29:16 kernel: ovpns3: link state changed to UP
Oct 8 15:29:16 kernel: ifa_add_loopback_route: insertion failed
Oct 8 15:29:16 check_reload_status: Reloading filter
Oct 8 15:29:16 kernel: ovpns3: link state changed to DOWNI have tried on two different boxes with the same result.
Many thanks!
-
Running 2.0.2 I do not.
-
Using the same tunnel network on both maybe? The same route(s) on both? Can't do either of those.
-
So the Ovpnserver will fail if it has the same gateway at the next hop?
How can I go about just setting it up for failover, so the VPN server will jump from WAN to WAN2 if WAN fails and vice versa?
-
How can I go about just setting it up for failover, so the VPN server will jump from WAN to WAN2 if WAN fails and vice versa?
By removing the routes from OpenVPN on both sides and using OSPF. What you're attempting, trying to static route the same thing on multiple instances, isn't a valid configuration.
-
If you just have a simple network and don't want to install and setup OSPF, then you can:
- Port forward the OpenVPN server listening port (e.g. 1194 or whatever you use) on WAN1 and WAN2 to LAN.
- Set the OpenVPN server to listen on LAN.
Then clients can initiate connections into either WAN IP address and get through to the OpenVPN server. The client has to be setup to try both WAN addresses.
If a WAN goes down, then a client connected through that WAN will have to time out, then go through a cycle of trying to connect again to each WAN until it finds connectivity. So the failover takes a minute or 2 - you don't have multiple OpenVPN logical links running from real site A to B all the time.
-
I am using Quagga and the dual vpn connection works fine initally. Its only when one of the connection drops, that error appears.
Its looks like a potential bug when the loopback interface is trying to use a route already in use by the other VPN instance?
