OpenVPN not coming up on CARP IP



  • pfSense version: 2.0.3-RELEASE (amd64) built on Fri Apr 12 10:27:56 EDT 2013 FreeBSD 8.1-RELEASE-p13

    Two pfSense servers in master/slave configuration.

    I've set up a OpenVPN client and selected a CARP IP for the interface. The tunnel does not come up. I can't see any incoming connection at the remote site. See images 1 and 2.
    Then I changed the interface to a virtual IP, again the tunnel does not come up.

    When I change the interface to the networkcard (WAN_XXX) the tunnel comes up. However, as this is a master/slave setup and OpenVPN is now bound to a non CARP IP the OpenVPN service starts on both the master and slave they both try to connect to the remote OpenVPN server and they both succeed in this alternately. (Same problem as I described here for the 2.1 release. See Images 3 and 4.

    The WAN connection I'm using is the secondary WAN port. It does not have the default gateway.

    Why does it not work on a CARP IP?

    Edit: Just changed the default gateway to the secondary WAN connection and now the tunnel comes up over the secondary WAN. Shouldn't it also be possible to run a OpenVPN client on a WAN which does not have the default gateway? For example to spread the load or to failover to. If I now need to failover to the primary WAN I also have to change the default GW.








Log in to reply