Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN not starting properly when failing over to backup router

    OpenVPN
    2
    2
    526
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      meismyname
      last edited by

      I'm running a testlab to evaluate the use of two dedicated carp routers with OpenOSPFd, with an additional router used as an OpenVPN Client, also running OpenOSPFd. I have OSPF and everything working properly over the VPN link, but when testing failover regarding the OpenVPN connection, I'm running into an odd issue. The OpenVPN server starts just fine on the master, but after I fail over to the secondary router, the OpenVPN server fails to start. If I then restart the secondary router, the OpenVPN service starts properly and establishes a proper connection with the 3rd router (through the secondary router) and everything works. After reconnecting the master and then disconnecting it, the OpenVPN service won't start again on the secondary router. I'm at a loss for ideas, so I figured I'd ask here.

      Here's the contents of the OpenVPN Log:
      Aug 18 00:27:08  openvpn[11192]: library versions: OpenSSL 1.0.1l-freebsd 15 Jan 2015, LZO 2.09
      Aug 18 00:27:08  openvpn[11382]: NOTE: the current –script-security setting may allow this configuration to call user-defined scripts
      Aug 18 00:27:08  openvpn[11382]: TUN/TAP device ovpns1 exists previously, keep at program end
      Aug 18 00:27:08  openvpn[11382]: TUN/TAP device /dev/tun1 opened
      Aug 18 00:27:08  openvpn[11382]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0
      Aug 18 00:27:08  openvpn[11382]: /sbin/ifconfig ovpns1 192.168.252.1 192.168.252.2 mtu 1500 netmask 255.255.255.255 up
      Aug 18 00:27:08  openvpn[11382]: FreeBSD ifconfig failed: external program exited with error status: 1
      Aug 18 00:27:08  openvpn[11382]: Exiting due to fatal error

      When executing "/sbin/ifconfig ovpns1 192.168.252.1 192.168.252.2 mtu 1500 netmask 255.255.255.255 up" on the secondary router over ssh I get:
      ifconfig: ioctl (SIOCAIFADDR): Address already in use

      ifconfig doesn't show any other interfaces configured with an address in the 192.168.252.* range, so I'm unsure why it thinks the address is in use, especially when everything works on a clean boot with this router running solo. Thanks for any help in advance!

      1 Reply Last reply Reply Quote 0
      • A
        Arancho Doc
        last edited by

        Hi, have you find any suitable solution to this issue?
        I'm experiencing quite the same.

        I'm not using your configuration but the problem is that the route created for the Ovpn tunnel sometimes is not deleted when the tunnel goes down.

        So I have to change the IPv4 Tunnel Network if I want to recreate the tunnel as the previous address in not more usable.

        Many thanks.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post