IPSEC & Carp failover
i don't know if it's more IPSEC or CARP related… but
I struggle with a CARP failover timeout.
When booting master and slave, i can see my IPSEC alive, can ping hosts through ipsec... no problem.
--> IPSEC Status = Master : Established, Slave : Disconnected
If i simulate a CARP failover (in CARP Status), i loose one ping, and it's back.
--> IPSEC Status = Master : Connecting , Slave : Connected.
But then, if i try to go back to master, i never get vpn to start :
--> IPSEC Status = Established, Slave= Connecting
From now, there is a long time before the slave logs stop trying to reconnect to remote (peer not responding (3 tries), giving up after 5 retransmits... and so on)
While this time, i lost ping. When the slaves stops, ping is back.
I guess there is a special setting for this situation ?
DPD is enabled, defaults.
Has anyone been facing the same issue?
Thanks everyone !