Hello, I have two machines configured with CARP for redundancy, so I would like to add my OpenVPN service to it. I'm getting some problem when I try to use with the CARP interface using UDP protocol (with local sis0 interface it justs work fine, and if I use TCP it does so). In my logs I can see how the client starts the TLS negotiation, but then I get a timeout.
Is it not possible to use an OpenVPN with CARP through UDP? If so, any clue about what am I doing wrong?
My OpenVPN server conf is this:
Thanks a lot!
Code:
Mon Mar 28 13:04:13 2011 x.x.x.x:55005 TLS: Initial packet from x.x.x.x:55005, sid=41756224 4c891142
Mon Mar 28 13:04:20 2011 x.x.x.x:55002 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Mon Mar 28 13:04:20 2011 x.x.x.x:55002 TLS Error: TLS handshake failed
Mon Mar 28 13:04:20 2011 x.x.x.x:55002 SIGUSR1[soft,tls-error] received, client-instance restartingIs it not possible to use an OpenVPN with CARP through UDP? If so, any clue about what am I doing wrong?
My OpenVPN server conf is this:
Code:
port 1194
proto udp
dev tap0
ca /usr/local/etc/openvpn/ca.crt
cert /usr/local/etc/openvpn/openvpn.crt
key /usr/local/etc/openvpn/openvpn.key
dh /usr/local/etc/openvpn/dh2048.pem
ifconfig-pool-persist /var/log/openvpn/ipp.txt
keepalive 10 120
comp-lzo
user nobody
group nobody
persist-key
persist-tun
status /var/log/openvpn/openvpn-status.log
log-append /var/log/openvpn/openvpn.log
verb 3
server-bridge 10.200.62.10 255.255.255.0 10.200.62.91 10.200.62.99
up /usr/local/etc/openvpn/up.sh
down /usr/local/etc/openvpn/down.shThanks a lot!