Bug #1507
closed
openvpn.inc Local line in openvpn.inc failover
0%
Description
if (!empty($iface_ip)) {
$conf .= "local {$iface_ip}\n";
}
in /etc/inc/openvpn.inc causes openvpn failover of wan to opt1 to not work properly. Taking this line out and saving the config through the web interface allows failover to work properly.
The issue is this line causes the openvpn conf file to contain local ipofWAN.
Updated by Chris Buechler almost 13 years ago
- Status changed from New to Rejected
to change an OpenVPN client from WAN to OPT1 you have to change its config from WAN to OPT1, there is no failover of client connections. It won't work on OPT1 without changing its interface there and hence its local IP being updated. Failover with OpenVPN requires dynamic routing such as OSPF with multiple always-on connections. Not a bug, it works as it should, the local IP must be specified.
Updated by Phil Parris almost 13 years ago
When you failover to opt1 the client configuration is not updated with opt1's ip address. I'm not expecting existing connections to failover. I'm expecting openvpn client to reconnect when the system fails over to opt1. With local wanipaddress it will not reconnect.
According to the openvpn manual located at http://openvpn.net/index.php/open-source/documentation/manuals/65-openvpn-20x-manpage.html
--local host
Local host name or IP address. If specified, OpenVPN will bind to this address only. If unspecified, OpenVPN will bind to all interfaces.
Local is not needed in the client configuration.
Updated by Chris Buechler almost 13 years ago
it is updated when the interface is changed. It is required for the client config in multi-WAN scenarios.
Updated by Phil Parris almost 13 years ago
It seems I missed the Any on the local interface selection in the client config. This can be closed.
Thank You