Feature #2472
Updated by Chris Buechler over 13 years ago
Currently OpenVPN clients on backup I have 2 CARP status hosts will still send out packets clusters with openvpn site2site between them. on that the client side of the openvpn, both the master and the slave CARP IP, breaking that OpenVPN instance. It's currently worked around with devd scripts but done manually. Should cluster nodes have a checkbox at some point the openvpn daemon trying to tie client instances connect to the other cluster. this causes the following error on the openvpn server side (on the master CARP status, or if it can node): Authenticate/Decrypt packet error: bad packet ID (may be worked around at the OS level by forbidding sending packets sourced from a CARP IP with backup status, that would be best as it would eliminate any kind replay).... and initialization of problem along these lines. client connections