OpenVPN Support Forum

Hello everybody,

on my ovpn machine i have connected two different ISPs with two different IPs and two gateways.
it should be possible to get connected externaly with both ip adresses to openvpn (some kind of failover)

so far the setup is working with isp1 like a charme.
but i cant connected from eg my home to the second IP, TLS handshake problems...
"TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)"

it seems to be (as far i see in netcat) openvpn receive data from the second IP but sends always from the IP of the first ISP.

this is my setup:
ETH0 10.10.10.1 / gateway 10.10.10.254 #isp1
ETH1 20.20.20.1 / gateway 20.20.20.254 #isp2

eth0 / 10.10.10.254 is the default gateway
for eth1 i set up routing:

ip route add 20.20.20.0/24 dev eth1 src 20.20.20.254 table UPC
ip route add default via 20.20.20.254 dev eth1 table UPC
ip rule add from 20.20.20.0/24 table UPC
ip rule add to 20.20.20.0/24 table UPC

the server is reachable with both ips (tested with http/apache and ssh).
and also the outgoing traffic seems to be right -- tested it with:

curl --interface 20.20.20.1 text.whatisyourip.org
-> returns 20.20.20.1

where's my mistake?
thx,
patrick

it seems to be a problem with UDP... when i change the server/client settings to use TCP instead of UDP everything works fine (i cant connect to both external IPs).

is this normal? (openvpn 2.2.1 / ubuntu 12.04 x64)

udp is connectionless,

in openvpn you can specify float directive and see if that helps.

also take a look at this please

http://tldp.org/HOWTO/Adv-Routing-HOWTO ... links.html

Michael.

thanks a lot, that makes sense!

Hi mate!

I don't know if you manage to make it, but in my case, it worked, using UDP, through two different ISP, with two routers, that belong to our ISPs.

Regards,

Quentin.