Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


OpenVPN Multiple IPv4
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

OpenVPN Multiple IPv4

SadySady Member

Hey guys,

I have got OpenVPN running & listening on all IPs on port 1194:

# netstat -tunlp | grep 1194
udp        0      0 0.0.0.0:1194            0.0.0.0:*                           1629/openvpn

But I am only able to connect on the first IPv4 & when I change "remote first.ip 1194" in client.ovpn to "remote second.ip 1194", it doesn't work & show the following errors:

Wed Jun 22 20:37:29 2016 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Wed Jun 22 20:37:29 2016 TLS Error: TLS handshake failed

Can please one of you guide me in the right way? I will really appreciate it.

Thanks

Comments

  • tommytommy Member

    these error unrelated to your problem

    add iptables nat for second ip?

  • MakenaiMakenai Member
    edited June 2016

    Are the IPs in the same subnet with same GW? Could it be that the packet is being received at the second IP and then sent out to the default gateway from the first IP?

    I had similar issue when attaching two Elastic IPs on two network interfaces to one Linux machine. The solution was to create another routing table and set up interface specific routes.

    ip route add default via 10.0.0.GW dev eth1 customtable
    ip rule add from 10.0.0.SECONDIP table customtable
    

    There is another solution here which seems similar and could describe your issue
    http://askubuntu.com/a/315401

  • SadySady Member

    @tommy said:
    these error unrelated to your problem

    add iptables nat for second ip?

    I ain't that much good at iptables but tried this command:

    iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -j SNAT --to second.ip

    But that didn't work, maybe because I am forwarding traffic from same internal subnet (10.8.0.0/24)?

  • SadySady Member

    @Makenai said:
    Are the IPs in the same subnet with same GW? Could it be that the packet is being received at the second IP and then sent out to the default gateway from the first IP?

    I had similar issue when attaching two Elastic IPs on two network interfaces to one Linux machine. The solution was to create another routing table and set up interface specific routes.

    ip route add default via 10.0.0.GW dev eth1 customtable
    ip rule add from 10.0.0.SECONDIP table customtable
    

    There is another solution here which seems similar and could describe your issue
    http://askubuntu.com/a/315401

    Actually those are on the same interface but different subnets. The server is OVH's Cloud VPS if that helps. Would your solution still applicable?

  • @Sady said:

    @Makenai said:
    Are the IPs in the same subnet with same GW? Could it be that the packet is being received at the second IP and then sent out to the default gateway from the first IP?

    I had similar issue when attaching two Elastic IPs on two network interfaces to one Linux machine. The solution was to create another routing table and set up interface specific routes.

    ip route add default via 10.0.0.GW dev eth1 customtable
    ip rule add from 10.0.0.SECONDIP table customtable
    

    There is another solution here which seems similar and could describe your issue
    http://askubuntu.com/a/315401

    Actually those are on the same interface but different subnets. The server is OVH's Cloud VPS if that helps. Would your solution still applicable?

    Do a TCPDUMP on the client server, you can then see what IP is sending the return OpenVPN packets, and see if they are being received at all/etc

Sign In or Register to comment.