[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] 2nd instance issues


  • Subject: Re: [Openvpn-users] 2nd instance issues
  • From: Tuc at T-B-O-H <ml@xxxxxxxxxxx>
  • Date: Mon, 6 Aug 2007 20:42:18 -0400 (EDT)

> 
> Tuc at T-B-O-H.NET wrote:
> > Hi,
> >
> > 	I tried to start a 2nd OpenVPN instance on my server, and a 2nd
> > OpenVPN instance on my client. They are both FreeBSD 5. I copied my entire
> > directory over from "openvpn" to "openvpn2". On the client, I changed the
> > IP I wanted the client to contact the server on. (I needed to do this since
> > the remote site would route the traffic to that IP out a different transit
> > provider). On both of them I changed the IP set (10.2.0.X to 10.3.0.X) and
> > the ports (From 5001 to 5002). I started them up, but they don't seem to
> > sync. If I change the IP the client tries to contact the server on back
> > to the base one, works perfectly.
> >
> > 	Is there something about the certificate and the forward/reverse
> > DNS?
> >
> > 	When it ISNT working, I get :
> >
> > Sun Aug  5 23:30:36 2007 24: TLS: tls_pre_decrypt: new session incoming connection from 67.47.145.123:10169
> >
> > 	on the server, and 
> >
> > Sun Aug  5 23:30:36 2007 Re-using SSL/TLS context
> > Sun Aug  5 23:30:36 2007 LZO compression initialized
> > Sun Aug  5 23:30:36 2007 Control Channel MTU parms [ L:1300 D:138 EF:38 EB:0 ET:0 EL:0 ]
> > Sun Aug  5 23:30:36 2007 Preserving previous TUN/TAP instance: tun1
> > Sun Aug  5 23:30:36 2007 Data Channel MTU parms [ L:1300 D:1300 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
> > Sun Aug  5 23:30:36 2007 Local Options hash (VER=V4): '8c473bbe'
> > Sun Aug  5 23:30:36 2007 Expected Remote Options hash (VER=V4): '4e312712'
> > Sun Aug  5 23:30:36 2007 UDPv4 link local (bound): [undef]:5002
> > Sun Aug  5 23:30:36 2007 UDPv4 link remote: A.B.C.D:5002
> >
> > 	on the client.
> >
> > 			Thanks, Tuc	
> >   
> Tuc,
> 
> Check your local directive in your config files, and make sure they're 
> set to different IP addresses.
> 
	On the Server? I don't have a local directive. I thought that it 
would bind to "*" and the fact that I changed the ports would keep them 
away from each other. 

	I actually have another one sitting on 5000, which I *THOUGHT*
was a the one 5001 was cloned from.... And I see :

vjofn# netstat -an | grep 500
udp4       0      0  *.5001                 *.*                    
udp4       0      0  *.5000                 *.*   

	So I would think as long as the clients "remote" points to an
alias on the machine, and the ports weren't the same, I should be golden.
However, if I use an aliased IP, it won't start. If I put it back to the
servers BASE IP, then it does.
______________________
OpenVPN mailing lists
https://lists.sourceforge.net/lists/listinfo/openvpn-users