Messages

@ minugmail, please excuse this blockhead of mine.

I assume you meant that I need to do something like the attached screenshot?

This is my problem. The CARP virtual interface reponds to pings, but it will not allow OpenVPN to work--possibly I am missing some NAT/firewall rule.

vpn1 - WAN 3.20.150.243
vpn2 - WAN 3.20.150.244

CARP VIP - 3.20.150.240

All IPs respond to pings, but OpenVPN does not work on either of these IPs. If I break CARP, OpenVPN works find on 3.20.150.243 and 3.20.150.244 and 3.20.150.240 no longer responds to pings.

This indicates that I have the CARP set up properly because they do sync up.

I am hoping that someone can look at my NAT configuration and tell me what I am missing.

Thanks,

Chris

I do not believe it is an issue with VPN configuration as I can connect fine if I'm not using CARP.

Anyway, here is the OpenVPN server configuration.

I am missing a NAT/Firewall rule somewhere, but I am too inexperience to know where.

I cannot get OpenVPN working on my OPNsense cluster.

Please review the configuration attachments.

I can ping the external virtual IP (3.20.150.240), but I cannot get OpenVPN to work on any of the IPs:

3.20.150.240 (VIP)
3.20.150.243 (First OPNsense Host)
3.20.150.244 (Second OPNsense Host)


Thanks,

Lau


   

When I tried to configure CARP the 'legacy' way, this process no longer works, especially when creating NAT Outbounds, ie, I can no longer specify the mask, eg, "10.0.0.1/32", "127.0.0.0/8" and so on.

The submask is no longer selectable now, so I can only do these: "https://drive.google.com/open?id=1pyXZgwzL_38DX-TX_s8qswHgsAAqXqgN"

What is the most current configuration method for 18.7.x CARP configuration as this "https://wiki.opnsense.org/manual/how-tos/carp.html" is very vague and no longer seems applicable.

With this said, has anyone actually succeeded in getting HA/CARP working with the latest builds of OPNSense? (May I see some of the screenshots of same?)

Thanks!