HA issue: Manual Sync starts OpenVPN Client on slave

Started by ednt, September 25, 2025, 03:05:29 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
September 25, 2025, 03:05:29 PM
Hello everyone,

I have a problem with OpenVPN in a HA Setup.

Setup:
2x Opnsense (v25.7.3_7) as Master/Slave HA Setup using CARP
OpenVPN S2S Tunnel using Instances

The OpenVPN Tunnel is configured using the 'Depend on (CARP)' setting.
During CARP Failover the configuration works fine. Master and Slave start/stop the client depending on their CARP Status.

But during a manual 'Synchronize and reconfigure all' under 'System -> High Availability -> Status' the OpenVPN client on the slave is started even thought he is not the CARP Master at the time.

This is leads to both Master and Slave trying to connect to the server stealing each others connection until I manually stop the client.

Using Cron to trigger 'Synchronize and reconfigure all' doesn't have this effect only the manual sync.

~Marius
Print
Go Up Pages1
User actions