Re: [Openvpn-users] OpenVPN server responding from incorrect IP address

[Brett S. <bs...@gm...>]

>         I'm running openvpn-2.1rc1 between various machines and
>         everything works fine, except in one box which has two
>         routes to the internet.

Yes, I've had the same experience.

>         The clients are setup with two remote lines, plus remote-random.
>         Unfortunately the (UDP) openvpn server always responds with
>         its 'first' local IP address. If I hardcode a listen value
>         for its 'other' local IP address then the connections all
>         start working to that IP and fail to the first.

My take on it is that the UDP packets followed the default route.

>         c) Switch the OpenVPN protocol to run over TCP. Again, this
>            should work, but would result in running TCP over TCP,
>            which would give very poor performance over heavily loaded
>            links

Right, had not thought if this in these terms, but you are likely
correct, this would probably work and also suffer performance issues.

>         d) Run OpenVPN on one link or the other, never both, and have some
>            script to switch manually

Right, in theory this would be the default route.  Otherwise, I
suppose one could setup a route back to the specific incoming IP, not
sure how you'd do this?

>         e) Find someone to change OpenVPN's behaviour or to explain what
>            I'm missing

It would be good to have a methodology to handle this situation.
Building on the last thought, I'm thinking the routing table would
need to be updated at both VPN creation and tear down, not sure how to
implement this.

Brett