core icon indicating copy to clipboard operation
core copied to clipboard
verified publisher icon opnsense

HA issue: Manual Sync starts OpenVPN Client on slave

Open ednt opened this issue 2 months ago • 1 comments

Important notices

Before you add a new report, we ask you kindly to acknowledge the following:

  • [x] I have read the contributing guide lines at https://github.com/opnsense/core/blob/master/CONTRIBUTING.md
  • [x] I am convinced that my issue is new after having checked both open and closed issues at https://github.com/opnsense/core/issues?q=is%3Aissue

Describe the bug

Manually triggering 'Synchronize and reconfigure all' in a HA Setup with CARP starts OpenVPN Client on Slave.

To Reproduce

  1. Setup High Availability with 2 OPNsense (Master/Slave)
  2. Setup CARP
  3. Setup OpenVPN Client using Instances with 'Depend on (CARP)' active
  4. Manually trigger 'Synchronize and reconfigure all' under 'System -> High Availability -> Status'

Expected behavior

Nothing should happen in regard to the OpenVPN Client.

Describe alternatives you considered

Remove OpenVPN from 'Services to synchronize' Result: Didn't have any effect. Even with all services disabled.

Use Cron for the HA-Sync Result: OpenVPN Client on Slave doesn't start. Only a manual sync triggers the bug.

Environment 2x OPNsense (25.7.4) as VM HA-Setup (Master/Slave) + CARP on all interfaces OpenVPN Client (Instance) as S2S Tunnel with 'Depend on (CARP)' active

ednt avatar Oct 06 '25 10:10 ednt

Can confirm im seeing simillar behavior 25.7

welcomereality avatar Nov 25 '25 08:11 welcomereality