Enrico Scholz wrote: > I am running a multihomed host where 'local <extip>' must be > specified for proper operation.
Could you add a route and use nobind? Unless you have one openvpn on each IP that should work. (I usually take multihomed to mean multi network rather than several IP addresses on one and the same network.) > On ungraceful reconnects, the new TCP connection will have same the > host/port pairs but unexpected sequence numbers. The new connection > will be assumed as invalid hence and be dropped. I would actually expect the firewall to notice that there is a new connection. Since it doesn't, maybe you can explicitly allow this traffic? OpenVPN can certainly be made to do what you describe, but it seems that there are more ways to solve the problem, and one of those might suit you better. I know I would prefer fixing the firewall rules. //Peter