[OpenVPN home]	[Date Prev]	[Date Index]	[Date Next]
[OpenVPN mailing lists]	[Thread Prev]	[Thread Index]	[Thread Next]

[Openvpn-users] best way to keep reconnecting to a moving target

Subject: [Openvpn-users] best way to keep reconnecting to a moving target
From: h105@xxxxxxx
Date: Sat, 3 Jan 2004 03:33:08 -0500 (EST)


  Hi,

  First of all, thanks so much for writing OpenVPN !!!

  I have one question, which I'll attempt to ask in a couple
of ways to make myself clear. [I read through FAQ, but
didn't find anything related.] I have a Linux Box behind a
firewall.  I cannot touch configuration of the firewall. On
this Linux box I would be running the "OpenVPN server
process".

   What is the best way (what are the config options) to
have the (Linux) OpenVPN server process keep trying to
connect to a "moving" (dial-up) client machine (which
updates its IP adress with dynDNS.org within 5 seconds of
getting that new IP address, and the TTL on the RR in that
DNS server is never more than 10 seconds or so).

   I.e. having a fixed name for a client machine in DNS
(e.g.  moving.target.com), but with an A (IP address) record
potentially changing within 15 seconds, how do I tell
OpenVPN server process to keep trying to connect to *the
current IP address* of the client machine moving.target.com
if a link-level ping doesn't come back from that machine in,
say, 10 seconds?

   I have noticed that if an IP address for
moving.target.com changes in /etc/hosts, /usr/bin/openvpn
doesn't use the new changed IP address to try to connect to,
instead it uses the same one it resolved from /etc/hosts
when it started up. Will the same happen with DNS ? I.e.  
will or will not openvpn become aware of the *new* IP
address that will get dynamically updated with DynDNS ?

   Note: it is *not* possible to ask the dial-up machine to
connect to the server openvpn process, as the server is
behind a [stateful] firewall which allows connections
initiated from the inside, but not connections attempted to
be initiated from the outside. And we cannot change
configuration of the firewall.

   Note2: if OpenVPN cannot resolve the new IP address, or
doesn't have a way to re-resolve & re-connect after X
seconds of ping silence (but I understand that OpenVPN is
capable of something like this), then I imagive I might have
to ask OpenVPN to terminate when ping doesn't come in X
seconds, and use a script to keep restarting OpenVPN. 
Anybody has done this before ? What would be the options 
then ?


   Thanks,

     John

____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Follow-Ups:
- RE: [Openvpn-users] best way to keep reconnecting to a moving target
  - From: Anssi Kolehmainen
- Re: [Openvpn-users] best way to keep reconnecting to a moving target
  - From: James Yonan

Prev by Date: [Openvpn-users] more redirect-gateway problems
Next by Date: RE: [Openvpn-users] best way to keep reconnecting to a moving target
Previous by thread: [Openvpn-users] more redirect-gateway problems
Next by thread: RE: [Openvpn-users] best way to keep reconnecting to a moving target
Index(es):
- Date
- Thread