|
|
James Yonan wrote: There's no inactivity issue here, without the ping all traffic comes through, for hours and hours. Attached bothe client and server config, without the keepalive setting.I'm replying on openvpn-users, which is the more appropriate list for this. The only thing I'm aware of now is the fact that both have dh configed - but that shouldn't cause the reconnects, should it? Rolf # # Sample OpenVPN configuration file for # home using a pre-shared static key. # # '#' or ';' may be used to delimit comments. cipher aes-128-cbc engine padlock # Use a dynamic tun device. # For Linux 2.2 or non-Linux OSes, # you may want to use an explicit # unit number such as "tun1". # OpenVPN also supports virtual # ethernet "tap" devices. dev tap0 # Our OpenVPN peer is the office gateway. remote 145.66.1.12 #remote home14 fragment 1300 mtu-disc yes # 10.1.0.2 is our local VPN endpoint (home). # 10.1.0.1 is our remote VPN endpoint (office). #ifconfig 83.118.84.129 82.73.20.10 # Our up script will establish routes # once the VPN is alive. #up ./home.up # Our pre-shared static key tls-client dh /etc/openvpn/plaza/dh1024.pem ca /etc/openvpn/plaza/openvpn-ca.crt cert /etc/openvpn/plaza/openvpn-N003.crt key /etc/openvpn/plaza/openvpn-N003.key # OpenVPN uses UDP port 5000 by default. # Each OpenVPN tunnel must use # a different port number. # lport or rport can be used # to denote different ports # for local and remote. port 5000 # Downgrade UID and GID to # "nobody" after initialization # for extra security. ; user nobody ; group nobody # If you built OpenVPN with # LZO compression, uncomment # out the following line. ; comp-lzo # Send a UDP ping to remote once # every 15 seconds to keep # stateful firewall connection # alive. Uncomment this # out if you are using a stateful # firewall. ; ping 15 # Uncomment this section for a more reliable detection when a system # loses its connection. For example, dial-ups or laptops that # travel to other locations. ; ping 15 ; ping-restart 45 ; ping-timer-rem ; persist-tun ; persist-key # Verbosity level. # 0 -- quiet except for fatal errors. # 1 -- mostly quiet, but display non-fatal network errors. # 3 -- medium output, good for normal operation. # 9 -- verbose, good for troubleshooting verb 3 management 127.0.0.1 5000 # # Sample OpenVPN configuration file for # home using a pre-shared static key. # # '#' or ';' may be used to delimit comments. cipher aes-128-cbc engine padlock # Use a dynamic tun device. # For Linux 2.2 or non-Linux OSes, # you may want to use an explicit # unit number such as "tun1". # OpenVPN also supports virtual # ethernet "tap" devices. dev tap0 # Our OpenVPN peer is the office gateway. #remote 82.73.20.10 float fragment 1300 mtu-disc yes # 10.1.0.2 is our local VPN endpoint (home). # 10.1.0.1 is our remote VPN endpoint (office). #ifconfig 83.118.84.129 82.73.20.10 # Our up script will establish routes # once the VPN is alive. #up ./home.up # Our pre-shared static key tls-server dh /etc/openvpn/plaza/dh1024.pem ca /etc/openvpn/plaza/openvpn-ca.crt cert /etc/openvpn/plaza/openvpn-N001.crt key /etc/openvpn/plaza/openvpn-N001.key # OpenVPN uses UDP port 5000 by default. # Each OpenVPN tunnel must use # a different port number. # lport or rport can be used # to denote different ports # for local and remote. port 5000 # Downgrade UID and GID to # "nobody" after initialization # for extra security. ; user nobody ; group nobody # If you built OpenVPN with # LZO compression, uncomment # out the following line. ; comp-lzo # Send a UDP ping to remote once # every 15 seconds to keep # stateful firewall connection # alive. Uncomment this # out if you are using a stateful # firewall. ; ping 15 # Uncomment this section for a more reliable detection when a system # loses its connection. For example, dial-ups or laptops that # travel to other locations. ; ping 15 ; ping-restart 45 ; ping-timer-rem ; persist-tun ; persist-key # Verbosity level. # 0 -- quiet except for fatal errors. # 1 -- mostly quiet, but display non-fatal network errors. # 3 -- medium output, good for normal operation. # 9 -- verbose, good for troubleshooting verb 3 management 127.0.0.1 5000 Warning: require_once(../../../archive_common.php) [function.require-once]: failed to open stream: No such file or directory in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2005-04/msg00007.html on line 361 Fatal error: require_once() [function.require]: Failed opening required '../../../archive_common.php' (include_path='/usr/local/lib/php') in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2005-04/msg00007.html on line 361 |