|
|
Hi,
jamona perez wrote:
> Hi,
> I've another question for you, estimated list members.
> I've set up openvpn 2.1 RC 4 to work on windows
> with an aladdin etoken using the crytoapi setting.
> the only thing is, when I remove the token from its usb slot,
> the tunnel stays open and functionnal. Is it a bug or is there a setting
> that I should change ?
in my tests I used
reneg-sec 120
on the client side config to enforce the re-usage of the crypto token
(renegotiation of the session key) every 120 seconds.
There was a note in the documentation <http://openvpn.net/man-beta.html> of
that option that there is a server and client side default of 3600 seconds.
The minimum of both values is used.
There are also two other reneg-* parameters depending on number of packets
or kB send through the tunnel.
--
Beste Gruesse / Kind Regards
Reimer Karlsen-Masur
DFN-PKI FAQ: https://www.pki.dfn.de/faqpki
--
Dipl.-Inform. Reimer Karlsen-Masur (PKI Team), Phone +49 40 808077-615
DFN-CERT Services GmbH, https://www.dfn-cert.de, Phone +49 40 808077-555
Sitz / Register: Hamburg, AG Hamburg, HRB 88805, Ust-IdNr.: DE 232129737
Heidenkampsweg 41, 20097 Hamburg/Germany, CEO: Dr. Klaus-Peter Kossakowski
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
|