Re: [Openvpn-users] Time/date synchronisation?

  Subject: Re: [Openvpn-users] Time/date synchronisation?
  From: James Yonan
  Date: Tue, 14 Dec 2004 15:20:47 -0700 (MST)

On Tue, 14 Dec 2004, oik wrote:

> I'm looking into running openVPN on a pair of WRT54G's (running openWRT).
> These devices have no battery-backed clock, so always boot up thinking they are
> in the year 1970.
> Obviously I can run ntp/rdate/whatever, but I'd like the time/date
> synchronisation to go through the VPN.
> So my questions are: 
> 1. What problems will I see if client and server have wildly different dates?
> 2. If it does work, will it continue to work during/after synchronisation?

OpenVPN is not strict about date/time synchonization between peers, 
however the replay-protection code does require that if one of the openvpn 
peers is restarted, the new date/time should be later than the previous 
restart (or initial startup).

Basically you are fine as long as your clocks don't go backwards in time.


