So... the VPN will work fine until the client reboots and comes back up
thinking it's 1970, at which point the VPN won't come back up...
I'm thinking this might be an appropriate feature addition to openVPN -
during the connection, the server sends a simple timestamp (1-second
resolution would be more than adequate). The client could set it's time,
depending on a configuration option.
James Yonan wrote:
OpenVPN is not strict about date/time synchonization between peers,
however the replay-protection code does require that if one of the openvpn
peers is restarted, the new date/time should be later than the previous
restart (or initial startup).
Basically you are fine as long as your clocks don't go backwards in time.