[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] "reverse road warrior" scenario?


  • Subject: Re: [Openvpn-users] "reverse road warrior" scenario?
  • From: Richard Atterer <richard@xxxxxxxxxxxxxxxxxx>
  • Date: Thu, 30 Dec 2004 14:04:15 +0100
  • Mail-copies-to: nobody

On Thu, Dec 30, 2004 at 01:32:31PM +0100, Jan Johansson wrote:
> But since they change the IP's of connected uses, how would I
> renegotiate the tunnels (need it both ways) automatically? 

The solution I outlined does renegotiate the tunnel. ssh uses TCP keepalive
by default, so if the connection fails, it notices after a few minutes and
the ssh command terminates. After a sleep of 60 seconds, my little shell
script loops around and the tunnel is re-established.

If "a few minutes" is too long for you, have a look at the ServerAlive* 
options in ssh_config(5).

ssh may warn about the changed IP address if you use dyndns or a similar
service. You can get rid of the warning by removing the IP address from the
file sshhost:~user/.ssh/known_hosts: Usually, lines in that file start with
"hostname,1.2.3.4", just remove the ",1.2.3.4" and ssh stops complaining.

Cheers,

  Richard

-- 
  __   _
  |_) /|  Richard Atterer     |  GnuPG key:
  | \/¯|  http://atterer.net  |  0x888354F7
  ¯ '` ¯


-------------------------------------------------------
The SF.Net email is sponsored by: Beat the post-holiday blues
Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek.
It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt
_______________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users