[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Openvpn-users] Inactivity timeout

  • Subject: Re: [Openvpn-users] Inactivity timeout
  • From: richard <rvenne@xxxxxxxxxxxxxxxxx>
  • Date: Wed, 26 Jan 2005 11:41:42 +0100

hi, I've a similar problem: because of keepalive option, my server logs every 2 minutes and initialize the connection all time.

but both side are permanent connexion: adsl(380k)---->isp main link(4M/s). if the connexion is reinitialized every 120 secondes, dose it mean the ping can not be received by server, so that it considers the connexion is dead?

which means, if I put a keepalive 10 600, my log file still pollued every 10 minutes by all clients. is there any another way to keep the connexion alive? ping-restart?
James Yonan wrote:
On Mon, 24 Jan 2005, Nate Kroll wrote:

Users have stated that they will expereince some time periods where they are not able to do anything with the VPN connection. The clients are Windows XP and Server 2003 mostly. A user stated that the network device still stated that the tunnel was connected, but it didn't seem to pass any traffic. Unfortunately, the user wasn't able to provide me with a routing table or any other helpful info. I looked into the logs when people say they have problms, but there is nothing unusual.

I did notice this often:
Mon Jan 24 15:08:03 2005 User/xxx.xxx.xxx.xxx:1040 [User] Inactivity timeout (--ping-restart), restarting

I'm wondering if for some reason this may be causing any problems. Does this simply mean that that client hasn't been doing anything, so the server disconnects them? Is there a simple way to make the tunnel always there? Soem of the clients are servers and they should be connected always. I looked at the man page but I'm confused about how to configure the server and if I need to touch the client configs.

The restart is occuring because a keepalive ping was not received during the required time interval.

This usually happens because of short-term network outages. You can make OpenVPN less sensitive to network outages by using a large keepalive timeout. For example,

  keepalive 10 600

will send a ping every 10 seconds, but only restart if a ping hasn't been received from the peer for 10 minutes.


This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting
Tool for open source databases. Create drag-&-drop reports. Save time
by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc.
Download a FREE copy at http://www.intelliview.com/go/osdn_nl
Openvpn-users mailing list