[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] OpenVPN client fails to re-connect when networkconnection is down


  • Subject: Re: [Openvpn-users] OpenVPN client fails to re-connect when networkconnection is down
  • From: Ben <ben@xxxxxxxxxxx>
  • Date: Tue, 02 Oct 2007 00:16:45 +0800

Title: [Openvpn-users] OpenVPN client fails to re-connect when networkconnection is down
Ah, of course. Actually they are very similar to the example configs on both server/client side.

Client config:

client
dev tap0
proto udp
remote <OpenVPN sever IP> 1195
resolv-retry infinite
nobind
persist-key
persist-tun
ca /etc/openvpn/easy-rsa/keys/client/chris-office/ca.crt
cert /etc/openvpn/easy-rsa/keys/client/chris-office/chris-home.crt
key /etc/openvpn/easy-rsa/keys/client/chris-office/chris-home.key
comp-lzo
verb 6
reneg-sec 864000


Server config:

port 1195
proto udp
dev tap2
ca easy-rsa/keys/ca.crt
cert easy-rsa/keys/server.crt
key easy-rsa/keys/server.key  # This file should be kept secret
dh easy-rsa/keys/dh1024.pem
ifconfig-pool-persist ipp.txt
server-bridge 192.168.1.2 255.255.255.0 192.168.1.252 192.168.1.252
push "route 192.168.0.0 255.255.0.0"
push "route 10.0.0.0 255.0.0.0"
up "./scripts/bridge-up.sh br0"
client-connect "./scripts/client-up.sh 192.168.200.0/24"
client-disconnect "./scripts/client-down.sh 192.168.200.0/24"
up-restart
keepalive 10 1200
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 6

bridge-up.sh, cilent-up.sh and client-down.sh are just a couple of simple scripts I wrote to handle connections for our bridge configuration:

bridge-up.sh:
#!/bin/bash

DEV=$dev
BRIDGE_IF=$1

brctl addif $BRIDGE_IF $DEV
ifconfig $DEV 0.0.0.0 promisc up


client-up.sh:
#!/bin/bash

CLIENT_NETWORK=$1
REMOTE_IP=$ifconfig_pool_remote_ip
for NETWORK in $(echo $CLIENT_NETWORK|sed -s 's/,/ /g'); do
        route del -net $NETWORK
        route add -net $NETWORK gw $REMOTE_IP
done


client-down.sh:
#!/bin/bash

CLIENT_NETWORK=$1

for NETWORK in $(echo $CLIENT_NETWORK|sed -s 's/,/ /g'); do
        route del -net $NETWORK
done


David Balazic wrote:
your config file ?



______________________ OpenVPN mailing lists https://lists.sourceforge.net/lists/listinfo/openvpn-users