|
|
h105@xxxxxxx said: > > > Hi, > > First of all, thanks so much for writing OpenVPN !!! > > I have one question, which I'll attempt to ask in a couple > of ways to make myself clear. [I read through FAQ, but > didn't find anything related.] I have a Linux Box behind a > firewall. I cannot touch configuration of the firewall. On > this Linux box I would be running the "OpenVPN server > process". > > What is the best way (what are the config options) to > have the (Linux) OpenVPN server process keep trying to > connect to a "moving" (dial-up) client machine (which > updates its IP adress with dynDNS.org within 5 seconds of > getting that new IP address, and the TTL on the RR in that > DNS server is never more than 10 seconds or so). > > I.e. having a fixed name for a client machine in DNS > (e.g. moving.target.com), but with an A (IP address) record > potentially changing within 15 seconds, how do I tell > OpenVPN server process to keep trying to connect to *the > current IP address* of the client machine moving.target.com > if a link-level ping doesn't come back from that machine in, > say, 10 seconds? The normal method used is to combine --ping and --ping-restart so that OpenVPN will restart (just like a SIGHUP restart) if the connection is broken. You can then use --resolv-retry to force DNS re-resolution on restart. Also see the the --persist-x options -- some of these may be necessary to ensure that the restart succeeds if privileges were downgraded using --user and/or --group. James ____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users |