|
|
Title: [Openvpn-users] OpenVPN client fails to re-connect when
networkconnection is down
Ah, of course. Actually they are very similar to the example configs on
both server/client side.
Client config:
client
dev tap0
proto udp
remote <OpenVPN sever IP> 1195
resolv-retry infinite
nobind
persist-key
persist-tun
ca /etc/openvpn/easy-rsa/keys/client/chris-office/ca.crt
cert /etc/openvpn/easy-rsa/keys/client/chris-office/chris-home.crt
key /etc/openvpn/easy-rsa/keys/client/chris-office/chris-home.key
comp-lzo
verb 6
reneg-sec 864000
Server config:
port 1195
proto udp
dev tap2
ca easy-rsa/keys/ca.crt
cert easy-rsa/keys/server.crt
key easy-rsa/keys/server.key # This file should be kept secret
dh easy-rsa/keys/dh1024.pem
ifconfig-pool-persist ipp.txt
server-bridge 192.168.1.2 255.255.255.0 192.168.1.252 192.168.1.252
push "route 192.168.0.0 255.255.0.0"
push "route 10.0.0.0 255.0.0.0"
up "./scripts/bridge-up.sh br0"
client-connect "./scripts/client-up.sh 192.168.200.0/24"
client-disconnect "./scripts/client-down.sh 192.168.200.0/24"
up-restart
keepalive 10 1200
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 6
bridge-up.sh, cilent-up.sh and client-down.sh are just a couple of
simple scripts I wrote to handle connections for our bridge
configuration:
bridge-up.sh:
#!/bin/bash
DEV=$dev
BRIDGE_IF=$1
brctl addif $BRIDGE_IF $DEV
ifconfig $DEV 0.0.0.0 promisc up
client-up.sh:
#!/bin/bash
CLIENT_NETWORK=$1
REMOTE_IP=$ifconfig_pool_remote_ip
for NETWORK in $(echo $CLIENT_NETWORK|sed -s 's/,/ /g'); do
route del -net $NETWORK
route add -net $NETWORK gw $REMOTE_IP
done
client-down.sh:
#!/bin/bash
CLIENT_NETWORK=$1
for NETWORK in $(echo $CLIENT_NETWORK|sed -s 's/,/ /g'); do
route del -net $NETWORK
done
David Balazic wrote:
______________________
OpenVPN mailing lists
https://lists.sourceforge.net/lists/listinfo/openvpn-users
|
|