Hi, On Thu, Jun 08, 2017 at 01:30:12PM +0200, richard lucassen wrote: > On Thu, 8 Jun 2017 12:00:31 +0200 > Gert Doering <g...@greenie.muc.de> wrote: > > > > I can set ping-restart to 0 to disable this function, but settin > > > ping to 0 just puts the ping back to the default of 10 sec. And the > > > keepalive option is AFAIUI just a wrapper for ping and > > > ping-restart. I cannot see how to disable the ping function. > > > > As long as you have *neither* keepalive nor ping in your config, it > > should default to "0", not to "10s". Just checked the code. > > Yep, you're right :) > > But it still tries to initialize (which is quite obvious of course), > but is there a way to tell OpenVPN to only initialize the VPN as soon as > data enters the tunnel?
If you do static-key, there is nothing to initialize remotely - local
init, of course, as there is no tunnel interface otherwise.
With TLS, openvpn wants to set up the keying initally, and there is
no way today to delay that "until the first packet comes up" (at least
nothing I know of... there might be evil ways to do that with systemd
and socket-activation etc.)
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany g...@greenie.muc.de
fax: +49-89-35655025 g...@net.informatik.tu-muenchen.de
signature.asc
Description: PGP signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
