On Thu, 8 Jun 2017 13:49:28 +0200 Gert Doering <g...@greenie.muc.de> wrote:
> > But it still tries to initialize (which is quite obvious of course), > > but is there a way to tell OpenVPN to only initialize the VPN as > > soon as data enters the tunnel? > > If you do static-key, there is nothing to initialize remotely - local > init, of course, as there is no tunnel interface otherwise. It's a simple static-key config: dev tun0 local a.b.c.d remote e.f.g.h ifconfig 192.168.246.1 192.168.246.2 verb 5 secret /etc/openvpn/certs/secret.key port 1198 proto udp comp-lzo user nobody group nogroup When starting it remains silent for 10 secs, but after these 10 secs it starts to look for the other end: # tcpdump -ni eth0 udp port 1198 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes 14:24:56.852049 IP a.b.c.d.1198 > e.f.g.h.1198: UDP, length 60 14:25:06.830103 IP a.b.c.d.1198 > e.f.g.h.1198: UDP, length 60 14:25:16.613951 IP a.b.c.d.1198 > e.f.g.h.1198: UDP, length 60 and so on. R. -- richard lucassen http://contact.xaq.nl/ ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
