-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hi Bo,
your best bet is to get the remote office admin to email you the router log, after setting --verb 4 in the config. Unless you prefer the _wild stab in the dark_ approach. Sent with Proton Mail secure email. ------- Original Message ------- On Monday, September 5th, 2022 at 21:02, Bo Berglund <bo.bergl...@gmail.com> wrote: > On Sun, 04 Sep 2022 11:33:31 +0200, Bo Berglund bo.bergl...@gmail.com wrote: > > > On Sun, 04 Sep 2022 10:42:52 +0200, Bo Berglund bo.bergl...@gmail.com wrote: > > > > > I have a number of OVPN clients connecting to my OpenVPN server (on a > > > Linux > > > Ubuntu 20.04.4 server box). > > > Some are individual clients and some are routers handling multiple remote > > > clients sharing that router. > > > > > > So far I have had no problems whenever I have had to reboot or otherwise > > > restart > > > the openvpn service on the server. All clients seem to be able to > > > reconnect > > > automatically if the connection is lost. > > > > > > But now I have a case where an ASUS RT-AC51U router does not reconnect its > > > tunnel if the server reboots or the openvpn-service restarts. It just > > > seems to > > > have lost its connection and does nothing about it... > > > My other similar setups using ASUS RT-AC86U routers do not show this > > > problem. > > > > > > Question: > > > Is there some way from the server side to send a message to the clients > > > that > > > they are to reconnect following an imminent service disruption? > > > > Just an addition: > > I already have these related settings in the server side server.conf file: > > > > keepalive 10 120 > > explicit-exit-notify 1 > > push "explicit-exit-notify 1" > > > > Since these are there do I have to modify the client's conf file (which I > > cannot > > do since I do not have access to that site)? > > > > I have to tell people on location to power cycle the router to get back the > > connection as it is now. > > > So now I have found an old tghread on the forum: > https://forums.openvpn.net/viewtopic.php?t=28499 > > This also deals with a failing reconnect client... > > Here @Pippin says this: > > "Do not use --persist-tun on the client..." > > So I had a look at the OVPN file used to configure the ASUS router and its > config looks like this: > > client > dev tun > proto udp > remote mydomain.com 1191 #obfuscated > resolv-retry infinite > nobind > persist-key > persist-tun #<== NOTICE! > mute-replay-warnings > auth-nocache > remote-cert-tls server > key-direction 1 > cipher AES-256-CBC > comp-lzo no > verb 2 > mute 20 > explicit-exit-notify 1 #<== NOTICE! > > So now I have a client which is set to use persist-tun (I have no idea what > this > does) and the forum thread indicates that commenting it out solves the > reconnect > issue. > > QUESTION: > --------- > Is it possible to send a command from the server to the client via the ccd > system on connect to NOT use persist-tun? > > The reason is that it is impossible for me to access the router and deal with > its config since it is VERY remote now (1700 km). > If I could send this to the client on connect then it could hopefully solve > the > problem. > But how would that be formulated in the ccd file for the client? > > > -- > Bo Berglund > Developer in Sweden > > > > _______________________________________________ > Openvpn-users mailing list > Openvpn-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/openvpn-users -----BEGIN PGP SIGNATURE----- Version: ProtonMail wsBzBAEBCAAGBQJjFmUBACEJEE+XnPZrkLidFiEECbw9RGejjXJ5xVVVT5ec 9muQuJ3BAAf9ENlncIAkET5MhkiXuUm2FJdat4JeaRNq709Lr5d3yZT3RJuD mZDP0YFiuyUUeRqPLhgRxsRXj1iuB2MBsb0rILZCZjKK3M/e+HgYHcOap2gG LyFgisHyV+bLmNHk7ZY1FUfR6Fs7ML8iEdVrfPNKxVRCL1AYhJI7O0J8ePHY 86OE6S2Leohmp3IiZgJz86LoGCyxCt/tSenHZD0jbiohM5af4SqV1o6gYLT3 DUFxTuxJAJzKKLLB2M73W3foPi5tGq7jsCwCIfAVg+cNG1oSvNbfwQ+N9e6a NE7hTmxMOzk7XWMWGwIZF0MTlKshsfNpyXb6zg3F3nI5K7nknBAqjQ== =66eB -----END PGP SIGNATURE-----
publickey - tincantech@protonmail.com - 0x09BC3D44.asc
Description: application/pgp-keys
publickey - tincantech@protonmail.com - 0x09BC3D44.asc.sig
Description: PGP signature
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
