OpenVPN connection dose not reconnect if remote phone loses connectivity for more than 30 seconds. Are there any vpn.cnf settings or phone setting to have continuously try to reconnect or reboot the phone.
T26p
Firmware Version 6.72.0.25
Hardware Version 4.0.0.38
Hi mo5,
Please edit the server.ovpn file with below syntax.
---------------------------
keepalive 20 30
# 20 means that the phone will ping server every 20 seconds, the phone will reconnect server after 30 seconds loosing ping.
----------------------------
I was able to get it working
better with "
auth-nocache" and "
script-security 2" but not without some caveats.
- Dose not to seem clear openvpn 'push "dhcp-option DNS 10.10.0.1"' if connection is dropped resulting in DNS resolve error on reconnect attempts (using domain for remote), removed option as was unnecessary, openvpn only used for phones. May be related to resolv-retry infinite
- Dose not seem to reconnect to openvpn if ethernet cable is reseated, it reconnects to openvpn server, log shows "SIGUSR1[soft,ping-restart] received, client-instance restarting" but dose not restart session, phone has to be power cycled.
- Dose work if WAN connection is dropped for some amount of time (tested 5 minute drop out) as long as connection between phone and switch/router is maintained
vpn.cnf
Code:
client
proto udp
dev tun
nobind
remote corp.x.com 1194
ca /yealink/config/openvpn/keys/ca.crt
cert /yealink/config/openvpn/keys/phone1.crt
key /yealink/config/openvpn/keys/phone1.key
dh /yealink/config/openvpn/keys/dh2048.pem
cipher AES-128-CBC
reneg-sec 604800
sndbuf 100000
rcvbuf 100000
verb 5
mute 20
keepalive 10 30
auth-nocache
script-security 2
persist-key
persist-tun
float
resolv-retry infinite
auth-retry nointeract
ns-cert-type server
Hi mo5, thanks to your kindly sharing.