Re: [Openvpn-users] Tls-timeout

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

On Thu, 30 Sep 2004, Jann Traschewski wrote:

> Hi together,
> 
> I'm running openvpn in server mode (udp) and want to detect disappeared
> users without the "ping"-features of openvpn. Can't openvpn detect a
> disappeared client with a tls-timeout counter/timer ? The default of the
> current option "tls-timeout" is 2 seconds. Would it be possible to add an
> option like "tls-timeout-drop" <n> to drop a connection after <n> numbers of
> unanswered tls-requests ?
> Would be a fine feature ;)

Remember that the TLS timeout only applies to data sent over the TLS
control channel, which is generally only during the TLS key negotiation
process.  So there could be long periods of time when no TLS requests are
being forwarded.

It might make more sense to have a flag that would tell OpenVPN to exit 
if the TLS handshake fails.

James

Re: [Openvpn-users] Tls-timeout

Robust and flexible VPN network tunnelling

Re: [Openvpn-users] Tls-timeout