server.conf:
Code: Select all
port 1194
proto udp
dev tun
ca /etc/openvpn/keys/ca.crt # generated keys
cert /etc/openvpn/keys/myserver.crt
key /etc/openvpn/keys/myserver.key # keep secret
dh /etc/openvpn/keys/dh4096.pem
crl-verify /etc/openvpn/keys/crl.pem
server 192.168.12.0 255.255.255.0 # internal tun0 connection IP
ifconfig-pool-persist ipp.txt
keepalive 600 1800
comp-lzo # Compression - must be turned on at both end
persist-key
persist-tun
status /var/log/openvpn/status.log
verb 3
link-mtu 1602
cipher AES-256-CBC
auth SHA512
keysize 256
push "dhcp-option DNS 192.168.12.1"
push "redirect-gateway"
Code: Select all
client
remote 1.2.3.4
cipher AES-256-CBC
comp-lzo yes
dev tun
proto udp
nobind
auth-nocache
script-security 2
persist-key
persist-tun
user nobody
group nobody
link-mtu 1602
auth SHA512
keysize 256
keepalive 600 1800
This setting is being honored on regular Linux OpenVPN clients, but not on OpenVPN connect on Android, although the log says so.
Here's a summary of events seen from the client (see pictures below for details - I don't know how to save the log as text file):
19:55:46 OpenVPN start / unused option keepalive (I've put this in the client config, but this is not used apparently.)
19:55:48 Connect
19:55:49-54 Verify/TLS stuff
19:55:55 Sending PUSH_REQUEST replied with ping=600, ping-restart=1800 (looks good!)
19:55:55 Connected!
19:59:21 "Session invalidated: KEEPALIVE_TIMEOUT" & Disconnected. <-- what? only 210 seconds have passed!
Server version: 2.1.3 x86_64-pc-linux-gnu (Debian version 2.1.3-2+squeeze1)
Client version: 1.1.12 build 45 (OpenVPN Connect from Google Play)
Android version: 4.2.2 (Paranoid Android 3.69)
How can I prevent OpenVPN from disconnecting on inactivity so while I configured it appropriately?