I have a problem with my OpenVPN server. My server setting up for end-user connect and verify with radius server
I expected that if radius authentication return fail or timeout, the OpenVPN Connect Client must show failed alert instead of retry to connect, if client keep retry to connect over and over it cause my OpenVPN stresses, and an other user can not request to connect.
I tried with:
Code: Select all
connect-retry
connect-retry-max
this is my server.conf
Code: Select all
port 1194
proto udp
dev tun
plugin /etc/openvpn/radiusplugin.so /etc/openvpn/radiusplugin.cnf
ca /etc/openvpn/ca.crt
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key
dh /etc/openvpn/dh.pem
tls-auth /etc/openvpn/auth.tls 0
topology subnet
ifconfig-pool-persist /etc/openvpn/ipp.txt
server 10.210.0.0 255.255.255.0
local 192.168.9.32
push "dhcp-option DNS 192.168.9.15"
push "dhcp-option DNS 192.168.19.254"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DOMAIN x.x.com" #local domain
push "route-nopull"
push "route 192.168.9.15 255.255.255.255" #local dns
push "route 192.168.19.254 255.255.255.255" # local dns
push "route 192.168.9.0 255.255.255.0"
push "route 192.168.0.0 255.255.0.0"
duplicate-cn
cipher AES-256-CBC
tls-version-min 1.2
tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256:TLS-DHE-RSA-WITH-AES-128-GCM-SHA256:TLS-DHE-RSA-WITH-AES-128-CBC-SHA256
auth SHA512
auth-nocache
keepalive 10 60
persist-key
persist-tun
compress lz4-v2
push "compress lz4-v2"
daemon
log-append /var/log/openvpn.log
status /var/log/openvpn-status.log 10
verb 7
management 192.168.9.32 9999
connect-retry-max 2
connect-retry 15
push "connect-retry-max 2"
push "connect-retry 15"
sndbuf 393216
rcvbuf 393216
push "sndbuf 393216"
push "rcvbuf 393216"
tun-mtu 1400
mssfix 1360
Thank you.