I am using OpenVPN per-app-VPN-connections for over 2 years now in combination with an MDM to push the configs to the device. Whenever one of the apps is opened, the iOS system is starting the OpenVPN tunnel in the background. I've setted up inactivity timers (30 sec 1000 bytes) to prevent the tunnels from being active all the time. The per-app-VPN is reopened once there's traffic again from one of these apps. This worked very well with all versions of OpenVPN Connect App >= 3.2.3. Last weeks, when I installed new smartphones with the OpenVPN Connect App version 3.3.2, there is this strange behaviour:
- my inactivity timeout of 30 seconds is ignored
- instead, OpenVPN Connect App closes the tunnel after 60 seconds
- meanwhile, the tunnel keeps it's "connected" status in iOS, the tunnel keeps working as well
- once there's a internet connectivity issue, let's say a switch between WiFi/4G, iOS per-app-VPN status goes to "connecting" and stays there untill reboot of the smartphone
It seems like OpenVPN Connect App is ignoring my inactivity timeout, exiting the tunnel itself at 60 seconds, without letting iOS know.
server 10.8.6.0 255.255.255.0
push "dhcp-option DNS 188.8.131.52"
push "dhcp-option DNS 184.108.40.206"
push "redirect-gateway def1 bypass-dhcp"
keepalive 10 120
Here is the client config, just the keys and their values since it is pushed by the MDM.
remote remotedomainname 11XX tcp4
inactive 30 1000
I haven't found a solution for this. I tried playing with ping-exit instead of inactivity, but I couldn't find a working solution.
I am aware of the workaround of installing the old version via TestFlight. Unfortunately, we are on iOS devices without iCloud-account which are managed by an MDM. TestFlight doesn't seem a solution to me.
Thanks for your advice