how to avoid reconnect or disconnect during device sleep?

Official client software for OpenVPN Access Server and OpenVPN Cloud.
Post Reply
wanglin
OpenVpn Newbie
Posts: 2
Joined: Thu Oct 08, 2015 12:33 pm

how to avoid reconnect or disconnect during device sleep?

Post by wanglin » Thu Oct 08, 2015 1:11 pm

We set up two-factor authentication for our OpenVPN server. Establishing a connection involves quite a bit of inconvenience as the OTP code has to be copied manually to the OpenVPN app. So we want to avoid authentication prompts unless really necessary.

Currently I cannot find a way to keep the VPN connection across device sleep.

If "Reconnect on wakeup" is on, the app begins reconnecting a few seconds after device sleep (because of the ping packets?). Since an OTP code cannot be provided automatically, the connection attempt fails.

Code: Select all

2015-10-08 14:54:10 OS Event: SLEEP
2015-10-08 14:54:10 EVENT: PAUSE
2015-10-08 14:55:06 OS Event: WAKEUP
2015-10-08 14:55:09 RESUME TEST: ReachableViaWWAN
2015-10-08 14:55:09 EVENT: RESUME
2015-10-08 14:55:09 EVENT: RECONNECTING
If "Reconnect on wakeup" is off, the app immediately terminates the connection upon device sleep.

Code: Select all

2015-10-08 16:14:45 OS Event: SLEEP
2015-10-08 16:14:45 EVENT: DISCONNECT_PENDING
2015-10-08 16:14:50 TUN reset routes
2015-10-08 16:14:50 EVENT: DISCONNECTED
So either way I have to repeat the two-factor authentication procedure whenever the device is put to sleep and woken up later. Is there any way that this can be avoided?
Top
User avatar
Traffic
OpenVPN Protagonist
Posts: 4066
Joined: Sat Aug 09, 2014 11:24 am

Re: how to avoid reconnect or disconnect during device sleep

Post by Traffic » Fri Oct 09, 2015 11:14 am

This is a known problem:
https://community.openvpn.net/openvpn/ticket/71

Even if the standby bug is fixed your user will still require to input credentials.
It is possible that with an insane --keepalive you might be able to side step this issue but I would not recommend it.
Top
wanglin
OpenVpn Newbie
Posts: 2
Joined: Thu Oct 08, 2015 12:33 pm

Re: how to avoid reconnect or disconnect during device sleep

Post by wanglin » Sat Oct 10, 2015 7:13 am

Thanks! It seems the ticket is describing a different problem in Windows 7?

I think what I need here is an option to disable disconnect upon device sleep with "Reconnect on wakeup" off.

I did try increasing server side keepalive to "1800 3600". With "Reconnect on wakeup" on, "OS Event: WAKEUP" was not triggered until I unlocked my device. The previous keepalive value was "10 120". So it looks like ping packets can trigger wakeup events.

I think a short ping value and a long ping-restart value (such as keeaplive "10 3600") should be fine with us.
Traffic wrote:This is a known problem:
https://community.openvpn.net/openvpn/ticket/71

Even if the standby bug is fixed your user will still require to input credentials.
It is possible that with an insane --keepalive you might be able to side step this issue but I would not recommend it.
Top
User avatar
Traffic
OpenVPN Protagonist
Posts: 4066
Joined: Sat Aug 09, 2014 11:24 am

Re: how to avoid reconnect or disconnect during device sleep

Post by Traffic » Wed Nov 25, 2015 12:59 am

wanglin wrote:what I need here is an option to disable disconnect upon device sleep
I do not believe this is possible.
Top
Post Reply

Return to “OpenVPN Connect (iOS)”