OpenVPN Support Forum

Community Support Forum
https://forums.openvpn.net/

IP change with option float

https://forums.openvpn.net/viewtopic.php?t=11

Page 1 of 1

IP change with option float

Posted: Sun Sep 14, 2008 7:29 pm
by tobias
Hello,

I have Clients which get from time to time new ip adresses. I have server mode with tls client and tls server.
I thought with the directive --float the tunnel will overcome the ip change. But it breaks, because the Server says:
No TLS State for client... opcode=6

In p2p mode it works fine.
Doesnt it work with tls mode?
Do you know a solution how the clients can change their IP without reconnecting the tunnel.
I dont wont to establish the tunnel again, because it takes up to 10 sec, because of GPRS (RTT is 1 Sec).

Regards
Tobias

Posted: Wed Sep 17, 2008 6:33 am
by krzee
I am replying with JJK's reply to you from the mail list for the sake of anyone who finds this via google:

if the client changes its IP address then you will have to reconnect to
the server. If you could get away with not reconnecting then it would
(theoretically) be possible to steal a connection.
Even with a dyndns setup it will still trigger a reconnect (which is
what you want to avoid, as far as I can tell).

HTH,

JJK
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/