Code: Select all
port 1194 proto udp dev tun ca /etc/openvpn/keys/ca.crt # generated keys cert /etc/openvpn/keys/myserver.crt key /etc/openvpn/keys/myserver.key # keep secret dh /etc/openvpn/keys/dh4096.pem crl-verify /etc/openvpn/keys/crl.pem server 192.168.12.0 255.255.255.0 # internal tun0 connection IP ifconfig-pool-persist ipp.txt keepalive 600 1800 comp-lzo # Compression - must be turned on at both end persist-key persist-tun status /var/log/openvpn/status.log verb 3 link-mtu 1602 cipher AES-256-CBC auth SHA512 keysize 256 push "dhcp-option DNS 192.168.12.1" push "redirect-gateway"
Code: Select all
client remote 220.127.116.11 cipher AES-256-CBC comp-lzo yes dev tun proto udp nobind auth-nocache script-security 2 persist-key persist-tun user nobody group nobody link-mtu 1602 auth SHA512 keysize 256 keepalive 600 1800
This setting is being honored on regular Linux OpenVPN clients, but not on OpenVPN connect on Android, although the log says so.
Here's a summary of events seen from the client (see pictures below for details - I don't know how to save the log as text file):
19:55:46 OpenVPN start / unused option keepalive (I've put this in the client config, but this is not used apparently.)
19:55:49-54 Verify/TLS stuff
19:55:55 Sending PUSH_REQUEST replied with ping=600, ping-restart=1800 (looks good!)
19:59:21 "Session invalidated: KEEPALIVE_TIMEOUT" & Disconnected. <-- what? only 210 seconds have passed!
Server version: 2.1.3 x86_64-pc-linux-gnu (Debian version 2.1.3-2+squeeze1)
Client version: 1.1.12 build 45 (OpenVPN Connect from Google Play)
Android version: 4.2.2 (Paranoid Android 3.69)
How can I prevent OpenVPN from disconnecting on inactivity so while I configured it appropriately?