It continues to be terminated in centos

[bnp1234]

server : centos 7.5, 7.9 openfortivpn version : openfortivpn-1.17.0-3.el7.x86_64 test command : openfortivpn -c /etc/openfortivpn/config --persistent=1 -v --pppd-log=/usr/local/src/forti.txt

1. Session is disconnected every 5 minutes

2. pppd-log

Using the --persistent=1 option to automatically reconnect. But what I need is to keep the vpn ip One of the Centos 2 servers shuts down every 20-30 minutes, and the other every 5 minutes. Is there a way to preserve the session for a long time?

[DimitriPapadopoulos]

I don't know, this never happens to me. Is the connection idle, ie. no network traffic through the tunnel, when this happens?

If possible, timeouts might need to be properly set on the VPN gateway.

[bnp1234]

Thanks, as you said, network traffic was the problem. I solved it by adjusting the size with the ping -s option.

[DimitriPapadopoulos]

It's good news you have found the culprit. Not sure how you fixed it (change the MTU size of a network interface or keep sending ping packets in the background). It would be great if you could share the details. Was this an openfortivpn bug that needs to be fixed?

[bnp1234]

The problem occurred because it was lower than the network traffic set by the fortiVPN server. I created several ping commands and used them in the background. After maintaining more than 1Mb, the connection was maintained for several hours.

ping -s 65200 x.x.x.x > /dev/null 2>&1 &

It's not a bug in openfortivpn thank you for the reply

[DimitriPapadopoulos]

I see. Now I understand Fortinet VPN gateways may require some minimal level of traffic in terms of Mb/s, and I wasn't aware of that. I thought that a simple ping, without the -s option (the default packet size is 56), sent at regular intervals, would be enough.

Any way, you do need to adapt the packet size sent by ping to the MTU of the network interface. Otherwise, pings will not get through.