Closed tgruenert closed 2 years ago
Hi. That's already being set on the client side (https://github.com/wheelybird/openvpn-server-ldap-otp/blob/92732c179591d3661e8982c58fc11163b4cfff2a/files/bin/show-client-config#L27) Or did you mean it should only be a client-side configuration?
As far as i understand documentation this must be diabled on client AND server side to disable this functionality.
Setting it only server side means client side uses it´s default value (3600).
After checking my own log output from your container i see already this parameter also for client side. So everything is fine with this. Must be a copy / past mistake by myself.
This may not a bug than more a hint.
With default config given at container startup a client reconnect after 1h because of TLS regeneration.
This feature can be controlled via
reneg-sec
. At server sidereneg-sec 0
is set which disables this function.According to documentation default value is 3600 which means this value is used by client side. Adding
reneg-sec 0
also to client config suppresses hourly reconnects.Putting
reneg-sec 0
also as output for client config may a little more intuitive.