diff options
author | Christian Poessinger <christian@poessinger.com> | 2019-09-17 05:39:01 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-09-17 05:39:01 +0200 |
commit | 6ae968116ca045551133b1623788f917ce20b1b2 (patch) | |
tree | a87010c1baf88603834693cbc5067a83e01c71a1 /docs/vpn/openvpn.rst | |
parent | 5468ffd289770021b3f57cfac4cea8ed8085de29 (diff) | |
parent | 8a9b0b66cce423835674674daf44f2d00f4abe00 (diff) | |
download | vyos-documentation-6ae968116ca045551133b1623788f917ce20b1b2.tar.gz vyos-documentation-6ae968116ca045551133b1623788f917ce20b1b2.zip |
Merge pull request #105 from currite/openvpn_reneg
Openvpn reneg
Diffstat (limited to 'docs/vpn/openvpn.rst')
-rw-r--r-- | docs/vpn/openvpn.rst | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/docs/vpn/openvpn.rst b/docs/vpn/openvpn.rst index 84dfec6d..e252d016 100644 --- a/docs/vpn/openvpn.rst +++ b/docs/vpn/openvpn.rst @@ -175,6 +175,10 @@ First we need to specify the basic settings. 1194/UDP is the default. The `persistent-tunnel` option is recommended, it prevents the TUN/TAP device from closing on connection resets or daemon reloads. + +.. note:: Using **openvpn-option -reneg-sec** can be tricky. This option is used to renegotiate data channel after n seconds. When used at both server and client, the lower value will trigger the renegotiation. If you set it to 0 on one side of the connection (to disable it), the chosen value on the other side will determine when the renegotiation will occur. + + .. code-block:: sh set interfaces openvpn vtun10 mode server |