1
I want my OpenVPN client application (running on A) to quit when it is unable to connect (or reconnect) to a server (B). I use the UDP protocol. Both A and B are Linux systems.
More precisely, I keep on getting the following log entries.
UDPv4 link remote: [AF_INET] [remote-ip]
TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
TLS Error: TLS handshake failed
SIGUSR1[soft,tls-error] received, process restarting
Re-using SSL/TLS context
UDPv4 link remote: [AF_INET] [remote-ip]
...
I know why A cannot access B. Instead of restarting the process, I want OpenVPN to quit.
There are some options in man openvpn that I tried using.
- I set
resolv-retryto a small number (not working, the address of B can be resolved). - I set
connect-retry-maxto 1 (not working, I am using UDP).
I am guessing that I am looking over some option....
EDIT: Background info:
I want to do this because of firewall hole punching. B is behind a firewall that allows only SSH traffic. Before starting the client on A, I run a script that enables traffic to flow from A to B. This works for a while, but the hole in B's firewall needs to be 'renewed' after some time (e.g. due to network problems, but also because A has a dynamic IP address). Since there is no up-pre counterpart to down-pre and I do not want to apply a patch and compile OpenVPN myself to add it, I run a wrapper script on A that punches a new hole (in B's firewall) and starts OpenVPN each time OpenVPN stops running. This would work, if only OpenVPN were to quit....
Semafoor
Posted 2013-11-11T19:51:08.297
Reputation: 176
Is it an option to just "mute 5" in the config to supress multiple log entries? – Mattias Åslund – 2013-11-11T21:47:13.823
No, unfortunately it is not. I need the process to end. I added some background information to my question to explain why I need this. – Semafoor – 2013-11-11T23:28:15.987