systemd and openvpn
Xen
list at xenhideout.nl
Wed Sep 13 17:23:26 UTC 2017
Göran Hasse schreef op 13-09-2017 6:50:
> Hello,
>
> Last week I had a major incident in our company.
>
> The root of this was that openvpn was controled by systemd and
> the configuration was set so that if the server died (a client
> configuration)
> was not restarted.
>
> All 20 client I had got some problem with my main server and
> made an exit. We had to send out service personel to all your sites.
You mean the "auth-retry nointeract" directive.
Yes very annoying.
I don't know why they don't make it default (at OpenVPN).
Maybe I am mistaken about this issue. The above means that if there is
any error that would otherwise be fatal (such as not being able to
authenticate) the client will not exit but keep retrying. Without this
directive the client will simply exit.
And not do anything after that.
This can be caused by a simple network issue, or a temporary glitch.
Because the default setup seems to be that the user needs to man the
post and try again manually.
The above directive changes it to automatically, which is only
reasonable for a Linux system.
Regards, Xen.
More information about the Ubuntu-devel-discuss
mailing list