Question

I am running an OVPN client on RUT240.

My OVPN server has key re-negotiation disabled using "reneg-sec 0" and I want to use the same configuration on the RUT240 client, otherwise there will be re-negotiation every 3600 s (default).

I configured the OVPN client from the WEB GUI, but here there doesn't seem to be a place to define "reneg-sec". I tried to use an xxx.ovpn configuration file, but that didn't work for me at first try, - might have done something wrong. Will Teltonika pick up the "reneg-sec 0" entry from a xxx.ovpn configuration file if I manage to get that to work, or is it not possible to set this time in a RUT240 OVPN client?

Answer 1

Hello,

Yes, you can set custom "reneg-sec" value for OpenVPN functionality on Teltonika routers. That can be done through WebUI "Services -> VPN -> OpenVPN" menu, form "Extra options" field. Simply enter "reneg-sec 0" in this field and that should do the trick.

Also take note, that according to OpenVPN documentation it is enough to set "reneg-sec 0" value just on one OpenVPN tunnel side (either server or client). Once one side would have renegotiation disabled, it will ignore incoming renegotiation requests.

Online source: https://openvpn.net/community-resources/reference-manual-for-openvpn-2-4/

Section starting with "--reneg-sec n"

Comments

Thank you for your answer, I missed that field in the WEB GUI. It works for me now by setting "reneg-sec 0" in that field.

Regarding the need for setting "reneg-sec 0" on both sides, I think this is needed according to the documentation:

"set it to 0 on one side of the connection (to disable), and to your chosen value on the other side". 

I.e. if I use "reneg-sec 0" on my server and Teltonika uses the default value of 3600, it will be 3600 s that rules :-)