Description: In your OpenVPN Access Server, you can configure an automatic client inactivity disconnect threshold as explained in this guide: Automatic client inactivity disconnect threshold.
Follow the steps below to configure and test the threshold.
+ The example steps use a username called "test" and configure "prop_ibytes" as "10000000" with "prop_isec" as "300".
- prop_isec: number of seconds over which to sample bytes in/out
- prop_ibytes: minimum number of bytes over prop_isec to allow connection to continue
+ Run the following commands via "root" user privileges:
./sacli --user test --key "prop_isec" --value 300 UserPropPut
./sacli --user test --key "prop_ibytes" --value 10000000 UserPropPut
This means that when the transmit/receive is below 10000000 bytes (10Mb) over a period of five (5) minutes, the VPN connection disconnects.
+ Connect to the VPN as the "test" user and wait for five minutes.
As you can see in the below image from the "Current Users" tab on the Admin Web UI, over the five minutes period, the transmit/receive (Bytes Sent Received) was 1.15Mb (474.30KB + 695.9KB) (below my threshold which was 10Mb), therefore the VPN connection disconnected as expected.
If you have additional questions, please submit a ticket.
Please sign in to leave a comment.