[eduVPN-deploy] Openvpn session time limit , disabling v6 , pool depletion
Peter Macfarlane
peter at ska.ac.za
Tue Mar 17 11:01:22 CET 2020
Hi
We are deploying eduVPN as a vpn service for internal network access ,
I know that this probably not the design use case for it but assume it
should still be safe for that use case , the experience so far as been
excellent , thanks very much for the excellent work.
Is there way to set a session limit on openvpn ? Our security guy
would like the session to only exist for not more than 8hrs.
Is there a way to disable IPv6 , for our internal usage it is not
relevant , while happy eyeballs will ignore it some other apps might
be slightly delayed by being assigned an address which goes nowhere ?
Probably being lazy and should test myself but the address pool is
split across in the default case the udp and the tcp port , if the udp
port runs out of address space would that trigger the client to try
the tcp port or would it only do this in the event of unreachability.
Thanks Peter
--
Peter Macfarlane
South African Radio Astronomy Observatory (SARAO)
Tel Direct: +27 21 506 7370
Tel Switchboard: +27 21 506 7300
Mobile: +27 82 925-5353
Email: Peter at ska.ac.za
More information about the eduVPN-deploy
mailing list