Open Connect 7.0.6 drops
Kevin Cernekee
cernekee at gmail.com
Wed May 4 10:44:10 PDT 2016
On Thu, Apr 28, 2016 at 6:35 AM, Fred Schnittke
<Fred.Schnittke at autodata.net> wrote:
> Is there a way to disable DPD?
Does --force-dpd=0 work?
The downside of turning off DPD is that the client might not notice
when the connection is no longer able to pass data, so you wind up
with a "living dead" VPN tunnel.
> Failed to reconnect to host SomeIP
Normally after I see a DPD timeout, the reconnection succeeds right
away and the session is able to resume itself with little/no
disruption to the user. DPD timeouts frequently happen due to NAT
timeouts or IP/network changes.
It might be worth increasing verbosity and/or grabbing a packet trace
to see why it is failing in this case.
More information about the openconnect-devel
mailing list