3

Server: OpenVPN 2.3.8 on Ubuntu 14.04

How do I force a session to disconnect after a set time?

I want VPN sessions to last no longer than 24 hours. Currently, clients appear to be able to stay connected indefinitely.

I've looked at the --inactive param and that is pretty close to what I want, but I also want to force disconnect after 24 hours. i.e. VPN sessions should never last longer than 24 hours.

Edit OpenVPN Kill Script

I created a script to do this; it runs in an hourly cron job. I've posted it on Github here: https://github.com/poolpog/kill-openvpn-clients

JDS
  • 2,598
  • 4
  • 30
  • 49

1 Answers1

3

For Openvpn community edition, there is no such option available, and you can only achieve this by writing custom script that uses the OpenVPN Management Interface and kill command.

COMMAND -- kill

In server mode, kill a particlar client instance.

Command examples:

kill Test-Client -- kill the client instance having a common name of "Test-Client".
kill 1.2.3.4:4000 -- kill the client instance having a source address and port of 1.2.3.4:4000

Use the "status" command to see which clients are connected.

For Openvpn Access Server there is such a default option available:

live session expiration -- if a client stays connected, the token will expire after 1 day by default. This value can be modified using the vpn.server.session_expire key.

Diamond
  • 9,001
  • 3
  • 24
  • 38