Hello Members,

The problem which I have been experiencing relates to my Vigor 2860 VDSL router dropping my remote OpenVPN client connection. Any attempt to connect is then refused until the appliance is rebooted. The device was installed about one and 1/2 year ago and it worked great for about one year. The problem looks like to appear if there is no activity for two or three minutes. The connectivity drops and any new attempt to re-connect is refused. The Vigor configuration seems relatively simple, as I configured the OpenVPN port 1194 routed directly to the WAN interface of my FW and OpenVPN server. Basically, the Vigor router has to transfer port 1194 to the OpenVPN server and that's it. I prefer do not open the Vigor remote administration GUI as it will potentially expose to brute force attacks. Do you have any idea of what the problem might be?

Thanks
Sal

If it's only happening when idle then that will probably be caused by the DrayTek's session timeout mechanism, which drops sessions after they've been idle for a period of time. It's possible the OpenVPN server won't allow the reconnection because it's unaware that the VPN is not currently functioning.
To resolve that, go to the router's Web Console (icon of sliders in upper right of the web interface) and type "portmaptime -l" to view the current timeout values. Enter "portmaptime" for the syntax.

If your OpenVPN server is using UDP, then you could change the UDP timeout to a higher value by entering "portmaptime -u 3600" to increase the UDP idle session timeout value to 1 hour (3600 seconds).

Thanks. I have changed the UDP value as suggested. This is now the current setting:

---

Current setting

---

TCP Timeout : 86400 sec.
UDP Timeout : 3600 sec.
ICMP Timeout : 10 sec.
TCP WWW Timeout: 60 sec.
TCP SYN Timeout: 60 sec.

I will use the OpenVPN from tomorrow onward and I will try it again.
Regards