我的OpenVPN服务器有问题。我的服务器设置为最终用户连接并与Radius服务器进行验证 我希望如果radius身份验证返回失败或超时,则OpenVPN Connect客户端必须显示失败的警报,而不是重试连接;如果客户端不断尝试重试连接,这会导致我的OpenVPN压力,而另一个用户无法请求连接。 我尝试过:
connect-retry
connect-retry-max
但不能按预期工作
这是我的server.conf
port 1194
proto udp
dev tun
plugin /etc/openvpn/radiusplugin.so /etc/openvpn/radiusplugin.cnf
ca /etc/openvpn/ca.crt
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key
dh /etc/openvpn/dh.pem
tls-auth /etc/openvpn/auth.tls 0
topology subnet
ifconfig-pool-persist /etc/openvpn/ipp.txt
server 10.210.0.0 255.255.255.0
local 192.168.9.32
push "dhcp-option DNS 192.168.9.15"
push "dhcp-option DNS 192.168.19.254"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DOMAIN x.x.com" #local domain
push "route-nopull"
push "route 192.168.9.15 255.255.255.255" #local dns
push "route 192.168.19.254 255.255.255.255" # local dns
push "route 192.168.9.0 255.255.255.0"
push "route 192.168.0.0 255.255.0.0"
duplicate-cn
cipher AES-256-CBC
tls-version-min 1.2
tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256:TLS-DHE-RSA-WITH-AES-128-GCM-SHA256:TLS-DHE-RSA-WITH-AES-128-CBC-SHA256
auth SHA512
auth-nocache
keepalive 10 60
persist-key
persist-tun
compress lz4-v2
push "compress lz4-v2"
daemon
log-append /var/log/openvpn.log
status /var/log/openvpn-status.log 10
verb 7
management 192.168.9.32 9999
connect-retry-max 2
connect-retry 15
push "connect-retry-max 2"
push "connect-retry 15"
sndbuf 393216
rcvbuf 393216
push "sndbuf 393216"
push "rcvbuf 393216"
tun-mtu 1400
mssfix 1360
那么,OpenVPN是否有任何服务器端配置选项可以做到这一点?
谢谢。