OpenVPN Access Server (AS) is a paid package based on OpenVPN Server which provides management of users, connections, even LDAP integration simplified through a web interface.
This helps in deployment of a VPN solution for multiple users in a matter of minutes.
But, OpenVPN AS by default comes with a 24-hour session time-out period. This can be taxing at times to reconnect to the OpenVPN Server and start the processes all over again.
The OpenVPN AS uses SQLite at backend to store its certificates, configuration, logs and user related data.
The data stored in SQLite is in encrypted format and to decrypt the data to text format OpenVPN AS provides a “sqlite3” script.
All the OpenVPN AS’s scripts are located in “/usr/local/openvpn_as/scripts” and all the related database is stored in “/usr/local/openvpn_as/etc/db“.
i) To view the current OpenVPN AS’s timeout session run this script:
/usr/local/openvpn_as/scripts/sqlite3 /usr/local/openvpn_as/etc/db/config.db .dump > /tmp/config.txt
Now, view config.txt file and locate “vpn.server.session_expire” and its corresponding value in seconds.
In the above picture, session timeout is specified as 604800 seconds equivalent to 7 days.
To change the timeout period there is another script provided by OpenVPN AS, i.e. “sacli“.
ii) To set your own customized session timeout let’s say 30 days (2592000 seconds), use “sacli” script as follows:
/usr/local/openvpn_as/scripts/sacli --key vpn.server.session_expire --value 2592000 ConfigPut
iii) To reload the configuration, follow the process below and don’t worry it will not stop your running server:
The OpenVPN AS will now run smoothly without dropping any connections for a period of 30 days, it can be customized according your requirements.
Keep following and subscribe to our blogs to make your life simpler and boss happy.