EdgeOS should automatically reconnect your OpenVPN client tunnel. If it doesn't, there are two things you can add to your OpenVPN client config that will make the client reconnect when it's down (eg. because the server or your internet connection has been down).
- You can let your EdgeOS router ping over the VPN connection, and if it's down, reconnect it
- Tell EdgeOS (OpenVPN client) not to store Auth Tokens, and always perform full auth after reconnecting.
Especially #2 is a problem for some, and hard to debug. You know this is happening if your log files show something like this:
grep "AUTH" /var/log/messages
messages:Month Day Time Hostname openvpn[id]: AUTH: Received control message: AUTH_FAILED
Let's add the
ping setting to ping and auto-reconnect, and tell the EdgeOS OpenVPN client to ignore 'auth tokens' received (for a full re-auth on reconnect) assuming your OpenVPN client tunnel is
vtun1. Then commit, save and exit.
set interfaces openvpn vtun1 openvpn-option "--ping 10"
set interfaces openvpn vtun1 openvpn-option "--ping-restart 60"
set interfaces openvpn vtun1 openvpn-option "--pull-filter ignore auth-token"
commit; save; exit
Optionally you can add these settings to your
.ovpn client config as well, without the prefixed double dash. Eg. edit your client
.ovpn file, and add these lines to your client config:
pull-filter ignore auth-token