OpenVPN will attempt to have a client renegotiation every 60 minutes (3600 sec) by default, which will prompt the user to enter their 2FA pin to continue the connection.
Renegotiate data channel key after n seconds (default=3600). When using a (OTP) one time password, be advised that your connection will automatically drop because your password is not valid anymore. Set to 0 to disable, remember to change on server and client as well.
If you want unlimited connection without these interruptions, update the /etc/openvpn/client-template.txt file and add reneg-sec 0 parameter, this file can look like this:
OpenVPN is enjoying increasing popularity. The OPNsense firewall offers an excellently integrated OpenVPN server with numerous features, but other open source solutions also use OpenVPN, as well as the Synology NAS devices, where OpenVPN is part of the VPN server, which is available in the DSM Package Center. The popular open source VPN solution is available for all common operating systems, from Linux and Windows to MacOS and mobile devices with iOS and Android.
This tutorial shows how to set up OpenVPN Connect and using VPN connections on iOS and Android.
How to use OpenVPN Connect on iPhone and Android
First, the OpenVPN Connect app is loaded onto the device. This is available free of charge in the Apple App Store and Google Play.
OpenVPN Apple Store
OpenVPN Google Play
The configuration of the clients is done by importing the ovpn profile, which contains all the necessary settings.
Launch the OpenVPN Connect app
Tap Upload File
Choose My Documents folder – Select Downloads
Select OpenVPN configuration file .ovpn
Import .ovpn profile?OK
Enter your username and select CONNECT
For 2FA enter OTP and password together OTP token + password
Import more OpenVPN profiles by tapping on the + symbol.
Screenshot gallery of OpenVPN Import Profile for Android.
The first time you connect after tapping the slide switch, the app will ask for permission to add the VPN configuration. If everything has been completed successfully, a VPN tunnel is established by the client to the server, which the app outputs via the status CONNECTED.
How to transfer OpenVPN profile?
The easiest way to transfer the configuration file (.ovpn) to an iOS or Android device is to transfer the file from the PC to the smartphone or tablet via Bluetooth. First both devices you’re have to pair via Bluetooth, then on the PC select the OVPN file with click the right mouse button, from the context menu choose – Send to Bluetooth device.
After confirming with OK, the OVPN file should now be found on the mobile device under “My Documents” in the “Downloads” folder.
Alternatively, you can send the OVPN file by email to your email address and then save it to your smartphone or tablet, or via cloud storage, and if available, via local synchronization such as Synology Drive.
OpenVPN as an open source solution is available for all clients of the common platforms, such as iOS and Android.
The corresponding app can be obtained from the respective store and the configuration is done via a file that contains all the settings and that you download from the OpenVPN server.
The OPNsense firewall is particularly recommended as an OpenVPN server. Numerous options can be configured, such as client and server certificates and 2FA authentication, with the integration of LDAP for active directory and google authenticator TOTP for multi-factor authentication.