Last updated on September 18, 2024
OpenVPN FAQ
Why am I not able to establish a VPN connection?
Make sure you have configured an appropriate Firewall rule under Firewall → Rules.
Why am I getting a Mobile Push login request from Rublon after OpenVPN authentication times out?
If you receive a Mobile Push or Email Link login request from Rublon right after your login attempt was rejected by OpenVPN, set AUTH_TIMEOUT in Rublon Authentication Proxy’s config file to be slightly longer than Authentication Timeout in the form, for example:
Authentication Timeout: 60
AUTH_TIMEOUT: 90
This ensures no pushes or emails are sent for already rejected logins.
I’m asked to reauthenticate after some time.
You probably forgot to set the reneg-sec n option (or the value you set does not fit your needs). The reneg-sec n option allows you to change the time (in seconds) after which a data channel key renegotiation happens. Set to reneg-sec 0 to never have to authenticate again as long as you don’t disconnect. Setting the option to 0 should fix the issue. If you do not want to generate and export a new OpenVPN configuration file again, you can edit your OpenVPN configuration file manually:
1. Go to your OpenVPN configuration file directory (C:\Program Files\OpenVPN\config by default) and open your configuration file (*.ovpn). Note that you are going to need administrator privileges to change the file, so run the file as administrator.
2. Add the following line to the end of the file: reneg-sec 0. If your file already contains a reneg-sec n option, change its value to 0.
3. Save the file.
4. Note that for these changes to work there needs to be reneg-sec 0 set on the OpenVPN server side too.
Why do I receive another Mobile Push/Email Link although I already approved the 2FA challenge?
This usually happens when 2FA is accepted during OpenVPN’s connect-retry time. Change the hand-window option inside OpenVPN’s config to a higher value (default is 60, we recommend 120 seconds), and make sure this value is higher by at least 10 seconds than the AUTH_TIMEOUT set in Rublon Authentication Proxy (default: 90 seconds).
