Pin caching example
By default, OpenVPN caches the hardware token password (or token PIN) for as long as the session lasts. In this recipe, we will configure OpenVPN to "forget" the token PIN after a certain period for even better security. The downside is that the client will fail to reconnect and will exit if it is restarted after this caching period.
Getting ready
We use the following network layout:
Keep the hardware token from the first recipe at hand. For this recipe, the server computer was running CentOS 5 Linux and OpenVPN 2.1.1. The client was running Fedora 12 Linux and OpenVPN 2.1.1. Keep the server configuration file basic-udp-server.conf from the Chapter 2 recipe Server-side routing at hand.
How to do it...
Start the server using the configuration file 'basic-udp-server.conf':
[root@server]# openvpn --config basic-udp-server.confNext, create the client configuration file:
client proto udp remote openvpnserver.example.com port 1194 dev tun nobind ca /etc/openvpn/cookbook...
