Hi, On Fri, Apr 17, 2015 at 07:34:36AM -0400, Jeff Mitchell wrote: > So hopefully peer-id will fix this, but I think I'll have to send some > feelers out to the VirtualBox guys and see if they agree that this > sounds like some issue in their stack.
It's definintely a bug in the NAT implementation - while a conversation
is active, there is no good reason to move it to a new source port.
OTOH, you'll see the behaviour in many mobile networks today: if there
is no traffic inside OpenVPN for a given time, like "60 seconds" (yes,
that short), it will time out the NAT entry and on the next packet, you
end up with a new source port or source IP address - so, peer-id is somewhat
hacky, but takes today's Internet realities into account...
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany g...@greenie.muc.de
fax: +49-89-35655025 g...@net.informatik.tu-muenchen.de
pgpwxajysr3u5.pgp
Description: PGP signature
------------------------------------------------------------------------------ BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT Develop your own process in accordance with the BPMN 2 standard Learn Process modeling best practices with Bonita BPM through live exercises http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_ source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
