How to force drop/renew of IP every day

  • I have OpenVPN configured and running, but would like to change out my IP addresses every so often.  Is there a way to automatically drop and renew the IP lease on the OpenVPN gateway every 12 hours or so?

  • When you say openvpn is configured and running, do you mean as a client? If so, the ip addresses are probably dependent on the service you are using, not on whether or not you drop and renew the connection. If you're concerned about being associated with an ip address, you should be wondering whether or not the public ip addresses are dedicated or shared and whether or not the vpn service logs anything. If the addresses are shared and the service doesn't retain logs, then it probably doesn't matter.

  • I see what apara's saying.  bimmerdriver has a point that it probably doesn't matter if the public IP address changes if it's a shared connection, and there's no logs.  apara may have other reasons for wanting to keep his public IP as dynamic as possible.  I know that with PIA at least, a single location has maybe 10-30 IP addresses that can be divvied out.

    Looking at the manual, there's a reneg-sec setting that forces a key renegotiation after n seconds, but it defaults to 3600 seconds (1 hour), so it's not possible to use that for periods longer than 1 hour without controlling the server configuration.

    apara, OpenVPN supports several scripts that can be run based on certain conditions, but I'm a beginner in that area.  There's gotta be a way to force a reconnection via script, then put the link to the script in the OpenVPN client configuration file.

  • LAYER 8 Netgate

    Figure out if it is clientX or clientY

    Run this using cron:

    /usr/local/sbin/pfSsh.php playback svc restart openvpn client X

  • Thanks for your answers.  I got my VPN running with PureVPN, so I am learning as I go as well.