Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    How to force drop/renew of IP every day

    Scheduled Pinned Locked Moved OpenVPN
    5 Posts 4 Posters 1.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      apara
      last edited by

      I have OpenVPN configured and running, but would like to change out my IP addresses every so often.  Is there a way to automatically drop and renew the IP lease on the OpenVPN gateway every 12 hours or so?

      1 Reply Last reply Reply Quote 0
      • B
        bimmerdriver
        last edited by

        When you say openvpn is configured and running, do you mean as a client? If so, the ip addresses are probably dependent on the service you are using, not on whether or not you drop and renew the connection. If you're concerned about being associated with an ip address, you should be wondering whether or not the public ip addresses are dedicated or shared and whether or not the vpn service logs anything. If the addresses are shared and the service doesn't retain logs, then it probably doesn't matter.

        1 Reply Last reply Reply Quote 0
        • F
          Finger79
          last edited by

          I see what apara's saying.  bimmerdriver has a point that it probably doesn't matter if the public IP address changes if it's a shared connection, and there's no logs.  apara may have other reasons for wanting to keep his public IP as dynamic as possible.  I know that with PIA at least, a single location has maybe 10-30 IP addresses that can be divvied out.

          Looking at the manual, there's a reneg-sec setting that forces a key renegotiation after n seconds, but it defaults to 3600 seconds (1 hour), so it's not possible to use that for periods longer than 1 hour without controlling the server configuration.

          apara, OpenVPN supports several scripts that can be run based on certain conditions, but I'm a beginner in that area.  There's gotta be a way to force a reconnection via script, then put the link to the script in the OpenVPN client configuration file.

          1 Reply Last reply Reply Quote 0
          • DerelictD
            Derelict LAYER 8 Netgate
            last edited by

            Figure out if it is clientX or clientY

            Run this using cron:

            /usr/local/sbin/pfSsh.php playback svc restart openvpn client X

            Chattanooga, Tennessee, USA
            A comprehensive network diagram is worth 10,000 words and 15 conference calls.
            DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
            Do Not Chat For Help! NO_WAN_EGRESS(TM)

            1 Reply Last reply Reply Quote 0
            • A
              apara
              last edited by

              Thanks for your answers.  I got my VPN running with PureVPN, so I am learning as I go as well.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.