Feature #3473

Allow configuration of OpenVPN keepalive

Added by B. Derman over 3 years ago. Updated 27 days ago.

Target version:
Start date:
Due date:
% Done:



The keepalive option is always added to an OpenVPN server configuration.

There are many scenarios where this is not wanted and will prevent the required behavior. In my case, when working with iOS VPN on demand rule-driven behavior, the keepalive had to be removed (by commenting out line 453 in

What's even worse is that, with the keepalive option configured, you can't even add options such as ping, ping-exit and inactive (i.e., via OpenVPN's "Advanced configuration") because the server fails to start when you do, citing a conflict with the keepalive option.

I'd suggest that the keepalive option should be an optional item configured via the GUI. A more complete/useful strategy would be to allow configuration of all of the following via the GUI:
- keepalive & both time parameters (should be mutually exclusive with ping/ping-exit)
- ping with time parameter
- ping exit with time parameter
- inactive with time parameter
along with a checkbox-type option to also push any of these to the client.


#1 Updated by B. Derman over 3 years ago

Oh, ping-restart should also be added to the list.

#2 Updated by Chris Buechler about 3 years ago

  • Tracker changed from Bug to Feature
  • Subject changed from keepalive always added to OpenVPN server configuration to Allow configuration of OpenVPN keepalive
  • Affected Version deleted (2.1)
  • Affected Architecture deleted (i386)

#3 Updated by Renato Botelho about 1 year ago

  • Assignee set to Renato Botelho
  • Target version set to 2.4.0

#4 Updated by Jim Pingle 5 months ago

  • Target version changed from 2.4.0 to 2.4.1

#5 Updated by Jim Pingle about 1 month ago

  • Target version changed from 2.4.1 to 2.4.2

#6 Updated by Jim Pingle 27 days ago

  • Target version changed from 2.4.2 to 2.4.3

Also available in: Atom PDF