Access Server

Follow us

vpn.server.session_ip_lock



This is a security check. The default value is "true". If you run into the following message you can set it to false to disable this particular check (please note that this option is only configurable in the 1.8.3 development builds or later. If you are running the stable 1.8.3 build, you will need to update it to the latest versions for this option to become configurable).

"SESSION_ID only allowed to be used by client IP address that created it"

Normally this message won't occur. If however you have a reverse proxy in front of your OpenVPN Access Server you may get this message when you log in at the web based client interface. Using such a setup, the server sees the reverse proxy initiating a connection followed by the actual client connecting. This triggers this security check and alerts the user. To disable this security check use the following commands in an SSH session or on the console of the Access Server:

cd /usr/local/openvpn_as/scripts/
./confdba -mk vpn.server.session_ip_lock -v false
/etc/init.d/openvpnas restart