On Wed, May 6, 2015 at 1:37 PM, jacky he <jacky.he at gmail.com> wrote: > I have test the git version, the error still. > ocserv[17086]: sec-mod: initiating session for user 'vpnuser' (session: jxejo) > ocserv[17086]: sec-mod: initiating session for user 'vpnuser' (session: jxejo) > ocserv[17082]: main[vpnuser]: WiFi network IP:62699 user disconnected > ocserv[17086]: sec-mod: temporarily closing session for vpnuser > (session: jxejo) > ocserv[17082]: main[vpnuser]: Cellular network IP:9142 user disconnected > ocserv[17086]: sec-mod: invalidating session of user 'vpnuser' (session: jxejo) I have misunderstood here. It seems that the client re-uses the first connection from the new IP, the wifi IP is disconnected (possibly due to an RST), and then the client sends a disconnect command over the Cell IP. Then it tries to re-use the cookie which it has just invalidated intentionally. I'm not sure how to handle that, except for adding a flag to not invalidate sessions on client request, which is a pretty ugly workaround. regards, Nikos
