On Mon, Apr 13, 2020 at 6:33 PM The Wanderer <wanderer@xxxxxxxxxxx> wrote: > Would a repeating ping over the VPN tunnel (one every 30 seconds, more a > keepalive than anything else) be enough to qualify as traffic for this > purpose, or would I need to keep something else (e.g. the RDP session) > going? I don't really know what is used to detect an idle connection. Ping may or may not be enough. ¯\_(ツ)_/¯ Issuing a random DNS query at an interval that's 60-90% of the idle timeout has worked for every VPN I've thrown it at… https://github.com/dlenski/vpn-slice/blob/master/vpn_slice/__main__.py#L234-L262 > I hope it's OK if I process the resulting file to strip out identifying > information - organization names, not IP addresses et cetera; I'm not > entirely sure what is and isn't OK to let out, here, but I know we're > told not to share the GlobalProtect portal address and I can see that in > the logs already. Yep, you should see plenty of examples of how to obfuscate such things in the list archives. If you're unsure, you can send the logs to "just one random guy on the Internet" (me) instead of "a whole bunch of us." Dan _______________________________________________ openconnect-devel mailing list openconnect-devel@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/openconnect-devel
