Under the "/interface ovpn-server server" menu, the "keepalive-timeout" value doesn't appear to have any effect in RouterOS 6.42.7.
I've had several cases where remote clients (using "hAP lite" routers) would lose their internet connectivity (or lose power), and then not be able to connect again, because the "server" router (an RB1100AHx4) thinks they're still connected, even after over 24 hours. The server router has "keepalive-timeout" set to 15, so according to the documentation I would expect the server to send a heartbeat to to the client after 15 seconds of idle time, and "hang up" the connection if the client doesn't respond in 30 seconds.
Also, https://wiki.mikrotik.com/wiki/Manual:Interface/OVPN gives an example where a "/interface ovpn-server monitor" command includes an "idle-time:" line in its output. However, when I use this command on the "server" router, the output does not include this line at all. Which means I can't even write a script to work around the problem.
Does the OVPN server software no longer track idle times at all? And when a client goes silent (due to a power loss or other failure in connectivity), is the only option to go into the server router and "/interface ovpn-server remove" the old connection?
Also, several people on the IRC channel are pointing out, yet again, that the OpenVPN functionality is more or less being ignored ... is there some other type of VPN which (1) allows multiple remote clients behind the same NAT (i.e. multiple traveling employees staying at the same hotel), and (2) doesn't require protocols other than TCP and UDP? Some hotels and coffee shops don't know what to do with AH, ESP, or other "non-normal" protocols.