Binding on wrong interface (I guess)

Scripts to manage certificates or generate config files

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Post Reply
bonne
OpenVpn Newbie
Posts: 13
Joined: Sun Jun 14, 2015 8:01 am

Binding on wrong interface (I guess)

Post by bonne » Sun Jun 14, 2015 8:16 am

Running OpenVPN Connect 1.1.16 (build74) on a MotoX 2014

I have two profiles - one for my 4G data connection and one for my WiFi.

My Wifi subnet is 172.18.2.0/24 IP 172.18.2.52, the OpenVPN server is 172.18.2.1 and the 4G is dynamic, naturally.

It seems that OpenVPN keeps trying to access the OpenVPN server 172.18.2.1 through the 4G interface even though the WiFi is on the same subnet as the OpenVPN server. Only when I disable the 4G, I am able to connect the the OpenVPN server. :x After this, I can enable the 4G, and the OpenVPN tunnel continues to work.

This was not a problem before upgrading to Android 5.0 in 2014. I expected this to be a error related to the Android OS, and I expected the issue to be resolved in the next android update... This took ages, and now, a couple of weeks ago, when I received Android 5.0.1 (I think... System info still reports 5.0), the issue persists. :x :x :x

Anyone of you knows a workaround to this issue?

Client config is:

------------------
client
dev tun
local 172.18.2.52
lport 0
proto udp
remote 172.18.2.1 11194
resolv-retry infinite
persist-key
persist-tun

ca ca.crt
cert motox.crt
key motox.key

ns-cert-type server
remote-cert-tls server

tls-auth ta.key 1

cipher AES-256-CBC

comp-lzo
verb 3
------------------------

Regards, Lars.

User avatar
Traffic
OpenVPN Protagonist
Posts: 4066
Joined: Sat Aug 09, 2014 11:24 am

Re: Binding on wrong interface (I guess)

Post by Traffic » Mon Jun 15, 2015 11:56 am

As the server generally configures the client can you post your server config please.

bonne
OpenVpn Newbie
Posts: 13
Joined: Sun Jun 14, 2015 8:01 am

Re: Binding on wrong interface (I guess)

Post by bonne » Mon Jun 22, 2015 11:54 pm

Traffic wrote:As the server generally configures the client can you post your server config please.
Sorry for taking so long. Meanwhile a new Android update was reaching my phone making the problem even worse as this Android version will not auto connect wifi network that it classifies as "no connection".

My server conf:

$ cat wifi.conf


----------
local x.x.x.x


port 11194


proto udp


dev tun1


ca /something.crt
cert /something.crt
key /something.key # This file should be kept secret


dh /something.pem


server 10.19.5.0 255.255.255.0


ifconfig-pool-persist ipp_wifi.txt



push "redirect-gateway def1"


push "redirect-gateway def1 bypass-dhcp"



push "dhcp-option DNS a.b.c.d"
push "dhcp-option WINS e.f.g.h"


client-to-client


keepalive 10 120

tls-auth /somethingta.key 0 # This file is secret


cipher AES-256-CBC


comp-lzo


max-clients 10


user _openvpn
group _openvpn


persist-key
persist-tun


status openvpn_wifi-status.log 10
status-version 2

crl-verify /somethingcrl.pem


log-append /something.log


verb 4

mute 20
---------

Regards, Lars.

bonne
OpenVpn Newbie
Posts: 13
Joined: Sun Jun 14, 2015 8:01 am

Re: Binding on wrong interface (I guess)

Post by bonne » Tue Jun 23, 2015 5:30 am

Traffic wrote:As the server generally configures the client can you post your server config please.
...but actually I think the problem is at the client side as described on my original post. The client does not even seem to hit the server.

Regards, Lars.

User avatar
Traffic
OpenVPN Protagonist
Posts: 4066
Joined: Sat Aug 09, 2014 11:24 am

Re: Binding on wrong interface (I guess)

Post by Traffic » Sat Aug 22, 2015 10:16 pm

Your sever is redirecting your client gateway with:
bonne wrote:push "redirect-gateway def1 bypass-dhcp"
Do not connect to both VPNs at the same time .. do they work separately ?

bonne
OpenVpn Newbie
Posts: 13
Joined: Sun Jun 14, 2015 8:01 am

Re: Binding on wrong interface (I guess)

Post by bonne » Mon Aug 24, 2015 8:53 am

Problem seemed to be on Android. Captive portal detection had to be disabled:

http://android.stackexchange.com/questi ... k-on-wi-fi

Post Reply