[Solved] Strange behavior /bug iOS<-> MikroTik

Official client software for OpenVPN Access Server and OpenVPN Cloud.
Locked
payam124
OpenVpn Newbie
Posts: 2
Joined: Thu Sep 29, 2016 11:16 am

[Solved] Strange behavior /bug iOS<-> MikroTik

Post by payam124 » Thu Sep 29, 2016 11:33 am

I experience very strange behavior when using openvpn connect to connect a VPN server hosted on a MikroTik router!
long story short, it seems openvpn connect shift any IP address in the header of the packets to the right by 1 octet and put a strange octet in the most left part!
I myself can't realize it! but it seems it happens!
in short, after establishing the tunnel, if my iPhone gets 10.15.32.38 and it tries to ping 8.8.8.8, the sniffing the openvpn tunnel on MikroTik shows
182.10.15.32 ->38.8.8.8
!!!!!!

the test scenario is as below:
(if you don't have mikrotik, you can get it as cheap as 3.5USD per month on ramnode or cloudsigma and you can mount your image ther)

here you can find a complete how to: http://wiki.mikrotik.com/wiki/OpenVPN
also https://rbgeek.wordpress.com/2014/09/10 ... -routeros/


/ip pool add name=ovpn-pool ranges=10.15.32.34-10.15.32.40
/ppp profile
add local-address=10.15.32.33 name=ovpnprofile remote-address=ovpn-pool use-encryption=required
/interface ovpn-server server
set certificate=h-ca-mikrotik.crt_0 cipher=blowfish128,aes128,aes192,aes256 default-profile=ovpnprofile enabled=yes keepalive-timeout=disabled netmask=28
add name=youruser password=yourpassword


and on the configuration for the iOS:
dev tun
proto tcp
remote REMOTEIP 1194
nobind
persist-key
persist-tun
ns-cert-type server
auth-user-pass
verb 9
tls-client
<ca>
[snip]
</ca>
<cert>
[snip]
-----BEGIN CERTIFICATE-----
[snip]
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
[snip]
-----END PRIVATE KEY-----
</key>

openvpn gets connected, but I can not ping the router! eventually I started to sniff the tunnel traffic and I realized MikRotik saw different IP!
I tried to ping from Mikrotik to iPhone, the packets were fine!

also I tried the same config on windows and android. both worked fine and also tunnel sniffer showed right IPs in the source and dest! but for iOS IP in source and dest were shifted!

I know it is very unusual, but this was my experience!
any openvpn developer if interested, I can share credentials
Top
payam124
OpenVpn Newbie
Posts: 2
Joined: Thu Sep 29, 2016 11:16 am

Re: Strange behavior /bug iOS<-> MikroTik

Post by payam124 » Thu Sep 29, 2016 12:46 pm

restarting everything, the problem solved! so weird!
Top
Locked

Return to “OpenVPN Connect (iOS)”