Page 2 of 2

Re: Compatible with OpenVPN 2.4 ?

Posted: Mon Feb 06, 2017 2:55 am
by enri
I tried "auth SHA256" and the iOS client can connect, but full tunnel traffic is not usable

Re: Compatible with OpenVPN 2.4 ?

Posted: Mon Feb 06, 2017 10:15 am
by dariusz
what you mean client can connect? Would you mind to share you server and client config?

Re: Compatible with OpenVPN 2.4 ?

Posted: Mon Feb 06, 2017 11:48 pm
by enri
I am not talking about tls-crypt. i just means when I use auth SHA256 (instead of my previous config that use auth SHA1), on my iPhone the traffic is extremely slow
on my mac it is working great

Re: Compatible with OpenVPN 2.4 ?

Posted: Wed Feb 08, 2017 11:27 am
by dariusz
FYi - I use SHA512 and with relatively old iphone 5s it works flawlessly with full speed

Re: Compatible with OpenVPN 2.4 ?

Posted: Sun Feb 12, 2017 6:26 pm
by enri
I see. Thanks for letting me know.

I have no idea why. the same settings (same ovpn file) for SHA256 as auth does not have problem with my Mac

Re: Compatible with OpenVPN 2.4 ?

Posted: Sat May 27, 2017 4:21 pm
by hany
I have managed to setup tls-crypt on my desktop clients, but no luck with iOS.

This is particularly troublesome since I live in a country that has recently become heavy handed in blocking VPN connections. Tunneling OpenVPN over something else is not particularly easy on a non-jailbroken iOS device — so tls-crypt would be really useful for me when mobile, and seems to be working as expected in Linux and macOS.

Re: Compatible with OpenVPN 2.4 ?

Posted: Sat May 27, 2017 4:32 pm
by dariusz
yes this is unfortunate but Open VPN 2.4 (where tls-crypt has been introduced) is not supported by official Open VPN iOS client yet. I too wish it was.

Try non EC setup with some common port 443 or 21 - depending on your country infrastructure it might work.

Re: Compatible with OpenVPN 2.4 ?

Posted: Sat May 27, 2017 7:20 pm
by hany
Yeah, I've been through all of that. DPI is being implemented and connections are sporadically getting dropped during the key exchange regardless of port number or whether TCP/UDP is being used. tls-crypt seems to be getting around this for the time being.

At home I tunnel OpenVPN over different things, but like I said, that's not so easy with vanilla iOS. So if I'm not at home and want to use something like Skype, there's often not much I can do.

What version of OpenVPN is OpenVPN Connect currently based on?

Re: Compatible with OpenVPN 2.4 ?

Posted: Sat May 27, 2017 7:29 pm
by dariusz

Re: Compatible with OpenVPN 2.4 ?

Posted: Sat May 27, 2017 7:56 pm
by hany
That's interesting. So it's more a matter of when OpenVPN 3.0 supports tls-crypt — I guess.

Re: Compatible with OpenVPN 2.4 ?

Posted: Sat May 27, 2017 8:01 pm
by dariusz
Looks like many commercial vpn providers cracked it already as many mention ecc openvpn

So annoying a bit that there is no free version yet. I wonder if maybe one of this commercial clients accepts any ovpn files. I will look around

Re: Compatible with OpenVPN 2.4 ?

Posted: Sat May 27, 2017 8:25 pm
by hany
I would not object to paying for a well-maintained iOS OpenVPN client that's feature compatible with the latest stable OpenVPN release if such a thing exists. An added bonus would be the ability to actually edit ovpn files without having to import them from scratch . . . .

Re: Compatible with OpenVPN 2.4 ?

Posted: Sat Jul 15, 2017 8:48 am
by kolargol
+1 for 2.4 support with ecc