Successful (?) Connection every 30 sec, no ping, no network
Posted: Thu Jun 08, 2017 2:01 am
Hello!
iPad, iOS 10.3.2
OpenVPN Connect 1.1.1 build 212 (iOS 64-bit)
Client configuration file mama.ovpn:
The configuration file mama.ovpn and the pkcs12 certificate file mama-ipad.p12 were successfully integrated. A connection to the OpenVPN server is also established.
The transfer network is 10.0.0.0/255.255.255.0. This should be routed between client and LAN (192.168.70.0/255.255.255.0).
PCs, laptops and Android tablets work perfectly. The iPad connects, but does not reach any of the networks (neither 10.0.0.0/255.255.255.0 nor 192.168.70.0/255.255.255.0). In addition, I observe that the connection is re-established approximately every 30 seconds.
I have made a lot of changes to the configuration, but no matter what I do, the behavior does not change.
I do not understand this, because other devices such as Windows PCs, laptops or Android work with the same configuration without errors.
I add a part of the log file below. Maybe someone can help me.
Many Thanks!
René
Log file:
iPad, iOS 10.3.2
OpenVPN Connect 1.1.1 build 212 (iOS 64-bit)
Client configuration file mama.ovpn:
Code: Select all
remote myip.tld 1195
dev tun
proto udp
tun-mtu 1500
client
auth SHA1
cipher AES-256-CBC
comp-lzo yes
redirect-gateway
verb 3
nobind
persist-key
persist-tun
user nobody
group nogroup
resolv-retry infinite
pkcs12 mama-ipad.p12
<ca>
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
</ca>
The transfer network is 10.0.0.0/255.255.255.0. This should be routed between client and LAN (192.168.70.0/255.255.255.0).
PCs, laptops and Android tablets work perfectly. The iPad connects, but does not reach any of the networks (neither 10.0.0.0/255.255.255.0 nor 192.168.70.0/255.255.255.0). In addition, I observe that the connection is re-established approximately every 30 seconds.
I have made a lot of changes to the configuration, but no matter what I do, the behavior does not change.
I do not understand this, because other devices such as Windows PCs, laptops or Android work with the same configuration without errors.
I add a part of the log file below. Maybe someone can help me.
Many Thanks!
René
Log file:
Code: Select all
2017-06-08 02:47:26 Connecting to [myip.tld]:1195 (11.22.33.44) via UDPv4
2017-06-08 02:47:26 EVENT: CONNECTING
2017-06-08 02:47:26 Tunnel Options:V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-client
2017-06-08 02:47:26 Creds: UsernameEmpty/PasswordEmpty
2017-06-08 02:47:26 Peer Info:
IV_GUI_VER=net.openvpn.connect.ios 1.1.1-212
IV_VER=3.1.2
IV_PLAT=ios
IV_NCP=2
IV_TCPNL=1
IV_PROTO=2
IV_LZO=1
IV_AUTO_SESS=1
2017-06-08 02:47:27 VERIFY OK: depth=1
cert. version : 3
serial number : C0:AC:46:33:B6:DB:88:81
issuer name : C=DE, ST=MY STATE, L="My City", O="My organisation", OU=My-ROOT-CA, CN=My-ROOT-CA, ??=My-ROOT-CA, emailAddress=info@mail.tld
subject name : C=DE, ST=MY STATE, L="My City", O="My organisation", OU=My-ROOT-CA, CN=My-ROOT-CA, ??=My-ROOT-CA, emailAddress=info@mail.tld
issued on : 2015-01-05 08:30:12
expires on : 2025-01-02 08:30:12
signed using : RSA with SHA1
RSA key size : 2048 bits
basic constraints : CA=true
2017-06-08 02:47:27 VERIFY OK: depth=0
cert. version : 3
serial number : 01
issuer name : C=DE, ST=MY STATE, L="My City", O="My organisation", OU=My-ROOT-CA, CN=My-ROOT-CA, ??=My-ROOT-CA, emailAddress=info@mail.tld
subject name : C=DE, ST=MY STATE, L="My City", O="My organisation", OU=Netzwerk, CN=openvpn.isential.local, ??=openvpn.isential.local, emailAddress=info@mail.tld
issued on : 2015-01-05 08:33:00
expires on : 2025-01-02 08:33:00
signed using : RSA with SHA-512
RSA key size : 2048 bits
basic constraints : CA=false
cert. type : SSL Server
key usage : Digital Signature, Key Encipherment
ext key usage : TLS Web Server Authentication
2017-06-08 02:47:27 SSL Handshake: TLSv1.2/TLS-DHE-RSA-WITH-AES-256-GCM-SHA384
2017-06-08 02:47:27 Session is ACTIVE
2017-06-08 02:47:27 EVENT: GET_CONFIG
2017-06-08 02:47:27 Sending PUSH_REQUEST to server...
2017-06-08 02:47:27 OPTIONS:
0 [redirect-gateway]
1 [route] [192.168.70.0] [255.255.255.0]
2 [dhcp-option] [DOMAIN] [isential.local]
3 [dhcp-option] [DNS] [192.168.70.203]
4 [dhcp-option] [WINS] [192.168.70.203]
5 [route] [10.0.0.1]
6 [topology] [net30]
7 [ping] [10]
8 [ping-restart] [60]
9 [ifconfig] [10.0.0.18] [10.0.0.17]
2017-06-08 02:47:27 PROTOCOL OPTIONS:
cipher: AES-256-CBC
digest: SHA1
compress: LZO
peer ID: -1
2017-06-08 02:47:27 EVENT: ASSIGN_IP
2017-06-08 02:47:27 Error parsing dhcp-option: [dhcp-option] [WINS] [192.168.70.203] : tun_prop_dhcp_option_error: tun_builder_add_wins_server failed
2017-06-08 02:47:27 Connected via tun
2017-06-08 02:47:27 LZO-ASYM init swap=0 asym=0
2017-06-08 02:47:27 EVENT: CONNECTED @myip.tld:1195 (11.22.33.44) via /UDPv4 on tun/10.0.0.18/ gw=[10.0.0.17/]
2017-06-08 02:47:27 SetStatus Connected
2017-06-08 02:47:36 NET Internet:NotReachable/-R tc-----
2017-06-08 02:47:36 OS Event: NET UNAVAILABLE (PAUSE): Internet:NotReachable/-- -------
2017-06-08 02:47:36 UDP send error: send: Can't assign requested address
2017-06-08 02:47:36 Transport Error: EADDRNOTAVAIL: Can't assign requested address
2017-06-08 02:47:36 EVENT: TRANSPORT_ERROR EADDRNOTAVAIL: Can't assign requested address [ERR]
2017-06-08 02:47:36 Client terminated, restarting in 5000 ms...
2017-06-08 02:47:36 TUN reassert
2017-06-08 02:47:36 TUN reset routes
2017-06-08 02:47:36 EVENT: PAUSE
2017-06-08 02:47:37 NET Internet:NotReachable/-- -------
2017-06-08 02:47:39 RECONNECT TEST: Internet:NotReachable/-- -------
2017-06-08 02:47:56 OS Event: NET AVAILABLE (RESUME): Internet:ReachableViaWiFi/-R t------ allow=1
2017-06-08 02:47:57 NET Internet:ReachableViaWiFi/-R t------
2017-06-08 02:47:59 RECONNECT TEST: Internet:ReachableViaWiFi/-R t------
2017-06-08 02:47:59 Client terminated, reconnecting in 1...
2017-06-08 02:48:00 EVENT: RESUME
2017-06-08 02:48:00 EVENT: RECONNECTING
2017-06-08 02:48:00 EVENT: RESOLVE
2017-06-08 02:48:00 Contacting 11.22.33.44:1195 via UDP
2017-06-08 02:48:00 EVENT: WAIT
2017-06-08 02:48:00 SetTunnelSocket returned 1
2017-06-08 02:48:00 Connecting to [myip.tld]:1195 (11.22.33.44) via UDPv4
2017-06-08 02:48:00 EVENT: CONNECTING
2017-06-08 02:48:00 Tunnel Options:V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-client
2017-06-08 02:48:00 Creds: UsernameEmpty/PasswordEmpty
2017-06-08 02:48:00 Peer Info:
IV_GUI_VER=net.openvpn.connect.ios 1.1.1-212
IV_VER=3.1.2
IV_PLAT=ios
IV_NCP=2
IV_TCPNL=1
IV_PROTO=2
IV_LZO=1
IV_AUTO_SESS=1
2017-06-08 02:48:00 VERIFY OK: depth=1
cert. version : 3
serial number : C0:AC:46:33:B6:DB:88:81
issuer name : C=DE, ST=MY STATE, L="My City", O="My organisation", OU=My-ROOT-CA, CN=My-ROOT-CA, ??=My-ROOT-CA, emailAddress=info@mail.tld
subject name : C=DE, ST=MY STATE, L="My City", O="My organisation", OU=My-ROOT-CA, CN=My-ROOT-CA, ??=My-ROOT-CA, emailAddress=info@mail.tld
issued on : 2015-01-05 08:30:12
expires on : 2025-01-02 08:30:12
signed using : RSA with SHA1
RSA key size : 2048 bits
basic constraints : CA=true
2017-06-08 02:48:00 VERIFY OK: depth=0
cert. version : 3
serial number : 01
issuer name : C=DE, ST=MY STATE, L="My City", O="My organisation", OU=My-ROOT-CA, CN=My-ROOT-CA, ??=My-ROOT-CA, emailAddress=info@mail.tld
subject name : C=DE, ST=MY STATE, L="My City", O="My organisation", OU=Netzwerk, CN=openvpn.isential.local, ??=openvpn.isential.local, emailAddress=info@mail.tld
issued on : 2015-01-05 08:33:00
expires on : 2025-01-02 08:33:00
signed using : RSA with SHA-512
RSA key size : 2048 bits
basic constraints : CA=false
cert. type : SSL Server
key usage : Digital Signature, Key Encipherment
ext key usage : TLS Web Server Authentication
2017-06-08 02:48:01 SSL Handshake: TLSv1.2/TLS-DHE-RSA-WITH-AES-256-GCM-SHA384
2017-06-08 02:48:01 Session is ACTIVE
2017-06-08 02:48:01 EVENT: GET_CONFIG
2017-06-08 02:48:01 Sending PUSH_REQUEST to server...
2017-06-08 02:48:01 OPTIONS:
0 [redirect-gateway]
1 [route] [192.168.70.0] [255.255.255.0]
2 [dhcp-option] [DOMAIN] [isential.local]
3 [dhcp-option] [DNS] [192.168.70.203]
4 [dhcp-option] [WINS] [192.168.70.203]
5 [route] [10.0.0.1]
6 [topology] [net30]
7 [ping] [10]
8 [ping-restart] [60]
9 [ifconfig] [10.0.0.18] [10.0.0.17]
2017-06-08 02:48:01 PROTOCOL OPTIONS:
cipher: AES-256-CBC
digest: SHA1
compress: LZO
peer ID: -1
2017-06-08 02:48:01 EVENT: ASSIGN_IP
2017-06-08 02:48:01 Error parsing dhcp-option: [dhcp-option] [WINS] [192.168.70.203] : tun_prop_dhcp_option_error: tun_builder_add_wins_server failed
2017-06-08 02:48:01 Connected via tun
2017-06-08 02:48:01 LZO-ASYM init swap=0 asym=0
2017-06-08 02:48:01 EVENT: CONNECTED @myip.tld:1195 (11.22.33.44) via /UDPv4 on tun/10.0.0.18/ gw=[10.0.0.17/]
2017-06-08 02:48:01 SetStatus Connected
2017-06-08 02:49:01 Session invalidated: KEEPALIVE_TIMEOUT
2017-06-08 02:49:01 Client terminated, restarting in 2000 ms...
2017-06-08 02:49:01 TUN reassert
2017-06-08 02:49:01 TUN reset routes
2017-06-08 02:49:03 EVENT: RECONNECTING
2017-06-08 02:49:03 EVENT: RESOLVE
2017-06-08 02:49:03 Contacting 11.22.33.44:1195 via UDP
2017-06-08 02:49:03 EVENT: WAIT
2017-06-08 02:49:03 SetTunnelSocket returned 1
2017-06-08 02:49:03 Connecting to [myip.tld]:1195 (11.22.33.44) via UDPv4
2017-06-08 02:49:03 EVENT: CONNECTING
2017-06-08 02:49:03 Tunnel Options:V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-client
2017-06-08 02:49:03 Creds: UsernameEmpty/PasswordEmpty
2017-06-08 02:49:03 Peer Info:
IV_GUI_VER=net.openvpn.connect.ios 1.1.1-212
IV_VER=3.1.2
IV_PLAT=ios
IV_NCP=2
IV_TCPNL=1
IV_PROTO=2
IV_LZO=1
IV_AUTO_SESS=1
2017-06-08 02:49:03 VERIFY OK: depth=1
cert. version : 3
serial number : C0:AC:46:33:B6:DB:88:81
issuer name : C=DE, ST=MY STATE, L="My City", O="My organisation", OU=My-ROOT-CA, CN=My-ROOT-CA, ??=My-ROOT-CA, emailAddress=info@mail.tld
subject name : C=DE, ST=MY STATE, L="My City", O="My organisation", OU=My-ROOT-CA, CN=My-ROOT-CA, ??=My-ROOT-CA, emailAddress=info@mail.tld
issued on : 2015-01-05 08:30:12
expires on : 2025-01-02 08:30:12
signed using : RSA with SHA1
RSA key size : 2048 bits
basic constraints : CA=true
2017-06-08 02:49:03 VERIFY OK: depth=0
cert. version : 3
serial number : 01
issuer name : C=DE, ST=MY STATE, L="My City", O="My organisation", OU=My-ROOT-CA, CN=My-ROOT-CA, ??=My-ROOT-CA, emailAddress=info@mail.tld
subject name : C=DE, ST=MY STATE, L="My City", O="My organisation", OU=Netzwerk, CN=openvpn.isential.local, ??=openvpn.isential.local, emailAddress=info@mail.tld
issued on : 2015-01-05 08:33:00
expires on : 2025-01-02 08:33:00
signed using : RSA with SHA-512
RSA key size : 2048 bits
basic constraints : CA=false
cert. type : SSL Server
key usage : Digital Signature, Key Encipherment
ext key usage : TLS Web Server Authentication
2017-06-08 02:49:03 SSL Handshake: TLSv1.2/TLS-DHE-RSA-WITH-AES-256-GCM-SHA384
2017-06-08 02:49:03 Session is ACTIVE
2017-06-08 02:49:03 EVENT: GET_CONFIG
2017-06-08 02:49:03 Sending PUSH_REQUEST to server...
2017-06-08 02:49:03 OPTIONS:
0 [redirect-gateway]
1 [route] [192.168.70.0] [255.255.255.0]
2 [dhcp-option] [DOMAIN] [isential.local]
3 [dhcp-option] [DNS] [192.168.70.203]
4 [dhcp-option] [WINS] [192.168.70.203]
5 [route] [10.0.0.1]
6 [topology] [net30]
7 [ping] [10]
8 [ping-restart] [60]
9 [ifconfig] [10.0.0.18] [10.0.0.17]
2017-06-08 02:49:03 PROTOCOL OPTIONS:
cipher: AES-256-CBC
digest: SHA1
compress: LZO
peer ID: -1
2017-06-08 02:49:03 EVENT: ASSIGN_IP
2017-06-08 02:49:03 Error parsing dhcp-option: [dhcp-option] [WINS] [192.168.70.203] : tun_prop_dhcp_option_error: tun_builder_add_wins_server failed
2017-06-08 02:49:04 Connected via tun
2017-06-08 02:49:04 LZO-ASYM init swap=0 asym=0
2017-06-08 02:49:04 EVENT: CONNECTED @myip.tld:1195 (11.22.33.44) via /UDPv4 on tun/10.0.0.18/ gw=[10.0.0.17/]
2017-06-08 02:49:04 SetStatus Connected
2017-06-08 02:50:04 Session invalidated: KEEPALIVE_TIMEOUT
2017-06-08 02:50:04 Client terminated, restarting in 2000 ms...
2017-06-08 02:50:04 TUN reassert
2017-06-08 02:50:04 TUN reset routes
2017-06-08 02:50:06 EVENT: RECONNECTING
2017-06-08 02:50:06 EVENT: RESOLVE
2017-06-08 02:50:06 Contacting 11.22.33.44:1195 via UDP
2017-06-08 02:50:06 EVENT: WAIT
2017-06-08 02:50:06 SetTunnelSocket returned 1
2017-06-08 02:50:06 Connecting to [myip.tld]:1195 (11.22.33.44) via UDPv4
2017-06-08 02:50:06 EVENT: CONNECTING
2017-06-08 02:50:06 Tunnel Options:V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-client
2017-06-08 02:50:06 Creds: UsernameEmpty/PasswordEmpty
2017-06-08 02:50:06 Peer Info:
IV_GUI_VER=net.openvpn.connect.ios 1.1.1-212
IV_VER=3.1.2
IV_PLAT=ios
IV_NCP=2
IV_TCPNL=1
IV_PROTO=2
IV_LZO=1
IV_AUTO_SESS=1
2017-06-08 02:50:06 VERIFY OK: depth=1
cert. version : 3
serial number : C0:AC:46:33:B6:DB:88:81
issuer name : C=DE, ST=MY STATE, L="My City", O="My organisation", OU=My-ROOT-CA, CN=My-ROOT-CA, ??=My-ROOT-CA, emailAddress=info@mail.tld
subject name : C=DE, ST=MY STATE, L="My City", O="My organisation", OU=My-ROOT-CA, CN=My-ROOT-CA, ??=My-ROOT-CA, emailAddress=info@mail.tld
issued on : 2015-01-05 08:30:12
expires on : 2025-01-02 08:30:12
signed using : RSA with SHA1
RSA key size : 2048 bits
basic constraints : CA=true
2017-06-08 02:50:06 VERIFY OK: depth=0
cert. version : 3
serial number : 01
issuer name : C=DE, ST=MY STATE, L="My City", O="My organisation", OU=My-ROOT-CA, CN=My-ROOT-CA, ??=My-ROOT-CA, emailAddress=info@mail.tld
subject name : C=DE, ST=MY STATE, L="My City", O="My organisation", OU=Netzwerk, CN=openvpn.isential.local, ??=openvpn.isential.local, emailAddress=info@mail.tld
issued on : 2015-01-05 08:33:00
expires on : 2025-01-02 08:33:00
signed using : RSA with SHA-512
RSA key size : 2048 bits
basic constraints : CA=false
cert. type : SSL Server
key usage : Digital Signature, Key Encipherment
ext key usage : TLS Web Server Authentication
2017-06-08 02:50:06 SSL Handshake: TLSv1.2/TLS-DHE-RSA-WITH-AES-256-GCM-SHA384
2017-06-08 02:50:06 Session is ACTIVE
2017-06-08 02:50:06 EVENT: GET_CONFIG
2017-06-08 02:50:06 Sending PUSH_REQUEST to server...
2017-06-08 02:50:06 OPTIONS:
0 [redirect-gateway]
1 [route] [192.168.70.0] [255.255.255.0]
2 [dhcp-option] [DOMAIN] [isential.local]
3 [dhcp-option] [DNS] [192.168.70.203]
4 [dhcp-option] [WINS] [192.168.70.203]
5 [route] [10.0.0.1]
6 [topology] [net30]
7 [ping] [10]
8 [ping-restart] [60]
9 [ifconfig] [10.0.0.18] [10.0.0.17]
2017-06-08 02:50:06 PROTOCOL OPTIONS:
cipher: AES-256-CBC
digest: SHA1
compress: LZO
peer ID: -1
2017-06-08 02:50:06 EVENT: ASSIGN_IP
2017-06-08 02:50:06 Error parsing dhcp-option: [dhcp-option] [WINS] [192.168.70.203] : tun_prop_dhcp_option_error: tun_builder_add_wins_server failed
2017-06-08 02:50:06 Connected via tun
2017-06-08 02:50:06 LZO-ASYM init swap=0 asym=0
2017-06-08 02:50:06 EVENT: CONNECTED @myip.tld:1195 (11.22.33.44) via /UDPv4 on tun/10.0.0.18/ gw=[10.0.0.17/]
2017-06-08 02:50:06 SetStatus Connected
2017-06-08 02:51:06 Session invalidated: KEEPALIVE_TIMEOUT
2017-06-08 02:51:06 Client terminated, restarting in 2000 ms...
2017-06-08 02:51:06 TUN reassert
2017-06-08 02:51:06 TUN reset routes