I've noticed there's been a few problems with these articles having read through other posts on here. I went through this tutorial completing all the steps, all works fine, I am able to connect to my server using the OpenVPN app on my iPhone, however the internet won't work.
I originally got the error "route is not canonical" similar to topic20757.html but I managed to fix this.
Now, I get the error "TUN write error: cannot identify IP version for prefix"
I can connect from when i am using the same wifi and when using public wifi in a different location, but no internet.
Another thing I should add is, when i type my dynamic dns domain name into the address, nothing will load (is it meant to?) but it will update my openvpn log when my IP address changes.
I will post my settings here, any help will be much appreciated!
$ ifconfig
Code: Select all
eth0 Link encap:Ethernet HWaddr b8:27:eb:f4:7b:fb
inet addr:192.168.1.149 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::2efc:e5ba:5e3e:a8aa/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:177097 errors:0 dropped:905 overruns:0 frame:0
TX packets:24811 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
# then lo and tun0 #
Code: Select all
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.1.254 0.0.0.0 UG 202 0 0 eth0
10.8.0.0 10.8.0.2 255.255.255.0 UG 0 0 0 tun0
10.8.0.2 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
192.168.1.0 0.0.0.0 255.255.255.0 U 202 0 0 eth0
Code: Select all
# interfaces(5) file used by ifup(8) and ifdown(8)
Please note that this file is written to be used with dhcpcd# For static IP, consult /etc/dhcpcd.conf and 'man dhcpcd.conf'
# Include files from /etc/network/interfaces.d:
source-directory /etc/network/interfaces.d
auto lo
iface lo inet loopback
iface eth0 inet static
inet addr 192.168.1.149
netmask 255.255.255.0
network 192.168.1.0
broadcast 192.168.1.255
gateway 192.168.1.254
pre-up /etc/firewall-openvpn-rules.sh
allow-hotplug wlan0
iface wlan0 inet manual
wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf
allow-hotplug wlan1
iface wlan1 inet manual
wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf
Code: Select all
local 192.168.1.149
dev tun
proto udp
port 1194
ca /etc/openvpn/easy-rsa/keys/ca.crt
cert /etc/openvpn/easy-rsa/keys/iconnect.crt # SWAP XX WITH YOUR SERVER NAME
key /etc/openvpn/easy-rsa/keys/iconnect.key # SWAP XX WITH YOUR SERVER NAME
dh /etc/openvpn/easy-rsa/keys/dh1024.pem # IF YOU CHANGED YOUR ENCRYPTION TO 2048, CHANGE THAT HERE
server 10.8.0.0 255.255.255.0
# server and remote endpoints
ifconfig 10.8.0.1 10.8.0.2 # i tried deleting this as previously suggested but still doesn't work
# Add route to Client routing table for the OpenVPN Server
push "route 10.8.0.1 255.255.255.255" # …. #
# Add route to Client routing table for the OpenVPN Subnet
push "route 10.8.0.0 255.255.255.0" # …. #
# your local subnet
push "route 192.168.1.0 255.255.255.0" # SWAP THE IP NUMBER WITH YOUR RASPBERRY PI IP ADDRESS
# Set primary domain name server address to the SOHO Router
# If your router does not do DNS, you can use Google DNS 8.8.8.8 # originally I tried my own router address, but changed to it 8.8.8.8
push "dhcp-option DNS 8.8.8.8" # THIS SHOULD ALREADY MATCH YOUR OWN ROUTER ADDRESS AND SHOULD NOT NEED TO BE CHANGED
# Override the Client default gateway by using 0.0.0.0/1 and
# 128.0.0.0/1 rather than 0.0.0.0/0. This has the benefit of
# overriding but not wiping out the original default gateway.
push "redirect-gateway def1"
client-to-client
duplicate-cn
keepalive 10 120
tls-auth /etc/openvpn/easy-rsa/keys/ta.key 0
cipher AES-128-CBC
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status /var/log/openvpn-status.log 20
log /var/log/openvpn.log
verb 6
Code: Select all
client
dev tun
proto udp
remote <my_dns_domain_name> 1194
resolv-retry infinite
nobind
persist-key
persist-tun
mute-replay-warnings
ns-cert-type server
key-direction 1
cipher AES-128-CBC
compo-lzo
verb 6
mute 20
Code: Select all
2016-03-09 23:18:52 ----- OpenVPN Start -----
OpenVPN core 3.0 ios armv7s thumb2 32-bit
2016-03-09 23:18:52 UNUSED OPTIONS
4 [resolv-retry] [infinite]
5 [nobind]
6 [persist-key]
7 [persist-tun]
8 [mute-replay-warnings]
12 [compo-lzo]
13 [verb] [1]
14 [mute] [20]
2016-03-09 23:18:52 EVENT: RESOLVE
2016-03-09 23:18:53 Contacting <MY_IP_ADDRESS>:1194 via UDP
2016-03-09 23:18:53 EVENT: WAIT
2016-03-09 23:18:53 SetTunnelSocket returned 1
2016-03-09 23:18:53 Connecting to <my_dynamic_domain_name>:1194 (<MYIPADDRESS>) via UDPv4
2016-03-09 23:18:53 EVENT: CONNECTING
2016-03-09 23:18:53 Tunnel Options:V4,dev-type tun,link-mtu 1557,tun-mtu 1500,proto UDPv4,keydir 1,cipher AES-128-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-client
2016-03-09 23:18:53 Peer Info:
IV_GUI_VER=net.openvpn.connect.ios 1.0.5-177
IV_VER=3.0
IV_PLAT=ios
IV_NCP=1
2016-03-09 23:18:53 VERIFY OK: depth=1
2016-03-09 23:18:53 VERIFY OK: depth=0
2016-03-09 23:18:54 SSL Handshake: TLSv1.0/TLS-DHE-RSA-WITH-AES-256-CBC-SHA
2016-03-09 23:18:54 Session is ACTIVE
2016-03-09 23:18:54 EVENT: GET_CONFIG
2016-03-09 23:18:54 Sending PUSH_REQUEST to server...
2016-03-09 23:18:54 OPTIONS:
0 [route] [192.168.1.0] [255.255.255.0]
1 [dhcp-option] [DNS] [8.8.8.8]
2 [redirect-gateway] [def1]
3 [route] [10.8.0.0] [255.255.255.0]
4 [topology] [net30]
5 [ping] [10]
6 [ping-restart] [120]
7 [ifconfig] [10.8.0.6] [10.8.0.5]
2016-03-09 23:18:54 EVENT: ASSIGN_IP
2016-03-09 23:18:54 TunPersist: saving tun context:
Session Name: <my_dynamic_domain_name>
Remote Address: MY_IP_ADDRESS
Tunnel Addresses:
Reroute Gateway: IPv4=1 IPv6=0 flags=[ ENABLE REROUTE_GW DEF1 IPv4 ]
Block IPv6: no
Add Routes:
Exclude Routes:
DNS Servers:
8.8.8.8
Search Domains:
2016-03-09 23:18:54 Connected via tun
2016-03-09 23:18:54 EVENT: CONNECTED @<my_dynamic_domain_name>:1194 (MY_IP_ADDRESS) via /UDPv4 on tun/10.8.0.6/
2016-03-09 23:18:54 SetStatus Connected
2016-03-09 23:19:04 TUN write error: cannot identify IP version for prefix
2016-03-09 23:19:14 TUN write error: cannot identify IP version for prefix
2016-03-09 23:19:24 TUN write error: cannot identify IP version for prefix
2016-03-09 23:19:34 TUN write error: cannot identify IP version for prefix
2016-03-09 23:19:44 TUN write error: cannot identify IP version for prefix
2016-03-09 23:19:54 TUN write error: cannot identify IP version for prefix
2016-03-09 23:20:04 TUN write error: cannot identify IP version for prefix
2016-03-09 23:20:14 TUN write error: cannot identify IP version for prefix
2016-03-09 23:20:25 TUN write error: cannot identify IP version for prefix
2016-03-09 23:20:36 TUN write error: cannot identify IP version for prefix
2016-03-09 23:20:46 TUN write error: cannot identify IP version for prefix
2016-03-09 23:20:55 TUN write error: cannot identify IP version for prefix
2016-03-09 23:21:05 TUN write error: cannot identify IP version for prefix
2016-03-09 23:21:16 TUN write error: cannot identify IP version for prefix
2016-03-09 23:21:25 TUN write error: cannot identify IP version for prefix
2016-03-09 23:21:36 TUN write error: cannot identify IP version for prefix
2016-03-09 23:21:46 TUN write error: cannot identify IP version for prefix
2016-03-09 23:21:56 TUN write error: cannot identify IP version for prefix
2016-03-09 23:22:06 TUN write error: cannot identify IP version for prefix
2016-03-09 23:22:17 TUN write error: cannot identify IP version for prefix
2016-03-09 23:22:26 TUN write error: cannot identify IP version for prefix
2016-03-09 23:22:37 TUN write error: cannot identify IP version for prefix
2016-03-09 23:22:47 TUN write error: cannot identify IP version for prefix
2016-03-09 23:23:09 TUN reset routes
2016-03-09 23:23:09 EVENT: DISCONNECTED
2016-03-09 23:23:09 Raw stats on disconnect:
BYTES_IN : 6820
BYTES_OUT : 14145
PACKETS_IN : 63
PACKETS_OUT : 133
TUN_BYTES_IN : 5583
TUN_PACKETS_IN : 80
TUN_FRAMING_ERROR : 23
2016-03-09 23:23:09 Performance stats on disconnect:
CPU usage (microseconds): 142085
Tunnel compression ratio (downlink): inf
Network bytes per CPU second: 147552
Tunnel bytes per CPU second: 39293
2016-03-09 23:23:09 ----- OpenVPN Stop -----
$ ddclient
Code: Select all
daemon=1200
syslog=yes
mail=root
mail-failure=root
pid=/var/run/ddclient.pid
use=web, web=ip.changeip.com
protocol=dyndns2 # one forum said this should be changeip not dyndns2
server=nic.changeip.com
login=mypassword
password=mypassword
<my_dynamic_domain name>
Thanks