I didn’t change my configuration files and my iPad Air with iOS version 10.3.3 is still working with the same configuration. Could anybody tell me, if there is a legacy option, to get the same behaviour like in the old OpenVPN 2.3.4 (debian Jessie)? Do you have any other idea to get my iPad 1 connected again?
Thank you and best regards
Here my config files and loggings for this issue.
server 192.168.5.0 255.255.255.128
ifconfig-pool-persist ipad/ipp_ipad.txt
push "redirect-gateway def1"
tls-server
dev tun-ipad
client-to-client
proto tcp-server
port XXX
ca ipad/ca.crt
cert ipad/server.crt
key ipad/server.key
crl-verify ipad/crl.pem
dh ipad/dh2048.pem
tls-auth ipad/tls_auth.key
keepalive 10 60
ping-timer-rem
persist-tun
persist-key
user nobody
group nogroup
daemon openvpn_ipad
verb 3
script-security 2
client
tls-client
dev tun
remote server_name.de
resolv-retry infinite
nobind
proto tcp-client
port XXX
persist-tun
persist-key
user nobody
group nogroup
<ca>
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
</ca>
<tls-auth>
-----BEGIN OpenVPN Static key V1-----
...
-----END OpenVPN Static key V1-----
</tls-auth>
<cert>
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
...
-----END PRIVATE KEY-----
</key>
Here my iPad logging file. You can see the full exception in row 26.
2018-04-14 22:04:48 Connecting to server_name.de:XXX (XXX.XXX.XXX.XXX) via TCPv4
2018-04-14 22:04:48 EVENT: CONNECTING
2018-04-14 22:04:48 Tunnel Options:V4,dev-type tun,link-mtu 1543,tun-mtu 1500,proto TCPv4_CLIENT,cipher BF-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-client
2018-04-14 22:04:48 Peer Info:
IV_VER=1.0
IV_PLAT=ios
IV_NCP=1
2018-04-14 22:04:48 VERIFY OK: depth=0
cert. version : 3
serial number : 01
issuer name : C=DE, ST=SA, L=City, O=Org, OU=extern VPN, CN=client_name CA, 0x29=OpenVPN SSL, emailAddress=client_name@server.homenet
subject name : C=DE, ST=SA, L=City, O=Org, OU=extern VPN, CN=server, 0x29=OpenVPN SSL, emailAddress=info@server.homenet
issued on : 2013-08-29 15:09:16
expires on : 2023-08-27 15:09:16
signed using : RSA+SHA256
RSA key size : 2048 bits
2018-04-14 22:04:48 VERIFY OK: depth=1
cert. version : 3
serial number : BA:A6:99:89:1D:D6:59:46
issuer name : C=DE, ST=SA, L=City, O=Org, OU=extern VPN, CN=client_name CA, 0x29=OpenVPN SSL, emailAddress=client_name@server.homenet
subject name : C=DE, ST=SA, L=City, O=Org, OU=extern VPN, CN=server CA, 0x29=OpenVPN SSL, emailAddress=info@server.homenet
issued on : 2013-08-29 15:08:48
expires on : 2023-08-27 15:08:48
signed using : RSA+SHA256
RSA key size : 2048 bits
2018-04-14 22:04:50 Client exception in transport_recv_excode: PolarSSL: SSL read error : SSL - Verification of the message MAC failed
2018-04-14 22:04:50 Client terminated, restarting in 2...
2018-04-14 22:04:51 EVENT: DISCONNECTED
2018-04-14 22:04:51 Raw stats on disconnect:
BYTES_IN : 8254
BYTES_OUT : 4814
PACKETS_IN : 14
PACKETS_OUT : 16
TCP_CONNECT_ERROR : 2
SSL_ERROR : 2
N_RECONNECT : 3
2018-04-14 22:04:51 Performance stats on disconnect:
CPU usage (microseconds): 2067789
Network bytes per CPU second: 6319
Tunnel bytes per CPU second: 0
2018-04-14 22:04:51 ----- OpenVPN Stop -----