Page 1 of 1

OpenVPN 3.0.2 (894) and iOS12 - not working

Posted: Fri Oct 05, 2018 4:04 pm
by Curval1230
I'm running OpenVPN on a Ubuntu 18.04 LTS Server, Protocoll TCP on Port 443.
Connecting from a Windows Client works fine - connecting with my iOS12 Devices doesn't work.

I get the VPN indicator that it is connected to the vpn - but there is no traffic over the tunnel.
The problem started with upgrading the client app to 3.0.2.
Checking the logs, i couldn't see any errors oder indications, what causes the problem.

I'm runnung the openVPN Server now for years without a problem.

Any idea?

Regards Michael

Re: OpenVPN 3.0.2 (894) and iOS12 - not working

Posted: Mon Oct 08, 2018 4:39 am
by cbx
This is probably related to "Disabled "Compression" by default (because it is insecure)" line in 3.0.2 changelog: https://itunes.apple.com/us/app/openvpn ... 79981?mt=8 (see "Version History")

The client has an option to enable/disable compression, but it doesn't help.

What helps is to disable compression in the server config. For me it was these two lines:

Code: Select all

# compress lz4-v2
# push "compress lz4-v2"
I created a ticket for this issue: https://community.openvpn.net/openvpn/ticket/1126

Re: OpenVPN 3.0.2 (894) and iOS12 - not working

Posted: Wed Oct 17, 2018 9:51 pm
by darksky
Possible to make this a sticky? Chasing this down cost me 2 hours of my afternoon :D

Re: OpenVPN 3.0.2 (894) and iOS12 - not working

Posted: Wed Oct 17, 2018 9:53 pm
by TinCanTech
Things like VORACLE should probably be "Announcements" .. but who do we complain to ?

Re: OpenVPN 3.0.2 (894) and iOS12 - not working

Posted: Thu Oct 18, 2018 12:20 pm
by ecrist
darksky wrote:
Wed Oct 17, 2018 9:51 pm
Possible to make this a sticky? Chasing this down cost me 2 hours of my afternoon :D
Ask and ye shall receive!

Re: OpenVPN 3.0.2 (894) and iOS12 - not working

Posted: Thu Nov 01, 2018 10:53 pm
by ClemFM
cbx wrote:
Mon Oct 08, 2018 4:39 am
This is probably related to "Disabled "Compression" by default (because it is insecure)" line in 3.0.2 changelog: https://itunes.apple.com/us/app/openvpn ... 79981?mt=8 (see "Version History")

The client has an option to enable/disable compression, but it doesn't help.

What helps is to disable compression in the server config. For me it was these two lines:

Code: Select all

# compress lz4-v2
# push "compress lz4-v2"
I created a ticket for this issue: https://community.openvpn.net/openvpn/ticket/1126
This solution has not worked for me :cry:

Re: OpenVPN 3.0.2 (894) and iOS12 - not working

Posted: Thu Dec 13, 2018 9:20 am
by jafree
Is there going to be a fix for this? It's really annoying that my iOS devices no longer work because they can't support compression. I tried the compression setting in the app and as was noted here, it does nothing.

Re: OpenVPN 3.0.2 (894) and iOS12 - not working

Posted: Wed Dec 19, 2018 7:30 am
by NJL
Thank you. Perhaps it's my misunderstanding of OpenVPN or how pivpn configures things - I also needed to update all my client configs which is slightly painful.

Re: OpenVPN 3.0.2 (894) and iOS12 - not working

Posted: Fri Jan 11, 2019 2:24 pm
by Yanikdude
I have the same issue with my iPhone 6s on iOS 12.1.2 - No compression. Have tried enabling on the server (QNAP) and App. Still not working

Same cert,confgi, user and pass work perfecting on my old iPad - it uses the old app.

be great if this could be fixed.

Re: OpenVPN 3.0.2 (894) and iOS12 - not working

Posted: Sun Feb 03, 2019 12:15 pm
by hagensieker
I just noticed my OpenVPN connect wasn't working on iPhone where I have auto updates and 3.0.2. I can only NOT connect from my iPhone. Both my iPads and Mac and Linux computers connect flawlessly. Been using it for years and love it. My OpenVPN is set up on pfSense.

In the interim until this get straightened out I just made an IPSec VPN but make no mistake I'll go back to my OpenVPN server when this gets sorted out.

My IPsec config
https://www.hagensieker.com/wordpress/2019/02/03/ipsec-vpn-on-pfsense-to-replace-openvpn-connect-on-ios/

Re: OpenVPN 3.0.2 (894) and iOS12 - not working

Posted: Sun Feb 17, 2019 6:03 pm
by shodan3
I got it working by going into the client and enabling AES-CBC cipher algorithm on the ios open vpn client.

Re: OpenVPN 3.0.2 (894) and iOS12 - not working

Posted: Mon Feb 18, 2019 5:20 pm
by Yanikdude
TO update: Still broken, no compression ever used and tried the above suggestions.

Re: OpenVPN 3.0.2 (894) and iOS12 - not working

Posted: Mon Mar 11, 2019 4:49 pm
by hata
I have my OpenVPN server which is set up with compress lz4-v2.

I got stuck on this problem, too.

My solution was just setting the "Allow Compression (insecure)" from "NO (default)" to "FULL".
(The other settings are left as the defaults.)

Re: OpenVPN 3.0.2 (894) and iOS12 - not working

Posted: Wed Mar 27, 2019 10:32 am
by a6115117
Does anyone know the error?

I could connect on my Windows and transfer the traffic. But on the iPhone, I can only connect but only several bytes of traffic at the beginning of the connection, then I cannot see the traffic.

What's weird is I can use the ssh connection (which is an app) in iPhone when the VPN is connected.

I have tried every option about the compression button, which does not work.

Please give me some hints for this issue.

Re: OpenVPN 3.0.2 (894) and iOS12 - not working

Posted: Thu Apr 04, 2019 8:31 am
by Yanikdude
Ive fixed it!!!!

So, fed up with no movement here so downloaded Passpartout VPN client. I have a separate .ca file and there is a simple workaround here https://passepartoutvpn.app/faq/#the-configuration-file-contains-an-unsupported-option-external-file. copy all of the .ca contents into the .opvn file between the ....

My VPN to my QNAP now works perfectly.

Re: OpenVPN 3.0.2 (894) and iOS12 - not working

Posted: Thu Apr 04, 2019 12:32 pm
by TinCanTech
Yanikdude wrote:
Thu Apr 04, 2019 8:31 am
fed up with no movement here so downloaded Passpartout VPN client
This is what happens when you hijack a thread which has already been answered and solved.

Your solution has nothing to do with compression.

In future, please start your own thread and include these details