As the connection is working, other problems pop up. At first I saw at the log some error about the compression, I've added the setting "compress lz4" to the .mobileconfig, and the error was gone.
At the moment no data is coming through
Now I do not know if there is an error, but the server log says:
Code: Select all
Nov 2 17:54:58 pi ovpn-server[405]: 194.230.155.213:63323 TLS: Initial packet from [AF_INET]194.230.155.213:63323, sid=57680604 64c7181b
Nov 2 17:54:58 pi ovpn-server[405]: 194.230.155.213:63323 VERIFY OK: depth=1, CN=ChangeMe
Nov 2 17:54:58 pi ovpn-server[405]: 194.230.155.213:63323 Validating certificate key usage
Nov 2 17:54:58 pi ovpn-server[405]: 194.230.155.213:63323 ++ Certificate has key usage 0080, expects 0080
Nov 2 17:54:58 pi ovpn-server[405]: 194.230.155.213:63323 VERIFY KU OK
Nov 2 17:54:58 pi ovpn-server[405]: 194.230.155.213:63323 Validating certificate extended key usage
Nov 2 17:54:58 pi ovpn-server[405]: 194.230.155.213:63323 ++ Certificate has EKU (str) TLS Web Client Authentication, expects TLS Web Client Authentication
Nov 2 17:54:58 pi ovpn-server[405]: 194.230.155.213:63323 VERIFY EKU OK
Nov 2 17:54:58 pi ovpn-server[405]: 194.230.155.213:63323 VERIFY OK: depth=0, CN=albiiphonevod
Nov 2 17:54:58 pi ovpn-server[405]: 194.230.155.213:63323 peer info: IV_VER=3.2
Nov 2 17:54:58 pi ovpn-server[405]: 194.230.155.213:63323 peer info: IV_PLAT=ios
Nov 2 17:54:58 pi ovpn-server[405]: 194.230.155.213:63323 peer info: IV_NCP=2
Nov 2 17:54:58 pi ovpn-server[405]: 194.230.155.213:63323 peer info: IV_TCPNL=1
Nov 2 17:54:58 pi ovpn-server[405]: 194.230.155.213:63323 peer info: IV_PROTO=2
Nov 2 17:54:58 pi ovpn-server[405]: 194.230.155.213:63323 peer info: IV_LZO_STUB=1
Nov 2 17:54:58 pi ovpn-server[405]: 194.230.155.213:63323 peer info: IV_COMP_STUB=1
Nov 2 17:54:58 pi ovpn-server[405]: 194.230.155.213:63323 peer info: IV_COMP_STUBv2=1
Nov 2 17:54:58 pi ovpn-server[405]: 194.230.155.213:63323 peer info: IV_AUTO_SESS=1
Nov 2 17:54:58 pi ovpn-server[405]: 194.230.155.213:63323 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
Nov 2 17:54:58 pi ovpn-server[405]: 194.230.155.213:63323 [albiiphonevod] Peer Connection Initiated with [AF_INET]194.230.155.213:63323
Nov 2 17:54:58 pi ovpn-server[405]: albiiphonevod/194.230.155.213:63323 MULTI_sva: pool returned IPv4=10.8.0.9, IPv6=(Not enabled)
Nov 2 17:54:58 pi ovpn-server[405]: albiiphonevod/194.230.155.213:63323 MULTI: Learn: 10.8.0.9 -> albiiphonevod/194.230.155.213:63323
Nov 2 17:54:58 pi ovpn-server[405]: albiiphonevod/194.230.155.213:63323 MULTI: primary virtual IP for albiiphonevod/194.230.155.213:63323: 10.8.0.9
Nov 2 17:54:58 pi ovpn-server[405]: albiiphonevod/194.230.155.213:63323 PUSH: Received control message: 'PUSH_REQUEST'
Nov 2 17:54:58 pi ovpn-server[405]: albiiphonevod/194.230.155.213:63323 SENT CONTROL [albiiphonevod]: 'PUSH_REPLY,dhcp-option DNS 10.0.1.3,block-outside-dns,redirect-gateway def1,route-gateway 10.8.0.1,topology subnet,ping 1800,ping-restart 3600,ifconfig 10.8.0.9 255.255.255.0,peer-id 0,cipher AES-256-GCM' (status=1)
Nov 2 17:54:58 pi ovpn-server[405]: albiiphonevod/194.230.155.213:63323 Data Channel Encrypt: Cipher 'AES-256-GCM' initialized with 256 bit key
Nov 2 17:54:58 pi ovpn-server[405]: albiiphonevod/194.230.155.213:63323 Data Channel Decrypt: Cipher 'AES-256-GCM' initialized with 256 bit key
The log of the OpenVPN app says:
Code: Select all
2018-20-02 18:20:38 NIP: iOS reported network status unavailable
2018-20-02 18:20:38 OS Event: NET UNAVAILABLE (PAUSE): Internet:NotReachable/-R tc-----
2018-20-02 18:20:38 NIP: iOS reported network status available
2018-20-02 18:20:38 OS Event: NET AVAILABLE (RESUME): Internet:ReachableViaWWAN/WR t------ allow=1
2018-20-02 18:20:41 RECONNECT TEST: Internet:ReachableViaWWAN/WR t------
2018-20-02 18:20:41 EARLY RECONNECT
2018-20-02 18:20:43 1
2018-20-02 18:20:43 ----- OpenVPN Start -----
OpenVPN core 3.2 ios arm64 64-bit PT_PROXY built on Oct 3 2018 06:35:04
2018-20-02 18:20:43 Frame=512/2048/512 mssfix-ctrl=1250
2018-20-02 18:20:43 UNUSED OPTIONS
7 [link-mtu] [1570]
2018-20-02 18:20:43 EVENT: RESOLVE
2018-20-02 18:20:43 Contacting [XXX.XXX.XXX.XX]:1194/UDP via UDP
2018-20-02 18:20:43 EVENT: WAIT
2018-20-02 18:20:43 Connecting to [vpn.myhost.xyz]:1194 (XXX.XXX.XXX.XX) via UDPv4
2018-20-02 18:20:43 EVENT: CONNECTING
2018-20-02 18:20:43 Tunnel Options:V4,dev-type tun,link-mtu 1570,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-256-CBC,auth SHA256,keysize 256,key-method 2,tls-client
2018-20-02 18:20:43 Creds: UsernameEmpty/PasswordEmpty
2018-20-02 18:20:43 Peer Info:
IV_VER=3.2
IV_PLAT=ios
IV_NCP=2
IV_TCPNL=1
IV_PROTO=2
IV_LZO_STUB=1
IV_COMP_STUB=1
IV_COMP_STUBv2=1
IV_AUTO_SESS=1
2018-20-02 18:20:43 VERIFY OK : depth=1
cert. version : 3
serial number : FC:45:51:9A:D9:4C:7C:8F
issuer name : CN=ChangeMe
subject name : CN=ChangeMe
issued on : 2018-08-28 06:09:26
expires on : 2028-08-25 06:09:26
signed using : RSA with SHA-256
RSA key size : 4096 bits
basic constraints : CA=true
key usage : Key Cert Sign, CRL Sign
2018-20-02 18:20:43 VERIFY OK : depth=0
cert. version : 3
serial number : 01
issuer name : CN=ChangeMe
subject name : CN=server_foxXy0n9hCFWETp9
issued on : 2018-08-28 06:10:04
expires on : 2028-08-25 06:10:04
signed using : RSA with SHA-256
RSA key size : 4096 bits
basic constraints : CA=false
key usage : Digital Signature, Key Encipherment
ext key usage : TLS Web Server Authentication
2018-20-02 18:20:44 SSL Handshake: TLSv1.2/TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384
2018-20-02 18:20:44 Session is ACTIVE
2018-20-02 18:20:44 EVENT: GET_CONFIG
2018-20-02 18:20:44 Sending PUSH_REQUEST to server...
2018-20-02 18:20:44 OPTIONS:
0 [dhcp-option] [DNS] [10.0.1.3]
1 [dhcp-option] [DNS] [10.0.1.3]
2 [block-outside-dns]
3 [redirect-gateway] [def1]
4 [route-gateway] [10.8.0.1]
5 [topology] [subnet]
6 [ping] [1800]
7 [ping-restart] [3600]
8 [ifconfig] [10.8.0.9] [255.255.255.0]
9 [peer-id] [0]
10 [cipher] [AES-256-GCM]
2018-20-02 18:20:44 PROTOCOL OPTIONS:
cipher: AES-256-GCM
digest: SHA256
compress: COMP_STUB
peer ID: 0
2018-20-02 18:20:44 EVENT: ASSIGN_IP
2018-20-02 18:20:44 NIP: preparing TUN network settings
2018-20-02 18:20:44 NIP: init TUN network settings with endpoint: XXX.XXX.XXX.XX
2018-20-02 18:20:44 NIP: adding IPv4 address to network settings 10.8.0.9/255.255.255.0
2018-20-02 18:20:44 NIP: adding (included) IPv4 route 10.8.0.0/24
2018-20-02 18:20:44 NIP: redirecting all IPv4 traffic to TUN interface
2018-20-02 18:20:44 NIP: adding DNS 10.0.1.3
2018-20-02 18:20:44 NIP: adding DNS 10.0.1.3
2018-20-02 18:20:44 Connected via NetworkExtensionTUN
2018-20-02 18:20:44 LZO-ASYM init swap=0 asym=1
2018-20-02 18:20:44 Comp-stub init swap=1
2018-20-02 18:20:44 EVENT: CONNECTED vpn.myhost.xyz:1194 (XXX.XXX.XXX.XX) via /UDPv4 on NetworkExtensionTUN/10.8.0.9/ gw=[/]