Failing to connect to OpenVPN on iOS/MacOS via .mobileconfig

Official client software for OpenVPN Access Server and OpenVPN Cloud.
Post Reply
jwehbe
OpenVpn Newbie
Posts: 2
Joined: Mon Nov 26, 2018 5:43 pm

Failing to connect to OpenVPN on iOS/MacOS via .mobileconfig

Post by jwehbe » Mon Nov 26, 2018 6:27 pm

I cannot get my iPhone or MacOS to connect to my OpenVPN server with my .mobileconfig profile via Apple Configurator 2. When I try to connect via Apple's native VPN clients it instantly stops without error, I'm assuming this is a syntax error, the following is my .ovpn and .mobileconfig code without my real server IP (192.168.1.1) and real user/password. Please advise how I can connect .. thank you !

Working .OVPN Profile

Code: Select all

##########
# OpenVPN V2.0 
dev tun
proto udp
remote 192.168.1.1 1194
cipher AES-128-CBC
auth SHA1
resolv-retry infinite
nobind
persist-key
persist-tun
client
verb 3
auth-user-pass
##########
Non- working.mobileconfig Profile
I referenced from mainly here: https://openvpn.net/faq/can-i-import-an ... nfig-file/#

Code: Select all

<?xml version="1.0" encoding="UTF-8"?>
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
	<key>ConsentText</key>
	<dict>
		<key>default</key>
		<string>concent ?</string>
	</dict>
	<key>PayloadContent</key>
	<array>
		<dict>
			<key>IPv4</key>
			<dict>
				<key>OverridePrimary</key>
				<integer>0</integer>
			</dict>
			<key>PayloadDescription</key>
			<string>Configures VPN settings</string>
			<key>PayloadDisplayName</key>
			<string>VPN</string>
			<key>PayloadIdentifier</key>
			<string>com.apple.vpn.managed.5549944C-6074-462B-A3D4-FB5E29968E9D</string>
			<key>PayloadType</key>
			<string>com.apple.vpn.managed</string>
			<key>PayloadUUID</key>
			<string>5549944C-6074-462B-A3D4-FB5E29968E9D</string>
			<key>PayloadVersion</key>
			<integer>1</integer>
			<key>Proxies</key>
			<dict>
				<key>HTTPEnable</key>
				<integer>0</integer>
				<key>HTTPSEnable</key>
				<integer>0</integer>
			</dict>
			<key>UserDefinedName</key>
			<string>-openvpn</string>
			<key>VPN</key>
			<dict>
				<key>AuthenticationMethod</key>
				<string>Password</string>
				<key>RemoteAddress</key>
				<string>DEFAULT</string>
			</dict>
			<key>VPNSubType</key>
			<string>net.openvpn.connect.app</string>
			<key>VPNType</key>
			<string>VPN</string>
			<key>VendorConfig</key>
			<dict>
				<key>auth</key>
				<string>SHA1</string>
				<key>auth-user-pass</key>
				<string>user1\npassword</string>
				<key>ca</key>
				<string>-----BEGIN CERTIFICATE-----OMITTED\n-----END CERTIFICATE-----\n</string>
				<key>cert</key>
				<string>-----BEGIN CERTIFICATE-----OMITTED\n-----END CERTIFICATE-----\n</string>
				<key>cipher</key>
				<string>AES-128-CBC</string>
				<key>client</key>
				<string>NOARGS</string>
				<key>dev</key>
				<string>tun</string>
				<key>key</key>
				<string>-----BEGIN PRIVATE KEY-----OMITTED\n-----END PRIVATE KEY-----\n</string>
				<key>nobind</key>
				<string>NOARGS</string>
				<key>proto</key>
				<string>udp</string>
				<key>remote</key>
				<string>192.168.1.1 1194</string>
				<key>resolv-retry</key>
				<string>infinite</string>
				<key>verb</key>
				<string>3</string>
				<key>vpn-on-demand</key>
				<string>0</string>
			</dict>
		</dict>
	</array>
	<key>PayloadDescription</key>
	<string>its a vpn</string>
	<key>PayloadDisplayName</key>
	<string>openvpn</string>
	<key>PayloadIdentifier</key>
	<string>admins-Mac.AD111420-F503-412A-B026-83CBEEAAF8D7</string>
	<key>PayloadOrganization</key>
	<string>openvpn</string>
	<key>PayloadRemovalDisallowed</key>
	<false/>
	<key>PayloadType</key>
	<string>Configuration</string>
	<key>PayloadUUID</key>
	<string>6FF4D875-B744-4990-9C3C-DA57CA754869</string>
	<key>PayloadVersion</key>
	<integer>1</integer>
</dict>
</plist>


jwehbe
OpenVpn Newbie
Posts: 2
Joined: Mon Nov 26, 2018 5:43 pm

Re: Failing to connect to OpenVPN on iOS/MacOS via .mobileconfig

Post by jwehbe » Tue Nov 27, 2018 10:31 am

I can pay a bit for this, PM me.

Post Reply