I haven't made any changes to my router or firewall configuration. I'm using an Edgerouter Lite. The firewall allows 1194/UDP on both WAN_IN and WAN_LOCAL. The port 1194/UDP is forwarded to port 1194 on my OpenVPN box. This configuration has worked fine for months.
On the OpenVPN machine, UFW is running and wllowing 1194/UDP. I also tried with UFW disabled and there is no change. A tcpdump seems to show traffic getting through to it when I try to make a connection from my phone (addresses changed just for security) but no connection on the OpenVPN app is ever made (it eventually times out).
Code: Select all
sudo tcpdump -i ens18 udp port 1194
sudo: unable to resolve host home
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on ens18, link-type EN10MB (Ethernet), capture size 262144 bytes
17:55:57.113209 IP 192.168.1.1.38496 > mydomain.net.openvpn: UDP, length 54
17:55:58.108123 IP 192.168.1.1.38496 > mydomain.net.openvpn: UDP, length 54
17:55:59.120424 IP 192.168.1.1.38496 > mydomain.net.openvpn: UDP, length 54
17:55:59.213690 IP 192.168.1.1.42609 > mydomain.net.openvpn: UDP, length 54
17:56:06.038529 IP 36.sub-000-000-000.myvzw.com.12494 > mydomain.net.openvpn: UDP, length 54
17:56:06.910423 IP 36.sub-000-000-000.myvzw.com.12494 > mydomain.net.openvpn: UDP, length 54
17:56:07.911153 IP 36.sub-000-000-000.myvzw.com.12494 > mydomain.net.openvpn: UDP, length 54
17:56:08.911117 IP 36.sub-000-000-000.myvzw.com.12494 > mydomain.net.openvpn: UDP, length 54
17:56:09.911225 IP 36.sub-000-000-000.myvzw.com.12494 > mydomain.net.openvpn: UDP, length 54
17:56:10.911615 IP 36.sub-000-000-000.myvzw.com.12494 > mydomain.net.openvpn: UDP, length 54
17:56:11.918871 IP 36.sub-000-000-000.myvzw.com.12494 > mydomain.net.openvpn: UDP, length 54
17:56:12.910859 IP 36.sub-000-000-000.myvzw.com.12494 > mydomain.net.openvpn: UDP, length 54
17:56:13.912131 IP 36.sub-000-000-000.myvzw.com.12494 > mydomain.net.openvpn: UDP, length 54
17:56:14.911992 IP 36.sub-000-000-000.myvzw.com.12494 > mydomain.net.openvpn: UDP, length 54
17:56:15.818226 IP 192.168.1.1.42609 > mydomain.net.openvpn: UDP, length 54
17:56:15.931240 IP 36.sub-000-000-000.myvzw.com.12495 > mydomain.net.openvpn: UDP, length 54
17:56:16.918808 IP 36.sub-000-000-000.myvzw.com.12495 > mydomain.net.openvpn: UDP, length 54
17:56:17.910613 IP 36.sub-000-000-000.myvzw.com.12495 > mydomain.net.openvpn: UDP, length 54
17:56:18.911016 IP 36.sub-000-000-000.myvzw.com.12495 > mydomain.net.openvpn: UDP, length 54
17:56:19.910662 IP 36.sub-000-000-000.myvzw.com.12495 > mydomain.net.openvpn: UDP, length 54
17:56:20.910780 IP 36.sub-000-000-000.myvzw.com.12495 > mydomain.net.openvpn: UDP, length 54
17:56:21.911083 IP 36.sub-000-000-000.myvzw.com.12495 > mydomain.net.openvpn: UDP, length 54
17:56:22.910943 IP 36.sub-000-000-000.myvzw.com.12495 > mydomain.net.openvpn: UDP, length 54
17:56:23.911121 IP 36.sub-000-000-000.myvzw.com.12495 > mydomain.net.openvpn: UDP, length 54
The tunnel is up and the service is running properly. I've already tried restarting the service and rebooting.
Code: Select all
4: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN group default qlen 100
link/none
inet 10.8.0.1 peer 10.8.0.2/32 scope global tun0
valid_lft forever preferred_lft forever
● openvpn@server.service - OpenVPN connection to server
Loaded: loaded (/lib/systemd/system/openvpn@.service; enabled; vendor preset: enabled)
Active: active (running) since Mon 2018-06-04 17:23:41 EDT; 50min ago
Docs: man:openvpn(8)
https://community.openvpn.net/openvpn/wiki/Openvpn23ManPage
https://community.openvpn.net/openvpn/wiki/HOWTO
Main PID: 8268 (openvpn)
CGroup: /system.slice/system-openvpn.slice/openvpn@server.service
└─8268 /usr/sbin/openvpn --daemon ovpn-server --status /run/openvpn/server.status 10 --cd /etc/openvpn --script-security 2 --config /etc/openvpn/server.conf --writepid /run/openvpn/server.pid
Jun 04 17:23:41 home ovpn-server[8268]: /sbin/ip route add 10.8.0.0/24 via 10.8.0.2
Jun 04 17:23:41 home ovpn-server[8268]: GID set to nogroup
Jun 04 17:23:41 home ovpn-server[8268]: UID set to nobody
Jun 04 17:23:41 home ovpn-server[8268]: UDPv4 link local (bound): [undef]
Jun 04 17:23:41 home ovpn-server[8268]: UDPv4 link remote: [undef]
Jun 04 17:23:41 home ovpn-server[8268]: MULTI: multi_init called, r=256 v=256
Jun 04 17:23:41 home ovpn-server[8268]: IFCONFIG POOL: base=10.8.0.4 size=62, ipv6=0
Jun 04 17:23:41 home ovpn-server[8268]: IFCONFIG POOL LIST
Jun 04 17:23:41 home ovpn-server[8268]: Initialization Sequence Completed
Jun 04 17:23:41 home systemd[1]: Started OpenVPN connection to server.