Android client does not connect OpenVPN

This forum is for admins who are looking to build or expand their OpenVPN setup.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
ketues
OpenVpn Newbie
Posts: 6
Joined: Sun Nov 04, 2018 3:24 pm

Android client does not connect OpenVPN

Post by ketues » Sun Nov 04, 2018 3:40 pm

Good afternoon. I have a problem with my OpenVPN server that I am not able to solve. I no longer have ideas to fix it, so I ask you for help to see if you can come up with a solution.

For 1 year my OpenVPN worked perfectly, I changed the router of the telephone company and I stopped running OpenVPN. In the new router I have opened the TCP / UDP ports to natear the IP of the server.

The server is a raspberry pi 2.

The client is an Android 7 phone.

This is the OpenVPN client log:

Code: Select all

15:42:14.295 -- ----- OpenVPN Start -----

15:42:14.296 -- EVENT: CORE_THREAD_ACTIVE

15:42:14.302 -- Frame=512/2048/512 mssfix-ctrl=1250

15:42:14.307 -- UNUSED OPTIONS
4 [resolv-retry] [infinite] 
5 [nobind] 
6 [persist-key] 
7 [persist-tun] 
11 [verify-x509-name] [server_D2SVcFLhsDCR] [name] 
15 [verb] [3] 


15:42:14.309 -- EVENT: RESOLVE

15:42:14.320 -- Contacting 95.160.128.123:51025 via TCP

15:42:14.322 -- EVENT: WAIT

15:42:14.358 -- Connecting to [dominio.com]:51025 (95.160.128.123) via TCPv4

15:42:14.401 -- EVENT: CONNECTING

15:42:14.405 -- Tunnel Options:V4,dev-type tun,link-mtu 1572,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,keydir 1,cipher AES-256-CBC,auth SHA256,keysize 256,tls-auth,key-method 2,tls-client

15:42:14.408 -- Creds: UsernameEmpty/PasswordEmpty

15:42:14.410 -- Peer Info:
IV_GUI_VER=OC30Android
IV_VER=3.2
IV_PLAT=android
IV_NCP=2
IV_TCPNL=1
IV_PROTO=2
IV_LZO=1
IV_AUTO_SESS=1


15:42:14.641 -- VERIFY OK : depth=1
cert. version     : 3
serial number     : E2:18:54:E0:20:62:E0:E0
issuer name       : CN=ChangeMe
subject name      : CN=ChangeMe
issued  on        : 2018-04-27 20:11:59
expires on        : 2028-04-24 20:11:59
signed using      : RSA with SHA-256
RSA key size      : 2048 bits
basic constraints : CA=true
key usage         : Key Cert Sign, CRL Sign


15:42:14.643 -- VERIFY OK : depth=0
cert. version     : 3
serial number     : 01
issuer name       : CN=ChangeMe
subject name      : CN=server_D2SVc2LhsDCR
issued  on        : 2018-04-27 20:12:07
expires on        : 2028-04-24 20:12:07
signed using      : RSA with SHA-256
RSA key size      : 2048 bits
basic constraints : CA=false
key usage         : Digital Signature, Key Encipherment
ext key usage     : TLS Web Server Authentication


15:42:14.838 -- TCP recv EOF

15:42:14.840 -- Transport Error: Transport error on 'dominio.com: NETWORK_EOF_ERROR

15:42:14.841 -- EVENT: TRANSPORT_ERROR info='Transport error on 'dominio.com: NETWORK_EOF_ERROR'

15:42:14.845 -- Client terminated, restarting in 5000 ms...

15:42:19.845 -- EVENT: RECONNECTING

15:42:19.854 -- EVENT: RESOLVE
On the Raspberry with the command: "netstat -atn" I see that the communication arrives at port 51025 as established

Code: Select all

pi@server:~ $ netstat -atn
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State      
tcp        0      0 0.0.0.0:51025           0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN     
tcp        0      0 192.168.1.199:51025     31.42.159.116:2479       ESTABLISHED
tcp        0    172 192.168.1.199:22        192.168.1.50:38336      ESTABLISHED
tcp6       0      0 :::80                   :::*                    LISTEN     
tcp6       0      0 :::22                   :::*                    LISTEN     
What I can do?

Thank you!!

flint2003
OpenVPN User
Posts: 23
Joined: Mon Sep 24, 2018 11:48 am

Re: Android client does not connect OpenVPN

Post by flint2003 » Fri Nov 16, 2018 10:54 am

Hi all.
It seems to me that the best way will be to install a new client on WIndows machine and test the new connection
It will the integer answer about the workability of your system

ketues
OpenVpn Newbie
Posts: 6
Joined: Sun Nov 04, 2018 3:24 pm

Re: Android client does not connect OpenVPN

Post by ketues » Sun Feb 03, 2019 6:05 pm

flint2003 wrote:
Fri Nov 16, 2018 10:54 am
Hi all.
It seems to me that the best way will be to install a new client on WIndows machine and test the new connection
It will the integer answer about the workability of your system
Hi flint2003

I create a new client called: "pruebas.ovpn", and this is their log:

*********************
18:51:15.317 -- EVENT: RECONNECTING
18:51:15.320 -- EVENT: RESOLVE
18:51:15.327 -- Contacting 95.xxxx:51xxxx via TCP

18:51:15.336 -- EVENT: WAIT

18:51:15.370 -- Connecting to [xxxxx.com]:51xxx (95.xxxx) via TCPv4

18:51:15.426 -- EVENT: CONNECTING

18:51:15.432 -- Tunnel Options:V4,dev-type tun,link-mtu 1572,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,keydir 1,cipher AES-256-CBC,auth SHA256,keysize 256,tls-auth,key-method 2,tls-client

18:51:15.434 -- Creds: UsernameEmpty/PasswordEmpty

18:51:15.436 -- Peer Info:
IV_GUI_VER=OC30Android
IV_VER=3.2
IV_PLAT=android
IV_NCP=2
IV_TCPNL=1
IV_PROTO=2
IV_LZO=1
IV_AUTO_SESS=1


18:51:15.685 -- VERIFY OK : depth=1
cert. version : 3
serial number : E2:18:54:8C:xxxxx
issuer name : CN=ChangeMe
subject name : CN=ChangeMe
issued on : 2018-04-27 20:11:59
expires on : 2028-04-24 20:11:59
signed using : RSA with SHA-256
RSA key size : 2048 bits
basic constraints : CA=true
key usage : Key Cert Sign, CRL Sign


18:51:15.686 -- VERIFY OK : depth=0
cert. version : 3
serial number : 01
issuer name : CN=ChangeMe
subject name : CN=server_D2SVcxxxxx
issued on : 2018-04-27 20:12:07
expires on : 2028-04-24 20:12:07
signed using : RSA with SHA-256
RSA key size : 2048 bits
basic constraints : CA=false
key usage : Digital Signature, Key Encipherment
ext key usage : TLS Web Server Authentication


18:51:15.868 -- TCP recv error: Connection reset by peer

18:51:15.869 -- Transport Error: Transport error on 'xxxxxx.com: NETWORK_RECV_ERROR

18:51:15.870 -- EVENT: TRANSPORT_ERROR info='Transport error on 'xxxxxx.com: NETWORK_RECV_ERROR'

18:51:15.873 -- Client terminated, restarting in 5000 ms..
.

************************************************

This is a server netstat -atn log:

17:50:43.178590 IP 47-xxxxx.14840 > 192.xxxxx.5xxx: Flags [P.], seq 1767:1873, ack 2517, win 340, options [nop,nop,TS val 27007222 ecr 2285711952], length 106

17:50:43.178734 IP 192.xxxx.5xxxx > 47xxxxx.14840: Flags [R], seq 210957447, win 0, length 0



Thank you, so much!!

Post Reply