I used to have a dedicated Linux server at home because I wanted to learn some more about Linux and networking. On that server, I did have OpenVPN running and everything worked fine. But because I wasn't really using the server anymore I replaced it with a Raspberry Pi running Raspbian. I installed OpenVPN on the Pi, but ever since I am not able to connect my iPhone to the VPN anymore. My laptop will connect without a problem on every network, even tethered through the iPhone mobile network.
I cannot find out the issue, I have made new user config files, I have even done a factory reset on the iPhone.
The Raspberry is connected to the internet through a switch, there are no routers or firewalls. The Raspberry does have an external IP address from my ISP.
I would really appreciate some help!
Here is the failed log from the iPhone:
iPhone failed log
2018-05-11 22:22:52 ----- OpenVPN Start -----
OpenVPN core 3.2 ios arm64 64-bit built on Feb 22 2018 12:39:28
2018-05-11 22:22:52 Frame=512/2048/512 mssfix-ctrl=1250
2018-05-11 22:22:52 UNUSED OPTIONS
4 [resolv-retry] [infinite]
5 [nobind]
6 [user] [nobody]
7 [group] [nogroup]
8 [persist-key]
9 [persist-tun]
15 [verb] [3]
2018-05-11 22:22:52 EVENT: RESOLVE
2018-05-11 22:22:52 Contacting [84.xxx.xxx.xxx]:1194/UDP via UDP
2018-05-11 22:22:52 EVENT: WAIT
2018-05-11 22:22:52 Connecting to [84.xxx.xxx.xxx]:1194 (84.xxx.xxx.xxx) via UDPv4
2018-05-11 22:23:03 Server poll timeout, trying next remote entry...
2018-05-11 22:23:03 EVENT: RECONNECTING
2018-05-11 22:23:03 EVENT: RESOLVE
2018-05-11 22:23:03 Contacting [84.xxx.xxx.xxx]:1194/UDP via UDP
2018-05-11 22:23:03 EVENT: WAIT
2018-05-11 22:23:03 Connecting to [84.xxx.xxx.xxx]:1194 (84.xxx.xxx.xxx) via UDPv4
2018-05-11 22:23:14 Server poll timeout, trying next remote entry...
2018-05-11 22:23:14 EVENT: RECONNECTING
2018-05-11 22:23:14 EVENT: RESOLVE
2018-05-11 22:23:14 Contacting [84.xxx.xxx.xxx]:1194/UDP via UDP
2018-05-11 22:23:14 EVENT: WAIT
2018-05-11 22:23:14 Connecting to [84.xxx.xxx.xxx]:1194 (84.xxx.xxx.xxx) via UDPv4
2018-05-11 22:23:25 Server poll timeout, trying next remote entry...
2018-05-11 22:23:25 EVENT: RECONNECTING
2018-05-11 22:23:25 EVENT: RESOLVE
2018-05-11 22:23:25 Contacting [84.xxx.xxx.xxx]:1194/UDP via UDP
2018-05-11 22:23:25 EVENT: WAIT
2018-05-11 22:23:25 Connecting to [84.xxx.xxx.xxx]:1194 (84.xxx.xxx.xxx) via UDPv4
2018-05-11 22:23:35 Server poll timeout, trying next remote entry...
2018-05-11 22:23:35 EVENT: RECONNECTING
2018-05-11 22:23:35 EVENT: RESOLVE
2018-05-11 22:23:35 Contacting [84.xxx.xxx.xxx]:1194/UDP via UDP
2018-05-11 22:23:35 EVENT: WAIT
2018-05-11 22:23:35 Connecting to [84.xxx.xxx.xxx]:1194 (84.xxx.xxx.xxx) via UDPv4
2018-05-11 22:23:45 Server poll timeout, trying next remote entry...
2018-05-11 22:23:45 EVENT: RECONNECTING
2018-05-11 22:23:45 EVENT: RESOLVE
2018-05-11 22:23:45 Contacting [84.xxx.xxx.xxx]:1194/UDP via UDP
2018-05-11 22:23:45 EVENT: WAIT
2018-05-11 22:23:45 Connecting to [84.xxx.xxx.xxx]:1194 (84.xxx.xxx.xxx) via UDPv4
2018-05-11 22:23:52 EVENT: CONNECTION_TIMEOUT [ERR]
2018-05-11 22:23:52 Raw stats on disconnect:
BYTES_OUT : 3078
PACKETS_OUT : 57
CONNECTION_TIMEOUT : 1
N_RECONNECT : 5
2018-05-11 22:23:52 Performance stats on disconnect:
CPU usage (microseconds): 85075
Network bytes per CPU second: 36179
Tunnel bytes per CPU second: 0
2018-05-11 22:23:52 EVENT: DISCONNECTED
2018-05-11 22:23:52 Raw stats on disconnect:
BYTES_OUT : 3078
PACKETS_OUT : 57
CONNECTION_TIMEOUT : 1
N_RECONNECT : 5
2018-05-11 22:23:52 Performance stats on disconnect:
CPU usage (microseconds): 85075
Network bytes per CPU second: 36179
Tunnel bytes per CPU second: 0
And here is working the log on my laptop:
laptop working log
Sat May 26 12:00:36 2018 NOTE: --user option is not implemented on Windows
Sat May 26 12:00:36 2018 NOTE: --group option is not implemented on Windows
Sat May 26 12:00:36 2018 OpenVPN 2.4.3 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Jul 14 2017
Sat May 26 12:00:36 2018 Windows version 6.2 (Windows 8 or greater) 64bit
Sat May 26 12:00:36 2018 library versions: OpenSSL 1.0.2l 25 May 2017, LZO 2.10
Sat May 26 12:00:36 2018 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Sat May 26 12:00:36 2018 Need hold release from management interface, waiting...
Sat May 26 12:00:37 2018 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Sat May 26 12:00:37 2018 MANAGEMENT: CMD 'state on'
Sat May 26 12:00:37 2018 MANAGEMENT: CMD 'log all on'
Sat May 26 12:00:37 2018 MANAGEMENT: CMD 'echo all on'
Sat May 26 12:00:37 2018 MANAGEMENT: CMD 'hold off'
Sat May 26 12:00:37 2018 MANAGEMENT: CMD 'hold release'
Sat May 26 12:00:37 2018 Outgoing Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Sat May 26 12:00:37 2018 Incoming Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Sat May 26 12:00:37 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]84.xxx.xxx.xx:1194
Sat May 26 12:00:37 2018 Socket Buffers: R=[65536->65536] S=[65536->65536]
Sat May 26 12:00:37 2018 UDP link local: (not bound)
Sat May 26 12:00:37 2018 UDP link remote: [AF_INET]84.xxx.xxx.xx:1194
Sat May 26 12:00:37 2018 MANAGEMENT: >STATE:1527328837,WAIT,,,,,,
Sat May 26 12:00:37 2018 MANAGEMENT: >STATE:1527328837,AUTH,,,,,,
Sat May 26 12:00:37 2018 TLS: Initial packet from [AF_INET]84.xxx.xxx.xx:1194, sid=8a7fd396 dca1c63c
Sat May 26 12:00:37 2018 VERIFY OK: depth=1, C=BE, ST=LI, L=Ha, O=Fort-Funston, OU=MyOrganizationalUnit, CN=Fort-Funston CA, name=server, emailAddress=me_myhost.mydomain
Sat May 26 12:00:37 2018 VERIFY KU OK
Sat May 26 12:00:37 2018 Validating certificate extended key usage
Sat May 26 12:00:37 2018 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Sat May 26 12:00:37 2018 VERIFY EKU OK
Sat May 26 12:00:37 2018 VERIFY OK: depth=0, C=BE, ST=LI, L=Ha, O=Fort-Funston, OU=MyOrganizationalUnit, CN=server, name=server, emailAddress=me_myhost.mydomain
Sat May 26 12:00:37 2018 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Sat May 26 12:00:37 2018 [server] Peer Connection Initiated with [AF_INET]84.xxx.xxx.xx:1194
Sat May 26 12:00:38 2018 MANAGEMENT: >STATE:1527328838,GET_CONFIG,,,,,,
Sat May 26 12:00:38 2018 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Sat May 26 12:00:38 2018 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 208.67.222.222,dhcp-option DNS 208.67.220.220,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5,peer-id 0,cipher AES-256-GCM'
Sat May 26 12:00:38 2018 OPTIONS IMPORT: timers and/or timeouts modified
Sat May 26 12:00:38 2018 OPTIONS IMPORT: --ifconfig/up options modified
Sat May 26 12:00:38 2018 OPTIONS IMPORT: route options modified
Sat May 26 12:00:38 2018 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Sat May 26 12:00:38 2018 OPTIONS IMPORT: peer-id set
Sat May 26 12:00:38 2018 OPTIONS IMPORT: adjusting link_mtu to 1624
Sat May 26 12:00:38 2018 OPTIONS IMPORT: data channel crypto options modified
Sat May 26 12:00:38 2018 Data Channel: using negotiated cipher 'AES-256-GCM'
Sat May 26 12:00:38 2018 Data Channel Encrypt: Cipher 'AES-256-GCM' initialized with 256 bit key
Sat May 26 12:00:38 2018 Data Channel Decrypt: Cipher 'AES-256-GCM' initialized with 256 bit key
Sat May 26 12:00:38 2018 interactive service msg_channel=708
Sat May 26 12:00:38 2018 ROUTE_GATEWAY 192.168.1.1/255.255.255.0 I=10 HWADDR=98:5f:d3:39:c5:cf
Sat May 26 12:00:38 2018 open_tun
Sat May 26 12:00:38 2018 TAP-WIN32 device [Ethernet 2] opened: \\.\Global\{AABD4434-BB8B-4579-A9D1-C318B22041F5}.tap
Sat May 26 12:00:38 2018 TAP-Windows Driver Version 9.21
Sat May 26 12:00:38 2018 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.8.0.6/255.255.255.252 on interface {AABD4434-BB8B-4579-A9D1-C318B22041F5} [DHCP-serv: 10.8.0.5, lease-time: 31536000]
Sat May 26 12:00:38 2018 Successful ARP Flush on interface [11] {AABD4434-BB8B-4579-A9D1-C318B22041F5}
Sat May 26 12:00:38 2018 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Sat May 26 12:00:38 2018 MANAGEMENT: >STATE:1527328838,ASSIGN_IP,,10.8.0.6,,,,
Sat May 26 12:00:44 2018 TEST ROUTES: 2/2 succeeded len=1 ret=1 a=0 u/d=up
Sat May 26 12:00:44 2018 C:\WINDOWS\system32\route.exe ADD 84.xxx.xxx.xx MASK 255.255.255.255 192.168.1.1
Sat May 26 12:00:44 2018 Route addition via service succeeded
Sat May 26 12:00:44 2018 C:\WINDOWS\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.8.0.5
Sat May 26 12:00:44 2018 Route addition via service succeeded
Sat May 26 12:00:44 2018 C:\WINDOWS\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 10.8.0.5
Sat May 26 12:00:44 2018 Route addition via service succeeded
Sat May 26 12:00:44 2018 MANAGEMENT: >STATE:1527328844,ADD_ROUTES,,,,,,
Sat May 26 12:00:44 2018 C:\WINDOWS\system32\route.exe ADD 10.8.0.1 MASK 255.255.255.255 10.8.0.5
Sat May 26 12:00:44 2018 Route addition via service succeeded
Sat May 26 12:00:44 2018 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Sat May 26 12:00:44 2018 Initialization Sequence Completed
Sat May 26 12:00:44 2018 MANAGEMENT: >STATE:1527328844,CONNECTED,SUCCESS,10.8.0.6,84.xxx.xxx.xx,1194,,