iOS disconnect over Wi-Fi

Need help configuring your VPN? Just post here and you'll get that help.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
alexpserban
OpenVpn Newbie
Posts: 6
Joined: Tue Oct 24, 2017 3:03 pm

iOS disconnect over Wi-Fi

Post by alexpserban » Wed Oct 25, 2017 8:34 am

Hi,

After troubleshooting to fix the PolarSSL certificate error and solving it via importing the CA.CRT + CLIENT.P12 into iOS keychain, I have bumped into a new error.

I am able to connect to the VPN on 4G, but not on wifi. As soon as I connect to a wifi network, the connection goes to timeout and eventually stops.

Here are the logs from the iOS client when trying to connect to the VPN while already connected to wifi:

iPhone 6S running ios 11.0.3

Code: Select all

2017-10-24 16:42:30 ----- OpenVPN Start -----
OpenVPN core 3.1.2 ios arm64 64-bit built on Dec  5 2016 12:50:25
2017-10-24 16:42:30 Keychain Cert Extraction: 2 certificate(s) found
2017-10-24 16:42:30 Frame=512/2048/512 mssfix-ctrl=1250
2017-10-24 16:42:30 UNUSED OPTIONS
4 [resolv-retry] [infinite]
5 [nobind]
6 [persist-key]
7 [persist-tun]
11 [verify-x509-name] [server_v0zacJQCkXqL82uW] [name]
15 [verb] [1]

2017-10-24 16:42:30 EVENT: RESOLVE
2017-10-24 16:42:30 Contacting A.B.C.D:1189 via UDP
2017-10-24 16:42:30 EVENT: WAIT
2017-10-24 16:42:30 SetTunnelSocket returned 1
2017-10-24 16:42:30 Connecting to [A.B.C.D]:1189 (A.B.C.D) via UDPv4
2017-10-24 16:42:30 NET Internet:ReachableViaWiFi/-R t------
2017-10-24 16:42:40 Server poll timeout, trying next remote entry...
2017-10-24 16:42:40 EVENT: RECONNECTING
2017-10-24 16:42:40 EVENT: RESOLVE
2017-10-24 16:42:40 Contacting A.B.C.D:1189 via UDP
2017-10-24 16:42:40 EVENT: WAIT
2017-10-24 16:42:40 SetTunnelSocket returned 1
2017-10-24 16:42:40 Connecting to [A.B.C.D]:1189 (A.B.C.D) via UDPv4
2017-10-24 16:42:50 Server poll timeout, trying next remote entry...
2017-10-24 16:42:50 EVENT: RECONNECTING
2017-10-24 16:42:50 EVENT: RESOLVE
2017-10-24 16:42:50 Contacting A.B.C.D:1189 via UDP
2017-10-24 16:42:50 EVENT: WAIT
2017-10-24 16:42:50 SetTunnelSocket returned 1
2017-10-24 16:42:50 Connecting to [A.B.C.D]:1189 (A.B.C.D) via UDPv4
2017-10-24 16:43:00 Server poll timeout, trying next remote entry...
2017-10-24 16:43:00 EVENT: RECONNECTING
2017-10-24 16:43:00 EVENT: RESOLVE
2017-10-24 16:43:00 Contacting A.B.C.D:1189 via UDP
2017-10-24 16:43:00 EVENT: WAIT
2017-10-24 16:43:00 SetTunnelSocket returned 1
2017-10-24 16:43:00 Connecting to [A.B.C.D]:1189 (A.B.C.D) via UDPv4
2017-10-24 16:43:10 Server poll timeout, trying next remote entry...
2017-10-24 16:43:10 EVENT: RECONNECTING
2017-10-24 16:43:10 EVENT: RESOLVE
2017-10-24 16:43:10 Contacting A.B.C.D:1189 via UDP
2017-10-24 16:43:10 EVENT: WAIT
2017-10-24 16:43:10 SetTunnelSocket returned 1
2017-10-24 16:43:10 Connecting to [A.B.C.D]:1189 (A.B.C.D) via UDPv4
2017-10-24 16:43:20 Server poll timeout, trying next remote entry...
2017-10-24 16:43:20 EVENT: RECONNECTING
2017-10-24 16:43:20 EVENT: RESOLVE
2017-10-24 16:43:20 Contacting A.B.C.D:1189 via UDP
2017-10-24 16:43:20 EVENT: WAIT
2017-10-24 16:43:20 SetTunnelSocket returned 1
2017-10-24 16:43:20 Connecting to [A.B.C.D]:1189 (A.B.C.D) via UDPv4
2017-10-24 16:43:30 EVENT: CONNECTION_TIMEOUT [ERR]
2017-10-24 16:43:30 EVENT: DISCONNECTED
2017-10-24 16:43:30 Raw stats on disconnect:
 BYTES_OUT : 3240
 PACKETS_OUT : 60
 CONNECTION_TIMEOUT : 1
 N_RECONNECT : 5
2017-10-24 16:43:30 Performance stats on disconnect:
 CPU usage (microseconds): 40772
 Network bytes per CPU second: 79466
 Tunnel bytes per CPU second: 0
2017-10-24 16:43:30 EVENT: DISCONNECT_PENDING
2017-10-24 16:43:30 ----- OpenVPN Stop -----
I can confirm that the 1189 port is being forwarded correctly to the RASP-PI, as I am able to connect on macOS with the Tunnelblick client or via 4G from ios.

Here are the logs when the ios client is connected to VPN and the phone connects to wifi. Initially, the VPN is up with no connectivity, and then the VPN is broken and traffic starts flowing outside the VPN.

Code: Select all

2017-10-25 10:14:08 EVENT: RESOLVE
2017-10-25 10:14:08 Contacting A.B.C.D:1189 via UDP
2017-10-25 10:14:08 EVENT: WAIT
2017-10-25 10:14:08 SetTunnelSocket returned 1
2017-10-25 10:14:08 Connecting to [A.B.C.D]:1189 (A.B.C.D) via UDPv4
2017-10-25 10:14:08 EVENT: CONNECTING
2017-10-25 10:14:08 Tunnel Options:V4,dev-type tun,link-mtu 1570,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher AES-256-CBC,auth SHA256,keysize 256,tls-auth,key-method 2,tls-client
2017-10-25 10:14:08 Creds: UsernameEmpty/PasswordEmpty
2017-10-25 10:14:08 Peer Info:
IV_GUI_VER=net.openvpn.connect.ios 1.1.1-212
IV_VER=3.1.2
IV_PLAT=ios
IV_LZO=1
IV_AUTO_SESS=1

2017-10-25 10:14:08 VERIFY OK: depth=1
cert. version    : 3
serial number    : B3:4B:75:52:A4:14:AD:E5
issuer name      : CN=ChangeMe
subject name      : CN=ChangeMe
issued  on        : 2017-10-20 13:23:23
expires on        : 2027-10-18 13:23:23
signed using      : RSA with SHA-256
RSA key size      : 2048 bits
basic constraints : CA=true
key usage        : Key Cert Sign, CRL Sign

2017-10-25 10:14:08 VERIFY OK: depth=0
cert. version    : 3
serial number    : 01
issuer name      : CN=ChangeMe
subject name      : CN=server_v0zacJQCkXqL82uW
issued  on        : 2017-10-20 13:23:29
expires on        : 2027-10-18 13:23:29
signed using      : RSA with SHA-256
RSA key size      : 2048 bits
basic constraints : CA=false
key usage        : Digital Signature, Key Encipherment
ext key usage    : TLS Web Server Authentication

2017-10-25 10:14:09 NET Internet:ReachableViaWWAN/WR t------
2017-10-25 10:14:09 SSL Handshake: TLSv1.2/TLS-DHE-RSA-WITH-AES-256-CBC-SHA
2017-10-25 10:14:09 Session is ACTIVE
2017-10-25 10:14:09 EVENT: GET_CONFIG
2017-10-25 10:14:09 Sending PUSH_REQUEST to server...
2017-10-25 10:14:09 OPTIONS:
0 [redirect-gateway] [ipv6]
1 [route] [10.8.0.1] [255.255.255.255]
2 [route] [10.8.0.0] [255.255.255.0]
3 [route] [0.0.0.0]
4 [dhcp-option] [DNS] [8.8.8.8]
5 [dhcp-option] [DNS] [8.8.4.4]
6 [redirect-gateway] [def1]
7 [route-gateway] [10.8.0.1]
8 [topology] [subnet]
9 [ping] [10]
10 [ping-restart] [120]
11 [ifconfig] [10.8.0.4] [255.255.255.0]

2017-10-25 10:14:09 PROTOCOL OPTIONS:
 cipher: AES-256-CBC
 digest: SHA256
 compress: LZO
 peer ID: -1
2017-10-25 10:14:09 EVENT: ASSIGN_IP
2017-10-25 10:14:09 TunPersist: saving tun context:
Session Name: A.B.C.D
Layer: OSI_LAYER_3
Remote Address: A.B.C.D
Tunnel Addresses:
 10.8.0.4/24 -> 10.8.0.1
Reroute Gateway: IPv4=1 IPv6=0 flags=[ ENABLE REROUTE_GW DEF1 IPv4 IPv6 ]
Block IPv6: no
Add Routes:
 10.8.0.1/32
 10.8.0.0/24
 0.0.0.0/32
Exclude Routes:
DNS Servers:
 8.8.8.8
 8.8.4.4
Search Domains:

2017-10-25 10:14:09 Connected via tun
2017-10-25 10:14:09 LZO-ASYM init swap=0 asym=0
2017-10-25 10:14:09 EVENT: CONNECTED @A.B.C.D:1189 (A.B.C.D) via /UDPv4 on tun/10.8.0.4/ gw=[10.8.0.1/]
2017-10-25 10:14:09 SetStatus Connected
2017-10-25 10:14:37 OS Event: NET AVAILABLE (RESUME): ReachableViaWiFi allow=1
2017-10-25 10:14:39 OS Event: NET UNAVAILABLE (PAUSE): ReachableViaWiFi
2017-10-25 10:14:39 OS Event: NET AVAILABLE (RESUME): ReachableViaWiFi allow=1
2017-10-25 10:14:39 EVENT: PAUSE
2017-10-25 10:14:39 NET Internet:ReachableViaWiFi/-R t------
2017-10-25 10:14:42 RECONNECT TEST: ReachableViaWiFi
2017-10-25 10:14:43 RESUME TEST: ReachableViaWiFi
2017-10-25 10:14:43 EVENT: RESUME
2017-10-25 10:14:43 EVENT: RECONNECTING
2017-10-25 10:14:43 Contacting A.B.C.D:1189 via UDP
2017-10-25 10:14:43 EVENT: WAIT
2017-10-25 10:14:43 SetTunnelSocket returned 1
2017-10-25 10:14:43 Connecting to [A.B.C.D]:1189 (A.B.C.D) via UDPv4
2017-10-25 10:14:53 Server poll timeout, trying next remote entry...
2017-10-25 10:14:53 EVENT: RECONNECTING
2017-10-25 10:14:53 Contacting A.B.C.D:1189 via UDP
2017-10-25 10:14:53 EVENT: WAIT
2017-10-25 10:14:53 SetTunnelSocket returned 1
2017-10-25 10:14:53 Connecting to [A.B.C.D]:1189 (A.B.C.D) via UDPv4
2017-10-25 10:15:03 Server poll timeout, trying next remote entry...
2017-10-25 10:15:03 EVENT: RECONNECTING
2017-10-25 10:15:03 Contacting A.B.C.D:1189 via UDP
2017-10-25 10:15:03 EVENT: WAIT
2017-10-25 10:15:03 SetTunnelSocket returned 1
2017-10-25 10:15:03 Connecting to [A.B.C.D]:1189 (A.B.C.D) via UDPv4
2017-10-25 10:15:13 Server poll timeout, trying next remote entry...
2017-10-25 10:15:13 EVENT: RECONNECTING
2017-10-25 10:15:13 Contacting A.B.C.D:1189 via UDP
2017-10-25 10:15:13 EVENT: WAIT
2017-10-25 10:15:13 SetTunnelSocket returned 1
2017-10-25 10:15:13 Connecting to [A.B.C.D]:1189 (A.B.C.D) via UDPv4
2017-10-25 10:15:23 Server poll timeout, trying next remote entry...
2017-10-25 10:15:23 EVENT: RECONNECTING
2017-10-25 10:15:23 Contacting A.B.C.D:1189 via UDP
2017-10-25 10:15:23 EVENT: WAIT
2017-10-25 10:15:23 SetTunnelSocket returned 1
2017-10-25 10:15:23 Connecting to [A.B.C.D]:1189 (A.B.C.D) via UDPv4
2017-10-25 10:15:33 Server poll timeout, trying next remote entry...
2017-10-25 10:15:33 EVENT: RECONNECTING
2017-10-25 10:15:33 Contacting A.B.C.D:1189 via UDP
2017-10-25 10:15:33 EVENT: WAIT
2017-10-25 10:15:33 SetTunnelSocket returned 1
2017-10-25 10:15:33 Connecting to [A.B.C.D]:1189 (A.B.C.D) via UDPv4
2017-10-25 10:15:43 EVENT: CONNECTION_TIMEOUT [ERR]
2017-10-25 10:15:43 EVENT: DISCONNECTED
2017-10-25 10:15:43 Raw stats on disconnect:
 BYTES_IN : 76859
 BYTES_OUT : 28245
 PACKETS_IN : 108
 PACKETS_OUT : 185
 TUN_BYTES_IN : 15742
 TUN_BYTES_OUT : 67251
 TUN_PACKETS_IN : 113
 TUN_PACKETS_OUT : 98
 CONNECTION_TIMEOUT : 1
 N_PAUSE : 1
 N_RECONNECT : 6
2017-10-25 10:15:43 Performance stats on disconnect:
 CPU usage (microseconds): 195965
 Tunnel compression ratio (uplink): 1.79424
 Tunnel compression ratio (downlink): 1.14287
 Network bytes per CPU second: 536340
 Tunnel bytes per CPU second: 423509
2017-10-25 10:15:43 EVENT: DISCONNECT_PENDING
2017-10-25 10:15:43 ----- OpenVPN Stop -----
Here is the client .ovpn file:

Code: Select all

client
dev tun
proto udp
remote A.B.C.D 1189
resolv-retry infinite
nobind
persist-key
persist-tun
key-direction 1
remote-cert-tls server
tls-version-min 1.2
verify-x509-name server_v0zacJQCkXqL82uW name
cipher AES-256-CBC
auth SHA256
comp-lzo
redirect-gateway ipv6
verb 1
<tls-auth>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----

-----END OpenVPN Static key V1-----
</tls-auth>
The .ovpn file on the RASP-PI is the following:

RASP-PI 3 running: Linux raspberrypi 4.9.41-v7+ #1023 SMP Tue Aug 8 16:00:15 BST 2017 armv7l GNU/Linux

Code: Select all

client
dev tun
proto udp
remote A.B.C.D 1189
resolv-retry infinite
nobind
persist-key
persist-tun
key-direction 1
remote-cert-tls server
tls-version-min 1.2
verify-x509-name server_v0zacJQCkXqL82uW name
cipher AES-256-CBC
auth SHA256
comp-lzo
push "redirect-gateway ipv6"
verb 1
<ca>
-----BEGIN CERTIFICATE-----

-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----

-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN ENCRYPTED PRIVATE KEY-----

-----END ENCRYPTED PRIVATE KEY-----
</key>
<tls-auth>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----

-----END OpenVPN Static key V1-----
</tls-auth>
I have tried adding push "redirect-gateway ipv6" and redirect-gateway ipv6 in the server and the client configs, knowing that the ISP where the server is located runs dual-stack ipv4/ipv6. This doesn't seem to fix my wifi issue.

Any help/advice on how to correctly configure/setup the VPN to also work on wifi is greatly appreciated.

Best regards,
Alex

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: iOS disconnect over Wi-Fi

Post by TinCanTech » Wed Oct 25, 2017 11:19 am

Server config and log at verb 4 please.

alexpserban
OpenVpn Newbie
Posts: 6
Joined: Tue Oct 24, 2017 3:03 pm

Re: iOS disconnect over Wi-Fi

Post by alexpserban » Wed Oct 25, 2017 12:50 pm

Changed the server config to verb 4. Result is the same:

Here is the new server config:

SERVER

client
dev tun
proto udp
remote A.B.C.D 1189
resolv-retry infinite
nobind
persist-key
persist-tun
key-direction 1
remote-cert-tls server
tls-version-min 1.2
verify-x509-name server_v0zacJQCkXqL82uW name
cipher AES-256-CBC
auth SHA256
comp-lzo
push "redirect-gateway ipv6"
verb 4
<ca>
-----BEGIN CERTIFICATE-----

-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----

-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN ENCRYPTED PRIVATE KEY-----

-----END ENCRYPTED PRIVATE KEY-----
</key>
<tls-auth>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----

-----END OpenVPN Static key V1-----
</tls-auth>


And here is the new log from the ios client. The same scenario when it is initially connected through 4G, but drops once it is on wifi.

Code: Select all

2017-10-25 14:24:11 ----- OpenVPN Start -----
OpenVPN core 3.1.2 ios arm64 64-bit built on Dec  5 2016 12:50:25
2017-10-25 14:24:11 Keychain Cert Extraction: 2 certificate(s) found
2017-10-25 14:24:11 Frame=512/2048/512 mssfix-ctrl=1250
2017-10-25 14:24:11 UNUSED OPTIONS
4 [resolv-retry] [infinite] 
5 [nobind] 
6 [persist-key] 
7 [persist-tun] 
11 [verify-x509-name] [server_v0zacJQCkXqL82uW] [name] 
16 [verb] [4] 

2017-10-25 14:24:11 EVENT: RESOLVE
2017-10-25 14:24:11 Contacting A.B.C.D:1189 via UDP
2017-10-25 14:24:11 EVENT: WAIT
2017-10-25 14:24:11 SetTunnelSocket returned 1
2017-10-25 14:24:11 Connecting to [A.B.C.D]:1189 (A.B.C.D) via UDPv4
2017-10-25 14:24:12 NET Internet:ReachableViaWiFi/-R t------
2017-10-25 14:24:19 NET Internet:NotReachable/-R tc-----
2017-10-25 14:24:19 UDP send error: send: Can't assign requested address
2017-10-25 14:24:19 Transport Error: EADDRNOTAVAIL: Can't assign requested address
2017-10-25 14:24:19 EVENT: TRANSPORT_ERROR EADDRNOTAVAIL: Can't assign requested address [ERR]
2017-10-25 14:24:19 Client terminated, restarting in 5000 ms...
2017-10-25 14:24:20 NET Internet:ReachableViaWWAN/WR t------
2017-10-25 14:24:22 RECONNECT TEST: ReachableViaWWAN
2017-10-25 14:24:22 Client terminated, reconnecting in 1...
2017-10-25 14:24:23 EVENT: RECONNECTING
2017-10-25 14:24:23 Contacting A.B.C.D:1189 via UDP
2017-10-25 14:24:23 EVENT: WAIT
2017-10-25 14:24:23 SetTunnelSocket returned 1
2017-10-25 14:24:23 Connecting to [A.B.C.D]:1189 (A.B.C.D) via UDPv4
2017-10-25 14:24:23 EVENT: CONNECTING
2017-10-25 14:24:23 Tunnel Options:V4,dev-type tun,link-mtu 1570,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher AES-256-CBC,auth SHA256,keysize 256,tls-auth,key-method 2,tls-client
2017-10-25 14:24:23 Creds: UsernameEmpty/PasswordEmpty
2017-10-25 14:24:23 Peer Info:
IV_GUI_VER=net.openvpn.connect.ios 1.1.1-212
IV_VER=3.1.2
IV_PLAT=ios
IV_LZO=1
IV_AUTO_SESS=1

2017-10-25 14:24:24 VERIFY OK: depth=1
cert. version    : 3
serial number    : B3:4B:75:52:A4:14:AD:E5
issuer name      : CN=ChangeMe
subject name      : CN=ChangeMe
issued  on        : 2017-10-20 13:23:23
expires on        : 2027-10-18 13:23:23
signed using      : RSA with SHA-256
RSA key size      : 2048 bits
basic constraints : CA=true
key usage        : Key Cert Sign, CRL Sign

2017-10-25 14:24:24 VERIFY OK: depth=0
cert. version    : 3
serial number    : 01
issuer name      : CN=ChangeMe
subject name      : CN=server_v0zacJQCkXqL82uW
issued  on        : 2017-10-20 13:23:29
expires on        : 2027-10-18 13:23:29
signed using      : RSA with SHA-256
RSA key size      : 2048 bits
basic constraints : CA=false
key usage        : Digital Signature, Key Encipherment
ext key usage    : TLS Web Server Authentication

2017-10-25 14:24:24 SSL Handshake: TLSv1.2/TLS-DHE-RSA-WITH-AES-256-CBC-SHA
2017-10-25 14:24:24 Session is ACTIVE
2017-10-25 14:24:24 EVENT: GET_CONFIG
2017-10-25 14:24:24 Sending PUSH_REQUEST to server...
2017-10-25 14:24:24 OPTIONS:
0 [redirect-gateway] [ipv6] 
1 [route] [10.8.0.1] [255.255.255.255] 
2 [route] [10.8.0.0] [255.255.255.0] 
3 [route] [0.0.0.0] 
4 [dhcp-option] [DNS] [8.8.8.8] 
5 [dhcp-option] [DNS] [8.8.4.4] 
6 [redirect-gateway] [def1] 
7 [route-gateway] [10.8.0.1] 
8 [topology] [subnet] 
9 [ping] [10] 
10 [ping-restart] [120] 
11 [ifconfig] [10.8.0.4] [255.255.255.0] 

2017-10-25 14:24:24 PROTOCOL OPTIONS:
 cipher: AES-256-CBC
 digest: SHA256
 compress: LZO
 peer ID: -1
2017-10-25 14:24:24 EVENT: ASSIGN_IP
2017-10-25 14:24:24 TunPersist: saving tun context:
Session Name: A.B.C.D
Layer: OSI_LAYER_3
Remote Address: A.B.C.D
Tunnel Addresses:
 10.8.0.4/24 -> 10.8.0.1
Reroute Gateway: IPv4=1 IPv6=0 flags=[ ENABLE REROUTE_GW DEF1 IPv4 IPv6 ]
Block IPv6: no
Add Routes:
 10.8.0.1/32
 10.8.0.0/24
 0.0.0.0/32
Exclude Routes:
DNS Servers:
 8.8.8.8
 8.8.4.4
Search Domains:

2017-10-25 14:24:24 Connected via tun
2017-10-25 14:24:24 LZO-ASYM init swap=0 asym=0
2017-10-25 14:24:24 EVENT: CONNECTED @A.B.C.D:1189 (A.B.C.D) via /UDPv4 on tun/10.8.0.4/ gw=[10.8.0.1/]
2017-10-25 14:24:24 SetStatus Connected
2017-10-25 14:25:09 OS Event: NET AVAILABLE (RESUME): ReachableViaWiFi allow=1
2017-10-25 14:25:11 OS Event: NET UNAVAILABLE (PAUSE): ReachableViaWiFi
2017-10-25 14:25:11 EVENT: PAUSE
2017-10-25 14:25:11 OS Event: NET AVAILABLE (RESUME): ReachableViaWiFi allow=1
2017-10-25 14:25:11 NET Internet:ReachableViaWiFi/-R t------
2017-10-25 14:25:14 RECONNECT TEST: ReachableViaWiFi
2017-10-25 14:25:15 RESUME TEST: ReachableViaWiFi
2017-10-25 14:25:15 EVENT: RESUME
2017-10-25 14:25:15 EVENT: RECONNECTING
2017-10-25 14:25:15 Contacting A.B.C.D:1189 via UDP
2017-10-25 14:25:15 EVENT: WAIT
2017-10-25 14:25:15 SetTunnelSocket returned 1
2017-10-25 14:25:15 Connecting to [A.B.C.D]:1189 (A.B.C.D) via UDPv4
2017-10-25 14:25:25 Server poll timeout, trying next remote entry...
2017-10-25 14:25:25 EVENT: RECONNECTING
2017-10-25 14:25:25 Contacting A.B.C.D:1189 via UDP
2017-10-25 14:25:25 EVENT: WAIT
2017-10-25 14:25:25 SetTunnelSocket returned 1
2017-10-25 14:25:25 Connecting to [A.B.C.D]:1189 (A.B.C.D) via UDPv4
2017-10-25 14:25:35 Server poll timeout, trying next remote entry...
2017-10-25 14:25:35 EVENT: RECONNECTING
2017-10-25 14:25:35 Contacting A.B.C.D:1189 via UDP
2017-10-25 14:25:35 EVENT: WAIT
2017-10-25 14:25:35 SetTunnelSocket returned 1
2017-10-25 14:25:35 Connecting to [A.B.C.D]:1189 (A.B.C.D) via UDPv4
2017-10-25 14:25:45 Server poll timeout, trying next remote entry...
2017-10-25 14:25:45 EVENT: RECONNECTING
2017-10-25 14:25:45 Contacting A.B.C.D:1189 via UDP
2017-10-25 14:25:45 EVENT: WAIT
2017-10-25 14:25:45 SetTunnelSocket returned 1
2017-10-25 14:25:45 Connecting to [A.B.C.D]:1189 (A.B.C.D) via UDPv4
2017-10-25 14:25:55 Server poll timeout, trying next remote entry...
2017-10-25 14:25:55 EVENT: RECONNECTING
2017-10-25 14:25:55 Contacting A.B.C.D:1189 via UDP
2017-10-25 14:25:55 EVENT: WAIT
2017-10-25 14:25:55 SetTunnelSocket returned 1
2017-10-25 14:25:55 Connecting to [A.B.C.D]:1189 (A.B.C.D) via UDPv4
2017-10-25 14:26:05 Server poll timeout, trying next remote entry...
2017-10-25 14:26:05 EVENT: RECONNECTING
2017-10-25 14:26:05 Contacting A.B.C.D:1189 via UDP
2017-10-25 14:26:05 EVENT: WAIT
2017-10-25 14:26:05 SetTunnelSocket returned 1
2017-10-25 14:26:05 Connecting to [A.B.C.D]:1189 (A.B.C.D) via UDPv4
2017-10-25 14:26:15 EVENT: CONNECTION_TIMEOUT [ERR]
2017-10-25 14:26:15 EVENT: DISCONNECTED
2017-10-25 14:26:15 Raw stats on disconnect:
 BYTES_IN : 157160
 BYTES_OUT : 55116
 PACKETS_IN : 217
 PACKETS_OUT : 328
 TUN_BYTES_IN : 34353
 TUN_BYTES_OUT : 141165
 TUN_PACKETS_IN : 246
 TUN_PACKETS_OUT : 205
 NETWORK_SEND_ERROR : 1
 TRANSPORT_ERROR : 1
 CONNECTION_TIMEOUT : 1
 N_PAUSE : 1
 N_RECONNECT : 7
2017-10-25 14:26:15 Performance stats on disconnect:
 CPU usage (microseconds): 179199
 Tunnel compression ratio (uplink): 1.6044
 Tunnel compression ratio (downlink): 1.11331
 Network bytes per CPU second: 1184582
 Tunnel bytes per CPU second: 979458
2017-10-25 14:26:15 EVENT: DISCONNECT_PENDING
2017-10-25 14:26:15 ----- OpenVPN Stop -----

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: iOS disconnect over Wi-Fi

Post by TinCanTech » Wed Oct 25, 2017 1:34 pm

TinCanTech wrote:
Wed Oct 25, 2017 11:19 am
Server config and Server log at verb 4 please.

alexpserban
OpenVpn Newbie
Posts: 6
Joined: Tue Oct 24, 2017 3:03 pm

Re: iOS disconnect over Wi-Fi

Post by alexpserban » Wed Oct 25, 2017 2:27 pm

Server log @ verb 4:

Code: Select all

Wed Oct 25 15:28:25 2017 E.F.G.H:38438 peer info: IV_GUI_VER=net.openvpn.connect.ios_1.1.1-212
Wed Oct 25 15:28:25 2017 E.F.G.H:38438 peer info: IV_VER=3.1.2
Wed Oct 25 15:28:25 2017 E.F.G.H:38438 peer info: IV_PLAT=ios
Wed Oct 25 15:28:25 2017 E.F.G.H:38438 peer info: IV_NCP=2
Wed Oct 25 15:28:25 2017 E.F.G.H:38438 peer info: IV_TCPNL=1
Wed Oct 25 15:28:25 2017 E.F.G.H:38438 peer info: IV_PROTO=2
Wed Oct 25 15:28:25 2017 E.F.G.H:38438 peer info: IV_LZO=1
Wed Oct 25 15:28:25 2017 E.F.G.H:38438 peer info: IV_AUTO_SESS=1
Wed Oct 25 15:28:25 2017 E.F.G.H:38438 [ios] Peer Connection Initiated with [AF_INET]E.F.G.H:38438
Wed Oct 25 15:28:25 2017 ios/E.F.G.H:38438 MULTI_sva: pool returned IPv4=10.8.0.4, IPv6=(Not enabled)
Wed Oct 25 15:44:30 2017 E.F.G.H:38441 peer info: IV_GUI_VER=net.openvpn.connect.ios_1.1.1-212
Wed Oct 25 15:44:30 2017 E.F.G.H:38441 peer info: IV_VER=3.1.2
Wed Oct 25 15:44:30 2017 E.F.G.H:38441 peer info: IV_PLAT=ios
Wed Oct 25 15:44:30 2017 E.F.G.H:38441 peer info: IV_NCP=2
Wed Oct 25 15:44:30 2017 E.F.G.H:38441 peer info: IV_TCPNL=1
Wed Oct 25 15:44:30 2017 E.F.G.H:38441 peer info: IV_PROTO=2
Wed Oct 25 15:44:30 2017 E.F.G.H:38441 peer info: IV_LZO=1
Wed Oct 25 15:44:30 2017 E.F.G.H:38441 peer info: IV_AUTO_SESS=1
Wed Oct 25 15:44:30 2017 E.F.G.H:38441 [ios] Peer Connection Initiated with [AF_INET]E.F.G.H:38441
Wed Oct 25 15:44:30 2017 ios/E.F.G.H:38441 MULTI_sva: pool returned IPv4=10.8.0.4, IPv6=(Not enabled)
Wed Oct 25 15:51:57 2017 E.F.G.H:38446 peer info: IV_GUI_VER=net.openvpn.connect.ios_1.1.1-212
Wed Oct 25 15:51:57 2017 E.F.G.H:38446 peer info: IV_VER=3.1.2
Wed Oct 25 15:51:57 2017 E.F.G.H:38446 peer info: IV_PLAT=ios
Wed Oct 25 15:51:57 2017 E.F.G.H:38446 peer info: IV_NCP=2
Wed Oct 25 15:51:57 2017 E.F.G.H:38446 peer info: IV_TCPNL=1
Wed Oct 25 15:51:57 2017 E.F.G.H:38446 peer info: IV_PROTO=2
Wed Oct 25 15:51:57 2017 E.F.G.H:38446 peer info: IV_LZO=1
Wed Oct 25 15:51:57 2017 E.F.G.H:38446 peer info: IV_AUTO_SESS=1
Wed Oct 25 15:51:57 2017 E.F.G.H:38446 [ios] Peer Connection Initiated with [AF_INET]E.F.G.H:38446
Wed Oct 25 15:51:57 2017 ios/E.F.G.H:38446 MULTI_sva: pool returned IPv4=10.8.0.4, IPv6=(Not enabled)

alexpserban
OpenVpn Newbie
Posts: 6
Joined: Tue Oct 24, 2017 3:03 pm

Re: iOS disconnect over Wi-Fi

Post by alexpserban » Wed Oct 25, 2017 2:41 pm

Also, maybe useful, server logs from the same timestamp:

Code: Select all

Wed Oct 25 14:19:17 2017 E.F.G.H:38406 peer info: IV_GUI_VER=net.openvpn.connect.ios_1.1.1-212
Wed Oct 25 14:19:17 2017 E.F.G.H:38406 peer info: IV_VER=3.1.2
Wed Oct 25 14:19:17 2017 E.F.G.H:38406 peer info: IV_PLAT=ios
Wed Oct 25 14:19:17 2017 E.F.G.H:38406 peer info: IV_LZO=1
Wed Oct 25 14:19:17 2017 E.F.G.H:38406 peer info: IV_AUTO_SESS=1
Wed Oct 25 14:19:17 2017 E.F.G.H:38406 [ios] Peer Connection Initiated with [AF_INET]E.F.G.H:38406
Wed Oct 25 14:19:17 2017 ios/E.F.G.H:38406 MULTI_sva: pool returned IPv4=10.8.0.4, IPv6=(Not enabled)
Wed Oct 25 14:24:24 2017 E.F.G.H:38407 peer info: IV_GUI_VER=net.openvpn.connect.ios_1.1.1-212
Wed Oct 25 14:24:24 2017 E.F.G.H:38407 peer info: IV_VER=3.1.2
Wed Oct 25 14:24:24 2017 E.F.G.H:38407 peer info: IV_PLAT=ios
Wed Oct 25 14:24:24 2017 E.F.G.H:38407 peer info: IV_LZO=1
Wed Oct 25 14:24:24 2017 E.F.G.H:38407 peer info: IV_AUTO_SESS=1
Wed Oct 25 14:24:24 2017 E.F.G.H:38407 [ios] Peer Connection Initiated with [AF_INET]E.F.G.H:38407
Wed Oct 25 14:24:24 2017 ios/E.F.G.H:38407 MULTI_sva: pool returned IPv4=10.8.0.4, IPv6=(Not enabled)
Wed Oct 25 14:26:54 2017 E.F.G.H:38408 peer info: IV_GUI_VER=net.openvpn.connect.ios_1.1.1-212
Wed Oct 25 14:26:54 2017 E.F.G.H:38408 peer info: IV_VER=3.1.2
Wed Oct 25 14:26:54 2017 E.F.G.H:38408 peer info: IV_PLAT=ios
Wed Oct 25 14:26:54 2017 E.F.G.H:38408 peer info: IV_LZO=1
Wed Oct 25 14:26:54 2017 E.F.G.H:38408 peer info: IV_AUTO_SESS=1
Wed Oct 25 14:26:54 2017 E.F.G.H:38408 [ios] Peer Connection Initiated with [AF_INET]E.F.G.H:38408
Wed Oct 25 14:26:54 2017 ios/E.F.G.H:38408 MULTI_sva: pool returned IPv4=10.8.0.4, IPv6=(Not enabled)
I have been tinkering with the settings of the ios app, but it seems the end result is always the same.

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: iOS disconnect over Wi-Fi

Post by TinCanTech » Wed Oct 25, 2017 2:52 pm

That is not --verb 4 (you need to restart your server to make the change)

Any hoo ..
alexpserban wrote:
Wed Oct 25, 2017 12:50 pm
2017-10-25 14:24:24 Sending PUSH_REQUEST to server...
2017-10-25 14:24:24 OPTIONS:
0 [redirect-gateway] [ipv6]
1 [route] [10.8.0.1] [255.255.255.255]
2 [route] [10.8.0.0] [255.255.255.0]
3 [route] [0.0.0.0]
[0 above] Does your phone use an IPv6 internet address ?
[3 above] Route 0.0.0.0 is a bad idea and not shown in your configs anywhere .. make sure you are using the right configs.
alexpserban wrote:
Wed Oct 25, 2017 12:50 pm
The same scenario when it is initially connected through 4G, but drops once it is on wifi
Connection thru 4G is from outside your network and it works so it sounds like everything is working there.

Connection from WiFi is from where ? Your home where the server is or work or what ?

alexpserban
OpenVpn Newbie
Posts: 6
Joined: Tue Oct 24, 2017 3:03 pm

Re: iOS disconnect over Wi-Fi

Post by alexpserban » Wed Oct 25, 2017 3:34 pm

[just realised]

The WiFi connection is the guest WiFi connection from my work (different than the one that my mac uses - behind corporate FW) and the mac client also doesn't work on this WiFi netw. Will further test to isolate this as the cause for the problem.

Should I not reach a solution I will post the correct verb 4 logs and server.conf instead of .ovpn server profile for the specific iso client.

Will post an update, either way.

alexpserban
OpenVpn Newbie
Posts: 6
Joined: Tue Oct 24, 2017 3:03 pm

Re: iOS disconnect over Wi-Fi

Post by alexpserban » Thu Oct 26, 2017 7:45 am

I've isolated the problem to the guest WiFi connection from work. With the phone connected to the corporate WiFi, VPN works as well.

I am just going to keep using the VPN over 4G on my phone as I don't want my personal device enrolled and monitored by corporate IT. I have an unlimited 4G plan anyway.

Thanks for all the help,
Alex

Post Reply