Code: Select all
client
nobind
dev tun
remote-cert-tls server
remote celticvpn.ddns.net 1194 udp
dhcp-option DNS 192.168.10.251 # pihole on local network
<key>
-----BEGIN PRIVATE KEY-----
-----END PRIVATE KEY-----
</key>
<cert>
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
</cert>
<ca>
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
</ca>
key-direction 1
<tls-auth>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
-----END OpenVPN Static key V1-----
</tls-auth>
redirect-gateway def1
I created a similar client file to use on my IOS devices (iPad, iPhone) however while both devices appear to connect I have no internet connectivity on either device. I've attached the log file from my iPad client.
Code: Select all
2019-04-16 14:04:01 ----- OpenVPN Start -----
OpenVPN core 3.git::728733ae ios arm64 64-bit PT_PROXY built on Aug 15 2019 06:21:05
2019-04-16 14:04:01 OpenVPN core 3.git::728733ae ios arm64 64-bit PT_PROXY built on Aug 15 2019 06:21:05
2019-04-16 14:04:01 Frame=512/2048/512 mssfix-ctrl=1250
2019-04-16 14:04:01 UNUSED OPTIONS
1 [nobind]
2019-04-16 14:04:01 EVENT: RESOLVE
2019-04-16 14:04:01 Contacting [xxx.xxx.xxx.xx]:1194/UDP via UDP
2019-04-16 14:04:01 EVENT: WAIT
2019-04-16 14:04:01 Connecting to [celticvpn.ddns.net]:1194 (xxx.xxx.xxx.xx) via UDPv4
2019-04-16 14:04:01 EVENT: CONNECTING
2019-04-16 14:04:01 Tunnel Options:V4,dev-type tun,link-mtu 1541,tun-mtu 1500,proto UDPv4,keydir 1,cipher BF-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-client
2019-04-16 14:04:01 Creds: UsernameEmpty/PasswordEmpty
2019-04-16 14:04:01 Peer Info:
IV_GUI_VER=net.openvpn.connect.ios 3.0.3-2104
IV_VER=3.git::728733ae
IV_PLAT=ios
IV_NCP=2
IV_TCPNL=1
IV_PROTO=2
IV_AUTO_SESS=1
IV_BS64DL=1
2019-04-16 14:04:01 VERIFY OK : depth=1
cert. version : 3
serial number : 6E:09:67:CB:B5:A6:34:9A:DA:05:F8:7B:8E:C8:E3:C9:FA:68:C9:8E
issuer name :
subject name :
issued on : 2019-09-14 19:01:05
expires on : 2029-09-11 19:01:05
signed using : RSA with SHA-256
RSA key size : 2048 bits
basic constraints : CA=true
key usage : Key Cert Sign, CRL Sign
2019-04-16 14:04:01 VERIFY OK : depth=0
cert. version : 3
serial number : C2:51:EF:A0:DB:9E:59:0B:8B:9E:10:4D:C5:05:0E:1F
issuer name :
subject name :
issued on : 2019-09-14 19:01:31
expires on : 2022-08-29 19:01:31
signed using : RSA with SHA-256
RSA key size : 2048 bits
basic constraints : CA=false
subject alt name : celticvpn.ddns.net
key usage : Digital Signature, Key Encipherment
ext key usage : TLS Web Server Authentication
2019-04-16 14:04:01 SSL Handshake: TLSv1.2/TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384
2019-04-16 14:04:01 Session is ACTIVE
2019-04-16 14:04:01 EVENT: GET_CONFIG
2019-04-16 14:04:01 Sending PUSH_REQUEST to server...
2019-04-16 14:04:01 OPTIONS:
0 [redirect-gateway] [def1]
1 [dhcp-option] [DNS] [192.168.10.251]
2 [comp-lzo] [no]
3 [route] [192.168.255.1]
4 [topology] [net30]
5 [ping] [10]
6 [ping-restart] [60]
7 [ifconfig] [192.168.255.10] [192.168.255.9]
8 [peer-id] [0]
9 [cipher] [AES-256-GCM]
2019-04-16 14:04:01 PROTOCOL OPTIONS:
cipher: AES-256-GCM
digest: SHA1
compress: LZO_STUB
peer ID: 0
2019-04-16 14:04:01 EVENT: ASSIGN_IP
2019-04-16 14:04:01 NIP: preparing TUN network settings
2019-04-16 14:04:01 NIP: init TUN network settings with endpoint: xxx.xxx.xxx.xx
2019-04-16 14:04:01 NIP: adding IPv4 address to network settings 192.168.255.10/255.255.255.252
2019-04-16 14:04:01 NIP: adding (included) IPv4 route 192.168.255.8/30
2019-04-16 14:04:01 NIP: adding (included) IPv4 route 192.168.255.1/32
2019-04-16 14:04:01 NIP: redirecting all IPv4 traffic to TUN interface
2019-04-16 14:04:01 NIP: adding DNS 192.168.10.251
2019-04-16 14:04:01 Connected via NetworkExtensionTUN
2019-04-16 14:04:01 LZO-ASYM init swap=0 asym=1
2019-04-16 14:04:01 Comp-stub init swap=0
2019-04-16 14:04:01 EVENT: CONNECTED xxxxxxx.ddns.net:1194 (xxx.xxx.xxx.xx) via /UDPv4 on NetworkExtensionTUN/192.168.255.10/ gw=[/]
Can anyone help?