Connect via vpn - wrong ip address and can not connect via ssh

[duskohu]

Hi I have openvpn client on my android
openvpn client v: 3.2.4.(5891)
when I connect to server I do not have problem, see log,
I can ping server ip from android and also can ping android ip from server

but when I use show my ip server, ip is from my internet provider not from my vpn server,
and also when i Try connect to server via ssh (juiceSSH, termius) I can not connect, to another servers out of vpn I can connect

Can someone help me with this problem?
thx.


[olog]
11:53:50.292 -- ----- OpenVPN Start -----

11:53:50.292 -- EVENT: CORE_THREAD_ACTIVE

11:53:50.297 -- OpenVPN core 3.git:released:662eae9a:Release android arm64 64-bit PT_PROXY

11:53:50.297 -- Frame=512/2048/512 mssfix-ctrl=1250

11:53:50.300 -- UNUSED OPTIONS
9 [auth-nocache]
11 [tls-cipher] [TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC...]
12 [resolv-retry] [infinite]
14 [nobind]
15 [persist-key]
16 [persist-tun]
17 [mute-replay-warnings]
18 [verb] [3]

11:53:50.301 -- EVENT: RESOLVE

11:53:50.309 -- Contacting server-ip:1194 via UDP

11:53:50.309 -- EVENT: WAIT

11:53:50.318 -- Connecting to [server-ip]:1194 (server-ip) via UDPv4

11:53:50.529 -- EVENT: CONNECTING

11:53:50.531 -- Tunnel Options:V4,dev-type tun,link-mtu 1602,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-256-CBC,auth SHA512,keysize 256,key-method 2,tls-client

11:53:50.531 -- Creds: UsernameEmpty/PasswordEmpty

11:53:50.532 -- Peer Info:
IV_VER=3.git:released:662eae9a:Release
IV_PLAT=android
IV_NCP=2
IV_TCPNL=1
IV_PROTO=2
IV_LZO_STUB=1
IV_COMP_STUB=1
IV_COMP_STUBv2=1
IV_AUTO_SESS=1
IV_GUI_VER=net.openvpn.connect.android_3.2.4-5891
IV_SSO=openurl


11:53:50.652 -- VERIFY OK: depth=0, /CN=server

11:53:51.035 -- SSL Handshake: CN=jserver, TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, 2048 bit RSA

11:53:51.036 -- Session is ACTIVE

11:53:51.037 -- EVENT: GET_CONFIG

11:53:51.042 -- Sending PUSH_REQUEST to server...

11:53:51.096 -- OPTIONS:
0 [route] [12.12.0.0] [255.255.255.0]
1 [topology] [net30]
2 [ping] [20]
3 [ping-restart] [60]
4 [ifconfig] [12.12.0.21] [12.12.0.22]
5 [peer-id] [2]
6 [cipher] [AES-256-GCM]


11:53:51.097 -- PROTOCOL OPTIONS:
cipher: AES-256-GCM
digest: NONE
compress: COMP_STUB
peer ID: 2

11:53:51.097 -- EVENT: ASSIGN_IP

11:53:51.146 -- Connected via tun

11:53:51.146 -- LZO-ASYM init swap=0 asym=1

11:53:51.146 -- Comp-stub init swap=1

11:53:51.156 -- EVENT: CONNECTED info='server-ip:1194 (server-ip) via /UDPv4 on tun/12.12.0.21/ gw=[12.12.0.22/]'

[/olog]

View OriginalClient Config

client
dev tun
proto udp
remote server-ip 1194
ca ca.crt
cert testmob.crt
key testmob.key
cipher AES-256-CBC
auth SHA512
auth-nocache
tls-version-min 1.2
tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256:TLS-DHE-RSA-WITH-AES-128-GCM-SHA256:TLS-DHE-RSA-WITH-AES-128-CBC-SHA256
resolv-retry infinite
compress lz4
nobind
persist-key
persist-tun
mute-replay-warnings
verb 3

View OriginalServer Config

port 1194
proto udp
dev tun
ca /etc/openvpn/server/ca.crt
cert /etc/openvpn/server/server.crt
key /etc/openvpn/server/server.key
dh /etc/openvpn/server/dh.pem
server 12.12.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
duplicate-cn
cipher AES-256-CBC
tls-version-min 1.2
tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256:TLS-DHE-RSA-WITH-AES-128-GCM-SHA256:TLS-DHE-RSA-WITH-AES-128-CBC-SHA256
auth SHA512
auth-nocache
keepalive 20 60
persist-key
persist-tun
compress lz4
daemon
user nobody
group nogroup
log-append /var/log/openvpn.log
verb 3
status /var/log/openvpn-status.log
client-config-dir ccd
client-to-client
explicit-exit-notify 1

View OriginalClient Config in ccd for testmob

ifconfig-push 12.12.0.21 12.12.0.22

[TinCanTech]

ip is from my internet provider not from my vpn server

Because you have not read the Howto.

https://community.openvpn.net/openvpn/w ... oughtheVPN

[duskohu]

ip is from my internet provider not from my vpn server

Because you have not read the Howto.

https://community.openvpn.net/openvpn/w ... oughtheVPN

@TinCanTech thx, for info,
1. why when I not enable this configuration, then on my computer I use vpn server for internet communication?
2. this configuration not solved my problem with connect via ssh

[openvpn_inc]

I'm not going to try to address the whole thing, but I want to talk about these:

Hi I have openvpn client on my android
(snip)

View OriginalServer Config

server 12.12.0.0 255.255.255.0

View OriginalClient Config in ccd for testmob

ifconfig-push 12.12.0.21 12.12.0.22

12.12.0.0/17 is allocated to Alascom, Inc. of Anchorage, Alaska USA. If this is not you, do not attempt to steal their IP space. RFC 1918 exists to provide network space to be usable by anyone.

See also --topology in the manual. Please, let's let "net30" rest in peace. In A.D. 2021 there is no excuse for anyone to be using net30.

As TinCanTech said, the howto is a very good idea. Good luck, regards, rob0