tls-auth does not connect

Official client software for OpenVPN Access Server and OpenVPN Cloud.
Post Reply
awoolford
OpenVpn Newbie
Posts: 9
Joined: Mon May 19, 2014 5:47 am

tls-auth does not connect

Post by awoolford » Fri Sep 25, 2015 10:10 pm

I have recently implemented tls-auth on my Openvpn server (linux) and clients (windows, linux and iOS).

All my clients connect except for my iOS clients.

Prior to adding the tls-auth inline key everything was working fine. Now the Openvpn client cannot connect. It gets as far as 152.00B in and out, then all packets stop. Eventually the connection sequence times out.

The tls-auth works fine on all other clients. The key was generated on the linux server using the command:

openvpn --genkey --secret ta.key

The contents of the key are copied and pasted inline between the <tls-auth> ... </tls-auth> tags.

The ovpn file looks like this:

=========ios.ovpn========

Code: Select all

######################
# OpenVPN 2.0 config file #
# Inline Certificate method #
######################
client
tun-mtu 1500
mssfix 1325
proto tcp
remote my_domain.com 443
resolv-retry infinite
nobind
persist-key
persist-tun
# ca [inline]
# cert [inline]
# key [inline]
# tls-auth [inline]
ns-cert-type server
keepalive 10 900
inactive 3600
comp-lzo
verb 1
key-direction 1
<ca>
-----BEGIN CERTIFICATE-----
***
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
***
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
***
-----END PRIVATE KEY-----
</key>
<tls-auth>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
***
-----END OpenVPN Static key V1-----
</tls-auth>
Any ideas what I am doing wrong??

Many thanks.
Top
anyall
OpenVpn Newbie
Posts: 3
Joined: Sun Sep 27, 2015 7:15 am

Re: tls-auth does not connect

Post by anyall » Sun Sep 27, 2015 7:20 am

Same pb with TLS-AUTH, however only with the protocol TCP in OpenVPN iOS.
With the protocol UDP, it's OK.

In Windows, it's OK with the 2 protocols.
Top
anyall
OpenVpn Newbie
Posts: 3
Joined: Sun Sep 27, 2015 7:15 am

Re: tls-auth does not connect

Post by anyall » Sun Oct 25, 2015 10:02 am

Hello,

OpenVPN on Windows (v2.3.8) normally works with UDP and TCP protocols and the TLS-AUTH command.

OpenVPN Connect iOS (V1.0.5) normally works with UDP protocol and the TLS-AUTH command but not with TCP on a 3G or 4G or on my LAN Wifi.

The only way to make it work is to remove the TLS-AUTH command on the server (Synology NAS) and the iOS client (and the Windows client too).

I do not understand this difference in operation ...
Top
anyall
OpenVpn Newbie
Posts: 3
Joined: Sun Sep 27, 2015 7:15 am

Re: tls-auth does not connect

Post by anyall » Mon Oct 26, 2015 10:20 am

Hello,

I solved my problem by changing the IP version on the OpenVPN Server (Synology NAS).
I modified the directive "tcp6 proto-server" to "proto tcp-server".

Using only IPv4, the directive "tls-auth" normally runs on iOS.

Note that in IPV6 + UDP ("proto udp6"), it was also OK on iOS ...
Top
Post Reply

Return to “OpenVPN Connect (iOS)”