openvpn on android (debian chroot) can't ping

Official client software for OpenVPN Access Server and OpenVPN Cloud.
Post Reply
vienfla
OpenVpn Newbie
Posts: 5
Joined: Thu Apr 07, 2011 5:41 pm

openvpn on android (debian chroot) can't ping

Post by vienfla » Fri Nov 30, 2018 8:25 pm

Hello,
I try to connect to my openvpn server on android phone (xiaomi A2 lite) in a debian chroot (linuxdeploy)
It connects ok, I get an ip, and route but i'm unable to ping the server. It says packet filtered.

I tried on android side with this openvpn binary : http://contrib.unmanarc.com/androidvpn/ and exactly the same problem.

The same conf, from the same location works perfectly on linux computer

Code: Select all

route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
10.8.0.1        10.8.0.49       255.255.255.255 UGH   0      0        0 tun0
10.8.0.49       0.0.0.0         255.255.255.255 UH    0      0        0 tun0
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 wlan0

Code: Select all

ifconfig tun0
tun0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST>  mtu 1500
        inet 10.8.0.50  netmask 255.255.255.255  destination 10.8.0.49
        unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  txqueuelen 100  (UNSPEC)
        RX packets 9  bytes 540 (540.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

Code: Select all

ping 10.8.0.1
PING 10.8.0.1 (10.8.0.1) 56(84) bytes of data.
From 80.10.123.42 icmp_seq=1 Packet filtered   (wich is the first gateway of my isp)

Code: Select all

port 1194 
proto udp
dev tun0
ca server-eee/ca.crt
cert server-eee/serv.crt
key server-eee/serv.key  # This file should be kept secret
dh server-eee/dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
route 10.8.0.0 10.8.0.2 255.255.255.0
client-config-dir ccd/
keepalive 1 5
comp-lzo
persist-key
persist-tun
verb 3

Code: Select all

client
dev tun
proto udp
remote xxx 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client.crt
key client.key
ns-cert-type server
comp-lzo
verb 3
script-security 2

Code: Select all

Fri Nov 30 21:22:24 2018 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
Fri Nov 30 21:22:24 2018 [hdmediaservpn] Peer Connection Initiated with [AF_INET]xxx:1194
Fri Nov 30 21:22:25 2018 SENT CONTROL [hdmediaservpn]: 'PUSH_REQUEST' (status=1)
Fri Nov 30 21:22:25 2018 PUSH: Received control message: 'PUSH_REPLY,route 10.8.0.1,topology net30,ping 1,ping-restart 5,ifconfig 10.8.0.50 10.8.0.49,peer-id 11,cipher AES-256-GCM'
Fri Nov 30 21:22:25 2018 OPTIONS IMPORT: timers and/or timeouts modified
Fri Nov 30 21:22:25 2018 OPTIONS IMPORT: --ifconfig/up options modified
Fri Nov 30 21:22:25 2018 OPTIONS IMPORT: route options modified
Fri Nov 30 21:22:25 2018 OPTIONS IMPORT: peer-id set
Fri Nov 30 21:22:25 2018 OPTIONS IMPORT: adjusting link_mtu to 1625
Fri Nov 30 21:22:25 2018 OPTIONS IMPORT: data channel crypto options modified
Fri Nov 30 21:22:25 2018 Data Channel Encrypt: Cipher 'AES-256-GCM' initialized with 256 bit key
Fri Nov 30 21:22:25 2018 Data Channel Decrypt: Cipher 'AES-256-GCM' initialized with 256 bit key
Fri Nov 30 21:22:25 2018 ROUTE: default_gateway=UNDEF
Fri Nov 30 21:22:25 2018 TUN/TAP device tun0 opened
Fri Nov 30 21:22:25 2018 TUN/TAP TX queue length set to 100
Fri Nov 30 21:22:25 2018 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Fri Nov 30 21:22:25 2018 /sbin/ip link set dev tun0 up mtu 1500
Fri Nov 30 21:22:25 2018 /sbin/ip addr add dev tun0 local 10.8.0.50 peer 10.8.0.49
Fri Nov 30 21:22:25 2018 /sbin/ip route add 10.8.0.1/32 via 10.8.0.49
Fri Nov 30 21:22:25 2018 Initialization Sequence Completed
Thank you for any help!

Post Reply