I try to connect to my openvpn server on android phone (xiaomi A2 lite) in a debian chroot (linuxdeploy)
It connects ok, I get an ip, and route but i'm unable to ping the server. It says packet filtered.
I tried on android side with this openvpn binary : http://contrib.unmanarc.com/androidvpn/ and exactly the same problem.
The same conf, from the same location works perfectly on linux computer
Code: Select all
route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.8.0.1 10.8.0.49 255.255.255.255 UGH 0 0 0 tun0
10.8.0.49 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 wlan0
Code: Select all
ifconfig tun0
tun0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500
inet 10.8.0.50 netmask 255.255.255.255 destination 10.8.0.49
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 100 (UNSPEC)
RX packets 9 bytes 540 (540.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
Code: Select all
ping 10.8.0.1
PING 10.8.0.1 (10.8.0.1) 56(84) bytes of data.
From 80.10.123.42 icmp_seq=1 Packet filtered (wich is the first gateway of my isp)
Code: Select all
port 1194
proto udp
dev tun0
ca server-eee/ca.crt
cert server-eee/serv.crt
key server-eee/serv.key # This file should be kept secret
dh server-eee/dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
route 10.8.0.0 10.8.0.2 255.255.255.0
client-config-dir ccd/
keepalive 1 5
comp-lzo
persist-key
persist-tun
verb 3
Code: Select all
client
dev tun
proto udp
remote xxx 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client.crt
key client.key
ns-cert-type server
comp-lzo
verb 3
script-security 2
Code: Select all
Fri Nov 30 21:22:24 2018 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
Fri Nov 30 21:22:24 2018 [hdmediaservpn] Peer Connection Initiated with [AF_INET]xxx:1194
Fri Nov 30 21:22:25 2018 SENT CONTROL [hdmediaservpn]: 'PUSH_REQUEST' (status=1)
Fri Nov 30 21:22:25 2018 PUSH: Received control message: 'PUSH_REPLY,route 10.8.0.1,topology net30,ping 1,ping-restart 5,ifconfig 10.8.0.50 10.8.0.49,peer-id 11,cipher AES-256-GCM'
Fri Nov 30 21:22:25 2018 OPTIONS IMPORT: timers and/or timeouts modified
Fri Nov 30 21:22:25 2018 OPTIONS IMPORT: --ifconfig/up options modified
Fri Nov 30 21:22:25 2018 OPTIONS IMPORT: route options modified
Fri Nov 30 21:22:25 2018 OPTIONS IMPORT: peer-id set
Fri Nov 30 21:22:25 2018 OPTIONS IMPORT: adjusting link_mtu to 1625
Fri Nov 30 21:22:25 2018 OPTIONS IMPORT: data channel crypto options modified
Fri Nov 30 21:22:25 2018 Data Channel Encrypt: Cipher 'AES-256-GCM' initialized with 256 bit key
Fri Nov 30 21:22:25 2018 Data Channel Decrypt: Cipher 'AES-256-GCM' initialized with 256 bit key
Fri Nov 30 21:22:25 2018 ROUTE: default_gateway=UNDEF
Fri Nov 30 21:22:25 2018 TUN/TAP device tun0 opened
Fri Nov 30 21:22:25 2018 TUN/TAP TX queue length set to 100
Fri Nov 30 21:22:25 2018 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Fri Nov 30 21:22:25 2018 /sbin/ip link set dev tun0 up mtu 1500
Fri Nov 30 21:22:25 2018 /sbin/ip addr add dev tun0 local 10.8.0.50 peer 10.8.0.49
Fri Nov 30 21:22:25 2018 /sbin/ip route add 10.8.0.1/32 via 10.8.0.49
Fri Nov 30 21:22:25 2018 Initialization Sequence Completed