my environment:
pfSense: 2.4.5_1 (up2date)
iOS: 13.5.1 (up2date)
openVPN-App: 3.2.0 (up2date)
I've been using VPN-on-demand profiles (imported with .mobileconfig) for a long time now on many iOS devices. But since the app-update to 3.2.0 all vpn-on-demand connections stoped working. I use(d) both, udp and tcp connections. Both stopped working. What i can see on pfSense is not much:
Code: Select all
Jul 10 11:16:51 openvpn 15873 80.187.x.x:4926 TLS Error: incoming packet authentication failed from [AF_INET]80.187.x.x:4926
Jul 10 11:16:51 openvpn 15873 80.187.x.x:4926 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #1 / time = (1594372607) Fri Jul 10 11:16:47 2020 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Jul 10 11:16:51 openvpn 15873 80.187.x.x:4926 PID_ERR replay [0] [TLS_WRAP-0] [0] 1594372607:1 1594372607:1 t=1594372611[0] r=[0,64,15,0,1] sl=[63,1,64,528]
Jul 10 11:16:51 openvpn 15873 80.187.x.x:4926 TLS: Initial packet from [AF_INET]80.187.x.x:4926, sid=b245ec54 567c1176
Jul 10 11:16:51 openvpn 15873 80.187.x.x:4926 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1550,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher AES-256-GCM,auth [null-digest],keysize 256,tls-auth,key-method 2,tls-client'
Jul 10 11:16:51 openvpn 15873 80.187.x.x:4926 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1550,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 0,cipher AES-256-GCM,auth [null-digest],keysize 256,tls-auth,key-method 2,tls-server'
Question 2: what changed from 3.1.2 => 3.2.0 that could cause these problems?
I'm a bit lost right now... without logs on the device-side it is almost impossible to investigate any further...
Thanks in advance