However, neither of those things work from within iOS on my iPhone using either various SSH-capable terminal apps or the RDP app (I'm using the iOS OpenVPN app to access the VPN). Yet I can, under iOS, ping all the systems I should be able to access, either by IP address or host name (i.e., DNS resolution for the LAN domain appears to be working).
I'm at a loss to figure out what I'm doing wrong and would appreciate some advice. Here's my server.conf file:
server.conf
port [redacted]
proto udp
dev tun
ca /etc/openvpn/server/ca.crt
cert /etc/openvpn/server/mycroft-server.crt
key /etc/openvpn/server/mycroft-server.key
dh /etc/openvpn/server/dh.pem
topology subnet
server 192.168.5.0 255.255.255.0
client-to-client
push "route 192.168.1.0 255.255.255.0 192.168.5.1"
# Set your primary domain name server address for clients; this is in the LAN's
# address space
push "dhcp-option DNS 192.168.1.5"
push "dhcp-option DOMAIN localnet"
# Prevent DNS leaks on Windows
push "block-outside-dns"
cipher AES-256-CBC
tls-version-min 1.2
tls-crypt /etc/openvpn/server/ta.key
tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256:TLS-DHE-RSA-WITH-AES-128-GCM-SHA256:TLS-DHE-RSA-$
auth SHA512
auth-nocache
keepalive 10 60
persist-key
persist-tun
compress lz4
daemon
user nobody
group nogroup
status /etc/openvpn/openvpn-status.log
status-version 3
log-append /var/log/openvpn.log
verb 3
Here's the client-side OVPN file, minus the crypto stuff:
client
client
dev tun
proto udp
remote moose.zapto.org 37639
route 192.168.1.0 255.255.255.0 192.168.5.1
cipher AES-256-CBC
auth SHA512
auth-nocache
tls-version-min 1.2
tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256:TLS-DHE-RSA-WITH-AES-128-GCM-SHA256:TLS-DHE-RSA-$
resolv-retry infinite
compress lz4
nobind
persist-key
persist-tun
mute-replay-warnings
verb 3