OpenVPN Support Forum

Posted: **Tue Jan 22, 2013 11:14 pm**

Hi,
I have been trying to get openVPN working on my iphone. I have an existing setup that works from Win7 so I am trying the same setup with ios. I copied the required openvpn.ovpn, ca.crt, client.crt and client.key. All import fine. The logs look like the tunnel connects and the user is authorized, but no ip config is displayed and then the connection times out after about 20secs.

I have attached sections of the ios log.

Can anyone help ?

Chris

Code: Select all

2013-01-22 22:50:30 ----- OpenVPN Start -----
2013-01-22 22:50:30 LZO-ASYM init swap=0 asym=0
2013-01-22 22:50:30 EVENT: RESOLVE
2013-01-22 22:50:31 EVENT: WAIT
2013-01-22 22:50:31 Connecting to xxxxxxx.serveftp.com:1194 (86.166.xx.xxx) via UDPv4
2013-01-22 22:50:31 EVENT: CONNECTING
2013-01-22 22:50:32 Tunnel Options:V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client
2013-01-22 22:50:32 Peer Info:
IV_VER=1.0
IV_PLAT=ios
IV_NCP=1
IV_LZO=1

2013-01-22 22:50:32 VERIFY OK: depth=0
cert. version : 3
serial number : 02
issuer name  : C=GB, ST=Worcs, L=Worcester, O=OpenVPN, OU=home, CN=diskstation, 0x29=chris, emailAddress=me@hotmail.com
subject name  : C=GB, ST=Worcs, L=Worcester, O=OpenVPN, CN=server, 0x29=chris, emailAddress=me@hotmail.com
issued  on    : 2012-02-18 22:15:29
expires on    : 2022-02-15 22:15:29
signed using  : RSA+MD5
RSA key size  : 1024 bits

2013-01-22 22:50:32 VERIFY OK: depth=1
cert. version : 3
serial number : F1:60:E7:AE:25:7F:F7:14
issuer name  : C=GB, ST=Worcs, L=Worcester, O=OpenVPN, OU=home, CN=diskstation, 0x29=chris, emailAddress=me@hotmail.com
subject name  : C=GB, ST=Worcs, L=Worcester, O=OpenVPN, OU=home, CN=diskstation, 0x29=chris, emailAddress=me@hotmail.com
issued  on    : 2012-02-18 22:00:27
expires on    : 2022-02-15 22:00:27
signed using  : RSA+SHA1
RSA key size  : 1024 bits

2013-01-22 22:50:32 SSL Handshake: TLSv1.0/SSL-EDH-RSA-AES-256-SHA
2013-01-22 22:50:32 Session is ACTIVE
2013-01-22 22:50:32 LZO-ASYM init swap=0 asym=0
2013-01-22 22:50:32 Tunnel Options:V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client
2013-01-22 22:50:32 Peer Info:
IV_VER=1.0
IV_PLAT=ios
IV_NCP=1
IV_LZO=1

....repeat lots of times ~20sec

then


2013-01-21 23:59:57 SSL Handshake: TLSv1.0/SSL-EDH-RSA-AES-256-SHA
2013-01-21 23:59:57 Session is ACTIVE
2013-01-21 23:59:57 LZO-ASYM init swap=0 asym=0
2013-01-21 23:59:57 Tunnel Options:V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client
2013-01-21 23:59:57 Peer Info:
IV_VER=1.0
IV_PLAT=ios
IV_NCP=1
IV_LZO=1

2013-01-21 23:59:57 VERIFY OK: depth=0
cert. version : 3
serial number : 02
issuer name  : C=GB, ST=Worcs, L=Worcester, O=OpenVPN, OU=home, CN=diskstation, 0x29=chris, emailAddress=me@hotmail.com
subject name  : C=GB, ST=Worcs, L=Worcester, O=OpenVPN, CN=server, 0x29=chris, emailAddress=me@hotmail.com
issued  on    : 2012-02-18 22:15:29
expires on    : 2022-02-15 22:15:29
signed using  : RSA+MD5
RSA key size  : 1024 bits

2013-01-21 23:59:57 VERIFY OK: depth=1
cert. version : 3
serial number : F1:60:E7:AE:25:7F:F7:14
issuer name  : C=GB, ST=Worcs, L=Worcester, O=OpenVPN, OU=home, CN=diskstation, 0x29=chris, emailAddress=me@hotmail.com
subject name  : C=GB, ST=Worcs, L=Worcester, O=OpenVPN, OU=home, CN=diskstation, 0x29=chris, emailAddress=me@hotmail.com
issued  on    : 2012-02-18 22:00:27
expires on    : 2022-02-15 22:00:27
signed using  : RSA+SHA1
RSA key size  : 1024 bits

2013-01-21 23:59:58 Sending PUSH_REQUEST to server...
2013-01-22 00:00:01 Sending PUSH_REQUEST to server...
2013-01-22 00:00:04 Sending PUSH_REQUEST to server...
2013-01-22 00:00:07 Sending PUSH_REQUEST to server...
2013-01-22 00:00:10 Sending PUSH_REQUEST to server...
2013-01-22 00:00:12 EVENT: CONNECTION_TIMEOUT [ERR]
2013-01-22 00:00:12 EVENT: DISCONNECTED
2013-01-22 00:00:12 Raw stats on disconnect:
  BYTES_IN : 11176
  BYTES_OUT : 7870
  PACKETS_IN : 108
  PACKETS_OUT : 108
  CONNECTION_TIMEOUT : 1
2013-01-22 00:00:12 Performance stats on disconnect:
  CPU usage (microseconds): 514133
  Network bytes per CPU second: 37044
  Tunnel bytes per CPU second: 0
2013-01-22 00:00:12 ----- OpenVPN Stop -----
2013-01-22 00:00:12 EVENT: DISCONNECT_PENDING

Posted: **Wed Jan 23, 2013 8:20 am**

Do you have

Code: Select all

reneg-sec 0

in your openvpn.ovpn file?

If so, try to remove it or write

Code: Select all

reneg-sec 3600

it's a kind of endless loop...

Posted: **Wed Jan 23, 2013 11:33 am**

Awesome thanks ....

Works perfectly now

Posted: **Mon Mar 11, 2013 5:12 am**

an error occured after I ON the connection. Below are the details:

2013-03-08 16:45:48 ----- OpenVPN Start -----
2013-03-08 16:45:48 LZO-ASYM init swap=0 asym=0
2013-03-08 16:45:48 EVENT: RESOLVE
2013-03-08 16:45:48 EVENT: WAIT
2013-03-08 16:45:48 Connecting to 175.136.235.172:1194 (175.136.235.172) via UDPv4
2013-03-08 16:45:48 EVENT: CONNECTING
2013-03-08 16:45:48 Tunnel Options:V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher AES-192-CBC,auth SHA1,keysize 192,key-method 2,tls-client
2013-03-08 16:45:48 Peer Info:
IV_VER=1.0
IV_PLAT=ios
IV_NCP=1
IV_LZO=1

2013-03-08 16:45:49 VERIFY OK: depth=0
cert. version : 3
serial number : 01
issuer name : C=MY, ST=WP, L=KL, O=SCS, OU=SPDIV, CN=SCS CA, emailAddress=wismail@scs.my
subject name : C=MY, ST=WP, O=SCS, OU=SPDIV, CN=gpecFWx.nc2.mil
issued on : 2011-06-25 12:43:17
expires on : 2027-05-06 03:17:57
signed using : RSA+MD5
RSA key size : 1024 bits

2013-03-08 16:45:49 VERIFY OK: depth=1
cert. version : 3
serial number : C1:39:A4:71:42:2B:58:FF
issuer name : C=MY, ST=WP, L=KL, O=SCS, OU=SPDIV, CN=SCS CA, emailAddress=wismail@scs.my
subject name : C=MY, ST=WP, L=KL, O=SCS, OU=SPDIV, CN=SCS CA, emailAddress=wismail@scs.my
issued on : 2011-06-25 12:43:17
expires on : 2027-05-06 03:17:57
signed using : RSA+MD5
RSA key size : 2048 bits

2013-03-08 16:46:18 EVENT: CONNECTION_TIMEOUT [ERR]
2013-03-08 16:46:18 EVENT: DISCONNECTED
2013-03-08 16:46:18 Raw stats on disconnect:
BYTES_IN : 3178
BYTES_OUT : 3681
PACKETS_IN : 31
PACKETS_OUT : 46
CONNECTION_TIMEOUT : 1
2013-03-08 16:46:18 Performance stats on disconnect:
CPU usage (microseconds): 265582
Network bytes per CPU second: 25826
Tunnel bytes per CPU second: 0
2013-03-08 16:46:18 ----- OpenVPN Stop -----
2013-03-08 16:46:18 EVENT: DISCONNECT_PENDING

Posted: **Mon Jul 08, 2013 8:56 pm**

I am also getting this same error:

2013-07-08 21:22:10 ----- OpenVPN Start -----
2013-07-08 21:22:10 LZO-ASYM init swap=0 asym=0
2013-07-08 21:22:10 EVENT: RESOLVE
2013-07-08 21:22:11 Contacting 82.44.229.189:1194 via UDP
2013-07-08 21:22:11 EVENT: WAIT
2013-07-08 21:22:11 Connecting to mudpirate.com:1194 (82.44.229.189) via UDPv4
2013-07-08 21:22:12 EVENT: CONNECTING
2013-07-08 21:22:12 Tunnel Options:V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client
2013-07-08 21:22:12 Peer Info:
IV_VER=1.0
IV_PLAT=ios
IV_NCP=1
IV_LZO=1

2013-07-08 21:22:13 VERIFY OK: depth=0
cert. version : 3
serial number : 01
issuer name : C=UK, ST=LN, L=London, O=OpenVPN, CN=server, emailAddress=mail@host.domain
subject name : C=UK, ST=LN, O=OpenVPN, CN=server, emailAddress=mail@host.domain
issued on : 2013-07-08 13:08:04
expires on : 2023-07-06 13:08:04
signed using : RSA+MD5
RSA key size : 2048 bits

2013-07-08 21:22:13 VERIFY OK: depth=1
cert. version : 3
serial number : FE:42:CF:A3:FF:09:55:41
issuer name : C=UK, ST=LN, L=London, O=OpenVPN, CN=server, emailAddress=mail@host.domain
subject name : C=UK, ST=LN, L=London, O=OpenVPN, CN=server, emailAddress=mail@host.domain
issued on : 2013-07-08 13:07:32
expires on : 2023-07-06 13:07:32
signed using : RSA+SHA1
RSA key size : 2048 bits

2013-07-08 21:22:54 Session invalidated
2013-07-08 21:22:54 Client terminated, restarting in 2...
2013-07-08 21:22:56 EVENT: RECONNECTING
2013-07-08 21:22:56 LZO-ASYM init swap=0 asym=0
2013-07-08 21:22:56 EVENT: RESOLVE
2013-07-08 21:22:56 Contacting 82.44.229.189:1194 via UDP
2013-07-08 21:22:56 EVENT: WAIT
2013-07-08 21:22:56 Connecting to mudpirate.com:1194 (82.44.229.189) via UDPv4
2013-07-08 21:22:56 EVENT: CONNECTING
2013-07-08 21:22:56 Tunnel Options:V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client
2013-07-08 21:22:56 Peer Info:
IV_VER=1.0
IV_PLAT=ios
IV_NCP=1
IV_LZO=1

2013-07-08 21:22:57 VERIFY OK: depth=0
cert. version : 3
serial number : 01
issuer name : C=UK, ST=LN, L=London, O=OpenVPN, CN=server, emailAddress=mail@host.domain
subject name : C=UK, ST=LN, O=OpenVPN, CN=server, emailAddress=mail@host.domain
issued on : 2013-07-08 13:08:04
expires on : 2023-07-06 13:08:04
signed using : RSA+MD5
RSA key size : 2048 bits

2013-07-08 21:22:57 VERIFY OK: depth=1
cert. version : 3
serial number : FE:42:CF:A3:FF:09:55:41
issuer name : C=UK, ST=LN, L=London, O=OpenVPN, CN=server, emailAddress=mail@host.domain
subject name : C=UK, ST=LN, L=London, O=OpenVPN, CN=server, emailAddress=mail@host.domain
issued on : 2013-07-08 13:07:32
expires on : 2023-07-06 13:07:32
signed using : RSA+SHA1
RSA key size : 2048 bits

2013-07-08 21:23:10 EVENT: CONNECTION_TIMEOUT [ERR]
2013-07-08 21:23:10 EVENT: DISCONNECTED
2013-07-08 21:23:10 Raw stats on disconnect:
BYTES_IN : 7476
BYTES_OUT : 14926
PACKETS_IN : 71
PACKETS_OUT : 99
KEEPALIVE_TIMEOUT : 1
CONNECTION_TIMEOUT : 1
N_RECONNECT : 1
2013-07-08 21:23:10 Performance stats on disconnect:
CPU usage (microseconds): 899843
Network bytes per CPU second: 24895
Tunnel bytes per CPU second: 0
2013-07-08 21:23:10 ----- OpenVPN Stop -----
2013-07-08 21:23:10 EVENT: DISCONNECT_PENDING

This is my OVPN config:

##############################################
client
dev tun
proto udp
remote mudpirate.com 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ns-cert-type server
cipher bf-cbc
comp-lzo
verb 3
mute 20
reneg-sec 3600
<ca>
-----BEGIN CERTIFICATE-----
****cert***
-----END CERTIFICATE-----
</ca>
mssfix 1450
<key>
-----BEGIN RSA PRIVATE KEY-----
***key***
</key>
<cert>
-----BEGIN CERTIFICATE-----
***cert***
-----END CERTIFICATE-----
</cert>
##############################################

Any ideas?

Posted: **Wed Jul 16, 2014 10:44 pm**

Hi all, I'm having the some problem as habibi and lewisco above. I get a connection timeout error when I try to connect.

I'm running openVPN on my IPcop 2.1.5 firewall. I'm trying to connect using my iPhone 4 running iOS 7 on the Verizon network.

I'm not sure what's going on, any help would be much appreciated.

My ovpn file:

Code: Select all

#OpenVPN Server conf
tls-client
client
dev tun
proto udp
tun-mtu 1400
remote ******.dyndns.biz 1194

<ca>
-----BEGIN CERTIFICATE-----
MIIDlDCCAnygAwIBAb3..................etc.
-----END CERTIFICATE-----
</ca>

cipher BF-CBC
comp-lzo
verb 3
ns-cert-type server

openvpn connection log:

Code: Select all

2014-07-16 17:55:30 ----- OpenVPN Start (iOS 32-bit) -----
2014-07-16 17:55:30 UNUSED OPTIONS
0 [tls-client]
9 [verb] [3]

2014-07-16 17:55:30 LZO-ASYM init swap=0 asym=0
2014-07-16 17:55:30 EVENT: RESOLVE
2014-07-16 17:55:40 Server poll timeout, trying next remote entry...
2014-07-16 17:55:40 EVENT: RECONNECTING
2014-07-16 17:55:40 LZO-ASYM init swap=0 asym=0
2014-07-16 17:55:40 EVENT: RESOLVE
2014-07-16 17:55:48 EVENT: DISCONNECTED
2014-07-16 17:56:02 Raw stats on disconnect:
  N_RECONNECT : 1
2014-07-16 17:56:02 Performance stats on disconnect:
  CPU usage (microseconds): 20329
  Network bytes per CPU second: 0
  Tunnel bytes per CPU second: 0
2014-07-16 17:56:02 ----- OpenVPN Stop -----
2014-07-16 17:56:02 NET Internet:ReachableViaWWAN/WR t----l-
2014-07-16 17:56:02 NET WiFi:NotReachable/WR t------
2014-07-16 17:56:07 ----- OpenVPN Start (iOS 32-bit) -----
2014-07-16 17:56:07 UNUSED OPTIONS
0 [tls-client]
9 [verb] [3]

2014-07-16 17:56:07 LZO-ASYM init swap=0 asym=0
2014-07-16 17:56:07 EVENT: RESOLVE
2014-07-16 17:56:07 Contacting ***.***.16.108:1194 via UDP
2014-07-16 17:56:07 EVENT: WAIT
2014-07-16 17:56:07 Connecting to ******.dyndns.biz:1194 (***.***.16.108) via UDPv4
2014-07-16 17:56:07 EVENT: CONNECTING
2014-07-16 17:56:07 Tunnel Options:V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client
2014-07-16 17:56:07 Peer Info:
IV_GUI_VER=net.openvpn.connect.ios 1.0.4-140
IV_VER=3.0
IV_PLAT=ios
IV_NCP=1
IV_LZO=1

2014-07-16 17:56:07 VERIFY OK: depth=1
cert. version : 3
serial number : B8:4D:0E:33:29:6E:70:9F
issuer name  : C=US, O=MetaDesign, CN=MetaDesign CA
subject name  : C=US, O=MetaDesign, CN=MetaDesign CA
issued  on    : 2014-07-13 14:04:05
expires on    : 2029-07-13 14:04:05
signed using  : RSA+SHA1
RSA key size  : 2048 bits

2014-07-16 17:56:07 VERIFY OK: depth=0
cert. version : 3
serial number : 01
issuer name  : C=US, O=MetaDesign, CN=MetaDesign CA
subject name  : C=US, O=MetaDesign, CN=nwp.dyndns.biz
issued  on    : 2014-07-13 14:04:05
expires on    : 2029-07-13 14:04:05
signed using  : RSA+MD5
RSA key size  : 1024 bits

2014-07-16 17:56:47 Session invalidated: KEEPALIVE_TIMEOUT
2014-07-16 17:56:47 Client terminated, restarting in 2...
2014-07-16 17:56:49 EVENT: RECONNECTING
2014-07-16 17:56:49 LZO-ASYM init swap=0 asym=0
2014-07-16 17:56:49 EVENT: RESOLVE
2014-07-16 17:56:49 Contacting ***.***.16.108:1194 via UDP
2014-07-16 17:56:49 EVENT: WAIT
2014-07-16 17:56:49 Connecting to *****.dyndns.biz:1194 (***.***.16.108) via UDPv4
2014-07-16 17:56:49 EVENT: CONNECTING
2014-07-16 17:56:49 Tunnel Options:V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client
2014-07-16 17:56:50 Peer Info:
IV_GUI_VER=net.openvpn.connect.ios 1.0.4-140
IV_VER=3.0
IV_PLAT=ios
IV_NCP=1
IV_LZO=1

2014-07-16 17:56:50 VERIFY OK: depth=1
cert. version : 3
serial number : B8:4D:0E:33:29:6E:70:9F
issuer name  : C=US, O=MetaDesign, CN=MetaDesign CA
subject name  : C=US, O=MetaDesign, CN=MetaDesign CA
issued  on    : 2014-07-13 14:04:05
expires on    : 2029-07-13 14:04:05
signed using  : RSA+SHA1
RSA key size  : 2048 bits

2014-07-16 17:56:50 VERIFY OK: depth=0
cert. version : 3
serial number : 01
issuer name  : C=US, O=MetaDesign, CN=MetaDesign CA
subject name  : C=US, O=MetaDesign, CN=nwp.dyndns.biz
issued  on    : 2014-07-13 14:04:05
expires on    : 2029-07-13 14:04:05
signed using  : RSA+MD5
RSA key size  : 1024 bits

2014-07-16 17:57:07 EVENT: CONNECTION_TIMEOUT [ERR]
2014-07-16 17:57:07 EVENT: DISCONNECTED
2014-07-16 17:57:07 Raw stats on disconnect:
  BYTES_IN : 5492
  BYTES_OUT : 8576
  PACKETS_IN : 52
  PACKETS_OUT : 81
  KEEPALIVE_TIMEOUT : 1
  CONNECTION_TIMEOUT : 1
  N_RECONNECT : 1
2014-07-16 17:57:07 Performance stats on disconnect:
  CPU usage (microseconds): 284162
  Network bytes per CPU second: 49506
  Tunnel bytes per CPU second: 0
2014-07-16 17:57:07 ----- OpenVPN Stop -----
2014-07-16 17:57:07 EVENT: DISCONNECT_PENDING

Posted: **Thu Oct 08, 2015 8:43 pm**

I'm having the same problem. I had an iPhone 4s which worked fine. I've upgraded to an iPhone 6, and now the same configuration doesn't work, it just times out as described above.

I've tried both with tls-remote in the configuration, and commenting that line out.

Here's my configuration:

Code: Select all

client
dev tun
proto udp
remote <host 1> 1194
remote <host 2> 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca <company-cert>
cert <username>.pem
key <username>.key
cipher AES-128-CBC
comp-lzo
verb 3

Thanks for any ideas.

OpenVPN Support Forum

Connection Timeout

Connection Timeout

Re: Connection Timeout

Re: Connection Timeout

Re: Connection Timeout

Re: Connection Timeout

Re: Connection Timeout

Re: Connection Timeout