I did all necessary configuration to access my openvpn server, the openvpn app on Iphone, tell me that I am conected on the server, but you couldn't do nothing. I can't navigate, I can access my server behind the vpn.... nothing... absolutely nothing...
When I try to login through Windows it works perfectly.
I'll put straight bellow all my configuration, please, anyone, HELP ME TO MAKE IT WORK, PLEASE!!!
###SERVER###
Code: Select all
; daemon configuration
daemon
mode server
tls-server
proto udp
port 1194
multihome
user openvpn
group openvpn
cd /var/openvpn
client-config-dir clients
script-security 2 system
; tunnel configuration
topology subnet
push "topology subnet"
dev tap0
; bridge to GREEN
server-bridge 192.168.200.254 255.255.255.0 192.168.200.10 192.168.200.49
push "route-gateway 192.168.200.254"
push "route 192.168.200.0 255.255.255.0"
passtos
comp-lzo
management 127.0.0.1 5555
keepalive 8 30
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
persist-key
persist-tun
persist-local-ip
persist-remote-ip
; logging and status
writepid /var/run/openvpn/openvpn.pid
ifconfig-pool-persist openvpn.leases
status /var/log/openvpn/openvpn-status.log
verb 1
client-connect "/usr/local/bin/dir.d-exec /etc/openvpn/client-connect.d/"
client-disconnect "/usr/local/bin/dir.d-exec /etc/openvpn/client-disconnect.d/"
; certificates and authentication
dh /var/efw/openvpn/dh1024.pem
pkcs12 /var/efw/openvpn/pkcs12.p12
client-cert-not-required
auth-user-pass-verify "/usr/bin/openvpn-auth" via-file
username-as-common-name
client-to-client
Code: Select all
dev tun
tls-client
remote XXX.XXX.XXX.XXX 1194
# If redirect-gateway is enabled, the client will redirect it's
# default network gateway through the VPN.
# It means the VPN connection will firstly connect to the VPN Server
# and then to the internet.
# (Please refer to the manual of OpenVPN for more information.)
redirect-gateway
# get settings from the server
pull
# Most clients don't need to bind to
# a specific local port number.
nobind
redirect-gateway
# Keep trying indefinitely to resolve the
# host name of the OpenVPN server. Very useful
# on machines which are not permanently connected
# to the internet such as laptops.
resolv-retry infinite
# Try to preserve some state across restarts.
persist-key
persist-tun
persist-remote-ip
#Try to keep the connection alive
ping 10
ping-restart 300
proto udp
script-security 3
# Required Certificates
<ca>
-----BEGIN CERTIFICATE-----
...
TcwWojq7L9D70Abc81U28ZRgYZAGqKg9J/7woiWKXp/+Abibks2m9pPCgkwCbuD2
...
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
...
ADAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUw
...
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN RSA PRIVATE KEY-----
...
AoGAOqcboJ8gkSZOZ4j7WSNnE2iPBfKzwEVMUuywzBctAy98mBh0CqQwW190H3ff
...
-----END RSA PRIVATE KEY-----
</key>
#Enable Compression
comp-lzo
cipher BF-CBC # Blowfish (default)
#remote-cert-tls server
#ns-cert-type server
#tls-auth ta.key 1
#Renegotiate Security every N Seconds
#reneg-sec 0
reneg-sec 3600
#Require Username-Password to login
auth-user-pass
verb 3
tun-mtu 1500
key-direction 0
####LOG OPENVPN ON ENDIAN SERVER#####
Code: Select all
OpenVPN
2013-03-25 22:02:19
openvpn[18556]: xxx.xxx.xxx.xxx:64061 LZO compression initialized
OpenVPN
2013-03-25 22:02:24
openvpn[18556]: xxx.xxx.xxx.xxx:64061 WARNING: "dev-type" is used inconsistently, local="dev-type tap", remote="dev-type tun"
OpenVPN
2013-03-25 22:02:24
openvpn[18556]: xxx.xxx.xxx.xxx:64061 WARNING: "link-mtu" is used inconsistently, local="link-mtu 1574", remote="link-mtu 1542"
OpenVPN
2013-03-25 22:02:24
openvpn[18556]: xxx.xxx.xxx.xxx:64061 WARNING: "tun-mtu" is used inconsistently, local="tun-mtu 1532", remote="tun-mtu 1500"
OpenVPN
2013-03-25 22:02:24
openvpn[18556]: xxx.xxx.xxx.xxx:64061 WARNING: "keydir" is present in remote config but missing in local config, remote="keydir 1"
OpenVPN
2013-03-25 22:02:24
openvpn[18556]: xxx.xxx.xxx.xxx:64061 [teste] Peer Connection Initiated with xxx.xxx.xxx.xxx:64061 (via 192.168.254.250)
Thank you!