OpenVPN Support Forum

Posted: **Wed Feb 19, 2014 9:04 pm**

Trying for hours. I nedd your Helpv

plz.

Here is what i done:

remote xxxxxxx.no-ip.biz
dev tun0
ifconfig 10.0.0.2 10.0.0.1
secret static.key

I can Ping the 10.0.0.2 but not the 10.0.0.1. Under Windows, it works.

The only idication for an error is:
WARNING: 'ifconfig' is used inconsistently, local='ifconfig 10.0.0.2 255.255.255.255', remote='ifconfig 10.0.0.2 10.0.0.1'

Andy idea, please?????

The whole log is:
2014-02-19 21:47:03 Modell Nexus 4 (MAKO) Google, Android API 18, version 0.6.9a, offizielle Version
2014-02-19 21:47:06 Generiere OpenVPN Konfiguration…
2014-02-19 21:47:08 started Socket Thread
2014-02-19 21:47:08 P:Initializing Google Breakpad!
2014-02-19 21:47:08 Current Parameter Settings:
2014-02-19 21:47:08 config = '/data/data/de.blinkt.openvpn/cache/android.conf'
2014-02-19 21:47:08 mode = 0
2014-02-19 21:47:08 show_ciphers = DISABLED
2014-02-19 21:47:08 show_digests = DISABLED
2014-02-19 21:47:08 show_engines = DISABLED
2014-02-19 21:47:08 genkey = DISABLED
2014-02-19 21:47:08 key_pass_file = '[UNDEF]'
2014-02-19 21:47:08 show_tls_ciphers = DISABLED
2014-02-19 21:47:08 connect_retry_max = 5
2014-02-19 21:47:08 Connection profiles [0]:
2014-02-19 21:47:08 proto = udp
2014-02-19 21:47:08 local = '[UNDEF]'
2014-02-19 21:47:08 local_port = '1194'
2014-02-19 21:47:08 remote = 'xxxxxxxx.no-ip.biz'
2014-02-19 21:47:08 remote_port = '1194'
2014-02-19 21:47:08 remote_float = DISABLED
2014-02-19 21:47:08 bind_defined = DISABLED
2014-02-19 21:47:08 bind_local = ENABLED
2014-02-19 21:47:08 bind_ipv6_only = DISABLED
2014-02-19 21:47:08 connect_retry_seconds = 5
2014-02-19 21:47:08 connect_timeout = 10
2014-02-19 21:47:08 socks_proxy_server = '[UNDEF]'
2014-02-19 21:47:08 socks_proxy_port = '[UNDEF]'
2014-02-19 21:47:08 socks_proxy_retry = DISABLED
2014-02-19 21:47:08 tun_mtu = 1500
2014-02-19 21:47:08 tun_mtu_defined = ENABLED
2014-02-19 21:47:08 link_mtu = 1500
2014-02-19 21:47:08 link_mtu_defined = DISABLED
2014-02-19 21:47:08 tun_mtu_extra = 0
2014-02-19 21:47:08 tun_mtu_extra_defined = DISABLED
2014-02-19 21:47:08 mtu_discover_type = -1
2014-02-19 21:47:08 fragment = 0
2014-02-19 21:47:08 mssfix = 1450
2014-02-19 21:47:08 explicit_exit_notification = 0
2014-02-19 21:47:08 Connection profiles END
2014-02-19 21:47:08 remote_random = DISABLED
2014-02-19 21:47:08 ipchange = '[UNDEF]'
2014-02-19 21:47:08 dev = 'tun'
2014-02-19 21:47:08 dev_type = '[UNDEF]'
2014-02-19 21:47:08 dev_node = '[UNDEF]'
2014-02-19 21:47:08 lladdr = '[UNDEF]'
2014-02-19 21:47:08 topology = 1
2014-02-19 21:47:08 tun_ipv6 = DISABLED
2014-02-19 21:47:08 ifconfig_local = '10.0.0.2'
2014-02-19 21:47:08 ifconfig_remote_netmask = '255.255.255.255'
2014-02-19 21:47:08 ifconfig_noexec = DISABLED
2014-02-19 21:47:08 ifconfig_nowarn = DISABLED
2014-02-19 21:47:08 ifconfig_ipv6_local = '[UNDEF]'
2014-02-19 21:47:08 ifconfig_ipv6_netbits = 0
2014-02-19 21:47:08 ifconfig_ipv6_remote = '[UNDEF]'
2014-02-19 21:47:08 shaper = 0
2014-02-19 21:47:08 mtu_test = 0
2014-02-19 21:47:08 mlock = DISABLED
2014-02-19 21:47:08 keepalive_ping = 0
2014-02-19 21:47:08 keepalive_timeout = 0
2014-02-19 21:47:08 inactivity_timeout = 0
2014-02-19 21:47:08 ping_send_timeout = 0
2014-02-19 21:47:08 ping_rec_timeout = 0
2014-02-19 21:47:08 ping_rec_timeout_action = 0
2014-02-19 21:47:08 ping_timer_remote = DISABLED
2014-02-19 21:47:08 remap_sigusr1 = 0
2014-02-19 21:47:08 persist_tun = DISABLED
2014-02-19 21:47:08 persist_local_ip = DISABLED
2014-02-19 21:47:08 persist_remote_ip = DISABLED
2014-02-19 21:47:08 persist_key = DISABLED
2014-02-19 21:47:08 passtos = DISABLED
2014-02-19 21:47:08 resolve_retry_seconds = 60
2014-02-19 21:47:08 resolve_in_advance = DISABLED
2014-02-19 21:47:08 username = '[UNDEF]'
2014-02-19 21:47:08 groupname = '[UNDEF]'
2014-02-19 21:47:08 chroot_dir = '[UNDEF]'
2014-02-19 21:47:08 cd_dir = '[UNDEF]'
2014-02-19 21:47:08 writepid = '[UNDEF]'
2014-02-19 21:47:08 up_script = '[UNDEF]'
2014-02-19 21:47:08 down_script = '[UNDEF]'
2014-02-19 21:47:08 down_pre = DISABLED
2014-02-19 21:47:08 up_restart = DISABLED
2014-02-19 21:47:08 up_delay = DISABLED
2014-02-19 21:47:08 daemon = DISABLED
2014-02-19 21:47:08 inetd = 0
2014-02-19 21:47:08 log = DISABLED
2014-02-19 21:47:08 suppress_timestamps = DISABLED
2014-02-19 21:47:08 machine_readable_output = ENABLED
2014-02-19 21:47:08 nice = 0
2014-02-19 21:47:08 verbosity = 4
2014-02-19 21:47:08 mute = 0
2014-02-19 21:47:08 gremlin = 0
2014-02-19 21:47:08 status_file = '[UNDEF]'
2014-02-19 21:47:08 status_file_version = 1
2014-02-19 21:47:08 status_file_update_freq = 60
2014-02-19 21:47:08 occ = ENABLED
2014-02-19 21:47:08 rcvbuf = 65536
2014-02-19 21:47:08 sndbuf = 65536
2014-02-19 21:47:08 sockflags = 0
2014-02-19 21:47:08 fast_io = DISABLED
2014-02-19 21:47:08 comp.alg = 0
2014-02-19 21:47:08 comp.flags = 0
2014-02-19 21:47:08 route_script = '[UNDEF]'
2014-02-19 21:47:08 route_default_gateway = '[UNDEF]'
2014-02-19 21:47:08 route_default_metric = 0
2014-02-19 21:47:08 route_noexec = DISABLED
2014-02-19 21:47:08 route_delay = 0
2014-02-19 21:47:08 route_delay_window = 30
2014-02-19 21:47:08 route_delay_defined = DISABLED
2014-02-19 21:47:08 route_nopull = DISABLED
2014-02-19 21:47:08 route_gateway_via_dhcp = DISABLED
2014-02-19 21:47:08 max_routes = 100
2014-02-19 21:47:08 allow_pull_fqdn = DISABLED
2014-02-19 21:47:08 management_addr = '/data/data/de.blinkt.openvpn/cache/mgmtsocket'
2014-02-19 21:47:08 management_port = 'unix'
2014-02-19 21:47:08 management_user_pass = '[UNDEF]'
2014-02-19 21:47:08 management_log_history_cache = 250
2014-02-19 21:47:08 management_echo_buffer_size = 100
2014-02-19 21:47:08 management_write_peer_info_file = '[UNDEF]'
2014-02-19 21:47:08 management_client_user = '[UNDEF]'
2014-02-19 21:47:08 management_client_group = '[UNDEF]'
2014-02-19 21:47:08 management_flags = 4390
2014-02-19 21:47:08 shared_secret_file = '[[INLINE]]'
2014-02-19 21:47:08 key_direction = 0
2014-02-19 21:47:08 ciphername_defined = ENABLED
2014-02-19 21:47:08 ciphername = 'BF-CBC'
2014-02-19 21:47:08 authname_defined = ENABLED
2014-02-19 21:47:08 authname = 'SHA1'
2014-02-19 21:47:08 prng_hash = 'SHA1'
2014-02-19 21:47:08 prng_nonce_secret_len = 16
2014-02-19 21:47:08 keysize = 0
2014-02-19 21:47:08 engine = DISABLED
2014-02-19 21:47:08 replay = ENABLED
2014-02-19 21:47:08 mute_replay_warnings = DISABLED
2014-02-19 21:47:08 replay_window = 64
2014-02-19 21:47:08 replay_time = 15
2014-02-19 21:47:08 packet_id_file = '[UNDEF]'
2014-02-19 21:47:08 use_iv = ENABLED
2014-02-19 21:47:08 test_crypto = DISABLED
2014-02-19 21:47:08 tls_server = DISABLED
2014-02-19 21:47:08 tls_client = DISABLED
2014-02-19 21:47:08 key_method = 2
2014-02-19 21:47:08 ca_file = '[UNDEF]'
2014-02-19 21:47:08 ca_path = '[UNDEF]'
2014-02-19 21:47:08 dh_file = '[UNDEF]'
2014-02-19 21:47:08 cert_file = '[UNDEF]'
2014-02-19 21:47:08 priv_key_file = '[UNDEF]'
2014-02-19 21:47:08 pkcs12_file = '[UNDEF]'
2014-02-19 21:47:08 cipher_list = '[UNDEF]'
2014-02-19 21:47:08 tls_verify = '[UNDEF]'
2014-02-19 21:47:08 tls_export_cert = '[UNDEF]'
2014-02-19 21:47:08 verify_x509_type = 0
2014-02-19 21:47:08 verify_x509_name = '[UNDEF]'
2014-02-19 21:47:08 crl_file = '[UNDEF]'
2014-02-19 21:47:08 ns_cert_type = 0
2014-02-19 21:47:08 remote_cert_ku = 0
2014-02-19 21:47:08 remote_cert_ku = 0
2014-02-19 21:47:08 remote_cert_ku = 0
2014-02-19 21:47:08 remote_cert_ku = 0
2014-02-19 21:47:08 remote_cert_ku = 0
2014-02-19 21:47:08 remote_cert_ku = 0
2014-02-19 21:47:08 remote_cert_ku = 0
2014-02-19 21:47:08 remote_cert_ku = 0
2014-02-19 21:47:08 remote_cert_ku = 0
2014-02-19 21:47:08 remote_cert_ku = 0
2014-02-19 21:47:08 remote_cert_ku[i] = 0
2014-02-19 21:47:08 remote_cert_ku[i] = 0
2014-02-19 21:47:08 remote_cert_ku[i] = 0
2014-02-19 21:47:08 remote_cert_ku[i] = 0
2014-02-19 21:47:08 remote_cert_ku[i] = 0
2014-02-19 21:47:08 remote_cert_ku[i] = 0
2014-02-19 21:47:08 remote_cert_eku = '[UNDEF]'
2014-02-19 21:47:08 ssl_flags = 0
2014-02-19 21:47:08 tls_timeout = 2
2014-02-19 21:47:08 renegotiate_bytes = 0
2014-02-19 21:47:08 renegotiate_packets = 0
2014-02-19 21:47:08 renegotiate_seconds = 3600
2014-02-19 21:47:08 handshake_window = 60
2014-02-19 21:47:08 transition_window = 3600
2014-02-19 21:47:08 single_session = DISABLED
2014-02-19 21:47:08 push_peer_info = DISABLED
2014-02-19 21:47:08 tls_exit = DISABLED
2014-02-19 21:47:08 tls_auth_file = '[UNDEF]'
2014-02-19 21:47:08 client = DISABLED
2014-02-19 21:47:08 pull = DISABLED
2014-02-19 21:47:08 auth_user_pass_file = '[UNDEF]'
2014-02-19 21:47:08 OpenVPN 2.4-icsopenvpn [git:icsopenvpn_68-c79b5c8a744f8b40+] android-14-armeabi-v7a [SSL (OpenSSL)] [LZO] [SNAPPY] [LZ4] [EPOLL] [MH] [IPv6] built on Feb 14 2014
2014-02-19 21:47:08 MANAGEMENT: Connected to management server at /data/data/de.blinkt.openvpn/cache/mgmtsocket
2014-02-19 21:47:08 MANAGEMENT: CMD 'hold release'
2014-02-19 21:47:08 MANAGEMENT: CMD 'proxy NONE'
2014-02-19 21:47:08 MANAGEMENT: CMD 'bytecount 2'
2014-02-19 21:47:08 MANAGEMENT: CMD 'state on'
2014-02-19 21:47:08 Netzwerkstatus: CONNECTED to WIFI "BARCI_NET"
2014-02-19 21:47:09 Static Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
2014-02-19 21:47:09 Static Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2014-02-19 21:47:10 Static Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
2014-02-19 21:47:10 Static Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2014-02-19 21:47:10 MANAGEMENT: >STATE:1392842829,RESOLVE,,,
2014-02-19 21:47:12 WARNING: Since you are using --dev tun with a point-to-point topology, the second argument to --ifconfig must be an IP address. You are using something (255.255.255.255) that looks more like a netmask. (silence this warning with --ifconfig-nowarn)
2014-02-19 21:47:12 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
2014-02-19 21:47:12 MANAGEMENT: >STATE:1392842832,ASSIGN_IP,,10.0.0.2,
2014-02-19 21:47:12 MANAGEMENT: CMD 'needok 'IFCONFIG' ok'
2014-02-19 21:47:12 MANAGEMENT: CMD 'needok 'DNSSERVER' ok'
2014-02-19 21:47:12 MANAGEMENT: CMD 'needok 'DNSSERVER' ok'
2014-02-19 21:47:12 MANAGEMENT: CMD 'needok 'DNSDOMAIN' ok'
2014-02-19 21:47:12 MANAGEMENT: CMD 'needok 'PERSIST_TUN_ACTION' OPEN_BEFORE_CLOSE'
2014-02-19 21:47:12 Öffne tun Netzwerkinterface:
2014-02-19 21:47:12 Lokale IPv4: 10.0.0.2/32 IPv6: null MTU: 1500
2014-02-19 21:47:12 DNS-Server: 8.8.8.8, 8.8.4.4, Domäne: blinkt.de
2014-02-19 21:47:12 Routen:
2014-02-19 21:47:12 ausgenommene Routen:
2014-02-19 21:47:12 Installierte Routen (VpnService):
2014-02-19 21:47:12 MANAGEMENT: CMD 'needok 'OPENTUN' ok'
2014-02-19 21:47:12 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:393 ET:0 EL:0 ]
2014-02-19 21:47:12 Local Options String: 'V4,dev-type tun,link-mtu 1544,tun-mtu 1500,proto UDPv4,ifconfig 255.255.255.255 10.0.0.2,cipher BF-CBC,auth SHA1,keysize 128,secret'
2014-02-19 21:47:12 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1544,tun-mtu 1500,proto UDPv4,ifconfig 10.0.0.2 255.255.255.255,cipher BF-CBC,auth SHA1,keysize 128,secret'
2014-02-19 21:47:12 Local Options hash (VER=V4): '7abfc2b1'
2014-02-19 21:47:12 Expected Remote Options hash (VER=V4): 'c6ecd73e'
2014-02-19 21:47:12 TCP/UDP: Preserving recently used remote address: [AF_INET]24.134.173.218:1194
2014-02-19 21:47:12 Socket Buffers: R=[163840->131072] S=[163840->131072]
2014-02-19 21:47:12 Protecting socket fd 5
2014-02-19 21:47:12 MANAGEMENT: CMD 'needok 'PROTECTFD' ok'
2014-02-19 21:47:12 UDP link local (bound): [AF_INET][undef]:1194
2014-02-19 21:47:12 UDP link remote: [AF_INET]24.134.173.218:1194
2014-02-19 21:47:22 Peer Connection Initiated with [AF_INET]24.134.173.218:1194
2014-02-19 21:47:22 WARNING: 'ifconfig' is used inconsistently, local='ifconfig 10.0.0.2 255.255.255.255', remote='ifconfig 10.0.0.2 10.0.0.1'
2014-02-19 21:47:24 Initialization Sequence Completed
2014-02-19 21:47:24 MANAGEMENT: >STATE:1392842844,CONNECTED,SUCCESS,10.0.0.2,24.134.173.218

Posted: **Wed Feb 19, 2014 9:25 pm**

Thanks for very fast answer.

Okay here is my server config:

Code: Select all

dev tun0
ifconfig 10.0.0.1 10.0.0.2
secret static.key

Made on a Rhaspberry Pi with this howto:
http://www.linux-tips-and-tricks.de/ras ... -raspberry

And here is, what openvpn Android made out of my client config:

Code: Select all

# Enables connection to GUI
management /data/data/de.blinkt.openvpn/cache/mgmtsocket unix
management-client
management-query-passwords
management-hold

setenv IV_GUI_VER "de.blinkt.openvpn 0.6.9a"
machine-readable-output
verb 4
connect-retry-max 5
connect-retry 5
resolv-retry 60
dev tun
remote xxxxxxx.no-ip.biz 1194 udp
<secret>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
xxxxxxxxx-----END OpenVPN Static key V1-----

</secret>
ifconfig 10.0.0.2 255.255.255.255     ### <<<--- CHANGE THIS LINE !!!
dhcp-option DNS 8.8.8.8
dhcp-option DNS 8.8.4.4
dhcp-option DOMAIN blinkt.de
# Use system proxy setting
management-query-proxy

Posted: **Wed Feb 19, 2014 9:41 pm**

The Problem:
I imported:

remote xxxxxxx.no-ip.biz
dev tun0
ifconfig 10.0.0.2 10.0.0.1
secret static.key

I have no idea, where the 255.255.255.255 cames from.

I can't find any 255.255.255.255 i the Settings to change it !!!

4 me, it seems to be an error an Android openvpn.

Posted: **Wed Feb 19, 2014 9:52 pm**

What i Posted is the OUTPUT (Read only) information of Andoird openvpn
("Show generated information")

I cant edit it.
I cant find any point in the Menue where i find an 10.0.0.1 ir 255.255.255.255.

I have imported a 10.0.0.2 10.0.0.1 and Android openvpn make a 10.0.0.2 255.255.255.255 out of it with NO change to edit.

This i what i imported an i can edit:

remote xxxxxxx.no-ip.biz
dev tun0
ifconfig 10.0.0.2 10.0.0.1
secret static.key

Posted: **Fri Feb 21, 2014 5:09 am**

For the iOS and Android client, your keys/certain need to be inline, and not separate files.

OpenVPN Support Forum

OVPN (Static Key) profile works with windows but not android

OVPN (Static Key) profile works with windows but not android

Re: OVPN (Static Key) profile works with windows but not and

Re: OVPN (Static Key) profile works with windows but not and

Re: OVPN (Static Key) profile works with windows but not and

Re: OVPN (Static Key) profile works with windows but not and