iOS to Synology
Posted: Wed May 14, 2014 7:15 pm
Hello,
I solved my previous issue where the wrong IP address was being used when resolving my subdomain. As it turns out, DynDNS service was not properly resolving subdomains, it instead was returning the IP for the domain. This resulted in the wrong IP and no connection.
The issue now is not being able to get the client to connect with the server. From the logs, listed below, it seems that the client is making contact with the server but that is where it seems to break down.
I have the:
- correct IP address showing up through nslookup for my subdomain,
- the iOS.ovpn file (including embedded certificates that was created by OpenVPN on my Synology) on my iPad,
- the OpenVPN server up and running on my Synology, and
- the appropriate ports open in my firewall for UDP.
When using the OpenVPN app the following results (the lines marked by a '+' repeated about 5 times):
2014-05-14 14:55:00 LZO-ASYM init swap=0 asym=0
2014-05-14 14:55:00 EVENT: RESOLVE
+2014-05-14 14:55:01 Contacting "MY WAN IP":"UDP PORT" via UDP
+2014-05-14 14:55:01 EVENT: WAIT
+2014-05-14 14:55:01 Connecting to "MY SUBDOMAIN":"UDP PORT" ("MY WAN IP") via UDPv4
+2014-05-14 14:55:10 Server poll timeout, trying next remote entry...
+2014-05-14 14:55:10 EVENT: RECONNECTING
2014-05-14 14:56:00 EVENT: CONNECTION_TIMEOUT [ERR]
2014-05-14 14:56:00 EVENT: DISCONNECTED
2014-05-14 14:56:00 Raw stats on disconnect:
BYTES_OUT : 420
PACKETS_OUT : 30
CONNECTION_TIMEOUT : 1
N_RECONNECT : 5
2014-05-14 14:56:00 Performance stats on disconnect:
CPU usage (microseconds): 65548
Network bytes per CPU second: 6407
Tunnel bytes per CPU second: 0
2014-05-14 14:56:00 ----- OpenVPN Stop -----
2014-05-14 14:56:00 EVENT: DISCONNECT_PENDING
Looking at the logs on the Synology reveals:
May 14 14:55:00 DiskStation openvpn[16367]: read UDPv4 [ECONNREFUSED]: Connection refused (code=111) ***** Repeated about 25 times ****
May 14 14:55:49 DiskStation openvpn[16367]: "MY INTERNAL IP OF iPAD":60536 MULTI: new incoming connection would exceed maximum number of clients (5)
May 14 14:55:51 DiskStation openvpn[16367]: "MY INTERNAL IP OF iPAD":60536 MULTI: new incoming connection would exceed maximum number of clients (5)
May 14 14:55:53 DiskStation openvpn[16367]: read UDPv4 [ECONNREFUSED]: Connection refused (code=111)
May 14 14:55:53 DiskStation openvpn[16367]: "MY INTERNAL IP OF iPAD":60536 MULTI: new incoming connection would exceed maximum number of clients (5)
May 14 14:55:55 DiskStation openvpn[16367]: "MY INTERNAL IP OF iPAD":60536 MULTI: new incoming connection would exceed maximum number of clients (5)
May 14 14:55:57 DiskStation openvpn[16367]: "MY INTERNAL IP OF iPAD":60536 MULTI: new incoming connection would exceed maximum number of clients (5)
May 14 14:55:59 DiskStation openvpn[16367]: read UDPv4 [ECONNREFUSED]: Connection refused (code=111)
May 14 14:56:00 DiskStation openvpn[16367]: "MY INTERNAL IP OF iPAD":52715 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
May 14 14:56:00 DiskStation openvpn[16367]: "MY INTERNAL IP OF iPAD":52715 TLS Error: TLS handshake failed
May 14 14:56:09 DiskStation openvpn[16367]: "MY INTERNAL IP OF iPAD":52636 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
May 14 14:56:09 DiskStation openvpn[16367]: "MY INTERNAL IP OF iPAD":52636 TLS Error: TLS handshake failed
May 14 14:56:09 DiskStation openvpn[16367]: read UDPv4 [ECONNREFUSED]: Connection refused (code=111)
May 14 14:56:19 DiskStation openvpn[16367]: "MY INTERNAL IP OF iPAD":55678 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
May 14 14:56:19 DiskStation openvpn[16367]: "MY INTERNAL IP OF iPAD":55678 TLS Error: TLS handshake failed
May 14 14:56:30 DiskStation openvpn[16367]: "MY INTERNAL IP OF iPAD":57087 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
May 14 14:56:30 DiskStation openvpn[16367]: "MY INTERNAL IP OF iPAD":57087 TLS Error: TLS handshake failed
May 14 14:56:39 DiskStation openvpn[16367]: "MY INTERNAL IP OF iPAD":58754 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
May 14 14:56:39 DiskStation openvpn[16367]: "MY INTERNAL IP OF iPAD":58754 TLS Error: TLS handshake failed
So from this it is evident that the OpenVPN client on my iPad is making contact with the OpenVPN server. There seems to be some communication issue preventing them from connecting. I've checked the firewall and it has no logs regarding any blocked or dropped connection attempts in regards to the UDP port involved or the internal IPs involved. So it seems that it is not a firewall issue. To be sure, I disabled the firewall which made no difference.
From this I assume that there may be a configuration issue with the OpenVPN client/server. From the logs I cannot tell which. Am I correct or is it something completely different.
Thanks for any help.
I solved my previous issue where the wrong IP address was being used when resolving my subdomain. As it turns out, DynDNS service was not properly resolving subdomains, it instead was returning the IP for the domain. This resulted in the wrong IP and no connection.
The issue now is not being able to get the client to connect with the server. From the logs, listed below, it seems that the client is making contact with the server but that is where it seems to break down.
I have the:
- correct IP address showing up through nslookup for my subdomain,
- the iOS.ovpn file (including embedded certificates that was created by OpenVPN on my Synology) on my iPad,
- the OpenVPN server up and running on my Synology, and
- the appropriate ports open in my firewall for UDP.
When using the OpenVPN app the following results (the lines marked by a '+' repeated about 5 times):
2014-05-14 14:55:00 LZO-ASYM init swap=0 asym=0
2014-05-14 14:55:00 EVENT: RESOLVE
+2014-05-14 14:55:01 Contacting "MY WAN IP":"UDP PORT" via UDP
+2014-05-14 14:55:01 EVENT: WAIT
+2014-05-14 14:55:01 Connecting to "MY SUBDOMAIN":"UDP PORT" ("MY WAN IP") via UDPv4
+2014-05-14 14:55:10 Server poll timeout, trying next remote entry...
+2014-05-14 14:55:10 EVENT: RECONNECTING
2014-05-14 14:56:00 EVENT: CONNECTION_TIMEOUT [ERR]
2014-05-14 14:56:00 EVENT: DISCONNECTED
2014-05-14 14:56:00 Raw stats on disconnect:
BYTES_OUT : 420
PACKETS_OUT : 30
CONNECTION_TIMEOUT : 1
N_RECONNECT : 5
2014-05-14 14:56:00 Performance stats on disconnect:
CPU usage (microseconds): 65548
Network bytes per CPU second: 6407
Tunnel bytes per CPU second: 0
2014-05-14 14:56:00 ----- OpenVPN Stop -----
2014-05-14 14:56:00 EVENT: DISCONNECT_PENDING
Looking at the logs on the Synology reveals:
May 14 14:55:00 DiskStation openvpn[16367]: read UDPv4 [ECONNREFUSED]: Connection refused (code=111) ***** Repeated about 25 times ****
May 14 14:55:49 DiskStation openvpn[16367]: "MY INTERNAL IP OF iPAD":60536 MULTI: new incoming connection would exceed maximum number of clients (5)
May 14 14:55:51 DiskStation openvpn[16367]: "MY INTERNAL IP OF iPAD":60536 MULTI: new incoming connection would exceed maximum number of clients (5)
May 14 14:55:53 DiskStation openvpn[16367]: read UDPv4 [ECONNREFUSED]: Connection refused (code=111)
May 14 14:55:53 DiskStation openvpn[16367]: "MY INTERNAL IP OF iPAD":60536 MULTI: new incoming connection would exceed maximum number of clients (5)
May 14 14:55:55 DiskStation openvpn[16367]: "MY INTERNAL IP OF iPAD":60536 MULTI: new incoming connection would exceed maximum number of clients (5)
May 14 14:55:57 DiskStation openvpn[16367]: "MY INTERNAL IP OF iPAD":60536 MULTI: new incoming connection would exceed maximum number of clients (5)
May 14 14:55:59 DiskStation openvpn[16367]: read UDPv4 [ECONNREFUSED]: Connection refused (code=111)
May 14 14:56:00 DiskStation openvpn[16367]: "MY INTERNAL IP OF iPAD":52715 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
May 14 14:56:00 DiskStation openvpn[16367]: "MY INTERNAL IP OF iPAD":52715 TLS Error: TLS handshake failed
May 14 14:56:09 DiskStation openvpn[16367]: "MY INTERNAL IP OF iPAD":52636 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
May 14 14:56:09 DiskStation openvpn[16367]: "MY INTERNAL IP OF iPAD":52636 TLS Error: TLS handshake failed
May 14 14:56:09 DiskStation openvpn[16367]: read UDPv4 [ECONNREFUSED]: Connection refused (code=111)
May 14 14:56:19 DiskStation openvpn[16367]: "MY INTERNAL IP OF iPAD":55678 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
May 14 14:56:19 DiskStation openvpn[16367]: "MY INTERNAL IP OF iPAD":55678 TLS Error: TLS handshake failed
May 14 14:56:30 DiskStation openvpn[16367]: "MY INTERNAL IP OF iPAD":57087 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
May 14 14:56:30 DiskStation openvpn[16367]: "MY INTERNAL IP OF iPAD":57087 TLS Error: TLS handshake failed
May 14 14:56:39 DiskStation openvpn[16367]: "MY INTERNAL IP OF iPAD":58754 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
May 14 14:56:39 DiskStation openvpn[16367]: "MY INTERNAL IP OF iPAD":58754 TLS Error: TLS handshake failed
So from this it is evident that the OpenVPN client on my iPad is making contact with the OpenVPN server. There seems to be some communication issue preventing them from connecting. I've checked the firewall and it has no logs regarding any blocked or dropped connection attempts in regards to the UDP port involved or the internal IPs involved. So it seems that it is not a firewall issue. To be sure, I disabled the firewall which made no difference.
From this I assume that there may be a configuration issue with the OpenVPN client/server. From the logs I cannot tell which. Am I correct or is it something completely different.
Thanks for any help.