For the record, I have successfully uploaded a .ovpn for my connection into the OpenVPN Connect ios App. My problem is that when I attempt to create the VPN it says it is connected and then spins for about a minute and then disconnects. I just stumbled across the log on the app and I am noticing the following line in the output:
Creds: UsernameEmpty/PasswordEmpty
which I suspect is the problem since it is never prompting my for a user name/ password and I have not found a place in the app to specify them. Where or how do you enable being able to enter the username/password combo? I have OpenVPN Connect 1.1.1 on ios 10.3.2 if it happens to matter.
Please note that this same vpn is already working on PC using the HDAConnect software so I know the vpn is functioning, I am just confused about how to enable the credentials dialog. If this is already documented somewhere feel free to point me to the documentation, but I have already used the info on https://wiki.amahi.org/index.php/OpenVPN_on_iOS to get me this far.
Thanks in advance for any insight somebody can offer me.
SOLVED: OpenVPN and IOS - I must be missing something
-
- Posts: 20
- Joined: Fri Jan 30, 2015 1:06 pm
-
- Posts: 20
- Joined: Fri Jan 30, 2015 1:06 pm
Re: OpenVPN and IOS - I must be missing something
In looking around I found this page - http://accc.uic.edu/answer/how-do-i-con ... e-and-ipad which shows their imported profile as being "Standard Profile" - the one I imported based on https://wiki.amahi.org/index.php/OpenVPN_on_iOS is showing as "Autologin profile" - is this problem and if so does any one know what causes the distinction? Actually, I just double checked and I have auto-user-pass instead of auth-user-pass, that is probably the problem - oh well, time to re-import tonight and see if that will fix it.
Re: OpenVPN and IOS - I must be missing something
Did you install the certificates on iOS?
ßîgƒσστ65
Applications Manager
My HDA: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz on MSI board, 16GB RAM, 1TBx1+2TBx2+4TBx2
Applications Manager
My HDA: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz on MSI board, 16GB RAM, 1TBx1+2TBx2+4TBx2
-
- Posts: 20
- Joined: Fri Jan 30, 2015 1:06 pm
Re: OpenVPN and IOS - I must be missing something
Nah, my typo was the problem (I typed in that ovpn over multiple layers of remote connections so I couldn't see the typo when I initially created it) - I was just surprised that typos in the configuration file don't output any type of diagnostic message in the log on OpenVPN connect. I am now able to connect with the iPhone, but this has exposed a different issue.
I am testing the iPhone at where I work and I normally have a PC vpn connection into the home network while I am at work (which is why I knew that the vpn server itself was working). When I connect with iPhone and then try to do anything (in this case bring up a webpage that is only accessible on my homenet), the PC VPN connection is dropped. This is happening even if I use different user credentials (I created a second user on amahi just for the iPhone thinking it might be that the same user cannot be connected twice). Is there a limitation or some other setting in the amahi OpenVPN setup that limits it to just 1 active connection? (In this case my iPhone is on wifi, so it would be 2 different vpns coming from the same external network, but I wouldn't expect those to collide with each other). I am using the base OpenVPN install addin on amahi at this stage.
From what I can see on web searches OpenVPN is capable of multiple connections, but so far I haven't found anything that says how to enable it (all of the pages I found so far are questions about how many connections can be handled). Any insight you can provide will be appreciated.
I am testing the iPhone at where I work and I normally have a PC vpn connection into the home network while I am at work (which is why I knew that the vpn server itself was working). When I connect with iPhone and then try to do anything (in this case bring up a webpage that is only accessible on my homenet), the PC VPN connection is dropped. This is happening even if I use different user credentials (I created a second user on amahi just for the iPhone thinking it might be that the same user cannot be connected twice). Is there a limitation or some other setting in the amahi OpenVPN setup that limits it to just 1 active connection? (In this case my iPhone is on wifi, so it would be 2 different vpns coming from the same external network, but I wouldn't expect those to collide with each other). I am using the base OpenVPN install addin on amahi at this stage.
From what I can see on web searches OpenVPN is capable of multiple connections, but so far I haven't found anything that says how to enable it (all of the pages I found so far are questions about how many connections can be handled). Any insight you can provide will be appreciated.
Re: OpenVPN and IOS - I must be missing something
I am not aware of any limitations.Is there a limitation or some other setting in the amahi OpenVPN setup that limits it to just 1 active connection?
I don't use wifi when accessing from my phone typically. I do have problems when using my iPad on a wifi network. Not sure if it's due to a setup issue on the device or something with OpenVPN.
This will require a bit more research.
ßîgƒσστ65
Applications Manager
My HDA: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz on MSI board, 16GB RAM, 1TBx1+2TBx2+4TBx2
Applications Manager
My HDA: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz on MSI board, 16GB RAM, 1TBx1+2TBx2+4TBx2
-
- Posts: 20
- Joined: Fri Jan 30, 2015 1:06 pm
Re: OpenVPN and IOS - I must be missing something
hmm, if I have stumped you I am getting nervous
I have stumbled across this link which might apply - https://forum.pfsense.org/index.php?topic=71790.0
tldr; it appears that the productized OpenVPN server has an option you have to enable to allow multiple connections with the same certificate and common name - I know that with amahi we are using common certificates that might be part of the puzzle (although I would have thought that using a second username would have gotten around this).
I just did a quick test of completely stopping the OpenVPN connect app (to make sure that old credentials were flushed) and it definitely still kicks me out of the PC once the Angular 2 based web page starts feeding into the iPhone with each connection using a different user name. I guess I will keep digging as well to see if I can find anyone else seeing this behavior on OpenVPN.
I have stumbled across this link which might apply - https://forum.pfsense.org/index.php?topic=71790.0
tldr; it appears that the productized OpenVPN server has an option you have to enable to allow multiple connections with the same certificate and common name - I know that with amahi we are using common certificates that might be part of the puzzle (although I would have thought that using a second username would have gotten around this).
I just did a quick test of completely stopping the OpenVPN connect app (to make sure that old credentials were flushed) and it definitely still kicks me out of the PC once the Angular 2 based web page starts feeding into the iPhone with each connection using a different user name. I guess I will keep digging as well to see if I can find anyone else seeing this behavior on OpenVPN.
-
- Posts: 20
- Joined: Fri Jan 30, 2015 1:06 pm
Re: OpenVPN and IOS - I must be missing something
I think this explains it - http://www.linuxquestions.org/questions ... on-925896/
from the base server.conf file:
Code:
# Uncomment this directive if multiple clients
# might connect with the same certificate/key
# files or common names. This is recommended
# only for testing purposes. For production use,
# each client should have its own certificate/key
# pair.
#
# IF YOU HAVE NOT GENERATED INDIVIDUAL
# CERTIFICATE/KEY PAIRS FOR EACH CLIENT,
# EACH HAVING ITS OWN UNIQUE "COMMON NAME",
# UNCOMMENT THIS LINE OUT.
;duplicate-cn
from the base server.conf file:
Code:
# Uncomment this directive if multiple clients
# might connect with the same certificate/key
# files or common names. This is recommended
# only for testing purposes. For production use,
# each client should have its own certificate/key
# pair.
#
# IF YOU HAVE NOT GENERATED INDIVIDUAL
# CERTIFICATE/KEY PAIRS FOR EACH CLIENT,
# EACH HAVING ITS OWN UNIQUE "COMMON NAME",
# UNCOMMENT THIS LINE OUT.
;duplicate-cn
-
- Posts: 20
- Joined: Fri Jan 30, 2015 1:06 pm
Re: OpenVPN and IOS - I must be missing something
Sorry to ask this (I am more of Ubuntu user than a fedora one), what command line do I need to run to restart the openvpn service remotely (to test if this change will work)? I tried this and it didn't like it
[root@localhost openvpn]# systemctl restart openvpn@server.service
Job for openvpn@server.service failed because the control process exited with error code. See "systemctl status openvpn@server.service" and "journalctl -xe" for details.
I didn't see anything in journalctl -xe about openvpn or any real error messages so that didn't help me.
Worst case is I will wait until I get home to restart the openvpn.
[root@localhost openvpn]# systemctl restart openvpn@server.service
Job for openvpn@server.service failed because the control process exited with error code. See "systemctl status openvpn@server.service" and "journalctl -xe" for details.
I didn't see anything in journalctl -xe about openvpn or any real error messages so that didn't help me.
Worst case is I will wait until I get home to restart the openvpn.
Re: OpenVPN and IOS - I must be missing something
Do the following:
That should restart the server.
Code: Select all
sudo systemctl restart openvpn@amahi.service
ßîgƒσστ65
Applications Manager
My HDA: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz on MSI board, 16GB RAM, 1TBx1+2TBx2+4TBx2
Applications Manager
My HDA: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz on MSI board, 16GB RAM, 1TBx1+2TBx2+4TBx2
-
- Posts: 20
- Joined: Fri Jan 30, 2015 1:06 pm
Re: OpenVPN and IOS - I must be missing something
ok, that command worked (I will have to write that one down) and adding the duplicate-cn line to the amahi.conf made it so that both connections can stay open.
For what it is worth I put it after the persist-tun line, I don't know exactly where it has/should be but it works placed there.
Thanks for you assistance!
For what it is worth I put it after the persist-tun line, I don't know exactly where it has/should be but it works placed there.
Code: Select all
persist-key
persist-tun
duplicate-cn
status /var/log/openvpn-status.log
Who is online
Users browsing this forum: No registered users and 21 guests