Hi there,

I have an Azure environment where I host Open VPN and run Access Server.

I had a server on for a while and my organisation blocked everyone's access (completely separate issue).

I hadn't logged in for ages so decided to see if it was still up by visiting the admin console. I managed to remember my password and log in. Had a loom around, nothing seems to have changed.

I looked the in the Log Reports section and I noticed on occasion there would be IP addresses trying to sign in as openvpn. The error section said authentication was not successful. I went through the entire log and there is no indication of a successful connection that wasn't myself.

I also left SSH to All on the default port in Azure (dumb I know, I wasn't expecting it to be up so long). I have no indication anyone go into either Access Server or SSH in. I have emailed my admin for the azure environment but would it have been obvious if someone got in?

I hadn't connected that often and in the past year connected to the VPN for a split second each time. Am I just being paranoid that someone got in, because I have no reason to see anyone did but I am an anxious person and this has caused me anxiety.

The SSH password was tested on online ones like Bitwarden and they all say my password would loads of years to crack.

I am going to hopefully get access back on Monday but is there anything I should look for before shutting it down?

Alright so i have openvpn installed on a few machines, my question is following :

Is there a way to restrict all access to the internet on said machines unless open VPN is connected ?

I did a netstat -a and found out that both regular and openvpn network use port 139 so i dont see a way to restrict the connection by ports

I also havent found a setting in the firewall that allows me to block everything unless OenVPN was connected

Do you guys have any ideas or found a way to make that work ?

If anybody knows how to fix it would appreciate it !

Hello peoples,

I have iPhone 14 with the latest IoS. My OpenVPN stop working few days ago. I removed and reinstalled and still not working. Here are the logs.

[Nov 06, 2024, 21:18:39] START CONNECTION

[Nov 06, 2024, 21:18:39] ----- OpenVPN Start -----

OpenVPN core 3.10_qa ios arm64 64-bit

[Nov 06, 2024, 21:18:39] OpenVPN core 3.10_qa ios arm64 64-bit

[Nov 06, 2024, 21:18:39] Frame=512/2112/512 mssfix-ctrl=1250

[Nov 06, 2024, 21:18:39] NOTE: This configuration contains options that were not used:

[Nov 06, 2024, 21:18:39] UNKNOWN/UNSUPPORTED OPTIONS

[Nov 06, 2024, 21:18:39] 0 [TUNNEL]

[Nov 06, 2024, 21:18:39] Unsupported option (ignored)

[Nov 06, 2024, 21:18:39] 0 [persist-tun]

[Nov 06, 2024, 21:18:39] 1 [persist-key]

[Nov 06, 2024, 21:18:39] 2 [data-ciphers] [AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305:AES-257-gcm]

[Nov 06, 2024, 21:18:39] 3 [data-ciphers-fallback] [AES-257-GCM]

[Nov 06, 2024, 21:18:39] 4 [resolv-retry] [infinite]

[Nov 06, 2024, 21:18:39] 5 [explicit-exit-notify]

[Nov 06, 2024, 21:18:39] EVENT: UNUSED_OPTIONS_ERROR UNKNOWN/UNSUPPORTED OPTIONS: TUNNEL

Unsupported option (ignored): persist-tun,persist-key,data-ciphers,data-ciphers-fallback,resolv-retry,explicit-exit-notify

 [ERR]

[Nov 06, 2024, 21:18:39] EVENT: CORE_THREAD_DONE

[Nov 06, 2024, 21:18:39] EVENT: DISCONNECT_PENDING

[Nov 06, 2024, 21:18:39] Raw stats on disconnect:

[Nov 06, 2024, 21:18:39] Performance stats on disconnect:

  CPU usage (microseconds): 20805

  Network bytes per CPU second: 0

  Tunnel bytes per CPU second: 0

[Nov 06, 2024, 21:18:41] START CONNECTION

[Nov 06, 2024, 21:18:41] ----- OpenVPN Start -----

OpenVPN core 3.10_qa ios arm64 64-bit

[Nov 06, 2024, 21:18:41] OpenVPN core 3.10_qa ios arm64 64-bit

[Nov 06, 2024, 21:18:41] Frame=512/2112/512 mssfix-ctrl=1250

[Nov 06, 2024, 21:18:41] NOTE: This configuration contains options that were not used:

[Nov 06, 2024, 21:18:41] UNKNOWN/UNSUPPORTED OPTIONS

[Nov 06, 2024, 21:18:41] 0 [TUNNEL]

[Nov 06, 2024, 21:18:41] Unsupported option (ignored)

[Nov 06, 2024, 21:18:41] 0 [persist-tun]

[Nov 06, 2024, 21:18:41] 1 [persist-key]

[Nov 06, 2024, 21:18:41] 2 [data-ciphers] [AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305:AES-257-gcm]

[Nov 06, 2024, 21:18:41] 3 [data-ciphers-fallback] [AES-257-GCM]

[Nov 06, 2024, 21:18:41] 4 [resolv-retry] [infinite]

[Nov 06, 2024, 21:18:41] 5 [explicit-exit-notify]

[Nov 06, 2024, 21:18:41] EVENT: UNUSED_OPTIONS_ERROR UNKNOWN/UNSUPPORTED OPTIONS: TUNNEL

Unsupported option (ignored): persist-tun,persist-key,data-ciphers,data-ciphers-fallback,resolv-retry,explicit-exit-notify

 [ERR]

[Nov 06, 2024, 21:18:41] EVENT: CORE_THREAD_DONE

[Nov 06, 2024, 21:18:41] EVENT: DISCONNECT_PENDING

[Nov 06, 2024, 21:18:41] Raw stats on disconnect:

[Nov 06, 2024, 21:18:41] Performance stats on disconnect:

  CPU usage (microseconds): 20615

  Network bytes per CPU second: 0

  Tunnel bytes per CPU second: 0

[Nov 06, 2024, 21:21:46] START CONNECTION

[Nov 06, 2024, 21:21:46] ----- OpenVPN Start -----

OpenVPN core 3.10_qa ios arm64 64-bit

[Nov 06, 2024, 21:21:46] OpenVPN core 3.10_qa ios arm64 64-bit

[Nov 06, 2024, 21:21:46] Frame=512/2112/512 mssfix-ctrl=1250

[Nov 06, 2024, 21:21:46] NOTE: This configuration contains options that were not used:

[Nov 06, 2024, 21:21:46] UNKNOWN/UNSUPPORTED OPTIONS

[Nov 06, 2024, 21:21:46] 0 [TUNNEL]

[Nov 06, 2024, 21:21:46] Unsupported option (ignored)

[Nov 06, 2024, 21:21:46] 0 [persist-tun]

[Nov 06, 2024, 21:21:46] 1 [persist-key]

[Nov 06, 2024, 21:21:46] 2 [data-ciphers] [AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305:AES-256-gcm]

[Nov 06, 2024, 21:21:46] 3 [data-ciphers-fallback] [AES-256-GCM]

[Nov 06, 2024, 21:21:46] 4 [resolv-retry] [infinite]

[Nov 06, 2024, 21:21:46] 5 [explicit-exit-notify]

[Nov 06, 2024, 21:21:46] EVENT: UNUSED_OPTIONS_ERROR UNKNOWN/UNSUPPORTED OPTIONS: TUNNEL

Unsupported option (ignored): persist-tun,persist-key,data-ciphers,data-ciphers-fallback,resolv-retry,explicit-exit-notify

 [ERR]

[Nov 06, 2024, 21:21:46] EVENT: CORE_THREAD_DONE

[Nov 06, 2024, 21:21:46] EVENT: DISCONNECT_PENDING

[Nov 06, 2024, 21:21:46] Raw stats on disconnect:

[Nov 06, 2024, 21:21:46] Performance stats on disconnect:

  CPU usage (microseconds): 29057

  Network bytes per CPU second: 0

  Tunnel bytes per CPU second: 0

[Nov 06, 2024, 22:01:52] START CONNECTION

[Nov 06, 2024, 22:01:52] ----- OpenVPN Start -----

OpenVPN core 3.10_qa ios arm64 64-bit

[Nov 06, 2024, 22:01:52] OpenVPN core 3.10_qa ios arm64 64-bit

[Nov 06, 2024, 22:01:52] Frame=512/2112/512 mssfix-ctrl=1250

[Nov 06, 2024, 22:01:52] NOTE: This configuration contains options that were not used:

[Nov 06, 2024, 22:01:52] UNKNOWN/UNSUPPORTED OPTIONS

[Nov 06, 2024, 22:01:52] 0 [TUNNEL]

[Nov 06, 2024, 22:01:52] Unsupported option (ignored)

[Nov 06, 2024, 22:01:52] 0 [persist-tun]

[Nov 06, 2024, 22:01:52] 1 [persist-key]

[Nov 06, 2024, 22:01:52] 2 [data-ciphers] [AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305:AES-256-gcm]

[Nov 06, 2024, 22:01:52] 3 [data-ciphers-fallback] [AES-256-GCM]

[Nov 06, 2024, 22:01:52] 4 [resolv-retry] [infinite]

[Nov 06, 2024, 22:01:52] 5 [explicit-exit-notify]

[Nov 06, 2024, 22:01:52] EVENT: UNUSED_OPTIONS_ERROR UNKNOWN/UNSUPPORTED OPTIONS: TUNNEL

Unsupported option (ignored): persist-tun,persist-key,data-ciphers,data-ciphers-fallback,resolv-retry,explicit-exit-notify

 [ERR]

[Nov 06, 2024, 22:01:52] EVENT: CORE_THREAD_DONE

[Nov 06, 2024, 22:01:52] EVENT: DISCONNECT_PENDING

[Nov 06, 2024, 22:01:52] Raw stats on disconnect:

[Nov 06, 2024, 22:01:52] Performance stats on disconnect:

  CPU usage (microseconds): 42362

  Network bytes per CPU second: 0

  Tunnel bytes per CPU second: 0

[Nov 06, 2024, 22:03:27] START CONNECTION

[Nov 06, 2024, 22:03:27] ----- OpenVPN Start -----

OpenVPN core 3.10_qa ios arm64 64-bit

[Nov 06, 2024, 22:03:27] OpenVPN core 3.10_qa ios arm64 64-bit

[Nov 06, 2024, 22:03:27] Frame=512/2112/512 mssfix-ctrl=1250

[Nov 06, 2024, 22:03:27] NOTE: This configuration contains options that were not used:

[Nov 06, 2024, 22:03:27] UNKNOWN/UNSUPPORTED OPTIONS

[Nov 06, 2024, 22:03:27] 0 [TUNNEL]

[Nov 06, 2024, 22:03:27] Unsupported option (ignored)

[Nov 06, 2024, 22:03:27] 0 [persist-tun]

[Nov 06, 2024, 22:03:27] 1 [persist-key]

[Nov 06, 2024, 22:03:27] 2 [data-ciphers] [AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305:AES-256-gcm]

[Nov 06, 2024, 22:03:27] 3 [data-ciphers-fallback] [AES-256-GCM]

[Nov 06, 2024, 22:03:27] 4 [resolv-retry] [infinite]

[Nov 06, 2024, 22:03:27] 5 [explicit-exit-notify]

[Nov 06, 2024, 22:03:27] EVENT: UNUSED_OPTIONS_ERROR UNKNOWN/UNSUPPORTED OPTIONS: TUNNEL

Unsupported option (ignored): persist-tun,persist-key,data-ciphers,data-ciphers-fallback,resolv-retry,explicit-exit-notify

 [ERR]

[Nov 06, 2024, 22:03:27] EVENT: CORE_THREAD_DONE

[Nov 06, 2024, 22:03:27] EVENT: DISCONNECT_PENDING

[Nov 06, 2024, 22:03:27] Raw stats on disconnect:

[Nov 06, 2024, 22:03:27] Performance stats on disconnect:

  CPU usage (microseconds): 25701

  Network bytes per CPU second: 0

  Tunnel bytes per CPU second: 0

[Nov 07, 2024, 14:52:43] START CONNECTION

[Nov 07, 2024, 14:52:43] ----- OpenVPN Start -----

OpenVPN core 3.10_qa ios arm64 64-bit

[Nov 07, 2024, 14:52:43] OpenVPN core 3.10_qa ios arm64 64-bit

[Nov 07, 2024, 14:52:43] Frame=512/2112/512 mssfix-ctrl=1250

[Nov 07, 2024, 14:52:43] NOTE: This configuration contains options that were not used:

[Nov 07, 2024, 14:52:43] UNKNOWN/UNSUPPORTED OPTIONS

[Nov 07, 2024, 14:52:43] 0 [TUNNEL]

[Nov 07, 2024, 14:52:43] Unsupported option (ignored)

[Nov 07, 2024, 14:52:43] 0 [persist-tun]

[Nov 07, 2024, 14:52:43] 1 [persist-key]

[Nov 07, 2024, 14:52:43] 2 [data-ciphers] [AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305]

[Nov 07, 2024, 14:52:43] 3 [data-ciphers-fallback] [AES-256-GCM]

[Nov 07, 2024, 14:52:43] 4 [explicit-exit-notify]

[Nov 07, 2024, 14:52:43] EVENT: UNUSED_OPTIONS_ERROR UNKNOWN/UNSUPPORTED OPTIONS: TUNNEL

Unsupported option (ignored): persist-tun,persist-key,data-ciphers,data-ciphers-fallback,explicit-exit-notify

 [ERR]

[Nov 07, 2024, 14:52:43] EVENT: CORE_THREAD_DONE

[Nov 07, 2024, 14:52:43] EVENT: DISCONNECT_PENDING

[Nov 07, 2024, 14:52:43] Raw stats on disconnect:

[Nov 07, 2024, 14:52:43] Performance stats on disconnect:

  CPU usage (microseconds): 35212

  Network bytes per CPU second: 0

  Tunnel bytes per CPU second: 0

[Nov 07, 2024, 14:54:05] START CONNECTION

[Nov 07, 2024, 14:54:05] ----- OpenVPN Start -----

OpenVPN core 3.10_qa ios arm64 64-bit

[Nov 07, 2024, 14:54:05] OpenVPN core 3.10_qa ios arm64 64-bit

[Nov 07, 2024, 14:54:05] Frame=512/2112/512 mssfix-ctrl=1250

[Nov 07, 2024, 14:54:05] NOTE: This configuration contains options that were not used:

[Nov 07, 2024, 14:54:05] UNKNOWN/UNSUPPORTED OPTIONS

[Nov 07, 2024, 14:54:05] 0 [TUNNEL]

[Nov 07, 2024, 14:54:05] Unsupported option (ignored)

[Nov 07, 2024, 14:54:05] 0 [persist-tun]

[Nov 07, 2024, 14:54:05] 1 [persist-key]

[Nov 07, 2024, 14:54:05] 2 [data-ciphers] [AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305]

[Nov 07, 2024, 14:54:05] 3 [data-ciphers-fallback] [AES-256-GCM]

[Nov 07, 2024, 14:54:05] 4 [explicit-exit-notify]

[Nov 07, 2024, 14:54:05] EVENT: UNUSED_OPTIONS_ERROR UNKNOWN/UNSUPPORTED OPTIONS: TUNNEL

Unsupported option (ignored): persist-tun,persist-key,data-ciphers,data-ciphers-fallback,explicit-exit-notify

 [ERR]

[Nov 07, 2024, 14:54:05] EVENT: CORE_THREAD_DONE

[Nov 07, 2024, 14:54:05] EVENT: DISCONNECT_PENDING

[Nov 07, 2024, 14:54:05] Raw stats on disconnect:

[Nov 07, 2024, 14:54:05] Performance stats on disconnect:

  CPU usage (microseconds): 26323

  Network bytes per CPU second: 0

  Tunnel bytes per CPU second: 0

I’m using OpenVPN-AS in a Docker container. In the web interface, I can only specify a primary and secondary DNS server, but I need both IPv4 and IPv6 DNS.

Using sacli, I also couldn't set a separate IPv6 DNS. I tried using push "dhcp-option ..." based on this guide, but unfortunately, that didn't work either (assuming it had to be set in the as.conf file).

Is there any way for clients to receive both IPv4 and IPv6 DNS servers?

I have a server running on 192.168.1.2 on interface eth0 and it has various services running. I have created an alias interface of eth0.0 with IP 192.168.1.4, and have bound a service to it. The service goes idle with this alias down, and active when this alias is up, implying the service is using the alias IP correctly.

I have then added the below to my openvpn.ovpn config file:

route-nopull

route 192.168.1.4 255.255.255.255

However, watching

watch ip -s link

I get no traffic on tun0 which is the VPN interface.

What am I missing?

Man this stink.. After upgrade now my VPN client no longer work

Is there a way to download older version?

Does anybody have a download link for openvpn connect 3.2.0?

I can find the changelog but no download history.

Thank you.

A while ago I made a post asking help to get OpenVPN set up. The goal back then was just to learn how it worked, which went well. I learnt through the communities help both types of scenarios in which you could use OpenVPN, which I was able to successfully test out. One where the objective was just to have server and client remote connectivity through the tunnel, and to route all internet traffic through the tunnel.

My intention today was to attempt to route traffic to allow for LAN Gaming. Now I know Hamachi does exist, and is far easier to set up, but the purpose of this was to rely on more open technologies, and to learn more about OpenVPN for future projects I have in mind.

The config files is as shown bellow. My friend and I used Borderlands to test out the VPN, but we weren’t successful. We did use Hamachi which did work, so we’re not too sure where the discrepancy lies. I appreciate any help.

Server config

# Specify a port, a protocol and a device type

port 1194

proto udp

dev tun

# Specify paths to server certificates

ca "C:\\Program Files\\OpenVPN\\easy-rsa\\pki\\ca.crt"

cert "C:\\Program Files\\OpenVPN\\easy-rsa\\pki\\issued\\server.crt"

key "C:\\Program Files\\OpenVPN\\easy-rsa\\pki\\private\\server.key"

dh "C:\\Program Files\\OpenVPN\\easy-rsa\\pki\\dh.pem"

# Specify the settings of the IP network your VPN clients will get their IP addresses from

server 10.8.0.0 255.255.255.0

push "redirect-gateway def1"

push "block-outside-dns"

push "dhcp-option DNS 1.1.1.1"

push "dhcp-option DNS 1.0.0.1"

# If you want to allow your clients to connect using the same key, enable the duplicate-cn option (not recommended)

# duplicate-cn

# TLS protection

tls-auth "C:\\Program Files\\OpenVPN\\easy-rsa\\pki\\ta.key" 0

cipher AES-256-GCM

# Other options

keepalive 20 60

persist-key

persist-tun

status "C:\\Program Files\\OpenVPN\\log\\status.log"

log "C:\\Program Files\\OpenVPN\\log\\openvpn.log"

verb 3

Client config

client

dev tun

proto udp

remote 01.23.45.67 1194

resolv-retry infinite

nobind

persist-key

persist-tun

ca ca.crt

cert ClientOVPN.crt

key ClientOVPN.key

remote-cert-tls server

tls-auth ta.key 1

cipher AES-256-GCM

connect-retry-max 25

verb 3

I have a TP-Link AX1800 router that has a firmware build in OpenVPN server. After setup is complete you the router provides a .ovpn file to connect that includes a certificate. I've imported the profile to my iPhone and Macbook. Connecting on my phone works flawlessly, my macbook times out and is unable to connect. What's the fix for this? I'm unsure where I've gone wrong. I've used the OpenVPN Connect app and Tunnelblick with the same results. It is not the profile file since I used the same file for both clients. So far I've messed with my firewall (going so far as to completely turn it off to rule it out) and reinstalled repeatedly. I've also change the advanced settings with no luck. I've double checked the IP and ports and it is all correct.. Here's the log:

[Nov 4, 2024, 20:45:39] Connecting to [*HOME IP*]:1194 (*HOME IP*) via UDP

[Nov 4, 2024, 20:45:49] Server poll timeout, trying next remote entry...

[Nov 4, 2024, 20:45:49] EVENT: RECONNECTING [Nov 4, 2024, 20:45:49] EVENT: RESOLVE [Nov 4, 2024, 20:45:49] Contacting *HOME IP*:1194 via UDP

[Nov 4, 2024, 20:45:49] EVENT: WAIT [Nov 4, 2024, 20:45:49] UnixCommandAgent: transmitting bypass route to /var/run/agent_ovpnconnect.sock

{

`"host" : "*HOME IP*",`

`"ipv6" : false,`

`"pid" : 1344`

}

[Nov 4, 2024, 20:45:49] Connecting to [*HOME IP*]:1194 (*HOME IP*) via UDP

[Nov 4, 2024, 20:50:03] Server poll timeout, trying next remote entry...

[Nov 4, 2024, 20:50:03] EVENT: RECONNECTING [Nov 4, 2024, 20:50:03] EVENT: RESOLVE [Nov 4, 2024, 20:50:03] Contacting *HOME IP*:1194 via UDP

[Nov 4, 2024, 20:50:03] EVENT: WAIT [Nov 4, 2024, 20:50:03] UnixCommandAgent: transmitting bypass route to /var/run/agent_ovpnconnect.sock

{

`"host" : "*HOME IP*",`

`"ipv6" : false,`

`"pid" : 1344`

}

[Nov 4, 2024, 20:50:03] Connecting to [*HOME IP*]:1194 (*HOME IP*) via UDP

I just installed OpenVPN on my M2 MacBook Pro to be able to access my home network from anywhere and i am running into an issue where every time I go to connect it fails.

Has anyone else experienced this?

I have openvpn installed on my linux mint laptop and it works fine connecting to my house using mobile hot spots, cafes, local wifi spots, however it doesn't work using my wifi at my apartment. If I connect my iPhone to the apartment wifi and share the internet it works fine.

I should add the connection is established, but I cannot access my local files or server.

I would think this is something simple, but it fools me.

I've turned off all firewall rules at my apartment and it doesn't improve.

Any tips?

I'm running 2 Ubuntu machines with OpenVPN, one as server, one as client.

The server is 24.04.1 LTS, and has openvpn 2.6.12.

The client is 20.04.6 LTS and has openvpn 2.4.12

The server has 2 config files, identical except one is proto tcp4-server and one is proto udp4

Using TCP, everything works as expected. However, when I switch to UDP on the client side, the VPN connects, but no traffic passes.

Any ideas on what I should be looking at?

I am using ufw on the server side, not sure if I need to change any of the NAT rules that I added for openvpn.

Thanks!

How would this work if tiny bits of data are still going through the VPN, such as normal OS telemetry data, etc. but the user is truly afk.

So, I have openvpn running on opnsense, everything is working well (using the legacy client and server setup). I have the host name I connect to as a dynamic dns through duckdns.

The problem is that my dang ISP every once in a while will break their dns servers, specifically access to duckdns, without that I am unable to resolve, thus unable to connect to my own server from with my LAN. All other networks (like cellular and employers guest wifi) just fine since it's only my particular ISP breaking stuff.

Easy fix is to set my phone to manually use 8.8.8.8 (or others) to get to duckdns. I currently set the dhcp scope in opnsense to use 8.8.8.8 instead of my LAN gateway like normal.

However I would like a way to connect via LAN gateway, for times like this when my ISP breaks it. I would also like it for if I ever lose WAN altogether, specifically because firewall rules I have setup to only access some servers when connected to VPN.

Please let me know if I need to clarify anything!

Hello VPN Communtiy.

I have a litte problem and dont know what to do.

I have a cabe-modem because of no DSL availability. Only Cabel to Internet. But my provider gave me shitty modem. It doesnt have portforwarding. Only IPv6 Host Exposure.

So i bought a firefox router and at tached it to my modem. I enter the Internet through my firefox router. My router sees the network of my modem as the WAN entry point.

I need to use a IPv6.

My modem doesnt support DynDNS. If I set the VPN through my Router up - it doesnt work BECAUSE the public IP it wants to use - is a modem network IP. My Router IP-range and Modem IP-range are different. 2 different networks.

My Modem is my bridge to my router if Im not wrong.

Do I maybe need a better Cable-Router?

My Problem:

I want do use a docker VPN to enter my homenetwork/selfhostet services. How do I need to modify my docker compose file?

Docker hub: openvpn/openvpn-as

Hello everyone,

I have a set up as shown below to be able to address my nextcloud via ipv4 although I only have dslight at my provider. So I have one vserver on which I have an openvpn3 client installed and one raspberry pi running all the rest. It worked fine for two weeks and then something must have broken. All the sudden I only got timeout and no response errors. I did all the tcpdumps in the world and analyzed them. It seems like the TCP handshake never gets completed. So the green arrows show what works and what doesn't: The SYN packet is sent and reveived correctly, the ACK-SYN is sent correctly as well and then the ACK packet never seems to arrive but I did a tcpdump on my phone and found out that the ACK-SYN while it is sent out from my vserver correctly, it never arrives at my phone... IPs, checksums all seems correct...

Any ideas or experiences with such a behaviour? Thanks a lot!!!

https://preview.redd.it/2usnv182q1yd1.png?width=1401&format=png&auto=webp&s=46552bbc0030d54547715c11f2435739883ea250

The tunnel gets established, but the client computer keeps trying to query it's local DNS servers instead of the VPN supplied DNS servers. Our VPN users connect to an OpenVPN server running on pfSense+ (latest stable 24.03-RELEASE). We have the option "Force all client-generated IPv4 traffic through the tunnel" checked.
Version 3.5.0 works fine. Can anyone else confirm? Wondering if this is pfSense specific and if I should post this on the Netgate forum.

Hi guys, do you have idea on how will i configure my server.conf that when a client connected to the openvpn their publick IPv4 is not the same with server public IP?

The reason I ask is that the server I am using now requires the client to respond to a pop-up window.

I now see this error:
AUTH: Received control message: AUTH_FAILED,CRV1:R,E:1760:amtsdWc=:Type "p" to receive a push notification or type your one-time password

When I use windows, I get a pop-up and I enter the "p". I cannot get authenticated in Linux because of this.

Isn't it similar to the OpenVPN logo?

Can I use openVPN while I am in Thailand and connect to my network in Rochester, NY?

I have recently updated to iOS 18.0.1 on iphone 15pro. Openvpn used to work for me fine but after the update I cannot connect through my workSpace ovpn profile over WiFi. It works on mobile data just fine. Switching from Mobile Data to Wifi disconnects the active connection. I have tried reinstalling the app.

What could be the reason for this kind of issue!

Note: I haven’t changed anything on my router.

I also checked for wireguard. I mean protonvpn but also other vpn applications. Many servers in the app work very well and sites do not block me (vpn is not detected) while the same server gets in the opnn or conf file then on linux every server is detected. I am trying to change dns and apply basic tips but nothing works. Is it really that complicated and what nuclear technology?

Hello All!

I am running an OpenVPN server for many years now but several days ago a client from Russia stopped connecting.

It looks like a new Russian state censorship DPI tool is blocking the connection: the tunnel is established but the traffic just doesn't go through.

Wed Oct 23 01:44:10 2024 Initialization Sequence Completed
Wed Oct 23 01:44:30 2024 read TCP_CLIENT: Unknown error (code=10060)
Wed Oct 23 01:44:30 2024 Connection reset, restarting [-1]
Wed Oct 23 01:44:30 2024 SIGUSR1[soft,connection-reset] received, process restarting

So, I have a question: what are the modern obfuscation technics for OpenVPN in 2024?

Google suggests obfs4proxy, but it is even called differently in TOR bundle now, and all the manuals are obsolete, and besides there is no obfs4 implementation for Android, only obfs3.

So, what would you recommend?

It looks to me like the 3.5.0 Android release has suddenly resulted in block-outside-dns from not being supported in the client config. If I remove it it works.

However I was under the impression it's important to stop DNS leakage:

https://vpninsights.com/vpn-info/fix-dns-leak-with-openvpn/

Anyone know why it was removed, and if there is an alternative config setting I should now be using?

Old question, but I didn't find a good answer. (Windows11) When OpenVPN is ON, I cannot print on a Lan local printer. My computer didn't find it. Is there a solution? Thanks.

My ISP cannot allow any connection for ssh via 22. They tried by whitelisting mac addresses but it didnt work. My network is community internet all I have is a AP. They mentioned that a VPN tunnel can work. Any guides/tips on getting that to work? Goal is to Mac ssh > ubuntu server.