OpenVPN for iOS - Finally Available!
-
Well I tried OpenVPN for Android.. as you recommended.. now I get this error while importing the android config
Error reading config file
Option tls-remote has 2 parameters, expected between 1 and 1Moving back to my iOS config on the Android. That works on this new client as well.
-
check the box to quote the server cn before exporting.
And in the future, don't put spaces in your certificate common names. :-)
-
Finally.. that worked. Thanks!
Why is the iOS config not affected by the space?
-
It doesn't support tls-remote so that line is left out entirely for the OpenVPN Connect config.
The OpenVPN connect config will also work in the OpenVPN for Android client but it is missing a few lines that can be beneficial for security reasons (like tls-remote)
-
My fix to continual:
Jan 21 13:38:51 openvpn[26787]: xyz123/xxx.xxx.xxx.xxx:xxxxx TLS Error: incoming packet authentication failed from [AF_INET]xxx.xxx.xxx.xxx:xxxxx
Jan 21 13:38:51 openvpn[26787]: xyz123/xxx.xxx.xxx.xxx:xxxxx Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #120 / time = (1358793515) Mon Jan 21 13:38:35 2013 ] – see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warningsWas to not use: reneg-sec 0 in the client config. Most clients think this means to use what the server uses. Apparently iOS and Android think this means just keep renegotiating forever. reneg-sec 21600 works fine. It would be nice if renegotiation didn't require re-entry of a (new) OTP…
-
I can't believe how easy this was. Worked the first time, except for a restrictive firewall rule. This is great work! 8)
-
Wow works great!
Am I missing something or can you only have one profile in the phone/app at a time?
Every time I import another cofig for a different router it blows out the one that's installed. -
Do your firewalls have unique hostnames? I thought I had multiple profiles in the other day when testing, but I think all of mine had different hostnames and thus different exported filenames and such.
-
Yes different host names, confirmed on the iPad as well, only one profile at a time ???
-
I currently have 4 profiles to the same box. One is tcp on 443, and other is udp on standard 1194 port. Then 2 more with those same settings other routing all traffic through the vpn.
You could have as many configs as you would I would think all pointing to the same server if you just just call the ovpn file something different for import.
-
There's an update for the iPhone Configuration Utility, OpenVPN can now be preconfigured, too.
-
Hello,
the default config works well since my first try. Nice Work!
Just one Question: Is is possible to require a password before the VPN-Connection is established?Jan
-
If you use user auth on the server side, and you don't save the password on the client side, yes.
If you are only doing certificate auth, probably not.
