OpenVPN no longer connects from iOS Devices following upgrade to 2.1.5
-
Hey Guys,
I upgraded one of my pfSense boxes this morning and since then iOS Clients can no longer connect to the OpenVPN instance running on this box.
Server Log:
Sep 8 15:13:44 pfsense openvpn[75741]: <sourceip>:53947 TLS_ERROR: BIO read tls_read_plaintext error: error:04075070:rsa routines:RSA_sign:digest too big for rsa key: error:1409B006:SSL routines:SSL3_SEND_SERVER_KEY_EXCHANGE:EVP lib Sep 8 15:13:44 pfsense openvpn[75741]: <sourceip>:53947 TLS Error: TLS object -> incoming plaintext read error Sep 8 15:13:44 pfsense openvpn[75741]: <sourceip>:53947 TLS Error: TLS handshake failed</sourceip></sourceip></sourceip>
Client Log:
2014-09-08 15:13:01 LZO-ASYM init swap=0 asym=0 2014-09-08 15:13:01 EVENT: RESOLVE 2014-09-08 15:13:01 Contacting <destinationip>:1194 via UDP 2014-09-08 15:13:01 EVENT: WAIT 2014-09-08 15:13:01 Connecting to <destinationip>:1194 (<destinationip>) via UDPv4 2014-09-08 15:13:01 EVENT: CONNECTING 2014-09-08 15:13:01 Tunnel Options:V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher AES-128-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-client 2014-09-08 15:13:01 Creds: Username/Password 2014-09-08 15:13:01 Peer Info: IV_GUI_VER=net.openvpn.connect.ios 1.0.4-140 IV_VER=3.0 IV_PLAT=ios IV_NCP=1 IV_LZO=1 2014-09-08 15:13:42 Session invalidated: KEEPALIVE_TIMEOUT 2014-09-08 15:13:42 Client terminated, restarting in 2... 2014-09-08 15:13:44 EVENT: RECONNECTING 2014-09-08 15:13:44 LZO-ASYM init swap=0 asym=0 2014-09-08 15:13:44 EVENT: RESOLVE 2014-09-08 15:13:44 Contacting 86.28.107.90:1194 via UDP 2014-09-08 15:13:44 EVENT: WAIT 2014-09-08 15:13:44 Connecting to <destinationip>:1194 (<destinationip>) via UDPv4 2014-09-08 15:13:44 EVENT: CONNECTING 2014-09-08 15:13:44 Tunnel Options:V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher AES-128-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-client 2014-09-08 15:13:44 Creds: Username/Password 2014-09-08 15:13:44 Peer Info: IV_GUI_VER=net.openvpn.connect.ios 1.0.4-140 IV_VER=3.0 IV_PLAT=ios IV_NCP=1 IV_LZO=1 2014-09-08 15:14:01 EVENT: CONNECTION_TIMEOUT [ERR] 2014-09-08 15:14:01 EVENT: DISCONNECTED 2014-09-08 15:14:01 Raw stats on disconnect: BYTES_IN : 208 BYTES_OUT : 3672 PACKETS_IN : 4 PACKETS_OUT : 34 KEEPALIVE_TIMEOUT : 1 CONNECTION_TIMEOUT : 1 N_RECONNECT : 1 2014-09-08 15:14:01 Performance stats on disconnect: CPU usage (microseconds): 19638 Network bytes per CPU second: 197576 Tunnel bytes per CPU second: 0 2014-09-08 15:14:01 ----- OpenVPN Stop ----- 2014-09-08 15:14:01 EVENT: DISCONNECT_PENDING</destinationip></destinationip></destinationip></destinationip></destinationip>
Googling around didn't produce anything directly tied to the new versions of OpenVPN or pfSense.
Note that Desktop devices seem to connect using the community client running as a service fine.
Any ideas or anything else I can provide to help?
Thanks!
-
Did you ever have a resolution on this?
-
Dude, you are posting into over one year dead thread about 2.1.5. Why'd you be "upgrading" to completely obsolete release now?
-
Why'd you be "upgrading" to completely obsolete release now?
Yup, +1 on that.
From all accounts 2.2.5 is stable, especially as far as OpenVPN.
I've got more than a few iOS devices talking to various 2.2.5 sites using OPenVPN.I'd be inclined to make sure your pfSense is up to date, then make sure the iOS client is as well.