IOS OpenVPN Connect 3 : no more connections works

fabiensch2

Hello,

With the new iOS client version of OpenVPN Connect 3, connections to OpenVPN tunnels on pfSense no longer work. Many people have the same problem

Please see : https://forums.openvpn.net/viewtopic.php?f=36&t=26986&p=80932

Is there a solution ?

Thanks

Best Regards,
Fabien

gfeiner

I had the same problem after updating to v3. I deleted the app, reinstalled and then re-imported the VPN profile using iTunes. I'm connecting fine now.

johnpoz

Had zero issues with the updated on my iphone.. Connecting just fine.

occamsrazor

I have the same... Connections to my commercial VPN provider work OK from the new OpenVPN IOS app, but not to my pfSense.
Running 2.4.3-RELEASE-p1 and IOS 11.4.1
However.... connections to pfSense when connecting from the IOS Settings > VPN pane do work

johnpoz

Running 3.0.0(172) on IOS 11.4.1 connecting into either udp or tcp running on my 2.4.3p1 pfsense - ZERO issues.. Your going to have to post some logs if you want anyone to help you figure out what is wrong..

Post up the client and the server logs of your connection attempt.

MikeV7896

I think I had to re-enter my username and/or password after upgrading, but after doing that I have no problems with connecting to my pfSense box from my iPhone.

occamsrazor

@virgiliomi said in IOS OpenVPN Connect 3 : no more connections works:

I think I had to re-enter my username and/or password after upgrading, but after doing that I have no problems with connecting to my pfSense box from my iPhone.

Well spotted! Looking into the profile the password was there but the username was missing.

fabiensch2

@johnpoz
Here is the log :

Client :

2018-39-03 00:39:53 Contacting [xxxxx]:80/UDP via UDP
2018-39-03 00:39:53 EVENT: WAIT
2018-39-03 00:39:53 Connecting to [xxx]:80 (xxx) via UDPv4
2018-40-03 00:40:02 Server poll timeout, trying next remote entry...
2018-40-03 00:40:02 EVENT: RECONNECTING
2018-40-03 00:40:02 EVENT: RESOLVE
2018-40-03 00:40:02 Contacting [xxx]:80/UDP via UDP
2018-40-03 00:40:02 EVENT: WAIT
2018-40-03 00:40:02 Connecting to [xxx]:80 (xxx) via UDPv4
2018-40-03 00:40:13 Server poll timeout, trying next remote entry...
2018-40-03 00:40:13 EVENT: RECONNECTING
...

Server :

Sep 2 22:39:53	openvpn	16588	TLS Error: cannot locate HMAC in incoming packet from [AF_INET]xxx.23:59373
Sep 2 22:39:54	openvpn	16588	TLS Error: cannot locate HMAC in incoming packet from [AF_INET]xxx.23:59373
Sep 2 22:39:55	openvpn	16588	TLS Error: cannot locate HMAC in incoming packet from [AF_INET]xxx.23:59373
Sep 2 22:39:56	openvpn	16588	TLS Error: cannot locate HMAC in incoming packet from [AF_INET]xxx.23:59373
Sep 2 22:39:57	openvpn	16588	TLS Error: cannot locate HMAC in incoming packet from [AF_INET]xxx.23:59373
Sep 2 22:39:58	openvpn	16588	TLS Error: cannot locate HMAC in incoming packet from [AF_INET]xxx.23:59373
Sep 2 22:39:59	openvpn	16588	TLS Error: cannot locate HMAC in incoming packet from [AF_INET]xxx.23:59373
Sep 2 22:40:00	openvpn	16588	TLS Error: cannot locate HMAC in incoming packet from [AF_INET]xxx.23:59373
Sep 2 22:40:01	openvpn	16588	TLS Error: cannot locate HMAC in incoming packet from [AF_INET]xxx.23:59373
Sep 2 22:40:02	openvpn	16588	TLS Error: cannot locate HMAC in incoming packet from [AF_INET]xxx.23:59373
Sep 2 22:40:02	openvpn	16588	TLS Error: cannot locate HMAC in incoming packet from [AF_INET]xxx.23:57925
Sep 2 22:40:04	openvpn	16588	TLS Error: cannot locate HMAC in incoming packet from [AF_INET]xxx.23:57925

fabiensch2

So, the "magic solution" is : export OpenVPN client profile with "Client Export" utility. Now it's ok

johnpoz

Wouldn't call that magic ;) How were you doing it before? No wonder you were having issues.

fabiensch2

@johnpoz said in IOS OpenVPN Connect 3 : no more connections works:

Wouldn't call that magic ;) How were you doing it before? No wonder you were having issues.

I had make the profile by hand at the time and it always worked before

Napsterbater

@occamsrazor

@occamsrazor said in IOS OpenVPN Connect 3 : no more connections works:

@virgiliomi said in IOS OpenVPN Connect 3 : no more connections works:

I think I had to re-enter my username and/or password after upgrading, but after doing that I have no problems with connecting to my pfSense box from my iPhone.

Well spotted! Looking into the profile the password was there but the username was missing.

Same problem I had.

Gertjan

Didn't even know that the OpenVPN app for iOS 11.4.1 was updated ....
I was always using the exported config from the Client Export package.
I switched the slider, and was connected without any issues.