Can't connect Ipad Pro to OpenVPN. How do I troubleshoot?
-
Hi, I'm trying to connect my Ipad Pro with OpenVPN, but I get a connection time-out error. I downloaded the config file from the OpenVPN Client Export tab (OpenVPN Connect for Android/iOS). The weird thing is that the exe file for Windows works perfectly. Can anybody help me on how to troubleshoot this? I've no idea where to start looking.
(one more detail: my pfSense box is an SG-4860, which reached End Of Life somewhere in April this year. Haven't got arround buying a SG-5100 yet)
Logs from Ipad Pro:
2020-07-19 09:24:32 ----- OpenVPN Start -----
OpenVPN core 3.git::3e56f9a6 ios arm64 64-bit2020-07-19 09:24:32 OpenVPN core 3.git::3e56f9a6 ios arm64 64-bit
2020-07-19 09:24:32 Frame=512/2048/512 mssfix-ctrl=1250
2020-07-19 09:24:32 UNUSED OPTIONS
1 [persist-tun]
2 [persist-key]
4 [ncp-disable]
6 [tls-client]
8 [resolv-retry] [infinite]
10 [block-outside-dns]
11 [verify-x509-name] [XXX] [name]2020-07-19 09:24:32 EVENT: RESOLVE
2020-07-19 09:24:32 Contacting [X.X.X.X]:1396/UDP via UDP
2020-07-19 09:24:32 EVENT: WAIT
2020-07-19 09:24:32 Connecting to [XXX.XXX.XXX]:1396 (X.X.X.X) via UDPv4
2020-07-19 09:24:42 Server poll timeout, trying next remote entry...
2020-07-19 09:24:42 EVENT: RECONNECTING
2020-07-19 09:24:42 EVENT: RESOLVE
2020-07-19 09:24:42 Contacting [X.X.X.X]:1396/UDP via UDP
2020-07-19 09:24:42 EVENT: WAIT
2020-07-19 09:24:42 Connecting to [XXX.XXX.XXX]:1396 (X.X.X.X) via UDPv4
2020-07-19 09:24:52 Server poll timeout, trying next remote entry...
2020-07-19 09:24:52 EVENT: RECONNECTING
2020-07-19 09:24:52 EVENT: RESOLVE
2020-07-19 09:24:52 Contacting [X.X.X.X]:1396/UDP via UDP
2020-07-19 09:24:52 EVENT: WAIT
2020-07-19 09:24:52 Connecting to [XXX.XXX.XXX]:1396 (X.X.X.X) via UDPv42020-07-19 09:25:02 EVENT: CONNECTION_TIMEOUT [ERR]
2020-07-19 09:25:02 Raw stats on disconnect:
BYTES_OUT : 1620
PACKETS_OUT : 30
CONNECTION_TIMEOUT : 1
N_RECONNECT : 22020-07-19 09:25:02 Performance stats on disconnect:
CPU usage (microseconds): 54420
Network bytes per CPU second: 29768
Tunnel bytes per CPU second: 02020-07-19 09:25:02 EVENT: DISCONNECTED
2020-07-19 09:25:02 Raw stats on disconnect:
BYTES_OUT : 1620
PACKETS_OUT : 30
CONNECTION_TIMEOUT : 1
N_RECONNECT : 22020-07-19 09:25:02 Performance stats on disconnect:
CPU usage (microseconds): 82993
Network bytes per CPU second: 19519
Tunnel bytes per CPU second: 0Logs from pfSense OpenVPN:
Jul 19 13:14:24 openvpn 54929 MANAGEMENT: Client disconnected
Jul 19 13:14:24 openvpn 54929 MANAGEMENT: CMD 'quit'
Jul 19 13:14:24 openvpn 54929 MANAGEMENT: CMD 'status 2'
Jul 19 13:14:23 openvpn 54929 MANAGEMENT: Client connected from /var/etc/openvpn/server2.sock
Jul 19 13:13:21 openvpn 54929 MANAGEMENT: Client disconnected
Jul 19 13:13:21 openvpn 54929 MANAGEMENT: CMD 'quit'
Jul 19 13:13:21 openvpn 54929 MANAGEMENT: CMD 'status 2'
Jul 19 13:13:21 openvpn 54929 MANAGEMENT: Client connected from /var/etc/openvpn/server2.sock -
@ThreeEyedFish said in Can't connect Ipad Pro to OpenVPN. How do I troubleshoot?:
Hi, your iPad (actually, the VPN App) is telling you that XXX.XXX.XXX:1396 doesn't reply.
Your OpenVPN server on pfSense tells you : no one is connecting right now.Do you have a firewall rule on your WAN that permits incoming connections "from everywhere" to port 1139, using protocol UDP ?
Do you have a router in front of your pfSense ? In that case, the same firewall rule (NAT rule this time) should be placed on this router.Btw : the OpenVPN server log lines you showed are traces of the GUI questioning the OpenVPN server for connections every 60 seconds.
