Can't connect Ipad Pro to OpenVPN. How do I troubleshoot?

ThreeEyedFish

Hi, I'm trying to connect my Ipad Pro with OpenVPN, but I get a connection time-out error. I downloaded the config file from the OpenVPN Client Export tab (OpenVPN Connect for Android/iOS). The weird thing is that the exe file for Windows works perfectly. Can anybody help me on how to troubleshoot this? I've no idea where to start looking.

(one more detail: my pfSense box is an SG-4860, which reached End Of Life somewhere in April this year. Haven't got arround buying a SG-5100 yet)

Logs from Ipad Pro:

2020-07-19 09:24:32 ----- OpenVPN Start -----
OpenVPN core 3.git::3e56f9a6 ios arm64 64-bit

2020-07-19 09:24:32 OpenVPN core 3.git::3e56f9a6 ios arm64 64-bit

2020-07-19 09:24:32 Frame=512/2048/512 mssfix-ctrl=1250

2020-07-19 09:24:32 UNUSED OPTIONS
1 [persist-tun]
2 [persist-key]
4 [ncp-disable]
6 [tls-client]
8 [resolv-retry] [infinite]
10 [block-outside-dns]
11 [verify-x509-name] [XXX] [name]

2020-07-19 09:24:32 EVENT: RESOLVE

2020-07-19 09:24:32 Contacting [X.X.X.X]:1396/UDP via UDP

2020-07-19 09:24:32 EVENT: WAIT

2020-07-19 09:24:32 Connecting to [XXX.XXX.XXX]:1396 (X.X.X.X) via UDPv4

2020-07-19 09:24:42 Server poll timeout, trying next remote entry...

2020-07-19 09:24:42 EVENT: RECONNECTING

2020-07-19 09:24:42 EVENT: RESOLVE

2020-07-19 09:24:42 Contacting [X.X.X.X]:1396/UDP via UDP

2020-07-19 09:24:42 EVENT: WAIT

2020-07-19 09:24:42 Connecting to [XXX.XXX.XXX]:1396 (X.X.X.X) via UDPv4

2020-07-19 09:24:52 Server poll timeout, trying next remote entry...

2020-07-19 09:24:52 EVENT: RECONNECTING

2020-07-19 09:24:52 EVENT: RESOLVE

2020-07-19 09:24:52 Contacting [X.X.X.X]:1396/UDP via UDP

2020-07-19 09:24:52 EVENT: WAIT
2020-07-19 09:24:52 Connecting to [XXX.XXX.XXX]:1396 (X.X.X.X) via UDPv4

2020-07-19 09:25:02 EVENT: CONNECTION_TIMEOUT [ERR]

2020-07-19 09:25:02 Raw stats on disconnect:
BYTES_OUT : 1620
PACKETS_OUT : 30
CONNECTION_TIMEOUT : 1
N_RECONNECT : 2

2020-07-19 09:25:02 Performance stats on disconnect:
CPU usage (microseconds): 54420
Network bytes per CPU second: 29768
Tunnel bytes per CPU second: 0

2020-07-19 09:25:02 EVENT: DISCONNECTED

2020-07-19 09:25:02 Raw stats on disconnect:
BYTES_OUT : 1620
PACKETS_OUT : 30
CONNECTION_TIMEOUT : 1
N_RECONNECT : 2

2020-07-19 09:25:02 Performance stats on disconnect:
CPU usage (microseconds): 82993
Network bytes per CPU second: 19519
Tunnel bytes per CPU second: 0

Logs from pfSense OpenVPN:

Jul 19 13:14:24 openvpn 54929 MANAGEMENT: Client disconnected
Jul 19 13:14:24 openvpn 54929 MANAGEMENT: CMD 'quit'
Jul 19 13:14:24 openvpn 54929 MANAGEMENT: CMD 'status 2'
Jul 19 13:14:23 openvpn 54929 MANAGEMENT: Client connected from /var/etc/openvpn/server2.sock
Jul 19 13:13:21 openvpn 54929 MANAGEMENT: Client disconnected
Jul 19 13:13:21 openvpn 54929 MANAGEMENT: CMD 'quit'
Jul 19 13:13:21 openvpn 54929 MANAGEMENT: CMD 'status 2'
Jul 19 13:13:21 openvpn 54929 MANAGEMENT: Client connected from /var/etc/openvpn/server2.sock

Gertjan

@ThreeEyedFish said in Can't connect Ipad Pro to OpenVPN. How do I troubleshoot?:

Hi, your iPad (actually, the VPN App) is telling you that XXX.XXX.XXX:1396 doesn't reply.
Your OpenVPN server on pfSense tells you : no one is connecting right now.

Do you have a firewall rule on your WAN that permits incoming connections "from everywhere" to port 1139, using protocol UDP ?
Do you have a router in front of your pfSense ? In that case, the same firewall rule (NAT rule this time) should be placed on this router.

Btw : the OpenVPN server log lines you showed are traces of the GUI questioning the OpenVPN server for connections every 60 seconds.