2.6 cant get openvpn working

Honeybadger

I've been trying to avoid bothering you all with this problem.

Been trying to fix it for 3 weeks since 2.6 came out.

Actually my openvpn stopped working but it seems 2.6fixed the ddns problem so this is something new.

Everything worked fine before the last update 2.5.x when ddns stopped updating. Now it is working again but my openvpn clients cant connect.

It shows port 1194 open but yhe cert name is undef. I just dont know.

I've gotten so desprate i started from scratch, recreated ca, clients, client certs, i can see the port on 1194 open but nothing else. I have rules on wan and openvpn for passing all traffic.

I don't know what to do at this point.

Help please

JKnott

@honeybadger

What do the logs say, from both ends.

Honeybadger

@jknott thanks!

Client: 21:50:43.055 -- ----- OpenVPN Start -----

21:50:43.055 -- EVENT: CORE_THREAD_ACTIVE

21:50:43.057 -- OpenVPN core 3.git::662eae9a:Release android arm64 64-bit PT_PROXY

21:50:43.205 -- Frame=512/2048/512 mssfix-ctrl=1250

21:50:43.206 -- UNUSED OPTIONS
1 [persist-tun]
2 [persist-key]
3 [data-ciphers] [AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305:AES-256-CBC]
4 [data-ciphers-fallback] [AES-256-CBC]
6 [tls-client]
8 [resolv-retry] [infinite]
10 [nobind]
11 [verify-x509-name] [OpenVPN_CA] [name]
13 [pkcs12] [nehwon-udp-1194-techbadgertablet.p12]
17 [explicit-exit-notify]

21:50:43.206 -- EVENT: RESOLVE

21:50:43.232 -- Contacting 184.103.180.206:1194 via UDP

21:50:43.232 -- EVENT: WAIT

21:50:43.237 -- Connecting to [techbadger.ddns.net]:1194 (184.103.180.206) via UDPv4

21:50:53.207 -- Server poll timeout, trying next remote entry...

21:50:53.209 -- EVENT: RECONNECTING

21:50:53.230 -- EVENT: RESOLVE

21:50:53.247 -- Contacting 184.103.180.206:1194 via UDP

21:50:53.248 -- EVENT: WAIT

21:50:53.252 -- Connecting to [techbadger.ddns.net]:1194 (184.103.180.206) via UDPv4

21:51:03.211 -- Server poll timeout, trying next remote entry...

21:51:03.213 -- EVENT: RECONNECTING

21:51:03.233 -- EVENT: RESOLVE

21:51:03.255 -- Contacting 184.103.180.206:1194 via UDP

21:51:03.256 -- EVENT: WAIT

21:51:03.259 -- Connecting to [techbadger.ddns.net]:1194 (184.103.180.206) via UDPv4

21:51:13.233 -- Server poll timeout, trying next remote entry...

21:51:13.235 -- EVENT: RECONNECTING

21:51:13.246 -- EVENT: RESOLVE

21:51:13.259 -- Contacting 184.103.180.206:1194 via UDP

21:51:13.260 -- EVENT: WAIT

21:51:13.265 -- Connecting to [techbadger.ddns.net]:1194 (184.103.180.206) via UDPv4

21:51:23.237 -- Server poll timeout, trying next remote entry...

21:51:23.239 -- EVENT: RECONNECTING

21:51:23.246 -- EVENT: RESOLVE

21:51:23.260 -- Contacting 184.103.180.206:1194 via UDP

21:51:23.265 -- EVENT: WAIT

21:51:23.277 -- Connecting to [techbadger.ddns.net]:1194 (184.103.180.206) via UDPv4

21:51:33.241 -- Server poll timeout, trying next remote entry...

21:51:33.242 -- EVENT: RECONNECTING

21:51:33.254 -- EVENT: RESOLVE

21:51:33.303 -- Contacting 184.103.180.206:1194 via UDP

21:51:33.304 -- EVENT: WAIT

21:51:33.313 -- Connecting to [techbadger.ddns.net]:1194 (184.103.180.206) via UDPv4

Server:Mar 13 21:38:57 openvpn 9154 TLS Error: cannot locate HMAC in incoming packet from [AF_INET6]::ffff:192.168.1.172:54144 (via ::ffff:184.103.180.206%bridge0)
Mar 13 21:38:42 openvpn 9154 TLS Error: cannot locate HMAC in incoming packet from [AF_INET6]::ffff:192.168.1.172:54144 (via ::ffff:184.103.180.206%bridge0)
Mar 13 21:38:33 openvpn 9154 TLS Error: cannot locate HMAC in incoming packet from [AF_INET6]::ffff:192.168.1.172:54144 (via ::ffff:184.103.180.206%bridge0)
Mar 13 21:38:30 openvpn 9154 TLS Error: cannot locate HMAC in incoming packet from [AF_INET6]::ffff:192.168.1.172:54144 (via ::ffff:184.103.180.206%bridge0)
Mar 13 21:38:27 openvpn 9154 TLS Error: cannot locate HMAC in incoming packet from [AF_INET6]::ffff:192.168.1.172:54144 (via ::ffff:184.103.180.206%bridge0)
Mar 13 21:32:57 openvpn 9154 TLS Error: cannot locate HMAC in incoming packet from [AF_INET6]::ffff:192.168.1.172:54673 (via ::ffff:184.103.180.206%bridge0)
Mar 13 21:32:41 openvpn 9154 TLS Error: cannot locate HMAC in incoming packet from [AF_INET6]::ffff:192.168.1.172:54673 (via ::ffff:184.103.180.206%bridge0)
Mar 13 21:32:33 openvpn 9154 TLS Error: cannot locate HMAC in incoming packet from [AF_INET6]::ffff:192.168.1.172:54673 (via ::ffff:184.103.180.206%bridge0)
Mar 13 21:32:29 openvpn 9154 TLS Error: cannot locate HMAC in incoming packet from [AF_INET6]::ffff:192.168.1.172:54673 (via ::ffff:184.103.180.206%bridge0)
Mar 13 21:32:28 openvpn 9154 TLS Error: cannot locate

First it said too many logins so i upped it to 10,now this error.

Thanks so much!

Honeybadger

@jknott now I'm getting :
Mar 13 22:01:44 openvpn 49042 192.168.1.178:32991 write UDPv6: Can't assign requested address (code=49)
Mar 13 22:01:43 openvpn 49042 192.168.1.178:51280 TLS Error: incoming packet authentication failed from [AF_INET6]::ffff:192.168.1.178:51280 (via ::ffff:184.103.180.206%bridge0)
Mar 13 22:01:43 openvpn 49042 192.168.1.178:51280 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #1 / time = (1647234095) 2022-03-13 22:01:35 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Mar 13 22:01:42 openvpn 49042 192.168.1.178:51280 TLS Error: incoming packet authentication failed from [AF_INET6]::ffff:192.168.1.178:51280 (via ::ffff:184.103.180.206%bridge0)
Mar 13 22:01:42 openvpn 49042 192.168.1.178:51280 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #1 / time = (1647234095) 2022-03-13 22:01:35 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Mar 13 22:01:41 openvpn 49042 192.168.1.178:51280 TLS Error: incoming packet authentication failed from [AF_INET6]::ffff:192.168.1.178:51280 (via ::ffff:184.103.180.206%bridge0)
Mar 13 22:01:41 openvpn 49042 192.168.1.178:51280 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #1 / time = (1647234095) 2022-03-13 22:01:35 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Mar 13 22:01:40 openvpn 49042 192.168.1.178:51280 write UDPv6: Can't assign requested address (code=49)
Mar 13 22:01:40 openvpn 49042 192.168.1.178:51280 TLS Error: incoming packet authentication failed from [AF_INET6]::ffff:192.168.1.178:51280 (via ::ffff:184.103.180.206%bridge0)
Mar 13 22:01:40 openvpn 49042 192.168.1.178:51280 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #1 / time = (1647234095) 2022-03-13 22:01:35 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Mar 13 22:01:39 openvpn 49042 192.168.1.178:51280 TLS Error: incoming packet authentication failed from [AF_INET6]::ffff:192.168.1.178:51280 (via ::ffff:184.103.180.206%bridge0)

Gertjan

@honeybadger
See for example Openvpn[50203]: Authenticate/Decrypt packet error ?.

I've found the same error, just ones, last month in my log file :

What is this :

Bridge ?
What does bridge0 means ? Cab you tell more about your setup ?
Maybe it's not important / not related.

Honeybadger

@gertjan i think bridge is my wifi bridgs but it works so...

Gertjan

@honeybadger

pfSense, or OpenVPN, isn't aware of 'wifi'.

JKnott

@honeybadger

Your problem appears to be different from mine.

Honeybadger

@gertjan i know, why i have a bridge.

Still, any idea why I can't get openvpn working?

Gertjan

@honeybadger said in 2.6 cant get openvpn working:

write UDPv6: Can't assign requested address (code=49)
.... [AF_INET6]::ffff:192.168.1.178:51280 (via ::ffff:184.103.180.206%bridge0) ...

I have :

UDPv4 link local (bound): [AF_INET]192.168.10.3:1194

that is : I use IPv4.
I've nothing against IPv6 .... but try making IPv4 working first.

Honeybadger

This post is deleted!

Honeybadger

@gertjan ya still not working.

I'm using the wizard and i could have sworn there was a option to choose v4 or v6, cant fine it now.

Thanks everyone for the help!

Honeybadger

Remote:

09:21:46.726 -- ----- OpenVPN Start -----

09:21:46.727 -- EVENT: CORE_THREAD_ACTIVE

09:21:46.730 -- OpenVPN core 3.git::662eae9a:Release android arm64 64-bit PT_PROXY

09:21:46.893 -- Frame=512/2048/512 mssfix-ctrl=1250

09:21:46.897 -- UNUSED OPTIONS
1 [persist-tun]
2 [persist-key]
3 [data-ciphers] [AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305:AES-256-CBC]
4 [data-ciphers-fallback] [AES-256-CBC]
6 [tls-client]
8 [resolv-retry] [infinite]
10 [nobind]
11 [verify-x509-name] [OpenVPN_CA] [name]
13 [pkcs12] [nehwon-udp-1194-techbadgertablet.p12]
17 [explicit-exit-notify]

09:21:46.898 -- EVENT: RESOLVE

09:21:46.951 -- Contacting 184.103.180.206:1194 via UDP

09:21:46.951 -- EVENT: WAIT

09:21:46.955 -- Connecting to [techbadger.ddns.net]:1194 (184.103.180.206) via UDPv4

09:21:56.900 -- Server poll timeout, trying next remote entry...

09:21:56.902 -- EVENT: RECONNECTING

09:21:56.908 -- EVENT: RESOLVE

09:21:56.945 -- Contacting 184.103.180.206:1194 via UDP

09:21:56.946 -- EVENT: WAIT

09:21:56.952 -- Connecting to [techbadger.ddns.net]:1194 (184.103.180.206) via UDPv4

09:22:06.903 -- Server poll timeout, trying next remote entry...

09:22:06.905 -- EVENT: RECONNECTING

09:22:06.914 -- EVENT: RESOLVE

09:22:06.943 -- Contacting 184.103.180.206:1194 via UDP

09:22:06.943 -- EVENT: WAIT

09:22:06.946 -- Connecting to [techbadger.ddns.net]:1194 (184.103.180.206) via UDPv4

09:22:16.907 -- Server poll timeout, trying next remote entry...

09:22:16.908 -- EVENT: RECONNECTING

09:22:16.923 -- EVENT: RESOLVE

09:22:16.928 -- Contacting 184.103.180.206:1194 via UDP

09:22:16.929 -- EVENT: WAIT

09:22:16.937 -- Connecting to [techbadger.ddns.net]:1194 (184.103.180.206) via UDPv4

Server:
192.168.1.178:42120 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #1 / time = (1647361316) 2022-03-15 09:21:56 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Mar 15 09:22:00 openvpn 49042 192.168.1.178:42120 TLS Error: incoming packet authentication failed from [AF_INET6]::ffff:192.168.1.178:42120 (via ::ffff:184.103.180.206%bridge0)
Mar 15 09:22:00 openvpn 49042 192.168.1.178:42120 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #1 / time = (1647361316) 2022-03-15 09:21:56 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Mar 15 09:21:59 openvpn 49042 192.168.1.178:42120 TLS Error: incoming packet authentication failed from [AF_INET6]::ffff:192.168.1.178:42120 (via ::ffff:184.103.180.206%bridge0)
Mar 15 09:21:59 openvpn 49042 192.168.1.178:42120 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #1 / time = (1647361316) 2022-03-15 09:21:56 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Mar 15 09:21:59 openvpn 49042 192.168.1.178:59407 write UDPv6: Can't assign requested address (code=49)
Mar 15 09:21:58 openvpn 49042 192.168.1.178:42120 TLS Error: incoming packet authentication failed from [AF_INET6]::ffff:192.168.1.178:42120 (via ::ffff:184.103.180.206%bridge0)
Mar 15 09:21:58 openvpn 49042 192.168.1.178:42120 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #1 / time = (1647361316) 2022-03-15 09:21:56 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Mar 15 09:21:58 openvpn 49042 TLS Error: cannot locate HMAC in incoming packet from [AF_INET6]::ffff:192.168.1.172:52775 (via ::ffff:184.103.180.206%bridge0)
Mar 15 09:21:57 openvpn 49042 192.168.1.178:42120 write UDPv6: Can't assign requested address (code=49)
Mar 15 09:21:57 openvpn 49042 192.168.1.178:42120 TLS Error: incoming packet authentication failed from [AF_INET6]::ffff:192.168.1.178:42120 (via ::ffff:184.103.180.206%bridge0)
Mar 15 09:21:57 openvpn 49042 192.168.1.178:42120 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #1 / time = (1647361316) 2022-03-15 09:21:56 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Mar 15 09:21:56 openvpn 49042 192.168.1.178:42120 TLS Error: incoming packet authentication failed from [AF_INET6]::ffff:192.168.1.178:42120 (via ::ffff:184.103.180.206%bridge0)
Mar 15 09:21:56 openvpn 49042 192.168.1.178:42120 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #1 / time = (1647361316) 2022-03-15 09:21:56 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Mar 15 09:21:55 openvpn 49042 192.168.1.178:42120 write UDPv6: Can't assign requested address (code=49)
Mar 15 09:21:54 openvpn 49042 192.168.1.178:59407 TLS Error: incoming packet authentication failed from [AF_INET6]::ffff:192.168.1.178:59407 (via ::ffff:184.103.180.206%bridge0)
Mar 15 09:21:54 openvpn 49042 192.168.1.178:59407 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #1 / time = (1647361306) 2022-03-15 09:21:46 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Mar 15 09:21:54 openvpn 49042 TLS Error: cannot locate HMAC in incoming packet from [AF_INET6]::ffff:192.168.1.172:52775 (via ::ffff:184.103.180.206%bridge0)
Mar 15 09:21:53 openvpn 49042 192.168.1.178:59407 TLS Error: incoming packet authentication failed from [AF_INET6]::ffff:192.168.1.178:59407 (via ::ffff:184.103.180.206%bridge0)
Mar 15 09:21:53 openvpn 49042 192.168.1.178:59407 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #1 / time = (1647361306) 2022-03-15 09:21:46 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Mar 15 09:21:52 openvpn 49042 192.168.1.178:59407 TLS Error: incoming packet authentication failed from [AF_INET6]::ffff:192.168.1.178:59407 (via ::ffff:184.103.180.206%bridge0)
Mar 15 09:21:52 openvpn 49042 192.168.1.178:59407 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #1 / time = (1647361306) 2022-03-15 09:21:46 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Mar 15 09:21:52 openvpn 49042 TLS Error: cannot locate HMAC in incoming packet from [AF_INET6]::ffff:192.168.1.172:52775 (via ::ffff:184.103.180.206%bridge0)
Mar 15 09:21:51 openvpn 49042 192.168.1.178:59407 write UDPv6: Can't assign requested address (code=49)
Mar 15 09:21:51 openvpn 49042 192.168.1.178:59407 TLS Error: incoming packet authentication failed from [AF_INET6]::ffff:192.168.1.178:59407 (via ::ffff:184.103.180.206%bridge0)
Mar 15 09:21:51 openvpn 49042 192.168.1.178:59407 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #1 / time = (1647361306) 2022-03-15 09:21:46 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Mar 15 09:21:50 openvpn 49042 192.168.1.178:59407 TLS Error: incoming packet authentication failed from [AF_INET6]::ffff:192.168.1.178:59407 (via ::ffff:184.103.180.206%bridge0)
Mar 15 09:21:50 openvpn 49042 192.168.1.178:59407 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #1 / time = (1647361306) 2022-03-15 09:21:46 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Mar 15 09:21:49 openvpn 49042 192.168.1.178:59407 TLS Error: incoming packet authentication failed from [AF_INET6]::ffff:192.168.1.178:59407 (via ::ffff:184.103.180.206%bridge0)
Mar 15 09:21:49 openvpn 49042 192.168.1.178:59407 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #1 / time = (1647361306) 2022-03-15 09:21:46 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Mar 15 09:21:48 openvpn 49042 192.168.1.178:59407 TLS Error: incoming packet authentication failed from [AF_INET6]::ffff:192.168.1.178:59407 (via ::ffff:184.103.180.206%bridge0)
Mar 15 09:21:48 openvpn 49042 192.168.1.178:59407 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #1 / time = (1647361306) 2022-03-15 09:21:46 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Mar 15 09:21:47 openvpn 49042 192.168.1.178:59407 write UDPv6: Can't assign requested address (code=49)
Mar 15 09:21:47 openvpn 49042 192.168.1.178:59407 TLS Error: incoming packet authentication failed from [AF_INET6]::ffff:192.168.1.178:59407 (via ::ffff:184.103.180.206%bridge0)
Mar 15 09:21:47 openvpn 49042 192.168.1.178:59407 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #1 / time = (1647361306) 2022-03-15 09:21:46 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Mar 15 09:21:46 openvpn 49042 192.168.1.178:59407 TLS Error: incoming packet authentication failed from [AF_INET6]::ffff:192.168.1.178:59407 (via ::ffff:184.103.180.206%bridge0)
Mar 15 09:21:46 openvpn 49042 192.168.1.178:59407 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #1 / time = (1647361306) 2022-03-15 09:21:46 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Mar 15 09:21:45 openvpn 49042 192.168.1.178:59407 write UDPv6: Can't assign requested address (code=49)
Mar 15 09:16:22 openvpn 49042 TLS Error: cannot locate HMAC in incoming packet from [AF_INET6]::ffff:192.168.1.172:49629 (via ::ffff:184.103.180.206%bridge0

As you can see, v4. Ideas?

Gertjan

@honeybadger

You could do what is advised :

see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings

And if your not using IPv6 : why :

write UDPv6: Can't assign requested address (code=49)

Can you detail your OpenVPN server settings ?
Your WAN is a normal interface - no VLAN, of whatever this " %bridge0) " is.
What for device are you using ?

@honeybadger said in 2.6 cant get openvpn working:

TLS Error: cannot locate HMAC in incoming packet from

Google this one. I find, for example : How to fix OpenVPN “TLS Error: cannot locate HMAC in incoming packet from …” which says to me that the client config used doesn't correspond with what you exported in the pfSense GUI.

Honeybadger

@gertjan i followed these instructions: https://www.informaticar.net/how-to-setup-openvpn-on-pfsense/

I thought I set your advisments. Thanks for your time.

Gertjan

@honeybadger said in 2.6 cant get openvpn working:

https://www.informaticar.net/how-to-setup-openvpn-on-pfsense/

You can use https://what-ever-I-can-find-on-the-internet.tld but why wouldn't you also use these sources :

Docs » pfSense software » Virtual Private Networks

This video "a working OpenVPN in 5 minutes", made by the ones who build pfSense.
Configuring OpenVPN Remote Access in pfSense Software
Actually, all the OpenVPN video @Youtube -> Netgate, even the ones that are x years old are very important as they show examples.

If you really used a documentation, based on a very old pfSense version and also old OpenVPN (2.3.x or even before ?), it's a 100 %chance that things won't work out.
OpenVPN is security related so there are important changes a couple of times each year.

Normally, I build a "as per author instructions" setup, and this if everything works.
Every error or warning shown in the logs have to be considered as show stoppers until, from official source, they can be allowed.
Then, and only then, I add my own personnel settings, options and I test them one by one.

Honeybadger

@gertjan i read through your recommendated docs and videos.

I dont see the difference btween my install docs and yours, please point out the missing steps/data?

Thanks

Gertjan

@honeybadger said in 2.6 cant get openvpn working:

see the difference btween my install docs and yours

I'm not using or referring 'foreign' sources, as I only use the originals.
If there are differences, as you use older documentation, that's up to you to find them ;)

Honeybadger

@gertjan i did follow your recommended instruction at pfsense, ended with the same problem. I couldn't find anything different in setup between my original and your instructions.

Gertjan

@honeybadger said in 2.6 cant get openvpn working:

same problem

You mean : you used Configuring OpenVPN Remote Access in pfSense Software and the instructions in that video didn't work right away ?

There are some requirements that are not mentioned :

The latest pfSense version.
Default pfSense setup (no fancy routing, no VLAN, no other packages except the pfSEnse "openvpn-client-export" package.
A OpenVPN client version that uses 2.5.x (pfSense 2.6.0 is using OenVPN 2.5.4)

Anyway, I'm curious now. I"ll blow away my settings @home - reboot to default, assign interfaces, change the password and stop there. I'll play back the video.
I'll be using this client OpenVPN Connect Phone or PC version.

Since Mars 2020, thousands are using OpenVPN as we all had to work from home.