OpenVPN no longer connects from iOS Devices following upgrade to 2.1.5



  • Hey Guys,

    I upgraded one of my pfSense boxes this morning and since then iOS Clients can no longer connect to the OpenVPN instance running on this box.

    Server Log:

    Sep  8 15:13:44 pfsense openvpn[75741]: <sourceip>:53947 TLS_ERROR: BIO read tls_read_plaintext error: error:04075070:rsa routines:RSA_sign:digest too big for rsa key: error:1409B006:SSL routines:SSL3_SEND_SERVER_KEY_EXCHANGE:EVP lib
    Sep  8 15:13:44 pfsense openvpn[75741]: <sourceip>:53947 TLS Error: TLS object -> incoming plaintext read error
    Sep  8 15:13:44 pfsense openvpn[75741]: <sourceip>:53947 TLS Error: TLS handshake failed</sourceip></sourceip></sourceip>
    

    Client Log:

    2014-09-08 15:13:01 LZO-ASYM init swap=0 asym=0
    2014-09-08 15:13:01 EVENT: RESOLVE
    2014-09-08 15:13:01 Contacting <destinationip>:1194 via UDP
    2014-09-08 15:13:01 EVENT: WAIT
    2014-09-08 15:13:01 Connecting to <destinationip>:1194 (<destinationip>) via UDPv4
    2014-09-08 15:13:01 EVENT: CONNECTING
    2014-09-08 15:13:01 Tunnel Options:V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher AES-128-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-client
    2014-09-08 15:13:01 Creds: Username/Password
    2014-09-08 15:13:01 Peer Info:
    IV_GUI_VER=net.openvpn.connect.ios 1.0.4-140
    IV_VER=3.0
    IV_PLAT=ios
    IV_NCP=1
    IV_LZO=1
    
    2014-09-08 15:13:42 Session invalidated: KEEPALIVE_TIMEOUT
    2014-09-08 15:13:42 Client terminated, restarting in 2...
    2014-09-08 15:13:44 EVENT: RECONNECTING
    2014-09-08 15:13:44 LZO-ASYM init swap=0 asym=0
    2014-09-08 15:13:44 EVENT: RESOLVE
    2014-09-08 15:13:44 Contacting 86.28.107.90:1194 via UDP
    2014-09-08 15:13:44 EVENT: WAIT
    2014-09-08 15:13:44 Connecting to <destinationip>:1194 (<destinationip>) via UDPv4
    2014-09-08 15:13:44 EVENT: CONNECTING
    2014-09-08 15:13:44 Tunnel Options:V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher AES-128-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-client
    2014-09-08 15:13:44 Creds: Username/Password
    2014-09-08 15:13:44 Peer Info:
    IV_GUI_VER=net.openvpn.connect.ios 1.0.4-140
    IV_VER=3.0
    IV_PLAT=ios
    IV_NCP=1
    IV_LZO=1
    
    2014-09-08 15:14:01 EVENT: CONNECTION_TIMEOUT [ERR]
    2014-09-08 15:14:01 EVENT: DISCONNECTED
    2014-09-08 15:14:01 Raw stats on disconnect:
     BYTES_IN : 208
     BYTES_OUT : 3672
     PACKETS_IN : 4
     PACKETS_OUT : 34
     KEEPALIVE_TIMEOUT : 1
     CONNECTION_TIMEOUT : 1
     N_RECONNECT : 1
    2014-09-08 15:14:01 Performance stats on disconnect:
     CPU usage (microseconds): 19638
     Network bytes per CPU second: 197576
     Tunnel bytes per CPU second: 0
    2014-09-08 15:14:01 ----- OpenVPN Stop -----
    2014-09-08 15:14:01 EVENT: DISCONNECT_PENDING</destinationip></destinationip></destinationip></destinationip></destinationip>
    

    Googling around didn't produce anything directly tied to the new versions of OpenVPN or pfSense.

    Note that Desktop devices seem to connect using the community client running as a service fine.

    Any ideas or anything else I can provide to help?

    Thanks!



  • Did you ever have a resolution on this?


  • Banned

    Dude, you are posting into over one year dead thread about 2.1.5. Why'd you be "upgrading" to completely obsolete release now?



  • Why'd you be "upgrading" to completely obsolete release now?

    Yup, +1 on that.

    From all accounts 2.2.5 is stable, especially as far as OpenVPN.
    I've got more than a few iOS devices talking to  various 2.2.5 sites using OPenVPN.

    I'd be inclined to make sure your pfSense is up to date, then make sure the iOS client is as well.


Log in to reply