Hello,
I installed OpenVPN (Roadwarrior) with separated profiles für each user and each device. I distributed the Profiles to my iPhone (using OpenVPN-Client) and my MacBook Pro (using Tunnelblick).
The defined VPN-Tunnel works fine if initiated inside my LAN.
If I initiate the VPN-Connection from Cellphone or different WLAN th connection is blocked.
Inside my log file I found:
Tue Sep 15 13:31:45 2020 marko-d-iphone/192.168.2.1:63486 Data Channel: using negotiated cipher 'AES-256-GCM'
Tue Sep 15 13:31:45 2020 marko-d-iphone/192.168.2.1:63486 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Tue Sep 15 13:31:45 2020 marko-d-iphone/192.168.2.1:63486 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Tue Sep 15 13:32:09 2020 marko-d-iphone/192.168.2.1:63486 SIGTERM[soft,remote-exit] received, client-instance exiting
Tue Sep 15 13:33:15 2020 192.168.2.1:52386 TLS: Initial packet from [AF_INET]192.168.2.1:52386 (via [AF_INET]192.168.2.201%eth0), sid=008edbf3 e165a91b
Tue Sep 15 13:33:15 2020 192.168.2.1:52386 peer info: IV_VER=3.git::3e56f9a6
Tue Sep 15 13:33:15 2020 192.168.2.1:52386 peer info: IV_PLAT=ios
Tue Sep 15 13:33:15 2020 192.168.2.1:52386 peer info: IV_NCP=2
Tue Sep 15 13:33:15 2020 192.168.2.1:52386 peer info: IV_TCPNL=1
Tue Sep 15 13:33:15 2020 192.168.2.1:52386 peer info: IV_PROTO=2
Tue Sep 15 13:33:15 2020 192.168.2.1:52386 peer info: IV_GUI_VER=net.openvpn.connect.ios_3.2.0-3253
Tue Sep 15 13:33:15 2020 192.168.2.1:52386 peer info: IV_SSO=openurl
Tue Sep 15 13:33:15 2020 192.168.2.1:52386 peer info: IV_BS64DL=1
Tue Sep 15 13:33:15 2020 192.168.2.1:52386 TLS: Username/Password authentication succeeded for username 'marko-d-iphone' [CN SET]
Tue Sep 15 13:33:15 2020 192.168.2.1:52386 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384
Tue Sep 15 13:33:15 2020 192.168.2.1:52386 [marko-d-iphone] Peer Connection Initiated with [AF_INET]192.168.2.1:52386 (via [AF_INET]192.168.2.201%eth0)
Tue Sep 15 13:33:15 2020 marko-d-iphone/192.168.2.1:52386 MULTI_sva: pool returned IPv4=192.168.4.93, IPv6=(Not enabled)
Tue Sep 15 13:33:15 2020 marko-d-iphone/192.168.2.1:52386 OPTIONS IMPORT: reading client specific options from: /tmp/openvpn_cc_2d89f0dc05238bdd1ba09a9369faa2ed.tmp
Tue Sep 15 13:33:15 2020 marko-d-iphone/192.168.2.1:52386 MULTI: Learn: 192.168.4.93 -> marko-d-iphone/192.168.2.1:52386
Tue Sep 15 13:33:15 2020 marko-d-iphone/192.168.2.1:52386 MULTI: primary virtual IP for marko-d-iphone/192.168.2.1:52386: 192.168.4.93
Tue Sep 15 13:33:15 2020 marko-d-iphone/192.168.2.1:52386 PUSH: Received control message: 'PUSH_REQUEST'
Tue Sep 15 13:33:15 2020 marko-d-iphone/192.168.2.1:52386 SENT CONTROL [marko-d-iphone]: 'PUSH_REPLY,dhcp-option DOMAIN lan.home,dhcp-option DNS 192.168.3.3,dhcp-option WINS 192.168.4.1,dhcp-option NBDD 192.168.4.1,dhcp-option NBT 2,route 192.168.3.0 255.255.255.0,route-gateway 192.168.4.1,topology subnet,ping 20,ping-restart 120,ifconfig 192.168.4.93 255.255.255.0,peer-id 0,cipher AES-256-GCM' (status=1)
Tue Sep 15 13:33:15 2020 marko-d-iphone/192.168.2.1:52386 Data Channel: using negotiated cipher 'AES-256-GCM'
Tue Sep 15 13:33:15 2020 marko-d-iphone/192.168.2.1:52386 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Tue Sep 15 13:33:15 2020 marko-d-iphone/192.168.2.1:52386 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Tue Sep 15 13:33:17 2020 marko-d-iphone/192.168.2.1:52386 SIGTERM[soft,remote-exit] received, client-instance exiting
Topology:
DSL-Router: 192.168.2.1
LAN: 192.168.3.0/24
Gateway (Nethserver) with DHCP-Server: 192.168.3.1
DNS-Server: 192.168.3.3
VPN-LAN: 192.168.4.0/24
VPN-Configuration:
well configured Dyn-DNS pointed to my Router
Port-Forwarding TCP and UDP 1194
Does anyone have an idea why there is no connection from the external network?
Best Regards, MArko