Context Navigation

← Previous Ticket
Next Ticket →

#1033 closed Bug / Defect (notabug)

iOS: dhcp-option PROXY_HTTP(S) not working

Reported by:	plg	Owned by:	Antonio Quartulli
Priority:	major	Milestone:
Component:	OpenVPN Connect	Version:	OpenVPN Connect for iOS v1.2.9
Severity:	Not set (select this one, unless your'e a OpenVPN developer)	Keywords:
Cc:

Description

iOS 11.2.6 on an iPhone 6S.

In my config I have the following:

dhcp-option PROXY_HTTP 10.8.0.1 8080
dhcp-option PROXY_HTTPS 10.8.0.1 8080

In the client log I can see it says it is used:

2018-03-01 12:45:04 NIP: setting HTTP proxy to 10.8.0.1:8080
2018-03-01 12:45:04 NIP: setting HTTPS proxy to 10.8.0.1:8080

But HTTP(S) traffic isn't going through the proxy.

I have also tried using 127.0.0.1 for the proxy host, to see if that would cause any connection issues, but it did not.

Change History (6)

comment:1 Changed 6 years ago by plg

Here's a client log:

2018-03-01 13:00:08 ----- OpenVPN Start -----
OpenVPN core 3.2 ios arm64 64-bit built on Feb 22 2018 12:39:28
2018-03-01 13:00:08 Frame=512/2048/512 mssfix-ctrl=1250
2018-03-01 13:00:08 UNUSED OPTIONS
4 [resolv-retry] [infinite] 
7 [nobind] 
8 [persist-key] 
9 [persist-tun] 
10 [verb] [3] 

2018-03-01 13:00:08 EVENT: RESOLVE
2018-03-01 13:00:08 Contacting [x.x.x.x]:1194/UDP via UDP
2018-03-01 13:00:08 EVENT: WAIT
2018-03-01 13:00:08 Connecting to [x.x.x.x]:1194 (x.x.x.x) via UDPv4
2018-03-01 13:00:08 EVENT: CONNECTING
2018-03-01 13:00:08 Tunnel Options:V4,dev-type tun,link-mtu 1557,tun-mtu 1500,proto UDPv4,keydir 1,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-client
2018-03-01 13:00:08 Creds: UsernameEmpty/PasswordEmpty
2018-03-01 13:00:08 Peer Info:
IV_GUI_VER=net.openvpn.connect.ios 1.2.9-0
IV_VER=3.2
IV_PLAT=ios
IV_NCP=2
IV_TCPNL=1
IV_PROTO=2
IV_AUTO_SESS=1

2018-03-01 13:00:08 VERIFY OK : depth=1
cert. version    : 3
serial number    : A1:F2:EA:86:E2:EE:BC:2E
issuer name      : C=FR, ST=France, L=Paris, O=Borris, OU=Borris, CN=Borris CA, ??=OpenVPN Borris, emailAddress=root@borris
subject name      : C=FR, ST=France, L=Paris, O=Borris, OU=Borris, CN=Borris CA, ??=OpenVPN Borris, emailAddress=root@borris
issued  on        : 2018-02-28 10:44:22
expires on        : 2028-02-26 10:44:22
signed using      : RSA with SHA-256
RSA key size      : 2048 bits
basic constraints : CA=true

2018-03-01 13:00:08 VERIFY OK : depth=0
cert. version    : 3
serial number    : 01
issuer name      : C=FR, ST=France, L=Paris, O=Borris, OU=Borris, CN=Borris CA, ??=OpenVPN Borris, emailAddress=root@borris
subject name      : C=FR, ST=France, L=Paris, O=Borris, OU=Borris, CN=borris, ??=OpenVPN Borris, emailAddress=root@borris
issued  on        : 2018-02-28 10:44:37
expires on        : 2028-02-26 10:44:37
signed using      : RSA with SHA-256
RSA key size      : 2048 bits
basic constraints : CA=false
subject alt name  : borris
cert. type        : SSL Server
key usage        : Digital Signature, Key Encipherment
ext key usage    : TLS Web Server Authentication

2018-03-01 13:00:08 SSL Handshake: TLSv1.2/TLS-DHE-RSA-WITH-AES-256-GCM-SHA384
2018-03-01 13:00:08 Session is ACTIVE
2018-03-01 13:00:08 EVENT: GET_CONFIG
2018-03-01 13:00:08 Sending PUSH_REQUEST to server...
2018-03-01 13:00:08 OPTIONS:
0 [dhcp-option] [PROXY_HTTP] [10.8.0.1] [18080] 
1 [dhcp-option] [PROXY_HTTPS] [10.8.0.1] [18080] 
2 [route] [10.8.0.1] 
3 [topology] [net30] 
4 [ping] [10] 
5 [ping-restart] [120] 
6 [ifconfig] [10.8.0.6] [10.8.0.5] 

2018-03-01 13:00:08 PROTOCOL OPTIONS:
  cipher: AES-256-CBC
  digest: SHA1
  compress: NONE
  peer ID: -1
2018-03-01 13:00:08 EVENT: ASSIGN_IP
2018-03-01 13:00:08 NIP: preparing TUN network settings
2018-03-01 13:00:08 NIP: init TUN network settings with endpoint: x.x.x.x
2018-03-01 13:00:08 NIP: adding IPv4 address to network settings 10.8.0.6/255.255.255.252
2018-03-01 13:00:08 NIP: adding (included) IPv4 route 10.8.0.4/30
2018-03-01 13:00:08 NIP: adding (included) IPv4 route 10.8.0.1/32
2018-03-01 13:00:08 NIP: setting HTTP proxy to 10.8.0.1:18080
2018-03-01 13:00:08 NIP: setting HTTPS proxy to 10.8.0.1:18080
2018-03-01 13:00:08 Connected via NetworkExtensionTUN
2018-03-01 13:00:08 EVENT: CONNECTED @x.x.x.x:1194 (x.x.x.x) via /UDPv4 on NetworkExtensionTUN/10.8.0.6/ gw=[/]
2018-03-01 13:00:53 EVENT: DISCONNECTED
2018-03-01 13:00:53 Raw stats on disconnect:
  BYTES_IN : 4767
  BYTES_OUT : 3431
  PACKETS_IN : 15
  PACKETS_OUT : 16
  DECRYPT_ERROR : 4
2018-03-01 13:00:53 Performance stats on disconnect:
  CPU usage (microseconds): 144722
  Network bytes per CPU second: 56646
  Tunnel bytes per CPU second: 0

comment:2 Changed 6 years ago by Antonio Quartulli

there is no traffic being sent to the VPN except for 10.8.0.4/30 ... why do you expect anything go to through the proxy?

comment:3 Changed 6 years ago by Antonio Quartulli

if you push a DNS server, then it should work as you expect, because OpenVPN will understand that you want any "domain" to be handled by the VPN.

comment:4 follow-up: 5 Changed 6 years ago by plg

Ah you're right, thanks!

Is there anywhere this is documented? I couldn't find much about this.

comment:5 in reply to: 4 Changed 6 years ago by plg

Replying to plg:

Ah you're right, thanks!

Is there anywhere this is documented? I couldn't find much about this.

Version 0, edited 6 years ago by plg (next)

comment:6 Changed 6 years ago by Antonio Quartulli

Resolution:	→ notabug
Status:	new → closed

Note: See TracTickets for help on using tickets.

Download in other formats: