Opened 5 years ago

Closed 4 years ago

#1060 closed Bug / Defect (worksforme)

iOS connecting via settings unpossible; Via App is working

Reported by: hagenuck1 Owned by: Antonio Quartulli
Priority: major Milestone:
Component: OpenVPN Connect Version: OpenVPN Connect for iOS v1.2.9
Severity: Not set (select this one, unless your'e a OpenVPN developer) Keywords:


Hi there,

we're using OpenVPN using our firewall for a while now. It was working great till version 1.1.1, but we also had some issues, when 1.2.5 was released. Now most bugs have been fixed and we are again able to transfer the settings and certificates using mdm and establish the connection from the openvpn connect app.

But when we try to connect using the iOS settings it says "connecting" for about 1-2 minutes and then cancels. In the openvpn connect app there aren't any log entries. Because connecting via iOS settings isn't working for us the vpn on demand doesn't work, too.

We get the following erros in our firewall log (when trying to connect using iOS settings):

TCP connection established with [AF_INET] DeviceIP
DeviceIP TLS_ERROR: BIO read tls_read_plaintext error: error 1408A0C1:SSL routines:SSl3_GET_CLIENT_HELLO:no shared cipher
DeviceIP TLS Error: TLS object -> incoming plaintext read error
DeviceIP TLS Error: TLS handshake failed
DeviceIP Fatal TLS error (check_tls_errors_co), restarting

Firewall log when using openvpn connect app:

TCP connection established with [AF_INET] DeviceIP
DeviceIP [DeviceCertificateName] Peer Connection Initiated with [AF_INET] DeviceIP
DeviceCertificateName/DeviceIP MULTI_sva: pool returned IPv4=DeviceVPNIP
DeviceCertificateName/DeviceIP send_push_reply(): safe_cap=940

For me this seems like a openvpn connect app error, but don't know why it isn't working, as we can't use VPN-ondemand with this error.

Change History (1)

comment:1 Changed 4 years ago by Antonio Quartulli

Resolution: worksforme
Status: newclosed

There is a new app in Testflight (v3.0.x) that will be released to the public soon.

Please re-test on that release when possible and report any persisting issue to ios@…

Closing this for now

Note: See TracTickets for help on using tickets.