id,summary,reporter,owner,description,type,status,priority,milestone,component,version,severity,resolution,keywords,cc 989,iOS: No Connection to VPN-Server,nodefeet,Antonio Quartulli,"Since version 1.2.5 I can no longer connect to my VPN Server. The OpenVPN-App says it is connected (although the last “SetStatus? Connected” line form the previous version is missing in the log, see below) but I still cannot ping the VPN-Server. When redirecting all traffic through the vpn tunnel with adding: {{{ redirect-gateway def1 }}} to the client *.ovpn - file everything works fine. '''Log from the working version 1.1.1 ''' {{{ 2018-01-09 15:29:23 ----- OpenVPN Start ----- OpenVPN core 3.1.2 ios armv7a thumb2 32-bit built on Dec 5 2016 12:50:25 2018-01-09 15:29:23 Frame=512/2048/512 mssfix-ctrl=1250 2018-01-09 15:29:23 UNUSED OPTIONS 4 [resolv-retry] [infinite] 5 [nobind] 6 [persist-key] 7 [persist-tun] 12 [verb] [4] 13 [mute] [20] 2018-01-09 15:29:23 EVENT: RESOLVE 2018-01-09 15:29:23 Contacting x.x.x.x:1724 via TCP 2018-01-09 15:29:23 EVENT: WAIT 2018-01-09 15:29:23 SetTunnelSocket returned 1 2018-01-09 15:29:23 Connecting to [x.myfritz.net]:1724 (x.x.x.x) via TCPv4 2018-01-09 15:29:23 EVENT: CONNECTING 2018-01-09 15:29:23 Tunnel Options:V4,dev-type tun,link-mtu 1560,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,keydir 1,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-client 2018-01-09 15:29:23 Creds: UsernameEmpty/PasswordEmpty 2018-01-09 15:29:23 Peer Info: IV_GUI_VER=net.openvpn.connect.ios 1.1.1-212 IV_VER=3.1.2 IV_PLAT=ios IV_NCP=2 IV_TCPNL=1 IV_PROTO=2 IV_LZO=1 IV_AUTO_SESS=1 2018-01-09 15:29:23 NET Internet:ReachableViaWiFi/-R t------ 2018-01-09 15:29:25 VERIFY OK: depth=1 cert. version : 3 serial number : FE:1D:6D:D1:E7:E4:C5:CF issuer name : C=DE, ST=NRW, L=Dortmund, O=BAB TECHNOLOGIE GmbH, OU=BAB TECHNOLOGIE Signing CA, CN=BAB TECHNOLOGIE GmbH CA, ??=EasyRSA, emailAddress=info@bab-tec.de subject name : C=DE, ST=NRW, L=Dortmund, O=BAB TECHNOLOGIE GmbH, OU=BAB TECHNOLOGIE Signing CA, CN=BAB TECHNOLOGIE GmbH CA, ??=EasyRSA, emailAddress=info@bab-tec.de issued on : 2017-11-29 10:42:20 expires on : 2027-11-27 10:42:20 signed using : RSA with SHA-256 RSA key size : 2048 bits basic constraints : CA=true 2018-01-09 15:29:25 VERIFY OK: depth=0 cert. version : 3 serial number : 01 issuer name : C=DE, ST=NRW, L=Dortmund, O=BAB TECHNOLOGIE GmbH, OU=BAB TECHNOLOGIE Signing CA, CN=BAB TECHNOLOGIE GmbH CA, ??=EasyRSA, emailAddress=info@bab-tec.de subject name : C=DE, ST=NRW, L=Dortmund, O=BAB TECHNOLOGIE GmbH, OU=BAB TECHNOLOGIE Signing CA, CN=server, ??=EasyRSA, emailAddress=info@bab-tec.de issued on : 2017-11-29 10:42:26 expires on : 2027-11-27 10:42:26 signed using : RSA with SHA-256 RSA key size : 2048 bits basic constraints : CA=false subject alt name : server cert. type : SSL Server key usage : Digital Signature, Key Encipherment ext key usage : TLS Web Server Authentication 2018-01-09 15:29:27 SSL Handshake: TLSv1.0/TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA 2018-01-09 15:29:27 Session is ACTIVE 2018-01-09 15:29:27 EVENT: GET_CONFIG 2018-01-09 15:29:27 Sending PUSH_REQUEST to server... 2018-01-09 15:29:27 OPTIONS: 0 [route-gateway] [10.8.0.1] 1 [topology] [subnet] 2 [ping] [10] 3 [ping-restart] [90] 4 [ifconfig] [10.8.0.2] [255.255.255.0] 2018-01-09 15:29:27 PROTOCOL OPTIONS: cipher: AES-256-CBC digest: SHA1 compress: LZO peer ID: -1 2018-01-09 15:29:27 EVENT: ASSIGN_IP 2018-01-09 15:29:27 Connected via tun 2018-01-09 15:29:27 LZO-ASYM init swap=0 asym=0 2018-01-09 15:29:27 EVENT: CONNECTED @x.myfritz.net:1724 (x.x.x.x) via /TCPv4 on tun/10.8.0.2/ gw=[10.8.0.1/] 2018-01-09 15:29:27 SetStatus Connected }}} '''Log from the not working version 1.2.6 ''' {{{ 2018-01-17 08:30:43 ----- OpenVPN Start ----- OpenVPN core 3.1.2 ios arm64 64-bit built on Jan 14 2018 14:23:32 2018-01-17 08:30:43 Frame=512/2048/512 mssfix-ctrl=1250 2018-01-17 08:30:43 UNUSED OPTIONS 4 [resolv-retry] [infinite] 5 [nobind] 6 [persist-key] 7 [persist-tun] 12 [verb] [4] 13 [mute] [20] 2018-01-17 08:30:43 EVENT: RESOLVE 2018-01-17 08:30:43 Contacting [x.x.x.x]:1724/TCP via TCP 2018-01-17 08:30:43 EVENT: WAIT 2018-01-17 08:30:43 Connecting to [x.myfritz.net]:1724 (x.x.x.x) via TCPv4 2018-01-17 08:30:43 EVENT: CONNECTING 2018-01-17 08:30:43 Tunnel Options:V4,dev-type tun,link-mtu 1560,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,keydir 1,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-client 2018-01-17 08:30:43 Creds: UsernameEmpty/PasswordEmpty 2018-01-17 08:30:43 Peer Info: IV_GUI_VER=net.openvpn.connect.ios 1.2.6-4 IV_VER=3.1.2 IV_PLAT=ios IV_NCP=2 IV_TCPNL=1 IV_PROTO=2 IV_LZO=1 IV_AUTO_SESS=1 2018-01-17 08:30:45 VERIFY OK : depth=1 cert. version : 3 serial number : FE:1D:6D:D1:E7:E4:C5:CF issuer name : C=DE, ST=NRW, L=Dortmund, O=BAB TECHNOLOGIE GmbH, OU=BAB TECHNOLOGIE Signing CA, CN=x GmbH CA, ??=EasyRSA, emailAddress=info@bab-tec.de subject name : C=DE, ST=NRW, L=Dortmund, O=BAB TECHNOLOGIE GmbH, OU=BAB TECHNOLOGIE Signing CA, CN=BAB TECHNOLOGIE GmbH CA, ??=EasyRSA, emailAddress=info@bab-tec.de issued on : 2017-11-29 10:42:20 expires on : 2027-11-27 10:42:20 signed using : RSA with SHA-256 RSA key size : 2048 bits basic constraints : CA=true 2018-01-17 08:30:45 VERIFY OK : depth=0 cert. version : 3 serial number : 01 issuer name : C=DE, ST=NRW, L=Dortmund, O=BAB TECHNOLOGIE GmbH, OU=BAB TECHNOLOGIE Signing CA, CN=BAB TECHNOLOGIE GmbH CA, ??=EasyRSA, emailAddress=info@bab-tec.de subject name : C=DE, ST=NRW, L=Dortmund, O=BAB TECHNOLOGIE GmbH, OU=BAB TECHNOLOGIE Signing CA, CN=server, ??=EasyRSA, emailAddress=info@bab-tec.de issued on : 2017-11-29 10:42:26 expires on : 2027-11-27 10:42:26 signed using : RSA with SHA-256 RSA key size : 2048 bits basic constraints : CA=false subject alt name : server cert. type : SSL Server key usage : Digital Signature, Key Encipherment ext key usage : TLS Web Server Authentication 2018-01-17 08:30:47 SSL Handshake: TLSv1.0/TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA 2018-01-17 08:30:47 Session is ACTIVE 2018-01-17 08:30:47 EVENT: GET_CONFIG 2018-01-17 08:30:47 Sending PUSH_REQUEST to server... 2018-01-17 08:30:47 OPTIONS: 0 [route-gateway] [10.8.0.1] 1 [topology] [subnet] 2 [ping] [10] 3 [ping-restart] [90] 4 [ifconfig] [10.8.0.2] [255.255.255.0] 2018-01-17 08:30:47 PROTOCOL OPTIONS: cipher: AES-256-CBC digest: SHA1 compress: LZO peer ID: -1 2018-01-17 08:30:47 EVENT: ASSIGN_IP 2018-01-17 08:30:47 NIP: preparing TUN network settings 2018-01-17 08:30:47 NIP: init TUN network settings with endpoint: x.x.x.x 2018-01-17 08:30:47 NIP: adding IPv4 address to network settings 10.8.0.2/255.255.255.0 2018-01-17 08:30:47 Connected via NetworkExtensionTUN 2018-01-17 08:30:47 LZO-ASYM init swap=0 asym=0 2018-01-17 08:30:47 EVENT: CONNECTED @x.myfritz.net:1724 (x.x.x.x) via /TCPv4 on NetworkExtensionTUN/10.8.0.2/ gw=[/] }}} I would guess it has something to do with the empty {{{ gw=[/] }}} part in the last line of version 1.2.5 and 1.2.6 Any idea? ",Bug / Defect,closed,major,,OpenVPN Connect,OpenVPN Connect for iOS v1.2.6,"Not set (select this one, unless your'e a OpenVPN developer)",fixed,no connection,