OpenVPN - Can't Assign Requested Address (errno=49)

Started by ThisGuy_420, September 18, 2025, 04:27:34 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
September 18, 2025, 04:27:34 AM
Hello, I went through the Setup SSL VPN Road Warrior, but when I try to connect from my iPhone I never connect and the OPNsense OpenVPN log file shows: TCP/UDP: Socket bind failed on local address [AF_INET]10.10.8.1:1194: Can't assign requested address (errno=49) followed by Exiting due to fatal error.  I attached logs from OpenVPN on my iPhone and OPNsense OpenVPN logs.  I did confirm with nmap that the port is open|filtered, but am not sure where to go from here.

iPhone 12 running iOS 18.6.2 using OpenVPN v3.7.2
OPNsense v. 25.7.3_7
September 18, 2025, 01:58:40 PM #1
Seems the stated bind address is part of the tunnel network in your OpenVPN server settings.

You can just leave bind address field blank. So the OpenVPN instance will listen on any interface address.
If desired, you can specify any interface address of OPNsense including localhost. But for the latter you have to forward the traffic of course.
September 18, 2025, 03:22:04 PM #2 Last Edit: September 18, 2025, 03:24:00 PM by ThisGuy_420
I'm pretty sure tried that originally and then inserted the bind address.  I'll try again tonight and let you know how that goes.   Seems odd that the guide would have me do that.

Thank you for your help!
September 19, 2025, 03:29:44 AM #3
Alright, I setup the bind address to blank, but when I do the client export the hostname is still 10.10.8.1, which is what the bind address was before.  I attempted to connect, but was unsuccessful and I really do not see an error besides attempting to connect timing out.  Attached are the logs from my iPhone OpenVPN.  The logs from the OPNsense were uneventful in my opinion, but I attached them anyways.  Let me know if I am missing something, I'm not sure where to go from here.  The guide was easy to follow, but sadly unsuccessful.  Any help is greatly appreciated!
September 19, 2025, 10:27:38 AM #4
Quote from: ThisGuy_420 on September 19, 2025, 03:29:44 AMbut when I do the client export the hostname is still 10.10.8.1
This might be your WAN address, isn't it?

If so, your OPNsense might be behind a router and has a private WAN IP. You cannot access this from outside your network. In this case you have to forward port 1194 UDP on the router to the OPNsense WAN IP.
And in the Client Export you have to state your public IP or FQDN at Hostname.
September 19, 2025, 04:18:53 PM #5
No, my WAN interface IP is a public IP.
September 19, 2025, 04:27:55 PM #6
I don't consider 10.10.8.1 as public IP.

So what is the WAN IP of OPNsense then??
Without some details we are not able to nail your problem down.
September 19, 2025, 05:09:44 PM #7
I'm not posting my public IP, I think it's sufficient to say it's a public IP.  Here's my setup: Cable Modem (purchased, not ISP-provided) -> OPNsense WAN interface with public IP
OPNsense LAN interface goes to a wireless AP that connects my devices.  My LAN subnet is the typical 192.168/24 (intentionally leaving off the rest).  Are you thinking I use my cable modem's public IP as the hostname for the client export?  I have yet to engage with my ISP to see if they are doing anything to block me or if I'll need to lease a public IP
September 19, 2025, 05:21:31 PM #8
Dude, you complain that you get 10.10.8.1 client export. So I think, this is the OPNsense WAN IP. But it's private.

Next time you wrote
Quote from: ThisGuy_420 on September 19, 2025, 05:09:44 PMOPNsense WAN interface with public IP
So what?

There is no need to post your pubile IP here, but you need to clearly explain your setup.
It's still not clear to me if you public IP is assigned to the modem or to OPNsense.

Quote from: ThisGuy_420 on September 19, 2025, 05:09:44 PMAre you thinking I use my cable modem's public IP as the hostname for the client export?
I assume, you have only one public IP, either the modem or OPNsense, but yes, this has to be enterd in the client export, or alternatively a domain name pointing to it, as I wrote already above.
September 19, 2025, 05:34:36 PM #9
I'll check the cable modem IP tonight and let you know what I find.  I'll also try using the public IP that the WAN interface uses as the hostname in client export and see how that works.  Thank you for your thoughts and perspective, more to come later!
September 19, 2025, 10:41:12 PM #10
Alright, so correct me if I'm not understanding this right, but I believe the cable modem's public IP is the IP I see in the WAN interface on the OPNsense web GUI.  I tested using that IP as my client export hostname and I am able to connect, but I get dropped pretty quickly frequently, so I'm not sure what kind of performance I should expect.  Certainly I was hoping for a better experience, but I'm not sure where the breakdown would be since this is my first time setting up a personal VPN.  I'm not seeing any errors in either log, I'll try to get them and upload them later, just wanted to give that update.  Thank you again for your help!
Print
Go Up Pages1
User actions