OpenVPN configuration for android client

Started by BlackDragon381, April 09, 2017, 12:08:36 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
April 09, 2017, 12:08:36 PM
I configur Authoriti server, create Certificate and user with this certificate.
I create OpenVPN server with this authiriti server and this certificate.
Then I export client install package for Android or OpenVPN connect, but I can't connect!
What could be the problem?
April 09, 2017, 12:42:46 PM #1
What error messages and log entries do you see?

Bart...
April 09, 2017, 12:48:43 PM #2
Quote from: bartjsmit on April 09, 2017, 12:42:46 PM
What error messages and log entries do you see?
No errors, only certiicate verification or connection timeout.
April 09, 2017, 06:56:24 PM #3
Sorry, I was a bit cryptic. Check out VPN -> OpenVPN -> Log File and see if you can spot any errors there.

Bart...
April 11, 2017, 02:19:38 AM #4
Quote from: bartjsmit on April 09, 2017, 06:56:24 PM
Sorry, I was a bit cryptic. Check out VPN -> OpenVPN -> Log File and see if you can spot any errors there.
I have this strings in logs:
Code Select

Apr 11 03:17:24 openvpn[64982]: 192.168.3.36:55542 TLS Error: TLS handshake failed
Apr 11 03:17:24 openvpn[64982]: 192.168.3.36:55542 TLS Error: TLS object -> incoming plaintext read error
Apr 11 03:17:24 openvpn[64982]: 192.168.3.36:55542 TLS_ERROR: BIO read tls_read_plaintext error
Apr 11 03:17:24 openvpn[64982]: 192.168.3.36:55542 OpenSSL: error:14089086:SSL routines:ssl3_get_client_certificate:certificate verify failed
Apr 11 03:17:24 openvpn[64982]: 192.168.3.36:55542 VERIFY ERROR: depth=0, error=unsupported certificate purpose: C=RU, ST=SPb, L=SPb, O=InfinityNet, emailAddress=admin@infinitynet, CN=Server Certificate for my OpenVPN

April 11, 2017, 02:39:24 AM #5
I solved the problem, I used server ca before instead client ca.

For what used parametr "Use a password to protect the pkcs12 file contents or key in Viscosity bundle", when I configured vpn on android I used user password?
April 12, 2017, 06:32:01 PM #6
The connection is normal, but I can not connect to internal network resources and the Internet.
What could be the reason?
April 12, 2017, 06:50:59 PM #7
a missing pass rule in the firewall?
April 13, 2017, 01:08:22 AM #8
Quote from: fabian on April 12, 2017, 06:50:59 PM
a missing pass rule in the firewall?
I see rule for OpenVPN with destination value "*".
April 13, 2017, 12:57:34 PM #9
Make sure the source is set to your tunnel subnet or * as well.

Bart...
April 13, 2017, 11:58:38 PM #10
Quote from: bartjsmit on April 13, 2017, 12:57:34 PM
Make sure the source is set to your tunnel subnet or * as well.

I don't understand you(
April 14, 2017, 01:22:05 AM #11
Hi,

if you go to VPN -> OpenVPN -> Servers you see a network listed in column "Tunnel Network". Remember this network.

Then go to Firewall -> Rules - OPENVPN. There should be a rule to let the traffic pass from the OpenVPN network to the destinations  you desire. Make sure that in the column "Source" the network from above is listed.

Best regards,

    Jochen
April 17, 2017, 02:46:37 AM #12
Quote from: Space on April 14, 2017, 01:22:05 AM
if you go to VPN -> OpenVPN -> Servers you see a network listed in column "Tunnel Network". Remember this network.
Then go to Firewall -> Rules - OPENVPN. There should be a rule to let the traffic pass from the OpenVPN network to the destinations  you desire. Make sure that in the column "Source" the network from above is listed.
Source and target sets as "*", I set source to "OpenVPN net" but nothing changed.
April 19, 2017, 01:18:05 AM #13
I set Source on OPENVPN tab equal my Tunnel Network, but I still can't connect to LAN resorse and the Internet.
Print
Go Up Pages1
User actions