REPRODUCIBILITY: Always
OS VERSION: 4.4.0.64
HARDWARE: Xperia XA2
UI LANGUAGE: German
REGRESSION: Don’t know
DESCRIPTION:
After using standard GUI to connect to my openvpn server I cannot see any other addresses.
PRECONDITIONS:
.ovpn file is created on the server (which is a docker image) and downloaded to the Xperia XA2
client
nobind
dev tap
remote-cert-tls server
remote server.tld 1194 udp
<key>
-----BEGIN PRIVATE KEY-----
...
-----END PRIVATE KEY-----
</key>
<cert>
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
</cert>
<ca>
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
</ca>
key-direction 1
<tls-auth>
-----BEGIN OpenVPN Static key V1-----
...
-----END OpenVPN Static key V1-----
</tls-auth>
redirect-gateway def1
Config on the server:
server 192.168.255.0 255.255.255.0
verb 3
key /etc/openvpn/pki/private/domain.tld.key
ca /etc/openvpn/pki/ca.crt
cert /etc/openvpn/pki/issued/domain.tld.crt
dh /etc/openvpn/pki/dh.pem
tls-auth /etc/openvpn/pki/ta.key
key-direction 0
keepalive 10 60
persist-key
persist-tun
proto udp
port 1194
dev tap0
mode p2p
status /tmp/openvpn-status.log
user nobody
group nogroup
comp-lzo no
route 192.168.0.0 255.255.255.0
push "block-outside-dns"
push "dhcp-option DNS 172.21.0.2"
push "comp-lzo no"
push "redirect-gateway def1"
client-config-dir /etc/openvpn/ccd
client-to-client
ifconfig-pool-persist /etc/openvpn/ipp.txt
mssfix 1430
cipher AES-256-GCM
STEPS TO REPRODUCE:
- create .ovpn client as shown above
- connect via Sailfish VPN GUI
EXPECTED RESULT:
Connection established
ACTUAL RESULT:
Network device vpn0 is created and assigned correct address, but nothing can be pinged or accessed.
MODIFICATIONS:
None, fresh install
ADDITIONAL INFORMATION:
openvpn from command line (as devel-su) and Securefishnet both work with the .ovpn file. Looks like connman issue to me.