Bug #15131
open
OpenVPN client export issues with iPhone and IPV6 connections
0%
Description
I have researched and found an issue within the OpenVPN's client export config file for iPhones (OpenVPN Connect (iOS/Android))
it exports with udp4 listed and this does not work with iPhones because of ipv6 in the config (.ovpn) file and must be changed to udp for iOS iPhones to work with OpenVPN and pfSense.
That is the only adaption needed to fix this issue.
Updated by Jonathan Lee 4 months ago
Updated by dylan mendez 4 months ago
Tried this in an iPhone 13 with latest iOS version, but on IPv4 and it worked fine. This seems to be related to IPv6 specifically.
Updated by Kris Phillips 3 months ago
Tested this with IPv4+6 multihome and the client export spits out a config with remote [hostname] udp, not udp4.
What are the exact settings in your OpenVPN server config to make this happen?
Updated by Kris Phillips 3 months ago
- Status changed from New to Incomplete
Jonathan Lee wrote in #note-1:
https://forums.openvpn.net/viewtopic.php?p=119902 (lists fix)
https://forums.openvpn.net/viewtopic.php?p=119904 (my post)
https://forum.netgate.com/topic/185250/resolved-remote_list_error-current-remote-server-endpoint-is-undefined (post in netgate)
Hello Jonathan,
Both forum links to openvpn.net are broken for me. Please relink them.
Marking ticket as Incomplete while we wait for more information on how to reproduce this.
Updated by Jonathan Lee 3 months ago
Someone on OpenVPN forum as an admin deleted the post with the fix that was not mine and also banned my user name I was instructed by OpenVPN Server support email to create a new account and ask why I was banned, they explained that I was banned for spamming. It was a very punitive admin that was banning users for no reason. Again, he has banned all posts related to this issue.
The links are now invalid, I was using normal OpenVPN wizard settings and this occurs the export file displayed upd4 and was not useable with my new iPhone. I had to delete the 4 and the client file worked fine.
Updated by Jonathan Lee 3 months ago
They have sense reactivated my username and all posts are erased related to this fix and issue on both the other user and mine. Must have been a security issue and they wanted it all removed.
Updated by Kris Phillips 27 days ago
I tested this on 24.03 and am unable to reproduce this. The config file on a new multihome config spits out with udp, not udp4.
Testing with IPv4 only configured does spit out with udp4, but this is expected:
remote [IP Here] 1194 udp4
If someone with an iPhone can confirm whether udp4 somehow breaks the OpenVPN Connect application, I'd appreciate it, but I don't see any indication of that.
Updated by Kris Phillips 27 days ago
Just tested a config with udp4 in the remote host line on OpenVPN Connect on Android. The config imported just fine. I suspect the same on iOS, but don't have a device to test this behavior.
Updated by Jonathan Lee 27 days ago
My original test was from a cellphone iOS iPhone SE latest SE from cell network remote connection to DSL IPv4 only ISP. The only way it would work was to adapt the configuration file to have it listed as udp4.
Updated by Jonathan Lee 27 days ago
remote f.q.d.n 1194 udp4
to
remote f.q.d.n 1194 udp
I am opening a redmine for this as the iPhone uses ipv6 and it does not know what udp4 is anymore
OpenVPN forum has deleted all of my posts on this and the other users posts in reference also. They said an admin marked all of the content as spam and deleted it. Negate forum does have the information still. Also digital ocean seems to piggy back on the VPN connections once created. I had to creat a block on alias to stop digital ocean IP block from doing this. It was weird, it was connected after and enumerated my network.
Updated by Jonathan Lee 27 days ago
Unrelated but if you’re not logging and locking down your VPN use make sure you do.