Tweet
Hello everybody,
I have a problem with OpenVPN Connect App on Android and Untangle OpenVPN Server.
My Untangle server has no static public ip address but I use a DynDNS service to connect to it.
Everytime my router restarts and the IP adress of the router and behind the DynDNS changes, the OpenVPN Connect App changes into "Disconnect" status and tries to reach the server at the old IP but did not re-resolve the DynDNS address.
The log of the OpenVPN Connect app remains in a loop:
09:19:40.155 -- Server poll timeout, trying next remote entry...
09:19:40.159 -- EVENT: RECONNECTING
09:19:40.170 -- Contacting [old_ip]:[port] via UDP
09:19:40.174 -- EVENT: WAIT
09:19:40.184 -- Connecting to [dyndns address]:[port] ([old_ip]) via UDPv4
I'd like the OpenVPN app to reconnect automatically after IP change, because so I always have the problem that the phone is offline until I manually restart the VPN.
My client and server config is as followed:
client.conf
block-outside-dns
dhcp-option ADAPTER_DOMAIN_SUFFIX [domain]
dhcp-option DOMAIN [domain]
dhcp-option DNS [gateway]
keepalive 5 10
resolv-retry infinite
client
nobind
mute-replay-warnings
remote-cert-tls server
verb 1
persist-key
explicit-exit-notify 1
dev tun
auth-user-pass
proto udp
port [port]
cipher AES-128-CBC
remote [dyndns address] [port]
<ca>
--STRIPPED INLINE CA CERT--
</ca>
<cert>
--STRIPPED INLINE CERT--
</cert>
<key>
--STRIPPED INLINE KEY--
</key>
server.conf
allow-compression no
push "dhcp-option DOMAIN [domain]"
push "dhcp-option ADAPTER_DOMAIN_SUFFIX [domain]"
push "dhcp-option DNS [gateway]"
keepalive 5 20
mode server
multihome
ca data/ca.crt
cert data/server.crt
key data/server.key
dh data/dh.pem
client-config-dir ccd
user nobody
group nogroup
tls-server
status openvpn-status.log
log /var/log/openvpn.log
verb 1
dev tun0
max-clients 2048
ccd-exclusive
persist-key
mute 20
ifconfig-pool-persist /etc/openvpn/address-pool-assignments.txt
script-security 3
auth-user-pass-verify "/usr/bin/sudo -E /usr/share/untangle/bin/openvpn-auth-user-pass" via-env
proto udp
port [port]
cipher AES-128-CBC
client-to-client
server [ip] [mask]
management [ip] [port]
push "route [ip] [mask]"
I also tested with keepalive, ping, ping-restart, without persist-tun and persist-key options, but nothing solved my problem.
The strange thing is, that when I manually deactivate the VPN in OpenVPN Connect app completely by pressing the button and than reactivate it, the reresolving of the DynDNS address works.
My first thought was that it does not work, because I have activated the Always On function and the killswitch under Android, so that without VPN no data traffic and so also no DNS resolution can take place, but then it would not work after the manual switch off and switch on again, I think.
Have somebody any idea, what I can do to solve this problem ?
Thank you
balombi
I have a problem with OpenVPN Connect App on Android and Untangle OpenVPN Server.
My Untangle server has no static public ip address but I use a DynDNS service to connect to it.
Everytime my router restarts and the IP adress of the router and behind the DynDNS changes, the OpenVPN Connect App changes into "Disconnect" status and tries to reach the server at the old IP but did not re-resolve the DynDNS address.
The log of the OpenVPN Connect app remains in a loop:
09:19:40.155 -- Server poll timeout, trying next remote entry...
09:19:40.159 -- EVENT: RECONNECTING
09:19:40.170 -- Contacting [old_ip]:[port] via UDP
09:19:40.174 -- EVENT: WAIT
09:19:40.184 -- Connecting to [dyndns address]:[port] ([old_ip]) via UDPv4
I'd like the OpenVPN app to reconnect automatically after IP change, because so I always have the problem that the phone is offline until I manually restart the VPN.
My client and server config is as followed:
client.conf
block-outside-dns
dhcp-option ADAPTER_DOMAIN_SUFFIX [domain]
dhcp-option DOMAIN [domain]
dhcp-option DNS [gateway]
keepalive 5 10
resolv-retry infinite
client
nobind
mute-replay-warnings
remote-cert-tls server
verb 1
persist-key
explicit-exit-notify 1
dev tun
auth-user-pass
proto udp
port [port]
cipher AES-128-CBC
remote [dyndns address] [port]
<ca>
--STRIPPED INLINE CA CERT--
</ca>
<cert>
--STRIPPED INLINE CERT--
</cert>
<key>
--STRIPPED INLINE KEY--
</key>
server.conf
allow-compression no
push "dhcp-option DOMAIN [domain]"
push "dhcp-option ADAPTER_DOMAIN_SUFFIX [domain]"
push "dhcp-option DNS [gateway]"
keepalive 5 20
mode server
multihome
ca data/ca.crt
cert data/server.crt
key data/server.key
dh data/dh.pem
client-config-dir ccd
user nobody
group nogroup
tls-server
status openvpn-status.log
log /var/log/openvpn.log
verb 1
dev tun0
max-clients 2048
ccd-exclusive
persist-key
mute 20
ifconfig-pool-persist /etc/openvpn/address-pool-assignments.txt
script-security 3
auth-user-pass-verify "/usr/bin/sudo -E /usr/share/untangle/bin/openvpn-auth-user-pass" via-env
proto udp
port [port]
cipher AES-128-CBC
client-to-client
server [ip] [mask]
management [ip] [port]
push "route [ip] [mask]"
I also tested with keepalive, ping, ping-restart, without persist-tun and persist-key options, but nothing solved my problem.
The strange thing is, that when I manually deactivate the VPN in OpenVPN Connect app completely by pressing the button and than reactivate it, the reresolving of the DynDNS address works.
My first thought was that it does not work, because I have activated the Always On function and the killswitch under Android, so that without VPN no data traffic and so also no DNS resolution can take place, but then it would not work after the manual switch off and switch on again, I think.
Have somebody any idea, what I can do to solve this problem ?
Thank you
balombi
Comment