OpenVPN 2.2.x and iOS 9.3.x – No routing over the VPN

Whilst going through the process of renewing certificates, and the recent updates for OpenVPN and iOS, I discovered that traffic was no longer being routed over the tunnel. There are a number of postings blaming changes that Apple have made in relation to IPv6. I’m unsure, but the fix was to alter the client.ovpn file to use an IP address in the remote directive instead of a DNS name.

e.g.

client 
dev tun 
proto udp 
remote 1.2.3.4 1194 
resolv-retry infinite 
nobind 
persist-key 
persist-tun 
mute-replay-warnings 
cipher AES-256-CBC # AES 
comp-lzo 
verb 3 
;mute 20 
<ca> 
—–BEGIN CERTIFICATE—– 
—–END CERTIFICATE—– 
</ca> 
<cert> 
—–BEGIN CERTIFICATE—– 
—–END CERTIFICATE—– 
</cert> 
<key> 
—–BEGIN RSA PRIVATE KEY—– 
—–END RSA PRIVATE KEY—– 
</key> 
<dh> 
—–BEGIN DH PARAMETERS—– 
—–END DH PARAMETERS—– 
</dh>

I hope this helps someone.

This entry was posted in Apple, Hints and Tips, Security. Bookmark the permalink.