Hello,
I installed the contrib smeserver-openvpn-routed and I made the configuration to run it with OpenVPN-Connect for Android.
It looks like that it is running: I got the VPN connection and the logs of the SME look good.
But the logs of Android aren't so good: every 5 sec. comes following
TUN write error: write_some: Invalid argument
Into the www the most topics reporting a TUN error by OpenVPN are in relation with the compression, like this one:
http://superuser.com/questions/1066321/openvpn-bad-lzo-decompression-header-byte-69. Unfortunately, Android doesn't tell me the number of the error, therefore it is possibly the wrong direction.
The openvpn.conf of the SME is:
port 1195
proto udp
dev tunvpn0
user openvpn
group openvpn
chroot /etc/openvpn/routed
persist-key
persist-tun
# Certificates config
dh pub/dh.pem
ca pub/cacert.pem
cert pub/cert.pem
key priv/key.pem
tls-server
tls-auth priv/takey.pem 0
crl-verify pub/cacrl.pem
plugin /usr/lib64/openvpn/plugin/lib/openvpn-auth-pam.so login
server 192.168.29.0 255.255.255.0
topology subnet
up /etc/openvpn/routed/bin/up
script-security 2
# Options
keepalive 40 180
push "dhcp-option DOMAIN domain.tld"
push "dhcp-option DNS 192.168.1.5"
push "dhcp-option WINS 192.168.1.5"
mtu-test
mssfix
cipher AES-256-CBC
passtos
comp-lzo adaptive
push "comp-lzo adaptive"
nice 5
push "redirect-gateway def1"
management 127.0.0.1 11195 management-pass.txt
client-config-dir ccd
status-version 2
status bridge-status.txt
suppress-timestamps
verb 3
The .ovpn for Android is:
#rport 1194
#proto udp
dev tun
nobind
# Uncomment the following line if your system
# support passtos (not supported on Windows)
# passtos
remote domain.tld 1195 udp
tls-client
tls-auth takey.pem 1
ns-cert-type server
auth-user-pass
# Replace user.p12 with the certificate
# bundle in PKCS12 format
#pkcs12 user.p12
# You can replace the pkcs12
# directive with the old ones
#ca cacert.pem
#cert user.pem
#key user-key.pem
mtu-test
cipher AES-256-CBC
comp-lzo
#comp-lzo yes
pull
#push "comp-lzo yes"
<ca>
-----BEGIN CERTIFICATE-----
MIIFK.............
</ca>
I tried to disabled the compression, on SME as well as on Android. The VPN connection was still working but it didn't help avoiding the logs.
OpenVPN-Conenct has an own preference parameter for Compression: "No", "Full" or "Downlink only" but this didn't help too.
=> what can I do? How do you have solved it?
Thanks.
Bye
Arnaud