We have moved to a new Sailfish OS Forum. Please start new discussions there.

Revision history [back]

click to hide/show revision 1
initial version

posted 2019-12-02 15:24:09 +0200

No packets through OpenVPN

Hi,

I'm using XA2 with SFOS 3.2.0.

I'm trying to use OpenVPN with our company firewall. I have used OpenVPN with the provided profile with Android phone, and it works as expected.

I can import the .ovpn profile file in Sailfish VPN wizard, establish the connection and I do get an IP address and the correct routes to all configured subnets. However, there's no actual traffic going through. I can't ping anything, and I can't access our internal HTTPS servers. Nothing gets logged to the firewall log, so it seems that no packet is getting properly through.

I tried to open the connection from the terminal (using admin rights), and according to the log everything seems to be in order.

As far as I understand, Sailfish VPN doesn't affect Android software, but I can't get even the native software to work.

How could this be tackled? This is by no means enough information to figure this out; what more should I provide?

No packets through OpenVPN

Hi,

I'm using XA2 with SFOS 3.2.0.

I'm trying to use OpenVPN with our company firewall. I have used OpenVPN with the provided profile with Android phone, and it works as expected.

I can import the .ovpn profile file in Sailfish VPN wizard, establish the connection and I do get an IP address and the correct routes to all configured subnets. However, there's no actual traffic going through. I can't ping anything, and I can't access our internal HTTPS servers. Nothing gets logged to the firewall log, so it seems that no packet is getting properly through.

I tried to open the connection from the terminal (using admin rights), and according to the log everything seems to be in order.

As far as I understand, Sailfish VPN doesn't affect Android software, but I can't get even the native software to work.

How could this be tackled? This is by no means enough information to figure this out; what more should I provide?

Update 1: I tested this with my Windows 10 computer and found out that the profile file our firewall exports contains line comp-lzo no (IIRC) which breaks it. Setting it to comp-lzo yes fixes it; I can ping the remote end hosts and access resources. (How it ever worked before? Older firewall software exported the profile correctly?) Conveniently, there is even a GUI setting for compression in Sailfish! However, setting it, or re-importing manually fixed profile file, doesn't fix the problem: I still can't ping or access the resources with my Sailfish X device. So close... I think I'll continue by triple-checking the routing tables and enabling logging in our firewall to see if anything reaches the the remote end.