search

pia-foss / mobile-ios-openvpn

Non-official OpenVPN client library for Apple platforms.
Other
8 stars 3 forks source link

Problem #5

Open EvelinaAlexey opened 3 days ago

EvelinaAlexey commented 3 days ago

Unfortunately I don't have connection to my vps. I have client proto tcp-client remote 31.128.42.215 1194 dev tun resolv-retry infinite nobind persist-key persist-tun remote-cert-tls server verify-x509-name server_4Q49cFOcjvBYWklG name auth SHA256 auth-nocache cipher AES-128-GCM tls-client tls-version-min 1.2 tls-cipher TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 ignore-unknown-option block-outside-dns setenv opt block-outside-dns # Prevent Windows 10 DNS leak verb 3

-----BEGIN CERTIFICATE----- MIIB2DCCAX2gAwIBAgIUEng2QIa7usw0UIutncn+Qr5P+a8wCgYIKoZIzj0EAwIw HjEcMBoGA1UEAwwTY25fQVVWeXNkNHBuSnk1SHBENjAeFw0yNDA2MjkxODMxMTJa Fw0zNDA2MjcxODMxMTJaMB4xHDAaBgNVBAMME2NuX0FVVnlzZDRwbkp5NUhwRDYw WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATPSV6QCIxY1SDbJVbfl61bc3L0ZuFS ElrdG+3FmpiB7bhPQS36qXZjFQiyq3LupJeyY51QyUbtQKioBy09/N9go4GYMIGV MAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFJbdbaMjXOXZtblo0YUGDNqek66TMFkG A1UdIwRSMFCAFJbdbaMjXOXZtblo0YUGDNqek66ToSKkIDAeMRwwGgYDVQQDDBNj bl9BVVZ5c2Q0cG5KeTVIcEQ2ghQSeDZAhru6zDRQi62dyf5Cvk/5rzALBgNVHQ8E BAMCAQYwCgYIKoZIzj0EAwIDSQAwRgIhAJZ/6k5b4s4Vro+0V4HIiczM+Ex3blc9 5Cnld8dibWxYAiEAgDWHeVHl3JQXq+JyclHonT2HByni98RlQLEKgPTrYOo= -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIB2TCCAX+gAwIBAgIRAPUINPqwJJhidYS7BF3efRcwCgYIKoZIzj0EAwIwHjEc MBoGA1UEAwwTY25fQVVWeXNkNHBuSnk1SHBENjAeFw0yNDA2MjkxODMxMzhaFw0y NjEwMDIxODMxMzhaMBExDzANBgNVBAMMBnplcGh5cjBZMBMGByqGSM49AgEGCCqG SM49AwEHA0IABIGZvTSwS9HJHU9ae33jLMCSnR3n6cP4ZXcwaXNcknQ+J/TuGJW6 01fYyM7hCAjusWz905bwBB3h5tQLykefN8ijgaowgacwCQYDVR0TBAIwADAdBgNV HQ4EFgQU+nW6G63goVSouU2XtOXjhiln8zIwWQYDVR0jBFIwUIAUlt1toyNc5dm1 uWjRhQYM2p6TrpOhIqQgMB4xHDAaBgNVBAMME2NuX0FVVnlzZDRwbkp5NUhwRDaC FBJ4NkCGu7rMNFCLrZ3J/kK+T/mvMBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsGA1Ud DwQEAwIHgDAKBggqhkjOPQQDAgNIADBFAiBBbehhIwsKoHdebEYE+zuGUnn7ak02 9Qt/8qYBdaH5SAIhAOMcdyndGBWM+idJ5mkuLa8yEzXhyRsstnD9ClunTRFp -----END CERTIFICATE----- -----BEGIN PRIVATE KEY----- MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgE3CkX1NKhKeqv0nt xSx3C6ws3SJPzi1OOD80hPqdgV2hRANCAASBmb00sEvRyR1PWnt94yzAkp0d5+nD +GV3MGlzXJJ0Pif07hiVutNX2MjO4QgI7rFs/dOW8AQd4ebUC8pHnzfI -----END PRIVATE KEY----- # # 2048 bit OpenVPN static key # -----BEGIN OpenVPN Static key V1----- 638344a066a841b02ca4c7fc62ce9d40 69117ee81712ff62a6c4c4fe0e43d127 2a29ad1e5c625c16f5f64b6321c34337 bba945405a2656b25b5a588a3eb5de47 16130cd3ac69f5d195a3464c7168485e faf6188487921b1be4f73af92fc69b6b c60f9d45103408b93d85b4b61eb7c7dd 738694ae5348aad05adb87240dbe93c3 eeee160b7b74067c54578584ebd561c2 1de1fb11da6019bbb71dbe026b36c167 28cac5783a499fd6d17d1d1238d58689 419ca90b01f811ea827389ac562ecdc9 7c77fa407cd97b4ec842738bf2e30e3b 08741cd6fd67b21e429b1aa1f88e8cb3 8f4ddcb990fbd46ce8c92efd177744c6 d811668ab0138f8d82cad1d7c0bf0e68 -----END OpenVPN Static key V1-----

And this code import Foundation import TunnelKitCore import TunnelKitOpenVPN

struct Configuration { static let ca = OpenVPN.CryptoContainer(pem: """ -----BEGIN CERTIFICATE----- MIIB2DCCAX2gAwIBAgIUEng2QIa7usw0UIutncn+Qr5P+a8wCgYIKoZIzj0EAwIw HjEcMBoGA1UEAwwTY25fQVVWeXNkNHBuSnk1SHBENjAeFw0yNDA2MjkxODMxMTJa Fw0zNDA2MjcxODMxMTJaMB4xHDAaBgNVBAMME2NuX0FVVnlzZDRwbkp5NUhwRDYw WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATPSV6QCIxY1SDbJVbfl61bc3L0ZuFS ElrdG+3FmpiB7bhPQS36qXZjFQiyq3LupJeyY51QyUbtQKioBy09/N9go4GYMIGV MAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFJbdbaMjXOXZtblo0YUGDNqek66TMFkG A1UdIwRSMFCAFJbdbaMjXOXZtblo0YUGDNqek66ToSKkIDAeMRwwGgYDVQQDDBNj bl9BVVZ5c2Q0cG5KeTVIcEQ2ghQSeDZAhru6zDRQi62dyf5Cvk/5rzALBgNVHQ8E BAMCAQYwCgYIKoZIzj0EAwIDSQAwRgIhAJZ/6k5b4s4Vro+0V4HIiczM+Ex3blc9 5Cnld8dibWxYAiEAgDWHeVHl3JQXq+JyclHonT2HByni98RlQLEKgPTrYOo= -----END CERTIFICATE----- """)

static let clientCertificate = OpenVPN.CryptoContainer(pem: """

-----BEGIN CERTIFICATE----- MIIB2TCCAX+gAwIBAgIRAPUINPqwJJhidYS7BF3efRcwCgYIKoZIzj0EAwIwHjEc MBoGA1UEAwwTY25fQVVWeXNkNHBuSnk1SHBENjAeFw0yNDA2MjkxODMxMzhaFw0y NjEwMDIxODMxMzhaMBExDzANBgNVBAMMBnplcGh5cjBZMBMGByqGSM49AgEGCCqG SM49AwEHA0IABIGZvTSwS9HJHU9ae33jLMCSnR3n6cP4ZXcwaXNcknQ+J/TuGJW6 01fYyM7hCAjusWz905bwBB3h5tQLykefN8ijgaowgacwCQYDVR0TBAIwADAdBgNV HQ4EFgQU+nW6G63goVSouU2XtOXjhiln8zIwWQYDVR0jBFIwUIAUlt1toyNc5dm1 uWjRhQYM2p6TrpOhIqQgMB4xHDAaBgNVBAMME2NuX0FVVnlzZDRwbkp5NUhwRDaC FBJ4NkCGu7rMNFCLrZ3J/kK+T/mvMBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsGA1Ud DwQEAwIHgDAKBggqhkjOPQQDAgNIADBFAiBBbehhIwsKoHdebEYE+zuGUnn7ak02 9Qt/8qYBdaH5SAIhAOMcdyndGBWM+idJ5mkuLa8yEzXhyRsstnD9ClunTRFp -----END CERTIFICATE----- """)

static let clientKey = OpenVPN.CryptoContainer(pem: """

-----BEGIN PRIVATE KEY----- MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgE3CkX1NKhKeqv0nt xSx3C6ws3SJPzi1OOD80hPqdgV2hRANCAASBmb00sEvRyR1PWnt94yzAkp0d5+nD +GV3MGlzXJJ0Pif07hiVutNX2MjO4QgI7rFs/dOW8AQd4ebUC8pHnzfI -----END PRIVATE KEY----- """)

static let tlsCrypt = OpenVPN.TLSWrap(
    strategy: .crypt,
    key: .init(file: """

-----BEGIN OpenVPN Static key V1----- 638344a066a841b02ca4c7fc62ce9d40 69117ee81712ff62a6c4c4fe0e43d127 2a29ad1e5c625c16f5f64b6321c34337 bba945405a2656b25b5a588a3eb5de47 16130cd3ac69f5d195a3464c7168485e faf6188487921b1be4f73af92fc69b6b c60f9d45103408b93d85b4b61eb7c7dd 738694ae5348aad05adb87240dbe93c3 eeee160b7b74067c54578584ebd561c2 1de1fb11da6019bbb71dbe026b36c167 28cac5783a499fd6d17d1d1238d58689 419ca90b01f811ea827389ac562ecdc9 7c77fa407cd97b4ec842738bf2e30e3b 08741cd6fd67b21e429b1aa1f88e8cb3 8f4ddcb990fbd46ce8c92efd177744c6 d811668ab0138f8d82cad1d7c0bf0e68 -----END OpenVPN Static key V1----- """, direction: .client)! )

    static func make(hostname: String, port: UInt16, socketType: SocketType) -> OpenVPNProvider.Configuration {
        var sessionBuilder = OpenVPN.ConfigurationBuilder()
        sessionBuilder.ca = ca
        sessionBuilder.cipher = .aes128gcm
        sessionBuilder.digest = .sha256

// sessionBuilder.compressionFraming = .disabled sessionBuilder.renegotiatesAfter = nil sessionBuilder.hostname = hostname sessionBuilder.endpointProtocols = [EndpointProtocol(socketType, port)] sessionBuilder.clientCertificate = clientCertificate sessionBuilder.clientKey = clientKey sessionBuilder.tlsWrap = tlsCrypt sessionBuilder.mtu = 1350

        var builder = OpenVPNProvider.ConfigurationBuilder(sessionConfiguration: sessionBuilder.build())
        builder.shouldDebug = true
        builder.masksPrivateData = false
        print(builder)
        return builder.build()
    }

}

I cannot understand where I have mistake, pls help me. It is demo vps

EvelinaAlexey commented 3 days ago

Also I have it ort 1194 proto tcp dev tun user nobody group nogroup persist-key persist-tun keepalive 10 120 topology subnet server 10.8.0.0 255.255.255.0 ifconfig-pool-persist ipp.txt push "dhcp-option DNS 77.88.8.8" push "dhcp-option DNS 77.88.8.1" push "redirect-gateway def1 bypass-dhcp" dh none ecdh-curve prime256v1 tls-crypt tls-crypt.key crl-verify crl.pem ca ca.crt cert server_4Q49cFOcjvBYWklG.crt push "dhcp-option DNS 77.88.8.8" push "dhcp-option DNS 77.88.8.1" push "redirect-gateway def1 bypass-dhcp" dh none ecdh-curve prime256v1 tls-crypt tls-crypt.key crl-verify crl.pem ca ca.crt cert server_4Q49cFOcjvBYWklG.crt key server_4Q49cFOcjvBYWklG.key auth SHA256 cipher AES-128-GCM ncp-ciphers AES-128-GCM tls-server tls-version-min 1.2 tls-cipher TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 client-config-dir /etc/openvpn/ccd status /var/log/openvpn/status.log