search

ss-abramchuk / OpenVPNAdapter

Objective-C wrapper for OpenVPN library. Compatible with iOS and macOS.
GNU Affero General Public License v3.0
475 stars 215 forks source link

System Network Extension connects to VPN via OpenVPN protocol, but can't view any web pages #208

Open andrewkonchak opened 3 years ago

andrewkonchak commented 3 years ago

System Networks Extension successfully connects to VPN via OpenVPN protocol, but I can't view any web pages. With in-app Network Extension, everything is working correctly. But, when I converted app NE to system NE traffic didn't receive from the tunnel. I used system NE because I need to distribute a Mac VPN app through Developer ID ( distribute outside of MacStore ). As I understand, to do so I need to convert demo app NE to a system. I created a new system NE target, importing all files from the old target, but looks like it's not enough. It doesn't work, in console when I'm trying to establish a connection I see

Logs

default 15:56:21.550893+0300    com.NewOpenVPN.Extension    OpenVPN -----Log: OpenVPN core 3.5.6 mac x86_64 64-bit
default 15:56:21.561820+0300    com.NewOpenVPN.Extension    OpenVPN -----Log: Frame=512/2048/512 mssfix-ctrl=1250
default 15:56:21.565922+0300    com.NewOpenVPN.Extension    OpenVPN -----Log: UNUSED OPTIONS
4 [resolv-retry] [infinite] 
5 [nobind] 
6 [persist-key] 
7 [persist-tun] 
11 [verb] [3]
default 15:56:21.571866+0300    com.NewOpenVPN.Extension    OpenVPN -----Log: Contacting 3.143.220.175:443 via TCPv4
default 15:56:21.699043+0300    com.NewOpenVPN.Extension    OpenVPN -----Log: Connecting to [3.143.220.175]:443 (3.143.220.175) via TCPv4
default 15:56:21.826260+0300    com.NewOpenVPN.Extension    OpenVPN -----Log: Tunnel Options:V4,dev-type tun,link-mtu 1571,tun-mtu 1500,proto TCPv4_CLIENT,keydir 1,cipher AES-256-CBC,auth SHA256,keysize 256,tls-auth,key-method 2,tls-client
default 15:56:21.826486+0300    com.NewOpenVPN.Extension    OpenVPN -----Log: Creds: Username/Password
default 15:56:21.826595+0300    com.NewOpenVPN.Extension    OpenVPN -----Log: Peer Info:
IV_VER=3.5.6
IV_PLAT=mac
IV_NCP=2
IV_TCPNL=1
IV_PROTO=2
default 15:56:22.102931+0300    com.NewOpenVPN.Extension    OpenVPN -----Log: VERIFY OK : depth=1
cert. version     : 3
serial number     : 14:9C:99:5B:80:BE:75:F0:03:FB:7D:0C:FE:A8:C2:49:96:3D:B8:88
issuer name       : CN=ovpncliens
subject name      : CN=ovpncliens
issued  on        : 2020-08-07 07:50:26
expires on        : 2030-08-05 07:50:26
signed using      : RSA with SHA-256
RSA key size      : 2048 bits
basic constraints : CA=true
key usage         : Key Cert Sign, CRL Sign
default 15:56:22.103060+0300    com.NewOpenVPN.Extension    OpenVPN -----Log: VERIFY OK : depth=0
cert. version     : 3
serial number     : DC:A4:AC:67:BE:B6:72:A2:5E:40:4A:FC:5B:75:C5:7B
issuer name       : CN=ovpncliens
subject name      : CN=server
issued  on        : 2020-08-07 07:51:43
expires on        : 2030-08-05 07:51:43
signed using      : RSA with SHA-256
RSA key size      : 2048 bits
basic constraints : CA=false
subject alt name  : server
key usage         : Digital Signature, Key Encipherment
ext key usage     : TLS Web Server Authentication
default 15:56:22.539571+0300    com.NewOpenVPN.Extension    OpenVPN -----Log: SSL Handshake: TLSv1.2/TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384
default 15:56:22.540090+0300    com.NewOpenVPN.Extension    OpenVPN -----Log: Session is ACTIVE
default 15:56:22.540410+0300    com.NewOpenVPN.Extension    OpenVPN -----Log: Sending PUSH_REQUEST to server...
default 15:56:22.796787+0300    com.NewOpenVPN.Extension    OpenVPN -----Log: OPTIONS:
0 [redirect-gateway] [def1] [bypass-dhcp] 
1 [dhcp-option] [DNS] [8.8.4.4] 
2 [dhcp-option] [DNS] [8.8.8.8] 
3 [route] [10.8.0.0] [255.255.255.0] 
4 [topology] [net30] 
5 [ping] [10] 
6 [ping-restart] [120] 
7 [ifconfig] [10.8.0.6] [10.8.0.5] 
8 [peer-id] [0] 
9 [cipher] [AES-256-GCM]
default 15:56:22.796976+0300    com.NewOpenVPN.Extension    OpenVPN -----Log: PROTOCOL OPTIONS:
  cipher: AES-256-GCM
  digest: NONE
  compress: NONE
  peer ID: 0
default 15:56:22.797286+0300    com.NewOpenVPN.Extension    [Extension com.NewOpenVPN]: provider set tunnel configuration to (null)
default 15:56:22.813122+0300    com.NewOpenVPN.Extension    [Extension com.NewOpenVPN]: provider set tunnel configuration to 
    tunnelRemoteAddress = <13-char-str>
    DNSSettings = {
        protocol = cleartext
        server = (
            <7-char-str>,
            <7-char-str>,
        )
        searchDomains = ()
        matchDomains = (
            <0-char-str>,
        )
        matchDomainsNoSearch = NO
    }
    IPv4Settings = {
        configMethod = PPP
        addresses = (
            <8-char-str>,
        )
        subnetMasks = (
            255.255.255.252,
        )
        includedRoutes = (
            {
                destinationAddress = <8-char-str>
                destinationSubnetMask = 255.255.255.0
                gatewayAddress = <8-char-str>
            },
            {
                destinationAddress = <7-char-str>
                destinationSubnetMask = 0.0.0.0
                gatewayAddress = <8-char-str>
            },
        )
        excludedRoutes = ()
        overridePrimary = NO
    }
default 15:56:22.995848+0300    com.NewOpenVPN.Extension    Attempting to add source to main runloop, but the main thread has exited. This message will only log once. Break on _CFRunLoopError_MainThreadHasExited to debug.
default 15:56:22.996737+0300    com.NewOpenVPN.Extension    OpenVPN -----Log: Connected via tun
default 15:56:22.997486+0300    com.NewOpenVPN.Extension    OpenVPN ----- connected
default 15:57:26.822607+0300    com.NewOpenVPN.Extension    OpenVPN -----Log: TUN write exception: write_some: No buffer space available
default 15:57:27.496721+0300    com.NewOpenVPN.Extension    OpenVPN -----Log: TUN write exception: write_some: No buffer space available
default 15:57:27.623852+0300    com.NewOpenVPN.Extension    OpenVPN -----Log: TUN write exception: write_some: No buffer space available
default 15:57:27.821155+0300    com.NewOpenVPN.Extension    OpenVPN -----Log: TUN write exception: write_some: No buffer space available
default 15:57:29.125957+0300    com.NewOpenVPN.Extension    OpenVPN -----Log: TUN write exception: write_some: No buffer space available

Screen shot from network app. On this screen shot you can see that we successfully connected to OpenVPN server, but there is no “Received:” traffic.

Screen Shot 2021-06-11 at 5 52 12 PM

Do you have any idea why it doesn’t work? I debug openVPN adapter library and see something wrong with socked transfer. I think maybe something is blocking the socket connection.

Sharalink commented 3 years ago

i got the same problem!do you resolve it?

andrewkonchak commented 3 years ago

Hey, I found another solution for implementing OpenVPN connection. I used OpenVPN executable. I integrate it into my project an run it from code with my config file.

чт, 24 черв. 2021 о 18:10 sharaLink @.***> пише:

i got the same problem!do you resolve it?

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/ss-abramchuk/OpenVPNAdapter/issues/208#issuecomment-867718102, or unsubscribe https://github.com/notifications/unsubscribe-auth/AHXJMOGW52TLMUTWYI2URQDTUNDGHANCNFSM46RDTZIQ .