0

Because of a certain public government firewall with deep packet inspection preventing OpenVPN out of the country, I am trying to run OpenVPN over SSH. I also wanted all traffic to run through OpenVPN, so I added push "redirect-gateway def1 bypass-dhcp to my server config. To prevent OpenVPN from killing the SSH connection that it ran through, I also added push "route [server ip] 255.255.255.255 net_gateway".

This works beautifully...at least on Windows. But with OpenVPN Connect in conjunction with an iOS SSH app with port forwarding, OpenVPN kills the SSH connection a few seconds after it connects thru the SSH tunnel.

I've tried adding route [server ip] 255.255.255.255 net_gateway to the client .ovpn, but to little avail. Are my configs wrong, or do I really need jailbreak (really a last resort) to accomplish my task?

Improve this question

1 Answer 1

Reset to default
0

The manual states:

bypass-dhcp -- Add a direct route to the DHCP server (if it is non-local) which bypasses the tunnel (Available on Windows clients, may not be available on non-Windows clients).

so there is no certainty at all this exists on iOS. I do not have an iOS device, please let me know whether you find any evidence that this instruction works.

Also, as stated above, this bypasses the tunnel, which means your information is sent outside the secure OpenVPN tunnel. Are you sure this is what you are after?

Lastly, OpenVPN does not tear down the ssh connection at all. Since your use case is one about a hostile environment, you should investigate more carefully why this occurs. Logs on both server and client will help you understand whether this occurs because of an end-point configuration problem, in which case you are safe, or otherwise.

In your shoes, I would try testing your openvpn client configuration by setting up an openvpn server on your pc, and trying to connect locally from your iOS device, using exactly the same configuration for the server as the real, remote server. When this works, connecting to the remote should be a cinch.

I found these instructions delightfully easy to follow.

Improve this answer
1
  • Investigating further into the logs, the handshake succeeds, but the ssh connection breaks once OpenVPN is done configuring. This does not happen anywhere else...
    – guineawheek
    Commented Jul 4, 2015 at 15:05

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .