trying to connect from an android phone using OpenVPN Connect client
Aptitude says I'm running the latest version in my server.
Debian stretch/testing shows same version, as well
How did you install OpenVPN - did you follow one of the tutorials here on DO, which?
Which version of Debian and OpenVPN server?
When you generated the certificate for the client, did you use TLS1.2 or only TLS1.0?
Can you supply your OpenVPN log, so it's easier to debug?
Thanks for the quick and detailed reply. First, I'm a bit of a noob to linux, though I'm fairly tech savvy and learn quickly. I'm running Debian 8.8-64 and installed using a DO tutorial. OpenVPN version is 2.4. I have to admit, when I generated the certs, I just blindly followed the tutorial. Here is info from my server.crt :
X509v3 Extended Key Usage:
TLS Web Server Authentication
and when I check my /etc/openvpn/easy-rsa directory, the most recent ssl-related file there is openssl-1.0.0.cnf.
That's about all I have at the moment.
Thanks again
Okay, have a look in /var/log/openvpn.log or /var/log/openvpn/error.log to see if there's something more telling about the error.
It seems like the configuration somewhere (either server or client) is set to use TLS1.0, which was disabled since OpenVPN 2.4 (I think).
Can you connect from another device (not an Android) with the same configuration and certificate?
Was this the tutorial?
https://www.digitalocean.com/community/tutorials/how-to-set-up-an-openvpn-server-on-debian-8
Well, neither of those two .log files exist in my tree, or anything that looks related.
I can connect from 3 other machines: One running debian stretch, and another running debian stretch in a vm, as well as another running WIndows 7-64 in a vm.
The only problem is with my android phone.
The tutorial you linked was the one I used.
Agreed. Thanks for your efforts. This isnt a crucial issue for me, as I already have another vpn that works on all of my platforms. I'm doing this primarily as a learning experience.
Thanks again, hansen