"Use default Route" not working any more after upgrading to Android 14
jerome-cui opened this issue · comments
Info
Android Version: 14
Vendor: Honor
Model: PGT-AN00
App version: 0.7.51
Description
I have a VPN with pushed route only for local network (192.168.3.0/24), but on my Android phone I need all traffic to go through the VPN, so I have the option "Use default Route" checked to redirect all traffic.
It stopped working after I upgrade my phone to Android 14.
log
ICS OpenVPN log
ICS OpenVPN log file
ICS OpenVPN log file
2024-03-21 16:19:21 F-Droid built and signed version 0.7.51 running on HONOR PGT-AN00 (kalama), Android 14 (HONORPGT-AN00) API 34, ABI arm64-v8a, (HONOR/PGT-AN00/HNPGT:14/HONORPGT-AN00/8.0.0.123CHNC00E105R6P6:user/release-keys)
2024-03-21 16:19:21 Building configuration…
2024-03-21 16:19:21 Fetched VPN profile (xxxxxxx) triggered by main profile list
2024-03-21 16:19:21 Scheduling VPN keep alive for VPN xxxxxxx
2024-03-21 16:19:21 started Socket Thread
2024-03-21 16:19:21 Network Status: CONNECTED LTE to MOBILE 3gnet
2024-03-21 16:19:21 Debug state info: CONNECTED LTE to MOBILE 3gnet, pause: userPause, shouldbeconnected: true, network: SHOULDBECONNECTED
2024-03-21 16:19:21 P:WARNING: linker: Warning: "/data/app/~~sErO43avRHEBIoiMZPj1Bg==/de.blinkt.openvpn-qJreHj-whhNKKtGoLhjQjQ==/lib/arm64/libovpnexec.so" is not a directory (ignoring)
2024-03-21 16:19:21 Debug state info: CONNECTED LTE to MOBILE 3gnet, pause: userPause, shouldbeconnected: true, network: SHOULDBECONNECTED
2024-03-21 16:19:21 Current Parameter Settings:
2024-03-21 16:19:21 config = 'stdin'
2024-03-21 16:19:21 mode = 0
2024-03-21 16:19:21 show_ciphers = DISABLED
2024-03-21 16:19:21 show_digests = DISABLED
2024-03-21 16:19:21 show_engines = DISABLED
2024-03-21 16:19:21 genkey = DISABLED
2024-03-21 16:19:21 genkey_filename = '[UNDEF]'
2024-03-21 16:19:21 key_pass_file = '[UNDEF]'
2024-03-21 16:19:21 show_tls_ciphers = DISABLED
2024-03-21 16:19:21 connect_retry_max = 0
2024-03-21 16:19:21 Connection profiles [0]:
2024-03-21 16:19:21 proto = udp
2024-03-21 16:19:21 local = '[UNDEF]'
2024-03-21 16:19:21 local_port = '[UNDEF]'
2024-03-21 16:19:21 remote = 'xxxxxxxx'
2024-03-21 16:19:21 remote_port = '5694'
2024-03-21 16:19:21 remote_float = ENABLED
2024-03-21 16:19:21 bind_defined = DISABLED
2024-03-21 16:19:21 bind_local = DISABLED
2024-03-21 16:19:21 bind_ipv6_only = DISABLED
2024-03-21 16:19:21 connect_retry_seconds = 2
2024-03-21 16:19:21 connect_timeout = 120
2024-03-21 16:19:21 socks_proxy_server = '[UNDEF]'
2024-03-21 16:19:21 socks_proxy_port = '[UNDEF]'
2024-03-21 16:19:21 tun_mtu = 1500
2024-03-21 16:19:21 tun_mtu_defined = ENABLED
2024-03-21 16:19:21 link_mtu = 1500
2024-03-21 16:19:21 link_mtu_defined = DISABLED
2024-03-21 16:19:21 tun_mtu_extra = 0
2024-03-21 16:19:21 tun_mtu_extra_defined = DISABLED
2024-03-21 16:19:21 tls_mtu = 1250
2024-03-21 16:19:21 mtu_discover_type = -1
2024-03-21 16:19:21 fragment = 0
2024-03-21 16:19:21 mssfix = 1492
2024-03-21 16:19:21 mssfix_encap = ENABLED
2024-03-21 16:19:21 mssfix_fixed = DISABLED
2024-03-21 16:19:21 explicit_exit_notification = 0
2024-03-21 16:19:21 tls_auth_file = '[UNDEF]'
2024-03-21 16:19:21 key_direction = not set
2024-03-21 16:19:21 tls_crypt_file = '[UNDEF]'
2024-03-21 16:19:21 tls_crypt_v2_file = '[UNDEF]'
2024-03-21 16:19:21 Connection profiles END
2024-03-21 16:19:21 remote_random = DISABLED
2024-03-21 16:19:21 ipchange = '[UNDEF]'
2024-03-21 16:19:21 dev = 'tun'
2024-03-21 16:19:21 dev_type = '[UNDEF]'
2024-03-21 16:19:21 dev_node = '[UNDEF]'
2024-03-21 16:19:21 lladdr = '[UNDEF]'
2024-03-21 16:19:21 topology = 1
2024-03-21 16:19:21 ifconfig_local = '[UNDEF]'
2024-03-21 16:19:21 ifconfig_remote_netmask = '[UNDEF]'
2024-03-21 16:19:21 ifconfig_noexec = DISABLED
2024-03-21 16:19:21 ifconfig_nowarn = ENABLED
2024-03-21 16:19:21 ifconfig_ipv6_local = '[UNDEF]'
2024-03-21 16:19:21 ifconfig_ipv6_netbits = 0
2024-03-21 16:19:21 ifconfig_ipv6_remote = '[UNDEF]'
2024-03-21 16:19:21 shaper = 0
2024-03-21 16:19:21 mtu_test = 0
2024-03-21 16:19:21 mlock = DISABLED
2024-03-21 16:19:21 keepalive_ping = 0
2024-03-21 16:19:21 keepalive_timeout = 0
2024-03-21 16:19:21 inactivity_timeout = 0
2024-03-21 16:19:21 session_timeout = 0
2024-03-21 16:19:21 inactivity_minimum_bytes = 0
2024-03-21 16:19:21 ping_send_timeout = 0
2024-03-21 16:19:21 ping_rec_timeout = 0
2024-03-21 16:19:21 ping_rec_timeout_action = 0
2024-03-21 16:19:21 ping_timer_remote = DISABLED
2024-03-21 16:19:21 remap_sigusr1 = 0
2024-03-21 16:19:21 persist_tun = ENABLED
2024-03-21 16:19:21 persist_local_ip = DISABLED
2024-03-21 16:19:21 persist_remote_ip = DISABLED
2024-03-21 16:19:21 persist_key = DISABLED
2024-03-21 16:19:21 passtos = DISABLED
2024-03-21 16:19:21 resolve_retry_seconds = 60
2024-03-21 16:19:21 resolve_in_advance = ENABLED
2024-03-21 16:19:21 username = '[UNDEF]'
2024-03-21 16:19:21 groupname = '[UNDEF]'
2024-03-21 16:19:21 chroot_dir = '[UNDEF]'
2024-03-21 16:19:21 cd_dir = '[UNDEF]'
2024-03-21 16:19:21 writepid = '[UNDEF]'
2024-03-21 16:19:21 up_script = '[UNDEF]'
2024-03-21 16:19:21 down_script = '[UNDEF]'
2024-03-21 16:19:21 down_pre = DISABLED
2024-03-21 16:19:21 up_restart = DISABLED
2024-03-21 16:19:21 up_delay = DISABLED
2024-03-21 16:19:21 daemon = DISABLED
2024-03-21 16:19:21 log = DISABLED
2024-03-21 16:19:21 suppress_timestamps = DISABLED
2024-03-21 16:19:21 machine_readable_output = ENABLED
2024-03-21 16:19:21 nice = 0
2024-03-21 16:19:21 verbosity = 4
2024-03-21 16:19:21 mute = 0
2024-03-21 16:19:21 gremlin = 0
2024-03-21 16:19:21 status_file = '[UNDEF]'
2024-03-21 16:19:21 status_file_version = 1
2024-03-21 16:19:21 status_file_update_freq = 60
2024-03-21 16:19:21 occ = ENABLED
2024-03-21 16:19:21 rcvbuf = 0
2024-03-21 16:19:21 sndbuf = 0
2024-03-21 16:19:21 sockflags = 0
2024-03-21 16:19:21 fast_io = DISABLED
2024-03-21 16:19:21 comp.alg = 0
2024-03-21 16:19:21 comp.flags = 24
2024-03-21 16:19:21 route_script = '[UNDEF]'
2024-03-21 16:19:21 route_default_gateway = '[UNDEF]'
2024-03-21 16:19:21 route_default_metric = 0
2024-03-21 16:19:21 route_noexec = DISABLED
2024-03-21 16:19:21 route_delay = 0
2024-03-21 16:19:21 route_delay_window = 30
2024-03-21 16:19:21 route_delay_defined = DISABLED
2024-03-21 16:19:21 route_nopull = ENABLED
2024-03-21 16:19:21 route_gateway_via_dhcp = DISABLED
2024-03-21 16:19:21 allow_pull_fqdn = DISABLED
2024-03-21 16:19:21 route 0.0.0.0/0.0.0.0/vpn_gateway/default (not set)
2024-03-21 16:19:21 management_addr = '/data/user/0/de.blinkt.openvpn/cache/mgmtsocket'
2024-03-21 16:19:21 management_port = 'unix'
2024-03-21 16:19:21 management_user_pass = '[UNDEF]'
2024-03-21 16:19:21 management_log_history_cache = 250
2024-03-21 16:19:21 management_echo_buffer_size = 100
2024-03-21 16:19:21 management_client_user = '[UNDEF]'
2024-03-21 16:19:21 management_client_group = '[UNDEF]'
2024-03-21 16:19:21 management_flags = 16678
2024-03-21 16:19:21 shared_secret_file = '[UNDEF]'
2024-03-21 16:19:21 key_direction = not set
2024-03-21 16:19:21 ciphername = 'AES-256-GCM'
2024-03-21 16:19:21 ncp_ciphers = 'AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305'
2024-03-21 16:19:21 authname = 'SHA1'
2024-03-21 16:19:21 engine = DISABLED
2024-03-21 16:19:21 mute_replay_warnings = DISABLED
2024-03-21 16:19:21 replay_window = 64
2024-03-21 16:19:21 replay_time = 15
2024-03-21 16:19:21 packet_id_file = '[UNDEF]'
2024-03-21 16:19:21 test_crypto = DISABLED
2024-03-21 16:19:21 tls_server = DISABLED
2024-03-21 16:19:21 tls_client = ENABLED
2024-03-21 16:19:21 ca_file = '[INLINE]'
2024-03-21 16:19:21 ca_path = '[UNDEF]'
2024-03-21 16:19:21 dh_file = '[UNDEF]'
2024-03-21 16:19:21 cert_file = '[INLINE]'
2024-03-21 16:19:21 extra_certs_file = '[UNDEF]'
2024-03-21 16:19:21 priv_key_file = '[INLINE]'
2024-03-21 16:19:21 pkcs12_file = '[UNDEF]'
2024-03-21 16:19:21 cipher_list = '[UNDEF]'
2024-03-21 16:19:21 cipher_list_tls13 = '[UNDEF]'
2024-03-21 16:19:21 tls_cert_profile = 'legacy'
2024-03-21 16:19:21 tls_verify = '[UNDEF]'
2024-03-21 16:19:21 tls_export_cert = '[UNDEF]'
2024-03-21 16:19:21 verify_x509_type = 0
2024-03-21 16:19:21 verify_x509_name = '[UNDEF]'
2024-03-21 16:19:21 crl_file = '[UNDEF]'
2024-03-21 16:19:21 ns_cert_type = 0
2024-03-21 16:19:21 remote_cert_ku[i] = 65535
2024-03-21 16:19:21 remote_cert_ku[i] = 0
2024-03-21 16:19:21 remote_cert_ku[i] = 0
2024-03-21 16:19:21 remote_cert_ku[i] = 0
2024-03-21 16:19:21 remote_cert_ku[i] = 0
2024-03-21 16:19:21 remote_cert_ku[i] = 0
2024-03-21 16:19:21 remote_cert_ku[i] = 0
2024-03-21 16:19:21 remote_cert_ku[i] = 0
2024-03-21 16:19:21 remote_cert_ku[i] = 0
2024-03-21 16:19:21 remote_cert_ku[i] = 0
2024-03-21 16:19:21 remote_cert_ku[i] = 0
2024-03-21 16:19:21 remote_cert_ku[i] = 0
2024-03-21 16:19:21 remote_cert_ku[i] = 0
2024-03-21 16:19:21 remote_cert_ku[i] = 0
2024-03-21 16:19:21 remote_cert_ku[i] = 0
2024-03-21 16:19:21 remote_cert_ku[i] = 0
2024-03-21 16:19:21 remote_cert_eku = 'TLS Web Server Authentication'
2024-03-21 16:19:21 ssl_flags = 192
2024-03-21 16:19:21 tls_timeout = 2
2024-03-21 16:19:21 renegotiate_bytes = -1
2024-03-21 16:19:21 renegotiate_packets = 0
2024-03-21 16:19:21 renegotiate_seconds = 3600
2024-03-21 16:19:21 handshake_window = 60
2024-03-21 16:19:21 transition_window = 3600
2024-03-21 16:19:21 single_session = DISABLED
2024-03-21 16:19:21 push_peer_info = DISABLED
2024-03-21 16:19:21 tls_exit = DISABLED
2024-03-21 16:19:21 tls_crypt_v2_metadata = '[UNDEF]'
2024-03-21 16:19:21 server_network = 0.0.0.0
2024-03-21 16:19:21 server_netmask = 0.0.0.0
2024-03-21 16:19:21 server_network_ipv6 = ::
2024-03-21 16:19:21 server_netbits_ipv6 = 0
2024-03-21 16:19:21 server_bridge_ip = 0.0.0.0
2024-03-21 16:19:21 server_bridge_netmask = 0.0.0.0
2024-03-21 16:19:21 server_bridge_pool_start = 0.0.0.0
2024-03-21 16:19:21 server_bridge_pool_end = 0.0.0.0
2024-03-21 16:19:21 ifconfig_pool_defined = DISABLED
2024-03-21 16:19:21 ifconfig_pool_start = 0.0.0.0
2024-03-21 16:19:21 ifconfig_pool_end = 0.0.0.0
2024-03-21 16:19:21 ifconfig_pool_netmask = 0.0.0.0
2024-03-21 16:19:21 ifconfig_pool_persist_filename = '[UNDEF]'
2024-03-21 16:19:21 ifconfig_pool_persist_refresh_freq = 600
2024-03-21 16:19:21 ifconfig_ipv6_pool_defined = DISABLED
2024-03-21 16:19:21 ifconfig_ipv6_pool_base = ::
2024-03-21 16:19:21 ifconfig_ipv6_pool_netbits = 0
2024-03-21 16:19:21 n_bcast_buf = 256
2024-03-21 16:19:21 tcp_queue_limit = 64
2024-03-21 16:19:21 real_hash_size = 256
2024-03-21 16:19:21 virtual_hash_size = 256
2024-03-21 16:19:21 client_connect_script = '[UNDEF]'
2024-03-21 16:19:21 learn_address_script = '[UNDEF]'
2024-03-21 16:19:21 client_disconnect_script = '[UNDEF]'
2024-03-21 16:19:21 client_crresponse_script = '[UNDEF]'
2024-03-21 16:19:21 client_config_dir = '[UNDEF]'
2024-03-21 16:19:21 ccd_exclusive = DISABLED
2024-03-21 16:19:21 tmp_dir = '/data/data/de.blinkt.openvpn/cache'
2024-03-21 16:19:21 push_ifconfig_defined = DISABLED
2024-03-21 16:19:21 push_ifconfig_local = 0.0.0.0
2024-03-21 16:19:21 push_ifconfig_remote_netmask = 0.0.0.0
2024-03-21 16:19:21 push_ifconfig_ipv6_defined = DISABLED
2024-03-21 16:19:21 push_ifconfig_ipv6_local = ::/0
2024-03-21 16:19:21 push_ifconfig_ipv6_remote = ::
2024-03-21 16:19:21 enable_c2c = DISABLED
2024-03-21 16:19:21 duplicate_cn = DISABLED
2024-03-21 16:19:21 cf_max = 0
2024-03-21 16:19:21 cf_per = 0
2024-03-21 16:19:21 cf_initial_max = 100
2024-03-21 16:19:21 cf_initial_per = 10
2024-03-21 16:19:21 max_clients = 1024
2024-03-21 16:19:21 max_routes_per_client = 256
2024-03-21 16:19:21 auth_user_pass_verify_script = '[UNDEF]'
2024-03-21 16:19:21 auth_user_pass_verify_script_via_file = DISABLED
2024-03-21 16:19:21 auth_token_generate = DISABLED
2024-03-21 16:19:21 auth_token_lifetime = 0
2024-03-21 16:19:21 auth_token_secret_file = '[UNDEF]'
2024-03-21 16:19:21 port_share_host = '[UNDEF]'
2024-03-21 16:19:21 port_share_port = '[UNDEF]'
2024-03-21 16:19:21 vlan_tagging = DISABLED
2024-03-21 16:19:21 vlan_accept = all
2024-03-21 16:19:21 vlan_pvid = 1
2024-03-21 16:19:21 client = ENABLED
2024-03-21 16:19:21 pull = ENABLED
2024-03-21 16:19:21 auth_user_pass_file = 'stdin'
2024-03-21 16:19:21 OpenVPN 2.7-icsopenvpn [git:icsopenvpn/v0.7.51-0-g0ad44976] arm64-v8a [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Dec 2 2023
2024-03-21 16:19:21 library versions: OpenSSL 3.2.0 23 Nov 2023, LZO 2.10
2024-03-21 16:19:21 MANAGEMENT: Connected to management server at /data/user/0/de.blinkt.openvpn/cache/mgmtsocket
2024-03-21 16:19:21 Waiting 0s seconds between connection attempt
2024-03-21 16:19:21 MANAGEMENT: CMD 'version 3'
2024-03-21 16:19:21 MANAGEMENT: CMD 'hold release'
2024-03-21 16:19:21 MANAGEMENT: CMD 'bytecount 2'
2024-03-21 16:19:21 MANAGEMENT: CMD 'state on'
2024-03-21 16:19:21 MANAGEMENT: CMD 'username 'Auth' xxx'
2024-03-21 16:19:21 MANAGEMENT: CMD 'password [...]'
2024-03-21 16:19:21 MANAGEMENT: >STATE:1711009161,RESOLVE,,,,,,
2024-03-21 16:19:22 MANAGEMENT: CMD 'proxy NONE'
2024-03-21 16:19:23 Control Channel MTU parms [ mss_fix:0 max_frag:0 tun_mtu:1250 tun_max_mtu:0 headroom:126 payload:1600 tailroom:126 ET:0 ]
2024-03-21 16:19:23 Data Channel MTU parms [ mss_fix:0 max_frag:0 tun_mtu:1500 tun_max_mtu:1600 headroom:136 payload:1768 tailroom:562 ET:0 ]
2024-03-21 16:19:23 TCP/UDP: Preserving recently used remote address: [AF_INET]xxxxxxxx
2024-03-21 16:19:23 Socket Buffers: R=[212992->212992] S=[212992->212992]
2024-03-21 16:19:23 MANAGEMENT: CMD 'needok 'PROTECTFD' ok'
2024-03-21 16:19:23 UDPv4 link local: (not bound)
2024-03-21 16:19:23 UDPv4 link remote: [AF_INET]xxxxxxxx
2024-03-21 16:19:23 MANAGEMENT: >STATE:1711009163,WAIT,,,,,,
2024-03-21 16:19:23 MANAGEMENT: >STATE:1711009163,AUTH,,,,,,
2024-03-21 16:19:23 TLS: Initial packet from [AF_INET]xxxxxxxx, sid=ca773c29 6e3dde83
2024-03-21 16:19:23 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2024-03-21 16:19:23 VERIFY OK: depth=1, CN=HomeServer
2024-03-21 16:19:23 VERIFY KU OK
2024-03-21 16:19:23 Validating certificate extended key usage
2024-03-21 16:19:23 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2024-03-21 16:19:23 VERIFY EKU OK
2024-03-21 16:19:23 VERIFY OK: depth=0, CN=server
2024-03-21 16:19:23 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 2048 bits RSA, signature: RSA-SHA256, peer temporary key: 253 bits X25519
2024-03-21 16:19:23 [server] Peer Connection Initiated with [AF_INET]xxxxxxxx
2024-03-21 16:19:23 TLS: move_session: dest=TM_ACTIVE src=TM_INITIAL reinit_src=1
2024-03-21 16:19:23 TLS: tls_multi_process: initial untrusted session promoted to trusted
2024-03-21 16:19:23 PUSH: Received control message: 'PUSH_REPLY,route 192.168.3.0 255.255.255.0,remote-gateway 192.168.3.100,dhcp-option DNS 192.168.3.100,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.10 10.8.0.9,peer-id 1,cipher AES-256-GCM,protocol-flags cc-exit,tun-mtu 1500'
2024-03-21 16:19:23 Options error: option 'route' cannot be used in this context ([PUSH-OPTIONS])
2024-03-21 16:19:23 Options error: Unrecognized option or missing or extra parameter(s) in [PUSH-OPTIONS]:2: remote-gateway (2.7_master)
2024-03-21 16:19:23 Opening tun interface:
2024-03-21 16:19:23 Options error: option 'dhcp-option' cannot be used in this context ([PUSH-OPTIONS])
2024-03-21 16:19:23 Options error: option 'route' cannot be used in this context ([PUSH-OPTIONS])
2024-03-21 16:19:23 OPTIONS IMPORT: --ifconfig/up options modified
2024-03-21 16:19:23 OPTIONS IMPORT: tun-mtu set to 1500
2024-03-21 16:19:23 ROUTE_GATEWAY 127.100.103.119 IFACE=android-gw
2024-03-21 16:19:23 GDG6: remote_host_ipv6=n/a
2024-03-21 16:19:23 ROUTE6_GATEWAY :: IFACE=android-gw
2024-03-21 16:19:23 do_ifconfig, ipv4=1, ipv6=0
2024-03-21 16:19:23 MANAGEMENT: >STATE:1711009163,ASSIGN_IP,,10.8.0.10,,,,
2024-03-21 16:19:23 MANAGEMENT: CMD 'needok 'IFCONFIG' ok'
2024-03-21 16:19:23 MANAGEMENT: >STATE:1711009163,ADD_ROUTES,,,,,,
2024-03-21 16:19:23 MANAGEMENT: CMD 'needok 'ROUTE' ok'
2024-03-21 16:19:23 WARNING: OpenVPN was configured to add an IPv6 route. However, no IPv6 has been configured for (null), therefore the route installation may fail or may not work as expected.
2024-03-21 16:19:23 add_route_ipv6(::/0 -> :: metric -1) dev (null)
2024-03-21 16:19:23 MANAGEMENT: CMD 'needok 'ROUTE6' ok'
2024-03-21 16:19:23 MANAGEMENT: CMD 'needok 'PERSIST_TUN_ACTION' OPEN_BEFORE_CLOSE'
2024-03-21 16:19:23 Local IPv4: 10.8.0.10/30 IPv6: (not set) MTU: 1500
2024-03-21 16:19:23 DNS Server: , Domain: null
2024-03-21 16:19:23 Routes: 0.0.0.0/0, 10.8.0.8/30 ::/0
2024-03-21 16:19:23 Routes excluded:
2024-03-21 16:19:23 Disallowed VPN apps: org.thunderdog.challegram, com.microsoft.emmx, org.telegram.messenger
2024-03-21 16:19:23 No DNS servers being used. Name resolution may not work. Consider setting custom DNS Servers. Please also note that Android will keep using your proxy settings specified for your mobile/Wi-Fi connection when no DNS servers are set.
2024-03-21 16:19:23 MANAGEMENT: CMD 'needok 'OPENTUN' ok'
2024-03-21 16:19:23 Data Channel MTU parms [ mss_fix:1400 max_frag:0 tun_mtu:1500 tun_max_mtu:1600 headroom:136 payload:1768 tailroom:562 ET:0 ]
2024-03-21 16:19:23 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2024-03-21 16:19:23 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2024-03-21 16:19:23 Initialization Sequence Completed
2024-03-21 16:19:23 MANAGEMENT: >STATE:1711009163,CONNECTED,SUCCESS,10.8.0.10,59.172.119.148,5694,,
2024-03-21 16:19:23 Data Channel: cipher 'AES-256-GCM', peer-id: 1
2024-03-21 16:19:23 Timers: ping 10, ping-restart 120
2024-03-21 16:19:23 Protocol options: protocol-flags cc-exit
2024-03-21 16:19:23 PID_ERR replay-window backtrack occurred [2] [SSL-0] [0__00000000] 0:11 0:9 t=1711009163[0] r=[0,64,15,2,1] sl=[53,11,64,528]
2024-03-21 16:19:24 Debug state info: CONNECTED LTE to MOBILE 3gnet, pause: userPause, shouldbeconnected: true, network: SHOULDBECONNECTED
2024-03-21 16:20:05 PID_ERR replay-window backtrack occurred [3] [SSL-0] [00__00000000111111114>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>EEEEEEEEE] 0:233 0:230 t=1711009205[0] r=[-4,64,15,3,1] sl=[23,64,64,528]
2024-03-21 16:20:06 PID_ERR replay-window backtrack occurred [4] [SSL-0] [0_0__00011111111111111111111111111222222225>>>>>>>>>>>>>EEEEEEEE] 0:255 0:251 t=1711009206[0] r=[0,64,15,4,1] sl=[1,64,64,528]
2024-03-21 16:20:08 Network Status: CONNECTED to WIFI
2024-03-21 16:20:08 Debug state info: CONNECTED to WIFI , pause: userPause, shouldbeconnected: true, network: SHOULDBECONNECTED
2024-03-21 16:20:08 MANAGEMENT: CMD 'network-change'
2024-03-21 16:20:08 Debug state info: CONNECTED to WIFI , pause: userPause, shouldbeconnected: true, network: SHOULDBECONNECTED
2024-03-21 16:21:31 PID_ERR replay-window backtrack occurred [5] [SSL-0] [0_____0000000001111111111111111111111111111111111111111111111111] 0:871 0:866 t=1711009291[0] r=[-3,64,15,5,1] sl=[25,64,64,528]
2024-03-21 16:23:10 PID_ERR replay-window backtrack occurred [6] [SSL-0] [0__0___0000000011111111111222222222222444444444555_555>>>>>>>>>>] 0:1663 0:1657 t=1711009390[0] r=[0,64,15,6,1] sl=[1,64,64,528]
configuration
# Config for OpenVPN 2.x
# Enables connection to GUI
management /data/user/0/de.blinkt.openvpn/cache/mgmtsocket unix
management-client
management-query-passwords
management-hold
setenv IV_GUI_VER "de.blinkt.openvpn 0.7.51"
setenv IV_SSO openurl,webauth,crtext
setenv IV_PLAT_VER "34 14 arm64-v8a HONOR kalama PGT-AN00"
setenv IV_HWADDR 30:63:65:63:31:64:36
tls-cert-profile legacy
machine-readable-output
allow-recursive-routing
ifconfig-nowarn
client
verb 4
connect-retry 2 300
resolv-retry 60
dev tun
remote xxxxxx 5600 udp
auth-user-pass
<ca>
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
</ca>
<key>
-----BEGIN PRIVATE KEY-----
-----END PRIVATE KEY-----
</key>
<cert>
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
</cert>
route-nopull
route-ipv6 ::/0
route 0.0.0.0 0.0.0.0 vpn_gateway
remote-cert-tls server
cipher AES-256-GCM
float
persist-tun
# persist-tun also enables pre resolving to avoid DNS resolve problem
preresolve
# Use system proxy setting
management-query-proxy
# Custom configuration options
# You are on your on own here :)
The log shows the default route being installed:
2024-03-21 16:19:23 Routes: 0.0.0.0/0, 10.8.0.8/30 ::/0
How do you determine that it doesn't work?
The log shows the default route being installed:
2024-03-21 16:19:23 Routes: 0.0.0.0/0, 10.8.0.8/30 ::/0
How do you determine that it doesn't work?
In China, I can't access Google without a proxy, which is behind the VPN. If the traffic go through the VPN, then I could access google, else not.
However with the VPN I could access resource in my local network, which is 192.168.3.0/24.
I cannot reproduce that issue here. Can you try something other than google like myip.com or something that shows your IP?
Is there any method to add a route to my Android manually?
It's an issue of DNS, not about the route