My Server Config:
proto tcp4
port 1194
dev tun
route-metric 1
ca "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\server.crt"
key "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\server.key"
dh "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\dh2048.pem"
server 10.8.0.0 255.255.255.0
push "redirect-gateway def1"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
keepalive 10 120
comp-lzo
persist-key
persist-tun
route-delay 2
tap-sleep 3
status openvpn-status.log
verb 3
================================================================
My client Config:
client
dev tun
proto tcp
remote 192.119.12.124 1194
route 192.119.12.124 255.255.255.255 net_gateway
;http-proxy-retry
http-proxy 127.0.0.1 8088 auto
auth-nocache
resolv-retry infinite
nobind
persist-key
persist-tun
route-delay 1 3
comp-lzo
verb 3
........
........
........
================================================================
OpenVPN on Android Client LOG:
19:52:50.047 -- ----- OpenVPN Start -----
19:52:50.048 -- EVENT: CORE_THREAD_ACTIVE
19:52:50.052 -- Frame=512/2048/512 mssfix-ctrl=1250
19:52:50.053 -- UNUSED OPTIONS
6 [auth-nocache]
7 [resolv-retry] [infinite]
8 [nobind]
9 [persist-key]
10 [persist-tun]
11 [route-delay] [1] [3]
13 [verb] [3]
19:52:50.054 -- EVENT: RESOLVE
19:52:50.058 -- Contacting 127.0.0.1:8088 via HTTP Proxy
19:52:50.059 -- EVENT: WAIT_PROXY
19:52:50.063 -- EVENT: WAIT
19:52:50.066 -- TO PROXY: CONNECT 192.119.12.124:1194 HTTP/1.0
Host: 192.119.12.124
19:52:50.828 -- FROM PROXY: HTTP/1.1 200 Connection established
Connection: Keep-Alive
19:52:50.831 -- Connecting to [192.119.12.124]:1194 (127.0.0.1) via TCPv4-via-HTTP
19:52:51.065 -- Proxy: Skipped 1 byte(s) of HTML
19:52:51.068 -- EVENT: CONNECTING
19:52:51.075 -- Tunnel Options:V4,dev-type tun,link-mtu 1544,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client
19:52:51.079 -- Creds: UsernameEmpty/PasswordEmpty
19:52:51.085 -- Peer Info:
IV_GUI_VER=OC30Android
IV_VER=3.2
IV_PLAT=android
IV_NCP=2
IV_TCPNL=1
IV_PROTO=2
IV_LZO=1
IV_AUTO_SESS=1
IV_BS64DL=1
19:52:51.380 -- VERIFY OK : depth=1
cert. version : 3
serial number : E2:72:0E:92:0C:30:62:B4
issuer name : C=US, ST=CA, L=SanFrancisco, O=os, OU=changeme, CN=os-ca, ??=changeme, emailAddress=mail@host.domain
subject name : C=US, ST=CA, L=SanFrancisco, O=os, OU=changeme, CN=os-ca, ??=changeme, emailAddress=mail@host.domain
issued on : 2019-06-18 07:41:44
expires on : 2029-06-15 07:41:44
signed using : RSA with SHA-256
RSA key size : 4096 bits
basic constraints : CA=true
19:52:51.383 -- VERIFY OK : depth=0
cert. version : 3
serial number : E1:3A:9E:1A:B6:0F:71:3F:A2:A9:B6:FD:59:D2:71:97
issuer name : C=US, ST=CA, L=SanFrancisco, O=os, OU=changeme, CN=os-ca, ??=changeme, emailAddress=mail@host.domain
subject name : C=US, ST=CA, L=SanFrancisco, O=os, OU=changeme, CN=server, ??=changeme, emailAddress=mail@host.domain
issued on : 2019-06-18 07:42:39
expires on : 2029-06-15 07:42:39
signed using : RSA with SHA-256
RSA key size : 4096 bits
basic constraints : CA=false
cert. type : SSL Server
key usage : Digital Signature, Key Encipherment
ext key usage : TLS Web Server Authentication
19:52:52.380 -- SSL Handshake: TLSv1.2/TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384
19:52:52.385 -- Session is ACTIVE
19:52:52.389 -- EVENT: GET_CONFIG
19:52:52.406 -- Sending PUSH_REQUEST to server...
19:52:52.900 -- OPTIONS:
0 [route] [192.119.12.124] [255.255.255.255] [net_gateway]
1 [redirect-gateway] [def1]
2 [dhcp-option] [DNS] [8.8.8.8]
3 [dhcp-option] [DNS] [8.8.4.4]
4 [route] [10.8.0.1]
5 [topology] [net30]
6 [ping] [10]
7 [ping-restart] [120]
8 [ifconfig] [10.8.0.6] [10.8.0.5]
9 [peer-id] [0]
10 [cipher] [AES-256-GCM]
19:52:52.908 -- PROTOCOL OPTIONS:
cipher: AES-256-GCM
digest: SHA1
compress: LZO
peer ID: 0
19:52:52.910 -- EVENT: ASSIGN_IP
19:52:52.929 -- Exclude routes emulation:
0.0.0.0/5
8.0.0.0/7
10.0.0.0/14
10.4.0.0/15
10.6.0.0/16
10.7.0.0/32
10.7.0.2/31
10.7.0.4/30
10.7.0.8/29
10.7.0.16/28
10.7.0.32/27
10.7.0.64/26
10.7.0.128/25
10.7.1.0/24
10.7.2.0/23
10.7.4.0/22
10.7.8.0/21
10.7.16.0/20
10.7.32.0/19
10.7.64.0/18
10.7.128.0/17
10.8.0.0/13
10.16.0.0/12
10.32.0.0/11
10.64.0.0/10
10.128.0.0/9
11.0.0.0/8
12.0.0.0/6
16.0.0.0/4
32.0.0.0/3
64.0.0.0/2
128.0.0.0/2
192.0.0.0/10
192.64.0.0/11
192.96.0.0/12
192.112.0.0/14
192.116.0.0/15
192.118.0.0/16
192.119.0.0/21
192.119.8.0/22
192.119.12.0/26
192.119.12.64/27
192.119.12.96/28
192.119.12.112/29
192.119.12.120/30
192.119.12.125/32
192.119.12.126/31
192.119.12.128/25
192.119.13.0/24
192.119.14.0/23
192.119.16.0/20
192.119.32.0/19
192.119.64.0/18
192.119.128.0/17
192.120.0.0/13
192.128.0.0/9
193.0.0.0/8
194.0.0.0/7
196.0.0.0/6
200.0.0.0/5
208.0.0.0/4
224.0.0.0/3
19:52:53.070 -- Connected via tun
19:52:53.076 -- EVENT: CONNECTED info='@192.119.12.124:1194 (127.0.0.1) via /TCPv4-via-HTTP on tun/10.7.1.50/ gw=[10.7.1.49/]' trans=TO_CONNECTED
19:52:53.090 -- TCP recv EOF
19:52:53.092 -- Transport Error: Transport error on '192.119.12.124' via HTTP proxy 127.0.0.1:8088 : NETWORK_EOF_ERROR
19:52:53.093 -- EVENT: TRANSPORT_ERROR info='Transport error on '192.119.12.124' via HTTP proxy 127.0.0.1:8088 : NETWORK_EOF_ERROR' trans=TO_DISCONNECTED
19:52:53.107 -- Client terminated, restarting in 5000 ms...
19:52:58.093 -- EVENT: RECONNECTING
19:52:58.112 -- Contacting 127.0.0.1:8080 via HTTP Proxy
19:52:58.122 -- EVENT: WAIT_PROXY
19:52:58.140 -- EVENT: WAIT
19:52:58.151 -- TO PROXY: CONNECT 192.119.12.124:1194 HTTP/1.0
Host: 192.119.12.124
19:52:58.592 -- FROM PROXY: HTTP/1.1 200 Connection established
Connection: Keep-Alive
LOOP & LOOP