Some pitfalls that I spent hours on before getting everything to work (but I am a beginner)
1)
"tun write error: cannot identify IP version for prefix" on iOS client
OR
"the data area passed to a system call is too small" on Win7 client
comp-lzo setting in client configuration missing.
I wrongly assumed that "adaptive" is the default and doesn't have to be set.
I also tried "pushing" the comp-lzo setting from the server, or turning it off on the server, which all didn't work for me.
And with all the successful hand-shaking up front (in the log files) and both the router (in the status gui) and iOS client (VPN symbol and profile status) reporting "connected", I always thought the tunnel is up, and it's a routing problem that I just couldn't ping my LAN. So spent hours trying to fix the wrong end.
2)
Had to be cautious when generating the .ovpn file with inline keys.
Although I tried to just cut and paste the full key in notepad (to avoid dos/unix linefeed problems) the keys still got messed up. Ended up doing the .ovpn editing on linux.
3)
And dummest of all...
Don't try to ping your 192.168.1.x home LAN over your VPN from another 192.168.1.x LAN
1)
"tun write error: cannot identify IP version for prefix" on iOS client
OR
"the data area passed to a system call is too small" on Win7 client
comp-lzo setting in client configuration missing.
I wrongly assumed that "adaptive" is the default and doesn't have to be set.
I also tried "pushing" the comp-lzo setting from the server, or turning it off on the server, which all didn't work for me.
And with all the successful hand-shaking up front (in the log files) and both the router (in the status gui) and iOS client (VPN symbol and profile status) reporting "connected", I always thought the tunnel is up, and it's a routing problem that I just couldn't ping my LAN. So spent hours trying to fix the wrong end.
2)
Had to be cautious when generating the .ovpn file with inline keys.
Although I tried to just cut and paste the full key in notepad (to avoid dos/unix linefeed problems) the keys still got messed up. Ended up doing the .ovpn editing on linux.
3)
And dummest of all...
Don't try to ping your 192.168.1.x home LAN over your VPN from another 192.168.1.x LAN
