Issues with latest OpenVPN client on Android

I recently had an incoming update to the Android OpenVPN application for my Android phone that appears to have caused a failure connecting to my IPFire instance. I’m not really seeing any settings on the Android side, so I’m wondering if there is something I can tweak on the IPFire side to allow this connection to succeed? I’m seeing the attached error in the logs on the Android side.

[Apr 14, 2024, 16:03:55] ----- OpenVPN Start -----
[Apr 14, 2024, 16:03:55] EVENT: CORE_THREAD_ACTIVE
[Apr 14, 2024, 16:03:55] OpenVPN core 3.8.4connectX(3.git::c424d46c:RelWithDebInfo) android arm64 64-bit PT_PROXY
[Apr 14, 2024, 16:03:55] Frame=512/2112/512 mssfix-ctrl=1250
[Apr 14, 2024, 16:03:55] NOTE: This configuration contains options that were not used:
[Apr 14, 2024, 16:03:55] Internal option allowed only to be pushed by the server
[Apr 14, 2024, 16:03:55] 14 [auth-token-user] [USER]
[Apr 14, 2024, 16:03:55] 15 [auth-token] [TOTP]
[Apr 14, 2024, 16:03:55] EVENT: CORE_THREAD_ERROR info='option_error: sorry, unsupported options present in configuration: Internal option allowed only to be pushed by the server (auth-token,auth-token-user)'
[Apr 14, 2024, 16:03:55] EVENT: CORE_THREAD_DONE


1 Like

Hi @csete.

I don’t know if it’s a bug or not, but I had the same problem and I solved it, once the certificates were created and before uploading/copying them to the phone to install them, editing them and commenting with “#” on the entries causes problems.

Maybe someone knows more about this.


I also got some work to do, as version 3.4.2 (9909) prints out this message to me. However, “ignoring them for now” connects fine.

I can try this to see if it works.

I have always used a different VPN client with android for ipfire.

A few releases ago it was no longer available for my devices and I mourned the loss! but it seems to have been recently updated.

It takes the cert and config file zipped straight from the IPFire_ GUI and will allow you to either fingerprint or type the cert password for additional security.

Its also quite configurable. I am not involved with its development (just a happy user) but I thoroughly commend it to the community if your device supports it



[edit] i believe openVPN is free but other protocols supported require an annual subscription.

Thanks. For the moment, I just edited the OpenVPN file to comment out the attributes it didn’t like and stuck with the “official” Android client. I may try VPN Client Pro in the future.