I think that i have fixed the problem by changing the proto to TCP. But i also added/changed a few other options so i can't tell for sure that it was only related to UDP. For example i activated the pull Option (Accept options pushed from server) under my OpenVPN settings.
I'm still very confused...
config openvpn 'myvpn'
option dev 'tun'
option ca '/etc/openvpn/ca.crt'
option cert '/etc/openvpn/client.crt'
option key '/etc/openvpn/client.key'
option client '1'
option remote_cert_tls 'server'
option auth_user_pass '/etc/openvpn/userpass.txt'
option persist_tun '1'
option persist_key '1'
option auth 'SHA256'
option cipher 'AES-256-CBC'
option verb '4'
option disable_occ '1'
option port '443'
list remote 'SERVER NAME'
option comp_lzo 'adaptive'
option pull '1'
option remote_random '1'
option enabled '1'
option proto 'tcp-client'
Maybe the server just don't like UDP.
Since it's working now i do have another question regarding IPv6 and VPN. At the moment my ISP IPv6 address doesn't seem to leak when connected over the VPN but i wonder if there is a way to ensure that it will never happen...? Another thing that confuses me is that the dns resolution of a ipv6 address is working but i do get timeouts after the first hop (router).
As far as i know my VPN Provider does support IPv6 and ifconfig shows a valid (/112) IPv6 address for the tun0 interface but i'm not able to surf any ipv6 website when connected over VPN.
There are also a few sys log message regarding IPv6: e.g.
daemon.notice openvpn(myvpn): /sbin/route -A inet6 add 2000::/3 dev tun0
daemon.notice openvpn(myvpn): add_route_ipv6(2000::/3 -> 2a00:xxx::xxx:xxx:204:0:1 metric -1) dev tun0
daemon.notice openvpn(myvpn): Initialization Sequence Completed
Does anyone know if there is any special configuration needed to use IPv6 with my VPN provider?
What i did so far:
1. enabled "Use builtin IPv6-management" for my VPN Interface.
2. tun_ipv6 is checkd in my OpenVPN config
The service status under VPN policy-routing shows the IPv4 VPN server address but only ::2000 at the end, so no valid IPv6 address if i get it right.
Sorry for so many questions but i'm realy noobish when it comes down to IPv6 and VPN.
Best regards, Kherby