OpenVPN 1.07 - no connection possible anymore

Question

Hello, 
 I try to use VPN on iOS devices, but I&acute;m facing serious problems since OpenVPN was updated to 1.07 for iOS devices. 
 I cannot establish a connection anymore with the previous versions of OpenVPN and/or Sophos UTM I was able to connect. 
 
 Log from OpenVPN 
 2016-09-07 21:15:49 Client exception in transport_recv_excode: PolarSSL: SSL read error : X509 - The date tag or value is invalid 
 2016-09-07 21:15:49 Client terminated, restarting in 2... 
 2016-09-07 21:15:51 EVENT: RECONNECTING 
 2016-09-07 21:15:51 EVENT: RESOLVE 
 2016-09-07 21:15:51 Contacting xxx.xxx.xxx.xxx:444 via TCP 
 2016-09-07 21:15:51 EVENT: WAIT 
 2016-09-07 21:15:51 SetTunnelSocket returned 1 
 2016-09-07 21:15:52 Connecting to [xxx.xxx.xxx.xxx:]:444 (xxx.xxx.xxx.xxx:) via TCPv4 
 2016-09-07 21:15:52 EVENT: CONNECTING 
 2016-09-07 21:15:52 Tunnel Options:V4,dev-type tun,link-mtu 1556,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,cipher AES-128-CBC,auth MD5,keysize 128,key-method 2,tls-client 
 2016-09-07 21:15:52 Creds: Username/Password 
 2016-09-07 21:15:52 Peer Info: 
 IV_GUI_VER=net.openvpn.connect.ios 1.0.7-199 
 IV_VER=3.0.11 
 IV_PLAT=ios 
 IV_NCP=2 
 IV_TCPNL=1 
 IV_PROTO=2 
 IV_LZO=1 
 
 I&acute;m using Sophos UTM 9.405-5 and OpenVPN 1.07 on the iOS devices. With Android and Windows devices I&acute;m able to connect without any error. 
 Is this a known error for iOS devices? I searched in the Sophos Community but I got no solution. 
 
 What can I do to solve it? 
 Thanks in advance.

sachingurung · Accepted Answer

Hi Simon, 
 I tested this on my personal iPhone and there seems no issue on my end. I was successfully able to connect through OpenVPN. 
 UTM firmware version : 9.405-5 
 OpenVPN: 1.0.7 build 199 (iOS 64- bit) 
 SSL policy:

Logs: 
 2016-09-13 15:06:13 EVENT: RESOLVE 
 2016-09-13 15:06:13 Contacting 10.x.x.1:443 via TCP 
 2016-09-13 15:06:13 EVENT: WAIT 
 2016-09-13 15:06:13 SetTunnelSocket returned 1 
 2016-09-13 15:06:13 Connecting to [10.x.x.1]:443 (10.x.x.1) via TCPv4 
 2016-09-13 15:06:13 EVENT: CONNECTING 
 2016-09-13 15:06:13 Tunnel Options:V4,dev-type tun,link-mtu 1560,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,key-method 2,tls-client 
 2016-09-13 15:06:13 Creds: Username/Password 
 2016-09-13 15:06:13 Peer Info: 
 IV_GUI_VER=net.openvpn.connect.ios 1.0.7-199 
 IV_VER=3.0.11 
 IV_PLAT=ios 
 IV_NCP=2 
 IV_TCPNL=1 
 IV_PROTO=2 
 IV_LZO=1 
 
 2016-09-13 15:06:13 VERIFY OK: depth=1 
 cert. version : 3 
 serial number : A7:A1:E5:93:89:A4:FA:5F 
 issuer name : C=in, L=Ahmedabad, O=Sophos, CN=Sophos VPN CA, emailAddress=x yz 
 subject name : C=in, L=Ahmedabad, O=Sophos, CN=Sophos VPN CA, emailAddress=x yz 
 issued on : 2016-06-04 08:17:31 
 expires on : 2038-01-01 00:00:00 
 signed using : RSA with SHA1 
 RSA key size : 2048 bits 
 basic constraints : CA=true 
 subject alt name : 
 
 2016-09-13 15:06:13 VERIFY OK: depth=0 
 cert. version : 3 
 serial number : A7:A1:E5:93:89:A4:FA:60 
 issuer name : C=in, L=Ahmedabad, O=Sophos, CN=Sophos VPN CA, emailAddress=x yz 
 subject name : C=in, L=Ahmedabad, O=Sophos, CN=sophos_community, emailAddress=x yz 
 issued on : 2016-06-04 08:17:35 
 expires on : 2038-01-01 00:00:01 
 signed using : RSA with SHA1 
 RSA key size : 2048 bits 
 basic constraints : CA=false 
 subject alt name : sophos_community 
 key usage : Digital Signature, Non Repudiation, Key Encipherment 
 
 2016-09-13 15:06:14 SSL Handshake: TLSv1.2/TLS-DHE-RSA-WITH-AES-256-GCM-SHA384 
 2016-09-13 15:06:14 Session is ACTIVE 
 2016-09-13 15:06:14 EVENT: GET_CONFIG 
 2016-09-13 15:06:14 Sending PUSH_REQUEST to server... 
 2016-09-13 15:06:15 OPTIONS: 
 0 [route-gateway] [10.x.x.1] 
 1 [route-gateway] [10.x.x.1] 
 2 [topology] [subnet] 
 3 [ping] [10] 
 4 [ping-restart] [120] 
 5 [route] [192.168.0.0] [255.255.255.0] 
 6 [dhcp-option] [DNS] [192.168.0.1] 
 7 [dhcp-option] [DNS] [8.8.8.8] 
 8 [ifconfig] [10.242.2.2] [255.255.255.0] 
 
 2016-09-13 15:06:15 PROTOCOL OPTIONS: 
 cipher: AES-128-CBC 
 digest: SHA1 
 compress: LZO 
 peer ID: -1 
 2016-09-13 15:06:15 EVENT: ASSIGN_IP 
 2016-09-13 15:06:15 Connected via tun 
 2016-09-13 15:06:15 EVENT: CONNECTED sachin@10.x.x.x:443 (10.201.102.60) via /TCPv4 on tun/10.x.x.x/ 
 2016-09-13 15:06:15 LZO-ASYM init swap=0 asym=0 
 2016-09-13 15:06:15 SetStatus Connected 
 One thing that troubled me was, when I imported the client configuration file it had an incorrect Server IP address. I manually edited the Server IP address and the connection was successful. You can check that if that is the glitch. 
 Thanks