Container cannot reach openvpn server, but host can

[GNUGradyn]

Information

After upgrading the host to Ubuntu Server 22.04, the container will no longer start. The logs indicate it is failing to reach the openVPN server. If I try to run the openVPN client Directly on the host, it works fine

Current setup

information about your current setup

docker image tag (ex: python, latest, 32242d1 ...)
docker image hash (ex: 603b78e07727)	28b3f5d6c9ce

docker-compose.yml file or docker run command

how did you start the container? (don't forget to use backticks for creating a proper code block)

  alpine-qbittorrent-openvpn:
    volumes:
      - "/mnt/plex/Downloads/:/mnt/plex/Downloads"
      - type: bind
        source: /home/gradyn/qbit/config.ovpn
        target: /config/openvpn/config.ovpn
      - "/etc/localtime:/etc/localtime:ro"
      - "/home/gradyn/qbit/config:/config"
    environment:
      - OPENVPN_PROVIDER
      - OPENVPN_USERNAME=user
      - OPENVPN_PASSWORD=pass
      - PUID=1000
      - PGID=1000
      - LAN=192.168.1.0/24
    ports:
      - "8080:8080"
    cap_add:
      - NET_ADMIN
    image: guillaumedsde/alpine-qbittorrent-openvpn:latest

Attempted Fix(es)

What you have tried in order to fix the issue (if anything)

Tried deleting and recreating container. Tried using the openvpn profile on my windows PC (works). Tried using openvpn profile on the host itself (works).

Here are some logs. It just does this over and over endlessly so ill only post 1 loop of it

2022-09-09 21:09:10 Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
2022-09-09 21:09:10 Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
2022-09-09 21:09:10 Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
2022-09-09 21:09:10 Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
2022-09-09 21:09:10 TCP/UDP: Preserving recently used remote address: [AF_INET]<SNIP>:1194
2022-09-09 21:09:10 Socket Buffers: R=[212992->212992] S=[212992->212992]
2022-09-09 21:09:10 UDP link local: (not bound)
2022-09-09 21:09:10 UDP link remote: [AF_INET]<SNIP>:1194
2022-09-09 21:10:10 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
2022-09-09 21:10:10 TLS Error: TLS handshake failed
2022-09-09 21:10:10 SIGUSR1[soft,tls-error] received

[GNUGradyn]

Not sure if this is relevant but I get permission denied if I try to ping the VPN server from inside the container

$ sudo docker container exec -it 36f0d2e67643 /bin/bash
bash-5.1# ping <SNIP>
PING <SNIP> (<SNIP>): 56 data bytes
ping: sendto: Operation not permitted

[GNUGradyn]

I installed this fork #131 but this did not help. The patch was definitely applied correctly (these commands are being run inside the container, not on the host)

bash-5.1# grep -e "^VPN_PROTO" /etc/cont-init.d/03-setup-iptables
VPN_PROTO="${CONFIG_PROTO:=udp}"

and the firewall appears to be configured properly (snipped IP is the correct IP)

bash-5.1# iptables -S | grep udp | grep -v 53
-A INPUT -s <SNIP>/32 -i eth+ -p udp -m udp --sport 1194 -j ACCEPT
-A OUTPUT -d <SNIP>/32 -o eth+ -p udp -m udp --dport 1194 -j ACCEPT