Netbios and RDP between clients

This forum is for general conversation and user-user networking.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Post Reply
lamazzi
OpenVpn Newbie
Posts: 4
Joined: Mon May 01, 2017 7:59 pm

Netbios and RDP between clients

Post by lamazzi » Mon May 01, 2017 8:45 pm

Hello all,

I've installed OpenVPN on a CentOS machine outside our network (on a VPS).
I have a local Windows server (local IP 192.168.1.199) connected to the OpenVPN server. OpenVPN gives it the IP 10.8.0.10
I have a client Windows outside our network (with various local and public IP). OpenVPN gives it the IP 10.8.0.6

The client can connect to OpenVPN fine and ping the server (10.8.0.10).
Firewall is off on both the client and the server.

However I cannot connect to a netbios share or RDP on the server. I would like to know what I have to do in order to allow both netbios and RDP from any client to the "local server" client.

I've tried to figure out myself, but I've never found a question/answer where the vpn server is used as a "middleman" between two machines with the three of them in a different network.

I'm a newbie to both linux where I've installed OpenVPN and to OpenVPN itself.

Thank you in advance for any hints or help!

Server configuration (CentOS):
SERVER
port 11194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key # This file should be kept secret
dh dh2048.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
client-config-dir /etc/openvpn/ccd
client-to-client
keepalive 10 120
tls-auth ta.key 0 # This file is secret
cipher AES-256-CBC
compress lz4-v2
push "compress lz4-v2"
user nobody
group nobody
persist-key
persist-tun
status openvpn-status.log
log openvpn.log
verb 4
explicit-exit-notify 1
Server Log File (CentOS):

Code: Select all

Mon May  1 20:12:54 2017 us=3697 Current Parameter Settings:
Mon May  1 20:12:54 2017 us=3776   config = 'server.conf'
Mon May  1 20:12:54 2017 us=3788   mode = 1
Mon May  1 20:12:54 2017 us=3798   persist_config = DISABLED
Mon May  1 20:12:54 2017 us=3806   persist_mode = 1
Mon May  1 20:12:54 2017 us=3815   show_ciphers = DISABLED
Mon May  1 20:12:54 2017 us=3823   show_digests = DISABLED
Mon May  1 20:12:54 2017 us=3831   show_engines = DISABLED
Mon May  1 20:12:54 2017 us=3838   genkey = DISABLED
Mon May  1 20:12:54 2017 us=3846   key_pass_file = '[UNDEF]'
Mon May  1 20:12:54 2017 us=3855   show_tls_ciphers = DISABLED
Mon May  1 20:12:54 2017 us=3863   connect_retry_max = 0
Mon May  1 20:12:54 2017 us=3871 Connection profiles [0]:
Mon May  1 20:12:54 2017 us=3879   proto = udp
Mon May  1 20:12:54 2017 us=3890   local = '[UNDEF]'
Mon May  1 20:12:54 2017 us=3904   local_port = '11194'
Mon May  1 20:12:54 2017 us=3913   remote = '[UNDEF]'
Mon May  1 20:12:54 2017 us=3926   remote_port = '11194'
Mon May  1 20:12:54 2017 us=3941   remote_float = DISABLED
Mon May  1 20:12:54 2017 us=3953   bind_defined = DISABLED
Mon May  1 20:12:54 2017 us=3961   bind_local = ENABLED
Mon May  1 20:12:54 2017 us=3969   bind_ipv6_only = DISABLED
Mon May  1 20:12:54 2017 us=3977   connect_retry_seconds = 5
Mon May  1 20:12:54 2017 us=4021   connect_timeout = 120
Mon May  1 20:12:54 2017 us=4032   socks_proxy_server = '[UNDEF]'
Mon May  1 20:12:54 2017 us=4040   socks_proxy_port = '[UNDEF]'
Mon May  1 20:12:54 2017 us=4051   tun_mtu = 1500
Mon May  1 20:12:54 2017 us=4060   tun_mtu_defined = ENABLED
Mon May  1 20:12:54 2017 us=4068   link_mtu = 1500
Mon May  1 20:12:54 2017 us=4076   link_mtu_defined = DISABLED
Mon May  1 20:12:54 2017 us=4084   tun_mtu_extra = 0
Mon May  1 20:12:54 2017 us=4092   tun_mtu_extra_defined = DISABLED
Mon May  1 20:12:54 2017 us=4100   mtu_discover_type = -1
Mon May  1 20:12:54 2017 us=4108   fragment = 0
Mon May  1 20:12:54 2017 us=4116   mssfix = 1450
Mon May  1 20:12:54 2017 us=4124   explicit_exit_notification = 1
Mon May  1 20:12:54 2017 us=4132 Connection profiles END
Mon May  1 20:12:54 2017 us=4139   remote_random = DISABLED
Mon May  1 20:12:54 2017 us=4147   ipchange = '[UNDEF]'
Mon May  1 20:12:54 2017 us=4158   dev = 'tun'
Mon May  1 20:12:54 2017 us=4166   dev_type = '[UNDEF]'
Mon May  1 20:12:54 2017 us=4174   dev_node = '[UNDEF]'
Mon May  1 20:12:54 2017 us=4182   lladdr = '[UNDEF]'
Mon May  1 20:12:54 2017 us=4190   topology = 1
Mon May  1 20:12:54 2017 us=4198   ifconfig_local = '10.8.0.1'
Mon May  1 20:12:54 2017 us=4206   ifconfig_remote_netmask = '10.8.0.2'
Mon May  1 20:12:54 2017 us=4214   ifconfig_noexec = DISABLED
Mon May  1 20:12:54 2017 us=4222   ifconfig_nowarn = DISABLED
Mon May  1 20:12:54 2017 us=4230   ifconfig_ipv6_local = '[UNDEF]'
Mon May  1 20:12:54 2017 us=4241   ifconfig_ipv6_netbits = 0
Mon May  1 20:12:54 2017 us=4251   ifconfig_ipv6_remote = '[UNDEF]'
Mon May  1 20:12:54 2017 us=4259   shaper = 0
Mon May  1 20:12:54 2017 us=4267   mtu_test = 0
Mon May  1 20:12:54 2017 us=4275   mlock = DISABLED
Mon May  1 20:12:54 2017 us=4283   keepalive_ping = 10
Mon May  1 20:12:54 2017 us=4291   keepalive_timeout = 120
Mon May  1 20:12:54 2017 us=4299   inactivity_timeout = 0
Mon May  1 20:12:54 2017 us=4307   ping_send_timeout = 10
Mon May  1 20:12:54 2017 us=4314   ping_rec_timeout = 240
Mon May  1 20:12:54 2017 us=4322   ping_rec_timeout_action = 2
Mon May  1 20:12:54 2017 us=4330   ping_timer_remote = DISABLED
Mon May  1 20:12:54 2017 us=4338   remap_sigusr1 = 0
Mon May  1 20:12:54 2017 us=4365   persist_tun = ENABLED
Mon May  1 20:12:54 2017 us=4374   persist_local_ip = DISABLED
Mon May  1 20:12:54 2017 us=4382   persist_remote_ip = DISABLED
Mon May  1 20:12:54 2017 us=4390   persist_key = ENABLED
Mon May  1 20:12:54 2017 us=4398   passtos = DISABLED
Mon May  1 20:12:54 2017 us=4406   resolve_retry_seconds = 1000000000
Mon May  1 20:12:54 2017 us=4414   resolve_in_advance = DISABLED
Mon May  1 20:12:54 2017 us=4422   username = 'nobody'
Mon May  1 20:12:54 2017 us=4430   groupname = 'nobody'
Mon May  1 20:12:54 2017 us=4444   chroot_dir = '[UNDEF]'
Mon May  1 20:12:54 2017 us=4453   cd_dir = '/etc/openvpn/'
Mon May  1 20:12:54 2017 us=4461   selinux_context = '[UNDEF]'
Mon May  1 20:12:54 2017 us=4468   writepid = '[UNDEF]'
Mon May  1 20:12:54 2017 us=4477   up_script = '[UNDEF]'
Mon May  1 20:12:54 2017 us=4484   down_script = '[UNDEF]'
Mon May  1 20:12:54 2017 us=4492   down_pre = DISABLED
Mon May  1 20:12:54 2017 us=4500   up_restart = DISABLED
Mon May  1 20:12:54 2017 us=4508   up_delay = DISABLED
Mon May  1 20:12:54 2017 us=4516   daemon = DISABLED
Mon May  1 20:12:54 2017 us=4524   inetd = 0
Mon May  1 20:12:54 2017 us=4532   log = ENABLED
Mon May  1 20:12:54 2017 us=4540   suppress_timestamps = DISABLED
Mon May  1 20:12:54 2017 us=4548   machine_readable_output = DISABLED
Mon May  1 20:12:54 2017 us=4556   nice = 0
Mon May  1 20:12:54 2017 us=4564   verbosity = 4
Mon May  1 20:12:54 2017 us=4572   mute = 0
Mon May  1 20:12:54 2017 us=4579   gremlin = 0
Mon May  1 20:12:54 2017 us=4587   status_file = 'openvpn-status.log'
Mon May  1 20:12:54 2017 us=4595   status_file_version = 1
Mon May  1 20:12:54 2017 us=4603   status_file_update_freq = 60
Mon May  1 20:12:54 2017 us=4611   occ = ENABLED
Mon May  1 20:12:54 2017 us=4619   rcvbuf = 0
Mon May  1 20:12:54 2017 us=4627   sndbuf = 0
Mon May  1 20:12:54 2017 us=4634   mark = 0
Mon May  1 20:12:54 2017 us=4642   sockflags = 0
Mon May  1 20:12:54 2017 us=4650   fast_io = DISABLED
Mon May  1 20:12:54 2017 us=4658   comp.alg = 11
Mon May  1 20:12:54 2017 us=4671   comp.flags = 0
Mon May  1 20:12:54 2017 us=4697   route_script = '[UNDEF]'
Mon May  1 20:12:54 2017 us=4705   route_default_gateway = '[UNDEF]'
Mon May  1 20:12:54 2017 us=4713   route_default_metric = 0
Mon May  1 20:12:54 2017 us=4721   route_noexec = DISABLED
Mon May  1 20:12:54 2017 us=4729   route_delay = 0
Mon May  1 20:12:54 2017 us=4737   route_delay_window = 30
Mon May  1 20:12:54 2017 us=4745   route_delay_defined = DISABLED
Mon May  1 20:12:54 2017 us=4753   route_nopull = DISABLED
Mon May  1 20:12:54 2017 us=4761   route_gateway_via_dhcp = DISABLED
Mon May  1 20:12:54 2017 us=4769   allow_pull_fqdn = DISABLED
Mon May  1 20:12:54 2017 us=4780   route 10.8.0.0/255.255.255.0/default (not set)/default (not set)
Mon May  1 20:12:54 2017 us=4789   management_addr = '[UNDEF]'
Mon May  1 20:12:54 2017 us=4797   management_port = '[UNDEF]'
Mon May  1 20:12:54 2017 us=4805   management_user_pass = '[UNDEF]'
Mon May  1 20:12:54 2017 us=4813   management_log_history_cache = 250
Mon May  1 20:12:54 2017 us=4821   management_echo_buffer_size = 100
Mon May  1 20:12:54 2017 us=4830   management_write_peer_info_file = '[UNDEF]'
Mon May  1 20:12:54 2017 us=4838   management_client_user = '[UNDEF]'
Mon May  1 20:12:54 2017 us=4846   management_client_group = '[UNDEF]'
Mon May  1 20:12:54 2017 us=4854   management_flags = 0
Mon May  1 20:12:54 2017 us=4862   shared_secret_file = '[UNDEF]'
Mon May  1 20:12:54 2017 us=4870   key_direction = 1
Mon May  1 20:12:54 2017 us=4878   ciphername = 'AES-256-CBC'
Mon May  1 20:12:54 2017 us=4886   ncp_enabled = ENABLED
Mon May  1 20:12:54 2017 us=4894   ncp_ciphers = 'AES-256-GCM:AES-128-GCM'
Mon May  1 20:12:54 2017 us=4902   authname = 'SHA1'
Mon May  1 20:12:54 2017 us=4910   prng_hash = 'SHA1'
Mon May  1 20:12:54 2017 us=4920   prng_nonce_secret_len = 16
Mon May  1 20:12:54 2017 us=4935   keysize = 0
Mon May  1 20:12:54 2017 us=4950   engine = DISABLED
Mon May  1 20:12:54 2017 us=4960   replay = ENABLED
Mon May  1 20:12:54 2017 us=4968   mute_replay_warnings = DISABLED
Mon May  1 20:12:54 2017 us=4976   replay_window = 64
Mon May  1 20:12:54 2017 us=4984   replay_time = 15
Mon May  1 20:12:54 2017 us=4992   packet_id_file = '[UNDEF]'
Mon May  1 20:12:54 2017 us=5000   use_iv = ENABLED
Mon May  1 20:12:54 2017 us=5008   test_crypto = DISABLED
Mon May  1 20:12:54 2017 us=5016   tls_server = ENABLED
Mon May  1 20:12:54 2017 us=5025   tls_client = DISABLED
Mon May  1 20:12:54 2017 us=5032   key_method = 2
Mon May  1 20:12:54 2017 us=5040   ca_file = 'ca.crt'
Mon May  1 20:12:54 2017 us=5048   ca_path = '[UNDEF]'
Mon May  1 20:12:54 2017 us=5063   dh_file = 'dh2048.pem'
Mon May  1 20:12:54 2017 us=5072   cert_file = 'server.crt'
Mon May  1 20:12:54 2017 us=5081   extra_certs_file = '[UNDEF]'
Mon May  1 20:12:54 2017 us=5089   priv_key_file = 'server.key'
Mon May  1 20:12:54 2017 us=5097   pkcs12_file = '[UNDEF]'
Mon May  1 20:12:54 2017 us=5105   cipher_list = '[UNDEF]'
Mon May  1 20:12:54 2017 us=5112   tls_verify = '[UNDEF]'
Mon May  1 20:12:54 2017 us=5121   tls_export_cert = '[UNDEF]'
Mon May  1 20:12:54 2017 us=5129   verify_x509_type = 0
Mon May  1 20:12:54 2017 us=5137   verify_x509_name = '[UNDEF]'
Mon May  1 20:12:54 2017 us=5145   crl_file = '[UNDEF]'
Mon May  1 20:12:54 2017 us=5153   ns_cert_type = 0
Mon May  1 20:12:54 2017 us=5162   remote_cert_ku[i] = 0
Mon May  1 20:12:54 2017 us=5170   remote_cert_ku[i] = 0
Mon May  1 20:12:54 2017 us=5177   remote_cert_ku[i] = 0
Mon May  1 20:12:54 2017 us=5185   remote_cert_ku[i] = 0
Mon May  1 20:12:54 2017 us=5193   remote_cert_ku[i] = 0
Mon May  1 20:12:54 2017 us=5201   remote_cert_ku[i] = 0
Mon May  1 20:12:54 2017 us=5209   remote_cert_ku[i] = 0
Mon May  1 20:12:54 2017 us=5217   remote_cert_ku[i] = 0
Mon May  1 20:12:54 2017 us=5225   remote_cert_ku[i] = 0
Mon May  1 20:12:54 2017 us=5232   remote_cert_ku[i] = 0
Mon May  1 20:12:54 2017 us=5240   remote_cert_ku[i] = 0
Mon May  1 20:12:54 2017 us=5248   remote_cert_ku[i] = 0
Mon May  1 20:12:54 2017 us=5256   remote_cert_ku[i] = 0
Mon May  1 20:12:54 2017 us=5264   remote_cert_ku[i] = 0
Mon May  1 20:12:54 2017 us=5271   remote_cert_ku[i] = 0
Mon May  1 20:12:54 2017 us=5281   remote_cert_ku[i] = 0
Mon May  1 20:12:54 2017 us=5289   remote_cert_eku = '[UNDEF]'
Mon May  1 20:12:54 2017 us=5297   ssl_flags = 0
Mon May  1 20:12:54 2017 us=5305   tls_timeout = 2
Mon May  1 20:12:54 2017 us=5314   renegotiate_bytes = -1
Mon May  1 20:12:54 2017 us=5330   renegotiate_packets = 0
Mon May  1 20:12:54 2017 us=5342   renegotiate_seconds = 3600
Mon May  1 20:12:54 2017 us=5356   handshake_window = 60
Mon May  1 20:12:54 2017 us=5366   transition_window = 3600
Mon May  1 20:12:54 2017 us=5374   single_session = DISABLED
Mon May  1 20:12:54 2017 us=5382   push_peer_info = DISABLED
Mon May  1 20:12:54 2017 us=5390   tls_exit = DISABLED
Mon May  1 20:12:54 2017 us=5398   tls_auth_file = 'ta.key'
Mon May  1 20:12:54 2017 us=5406   tls_crypt_file = '[UNDEF]'
Mon May  1 20:12:54 2017 us=5414   pkcs11_protected_authentication = DISABLED
Mon May  1 20:12:54 2017 us=5423   pkcs11_protected_authentication = DISABLED
Mon May  1 20:12:54 2017 us=5430   pkcs11_protected_authentication = DISABLED
Mon May  1 20:12:54 2017 us=5438   pkcs11_protected_authentication = DISABLED
Mon May  1 20:12:54 2017 us=5446   pkcs11_protected_authentication = DISABLED
Mon May  1 20:12:54 2017 us=5454   pkcs11_protected_authentication = DISABLED
Mon May  1 20:12:54 2017 us=5462   pkcs11_protected_authentication = DISABLED
Mon May  1 20:12:54 2017 us=5470   pkcs11_protected_authentication = DISABLED
Mon May  1 20:12:54 2017 us=5478   pkcs11_protected_authentication = DISABLED
Mon May  1 20:12:54 2017 us=5486   pkcs11_protected_authentication = DISABLED
Mon May  1 20:12:54 2017 us=5494   pkcs11_protected_authentication = DISABLED
Mon May  1 20:12:54 2017 us=5502   pkcs11_protected_authentication = DISABLED
Mon May  1 20:12:54 2017 us=5510   pkcs11_protected_authentication = DISABLED
Mon May  1 20:12:54 2017 us=5518   pkcs11_protected_authentication = DISABLED
Mon May  1 20:12:54 2017 us=5525   pkcs11_protected_authentication = DISABLED
Mon May  1 20:12:54 2017 us=5533   pkcs11_protected_authentication = DISABLED
Mon May  1 20:12:54 2017 us=5542   pkcs11_private_mode = 00000000
Mon May  1 20:12:54 2017 us=5550   pkcs11_private_mode = 00000000
Mon May  1 20:12:54 2017 us=5558   pkcs11_private_mode = 00000000
Mon May  1 20:12:54 2017 us=5566   pkcs11_private_mode = 00000000
Mon May  1 20:12:54 2017 us=5574   pkcs11_private_mode = 00000000
Mon May  1 20:12:54 2017 us=5581   pkcs11_private_mode = 00000000
Mon May  1 20:12:54 2017 us=5589   pkcs11_private_mode = 00000000
Mon May  1 20:12:54 2017 us=5607   pkcs11_private_mode = 00000000
Mon May  1 20:12:54 2017 us=5615   pkcs11_private_mode = 00000000
Mon May  1 20:12:54 2017 us=5623   pkcs11_private_mode = 00000000
Mon May  1 20:12:54 2017 us=5631   pkcs11_private_mode = 00000000
Mon May  1 20:12:54 2017 us=5638   pkcs11_private_mode = 00000000
Mon May  1 20:12:54 2017 us=5646   pkcs11_private_mode = 00000000
Mon May  1 20:12:54 2017 us=5654   pkcs11_private_mode = 00000000
Mon May  1 20:12:54 2017 us=5662   pkcs11_private_mode = 00000000
Mon May  1 20:12:54 2017 us=5675   pkcs11_private_mode = 00000000
Mon May  1 20:12:54 2017 us=5683   pkcs11_cert_private = DISABLED
Mon May  1 20:12:54 2017 us=5691   pkcs11_cert_private = DISABLED
Mon May  1 20:12:54 2017 us=5698   pkcs11_cert_private = DISABLED
Mon May  1 20:12:54 2017 us=5706   pkcs11_cert_private = DISABLED
Mon May  1 20:12:54 2017 us=5716   pkcs11_cert_private = DISABLED
Mon May  1 20:12:54 2017 us=5724   pkcs11_cert_private = DISABLED
Mon May  1 20:12:54 2017 us=5732   pkcs11_cert_private = DISABLED
Mon May  1 20:12:54 2017 us=5740   pkcs11_cert_private = DISABLED
Mon May  1 20:12:54 2017 us=5748   pkcs11_cert_private = DISABLED
Mon May  1 20:12:54 2017 us=5756   pkcs11_cert_private = DISABLED
Mon May  1 20:12:54 2017 us=5764   pkcs11_cert_private = DISABLED
Mon May  1 20:12:54 2017 us=5771   pkcs11_cert_private = DISABLED
Mon May  1 20:12:54 2017 us=5779   pkcs11_cert_private = DISABLED
Mon May  1 20:12:54 2017 us=5788   pkcs11_cert_private = DISABLED
Mon May  1 20:12:54 2017 us=5795   pkcs11_cert_private = DISABLED
Mon May  1 20:12:54 2017 us=5803   pkcs11_cert_private = DISABLED
Mon May  1 20:12:54 2017 us=5811   pkcs11_pin_cache_period = -1
Mon May  1 20:12:54 2017 us=5819   pkcs11_id = '[UNDEF]'
Mon May  1 20:12:54 2017 us=5827   pkcs11_id_management = DISABLED
Mon May  1 20:12:54 2017 us=5836   server_network = 10.8.0.0
Mon May  1 20:12:54 2017 us=5845   server_netmask = 255.255.255.0
Mon May  1 20:12:54 2017 us=5862   server_network_ipv6 = ::
Mon May  1 20:12:54 2017 us=5870   server_netbits_ipv6 = 0
Mon May  1 20:12:54 2017 us=5910   server_bridge_ip = 0.0.0.0
Mon May  1 20:12:54 2017 us=5928   server_bridge_netmask = 0.0.0.0
Mon May  1 20:12:54 2017 us=5943   server_bridge_pool_start = 0.0.0.0
Mon May  1 20:12:54 2017 us=5958   server_bridge_pool_end = 0.0.0.0
Mon May  1 20:12:54 2017 us=5972   push_entry = 'compress lz4-v2'
Mon May  1 20:12:54 2017 us=5986   push_entry = 'route 10.8.0.0 255.255.255.0'
Mon May  1 20:12:54 2017 us=6002   push_entry = 'topology net30'
Mon May  1 20:12:54 2017 us=6021   push_entry = 'ping 10'
Mon May  1 20:12:54 2017 us=6036   push_entry = 'ping-restart 120'
Mon May  1 20:12:54 2017 us=6051   ifconfig_pool_defined = ENABLED
Mon May  1 20:12:54 2017 us=6067   ifconfig_pool_start = 10.8.0.4
Mon May  1 20:12:54 2017 us=6086   ifconfig_pool_end = 10.8.0.251
Mon May  1 20:12:54 2017 us=6105   ifconfig_pool_netmask = 0.0.0.0
Mon May  1 20:12:54 2017 us=6119   ifconfig_pool_persist_filename = 'ipp.txt'
Mon May  1 20:12:54 2017 us=6127   ifconfig_pool_persist_refresh_freq = 600
Mon May  1 20:12:54 2017 us=6136   ifconfig_ipv6_pool_defined = DISABLED
Mon May  1 20:12:54 2017 us=6145   ifconfig_ipv6_pool_base = ::
Mon May  1 20:12:54 2017 us=6153   ifconfig_ipv6_pool_netbits = 0
Mon May  1 20:12:54 2017 us=6162   n_bcast_buf = 256
Mon May  1 20:12:54 2017 us=6170   tcp_queue_limit = 64
Mon May  1 20:12:54 2017 us=6178   real_hash_size = 256
Mon May  1 20:12:54 2017 us=6186   virtual_hash_size = 256
Mon May  1 20:12:54 2017 us=6194   client_connect_script = '[UNDEF]'
Mon May  1 20:12:54 2017 us=6202   learn_address_script = '[UNDEF]'
Mon May  1 20:12:54 2017 us=6210   client_disconnect_script = '[UNDEF]'
Mon May  1 20:12:54 2017 us=6218   client_config_dir = '/etc/openvpn/ccd'
Mon May  1 20:12:54 2017 us=6226   ccd_exclusive = DISABLED
Mon May  1 20:12:54 2017 us=6234   tmp_dir = '/tmp'
Mon May  1 20:12:54 2017 us=6242   push_ifconfig_defined = DISABLED
Mon May  1 20:12:54 2017 us=6251   push_ifconfig_local = 0.0.0.0
Mon May  1 20:12:54 2017 us=6265   push_ifconfig_remote_netmask = 0.0.0.0
Mon May  1 20:12:54 2017 us=6274   push_ifconfig_ipv6_defined = DISABLED
Mon May  1 20:12:54 2017 us=6282   push_ifconfig_ipv6_local = ::/0
Mon May  1 20:12:54 2017 us=6291   push_ifconfig_ipv6_remote = ::
Mon May  1 20:12:54 2017 us=6299   enable_c2c = ENABLED
Mon May  1 20:12:54 2017 us=6306   duplicate_cn = DISABLED
Mon May  1 20:12:54 2017 us=6314   cf_max = 0
Mon May  1 20:12:54 2017 us=6323   cf_per = 0
Mon May  1 20:12:54 2017 us=6331   max_clients = 1024
Mon May  1 20:12:54 2017 us=6339   max_routes_per_client = 256
Mon May  1 20:12:54 2017 us=6347   auth_user_pass_verify_script = '[UNDEF]'
Mon May  1 20:12:54 2017 us=6355   auth_user_pass_verify_script_via_file = DISABLED
Mon May  1 20:12:54 2017 us=6363   auth_token_generate = DISABLED
Mon May  1 20:12:54 2017 us=6371   auth_token_lifetime = 0
Mon May  1 20:12:54 2017 us=6381   port_share_host = '[UNDEF]'
Mon May  1 20:12:54 2017 us=6396   port_share_port = '[UNDEF]'
Mon May  1 20:12:54 2017 us=6410   client = DISABLED
Mon May  1 20:12:54 2017 us=6418   pull = DISABLED
Mon May  1 20:12:54 2017 us=6426   auth_user_pass_file = '[UNDEF]'
Mon May  1 20:12:54 2017 us=6436 OpenVPN 2.4.1 x86_64-redhat-linux-gnu [Fedora EPEL patched] [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Apr  3 2017
Mon May  1 20:12:54 2017 us=6450 library versions: OpenSSL 1.0.1e-fips 11 Feb 2013, LZO 2.06
Mon May  1 20:12:54 2017 us=17166 Diffie-Hellman initialized with 2048 bit key
Mon May  1 20:12:54 2017 us=19562 Failed to extract curve from certificate (UNDEF), using secp384r1 instead.
Mon May  1 20:12:54 2017 us=19606 ECDH curve secp384r1 added
Mon May  1 20:12:54 2017 us=19865 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon May  1 20:12:54 2017 us=19919 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon May  1 20:12:54 2017 us=19944 TLS-Auth MTU parms [ L:1622 D:1184 EF:66 EB:0 ET:0 EL:3 ]
Mon May  1 20:12:54 2017 us=20269 ROUTE_GATEWAY ON_LINK IFACE=venet0 HWADDR=00:00:00:00:00:00
Mon May  1 20:12:54 2017 us=21753 TUN/TAP device tun0 opened
Mon May  1 20:12:54 2017 us=21778 TUN/TAP TX queue length set to 100
Mon May  1 20:12:54 2017 us=21793 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Mon May  1 20:12:54 2017 us=21810 /sbin/ip link set dev tun0 up mtu 1500
Mon May  1 20:12:54 2017 us=86976 /sbin/ip addr add dev tun0 local 10.8.0.1 peer 10.8.0.2
Mon May  1 20:12:54 2017 us=89260 /sbin/ip route add 10.8.0.0/24 via 10.8.0.2
Mon May  1 20:12:54 2017 us=90251 Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
Mon May  1 20:12:54 2017 us=90582 Could not determine IPv4/IPv6 protocol. Using AF_INET
Mon May  1 20:12:54 2017 us=90607 Socket Buffers: R=[133120->133120] S=[133120->133120]
Mon May  1 20:12:54 2017 us=90629 UDPv4 link local (bound): [AF_INET][undef]:11194
Mon May  1 20:12:54 2017 us=90638 UDPv4 link remote: [AF_UNSPEC]
Mon May  1 20:12:54 2017 us=90654 GID set to nobody
Mon May  1 20:12:54 2017 us=90676 UID set to nobody
Mon May  1 20:12:54 2017 us=90694 MULTI: multi_init called, r=256 v=256
Mon May  1 20:12:54 2017 us=90725 IFCONFIG POOL: base=10.8.0.4 size=62, ipv6=0
Mon May  1 20:12:54 2017 us=90740 ifconfig_pool_read(), in='admin,10.8.0.4', TODO: IPv6
Mon May  1 20:12:54 2017 us=90756 succeeded -> ifconfig_pool_set()
Mon May  1 20:12:54 2017 us=90772 ifconfig_pool_read(), in='admin1,10.8.0.8', TODO: IPv6
Mon May  1 20:12:54 2017 us=90785 succeeded -> ifconfig_pool_set()
Mon May  1 20:12:54 2017 us=90795 IFCONFIG POOL LIST
Mon May  1 20:12:54 2017 us=90805 admin,10.8.0.4
Mon May  1 20:12:54 2017 us=90814 admin1,10.8.0.8
Mon May  1 20:12:54 2017 us=90871 Initialization Sequence Completed
Mon May  1 20:12:56 2017 us=299652 MULTI: multi_create_instance called
Mon May  1 20:12:56 2017 us=299788 81.xxx.xxx.18:53350 Re-using SSL/TLS context
Mon May  1 20:12:56 2017 us=299828 81.xxx.xxx.18:53350 LZ4v2 compression initializing
Mon May  1 20:12:56 2017 us=300002 81.xxx.xxx.18:53350 Control Channel MTU parms [ L:1622 D:1184 EF:66 EB:0 ET:0 EL:3 ]
Mon May  1 20:12:56 2017 us=300028 81.xxx.xxx.18:53350 Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
Mon May  1 20:12:56 2017 us=300123 81.xxx.xxx.18:53350 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 0,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-server'
Mon May  1 20:12:56 2017 us=300139 81.xxx.xxx.18:53350 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-client'
Mon May  1 20:12:56 2017 us=300181 81.xxx.xxx.18:53350 TLS: Initial packet from [AF_INET]81.xxx.xxx.18:53350, sid=757f89bb 3baa88f4
Mon May  1 20:12:56 2017 us=377037 81.xxx.xxx.18:53350 VERIFY OK: depth=1, C=BE, ST=LI, L=LI, O=DC, OU=DC, CN=vpn.delta-constructions.be, name=server, emailAddress=admin@delta-constructions.be
Mon May  1 20:12:56 2017 us=377262 81.xxx.xxx.18:53350 VERIFY OK: depth=0, C=BE, ST=LI, L=LI, O=DC, OU=DC, CN=admin, name=server, emailAddress=admin@delta-constructions.be
Mon May  1 20:12:56 2017 us=407219 81.xxx.xxx.18:53350 peer info: IV_VER=2.4.1
Mon May  1 20:12:56 2017 us=407274 81.xxx.xxx.18:53350 peer info: IV_PLAT=win
Mon May  1 20:12:56 2017 us=407285 81.xxx.xxx.18:53350 peer info: IV_PROTO=2
Mon May  1 20:12:56 2017 us=407294 81.xxx.xxx.18:53350 peer info: IV_NCP=2
Mon May  1 20:12:56 2017 us=407303 81.xxx.xxx.18:53350 peer info: IV_LZ4=1
Mon May  1 20:12:56 2017 us=407312 81.xxx.xxx.18:53350 peer info: IV_LZ4v2=1
Mon May  1 20:12:56 2017 us=407321 81.xxx.xxx.18:53350 peer info: IV_LZO=1
Mon May  1 20:12:56 2017 us=407330 81.xxx.xxx.18:53350 peer info: IV_COMP_STUB=1
Mon May  1 20:12:56 2017 us=407339 81.xxx.xxx.18:53350 peer info: IV_COMP_STUBv2=1
Mon May  1 20:12:56 2017 us=407348 81.xxx.xxx.18:53350 peer info: IV_TCPNL=1
Mon May  1 20:12:56 2017 us=407357 81.xxx.xxx.18:53350 peer info: IV_GUI_VER=OpenVPN_GUI_11
Mon May  1 20:12:56 2017 us=436127 81.xxx.xxx.18:53350 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Mon May  1 20:12:56 2017 us=436194 81.xxx.xxx.18:53350 [admin] Peer Connection Initiated with [AF_INET]81.xxx.xxx.18:53350
Mon May  1 20:12:56 2017 us=436245 admin/81.xxx.xxx.18:53350 Could not access file '/etc/openvpn/ccd/admin': Permission denied (errno=13)
Mon May  1 20:12:56 2017 us=436264 admin/81.xxx.xxx.18:53350 MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=(Not enabled)
Mon May  1 20:12:56 2017 us=436304 admin/81.xxx.xxx.18:53350 MULTI: Learn: 10.8.0.6 -> admin/81.xxx.xxx.18:53350
Mon May  1 20:12:56 2017 us=436315 admin/81.xxx.xxx.18:53350 MULTI: primary virtual IP for admin/81.xxx.xxx.18:53350: 10.8.0.6
Mon May  1 20:12:57 2017 us=655121 admin/81.xxx.xxx.18:53350 PUSH: Received control message: 'PUSH_REQUEST'
Mon May  1 20:12:57 2017 us=655205 admin/81.xxx.xxx.18:53350 SENT CONTROL [admin]: 'PUSH_REPLY,compress lz4-v2,route 10.8.0.0 255.255.255.0,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5,peer-id 0,cipher AES-256-GCM' (status=1)
Mon May  1 20:12:57 2017 us=655230 admin/81.xxx.xxx.18:53350 Data Channel MTU parms [ L:1550 D:1450 EF:50 EB:406 ET:0 EL:3 ]
Mon May  1 20:12:57 2017 us=655357 admin/81.xxx.xxx.18:53350 Data Channel Encrypt: Cipher 'AES-256-GCM' initialized with 256 bit key
Mon May  1 20:12:57 2017 us=655374 admin/81.xxx.xxx.18:53350 Data Channel Decrypt: Cipher 'AES-256-GCM' initialized with 256 bit key
Client configuration ("local server" and "client"):
CLIENT
client
dev tun
proto udp
remote xxx.xxx.xxx.xxx 11194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert admin.crt
key admin.key
remote-cert-tls server
tls-auth ta.key 1
cipher AES-256-CBC
comp-lzo
verb 3
Server Log File (CentOS):

Edit: Client Log File Windows XP

Code: Select all

Mon May 01 22:31:46 2017 us=716340 Current Parameter Settings:
Mon May 01 22:31:46 2017 us=716340   config = 'client.ovpn'
Mon May 01 22:31:46 2017 us=716340   mode = 0
Mon May 01 22:31:46 2017 us=716340   show_ciphers = DISABLED
Mon May 01 22:31:46 2017 us=716340   show_digests = DISABLED
Mon May 01 22:31:46 2017 us=716340   show_engines = DISABLED
Mon May 01 22:31:46 2017 us=716340   genkey = DISABLED
Mon May 01 22:31:46 2017 us=716340   key_pass_file = '[UNDEF]'
Mon May 01 22:31:46 2017 us=716340   show_tls_ciphers = DISABLED
Mon May 01 22:31:46 2017 us=716340 Connection profiles [default]:
Mon May 01 22:31:46 2017 us=716340   proto = udp
Mon May 01 22:31:46 2017 us=716340   local = '[UNDEF]'
Mon May 01 22:31:46 2017 us=716340   local_port = 0
Mon May 01 22:31:46 2017 us=716340   remote = '94.xxx.xxx.107'
Mon May 01 22:31:46 2017 us=716340   remote_port = 11194
Mon May 01 22:31:46 2017 us=716340   remote_float = DISABLED
Mon May 01 22:31:46 2017 us=716340   bind_defined = DISABLED
Mon May 01 22:31:46 2017 us=716340   bind_local = DISABLED
Mon May 01 22:31:46 2017 us=716340   connect_retry_seconds = 5
Mon May 01 22:31:46 2017 us=716340   connect_timeout = 10
Mon May 01 22:31:46 2017 us=716340   connect_retry_max = 0
Mon May 01 22:31:46 2017 us=716340   socks_proxy_server = '[UNDEF]'
Mon May 01 22:31:46 2017 us=716340   socks_proxy_port = 0
Mon May 01 22:31:46 2017 us=716340   socks_proxy_retry = DISABLED
Mon May 01 22:31:46 2017 us=716340   tun_mtu = 1500
Mon May 01 22:31:46 2017 us=716340   tun_mtu_defined = ENABLED
Mon May 01 22:31:46 2017 us=716340   link_mtu = 1500
Mon May 01 22:31:46 2017 us=716340   link_mtu_defined = DISABLED
Mon May 01 22:31:46 2017 us=716340   tun_mtu_extra = 0
Mon May 01 22:31:46 2017 us=716340   tun_mtu_extra_defined = DISABLED
Mon May 01 22:31:46 2017 us=716340   mtu_discover_type = -1
Mon May 01 22:31:46 2017 us=716340   fragment = 0
Mon May 01 22:31:46 2017 us=716340   mssfix = 1450
Mon May 01 22:31:46 2017 us=716340   explicit_exit_notification = 0
Mon May 01 22:31:46 2017 us=716340 Connection profiles END
Mon May 01 22:31:46 2017 us=716340   remote_random = DISABLED
Mon May 01 22:31:46 2017 us=716340   ipchange = '[UNDEF]'
Mon May 01 22:31:46 2017 us=716340   dev = 'tun'
Mon May 01 22:31:46 2017 us=716340   dev_type = '[UNDEF]'
Mon May 01 22:31:46 2017 us=716340   dev_node = '[UNDEF]'
Mon May 01 22:31:46 2017 us=716340   lladdr = '[UNDEF]'
Mon May 01 22:31:46 2017 us=716340   topology = 1
Mon May 01 22:31:46 2017 us=716340   tun_ipv6 = DISABLED
Mon May 01 22:31:46 2017 us=716340   ifconfig_local = '[UNDEF]'
Mon May 01 22:31:46 2017 us=716340   ifconfig_remote_netmask = '[UNDEF]'
Mon May 01 22:31:46 2017 us=716340   ifconfig_noexec = DISABLED
Mon May 01 22:31:46 2017 us=716340   ifconfig_nowarn = DISABLED
Mon May 01 22:31:46 2017 us=716340   ifconfig_ipv6_local = '[UNDEF]'
Mon May 01 22:31:46 2017 us=716340   ifconfig_ipv6_netbits = 0
Mon May 01 22:31:46 2017 us=716340   ifconfig_ipv6_remote = '[UNDEF]'
Mon May 01 22:31:46 2017 us=716340   shaper = 0
Mon May 01 22:31:46 2017 us=716340   mtu_test = 0
Mon May 01 22:31:46 2017 us=716340   mlock = DISABLED
Mon May 01 22:31:46 2017 us=716340   keepalive_ping = 0
Mon May 01 22:31:46 2017 us=716340   keepalive_timeout = 0
Mon May 01 22:31:46 2017 us=716340   inactivity_timeout = 0
Mon May 01 22:31:46 2017 us=716340   ping_send_timeout = 0
Mon May 01 22:31:46 2017 us=716340   ping_rec_timeout = 0
Mon May 01 22:31:46 2017 us=716340   ping_rec_timeout_action = 0
Mon May 01 22:31:46 2017 us=716340   ping_timer_remote = DISABLED
Mon May 01 22:31:46 2017 us=716340   remap_sigusr1 = 0
Mon May 01 22:31:46 2017 us=716340   persist_tun = ENABLED
Mon May 01 22:31:46 2017 us=716340   persist_local_ip = DISABLED
Mon May 01 22:31:46 2017 us=716340   persist_remote_ip = DISABLED
Mon May 01 22:31:46 2017 us=716340   persist_key = ENABLED
Mon May 01 22:31:46 2017 us=716340   passtos = DISABLED
Mon May 01 22:31:46 2017 us=716340   resolve_retry_seconds = 1000000000
Mon May 01 22:31:46 2017 us=716340   username = '[UNDEF]'
Mon May 01 22:31:46 2017 us=716340   groupname = '[UNDEF]'
Mon May 01 22:31:46 2017 us=716340   chroot_dir = '[UNDEF]'
Mon May 01 22:31:46 2017 us=716340   cd_dir = '[UNDEF]'
Mon May 01 22:31:46 2017 us=716340   writepid = '[UNDEF]'
Mon May 01 22:31:46 2017 us=716340   up_script = '[UNDEF]'
Mon May 01 22:31:46 2017 us=716340   down_script = '[UNDEF]'
Mon May 01 22:31:46 2017 us=716340   down_pre = DISABLED
Mon May 01 22:31:46 2017 us=716340   up_restart = DISABLED
Mon May 01 22:31:46 2017 us=716340   up_delay = DISABLED
Mon May 01 22:31:46 2017 us=716340   daemon = DISABLED
Mon May 01 22:31:46 2017 us=716340   inetd = 0
Mon May 01 22:31:46 2017 us=716340   log = ENABLED
Mon May 01 22:31:46 2017 us=716340   suppress_timestamps = DISABLED
Mon May 01 22:31:46 2017 us=716340   nice = 0
Mon May 01 22:31:46 2017 us=716340   verbosity = 4
Mon May 01 22:31:46 2017 us=716340   mute = 0
Mon May 01 22:31:46 2017 us=716340   gremlin = 0
Mon May 01 22:31:46 2017 us=716340   status_file = '[UNDEF]'
Mon May 01 22:31:46 2017 us=716340   status_file_version = 1
Mon May 01 22:31:46 2017 us=716340   status_file_update_freq = 60
Mon May 01 22:31:46 2017 us=716340   occ = ENABLED
Mon May 01 22:31:46 2017 us=716340   rcvbuf = 0
Mon May 01 22:31:46 2017 us=716340   sndbuf = 0
Mon May 01 22:31:46 2017 us=716340   sockflags = 0
Mon May 01 22:31:46 2017 us=716340   fast_io = DISABLED
Mon May 01 22:31:46 2017 us=716340   lzo = 0
Mon May 01 22:31:46 2017 us=716340   route_script = '[UNDEF]'
Mon May 01 22:31:46 2017 us=716340   route_default_gateway = '[UNDEF]'
Mon May 01 22:31:46 2017 us=716340   route_default_metric = 0
Mon May 01 22:31:46 2017 us=716340   route_noexec = DISABLED
Mon May 01 22:31:46 2017 us=716340   route_delay = 5
Mon May 01 22:31:46 2017 us=716340   route_delay_window = 30
Mon May 01 22:31:46 2017 us=716340   route_delay_defined = ENABLED
Mon May 01 22:31:46 2017 us=716340   route_nopull = DISABLED
Mon May 01 22:31:46 2017 us=716340   route_gateway_via_dhcp = DISABLED
Mon May 01 22:31:46 2017 us=716340   max_routes = 100
Mon May 01 22:31:46 2017 us=716340   allow_pull_fqdn = DISABLED
Mon May 01 22:31:46 2017 us=716340   management_addr = '127.0.0.1'
Mon May 01 22:31:46 2017 us=716340   management_port = 25340
Mon May 01 22:31:46 2017 us=716340   management_user_pass = 'stdin'
Mon May 01 22:31:46 2017 us=716340   management_log_history_cache = 250
Mon May 01 22:31:46 2017 us=716340   management_echo_buffer_size = 100
Mon May 01 22:31:46 2017 us=716340   management_write_peer_info_file = '[UNDEF]'
Mon May 01 22:31:46 2017 us=716340   management_client_user = '[UNDEF]'
Mon May 01 22:31:46 2017 us=716340   management_client_group = '[UNDEF]'
Mon May 01 22:31:46 2017 us=716340   management_flags = 6
Mon May 01 22:31:46 2017 us=716340   shared_secret_file = '[UNDEF]'
Mon May 01 22:31:46 2017 us=716340   key_direction = 2
Mon May 01 22:31:46 2017 us=716340   ciphername_defined = ENABLED
Mon May 01 22:31:46 2017 us=716340   ciphername = 'AES-256-CBC'
Mon May 01 22:31:46 2017 us=716340   authname_defined = ENABLED
Mon May 01 22:31:46 2017 us=716340   authname = 'SHA1'
Mon May 01 22:31:46 2017 us=716340   prng_hash = 'SHA1'
Mon May 01 22:31:46 2017 us=716340   prng_nonce_secret_len = 16
Mon May 01 22:31:46 2017 us=716340   keysize = 0
Mon May 01 22:31:46 2017 us=716340   engine = DISABLED
Mon May 01 22:31:46 2017 us=716340   replay = ENABLED
Mon May 01 22:31:46 2017 us=716340   mute_replay_warnings = DISABLED
Mon May 01 22:31:46 2017 us=716340   replay_window = 64
Mon May 01 22:31:46 2017 us=716340   replay_time = 15
Mon May 01 22:31:46 2017 us=716340   packet_id_file = '[UNDEF]'
Mon May 01 22:31:46 2017 us=716340   use_iv = ENABLED
Mon May 01 22:31:46 2017 us=716340   test_crypto = DISABLED
Mon May 01 22:31:46 2017 us=716340   tls_server = DISABLED
Mon May 01 22:31:46 2017 us=716340   tls_client = ENABLED
Mon May 01 22:31:46 2017 us=716340   key_method = 2
Mon May 01 22:31:46 2017 us=716340   ca_file = 'ca.crt'
Mon May 01 22:31:46 2017 us=716340   ca_path = '[UNDEF]'
Mon May 01 22:31:46 2017 us=716340   dh_file = '[UNDEF]'
Mon May 01 22:31:46 2017 us=716340   cert_file = 'admin1.crt'
Mon May 01 22:31:46 2017 us=716340   extra_certs_file = '[UNDEF]'
Mon May 01 22:31:46 2017 us=716340   priv_key_file = 'admin1.key'
Mon May 01 22:31:46 2017 us=716340   pkcs12_file = '[UNDEF]'
Mon May 01 22:31:46 2017 us=716340   cryptoapi_cert = '[UNDEF]'
Mon May 01 22:31:46 2017 us=716340   cipher_list = '[UNDEF]'
Mon May 01 22:31:46 2017 us=716340   tls_verify = '[UNDEF]'
Mon May 01 22:31:46 2017 us=716340   tls_export_cert = '[UNDEF]'
Mon May 01 22:31:46 2017 us=716340   verify_x509_type = 0
Mon May 01 22:31:46 2017 us=716340   verify_x509_name = '[UNDEF]'
Mon May 01 22:31:46 2017 us=716340   crl_file = '[UNDEF]'
Mon May 01 22:31:46 2017 us=716340   ns_cert_type = 0
Mon May 01 22:31:46 2017 us=716340   remote_cert_ku[i] = 160
Mon May 01 22:31:46 2017 us=716340   remote_cert_ku[i] = 136
Mon May 01 22:31:46 2017 us=716340   remote_cert_ku[i] = 0
Mon May 01 22:31:46 2017 us=716340   remote_cert_ku[i] = 0
Mon May 01 22:31:46 2017 us=716340   remote_cert_ku[i] = 0
Mon May 01 22:31:46 2017 us=716340   remote_cert_ku[i] = 0
Mon May 01 22:31:46 2017 us=716340   remote_cert_ku[i] = 0
Mon May 01 22:31:46 2017 us=716340   remote_cert_ku[i] = 0
Mon May 01 22:31:46 2017 us=716340   remote_cert_ku[i] = 0
Mon May 01 22:31:46 2017 us=716340   remote_cert_ku[i] = 0
Mon May 01 22:31:46 2017 us=716340   remote_cert_ku[i] = 0
Mon May 01 22:31:46 2017 us=716340   remote_cert_ku[i] = 0
Mon May 01 22:31:46 2017 us=716340   remote_cert_ku[i] = 0
Mon May 01 22:31:46 2017 us=716340   remote_cert_ku[i] = 0
Mon May 01 22:31:46 2017 us=716340   remote_cert_ku[i] = 0
Mon May 01 22:31:46 2017 us=716340   remote_cert_ku[i] = 0
Mon May 01 22:31:46 2017 us=716340   remote_cert_eku = 'TLS Web Server Authentication'
Mon May 01 22:31:46 2017 us=716340   ssl_flags = 0
Mon May 01 22:31:46 2017 us=716340   tls_timeout = 2
Mon May 01 22:31:46 2017 us=716340   renegotiate_bytes = -1
Mon May 01 22:31:46 2017 us=716340   renegotiate_packets = 0
Mon May 01 22:31:46 2017 us=716340   renegotiate_seconds = 3600
Mon May 01 22:31:46 2017 us=716340   handshake_window = 60
Mon May 01 22:31:46 2017 us=716340   transition_window = 3600
Mon May 01 22:31:46 2017 us=716340   single_session = DISABLED
Mon May 01 22:31:46 2017 us=716340   push_peer_info = DISABLED
Mon May 01 22:31:46 2017 us=716340   tls_exit = DISABLED
Mon May 01 22:31:46 2017 us=716340   tls_auth_file = 'ta.key'
Mon May 01 22:31:46 2017 us=716340   pkcs11_protected_authentication = DISABLED
Mon May 01 22:31:46 2017 us=716340   pkcs11_protected_authentication = DISABLED
Mon May 01 22:31:46 2017 us=716340   pkcs11_protected_authentication = DISABLED
Mon May 01 22:31:46 2017 us=716340   pkcs11_protected_authentication = DISABLED
Mon May 01 22:31:46 2017 us=716340   pkcs11_protected_authentication = DISABLED
Mon May 01 22:31:46 2017 us=716340   pkcs11_protected_authentication = DISABLED
Mon May 01 22:31:46 2017 us=716340   pkcs11_protected_authentication = DISABLED
Mon May 01 22:31:46 2017 us=716340   pkcs11_protected_authentication = DISABLED
Mon May 01 22:31:46 2017 us=716340   pkcs11_protected_authentication = DISABLED
Mon May 01 22:31:46 2017 us=716340   pkcs11_protected_authentication = DISABLED
Mon May 01 22:31:46 2017 us=716340   pkcs11_protected_authentication = DISABLED
Mon May 01 22:31:46 2017 us=716340   pkcs11_protected_authentication = DISABLED
Mon May 01 22:31:46 2017 us=716340   pkcs11_protected_authentication = DISABLED
Mon May 01 22:31:46 2017 us=716340   pkcs11_protected_authentication = DISABLED
Mon May 01 22:31:46 2017 us=716340   pkcs11_protected_authentication = DISABLED
Mon May 01 22:31:46 2017 us=716340   pkcs11_protected_authentication = DISABLED
Mon May 01 22:31:46 2017 us=716340   pkcs11_private_mode = 00000000
Mon May 01 22:31:46 2017 us=716340   pkcs11_private_mode = 00000000
Mon May 01 22:31:46 2017 us=716340   pkcs11_private_mode = 00000000
Mon May 01 22:31:46 2017 us=716340   pkcs11_private_mode = 00000000
Mon May 01 22:31:46 2017 us=716340   pkcs11_private_mode = 00000000
Mon May 01 22:31:46 2017 us=716340   pkcs11_private_mode = 00000000
Mon May 01 22:31:46 2017 us=716340   pkcs11_private_mode = 00000000
Mon May 01 22:31:46 2017 us=716340   pkcs11_private_mode = 00000000
Mon May 01 22:31:46 2017 us=716340   pkcs11_private_mode = 00000000
Mon May 01 22:31:46 2017 us=716340   pkcs11_private_mode = 00000000
Mon May 01 22:31:46 2017 us=716340   pkcs11_private_mode = 00000000
Mon May 01 22:31:46 2017 us=716340   pkcs11_private_mode = 00000000
Mon May 01 22:31:46 2017 us=716340   pkcs11_private_mode = 00000000
Mon May 01 22:31:46 2017 us=716340   pkcs11_private_mode = 00000000
Mon May 01 22:31:46 2017 us=716340   pkcs11_private_mode = 00000000
Mon May 01 22:31:46 2017 us=716340   pkcs11_private_mode = 00000000
Mon May 01 22:31:46 2017 us=716340   pkcs11_cert_private = DISABLED
Mon May 01 22:31:46 2017 us=716340   pkcs11_cert_private = DISABLED
Mon May 01 22:31:46 2017 us=716340   pkcs11_cert_private = DISABLED
Mon May 01 22:31:46 2017 us=716340   pkcs11_cert_private = DISABLED
Mon May 01 22:31:46 2017 us=716340   pkcs11_cert_private = DISABLED
Mon May 01 22:31:46 2017 us=716340   pkcs11_cert_private = DISABLED
Mon May 01 22:31:46 2017 us=716340   pkcs11_cert_private = DISABLED
Mon May 01 22:31:46 2017 us=716340   pkcs11_cert_private = DISABLED
Mon May 01 22:31:46 2017 us=716340   pkcs11_cert_private = DISABLED
Mon May 01 22:31:46 2017 us=716340   pkcs11_cert_private = DISABLED
Mon May 01 22:31:46 2017 us=716340   pkcs11_cert_private = DISABLED
Mon May 01 22:31:46 2017 us=716340   pkcs11_cert_private = DISABLED
Mon May 01 22:31:46 2017 us=716340   pkcs11_cert_private = DISABLED
Mon May 01 22:31:46 2017 us=716340   pkcs11_cert_private = DISABLED
Mon May 01 22:31:46 2017 us=716340   pkcs11_cert_private = DISABLED
Mon May 01 22:31:46 2017 us=716340   pkcs11_cert_private = DISABLED
Mon May 01 22:31:46 2017 us=716340   pkcs11_pin_cache_period = -1
Mon May 01 22:31:46 2017 us=716340   pkcs11_id = '[UNDEF]'
Mon May 01 22:31:46 2017 us=716340   pkcs11_id_management = DISABLED
Mon May 01 22:31:46 2017 us=716340   server_network = 0.0.0.0
Mon May 01 22:31:46 2017 us=716340   server_netmask = 0.0.0.0
Mon May 01 22:31:46 2017 us=716340   server_network_ipv6 = àüÂw˜§¢
Mon May 01 22:31:46 2017 us=716340   server_netbits_ipv6 = 0
Mon May 01 22:31:46 2017 us=716340   server_bridge_ip = 0.0.0.0
Mon May 01 22:31:46 2017 us=716340   server_bridge_netmask = 0.0.0.0
Mon May 01 22:31:46 2017 us=716340   server_bridge_pool_start = 0.0.0.0
Mon May 01 22:31:46 2017 us=716340   server_bridge_pool_end = 0.0.0.0
Mon May 01 22:31:46 2017 us=716340   ifconfig_pool_defined = DISABLED
Mon May 01 22:31:46 2017 us=716340   ifconfig_pool_start = 0.0.0.0
Mon May 01 22:31:46 2017 us=716340   ifconfig_pool_end = 0.0.0.0
Mon May 01 22:31:46 2017 us=716340   ifconfig_pool_netmask = 0.0.0.0
Mon May 01 22:31:46 2017 us=716340   ifconfig_pool_persist_filename = '[UNDEF]'
Mon May 01 22:31:46 2017 us=716340   ifconfig_pool_persist_refresh_freq = 600
Mon May 01 22:31:46 2017 us=716340   ifconfig_ipv6_pool_defined = DISABLED
Mon May 01 22:31:46 2017 us=716340   ifconfig_ipv6_pool_base = àüÂw˜§¢
Mon May 01 22:31:46 2017 us=716340   ifconfig_ipv6_pool_netbits = 0
Mon May 01 22:31:46 2017 us=716340   n_bcast_buf = 256
Mon May 01 22:31:46 2017 us=716340   tcp_queue_limit = 64
Mon May 01 22:31:46 2017 us=716340   real_hash_size = 256
Mon May 01 22:31:46 2017 us=731965   virtual_hash_size = 256
Mon May 01 22:31:46 2017 us=731965   client_connect_script = '[UNDEF]'
Mon May 01 22:31:46 2017 us=731965   learn_address_script = '[UNDEF]'
Mon May 01 22:31:46 2017 us=731965   client_disconnect_script = '[UNDEF]'
Mon May 01 22:31:46 2017 us=731965   client_config_dir = '[UNDEF]'
Mon May 01 22:31:46 2017 us=731965   ccd_exclusive = DISABLED
Mon May 01 22:31:46 2017 us=731965   tmp_dir = 'C:\DOCUME~1\aaa\LOCALS~1\Temp\'
Mon May 01 22:31:46 2017 us=731965   push_ifconfig_defined = DISABLED
Mon May 01 22:31:46 2017 us=731965   push_ifconfig_local = 0.0.0.0
Mon May 01 22:31:46 2017 us=731965   push_ifconfig_remote_netmask = 0.0.0.0
Mon May 01 22:31:46 2017 us=731965   push_ifconfig_ipv6_defined = DISABLED
Mon May 01 22:31:46 2017 us=731965   push_ifconfig_ipv6_local = àüÂw˜§¢/0
Mon May 01 22:31:46 2017 us=731965   push_ifconfig_ipv6_remote = àüÂw˜§¢
Mon May 01 22:31:46 2017 us=731965   enable_c2c = DISABLED
Mon May 01 22:31:46 2017 us=731965   duplicate_cn = DISABLED
Mon May 01 22:31:46 2017 us=731965   cf_max = 0
Mon May 01 22:31:46 2017 us=731965   cf_per = 0
Mon May 01 22:31:46 2017 us=731965   max_clients = 1024
Mon May 01 22:31:46 2017 us=731965   max_routes_per_client = 256
Mon May 01 22:31:46 2017 us=731965   auth_user_pass_verify_script = '[UNDEF]'
Mon May 01 22:31:46 2017 us=731965   auth_user_pass_verify_script_via_file = DISABLED
Mon May 01 22:31:46 2017 us=731965   client = ENABLED
Mon May 01 22:31:46 2017 us=731965   pull = ENABLED
Mon May 01 22:31:46 2017 us=731965   auth_user_pass_file = '[UNDEF]'
Mon May 01 22:31:46 2017 us=731965   show_net_up = DISABLED
Mon May 01 22:31:46 2017 us=731965   route_method = 0
Mon May 01 22:31:46 2017 us=731965   block_outside_dns = DISABLED
Mon May 01 22:31:46 2017 us=731965   ip_win32_defined = DISABLED
Mon May 01 22:31:46 2017 us=731965   ip_win32_type = 3
Mon May 01 22:31:46 2017 us=731965   dhcp_masq_offset = 0
Mon May 01 22:31:46 2017 us=731965   dhcp_lease_time = 31536000
Mon May 01 22:31:46 2017 us=731965   tap_sleep = 0
Mon May 01 22:31:46 2017 us=731965   dhcp_options = DISABLED
Mon May 01 22:31:46 2017 us=731965   dhcp_renew = DISABLED
Mon May 01 22:31:46 2017 us=731965   dhcp_pre_release = DISABLED
Mon May 01 22:31:46 2017 us=731965   dhcp_release = DISABLED
Mon May 01 22:31:46 2017 us=731965   domain = '[UNDEF]'
Mon May 01 22:31:46 2017 us=731965   netbios_scope = '[UNDEF]'
Mon May 01 22:31:46 2017 us=731965   netbios_node_type = 0
Mon May 01 22:31:46 2017 us=731965   disable_nbt = DISABLED
Mon May 01 22:31:46 2017 us=731965 OpenVPN 2.3.14 i686-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on Feb  1 2017
Mon May 01 22:31:46 2017 us=731965 Windows version 5.1 (Windows XP) 32bit
Mon May 01 22:31:46 2017 us=731965 library versions: OpenSSL 1.0.2k  26 Jan 2017, LZO 2.09
Enter Management Password:
Mon May 01 22:31:46 2017 us=731965 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Mon May 01 22:31:46 2017 us=731965 Need hold release from management interface, waiting...
Mon May 01 22:31:47 2017 us=247597 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Mon May 01 22:31:47 2017 us=356973 MANAGEMENT: CMD 'state on'
Mon May 01 22:31:47 2017 us=356973 MANAGEMENT: CMD 'log all on'
Mon May 01 22:31:47 2017 us=450725 MANAGEMENT: CMD 'hold off'
Mon May 01 22:31:47 2017 us=450725 MANAGEMENT: CMD 'hold release'
Mon May 01 22:31:47 2017 us=575726 Control Channel Authentication: using 'ta.key' as a OpenVPN static key file
Mon May 01 22:31:47 2017 us=575726 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon May 01 22:31:47 2017 us=575726 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon May 01 22:31:47 2017 us=575726 Control Channel MTU parms [ L:1557 D:1184 EF:66 EB:0 ET:0 EL:3 ]
Mon May 01 22:31:47 2017 us=575726 Socket Buffers: R=[8192->8192] S=[8192->8192]
Mon May 01 22:31:47 2017 us=575726 Data Channel MTU parms [ L:1557 D:1450 EF:57 EB:12 ET:0 EL:3 ]
Mon May 01 22:31:47 2017 us=575726 Local Options String: 'V4,dev-type tun,link-mtu 1557,tun-mtu 1500,proto UDPv4,keydir 1,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-client'
Mon May 01 22:31:47 2017 us=575726 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1557,tun-mtu 1500,proto UDPv4,keydir 0,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-server'
Mon May 01 22:31:47 2017 us=575726 Local Options hash (VER=V4): 'ed844052'
Mon May 01 22:31:47 2017 us=575726 Expected Remote Options hash (VER=V4): '8a244582'
Mon May 01 22:31:47 2017 us=575726 UDPv4 link local: [undef]
Mon May 01 22:31:47 2017 us=575726 UDPv4 link remote: [AF_INET]94.xxx.xxx.107:11194
Mon May 01 22:31:47 2017 us=575726 MANAGEMENT: >STATE:1493670707,WAIT,,,
Mon May 01 22:31:47 2017 us=638227 MANAGEMENT: >STATE:1493670707,AUTH,,,
Mon May 01 22:31:47 2017 us=638227 TLS: Initial packet from [AF_INET]94.xxx.xxx.107:11194, sid=51576848 a32cdb00
Mon May 01 22:31:47 2017 us=669477 VERIFY OK: depth=1, C=BE, ST=LI, L=LI, O=DC, OU=DC, CN=vpn.delta-constructions.be, name=server, emailAddress=admin@delta-constructions.be
Mon May 01 22:31:47 2017 us=669477 Validating certificate key usage
Mon May 01 22:31:47 2017 us=669477 ++ Certificate has key usage  00a0, expects 00a0
Mon May 01 22:31:47 2017 us=669477 VERIFY KU OK
Mon May 01 22:31:47 2017 us=669477 Validating certificate extended key usage
Mon May 01 22:31:47 2017 us=669477 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Mon May 01 22:31:47 2017 us=669477 VERIFY EKU OK
Mon May 01 22:31:47 2017 us=669477 VERIFY OK: depth=0, C=BE, ST=LI, L=LI, O=DC, OU=DC, CN=server, name=server, emailAddress=admin@delta-constructions.be
Mon May 01 22:31:47 2017 us=763229 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1557', remote='link-mtu 1558'
Mon May 01 22:31:47 2017 us=763229 WARNING: 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
Mon May 01 22:31:47 2017 us=763229 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Mon May 01 22:31:47 2017 us=763229 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon May 01 22:31:47 2017 us=763229 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Mon May 01 22:31:47 2017 us=763229 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon May 01 22:31:47 2017 us=763229 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Mon May 01 22:31:47 2017 us=763229 [server] Peer Connection Initiated with [AF_INET]94.xxx.xxx.107:11194
Mon May 01 22:31:48 2017 us=856993 MANAGEMENT: >STATE:1493670708,GET_CONFIG,,,
Mon May 01 22:31:49 2017 us=919506 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Mon May 01 22:31:49 2017 us=935131 PUSH: Received control message: 'PUSH_REPLY,compress lz4-v2,route 10.8.0.0 255.255.255.0,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.10 10.8.0.9,peer-id 2'
Mon May 01 22:31:49 2017 us=935131 Options error: Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:1: compress (2.3.14)
Mon May 01 22:31:49 2017 us=950757 OPTIONS IMPORT: timers and/or timeouts modified
Mon May 01 22:31:49 2017 us=950757 OPTIONS IMPORT: --ifconfig/up options modified
Mon May 01 22:31:49 2017 us=950757 OPTIONS IMPORT: route options modified
Mon May 01 22:31:49 2017 us=950757 OPTIONS IMPORT: peer-id set
Mon May 01 22:31:49 2017 us=950757 OPTIONS IMPORT: adjusting link_mtu to 1560
Mon May 01 22:31:49 2017 us=950757 ROUTE_GATEWAY 192.168.215.2/255.255.255.0 I=2 HWADDR=00:0c:29:23:d2:d7
Mon May 01 22:31:49 2017 us=950757 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Mon May 01 22:31:49 2017 us=950757 MANAGEMENT: >STATE:1493670709,ASSIGN_IP,,10.8.0.10,
Mon May 01 22:31:49 2017 us=950757 open_tun, tt->ipv6=0
Mon May 01 22:31:49 2017 us=950757 TAP-WIN32 device [Connexion au réseau local 2] opened: \\.\Global\{0E2EA8C6-7AFE-4256-B262-2292A508E155}.tap
Mon May 01 22:31:49 2017 us=950757 TAP-Windows Driver Version 9.9 
Mon May 01 22:31:49 2017 us=950757 TAP-Windows MTU=1500
Mon May 01 22:31:49 2017 us=950757 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.8.0.10/255.255.255.252 on interface {0E2EA8C6-7AFE-4256-B262-2292A508E155} [DHCP-serv: 10.8.0.9, lease-time: 31536000]
Mon May 01 22:31:49 2017 us=950757 Successful ARP Flush on interface [3] {0E2EA8C6-7AFE-4256-B262-2292A508E155}
Mon May 01 22:31:55 2017 us=75822 TEST ROUTES: 1/1 succeeded len=1 ret=1 a=0 u/d=up
Mon May 01 22:31:55 2017 us=75822 MANAGEMENT: >STATE:1493670715,ADD_ROUTES,,,
Mon May 01 22:31:55 2017 us=75822 C:\WINDOWS\system32\route.exe ADD 10.8.0.0 MASK 255.255.255.0 10.8.0.9
Mon May 01 22:31:55 2017 us=75822 Route addition via IPAPI succeeded [adaptive]
Mon May 01 22:31:55 2017 us=75822 Initialization Sequence Completed
Mon May 01 22:31:55 2017 us=75822 MANAGEMENT: >STATE:1493670715,CONNECTED,SUCCESS,10.8.0.10,94.xxx.xxx.107
Top
TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: Netbios and RDP between clients

Post by TinCanTech » Mon May 01, 2017 9:35 pm

lamazzi wrote: I cannot connect to a netbios share
Try :

Code: Select all

> net use x: \\ip.add.re.ss\share
Top
lamazzi
OpenVpn Newbie
Posts: 4
Joined: Mon May 01, 2017 7:59 pm

Re: Netbios and RDP between clients

Post by lamazzi » Tue May 02, 2017 10:55 am

Hi @TinCanTech,

It's not a problem of using the right command.
net use \\10.8.0.6\share from 10.8.0.10 doesn't respond.
Same for mstsc /v:10.8.0.6

Pretty sure it's network related since ping works, but the firewalls are off so it *should* work and I don't know what to do/look to make it work.
Maybe I have to add parameters in the client or the server conf file ?
Maybe I have to add something in the iptables on the VPS where openvpn is installed ?
Once again ping between clients work, I don't understand why netbios or RDP doesn't.

Thanks
Top
TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: Netbios and RDP between clients

Post by TinCanTech » Tue May 02, 2017 11:14 am

lamazzi wrote:ping works, but the firewalls are off so it *should* work
lamazzi wrote:net use \\10.8.0.6\share from 10.8.0.10 doesn't respond
Sorry, I don't support windows networking ..

However, FYI :
lamazzi wrote:Server Log File (CentOS):

Mon May 1 20:12:56 2017 us=436245 admin/81.xxx.xxx.18:53350 Could not access file '/etc/openvpn/ccd/admin': Permission denied (errno=13)
And :
lamazzi wrote:Client Log File Windows XP

Mon May 01 22:31:49 2017 us=935131 Options error: Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:1: compress (2.3.14)
Openvpn 2.3.14 does not support --compress
Top
lamazzi
OpenVpn Newbie
Posts: 4
Joined: Mon May 01, 2017 7:59 pm

Re: Netbios and RDP between clients

Post by lamazzi » Tue May 02, 2017 12:41 pm

Yes I've fixed the two problems now.
But still it's unrelated to my question. Thanks anyway.
Hope someone else will be able to point out a solution.
(Not sure it's Windows related)
Top
lamazzi
OpenVpn Newbie
Posts: 4
Joined: Mon May 01, 2017 7:59 pm

Re: Netbios and RDP between clients

Post by lamazzi » Wed May 03, 2017 10:12 am

For the record, I've rebooted the VPS and now everything works fine.
I don't understand why since the OpenVPN was restarted several times.
Apparently a reboot was needed...
Top
TiTex
OpenVPN Super User
Posts: 310
Joined: Tue Apr 12, 2011 6:22 am

Re: Netbios and RDP between clients

Post by TiTex » Wed May 03, 2017 11:12 am

maybe your routing table was messed up
Top
Post Reply

Return to “Off Topic, Related”