openvpn server log
https://www.dropbox.com/s/5aah6el6vne5d ...
iPhone log
Code: Select all
2017-02-10 13:48:41 NET Internet:ReachableViaWWAN/WR t------
2017-02-10 13:48:42 SSL Handshake: TLSv1.0/TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA
2017-02-10 13:48:42 Session is ACTIVE
2017-02-10 13:48:42 EVENT: GET_CONFIG
2017-02-10 13:48:42 Sending PUSH_REQUEST to server...
2017-02-10 13:48:42 OPTIONS:
0 [route] [192.168.1.0] [255.255.255.0]
1 [dhcp-option] [NTP] [129.6.15.30]
2 [route] [172.16.8.1]
3 [topology] [net30]
4 [ping] [10]
5 [ping-restart] [120]
6 [ifconfig] [172.16.8.6] [172.16.8.5]
2017-02-10 13:48:42 PROTOCOL OPTIONS:
cipher: AES-256-CBC
digest: SHA1
compress: LZO
peer ID: -1
2017-02-10 13:48:42 EVENT: ASSIGN_IP
2017-02-10 13:48:42 Unknown pushed DHCP option: [dhcp-option] [NTP] [129.6.15.30]
2017-02-10 13:48:42 Connected via tun
2017-02-10 13:48:42 LZO-ASYM init swap=0 asym=0
2017-02-10 13:48:42 EVENT: CONNECTED @external.ddns.net:443 (external.IP) via /TCPv4 on tun/172.16.8.6/ gw=[172.16.8.5/]
2017-02-10 13:48:42 SetStatus Connected
2017-02-10 13:49:46 TCP recv EOF
2017-02-10 13:49:46 Transport Error: Transport error on 'external.ddns.net: NETWORK_EOF_ERROR
2017-02-10 13:49:46 EVENT: TRANSPORT_ERROR Transport error on 'external.ddns.net: NETWORK_EOF_ERROR [ERR]
2017-02-10 13:49:46 Client terminated, restarting in 5000 ms...
2017-02-10 13:49:46 TUN reassert
2017-02-10 13:49:46 TUN reset routes
2017-02-10 13:49:49 RECONNECT TEST: Internet:ReachableViaWWAN/WR t------
2017-02-10 13:49:49 Client terminated, reconnecting in 1...
2017-02-10 13:49:50 EVENT: RECONNECTING
2017-02-10 13:49:50 EVENT: RESOLVE
2017-02-10 13:49:50 Contacting external.IP:443 via TCP
2017-02-10 13:49:50 EVENT: WAIT
2017-02-10 13:49:50 SetTunnelSocket returned 1
2017-02-10 13:49:50 Connecting to [external.ddns.net]:443 (external.IP) via TCPv4
2017-02-10 13:49:59 EVENT: DISCONNECTED
2017-02-10 13:49:59 Raw stats on disconnect:
BYTES_IN : 5913
BYTES_OUT : 6518
PACKETS_IN : 16
PACKETS_OUT : 37
TUN_BYTES_IN : 1496
TUN_PACKETS_IN : 22
NETWORK_EOF_ERROR : 1
TRANSPORT_ERROR : 1
N_RECONNECT : 1
2017-02-10 13:49:59 Performance stats on disconnect:
CPU usage (microseconds): 824379
Tunnel compression ratio (downlink): inf
Network bytes per CPU second: 15079
Tunnel bytes per CPU second: 1814
2017-02-10 13:49:59 ----- OpenVPN Stop -----
2017-02-10 13:55:13 ----- OpenVPN Start -----
OpenVPN core 3.1.2 ios arm64 64-bit built on Dec 5 2016 12:50:25
2017-02-10 13:55:13 Frame=512/2048/512 mssfix-ctrl=1250
2017-02-10 13:55:13 UNUSED OPTIONS
4 [resolv-retry] [infinite]
5 [nobind]
6 [persist-key]
7 [persist-tun]
16 [verb] [5]
2017-02-10 13:55:13 EVENT: RESOLVE
2017-02-10 13:55:13 Contacting external.IP:443 via TCP
2017-02-10 13:55:13 EVENT: WAIT
2017-02-10 13:55:13 SetTunnelSocket returned 1
2017-02-10 13:55:13 Connecting to [external.ddns.net]:443 (external.IP) via TCPv4
2017-02-10 13:55:13 EVENT: CONNECTING
2017-02-10 13:55:13 Tunnel Options:V4,dev-type tun,link-mtu 1560,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,keydir 1,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-client
2017-02-10 13:55:13 Creds: UsernameEmpty/PasswordEmpty
2017-02-10 13:55:13 Peer Info:
IV_GUI_VER=net.openvpn.connect.ios 1.1.1-212
IV_VER=3.1.2
IV_PLAT=ios
IV_NCP=2
IV_TCPNL=1
IV_PROTO=2
IV_LZO=1
IV_AUTO_SESS=1
2017-02-10 13:55:13 VERIFY OK: depth=1
cert. version : 3
serial number : F3:0A:FE:BA:C2:A2:E0:80
issuer name : CN=NasKar NAS CA
subject name : CN=NasKar NAS CA
issued on : 2016-10-18 22:38:52
expires on : 2026-10-16 22:38:52
signed using : RSA with SHA-256
RSA key size : 4096 bits
basic constraints : CA=true
key usage : Key Cert Sign, CRL Sign
2017-02-10 13:55:13 VERIFY OK: depth=0
cert. version : 3
serial number : 01
issuer name : CN=NasKar NAS CA
subject name : CN=openvpn-server
issued on : 2016-10-18 22:41:18
expires on : 2026-10-16 22:41:18
signed using : RSA with SHA-256
RSA key size : 4096 bits
basic constraints : CA=false
key usage : Digital Signature, Key Encipherment
ext key usage : TLS Web Server Authentication
2017-02-10 13:55:13 NET Internet:ReachableViaWWAN/WR t------
2017-02-10 13:55:14 SSL Handshake: TLSv1.0/TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA
2017-02-10 13:55:14 Session is ACTIVE
2017-02-10 13:55:14 EVENT: GET_CONFIG
2017-02-10 13:55:14 Sending PUSH_REQUEST to server...
2017-02-10 13:55:14 OPTIONS:
0 [route] [192.168.1.0] [255.255.255.0]
1 [dhcp-option] [NTP] [129.6.15.30]
2 [route] [172.16.8.1]
3 [topology] [net30]
4 [ping] [10]
5 [ping-restart] [120]
6 [ifconfig] [172.16.8.6] [172.16.8.5]
2017-02-10 13:55:14 PROTOCOL OPTIONS:
cipher: AES-256-CBC
digest: SHA1
compress: LZO
peer ID: -1
2017-02-10 13:55:14 EVENT: ASSIGN_IP
2017-02-10 13:55:14 Unknown pushed DHCP option: [dhcp-option] [NTP] [129.6.15.30]
2017-02-10 13:55:14 Connected via tun
2017-02-10 13:55:14 LZO-ASYM init swap=0 asym=0
2017-02-10 13:55:14 EVENT: CONNECTED @external.ddns.net:443 (external.IP) via /TCPv4 on tun/172.16.8.6/ gw=[172.16.8.5/]
2017-02-10 13:55:14 SetStatus Connected
Code: Select all
port 10011
proto tcp
dev tun
ca ca.crt
cert openvpn-server.crt #Server public key
key openvpn-server.key #Server private key
dh dh.pem #Diffie-Hellman parameters
server 172.16.8.0 255.255.255.0 #Purple network
ifconfig-pool-persist ipp.txt
push "route 192.168.1.0 255.255.255.0" #Yellow network
tls-auth ta.key 0
#crl-verify crl.pem
keepalive 10 120
cipher AES-256-CBC
group nobody
user nobody
comp-lzo
persist-key
persist-tun
verb 4
log /var/openvpn.log
push 'dhcp-option NTP 129.6.15.30'
Code: Select all
client
dev tun
proto tcp
remote external.ddns.net 443
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert NasKar.crt
key NasKar.key
remote-cert-tls server
cipher AES-256-CBC
tls-auth ta.key 1
#dhcp-option DNS 0.0.0.0
#redirect-gateway def1
comp-lzo
verb 5
Code: Select all
#!/bin/sh
EPAIR=$(/sbin/ifconfig -l | tr " " "\n" | /usr/bin/grep epair)
ipfw -q -f flush
ipfw -q nat 1 config if ${EPAIR}
ipfw -q add nat 1 all from 172.16.8.0/24 to any out via ${EPAIR}
ipfw -q add nat 1 all from any to any in via ${EPAIR}
TUN=$(/sbin/ifconfig -l | tr " " "\n" | /usr/bin/grep tun)
ifconfig ${TUN} name tun0