After upgrading my OpenVPN server from 2.3.4 to 2.4.0 (Debian 9 Stretch) the VPN does not work anymore.
The following errors are logged:
Code: Select all
MULTI: Outgoing TUN queue full, dropped packet len=42
MULTI: Outgoing TUN queue full, dropped packet len=70
MULTI: Outgoing TUN queue full, dropped packet len=42
MULTI: Outgoing TUN queue full, dropped packet len=42
[...]
My server configuration worked properly for years with earlier OpenVPN versions.
Please find my configuration and all logged details here:
Code: Select all
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: Current Parameter Settings:
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: config = '/etc/openvpn/server-rechenknecht.conf'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: mode = 1
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: persist_config = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: persist_mode = 1
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: show_ciphers = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: show_digests = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: show_engines = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: genkey = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: key_pass_file = '[UNDEF]'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: show_tls_ciphers = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: connect_retry_max = 0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: Connection profiles [0]:
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: proto = tcp-server
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: local = '[UNDEF]'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: local_port = '1194'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: remote = '[UNDEF]'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: remote_port = '1194'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: remote_float = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: bind_defined = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: bind_local = ENABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: bind_ipv6_only = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: connect_retry_seconds = 5
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: connect_timeout = 120
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: socks_proxy_server = '[UNDEF]'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: socks_proxy_port = '[UNDEF]'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: tun_mtu = 1500
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: tun_mtu_defined = ENABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: link_mtu = 1500
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: link_mtu_defined = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: tun_mtu_extra = 32
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: tun_mtu_extra_defined = ENABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: mtu_discover_type = -1
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: fragment = 0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: mssfix = 1450
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: explicit_exit_notification = 0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: Connection profiles END
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: remote_random = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: ipchange = '[UNDEF]'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: dev = 'tap0'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: dev_type = '[UNDEF]'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: dev_node = '[UNDEF]'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: lladdr = '[UNDEF]'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: topology = 1
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: ifconfig_local = '[UNDEF]'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: ifconfig_remote_netmask = '[UNDEF]'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: ifconfig_noexec = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: ifconfig_nowarn = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: ifconfig_ipv6_local = '[UNDEF]'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: ifconfig_ipv6_netbits = 0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: ifconfig_ipv6_remote = '[UNDEF]'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: shaper = 0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: mtu_test = 0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: mlock = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: keepalive_ping = 10
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: keepalive_timeout = 120
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: inactivity_timeout = 0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: ping_send_timeout = 10
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: ping_rec_timeout = 240
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: ping_rec_timeout_action = 2
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: ping_timer_remote = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: remap_sigusr1 = 0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: persist_tun = ENABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: persist_local_ip = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: persist_remote_ip = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: persist_key = ENABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: passtos = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: resolve_retry_seconds = 1000000000
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: resolve_in_advance = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: username = 'nobody'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: groupname = 'nogroup'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: chroot_dir = '[UNDEF]'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: cd_dir = '/etc/openvpn'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: writepid = '/run/openvpn/server-rechenknecht.pid'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: up_script = '[UNDEF]'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: down_script = '[UNDEF]'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: down_pre = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: up_restart = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: up_delay = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: daemon = ENABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: inetd = 0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: log = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: suppress_timestamps = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: machine_readable_output = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: nice = 0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: verbosity = 5
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: mute = 0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: gremlin = 0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: status_file = '/var/run/openvpn-status.log'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: status_file_version = 1
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: status_file_update_freq = 10
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: occ = ENABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: rcvbuf = 0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: sndbuf = 0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: mark = 0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: sockflags = 0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: fast_io = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: comp.alg = 2
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: comp.flags = 1
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: route_script = '[UNDEF]'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: route_default_gateway = '[UNDEF]'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: route_default_metric = 0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: route_noexec = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: route_delay = 0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: route_delay_window = 30
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: route_delay_defined = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: route_nopull = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: route_gateway_via_dhcp = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: allow_pull_fqdn = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: management_addr = '[UNDEF]'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: management_port = '[UNDEF]'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: management_user_pass = '[UNDEF]'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: management_log_history_cache = 250
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: management_echo_buffer_size = 100
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: management_write_peer_info_file = '[UNDEF]'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: management_client_user = '[UNDEF]'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: management_client_group = '[UNDEF]'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: management_flags = 0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: shared_secret_file = '[UNDEF]'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: key_direction = 0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: ciphername = 'BF-CBC'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: ncp_enabled = ENABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: ncp_ciphers = 'AES-256-GCM:AES-128-GCM'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: authname = 'SHA1'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: prng_hash = 'SHA1'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: prng_nonce_secret_len = 16
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: keysize = 0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: engine = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: replay = ENABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: mute_replay_warnings = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: replay_window = 64
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: replay_time = 15
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: packet_id_file = '[UNDEF]'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: use_iv = ENABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: test_crypto = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: tls_server = ENABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: tls_client = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: key_method = 2
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: ca_file = 'keys/ca.crt'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: ca_path = '[UNDEF]'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: dh_file = '/etc/openvpn/keys/dh2048.pem'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: cert_file = 'keys/rechenknecht.crt'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: extra_certs_file = '[UNDEF]'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: priv_key_file = 'keys/rechenknecht.key'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: pkcs12_file = '[UNDEF]'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: cipher_list = '[UNDEF]'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: tls_verify = '[UNDEF]'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: tls_export_cert = '[UNDEF]'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: verify_x509_type = 0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: verify_x509_name = '[UNDEF]'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: crl_file = '[UNDEF]'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: ns_cert_type = 0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: remote_cert_ku[i] = 0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: remote_cert_ku[i] = 0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: remote_cert_ku[i] = 0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: remote_cert_ku[i] = 0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: remote_cert_ku[i] = 0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: remote_cert_ku[i] = 0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: remote_cert_ku[i] = 0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: remote_cert_ku[i] = 0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: remote_cert_ku[i] = 0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: remote_cert_ku[i] = 0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: remote_cert_ku[i] = 0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: remote_cert_ku[i] = 0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: remote_cert_ku[i] = 0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: remote_cert_ku[i] = 0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: remote_cert_ku[i] = 0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: remote_cert_ku[i] = 0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: remote_cert_eku = '[UNDEF]'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: ssl_flags = 0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: tls_timeout = 2
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: renegotiate_bytes = -1
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: renegotiate_packets = 0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: renegotiate_seconds = 3600
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: handshake_window = 60
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: transition_window = 3600
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: single_session = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: push_peer_info = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: tls_exit = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: tls_auth_file = '[UNDEF]'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: tls_crypt_file = '[UNDEF]'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: pkcs11_protected_authentication = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: pkcs11_protected_authentication = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: pkcs11_protected_authentication = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: pkcs11_protected_authentication = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: pkcs11_protected_authentication = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: pkcs11_protected_authentication = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: pkcs11_protected_authentication = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: pkcs11_protected_authentication = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: pkcs11_protected_authentication = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: pkcs11_protected_authentication = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: pkcs11_protected_authentication = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: pkcs11_protected_authentication = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: pkcs11_protected_authentication = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: pkcs11_protected_authentication = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: pkcs11_protected_authentication = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: pkcs11_protected_authentication = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: pkcs11_private_mode = 00000000
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: pkcs11_private_mode = 00000000
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: pkcs11_private_mode = 00000000
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: pkcs11_private_mode = 00000000
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: pkcs11_private_mode = 00000000
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: pkcs11_private_mode = 00000000
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: pkcs11_private_mode = 00000000
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: pkcs11_private_mode = 00000000
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: pkcs11_private_mode = 00000000
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: pkcs11_private_mode = 00000000
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: pkcs11_private_mode = 00000000
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: pkcs11_private_mode = 00000000
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: pkcs11_private_mode = 00000000
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: pkcs11_private_mode = 00000000
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: pkcs11_private_mode = 00000000
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: pkcs11_private_mode = 00000000
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: pkcs11_cert_private = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: pkcs11_cert_private = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: pkcs11_cert_private = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: pkcs11_cert_private = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: pkcs11_cert_private = DISABLED
Aug 7 22:25:28 rechenknecht systemd[1]: openvpn@server-rechenknecht.service: PID file /run/openvpn/server-rechenknecht.pid not readable (yet?) after start: No such file or directory
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: pkcs11_cert_private = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: pkcs11_cert_private = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: pkcs11_cert_private = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: pkcs11_cert_private = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: pkcs11_cert_private = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: pkcs11_cert_private = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: pkcs11_cert_private = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: pkcs11_cert_private = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: pkcs11_cert_private = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: pkcs11_cert_private = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: pkcs11_cert_private = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: pkcs11_pin_cache_period = -1
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: pkcs11_id = '[UNDEF]'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: pkcs11_id_management = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: server_network = 0.0.0.0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: server_netmask = 0.0.0.0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: server_network_ipv6 = ::
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: server_netbits_ipv6 = 0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: server_bridge_ip = 10.64.1.254
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: server_bridge_netmask = 255.255.255.0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: server_bridge_pool_start = 10.64.1.200
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: server_bridge_pool_end = 10.64.1.220
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: push_entry = 'route-gateway 10.64.1.254'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: push_entry = 'ping 10'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: push_entry = 'ping-restart 120'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: ifconfig_pool_defined = ENABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: ifconfig_pool_start = 10.64.1.200
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: ifconfig_pool_end = 10.64.1.220
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: ifconfig_pool_netmask = 255.255.255.0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: ifconfig_pool_persist_filename = '[UNDEF]'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: ifconfig_pool_persist_refresh_freq = 600
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: ifconfig_ipv6_pool_defined = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: ifconfig_ipv6_pool_base = ::
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: ifconfig_ipv6_pool_netbits = 0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: n_bcast_buf = 256
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: tcp_queue_limit = 64
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: real_hash_size = 256
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: virtual_hash_size = 256
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: client_connect_script = '[UNDEF]'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: learn_address_script = '[UNDEF]'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: client_disconnect_script = '[UNDEF]'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: client_config_dir = '[UNDEF]'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: ccd_exclusive = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: tmp_dir = '/tmp'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: push_ifconfig_defined = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: push_ifconfig_local = 0.0.0.0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: push_ifconfig_remote_netmask = 0.0.0.0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: push_ifconfig_ipv6_defined = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: push_ifconfig_ipv6_local = ::/0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: push_ifconfig_ipv6_remote = ::
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: enable_c2c = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: duplicate_cn = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: cf_max = 0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: cf_per = 0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: max_clients = 1
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: max_routes_per_client = 256
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: auth_user_pass_verify_script = '[UNDEF]'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: auth_user_pass_verify_script_via_file = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: auth_token_generate = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: auth_token_lifetime = 0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: port_share_host = '[UNDEF]'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: port_share_port = '[UNDEF]'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: client = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: pull = DISABLED
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: auth_user_pass_file = '[UNDEF]'
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: OpenVPN 2.4.0 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jun 22 2017
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31991]: library versions: OpenSSL 1.0.2l 25 May 2017, LZO 2.08
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31994]: NOTE: when bridging your LAN adapter with the TAP adapter, note that the new bridge adapter will often take on its own IP address that is different from what the LAN adapter was previously set to
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31994]: NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x. Be aware that this might create routing conflicts if you connect to the VPN server from public locations such as internet cafes that use the same subnet.
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31994]: Diffie-Hellman initialized with 2048 bit key
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31994]: TLS-Auth MTU parms [ L:1656 D:1210 EF:40 EB:0 ET:0 EL:3 ]
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31994]: TUN/TAP device tap0 opened
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31994]: TUN/TAP TX queue length set to 100
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31994]: Data Channel MTU parms [ L:1656 D:1450 EF:124 EB:412 ET:32 EL:3 ]
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31994]: Could not determine IPv4/IPv6 protocol. Using AF_INET
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31994]: Socket Buffers: R=[87380->87380] S=[16384->16384]
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31994]: Listening for incoming TCP connection on [AF_INET][undef]:1194
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31994]: TCPv4_SERVER link local (bound): [AF_INET][undef]:1194
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31994]: TCPv4_SERVER link remote: [AF_UNSPEC]
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31994]: GID set to nogroup
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31994]: UID set to nobody
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31994]: MULTI: multi_init called, r=256 v=256
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31994]: IFCONFIG POOL: base=10.64.1.200 size=21, ipv6=0
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31994]: MULTI: TCP INIT maxclients=1 maxevents=5
Aug 7 22:25:28 rechenknecht ovpn-server-rechenknecht[31994]: Initialization Sequence Completed
Aug 7 22:25:33 rechenknecht ovpn-server-rechenknecht[31994]: MULTI: multi_create_instance called
Aug 7 22:25:33 rechenknecht ovpn-server-rechenknecht[31994]: Re-using SSL/TLS context
Aug 7 22:25:33 rechenknecht ovpn-server-rechenknecht[31994]: LZO compression initializing
Aug 7 22:25:33 rechenknecht ovpn-server-rechenknecht[31994]: Control Channel MTU parms [ L:1656 D:1210 EF:40 EB:0 ET:0 EL:3 ]
Aug 7 22:25:33 rechenknecht ovpn-server-rechenknecht[31994]: Data Channel MTU parms [ L:1656 D:1450 EF:124 EB:412 ET:32 EL:3 ]
Aug 7 22:25:33 rechenknecht ovpn-server-rechenknecht[31994]: Local Options String (VER=V4): 'V4,dev-type tap,link-mtu 1576,tun-mtu 1532,proto TCPv4_SERVER,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Aug 7 22:25:33 rechenknecht ovpn-server-rechenknecht[31994]: Expected Remote Options String (VER=V4): 'V4,dev-type tap,link-mtu 1576,tun-mtu 1532,proto TCPv4_CLIENT,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Aug 7 22:25:33 rechenknecht ovpn-server-rechenknecht[31994]: TCP connection established with [AF_INET]192.168.0.178:36050
Aug 7 22:25:33 rechenknecht ovpn-server-rechenknecht[31994]: TCP_SERVER link local: (not bound)
Aug 7 22:25:33 rechenknecht ovpn-server-rechenknecht[31994]: TCP_SERVER link remote: [AF_INET]192.168.0.178:36050
Aug 7 22:25:34 rechenknecht ovpn-server-rechenknecht[31994]: 192.168.0.178:36050 TLS: Initial packet from [AF_INET]192.168.0.178:36050, sid=5c4f19bf 4dfdb2f9
Aug 7 22:25:34 rechenknecht ovpn-server-rechenknecht[31994]: 192.168.0.178:36050 VERIFY OK: [...]
Aug 7 22:25:34 rechenknecht ovpn-server-rechenknecht[31994]: 192.168.0.178:36050 VERIFY OK: [...]
Aug 7 22:25:34 rechenknecht ovpn-server-rechenknecht[31994]: 192.168.0.178:36050 peer info: IV_VER=2.4.0
Aug 7 22:25:34 rechenknecht ovpn-server-rechenknecht[31994]: 192.168.0.178:36050 peer info: IV_PLAT=linux
Aug 7 22:25:34 rechenknecht ovpn-server-rechenknecht[31994]: 192.168.0.178:36050 peer info: IV_PROTO=2
Aug 7 22:25:34 rechenknecht ovpn-server-rechenknecht[31994]: 192.168.0.178:36050 peer info: IV_NCP=2
Aug 7 22:25:34 rechenknecht ovpn-server-rechenknecht[31994]: 192.168.0.178:36050 peer info: IV_LZ4=1
Aug 7 22:25:34 rechenknecht ovpn-server-rechenknecht[31994]: 192.168.0.178:36050 peer info: IV_LZ4v2=1
Aug 7 22:25:34 rechenknecht ovpn-server-rechenknecht[31994]: 192.168.0.178:36050 peer info: IV_LZO=1
Aug 7 22:25:34 rechenknecht ovpn-server-rechenknecht[31994]: 192.168.0.178:36050 peer info: IV_COMP_STUB=1
Aug 7 22:25:34 rechenknecht ovpn-server-rechenknecht[31994]: 192.168.0.178:36050 peer info: IV_COMP_STUBv2=1
Aug 7 22:25:34 rechenknecht ovpn-server-rechenknecht[31994]: 192.168.0.178:36050 peer info: IV_TCPNL=1
Aug 7 22:25:34 rechenknecht ovpn-server-rechenknecht[31994]: 192.168.0.178:36050 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Aug 7 22:25:34 rechenknecht ovpn-server-rechenknecht[31994]: 192.168.0.178:36050 [doppelzwerg] Peer Connection Initiated with [AF_INET]192.168.0.178:36050
Aug 7 22:25:34 rechenknecht ovpn-server-rechenknecht[31994]: doppelzwerg/192.168.0.178:36050 MULTI_sva: pool returned IPv4=10.64.1.200, IPv6=(Not enabled)
Aug 7 22:25:36 rechenknecht ovpn-server-rechenknecht[31994]: doppelzwerg/192.168.0.178:36050 PUSH: Received control message: 'PUSH_REQUEST'
Aug 7 22:25:36 rechenknecht ovpn-server-rechenknecht[31994]: doppelzwerg/192.168.0.178:36050 SENT CONTROL [doppelzwerg]: 'PUSH_REPLY,route-gateway 10.64.1.254,ping 10,ping-restart 120,ifconfig 10.64.1.200 255.255.255.0,peer-id 0,cipher AES-256-GCM' (status=1)
Aug 7 22:25:36 rechenknecht ovpn-server-rechenknecht[31994]: doppelzwerg/192.168.0.178:36050 Data Channel MTU parms [ L:1584 D:1450 EF:52 EB:412 ET:32 EL:3 ]
Aug 7 22:25:36 rechenknecht ovpn-server-rechenknecht[31994]: doppelzwerg/192.168.0.178:36050 Data Channel Encrypt: Cipher 'AES-256-GCM' initialized with 256 bit key
Aug 7 22:25:36 rechenknecht ovpn-server-rechenknecht[31994]: doppelzwerg/192.168.0.178:36050 Data Channel Decrypt: Cipher 'AES-256-GCM' initialized with 256 bit key
Aug 7 22:25:38 rechenknecht ovpn-server-rechenknecht[31994]: doppelzwerg/192.168.0.178:36050 MULTI: Learn: 00:11:22:33:44:55 -> doppelzwerg/192.168.0.178:36050
Aug 7 22:25:39 rechenknecht ovpn-server-rechenknecht[31994]: doppelzwerg/192.168.0.178:36050 MULTI: Outgoing TUN queue full, dropped packet len=42
Aug 7 22:25:40 rechenknecht ovpn-server-rechenknecht[31994]: doppelzwerg/192.168.0.178:36050 MULTI: Outgoing TUN queue full, dropped packet len=70
Aug 7 22:25:41 rechenknecht ovpn-server-rechenknecht[31994]: doppelzwerg/192.168.0.178:36050 MULTI: Outgoing TUN queue full, dropped packet len=42
Aug 7 22:25:42 rechenknecht ovpn-server-rechenknecht[31994]: doppelzwerg/192.168.0.178:36050 MULTI: Outgoing TUN queue full, dropped packet len=42
Aug 7 22:25:45 rechenknecht ovpn-server-rechenknecht[31994]: doppelzwerg/192.168.0.178:36050 MULTI: Outgoing TUN queue full, dropped packet len=42
Aug 7 22:25:46 rechenknecht ovpn-server-rechenknecht[31994]: doppelzwerg/192.168.0.178:36050 MULTI: Outgoing TUN queue full, dropped packet len=42
Aug 7 22:25:47 rechenknecht ovpn-server-rechenknecht[31994]: doppelzwerg/192.168.0.178:36050 MULTI: Outgoing TUN queue full, dropped packet len=42
Aug 7 22:25:51 rechenknecht ovpn-server-rechenknecht[31994]: doppelzwerg/192.168.0.178:36050 MULTI: Outgoing TUN queue full, dropped packet len=42
Does anyone know how to resolve this issue?
BTW: When using an SSH based VPN between both computers everything works fine.
Any advice would be highly appreciated.
Best regards,
-M-