@TinCanTech: Thank you - see below:
/etc/openvpn/server.conf
Code: Select all
local 22.33.44.55
port 1194
proto udp
dev tun
user nobody
group nogroup
persist-key
persist-tun
keepalive 10 120
topology subnet
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "dhcp-option DNS 80.68.80.24"
push "dhcp-option DNS 80.68.80.25"
push "redirect-gateway def1 bypass-dhcp"
crl-verify crl.pem
ca ca.crt
cert server.crt
key server.key
tls-auth tls-auth.key 0
dh dh.pem
auth SHA256
cipher AES-128-CBC
tls-server
tls-version-min 1.0
# tls-cipher TLS-DHE-RSA-WITH-AES-128-CBC-SHA256:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256
status openvpn.log
verb 4
/var/log/syslog (OpenVPN startup)
Code: Select all
Aug 16 14:44:23 myvpn systemd[1]: Starting OpenVPN service...
Aug 16 14:44:23 myvpn systemd[1]: Starting OpenVPN connection to server...
Aug 16 14:44:23 myvpn ovpn-server[15043]: Current Parameter Settings:
Aug 16 14:44:23 myvpn ovpn-server[15043]: config = '/etc/openvpn/server.conf'
Aug 16 14:44:23 myvpn ovpn-server[15043]: mode = 1
Aug 16 14:44:23 myvpn ovpn-server[15043]: persist_config = DISABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: persist_mode = 1
Aug 16 14:44:23 myvpn ovpn-server[15043]: show_ciphers = DISABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: show_digests = DISABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: show_engines = DISABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: genkey = DISABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: key_pass_file = '[UNDEF]'
Aug 16 14:44:23 myvpn ovpn-server[15043]: show_tls_ciphers = DISABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: Connection profiles [default]:
Aug 16 14:44:23 myvpn ovpn-server[15043]: proto = udp
Aug 16 14:44:23 myvpn ovpn-server[15043]: local = '22.33.44.55'
Aug 16 14:44:23 myvpn ovpn-server[15043]: local_port = 1194
Aug 16 14:44:23 myvpn ovpn-server[15043]: remote = '[UNDEF]'
Aug 16 14:44:23 myvpn ovpn-server[15043]: remote_port = 1194
Aug 16 14:44:23 myvpn ovpn-server[15043]: remote_float = DISABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: bind_defined = DISABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: bind_local = ENABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: connect_retry_seconds = 5
Aug 16 14:44:23 myvpn ovpn-server[15043]: connect_timeout = 10
Aug 16 14:44:23 myvpn ovpn-server[15043]: connect_retry_max = 0
Aug 16 14:44:23 myvpn ovpn-server[15043]: socks_proxy_server = '[UNDEF]'
Aug 16 14:44:23 myvpn ovpn-server[15043]: socks_proxy_port = 0
Aug 16 14:44:23 myvpn ovpn-server[15043]: socks_proxy_retry = DISABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: tun_mtu = 1500
Aug 16 14:44:23 myvpn ovpn-server[15043]: tun_mtu_defined = ENABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: link_mtu = 1500
Aug 16 14:44:23 myvpn ovpn-server[15043]: link_mtu_defined = DISABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: tun_mtu_extra = 0
Aug 16 14:44:23 myvpn ovpn-server[15043]: tun_mtu_extra_defined = DISABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: mtu_discover_type = -1
Aug 16 14:44:23 myvpn ovpn-server[15043]: fragment = 0
Aug 16 14:44:23 myvpn ovpn-server[15043]: mssfix = 1450
Aug 16 14:44:23 myvpn ovpn-server[15043]: explicit_exit_notification = 0
Aug 16 14:44:23 myvpn ovpn-server[15043]: Connection profiles END
Aug 16 14:44:23 myvpn ovpn-server[15043]: remote_random = DISABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: ipchange = '[UNDEF]'
Aug 16 14:44:23 myvpn ovpn-server[15043]: dev = 'tun'
Aug 16 14:44:23 myvpn ovpn-server[15043]: dev_type = '[UNDEF]'
Aug 16 14:44:23 myvpn ovpn-server[15043]: dev_node = '[UNDEF]'
Aug 16 14:44:23 myvpn ovpn-server[15043]: lladdr = '[UNDEF]'
Aug 16 14:44:23 myvpn ovpn-server[15043]: topology = 3
Aug 16 14:44:23 myvpn ovpn-server[15043]: tun_ipv6 = DISABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: ifconfig_local = '10.8.0.1'
Aug 16 14:44:23 myvpn ovpn-server[15043]: ifconfig_remote_netmask = '255.255.255.0'
Aug 16 14:44:23 myvpn ovpn-server[15043]: ifconfig_noexec = DISABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: ifconfig_nowarn = DISABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: ifconfig_ipv6_local = '[UNDEF]'
Aug 16 14:44:23 myvpn ovpn-server[15043]: ifconfig_ipv6_netbits = 0
Aug 16 14:44:23 myvpn ovpn-server[15043]: ifconfig_ipv6_remote = '[UNDEF]'
Aug 16 14:44:23 myvpn ovpn-server[15043]: shaper = 0
Aug 16 14:44:23 myvpn ovpn-server[15043]: mtu_test = 0
Aug 16 14:44:23 myvpn ovpn-server[15043]: mlock = DISABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: keepalive_ping = 10
Aug 16 14:44:23 myvpn ovpn-server[15043]: keepalive_timeout = 120
Aug 16 14:44:23 myvpn ovpn-server[15043]: inactivity_timeout = 0
Aug 16 14:44:23 myvpn ovpn-server[15043]: ping_send_timeout = 10
Aug 16 14:44:23 myvpn ovpn-server[15043]: ping_rec_timeout = 240
Aug 16 14:44:23 myvpn ovpn-server[15043]: ping_rec_timeout_action = 2
Aug 16 14:44:23 myvpn ovpn-server[15043]: ping_timer_remote = DISABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: remap_sigusr1 = 0
Aug 16 14:44:23 myvpn ovpn-server[15043]: persist_tun = ENABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: persist_local_ip = DISABLED
Aug 16 14:44:23 myvpn systemd[1]: Started OpenVPN service.
Aug 16 14:44:23 myvpn ovpn-server[15043]: persist_remote_ip = DISABLED
Aug 16 14:44:23 myvpn systemd[1]: Started OpenVPN connection to server.
Aug 16 14:44:23 myvpn ovpn-server[15043]: persist_key = ENABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: passtos = DISABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: resolve_retry_seconds = 1000000000
Aug 16 14:44:23 myvpn ovpn-server[15043]: username = 'nobody'
Aug 16 14:44:23 myvpn ovpn-server[15043]: groupname = 'nogroup'
Aug 16 14:44:23 myvpn ovpn-server[15043]: chroot_dir = '[UNDEF]'
Aug 16 14:44:23 myvpn ovpn-server[15043]: cd_dir = '/etc/openvpn'
Aug 16 14:44:23 myvpn ovpn-server[15043]: writepid = '/run/openvpn/server.pid'
Aug 16 14:44:23 myvpn ovpn-server[15043]: up_script = '[UNDEF]'
Aug 16 14:44:23 myvpn ovpn-server[15043]: down_script = '[UNDEF]'
Aug 16 14:44:23 myvpn ovpn-server[15043]: down_pre = DISABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: up_restart = DISABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: up_delay = DISABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: daemon = ENABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: inetd = 0
Aug 16 14:44:23 myvpn ovpn-server[15043]: log = DISABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: suppress_timestamps = DISABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: nice = 0
Aug 16 14:44:23 myvpn ovpn-server[15043]: verbosity = 4
Aug 16 14:44:23 myvpn ovpn-server[15043]: mute = 0
Aug 16 14:44:23 myvpn ovpn-server[15043]: gremlin = 0
Aug 16 14:44:23 myvpn ovpn-server[15043]: status_file = 'openvpn.log'
Aug 16 14:44:23 myvpn ovpn-server[15043]: status_file_version = 1
Aug 16 14:44:23 myvpn ovpn-server[15043]: status_file_update_freq = 10
Aug 16 14:44:23 myvpn ovpn-server[15043]: occ = ENABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: rcvbuf = 0
Aug 16 14:44:23 myvpn ovpn-server[15043]: sndbuf = 0
Aug 16 14:44:23 myvpn ovpn-server[15043]: mark = 0
Aug 16 14:44:23 myvpn ovpn-server[15043]: sockflags = 0
Aug 16 14:44:23 myvpn ovpn-server[15043]: fast_io = DISABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: lzo = 0
Aug 16 14:44:23 myvpn ovpn-server[15043]: route_script = '[UNDEF]'
Aug 16 14:44:23 myvpn ovpn-server[15043]: route_default_gateway = '10.8.0.2'
Aug 16 14:44:23 myvpn ovpn-server[15043]: route_default_metric = 0
Aug 16 14:44:23 myvpn ovpn-server[15043]: route_noexec = DISABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: route_delay = 0
Aug 16 14:44:23 myvpn ovpn-server[15043]: route_delay_window = 30
Aug 16 14:44:23 myvpn ovpn-server[15043]: route_delay_defined = DISABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: route_nopull = DISABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: route_gateway_via_dhcp = DISABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: max_routes = 100
Aug 16 14:44:23 myvpn ovpn-server[15043]: allow_pull_fqdn = DISABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: management_addr = '[UNDEF]'
Aug 16 14:44:23 myvpn ovpn-server[15043]: management_port = 0
Aug 16 14:44:23 myvpn ovpn-server[15043]: management_user_pass = '[UNDEF]'
Aug 16 14:44:23 myvpn ovpn-server[15043]: management_log_history_cache = 250
Aug 16 14:44:23 myvpn ovpn-server[15043]: management_echo_buffer_size = 100
Aug 16 14:44:23 myvpn ovpn-server[15043]: management_write_peer_info_file = '[UNDEF]'
Aug 16 14:44:23 myvpn ovpn-server[15043]: management_client_user = '[UNDEF]'
Aug 16 14:44:23 myvpn ovpn-server[15043]: management_client_group = '[UNDEF]'
Aug 16 14:44:23 myvpn ovpn-server[15043]: management_flags = 0
Aug 16 14:44:23 myvpn ovpn-server[15043]: shared_secret_file = '[UNDEF]'
Aug 16 14:44:23 myvpn ovpn-server[15043]: key_direction = 1
Aug 16 14:44:23 myvpn ovpn-server[15043]: ciphername_defined = ENABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: ciphername = 'AES-128-CBC'
Aug 16 14:44:23 myvpn ovpn-server[15043]: authname_defined = ENABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: authname = 'SHA256'
Aug 16 14:44:23 myvpn ovpn-server[15043]: prng_hash = 'SHA1'
Aug 16 14:44:23 myvpn ovpn-server[15043]: prng_nonce_secret_len = 16
Aug 16 14:44:23 myvpn ovpn-server[15043]: keysize = 0
Aug 16 14:44:23 myvpn ovpn-server[15043]: engine = DISABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: replay = ENABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: mute_replay_warnings = DISABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: replay_window = 64
Aug 16 14:44:23 myvpn ovpn-server[15043]: replay_time = 15
Aug 16 14:44:23 myvpn ovpn-server[15043]: packet_id_file = '[UNDEF]'
Aug 16 14:44:23 myvpn ovpn-server[15043]: use_iv = ENABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: test_crypto = DISABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: tls_server = ENABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: tls_client = DISABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: key_method = 2
Aug 16 14:44:23 myvpn ovpn-server[15043]: ca_file = 'ca.crt'
Aug 16 14:44:23 myvpn ovpn-server[15043]: ca_path = '[UNDEF]'
Aug 16 14:44:23 myvpn ovpn-server[15043]: dh_file = 'dh.pem'
Aug 16 14:44:23 myvpn ovpn-server[15043]: cert_file = 'server.crt'
Aug 16 14:44:23 myvpn ovpn-server[15043]: extra_certs_file = '[UNDEF]'
Aug 16 14:44:23 myvpn ovpn-server[15043]: priv_key_file = 'server.key'
Aug 16 14:44:23 myvpn ovpn-server[15043]: pkcs12_file = '[UNDEF]'
Aug 16 14:44:23 myvpn ovpn-server[15043]: cipher_list = '[UNDEF]'
Aug 16 14:44:23 myvpn ovpn-server[15043]: tls_verify = '[UNDEF]'
Aug 16 14:44:23 myvpn ovpn-server[15043]: tls_export_cert = '[UNDEF]'
Aug 16 14:44:23 myvpn ovpn-server[15043]: verify_x509_type = 0
Aug 16 14:44:23 myvpn ovpn-server[15043]: verify_x509_name = '[UNDEF]'
Aug 16 14:44:23 myvpn ovpn-server[15043]: crl_file = 'crl.pem'
Aug 16 14:44:23 myvpn ovpn-server[15043]: ns_cert_type = 0
Aug 16 14:44:23 myvpn ovpn-server[15043]: remote_cert_ku[i] = 0
Aug 16 14:44:23 myvpn ovpn-server[15043]: message repeated 15 times: [ remote_cert_ku[i] = 0]
Aug 16 14:44:23 myvpn ovpn-server[15043]: remote_cert_eku = '[UNDEF]'
Aug 16 14:44:23 myvpn ovpn-server[15043]: ssl_flags = 64
Aug 16 14:44:23 myvpn ovpn-server[15043]: tls_timeout = 2
Aug 16 14:44:23 myvpn ovpn-server[15043]: renegotiate_bytes = 0
Aug 16 14:44:23 myvpn ovpn-server[15043]: renegotiate_packets = 0
Aug 16 14:44:23 myvpn ovpn-server[15043]: renegotiate_seconds = 3600
Aug 16 14:44:23 myvpn ovpn-server[15043]: handshake_window = 60
Aug 16 14:44:23 myvpn ovpn-server[15043]: transition_window = 3600
Aug 16 14:44:23 myvpn ovpn-server[15043]: single_session = DISABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: push_peer_info = DISABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: tls_exit = DISABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: tls_auth_file = 'tls-auth.key'
Aug 16 14:44:23 myvpn ovpn-server[15043]: pkcs11_protected_authentication = DISABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: message repeated 15 times: [ pkcs11_protected_authentication = DISABLED]
Aug 16 14:44:23 myvpn ovpn-server[15043]: pkcs11_private_mode = 00000000
Aug 16 14:44:23 myvpn ovpn-server[15043]: message repeated 15 times: [ pkcs11_private_mode = 00000000]
Aug 16 14:44:23 myvpn ovpn-server[15043]: pkcs11_cert_private = DISABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: message repeated 15 times: [ pkcs11_cert_private = DISABLED]
Aug 16 14:44:23 myvpn ovpn-server[15043]: pkcs11_pin_cache_period = -1
Aug 16 14:44:23 myvpn ovpn-server[15043]: pkcs11_id = '[UNDEF]'
Aug 16 14:44:23 myvpn ovpn-server[15043]: pkcs11_id_management = DISABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: server_network = 10.8.0.0
Aug 16 14:44:23 myvpn ovpn-server[15043]: server_netmask = 255.255.255.0
Aug 16 14:44:23 myvpn ovpn-server[15043]: server_network_ipv6 = ::
Aug 16 14:44:23 myvpn ovpn-server[15043]: server_netbits_ipv6 = 0
Aug 16 14:44:23 myvpn ovpn-server[15043]: server_bridge_ip = 0.0.0.0
Aug 16 14:44:23 myvpn ovpn-server[15043]: server_bridge_netmask = 0.0.0.0
Aug 16 14:44:23 myvpn ovpn-server[15043]: server_bridge_pool_start = 0.0.0.0
Aug 16 14:44:23 myvpn ovpn-server[15043]: server_bridge_pool_end = 0.0.0.0
Aug 16 14:44:23 myvpn ovpn-server[15043]: push_entry = 'dhcp-option DNS 80.68.80.24'
Aug 16 14:44:23 myvpn ovpn-server[15043]: push_entry = 'dhcp-option DNS 80.68.80.25'
Aug 16 14:44:23 myvpn ovpn-server[15043]: push_entry = 'redirect-gateway def1 bypass-dhcp'
Aug 16 14:44:23 myvpn ovpn-server[15043]: push_entry = 'route-gateway 10.8.0.1'
Aug 16 14:44:23 myvpn ovpn-server[15043]: push_entry = 'topology subnet'
Aug 16 14:44:23 myvpn ovpn-server[15043]: push_entry = 'ping 10'
Aug 16 14:44:23 myvpn ovpn-server[15043]: push_entry = 'ping-restart 120'
Aug 16 14:44:23 myvpn ovpn-server[15043]: ifconfig_pool_defined = ENABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: ifconfig_pool_start = 10.8.0.2
Aug 16 14:44:23 myvpn ovpn-server[15043]: ifconfig_pool_end = 10.8.0.253
Aug 16 14:44:23 myvpn ovpn-server[15043]: ifconfig_pool_netmask = 255.255.255.0
Aug 16 14:44:23 myvpn ovpn-server[15043]: ifconfig_pool_persist_filename = 'ipp.txt'
Aug 16 14:44:23 myvpn ovpn-server[15043]: ifconfig_pool_persist_refresh_freq = 600
Aug 16 14:44:23 myvpn ovpn-server[15043]: ifconfig_ipv6_pool_defined = DISABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: ifconfig_ipv6_pool_base = ::
Aug 16 14:44:23 myvpn ovpn-server[15043]: ifconfig_ipv6_pool_netbits = 0
Aug 16 14:44:23 myvpn ovpn-server[15043]: n_bcast_buf = 256
Aug 16 14:44:23 myvpn ovpn-server[15043]: tcp_queue_limit = 64
Aug 16 14:44:23 myvpn ovpn-server[15043]: real_hash_size = 256
Aug 16 14:44:23 myvpn ovpn-server[15043]: virtual_hash_size = 256
Aug 16 14:44:23 myvpn ovpn-server[15043]: client_connect_script = '[UNDEF]'
Aug 16 14:44:23 myvpn ovpn-server[15043]: learn_address_script = '[UNDEF]'
Aug 16 14:44:23 myvpn ovpn-server[15043]: client_disconnect_script = '[UNDEF]'
Aug 16 14:44:23 myvpn ovpn-server[15043]: client_config_dir = '[UNDEF]'
Aug 16 14:44:23 myvpn ovpn-server[15043]: ccd_exclusive = DISABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: tmp_dir = '/tmp'
Aug 16 14:44:23 myvpn ovpn-server[15043]: push_ifconfig_defined = DISABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: push_ifconfig_local = 0.0.0.0
Aug 16 14:44:23 myvpn ovpn-server[15043]: push_ifconfig_remote_netmask = 0.0.0.0
Aug 16 14:44:23 myvpn ovpn-server[15043]: push_ifconfig_ipv6_defined = DISABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: push_ifconfig_ipv6_local = ::/0
Aug 16 14:44:23 myvpn ovpn-server[15043]: push_ifconfig_ipv6_remote = ::
Aug 16 14:44:23 myvpn ovpn-server[15043]: enable_c2c = DISABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: duplicate_cn = DISABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: cf_max = 0
Aug 16 14:44:23 myvpn ovpn-server[15043]: cf_per = 0
Aug 16 14:44:23 myvpn ovpn-server[15043]: max_clients = 1024
Aug 16 14:44:23 myvpn ovpn-server[15043]: max_routes_per_client = 256
Aug 16 14:44:23 myvpn ovpn-server[15043]: auth_user_pass_verify_script = '[UNDEF]'
Aug 16 14:44:23 myvpn ovpn-server[15043]: auth_user_pass_verify_script_via_file = DISABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: port_share_host = '[UNDEF]'
Aug 16 14:44:23 myvpn ovpn-server[15043]: port_share_port = 0
Aug 16 14:44:23 myvpn ovpn-server[15043]: client = DISABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: pull = DISABLED
Aug 16 14:44:23 myvpn ovpn-server[15043]: auth_user_pass_file = '[UNDEF]'
Aug 16 14:44:23 myvpn ovpn-server[15043]: OpenVPN 2.3.10 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jun 22 2017
Aug 16 14:44:23 myvpn ovpn-server[15043]: library versions: OpenSSL 1.0.2g 1 Mar 2016, LZO 2.08
Aug 16 14:44:23 myvpn ovpn-server[15048]: Diffie-Hellman initialized with 2048 bit key
Aug 16 14:44:23 myvpn ovpn-server[15048]: Control Channel Authentication: using 'tls-auth.key' as a OpenVPN static key file
Aug 16 14:44:23 myvpn ovpn-server[15048]: Outgoing Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Aug 16 14:44:23 myvpn ovpn-server[15048]: Incoming Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Aug 16 14:44:23 myvpn ovpn-server[15048]: TLS-Auth MTU parms [ L:1569 D:1172 EF:78 EB:0 ET:0 EL:3 ]
Aug 16 14:44:23 myvpn ovpn-server[15048]: Socket Buffers: R=[212992->212992] S=[212992->212992]
Aug 16 14:44:23 myvpn ovpn-server[15048]: TUN/TAP device tun0 opened
Aug 16 14:44:23 myvpn ovpn-server[15048]: TUN/TAP TX queue length set to 100
Aug 16 14:44:23 myvpn ovpn-server[15048]: do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Aug 16 14:44:23 myvpn ovpn-server[15048]: /sbin/ip link set dev tun0 up mtu 1500
Aug 16 14:44:23 myvpn ovpn-server[15048]: /sbin/ip addr add dev tun0 10.8.0.1/24 broadcast 10.8.0.255
Aug 16 14:44:23 myvpn ovpn-server[15048]: Data Channel MTU parms [ L:1569 D:1450 EF:69 EB:12 ET:0 EL:3 ]
Aug 16 14:44:23 myvpn ovpn-server[15048]: GID set to nogroup
Aug 16 14:44:23 myvpn ovpn-server[15048]: UID set to nobody
Aug 16 14:44:23 myvpn ovpn-server[15048]: UDPv4 link local (bound): [AF_INET]22.33.44.55:1194
Aug 16 14:44:23 myvpn ovpn-server[15048]: UDPv4 link remote: [undef]
Aug 16 14:44:23 myvpn ovpn-server[15048]: MULTI: multi_init called, r=256 v=256
Aug 16 14:44:23 myvpn ovpn-server[15048]: IFCONFIG POOL: base=10.8.0.2 size=252, ipv6=0
Aug 16 14:44:23 myvpn ovpn-server[15048]: ifconfig_pool_read(), in='laptop,10.8.0.2', TODO: IPv6
Aug 16 14:44:23 myvpn ovpn-server[15048]: succeeded -> ifconfig_pool_set()
Aug 16 14:44:23 myvpn ovpn-server[15048]: IFCONFIG POOL LIST
Aug 16 14:44:23 myvpn ovpn-server[15048]: laptop,10.8.0.2
Aug 16 14:44:23 myvpn ovpn-server[15048]: Initialization Sequence Completed
/var/log/syslog (successful connection from "laptop")
Code: Select all
Aug 16 14:48:35 myvpn ovpn-server[15048]: MULTI: multi_create_instance called
Aug 16 14:48:35 myvpn ovpn-server[15048]: 33.44.55.66:42132 Re-using SSL/TLS context
Aug 16 14:48:35 myvpn ovpn-server[15048]: 33.44.55.66:42132 Control Channel MTU parms [ L:1569 D:1172 EF:78 EB:0 ET:0 EL:3 ]
Aug 16 14:48:35 myvpn ovpn-server[15048]: 33.44.55.66:42132 Data Channel MTU parms [ L:1569 D:1450 EF:69 EB:12 ET:0 EL:3 ]
Aug 16 14:48:35 myvpn ovpn-server[15048]: 33.44.55.66:42132 Local Options String: 'V4,dev-type tun,link-mtu 1569,tun-mtu 1500,proto UDPv4,keydir 0,cipher AES-128-CBC,auth SHA256,keysize 128,tls-auth,key-method 2,tls-server'
Aug 16 14:48:35 myvpn ovpn-server[15048]: 33.44.55.66:42132 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1569,tun-mtu 1500,proto UDPv4,keydir 1,cipher AES-128-CBC,auth SHA256,keysize 128,tls-auth,key-method 2,tls-client'
Aug 16 14:48:35 myvpn ovpn-server[15048]: 33.44.55.66:42132 Local Options hash (VER=V4): 'a4229d97'
Aug 16 14:48:35 myvpn ovpn-server[15048]: 33.44.55.66:42132 Expected Remote Options hash (VER=V4): '0781f50e'
Aug 16 14:48:35 myvpn ovpn-server[15048]: 33.44.55.66:42132 TLS: Initial packet from [AF_INET]33.44.55.66:42132, sid=9108e672 f4ec3d5f
Aug 16 14:48:35 myvpn ovpn-server[15048]: 33.44.55.66:42132 CRL CHECK OK: CN=ChangeMe
Aug 16 14:48:35 myvpn ovpn-server[15048]: 33.44.55.66:42132 VERIFY OK: depth=1, CN=ChangeMe
Aug 16 14:48:35 myvpn ovpn-server[15048]: 33.44.55.66:42132 CRL CHECK OK: CN=laptop
Aug 16 14:48:35 myvpn ovpn-server[15048]: 33.44.55.66:42132 VERIFY OK: depth=0, CN=laptop
Aug 16 14:48:35 myvpn ovpn-server[15048]: 33.44.55.66:42132 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Aug 16 14:48:35 myvpn ovpn-server[15048]: 33.44.55.66:42132 Data Channel Encrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
Aug 16 14:48:35 myvpn ovpn-server[15048]: 33.44.55.66:42132 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Aug 16 14:48:35 myvpn ovpn-server[15048]: 33.44.55.66:42132 Data Channel Decrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
Aug 16 14:48:35 myvpn ovpn-server[15048]: 33.44.55.66:42132 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Aug 16 14:48:35 myvpn ovpn-server[15048]: 33.44.55.66:42132 [laptop] Peer Connection Initiated with [AF_INET]33.44.55.66:42132
Aug 16 14:48:35 myvpn ovpn-server[15048]: laptop/33.44.55.66:42132 MULTI_sva: pool returned IPv4=10.8.0.2, IPv6=(Not enabled)
Aug 16 14:48:35 myvpn ovpn-server[15048]: laptop/33.44.55.66:42132 MULTI: Learn: 10.8.0.2 -> laptop/33.44.55.66:42132
Aug 16 14:48:35 myvpn ovpn-server[15048]: laptop/33.44.55.66:42132 MULTI: primary virtual IP for laptop/33.44.55.66:42132: 10.8.0.2
Aug 16 14:48:37 myvpn ovpn-server[15048]: laptop/33.44.55.66:42132 PUSH: Received control message: 'PUSH_REQUEST'
Aug 16 14:48:37 myvpn ovpn-server[15048]: laptop/33.44.55.66:42132 send_push_reply(): safe_cap=940
Aug 16 14:48:37 myvpn ovpn-server[15048]: laptop/33.44.55.66:42132 SENT CONTROL [laptop]: 'PUSH_REPLY,dhcp-option DNS 88.99.11.24,dhcp-option DNS 88.99.11.25,redirect-gateway def1 bypass-dhcp,route-gateway 10.8.0.1,topology subnet,ping 10,ping-restart 120,ifconfig 10.8.0.2 255.255.255.0' (status=1)
/var/log/syslog (failing connection from WWAN router "raven")
Code: Select all
Aug 16 14:59:53 myvpn ovpn-server[15048]: MULTI: multi_create_instance called
Aug 16 14:59:53 myvpn ovpn-server[15048]: 44.55.66.77:53725 Re-using SSL/TLS context
Aug 16 14:59:53 myvpn ovpn-server[15048]: 44.55.66.77:53725 Control Channel MTU parms [ L:1569 D:1172 EF:78 EB:0 ET:0 EL:3 ]
Aug 16 14:59:53 myvpn ovpn-server[15048]: 44.55.66.77:53725 Data Channel MTU parms [ L:1569 D:1450 EF:69 EB:12 ET:0 EL:3 ]
Aug 16 14:59:53 myvpn ovpn-server[15048]: 44.55.66.77:53725 Local Options String: 'V4,dev-type tun,link-mtu 1569,tun-mtu 1500,proto UDPv4,keydir 0,cipher AES-128-CBC,auth SHA256,keysize 128,tls-auth,key-method 2,tls-server'
Aug 16 14:59:53 myvpn ovpn-server[15048]: 44.55.66.77:53725 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1569,tun-mtu 1500,proto UDPv4,keydir 1,cipher AES-128-CBC,auth SHA256,keysize 128,tls-auth,key-method 2,tls-client'
Aug 16 14:59:53 myvpn ovpn-server[15048]: 44.55.66.77:53725 Local Options hash (VER=V4): 'a4229d97'
Aug 16 14:59:53 myvpn ovpn-server[15048]: 44.55.66.77:53725 Expected Remote Options hash (VER=V4): '0781f50e'
Aug 16 14:59:53 myvpn ovpn-server[15048]: 44.55.66.77:53725 TLS: Initial packet from [AF_INET]44.55.66.77:53725, sid=d176a28b 8a78bb2e
Aug 16 14:59:57 myvpn ovpn-server[15048]: MULTI: multi_create_instance called
Aug 16 14:59:57 myvpn ovpn-server[15048]: 44.55.66.77:41461 Re-using SSL/TLS context
Aug 16 14:59:57 myvpn ovpn-server[15048]: 44.55.66.77:41461 Control Channel MTU parms [ L:1569 D:1172 EF:78 EB:0 ET:0 EL:3 ]
Aug 16 14:59:57 myvpn ovpn-server[15048]: 44.55.66.77:41461 Data Channel MTU parms [ L:1569 D:1450 EF:69 EB:12 ET:0 EL:3 ]
Aug 16 14:59:57 myvpn ovpn-server[15048]: 44.55.66.77:41461 Local Options String: 'V4,dev-type tun,link-mtu 1569,tun-mtu 1500,proto UDPv4,keydir 0,cipher AES-128-CBC,auth SHA256,keysize 128,tls-auth,key-method 2,tls-server'
Aug 16 14:59:57 myvpn ovpn-server[15048]: 44.55.66.77:41461 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1569,tun-mtu 1500,proto UDPv4,keydir 1,cipher AES-128-CBC,auth SHA256,keysize 128,tls-auth,key-method 2,tls-client'
Aug 16 14:59:57 myvpn ovpn-server[15048]: 44.55.66.77:41461 Local Options hash (VER=V4): 'a4229d97'
Aug 16 14:59:57 myvpn ovpn-server[15048]: 44.55.66.77:41461 Expected Remote Options hash (VER=V4): '0781f50e'
Aug 16 14:59:57 myvpn ovpn-server[15048]: 44.55.66.77:41461 TLS: Initial packet from [AF_INET]44.55.66.77:41461, sid=44cc73e2 e49da8cb
Aug 16 15:00:01 myvpn ovpn-server[15048]: MULTI: multi_create_instance called
Aug 16 15:00:01 myvpn ovpn-server[15048]: 44.55.66.77:49104 Re-using SSL/TLS context
Aug 16 15:00:01 myvpn ovpn-server[15048]: 44.55.66.77:49104 Control Channel MTU parms [ L:1569 D:1172 EF:78 EB:0 ET:0 EL:3 ]
Aug 16 15:00:01 myvpn ovpn-server[15048]: 44.55.66.77:49104 Data Channel MTU parms [ L:1569 D:1450 EF:69 EB:12 ET:0 EL:3 ]
Aug 16 15:00:01 myvpn ovpn-server[15048]: 44.55.66.77:49104 Local Options String: 'V4,dev-type tun,link-mtu 1569,tun-mtu 1500,proto UDPv4,keydir 0,cipher AES-128-CBC,auth SHA256,keysize 128,tls-auth,key-method 2,tls-server'
Aug 16 15:00:01 myvpn ovpn-server[15048]: 44.55.66.77:49104 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1569,tun-mtu 1500,proto UDPv4,keydir 1,cipher AES-128-CBC,auth SHA256,keysize 128,tls-auth,key-method 2,tls-client'
Aug 16 15:00:01 myvpn ovpn-server[15048]: 44.55.66.77:49104 Local Options hash (VER=V4): 'a4229d97'
Aug 16 15:00:01 myvpn ovpn-server[15048]: 44.55.66.77:49104 Expected Remote Options hash (VER=V4): '0781f50e'
... repeating ad infinitum ...
Screengrab from router config:
The WWAN router is a
Sierra Wireless AirLink RV50 (Raven), running ALEOS firmware v4.8.1. Full software configuration manual is
available here.
Gratefully,
Lomax