CLient log
Server LogMon Jul 08 11:40:48 2013 OpenVPN 2.2.2 Win32-MSVC++ [SSL] [LZO2] [PKCS11] built on Dec 15 2011
Mon Jul 08 11:40:48 2013 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Mon Jul 08 11:40:48 2013 LZO compression initialized
Mon Jul 08 11:40:48 2013 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Mon Jul 08 11:40:48 2013 Socket Buffers: R=[8192->8192] S=[8192->8192]
Mon Jul 08 11:40:48 2013 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Mon Jul 08 11:40:48 2013 Local Options hash (VER=V4): '41690919'
Mon Jul 08 11:40:48 2013 Expected Remote Options hash (VER=V4): '530fdded'
Mon Jul 08 11:40:48 2013 UDPv4 link local: [undef]
Mon Jul 08 11:40:48 2013 UDPv4 link remote: 95.211.213.149:1194
Mon Jul 08 11:40:48 2013 TLS: Initial packet from 95.211.213.149:1194, sid=3add20ba d71b61ea
Mon Jul 08 11:40:49 2013 VERIFY OK: depth=1, /C=IS/ST=GR/L=Reykjav_xEDk/O=SYAVPN/CN=SYAVPN_CA/emailAddress=blahblah@biteme.com
Mon Jul 08 11:40:49 2013 VERIFY OK: nsCertType=SERVER
Mon Jul 08 11:40:49 2013 VERIFY OK: depth=0, /C=IS/ST=GR/L=Reykjav_xEDk/O=SYAVPN/CN=server/emailAddress=blahblah@biteme.com
Mon Jul 08 11:40:52 2013 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mon Jul 08 11:40:52 2013 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Jul 08 11:40:52 2013 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mon Jul 08 11:40:52 2013 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Jul 08 11:40:52 2013 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Mon Jul 08 11:40:52 2013 [server] Peer Connection Initiated with 95.211.213.149:1194
Mon Jul 08 11:40:54 2013 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Mon Jul 08 11:40:55 2013 PUSH: Received control message: 'PUSH_REPLY,dhcp-option DNS 10.8.0.1,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5'
Mon Jul 08 11:40:55 2013 OPTIONS IMPORT: timers and/or timeouts modified
Mon Jul 08 11:40:55 2013 OPTIONS IMPORT: --ifconfig/up options modified
Mon Jul 08 11:40:55 2013 OPTIONS IMPORT: route options modified
Mon Jul 08 11:40:55 2013 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Mon Jul 08 11:40:55 2013 ROUTE default_gateway=192.168.1.254
Mon Jul 08 11:40:55 2013 TAP-WIN32 device [Local Area Connection 3] opened: \\.\Global\{60D0995E-CDF8-4B46-B747-3F426E92A2A6}.tap
Mon Jul 08 11:40:55 2013 TAP-Win32 Driver Version 9.9
Mon Jul 08 11:40:55 2013 TAP-Win32 MTU=1500
Mon Jul 08 11:40:55 2013 Notified TAP-Win32 driver to set a DHCP IP/netmask of 10.8.0.6/255.255.255.252 on interface {60D0995E-CDF8-4B46-B747-3F426E92A2A6} [DHCP-serv: 10.8.0.5, lease-time: 31536000]
Mon Jul 08 11:40:55 2013 Successful ARP Flush on interface [17] {60D0995E-CDF8-4B46-B747-3F426E92A2A6}
Mon Jul 08 11:41:00 2013 TEST ROUTES: 1/1 succeeded len=1 ret=1 a=0 u/d=up
Mon Jul 08 11:41:00 2013 C:\WINDOWS\system32\route.exe ADD 10.8.0.1 MASK 255.255.255.255 10.8.0.5
Mon Jul 08 11:41:00 2013 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4
Mon Jul 08 11:41:00 2013 Route addition via IPAPI succeeded [adaptive]
Mon Jul 08 11:41:00 2013 Initialization Sequence Completed
my IPTABLESSun Feb 17 23:03:42 2013 OpenVPN 2.2.2 Win32-MSVC++ [SSL] [LZO2] [PKCS11] built on Dec 15 2011
Sun Feb 17 23:03:42 2013 NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x. Be aware that this might create routing conflicts if you connect to the VPN server from public locations such as internet cafes that use the same subnet.
Sun Feb 17 23:03:42 2013 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Sun Feb 17 23:03:42 2013 Cannot open dh1024.pem for DH parameters: error:02001002:system library:fopen:No such file or directory: error:2006D080:BIO routines:BIO_new_file:no such file
Sun Feb 17 23:03:42 2013 Exiting
iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -s 10.8.0.0/24 -j ACCEPT
iptables -A FORWARD -j REJECT
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE