Client - gateway: Can't reach network behind or internet

Need help configuring your VPN? Just post here and you'll get that help.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
BenneX
OpenVpn Newbie
Posts: 4
Joined: Mon Oct 19, 2015 8:20 pm

Client - gateway: Can't reach network behind or internet

Post by BenneX » Mon Oct 19, 2015 8:52 pm

Hi guys,

Actually I am at the progress to configure OpenVPN on my Synology Diskstation DS214+.
With the help of the HOWTO, a book and a lot of stuff at the internet I am doing pretty well.

But by now I have reached a point where I can't fix the problem by myself, it's the following:
I want to configure the DS214 as a gateway for my home-network and want to connect some roadwarriors with it.

Connections works well and the gateway is reachable over the tunnel - the problem is: only the Gateway is reachable.
No other clients from the network behind the gateway are reachable, nether the internet is working on the connected roadwarrior.
(I want the clients to redirect their whole traffic through the tunnel).

I've tried the following on the server:

Code: Select all

echo 1 > /proc/sys/net/ipv4/ip_forward
But still the same problem.
After connecting the roadwarrior and trying to access the internet, the server says

Code: Select all

UserOpenVPN/82.xxx.xx.25:34326 MULTI: bad source address from client [10.xx.xxx.25], packet dropped
my configs are looking like this:

Code: Select all

port 9000  
proto udp  
dev tun  	
server 10.8.0.0 255.255.255.0
push "route 192.168.178.0 255.255.255.0" 		
push "route 10.8.0.0 255.255.255.0" 
keepalive 10 120 
cipher AES-256-CBC 
comp-lzo 	
max-clients 5 	
user nobody   				
group nobody 				
persist-key 		
persist-tun 		
status /volume1/Backup/OpenVPNServer/openvpn-Status.log 
verb 4 											
client-to-client 									

dh /var/packages/VPNCenter/etc/openvpn/keys/dh4096.pem
ca /var/packages/VPNCenter/etc/openvpn/keys/ca.crt
cert /var/packages/VPNCenter/etc/openvpn/keys/DS214.crt
key /var/packages/VPNCenter/etc/openvpn/keys/DS214.key
tls-auth /var/packages/VPNCenter/etc/openvpn/keys/ta.key 						

reneg-sec 300
auth RSA-SHA512 															
tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384 									
tls-version-min 1.2 
prng sha512
auth-nocache 
mode server

Code: Select all

dev tun
client 
remote xxxx 9000
redirect-gateway
proto udp
script-security 2

ca ca.crt
cert UserOpenVPN.crt
key UserOpenVPN.key
tls-auth ta.key

comp-lzo
reneg-sec 0
cipher AES-256-CBC
auth RSA-SHA512
tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384
tls-version-min 1.2
auth-nocache
verify-x509-name XXX name
verb 4
Thanks for you help!
Benjamin
Top
User avatar
Traffic
OpenVPN Protagonist
Posts: 4066
Joined: Sat Aug 09, 2014 11:24 am

Re: Client - gateway: Can't reach network behind or internet

Post by Traffic » Tue Oct 20, 2015 1:34 pm

Please post you log files.

You may find these helpful:
BenneX wrote:the server says
Code:
UserOpenVPN/82.xxx.xx.25:34326 MULTI: bad source address from client [10.xx.xxx.25], packet dropped
This can be resolved by using the first link above or normally ignored, as you can see the server drops the packet so it is not a threat.

See:
https://community.openvpn.net/openvpn/w ... rt-failedq
Top
BenneX
OpenVpn Newbie
Posts: 4
Joined: Mon Oct 19, 2015 8:20 pm

Re: Client - gateway: Can't reach network behind or internet

Post by BenneX » Tue Oct 20, 2015 8:24 pm

Hi Traffic,

thanks for your fast reply.
The machines I want to reach are on the server side and I allready included the push route option in my server config as you can see above.
Sadly the problem sill exists ...

When I try to fix the problem of missing internet on the clients with the command from the HOWTO, I get the following error:

Code: Select all

DS214> iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
iptables v1.4.21: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
Here are the logs with verb 4.

Client

Code: Select all

Tue Oct 20 22:00:57 2015 us=562881 Current Parameter Settings:
Tue Oct 20 22:00:57 2015 us=564837   config = 'openvpn.ovpn'
Tue Oct 20 22:00:57 2015 us=564837   mode = 0
Tue Oct 20 22:00:57 2015 us=564837   show_ciphers = DISABLED
Tue Oct 20 22:00:57 2015 us=564837   show_digests = DISABLED
Tue Oct 20 22:00:57 2015 us=564837   show_engines = DISABLED
Tue Oct 20 22:00:57 2015 us=564837   genkey = DISABLED
Tue Oct 20 22:00:57 2015 us=564837   key_pass_file = '[UNDEF]'
Tue Oct 20 22:00:57 2015 us=564837   show_tls_ciphers = DISABLED
Tue Oct 20 22:00:57 2015 us=564837 Connection profiles [default]:
Tue Oct 20 22:00:57 2015 us=564837   proto = udp
Tue Oct 20 22:00:57 2015 us=564837   local = '[UNDEF]'
Tue Oct 20 22:00:57 2015 us=564837   local_port = 1194
Tue Oct 20 22:00:57 2015 us=565811   remote = 'xxx'
Tue Oct 20 22:00:57 2015 us=565811   remote_port = 9000
Tue Oct 20 22:00:57 2015 us=565811   remote_float = DISABLED
Tue Oct 20 22:00:57 2015 us=565811   bind_defined = DISABLED
Tue Oct 20 22:00:57 2015 us=565811   bind_local = ENABLED
Tue Oct 20 22:00:57 2015 us=565811   connect_retry_seconds = 5
Tue Oct 20 22:00:57 2015 us=565811   connect_timeout = 10
Tue Oct 20 22:00:57 2015 us=565811   connect_retry_max = 0
Tue Oct 20 22:00:57 2015 us=565811   socks_proxy_server = '[UNDEF]'
Tue Oct 20 22:00:57 2015 us=565811   socks_proxy_port = 0
Tue Oct 20 22:00:57 2015 us=565811   socks_proxy_retry = DISABLED
Tue Oct 20 22:00:57 2015 us=565811   tun_mtu = 1500
Tue Oct 20 22:00:57 2015 us=565811   tun_mtu_defined = ENABLED
Tue Oct 20 22:00:57 2015 us=565811   link_mtu = 1500
Tue Oct 20 22:00:57 2015 us=565811   link_mtu_defined = DISABLED
Tue Oct 20 22:00:57 2015 us=565811   tun_mtu_extra = 0
Tue Oct 20 22:00:57 2015 us=565811   tun_mtu_extra_defined = DISABLED
Tue Oct 20 22:00:57 2015 us=565811   mtu_discover_type = -1
Tue Oct 20 22:00:57 2015 us=565811   fragment = 0
Tue Oct 20 22:00:57 2015 us=565811   mssfix = 1450
Tue Oct 20 22:00:57 2015 us=565811   explicit_exit_notification = 0
Tue Oct 20 22:00:57 2015 us=565811 Connection profiles END
Tue Oct 20 22:00:57 2015 us=565811   remote_random = DISABLED
Tue Oct 20 22:00:57 2015 us=565811   ipchange = '[UNDEF]'
Tue Oct 20 22:00:57 2015 us=565811   dev = 'tun'
Tue Oct 20 22:00:57 2015 us=565811   dev_type = '[UNDEF]'
Tue Oct 20 22:00:57 2015 us=565811   dev_node = '[UNDEF]'
Tue Oct 20 22:00:57 2015 us=565811   lladdr = '[UNDEF]'
Tue Oct 20 22:00:57 2015 us=565811   topology = 1
Tue Oct 20 22:00:57 2015 us=565811   tun_ipv6 = DISABLED
Tue Oct 20 22:00:57 2015 us=565811   ifconfig_local = '[UNDEF]'
Tue Oct 20 22:00:57 2015 us=565811   ifconfig_remote_netmask = '[UNDEF]'
Tue Oct 20 22:00:57 2015 us=565811   ifconfig_noexec = DISABLED
Tue Oct 20 22:00:57 2015 us=565811   ifconfig_nowarn = DISABLED
Tue Oct 20 22:00:57 2015 us=565811   ifconfig_ipv6_local = '[UNDEF]'
Tue Oct 20 22:00:57 2015 us=565811   ifconfig_ipv6_netbits = 0
Tue Oct 20 22:00:57 2015 us=565811   ifconfig_ipv6_remote = '[UNDEF]'
Tue Oct 20 22:00:57 2015 us=565811   shaper = 0
Tue Oct 20 22:00:57 2015 us=565811   mtu_test = 0
Tue Oct 20 22:00:57 2015 us=565811   mlock = DISABLED
Tue Oct 20 22:00:57 2015 us=565811   keepalive_ping = 0
Tue Oct 20 22:00:57 2015 us=565811   keepalive_timeout = 0
Tue Oct 20 22:00:57 2015 us=565811   inactivity_timeout = 0
Tue Oct 20 22:00:57 2015 us=565811   ping_send_timeout = 0
Tue Oct 20 22:00:57 2015 us=565811   ping_rec_timeout = 0
Tue Oct 20 22:00:57 2015 us=565811   ping_rec_timeout_action = 0
Tue Oct 20 22:00:57 2015 us=565811   ping_timer_remote = DISABLED
Tue Oct 20 22:00:57 2015 us=565811   remap_sigusr1 = 0
Tue Oct 20 22:00:57 2015 us=565811   persist_tun = DISABLED
Tue Oct 20 22:00:57 2015 us=565811   persist_local_ip = DISABLED
Tue Oct 20 22:00:57 2015 us=565811   persist_remote_ip = DISABLED
Tue Oct 20 22:00:57 2015 us=565811   persist_key = DISABLED
Tue Oct 20 22:00:57 2015 us=565811   passtos = DISABLED
Tue Oct 20 22:00:57 2015 us=565811   resolve_retry_seconds = 1000000000
Tue Oct 20 22:00:57 2015 us=565811   username = '[UNDEF]'
Tue Oct 20 22:00:57 2015 us=565811   groupname = '[UNDEF]'
Tue Oct 20 22:00:57 2015 us=565811   chroot_dir = '[UNDEF]'
Tue Oct 20 22:00:57 2015 us=565811   cd_dir = '[UNDEF]'
Tue Oct 20 22:00:57 2015 us=565811   writepid = '[UNDEF]'
Tue Oct 20 22:00:57 2015 us=565811   up_script = '[UNDEF]'
Tue Oct 20 22:00:57 2015 us=565811   down_script = '[UNDEF]'
Tue Oct 20 22:00:57 2015 us=565811   down_pre = DISABLED
Tue Oct 20 22:00:57 2015 us=565811   up_restart = DISABLED
Tue Oct 20 22:00:57 2015 us=565811   up_delay = DISABLED
Tue Oct 20 22:00:57 2015 us=565811   daemon = DISABLED
Tue Oct 20 22:00:57 2015 us=565811   inetd = 0
Tue Oct 20 22:00:57 2015 us=566787   log = ENABLED
Tue Oct 20 22:00:57 2015 us=566787   suppress_timestamps = DISABLED
Tue Oct 20 22:00:57 2015 us=566787   nice = 0
Tue Oct 20 22:00:57 2015 us=566787   verbosity = 4
Tue Oct 20 22:00:57 2015 us=566787   mute = 0
Tue Oct 20 22:00:57 2015 us=566787   status_file = '[UNDEF]'
Tue Oct 20 22:00:57 2015 us=566787   status_file_version = 1
Tue Oct 20 22:00:57 2015 us=566787   status_file_update_freq = 60
Tue Oct 20 22:00:57 2015 us=566787   occ = ENABLED
Tue Oct 20 22:00:57 2015 us=566787   rcvbuf = 0
Tue Oct 20 22:00:57 2015 us=566787   sndbuf = 0
Tue Oct 20 22:00:57 2015 us=566787   sockflags = 0
Tue Oct 20 22:00:57 2015 us=566787   fast_io = DISABLED
Tue Oct 20 22:00:57 2015 us=566787   lzo = 7
Tue Oct 20 22:00:57 2015 us=566787   route_script = '[UNDEF]'
Tue Oct 20 22:00:57 2015 us=566787   route_default_gateway = '[UNDEF]'
Tue Oct 20 22:00:57 2015 us=566787   route_default_metric = 0
Tue Oct 20 22:00:57 2015 us=566787   route_noexec = DISABLED
Tue Oct 20 22:00:57 2015 us=566787   route_delay = 5
Tue Oct 20 22:00:57 2015 us=566787   route_delay_window = 30
Tue Oct 20 22:00:57 2015 us=566787   route_delay_defined = ENABLED
Tue Oct 20 22:00:57 2015 us=566787   route_nopull = DISABLED
Tue Oct 20 22:00:57 2015 us=566787   route_gateway_via_dhcp = DISABLED
Tue Oct 20 22:00:57 2015 us=566787   max_routes = 100
Tue Oct 20 22:00:57 2015 us=566787   allow_pull_fqdn = DISABLED
Tue Oct 20 22:00:57 2015 us=566787   [redirect_default_gateway local=0]
Tue Oct 20 22:00:57 2015 us=566787   management_addr = '127.0.0.1'
Tue Oct 20 22:00:57 2015 us=566787   management_port = 25340
Tue Oct 20 22:00:57 2015 us=566787   management_user_pass = 'stdin'
Tue Oct 20 22:00:57 2015 us=566787   management_log_history_cache = 250
Tue Oct 20 22:00:57 2015 us=566787   management_echo_buffer_size = 100
Tue Oct 20 22:00:57 2015 us=566787   management_write_peer_info_file = '[UNDEF]'
Tue Oct 20 22:00:57 2015 us=566787   management_client_user = '[UNDEF]'
Tue Oct 20 22:00:57 2015 us=566787   management_client_group = '[UNDEF]'
Tue Oct 20 22:00:57 2015 us=566787   management_flags = 6
Tue Oct 20 22:00:57 2015 us=566787   shared_secret_file = '[UNDEF]'
Tue Oct 20 22:00:57 2015 us=566787   key_direction = 0
Tue Oct 20 22:00:57 2015 us=566787   ciphername_defined = ENABLED
Tue Oct 20 22:00:57 2015 us=566787   ciphername = 'AES-256-CBC'
Tue Oct 20 22:00:57 2015 us=566787   authname_defined = ENABLED
Tue Oct 20 22:00:57 2015 us=566787   authname = 'RSA-SHA512'
Tue Oct 20 22:00:57 2015 us=566787   prng_hash = 'SHA1'
Tue Oct 20 22:00:57 2015 us=566787   prng_nonce_secret_len = 16
Tue Oct 20 22:00:57 2015 us=566787   keysize = 0
Tue Oct 20 22:00:57 2015 us=566787   engine = DISABLED
Tue Oct 20 22:00:57 2015 us=566787   replay = ENABLED
Tue Oct 20 22:00:57 2015 us=566787   mute_replay_warnings = DISABLED
Tue Oct 20 22:00:57 2015 us=566787   replay_window = 64
Tue Oct 20 22:00:57 2015 us=566787   replay_time = 15
Tue Oct 20 22:00:57 2015 us=566787   packet_id_file = '[UNDEF]'
Tue Oct 20 22:00:57 2015 us=566787   use_iv = ENABLED
Tue Oct 20 22:00:57 2015 us=566787   test_crypto = DISABLED
Tue Oct 20 22:00:57 2015 us=566787   tls_server = DISABLED
Tue Oct 20 22:00:57 2015 us=566787   tls_client = ENABLED
Tue Oct 20 22:00:57 2015 us=566787   key_method = 2
Tue Oct 20 22:00:57 2015 us=566787   ca_file = 'ca.crt'
Tue Oct 20 22:00:57 2015 us=566787   ca_path = '[UNDEF]'
Tue Oct 20 22:00:57 2015 us=566787   dh_file = '[UNDEF]'
Tue Oct 20 22:00:57 2015 us=566787   cert_file = 'UserOpenVPN.crt'
Tue Oct 20 22:00:57 2015 us=566787   priv_key_file = 'UserOpenVPN.key'
Tue Oct 20 22:00:57 2015 us=566787   pkcs12_file = '[UNDEF]'
Tue Oct 20 22:00:57 2015 us=566787   cryptoapi_cert = '[UNDEF]'
Tue Oct 20 22:00:57 2015 us=566787   cipher_list = 'TLS-DHE-RSA-WITH-AES-256-GCM-SHA384'
Tue Oct 20 22:00:57 2015 us=566787   tls_verify = '[UNDEF]'
Tue Oct 20 22:00:57 2015 us=566787   tls_export_cert = '[UNDEF]'
Tue Oct 20 22:00:57 2015 us=566787   verify_x509_type = 2
Tue Oct 20 22:00:57 2015 us=567764   verify_x509_name = 'xxx'
Tue Oct 20 22:00:57 2015 us=567764   crl_file = '[UNDEF]'
Tue Oct 20 22:00:57 2015 us=567764   ns_cert_type = 0
Tue Oct 20 22:00:57 2015 us=567764   remote_cert_ku[i] = 0
Tue Oct 20 22:00:57 2015 us=567764   remote_cert_ku[i] = 0
Tue Oct 20 22:00:57 2015 us=567764   remote_cert_ku[i] = 0
Tue Oct 20 22:00:57 2015 us=567764   remote_cert_ku[i] = 0
Tue Oct 20 22:00:57 2015 us=567764   remote_cert_ku[i] = 0
Tue Oct 20 22:00:57 2015 us=567764   remote_cert_ku[i] = 0
Tue Oct 20 22:00:57 2015 us=567764   remote_cert_ku[i] = 0
Tue Oct 20 22:00:57 2015 us=567764   remote_cert_ku[i] = 0
Tue Oct 20 22:00:57 2015 us=567764   remote_cert_ku[i] = 0
Tue Oct 20 22:00:57 2015 us=567764   remote_cert_ku[i] = 0
Tue Oct 20 22:00:57 2015 us=567764   remote_cert_ku[i] = 0
Tue Oct 20 22:00:57 2015 us=567764   remote_cert_ku[i] = 0
Tue Oct 20 22:00:57 2015 us=567764   remote_cert_ku[i] = 0
Tue Oct 20 22:00:57 2015 us=567764   remote_cert_ku[i] = 0
Tue Oct 20 22:00:57 2015 us=567764   remote_cert_ku[i] = 0
Tue Oct 20 22:00:57 2015 us=567764   remote_cert_ku[i] = 0
Tue Oct 20 22:00:57 2015 us=567764   remote_cert_eku = '[UNDEF]'
Tue Oct 20 22:00:57 2015 us=567764   ssl_flags = 192
Tue Oct 20 22:00:57 2015 us=567764   tls_timeout = 2
Tue Oct 20 22:00:57 2015 us=567764   renegotiate_bytes = 0
Tue Oct 20 22:00:57 2015 us=567764   renegotiate_packets = 0
Tue Oct 20 22:00:57 2015 us=567764   renegotiate_seconds = 0
Tue Oct 20 22:00:57 2015 us=567764   handshake_window = 60
Tue Oct 20 22:00:57 2015 us=567764   transition_window = 3600
Tue Oct 20 22:00:57 2015 us=567764   single_session = DISABLED
Tue Oct 20 22:00:57 2015 us=567764   push_peer_info = DISABLED
Tue Oct 20 22:00:57 2015 us=567764   tls_exit = DISABLED
Tue Oct 20 22:00:57 2015 us=567764   tls_auth_file = 'ta.key'
Tue Oct 20 22:00:57 2015 us=567764   pkcs11_protected_authentication = DISABLED
Tue Oct 20 22:00:57 2015 us=567764   pkcs11_protected_authentication = DISABLED
Tue Oct 20 22:00:57 2015 us=567764   pkcs11_protected_authentication = DISABLED
Tue Oct 20 22:00:57 2015 us=567764   pkcs11_protected_authentication = DISABLED
Tue Oct 20 22:00:57 2015 us=567764   pkcs11_protected_authentication = DISABLED
Tue Oct 20 22:00:57 2015 us=567764   pkcs11_protected_authentication = DISABLED
Tue Oct 20 22:00:57 2015 us=567764   pkcs11_protected_authentication = DISABLED
Tue Oct 20 22:00:57 2015 us=567764   pkcs11_protected_authentication = DISABLED
Tue Oct 20 22:00:57 2015 us=567764   pkcs11_protected_authentication = DISABLED
Tue Oct 20 22:00:57 2015 us=567764   pkcs11_protected_authentication = DISABLED
Tue Oct 20 22:00:57 2015 us=567764   pkcs11_protected_authentication = DISABLED
Tue Oct 20 22:00:57 2015 us=567764   pkcs11_protected_authentication = DISABLED
Tue Oct 20 22:00:57 2015 us=567764   pkcs11_protected_authentication = DISABLED
Tue Oct 20 22:00:57 2015 us=567764   pkcs11_protected_authentication = DISABLED
Tue Oct 20 22:00:57 2015 us=567764   pkcs11_protected_authentication = DISABLED
Tue Oct 20 22:00:57 2015 us=567764   pkcs11_protected_authentication = DISABLED
Tue Oct 20 22:00:57 2015 us=567764   pkcs11_private_mode = 00000000
Tue Oct 20 22:00:57 2015 us=567764   pkcs11_private_mode = 00000000
Tue Oct 20 22:00:57 2015 us=567764   pkcs11_private_mode = 00000000
Tue Oct 20 22:00:57 2015 us=567764   pkcs11_private_mode = 00000000
Tue Oct 20 22:00:57 2015 us=567764   pkcs11_private_mode = 00000000
Tue Oct 20 22:00:57 2015 us=567764   pkcs11_private_mode = 00000000
Tue Oct 20 22:00:57 2015 us=567764   pkcs11_private_mode = 00000000
Tue Oct 20 22:00:57 2015 us=567764   pkcs11_private_mode = 00000000
Tue Oct 20 22:00:57 2015 us=567764   pkcs11_private_mode = 00000000
Tue Oct 20 22:00:57 2015 us=567764   pkcs11_private_mode = 00000000
Tue Oct 20 22:00:57 2015 us=567764   pkcs11_private_mode = 00000000
Tue Oct 20 22:00:57 2015 us=567764   pkcs11_private_mode = 00000000
Tue Oct 20 22:00:57 2015 us=567764   pkcs11_private_mode = 00000000
Tue Oct 20 22:00:57 2015 us=567764   pkcs11_private_mode = 00000000
Tue Oct 20 22:00:57 2015 us=567764   pkcs11_private_mode = 00000000
Tue Oct 20 22:00:57 2015 us=567764   pkcs11_private_mode = 00000000
Tue Oct 20 22:00:57 2015 us=567764   pkcs11_cert_private = DISABLED
Tue Oct 20 22:00:57 2015 us=567764   pkcs11_cert_private = DISABLED
Tue Oct 20 22:00:57 2015 us=567764   pkcs11_cert_private = DISABLED
Tue Oct 20 22:00:57 2015 us=567764   pkcs11_cert_private = DISABLED
Tue Oct 20 22:00:57 2015 us=567764   pkcs11_cert_private = DISABLED
Tue Oct 20 22:00:57 2015 us=568740   pkcs11_cert_private = DISABLED
Tue Oct 20 22:00:57 2015 us=568740   pkcs11_cert_private = DISABLED
Tue Oct 20 22:00:57 2015 us=568740   pkcs11_cert_private = DISABLED
Tue Oct 20 22:00:57 2015 us=568740   pkcs11_cert_private = DISABLED
Tue Oct 20 22:00:57 2015 us=568740   pkcs11_cert_private = DISABLED
Tue Oct 20 22:00:57 2015 us=568740   pkcs11_cert_private = DISABLED
Tue Oct 20 22:00:57 2015 us=568740   pkcs11_cert_private = DISABLED
Tue Oct 20 22:00:57 2015 us=568740   pkcs11_cert_private = DISABLED
Tue Oct 20 22:00:57 2015 us=568740   pkcs11_cert_private = DISABLED
Tue Oct 20 22:00:57 2015 us=568740   pkcs11_cert_private = DISABLED
Tue Oct 20 22:00:57 2015 us=568740   pkcs11_cert_private = DISABLED
Tue Oct 20 22:00:57 2015 us=568740   pkcs11_pin_cache_period = -1
Tue Oct 20 22:00:57 2015 us=568740   pkcs11_id = '[UNDEF]'
Tue Oct 20 22:00:57 2015 us=568740   pkcs11_id_management = DISABLED
Tue Oct 20 22:00:57 2015 us=568740   server_network = 0.0.0.0
Tue Oct 20 22:00:57 2015 us=568740   server_netmask = 0.0.0.0
Tue Oct 20 22:00:57 2015 us=570693   server_network_ipv6 = ::
Tue Oct 20 22:00:57 2015 us=570693   server_netbits_ipv6 = 0
Tue Oct 20 22:00:57 2015 us=570693   server_bridge_ip = 0.0.0.0
Tue Oct 20 22:00:57 2015 us=570693   server_bridge_netmask = 0.0.0.0
Tue Oct 20 22:00:57 2015 us=570693   server_bridge_pool_start = 0.0.0.0
Tue Oct 20 22:00:57 2015 us=570693   server_bridge_pool_end = 0.0.0.0
Tue Oct 20 22:00:57 2015 us=570693   ifconfig_pool_defined = DISABLED
Tue Oct 20 22:00:57 2015 us=570693   ifconfig_pool_start = 0.0.0.0
Tue Oct 20 22:00:57 2015 us=570693   ifconfig_pool_end = 0.0.0.0
Tue Oct 20 22:00:57 2015 us=570693   ifconfig_pool_netmask = 0.0.0.0
Tue Oct 20 22:00:57 2015 us=570693   ifconfig_pool_persist_filename = '[UNDEF]'
Tue Oct 20 22:00:57 2015 us=570693   ifconfig_pool_persist_refresh_freq = 600
Tue Oct 20 22:00:57 2015 us=570693   ifconfig_ipv6_pool_defined = DISABLED
Tue Oct 20 22:00:57 2015 us=570693   ifconfig_ipv6_pool_base = ::
Tue Oct 20 22:00:57 2015 us=570693   ifconfig_ipv6_pool_netbits = 0
Tue Oct 20 22:00:57 2015 us=570693   n_bcast_buf = 256
Tue Oct 20 22:00:57 2015 us=570693   tcp_queue_limit = 64
Tue Oct 20 22:00:57 2015 us=570693   real_hash_size = 256
Tue Oct 20 22:00:57 2015 us=570693   virtual_hash_size = 256
Tue Oct 20 22:00:57 2015 us=570693   client_connect_script = '[UNDEF]'
Tue Oct 20 22:00:57 2015 us=570693   learn_address_script = '[UNDEF]'
Tue Oct 20 22:00:57 2015 us=570693   client_disconnect_script = '[UNDEF]'
Tue Oct 20 22:00:57 2015 us=570693   client_config_dir = '[UNDEF]'
Tue Oct 20 22:00:57 2015 us=570693   ccd_exclusive = DISABLED
Tue Oct 20 22:00:57 2015 us=570693   tmp_dir = 'C:\Users\Benjamin\AppData\Local\Temp\'
Tue Oct 20 22:00:57 2015 us=570693   push_ifconfig_defined = DISABLED
Tue Oct 20 22:00:57 2015 us=570693   push_ifconfig_local = 0.0.0.0
Tue Oct 20 22:00:57 2015 us=570693   push_ifconfig_remote_netmask = 0.0.0.0
Tue Oct 20 22:00:57 2015 us=570693   push_ifconfig_ipv6_defined = DISABLED
Tue Oct 20 22:00:57 2015 us=570693   push_ifconfig_ipv6_local = ::/0
Tue Oct 20 22:00:57 2015 us=570693   push_ifconfig_ipv6_remote = ::
Tue Oct 20 22:00:57 2015 us=570693   enable_c2c = DISABLED
Tue Oct 20 22:00:57 2015 us=570693   duplicate_cn = DISABLED
Tue Oct 20 22:00:57 2015 us=570693   cf_max = 0
Tue Oct 20 22:00:57 2015 us=570693   cf_per = 0
Tue Oct 20 22:00:57 2015 us=571670   max_clients = 1024
Tue Oct 20 22:00:57 2015 us=571670   max_routes_per_client = 256
Tue Oct 20 22:00:57 2015 us=571670   auth_user_pass_verify_script = '[UNDEF]'
Tue Oct 20 22:00:57 2015 us=571670   auth_user_pass_verify_script_via_file = DISABLED
Tue Oct 20 22:00:57 2015 us=571670   client = ENABLED
Tue Oct 20 22:00:57 2015 us=571670   pull = ENABLED
Tue Oct 20 22:00:57 2015 us=571670   auth_user_pass_file = '[UNDEF]'
Tue Oct 20 22:00:57 2015 us=571670   show_net_up = DISABLED
Tue Oct 20 22:00:57 2015 us=571670   route_method = 0
Tue Oct 20 22:00:57 2015 us=571670   ip_win32_defined = DISABLED
Tue Oct 20 22:00:57 2015 us=571670   ip_win32_type = 3
Tue Oct 20 22:00:57 2015 us=571670   dhcp_masq_offset = 0
Tue Oct 20 22:00:57 2015 us=571670   dhcp_lease_time = 31536000
Tue Oct 20 22:00:57 2015 us=571670   tap_sleep = 0
Tue Oct 20 22:00:57 2015 us=571670   dhcp_options = DISABLED
Tue Oct 20 22:00:57 2015 us=571670   dhcp_renew = DISABLED
Tue Oct 20 22:00:57 2015 us=571670   dhcp_pre_release = DISABLED
Tue Oct 20 22:00:57 2015 us=571670   dhcp_release = DISABLED
Tue Oct 20 22:00:57 2015 us=571670   domain = '[UNDEF]'
Tue Oct 20 22:00:57 2015 us=571670   netbios_scope = '[UNDEF]'
Tue Oct 20 22:00:57 2015 us=573627   netbios_node_type = 0
Tue Oct 20 22:00:57 2015 us=573627   disable_nbt = DISABLED
Tue Oct 20 22:00:57 2015 us=573627 OpenVPN 2.3.8 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on Aug  4 2015
Tue Oct 20 22:00:57 2015 us=573627 library versions: OpenSSL 1.0.1p 9 Jul 2015, LZO 2.08
Enter Management Password:
Tue Oct 20 22:00:57 2015 us=574601 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Tue Oct 20 22:00:57 2015 us=574601 Need hold release from management interface, waiting...
Tue Oct 20 22:00:57 2015 us=986704 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Tue Oct 20 22:00:58 2015 us=88266 MANAGEMENT: CMD 'state on'
Tue Oct 20 22:00:58 2015 us=88266 MANAGEMENT: CMD 'log all on'
Tue Oct 20 22:00:58 2015 us=300178 MANAGEMENT: CMD 'hold off'
Tue Oct 20 22:00:58 2015 us=303110 MANAGEMENT: CMD 'hold release'
Tue Oct 20 22:01:02 2015 us=977856 MANAGEMENT: CMD 'password [...]'
Tue Oct 20 22:01:02 2015 us=989577 Control Channel Authentication: using 'ta.key' as a OpenVPN static key file
Tue Oct 20 22:01:02 2015 us=989577 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Tue Oct 20 22:01:02 2015 us=989577 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Tue Oct 20 22:01:02 2015 us=989577 LZO compression initialized
Tue Oct 20 22:01:02 2015 us=990554 Control Channel MTU parms [ L:1602 D:210 EF:110 EB:0 ET:0 EL:3 ]
Tue Oct 20 22:01:02 2015 us=990554 Socket Buffers: R=[65536->65536] S=[65536->65536]
Tue Oct 20 22:01:02 2015 us=990554 MANAGEMENT: >STATE:1445371262,RESOLVE,,,
Tue Oct 20 22:01:03 2015 us=43287 Data Channel MTU parms [ L:1602 D:1450 EF:102 EB:143 ET:0 EL:3 AF:3/1 ]
Tue Oct 20 22:01:03 2015 us=43287 Local Options String: 'V4,dev-type tun,link-mtu 1602,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-client'
Tue Oct 20 22:01:03 2015 us=43287 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1602,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-server'
Tue Oct 20 22:01:03 2015 us=43287 Local Options hash (VER=V4): 'f7a0b966'
Tue Oct 20 22:01:03 2015 us=43287 Expected Remote Options hash (VER=V4): '690b288a'
Tue Oct 20 22:01:03 2015 us=43287 UDPv4 link local (bound): [undef]
Tue Oct 20 22:01:03 2015 us=43287 UDPv4 link remote: [AF_INET]77.180.69.68:9000
Tue Oct 20 22:01:03 2015 us=43287 MANAGEMENT: >STATE:1445371263,WAIT,,,
Tue Oct 20 22:01:03 2015 us=57934 MANAGEMENT: >STATE:1445371263,AUTH,,,
Tue Oct 20 22:01:03 2015 us=58911 TLS: Initial packet from [AF_INET]77.180.69.68:9000, sid=4a350b03 8e880ed7
Tue Oct 20 22:01:04 2015 us=339172 VERIFY OK: xxx
Tue Oct 20 22:01:04 2015 us=340147 VERIFY X509NAME OK: xxx
Tue Oct 20 22:01:04 2015 us=340147 VERIFY OK: xxx
Tue Oct 20 22:01:05 2015 us=560834 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Tue Oct 20 22:01:05 2015 us=560834 Data Channel Encrypt: Using 512 bit message hash 'SHA512' for HMAC authentication
Tue Oct 20 22:01:05 2015 us=560834 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Tue Oct 20 22:01:05 2015 us=560834 Data Channel Decrypt: Using 512 bit message hash 'SHA512' for HMAC authentication
Tue Oct 20 22:01:05 2015 us=560834 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
Tue Oct 20 22:01:05 2015 us=561811 [BenneX Industries] Peer Connection Initiated with [AF_INET]77.xxx.xx.68:9000
Tue Oct 20 22:01:06 2015 us=757108 MANAGEMENT: >STATE:1445371266,GET_CONFIG,,,
Tue Oct 20 22:01:07 2015 us=952408 SENT CONTROL [BenneX Industries]: 'PUSH_REQUEST' (status=1)
Tue Oct 20 22:01:07 2015 us=955339 PUSH: Received control message: 'PUSH_REPLY,route 192.168.178.0 255.255.255.0,route 10.8.0.0 255.255.255.0,route 10.8.0.0 255.255.255.0,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5'
Tue Oct 20 22:01:07 2015 us=955339 OPTIONS IMPORT: timers and/or timeouts modified
Tue Oct 20 22:01:07 2015 us=955339 OPTIONS IMPORT: --ifconfig/up options modified
Tue Oct 20 22:01:07 2015 us=955339 OPTIONS IMPORT: route options modified
Tue Oct 20 22:01:07 2015 us=976822 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Tue Oct 20 22:01:07 2015 us=976822 MANAGEMENT: >STATE:1445371267,ASSIGN_IP,,10.8.0.6,
Tue Oct 20 22:01:07 2015 us=976822 open_tun, tt->ipv6=0
Tue Oct 20 22:01:07 2015 us=978774 TAP-WIN32 device [Ethernet 2] opened: \\.\Global\{4CEDA4E3-87A7-4F79-8386-4A4D581676B3}.tap
Tue Oct 20 22:01:07 2015 us=979764 TAP-Windows Driver Version 9.21 
Tue Oct 20 22:01:07 2015 us=979764 TAP-Windows MTU=1500
Tue Oct 20 22:01:07 2015 us=982683 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.8.0.6/255.255.255.252 on interface {4CEDA4E3-87A7-4F79-8386-4A4D581676B3} [DHCP-serv: 10.8.0.5, lease-time: 31536000]
Tue Oct 20 22:01:07 2015 us=982683 Successful ARP Flush on interface [9] {4CEDA4E3-87A7-4F79-8386-4A4D581676B3}
Tue Oct 20 22:01:13 2015 us=266798 TEST ROUTES: 4/4 succeeded len=3 ret=1 a=0 u/d=up
Tue Oct 20 22:01:13 2015 us=267774 C:\Windows\system32\route.exe ADD 77.xxx..xx.68 MASK 255.255.255.255 192.168.178.1
Tue Oct 20 22:01:13 2015 us=269728 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=10 and dwForwardType=4
Tue Oct 20 22:01:13 2015 us=269728 Route addition via IPAPI succeeded [adaptive]
Tue Oct 20 22:01:13 2015 us=269728 C:\Windows\system32\route.exe DELETE 0.0.0.0 MASK 0.0.0.0 192.168.178.1
Tue Oct 20 22:01:13 2015 us=272658 Route deletion via IPAPI succeeded [adaptive]
Tue Oct 20 22:01:13 2015 us=272658 C:\Windows\system32\route.exe ADD 0.0.0.0 MASK 0.0.0.0 10.8.0.5
Tue Oct 20 22:01:13 2015 us=276564 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=20 and dwForwardType=4
Tue Oct 20 22:01:13 2015 us=276564 Route addition via IPAPI succeeded [adaptive]
Tue Oct 20 22:01:13 2015 us=276564 MANAGEMENT: >STATE:1445371273,ADD_ROUTES,,,
Tue Oct 20 22:01:13 2015 us=276564 C:\Windows\system32\route.exe ADD 192.168.178.0 MASK 255.255.255.0 10.8.0.5
Tue Oct 20 22:01:13 2015 us=303909 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=20 and dwForwardType=4
Tue Oct 20 22:01:13 2015 us=303909 Route addition via IPAPI succeeded [adaptive]
Tue Oct 20 22:01:13 2015 us=303909 C:\Windows\system32\route.exe ADD 10.8.0.0 MASK 255.255.255.0 10.8.0.5
Tue Oct 20 22:01:13 2015 us=348830 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=20 and dwForwardType=4
Tue Oct 20 22:01:13 2015 us=348830 Route addition via IPAPI succeeded [adaptive]
Tue Oct 20 22:01:13 2015 us=348830 C:\Windows\system32\route.exe ADD 10.8.0.0 MASK 255.255.255.0 10.8.0.5
Tue Oct 20 22:01:13 2015 us=356642 ROUTE: route addition failed using CreateIpForwardEntry: Das Objekt ist bereits vorhanden.   [status=5010 if_index=9]
Tue Oct 20 22:01:13 2015 us=356642 Route addition via IPAPI failed [adaptive]
Tue Oct 20 22:01:13 2015 us=356642 Route addition fallback to route.exe
Tue Oct 20 22:01:13 2015 us=356642 env_block: add PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
Tue Oct 20 22:01:13 2015 us=649608 Initialization Sequence Completed
Tue Oct 20 22:01:13 2015 us=649608 MANAGEMENT: >STATE:1445371273,CONNECTED,SUCCESS,10.8.0.6,77.xxx.xx.68
Server

Code: Select all

DS214> openvpn /volume1/Backup/OpenVPNServer/openvpnSERVER.conf
Tue Oct 20 22:06:58 2015 us=823282 Current Parameter Settings:
Tue Oct 20 22:06:58 2015 us=823527   config = '/volume1/Backup/OpenVPNServer/openvpnSERVER.conf'
Tue Oct 20 22:06:58 2015 us=823572   mode = 1
Tue Oct 20 22:06:58 2015 us=823621   persist_config = DISABLED
Tue Oct 20 22:06:58 2015 us=823667   persist_mode = 1
Tue Oct 20 22:06:58 2015 us=823706   show_ciphers = DISABLED
Tue Oct 20 22:06:58 2015 us=823743   show_digests = DISABLED
Tue Oct 20 22:06:58 2015 us=823800   show_engines = DISABLED
Tue Oct 20 22:06:58 2015 us=823844   genkey = DISABLED
Tue Oct 20 22:06:58 2015 us=823886   key_pass_file = '[UNDEF]'
Tue Oct 20 22:06:58 2015 us=823925   show_tls_ciphers = DISABLED
Tue Oct 20 22:06:58 2015 us=823967 Connection profiles [default]:
Tue Oct 20 22:06:58 2015 us=824006   proto = udp
Tue Oct 20 22:06:58 2015 us=824050   local = '[UNDEF]'
Tue Oct 20 22:06:58 2015 us=824089   local_port = 9000
Tue Oct 20 22:06:58 2015 us=824126   remote = '[UNDEF]'
Tue Oct 20 22:06:58 2015 us=824172   remote_port = 9000
Tue Oct 20 22:06:58 2015 us=824214   remote_float = DISABLED
Tue Oct 20 22:06:58 2015 us=824252   bind_defined = DISABLED
Tue Oct 20 22:06:58 2015 us=824295   bind_local = ENABLED
Tue Oct 20 22:06:58 2015 us=824334   connect_retry_seconds = 5
Tue Oct 20 22:06:58 2015 us=824377   connect_timeout = 10
Tue Oct 20 22:06:58 2015 us=824416   connect_retry_max = 0
Tue Oct 20 22:06:58 2015 us=824458   socks_proxy_server = '[UNDEF]'
Tue Oct 20 22:06:58 2015 us=824497   socks_proxy_port = 0
Tue Oct 20 22:06:58 2015 us=824539   socks_proxy_retry = DISABLED
Tue Oct 20 22:06:58 2015 us=824578   tun_mtu = 1500
Tue Oct 20 22:06:58 2015 us=824621   tun_mtu_defined = ENABLED
Tue Oct 20 22:06:58 2015 us=824661   link_mtu = 1500
Tue Oct 20 22:06:58 2015 us=824735   link_mtu_defined = DISABLED
Tue Oct 20 22:06:58 2015 us=824788   tun_mtu_extra = 0
Tue Oct 20 22:06:58 2015 us=824827   tun_mtu_extra_defined = DISABLED
Tue Oct 20 22:06:58 2015 us=824866   mtu_discover_type = -1
Tue Oct 20 22:06:58 2015 us=824903   fragment = 0
Tue Oct 20 22:06:58 2015 us=824951   mssfix = 1450
Tue Oct 20 22:06:58 2015 us=824990   explicit_exit_notification = 0
Tue Oct 20 22:06:58 2015 us=825044 Connection profiles END
Tue Oct 20 22:06:58 2015 us=825087   remote_random = DISABLED
Tue Oct 20 22:06:58 2015 us=825130   ipchange = '[UNDEF]'
Tue Oct 20 22:06:58 2015 us=825168   dev = 'tun'
Tue Oct 20 22:06:58 2015 us=825211   dev_type = '[UNDEF]'
Tue Oct 20 22:06:58 2015 us=825248   dev_node = '[UNDEF]'
Tue Oct 20 22:06:58 2015 us=825286   lladdr = '[UNDEF]'
Tue Oct 20 22:06:58 2015 us=825328   topology = 1
Tue Oct 20 22:06:58 2015 us=825366   tun_ipv6 = DISABLED
Tue Oct 20 22:06:58 2015 us=825409   ifconfig_local = '10.8.0.1'
Tue Oct 20 22:06:58 2015 us=825448   ifconfig_remote_netmask = '10.8.0.2'
Tue Oct 20 22:06:58 2015 us=825485   ifconfig_noexec = DISABLED
Tue Oct 20 22:06:58 2015 us=825528   ifconfig_nowarn = DISABLED
Tue Oct 20 22:06:58 2015 us=825566   ifconfig_ipv6_local = '[UNDEF]'
Tue Oct 20 22:06:58 2015 us=825611   ifconfig_ipv6_netbits = 0
Tue Oct 20 22:06:58 2015 us=825654   ifconfig_ipv6_remote = '[UNDEF]'
Tue Oct 20 22:06:58 2015 us=825692   shaper = 0
Tue Oct 20 22:06:58 2015 us=825729   mtu_test = 0
Tue Oct 20 22:06:58 2015 us=825771   mlock = DISABLED
Tue Oct 20 22:06:58 2015 us=825809   keepalive_ping = 10
Tue Oct 20 22:06:58 2015 us=825853   keepalive_timeout = 120
Tue Oct 20 22:06:58 2015 us=825895   inactivity_timeout = 0
Tue Oct 20 22:06:58 2015 us=825934   ping_send_timeout = 10
Tue Oct 20 22:06:58 2015 us=825971   ping_rec_timeout = 240
Tue Oct 20 22:06:58 2015 us=826016   ping_rec_timeout_action = 2
Tue Oct 20 22:06:58 2015 us=826054   ping_timer_remote = DISABLED
Tue Oct 20 22:06:58 2015 us=826096   remap_sigusr1 = 0
Tue Oct 20 22:06:58 2015 us=826138   persist_tun = ENABLED
Tue Oct 20 22:06:58 2015 us=826177   persist_local_ip = DISABLED
Tue Oct 20 22:06:58 2015 us=826213   persist_remote_ip = DISABLED
Tue Oct 20 22:06:58 2015 us=826256   persist_key = ENABLED
Tue Oct 20 22:06:58 2015 us=826294   passtos = DISABLED
Tue Oct 20 22:06:58 2015 us=826338   resolve_retry_seconds = 1000000000
Tue Oct 20 22:06:58 2015 us=826380   username = 'nobody'
Tue Oct 20 22:06:58 2015 us=826418   groupname = 'nobody'
Tue Oct 20 22:06:58 2015 us=826456   chroot_dir = '[UNDEF]'
Tue Oct 20 22:06:58 2015 us=826497   cd_dir = '[UNDEF]'
Tue Oct 20 22:06:58 2015 us=826535   writepid = '[UNDEF]'
Tue Oct 20 22:06:58 2015 us=826579   up_script = '[UNDEF]'
Tue Oct 20 22:06:58 2015 us=826620   down_script = '[UNDEF]'
Tue Oct 20 22:06:58 2015 us=826658   down_pre = DISABLED
Tue Oct 20 22:06:58 2015 us=826702   up_restart = DISABLED
Tue Oct 20 22:06:58 2015 us=826743   up_delay = DISABLED
Tue Oct 20 22:06:58 2015 us=826781   daemon = DISABLED
Tue Oct 20 22:06:58 2015 us=826823   inetd = 0
Tue Oct 20 22:06:58 2015 us=826861   log = DISABLED
Tue Oct 20 22:06:58 2015 us=826905   suppress_timestamps = DISABLED
Tue Oct 20 22:06:58 2015 us=826947   nice = 0
Tue Oct 20 22:06:58 2015 us=826985   verbosity = 4
Tue Oct 20 22:06:58 2015 us=827022   mute = 0
Tue Oct 20 22:06:58 2015 us=827066   gremlin = 0
Tue Oct 20 22:06:58 2015 us=827108   status_file = '/volume1/Backup/OpenVPNServer/openvpn-Status.log'
Tue Oct 20 22:06:58 2015 us=827148   status_file_version = 1
Tue Oct 20 22:06:58 2015 us=827190   status_file_update_freq = 60
Tue Oct 20 22:06:58 2015 us=827228   occ = ENABLED
Tue Oct 20 22:06:58 2015 us=827273   rcvbuf = 65536
Tue Oct 20 22:06:58 2015 us=827310   sndbuf = 65536
Tue Oct 20 22:06:58 2015 us=827352   mark = 0
Tue Oct 20 22:06:58 2015 us=827390   sockflags = 0
Tue Oct 20 22:06:58 2015 us=827432   fast_io = DISABLED
Tue Oct 20 22:06:58 2015 us=827470   lzo = 7
Tue Oct 20 22:06:58 2015 us=827518   route_script = '[UNDEF]'
Tue Oct 20 22:06:58 2015 us=827556   route_default_gateway = '[UNDEF]'
Tue Oct 20 22:06:58 2015 us=827606   route_default_metric = 0
Tue Oct 20 22:06:58 2015 us=827655   route_noexec = DISABLED
Tue Oct 20 22:06:58 2015 us=827701   route_delay = 0
Tue Oct 20 22:06:58 2015 us=827744   route_delay_window = 30
Tue Oct 20 22:06:58 2015 us=827784   route_delay_defined = DISABLED
Tue Oct 20 22:06:58 2015 us=827823   route_nopull = DISABLED
Tue Oct 20 22:06:58 2015 us=827873   route_gateway_via_dhcp = DISABLED
Tue Oct 20 22:06:58 2015 us=827914   max_routes = 100
Tue Oct 20 22:06:58 2015 us=827958   allow_pull_fqdn = DISABLED
Tue Oct 20 22:06:58 2015 us=828017   route 10.8.0.0/255.255.255.0/nil/nil
Tue Oct 20 22:06:58 2015 us=828071   management_addr = '[UNDEF]'
Tue Oct 20 22:06:58 2015 us=828114   management_port = 0
Tue Oct 20 22:06:58 2015 us=828154   management_user_pass = '[UNDEF]'
Tue Oct 20 22:06:58 2015 us=828198   management_log_history_cache = 250
Tue Oct 20 22:06:58 2015 us=828239   management_echo_buffer_size = 100
Tue Oct 20 22:06:58 2015 us=828285   management_write_peer_info_file = '[UNDEF]'
Tue Oct 20 22:06:58 2015 us=828330   management_client_user = '[UNDEF]'
Tue Oct 20 22:06:58 2015 us=828370   management_client_group = '[UNDEF]'
Tue Oct 20 22:06:58 2015 us=828410   management_flags = 0
Tue Oct 20 22:06:58 2015 us=828449   shared_secret_file = '[UNDEF]'
Tue Oct 20 22:06:58 2015 us=828489   key_direction = 0
Tue Oct 20 22:06:58 2015 us=828527   ciphername_defined = ENABLED
Tue Oct 20 22:06:58 2015 us=828567   ciphername = 'AES-256-CBC'
Tue Oct 20 22:06:58 2015 us=828606   authname_defined = ENABLED
Tue Oct 20 22:06:58 2015 us=828645   authname = 'RSA-SHA512'
Tue Oct 20 22:06:58 2015 us=828683   prng_hash = 'sha512'
Tue Oct 20 22:06:58 2015 us=828734   prng_nonce_secret_len = 16
Tue Oct 20 22:06:58 2015 us=828774   keysize = 0
Tue Oct 20 22:06:58 2015 us=828818   engine = DISABLED
Tue Oct 20 22:06:58 2015 us=828858   replay = ENABLED
Tue Oct 20 22:06:58 2015 us=828896   mute_replay_warnings = DISABLED
Tue Oct 20 22:06:58 2015 us=828940   replay_window = 64
Tue Oct 20 22:06:58 2015 us=828979   replay_time = 15
Tue Oct 20 22:06:58 2015 us=829023   packet_id_file = '[UNDEF]'
Tue Oct 20 22:06:58 2015 us=829067   use_iv = ENABLED
Tue Oct 20 22:06:58 2015 us=829107   test_crypto = DISABLED
Tue Oct 20 22:06:58 2015 us=829151   tls_server = ENABLED
Tue Oct 20 22:06:58 2015 us=829191   tls_client = DISABLED
Tue Oct 20 22:06:58 2015 us=829236   key_method = 2
Tue Oct 20 22:06:58 2015 us=829280   ca_file = '/var/packages/VPNCenter/etc/openvpn/keys/ca.crt'
Tue Oct 20 22:06:58 2015 us=829320   ca_path = '[UNDEF]'
Tue Oct 20 22:06:58 2015 us=829364   dh_file = '/var/packages/VPNCenter/etc/openvpn/keys/dh4096.pem'
Tue Oct 20 22:06:58 2015 us=829406   cert_file = '/var/packages/VPNCenter/etc/openvpn/keys/DS214.crt'
Tue Oct 20 22:06:58 2015 us=829446   priv_key_file = '/var/packages/VPNCenter/etc/openvpn/keys/DS214.key'
Tue Oct 20 22:06:58 2015 us=829491   pkcs12_file = '[UNDEF]'
Tue Oct 20 22:06:58 2015 us=829531   cipher_list = 'TLS-DHE-RSA-WITH-AES-256-GCM-SHA384'
Tue Oct 20 22:06:58 2015 us=829577   tls_verify = '[UNDEF]'
Tue Oct 20 22:06:58 2015 us=829620   tls_export_cert = '[UNDEF]'
Tue Oct 20 22:06:58 2015 us=829660   verify_x509_type = 0
Tue Oct 20 22:06:58 2015 us=829704   verify_x509_name = '[UNDEF]'
Tue Oct 20 22:06:58 2015 us=829745   crl_file = '[UNDEF]'
Tue Oct 20 22:06:58 2015 us=829791   ns_cert_type = 0
Tue Oct 20 22:06:58 2015 us=829836   remote_cert_ku[i] = 0
Tue Oct 20 22:06:58 2015 us=829876   remote_cert_ku[i] = 0
Tue Oct 20 22:06:58 2015 us=829920   remote_cert_ku[i] = 0
Tue Oct 20 22:06:58 2015 us=829960   remote_cert_ku[i] = 0
Tue Oct 20 22:06:58 2015 us=830004   remote_cert_ku[i] = 0
Tue Oct 20 22:06:58 2015 us=830045   remote_cert_ku[i] = 0
Tue Oct 20 22:06:58 2015 us=830091   remote_cert_ku[i] = 0
Tue Oct 20 22:06:58 2015 us=830133   remote_cert_ku[i] = 0
Tue Oct 20 22:06:58 2015 us=830173   remote_cert_ku[i] = 0
Tue Oct 20 22:06:58 2015 us=830217   remote_cert_ku[i] = 0
Tue Oct 20 22:06:58 2015 us=830260   remote_cert_ku[i] = 0
Tue Oct 20 22:06:58 2015 us=830300   remote_cert_ku[i] = 0
Tue Oct 20 22:06:58 2015 us=830344   remote_cert_ku[i] = 0
Tue Oct 20 22:06:58 2015 us=830384   remote_cert_ku[i] = 0
Tue Oct 20 22:06:58 2015 us=830422   remote_cert_ku[i] = 0
Tue Oct 20 22:06:58 2015 us=830466   remote_cert_ku[i] = 0
Tue Oct 20 22:06:58 2015 us=830505   remote_cert_eku = '[UNDEF]'
Tue Oct 20 22:06:58 2015 us=830551   ssl_flags = 192
Tue Oct 20 22:06:58 2015 us=830595   tls_timeout = 2
Tue Oct 20 22:06:58 2015 us=830635   renegotiate_bytes = 0
Tue Oct 20 22:06:58 2015 us=830678   renegotiate_packets = 0
Tue Oct 20 22:06:58 2015 us=830719   renegotiate_seconds = 300
Tue Oct 20 22:06:58 2015 us=830757   handshake_window = 60
Tue Oct 20 22:06:58 2015 us=830799   transition_window = 3600
Tue Oct 20 22:06:58 2015 us=830837   single_session = DISABLED
Tue Oct 20 22:06:58 2015 us=830882   push_peer_info = DISABLED
Tue Oct 20 22:06:58 2015 us=830925   tls_exit = DISABLED
Tue Oct 20 22:06:58 2015 us=830964   tls_auth_file = '/var/packages/VPNCenter/etc/openvpn/keys/ta.key'
Tue Oct 20 22:06:58 2015 us=831016   server_network = 10.8.0.0
Tue Oct 20 22:06:58 2015 us=831063   server_netmask = 255.255.255.0
Tue Oct 20 22:06:58 2015 us=831123   server_network_ipv6 = ::
Tue Oct 20 22:06:58 2015 us=831166   server_netbits_ipv6 = 0
Tue Oct 20 22:06:58 2015 us=831213   server_bridge_ip = 0.0.0.0
Tue Oct 20 22:06:58 2015 us=831257   server_bridge_netmask = 0.0.0.0
Tue Oct 20 22:06:58 2015 us=831307   server_bridge_pool_start = 0.0.0.0
Tue Oct 20 22:06:58 2015 us=831352   server_bridge_pool_end = 0.0.0.0
Tue Oct 20 22:06:58 2015 us=831398   push_entry = 'route 192.168.178.0 255.255.255.0'
Tue Oct 20 22:06:58 2015 us=831440   push_entry = 'route 10.8.0.0 255.255.255.0'
Tue Oct 20 22:06:58 2015 us=831479   push_entry = 'route 10.8.0.0 255.255.255.0'
Tue Oct 20 22:06:58 2015 us=831524   push_entry = 'topology net30'
Tue Oct 20 22:06:58 2015 us=831568   push_entry = 'ping 10'
Tue Oct 20 22:06:58 2015 us=831607   push_entry = 'ping-restart 120'
Tue Oct 20 22:06:58 2015 us=831651   ifconfig_pool_defined = ENABLED
Tue Oct 20 22:06:58 2015 us=831697   ifconfig_pool_start = 10.8.0.4
Tue Oct 20 22:06:58 2015 us=831747   ifconfig_pool_end = 10.8.0.251
Tue Oct 20 22:06:58 2015 us=831791   ifconfig_pool_netmask = 0.0.0.0
Tue Oct 20 22:06:58 2015 us=831838   ifconfig_pool_persist_filename = '[UNDEF]'
Tue Oct 20 22:06:58 2015 us=831884   ifconfig_pool_persist_refresh_freq = 600
Tue Oct 20 22:06:58 2015 us=831923   ifconfig_ipv6_pool_defined = DISABLED
Tue Oct 20 22:06:58 2015 us=831971   ifconfig_ipv6_pool_base = ::
Tue Oct 20 22:06:58 2015 us=832012   ifconfig_ipv6_pool_netbits = 0
Tue Oct 20 22:06:58 2015 us=832056   n_bcast_buf = 256
Tue Oct 20 22:06:58 2015 us=832096   tcp_queue_limit = 64
Tue Oct 20 22:06:58 2015 us=832142   real_hash_size = 256
Tue Oct 20 22:06:58 2015 us=832185   virtual_hash_size = 256
Tue Oct 20 22:06:58 2015 us=832224   client_connect_script = '[UNDEF]'
Tue Oct 20 22:06:58 2015 us=832268   learn_address_script = '[UNDEF]'
Tue Oct 20 22:06:58 2015 us=832308   client_disconnect_script = '[UNDEF]'
Tue Oct 20 22:06:58 2015 us=832347   client_config_dir = '[UNDEF]'
Tue Oct 20 22:06:58 2015 us=832391   ccd_exclusive = DISABLED
Tue Oct 20 22:06:58 2015 us=832431   tmp_dir = '/tmp'
Tue Oct 20 22:06:58 2015 us=832476   push_ifconfig_defined = DISABLED
Tue Oct 20 22:06:58 2015 us=832525   push_ifconfig_local = 0.0.0.0
Tue Oct 20 22:06:58 2015 us=832569   push_ifconfig_remote_netmask = 0.0.0.0
Tue Oct 20 22:06:58 2015 us=832613   push_ifconfig_ipv6_defined = DISABLED
Tue Oct 20 22:06:58 2015 us=832656   push_ifconfig_ipv6_local = ::/0
Tue Oct 20 22:06:58 2015 us=832703   push_ifconfig_ipv6_remote = ::
Tue Oct 20 22:06:58 2015 us=832744   enable_c2c = ENABLED
Tue Oct 20 22:06:58 2015 us=832789   duplicate_cn = DISABLED
Tue Oct 20 22:06:58 2015 us=832833   cf_max = 0
Tue Oct 20 22:06:58 2015 us=832873   cf_per = 0
Tue Oct 20 22:06:58 2015 us=832917   max_clients = 5
Tue Oct 20 22:06:58 2015 us=832957   max_routes_per_client = 256
Tue Oct 20 22:06:58 2015 us=833002   auth_user_pass_verify_script = '[UNDEF]'
Tue Oct 20 22:06:58 2015 us=833043   auth_user_pass_verify_script_via_file = DISABLED
Tue Oct 20 22:06:58 2015 us=833089   port_share_host = '[UNDEF]'
Tue Oct 20 22:06:58 2015 us=833134   port_share_port = 0
Tue Oct 20 22:06:58 2015 us=833173   client = DISABLED
Tue Oct 20 22:06:58 2015 us=833216   pull = DISABLED
Tue Oct 20 22:06:58 2015 us=833256   auth_user_pass_file = '[UNDEF]'
Tue Oct 20 22:06:58 2015 us=833306 OpenVPN 2.3.6 armle-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Jun 13 2015
Tue Oct 20 22:06:58 2015 us=833379 library versions: OpenSSL 1.0.1p-fips 9 Jul 2015, LZO 2.08
Tue Oct 20 22:06:59 2015 us=886911 Diffie-Hellman initialized with 4096 bit key
Enter Private Key Password:
Tue Oct 20 22:07:04 2015 us=277260 WARNING: file '/var/packages/VPNCenter/etc/openvpn/keys/DS214.key' is group or others accessible
Tue Oct 20 22:07:04 2015 us=279051 WARNING: file '/var/packages/VPNCenter/etc/openvpn/keys/ta.key' is group or others accessible
Tue Oct 20 22:07:04 2015 us=279115 Control Channel Authentication: using '/var/packages/VPNCenter/etc/openvpn/keys/ta.key' as a OpenVPN static key file
Tue Oct 20 22:07:04 2015 us=279312 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Tue Oct 20 22:07:04 2015 us=279425 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Tue Oct 20 22:07:04 2015 us=279514 TLS-Auth MTU parms [ L:1602 D:210 EF:110 EB:0 ET:0 EL:0 ]
Tue Oct 20 22:07:04 2015 us=279627 Socket Buffers: R=[163840->131072] S=[163840->131072]
Tue Oct 20 22:07:04 2015 us=280031 ROUTE_GATEWAY 192.168.178.1/255.255.255.0 IFACE=eth0 HWADDR=00:11:32:27:e7:3f
Tue Oct 20 22:07:04 2015 us=280914 TUN/TAP device tun0 opened
Tue Oct 20 22:07:04 2015 us=281170 TUN/TAP TX queue length set to 100
Tue Oct 20 22:07:04 2015 us=281374 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Tue Oct 20 22:07:04 2015 us=281613 /sbin/ifconfig tun0 10.8.0.1 pointopoint 10.8.0.2 mtu 1500
Tue Oct 20 22:07:04 2015 us=291604 /sbin/route add -net 10.8.0.0 netmask 255.255.255.0 gw 10.8.0.2
Tue Oct 20 22:07:04 2015 us=300808 Data Channel MTU parms [ L:1602 D:1450 EF:102 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Oct 20 22:07:04 2015 us=301750 GID set to nobody
Tue Oct 20 22:07:04 2015 us=301814 UID set to nobody
Tue Oct 20 22:07:04 2015 us=301852 UDPv4 link local (bound): [undef]
Tue Oct 20 22:07:04 2015 us=301886 UDPv4 link remote: [undef]
Tue Oct 20 22:07:04 2015 us=301946 MULTI: multi_init called, r=256 v=256
Tue Oct 20 22:07:04 2015 us=302170 IFCONFIG POOL: base=10.8.0.4 size=62, ipv6=0
Tue Oct 20 22:07:04 2015 us=302281 Initialization Sequence Completed
Tue Oct 20 22:07:46 2015 us=611426 MULTI: multi_create_instance called
Tue Oct 20 22:07:46 2015 us=611563 77.xxx.xx.68:1194 Re-using SSL/TLS context
Tue Oct 20 22:07:46 2015 us=611633 77.xxx.xx.68:1194 LZO compression initialized
Tue Oct 20 22:07:46 2015 us=612081 77.xxx.xx.68:1194 Control Channel MTU parms [ L:1602 D:210 EF:110 EB:0 ET:0 EL:0 ]
Tue Oct 20 22:07:46 2015 us=612124 77.xxx.xx.68:1194 Data Channel MTU parms [ L:1602 D:1450 EF:102 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Oct 20 22:07:46 2015 us=612236 77.xxx.xx.68:1194 Local Options String: 'V4,dev-type tun,link-mtu 1602,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-server'
Tue Oct 20 22:07:46 2015 us=612265 77.xxx.xx.68:1194 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1602,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-client'
Tue Oct 20 22:07:46 2015 us=612340 77.xxx.xx.68:1194 Local Options hash (VER=V4): '690b288a'
Tue Oct 20 22:07:46 2015 us=612397 77.xxx.xx.68:1194 Expected Remote Options hash (VER=V4): 'f7a0b966'
Tue Oct 20 22:07:46 2015 us=612554 77.xxx.xx.68:1194 TLS: Initial packet from [AF_INET]77.180.69.68:1194, sid=8e4fc08f f6fe9f5f
Tue Oct 20 22:07:48 2015 us=112339 77.xxx.xx.68:1194 VERIFY OK: x
Tue Oct 20 22:07:48 2015 us=117580 77.xxx.xx.68:1194 VERIFY OK: x
Tue Oct 20 22:07:49 2015 us=71361 77.xxx.xx.68:1194 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Tue Oct 20 22:07:49 2015 us=71501 77.xxx.xx.68:1194 Data Channel Encrypt: Using 512 bit message hash 'SHA512' for HMAC authentication
Tue Oct 20 22:07:49 2015 us=71606 77.xxx.xx.68:1194 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Tue Oct 20 22:07:49 2015 us=71739 77.xxx.xx.68:1194 Data Channel Decrypt: Using 512 bit message hash 'SHA512' for HMAC authentication
Tue Oct 20 22:07:49 2015 us=74333 77.xxx.xx.68:1194 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
Tue Oct 20 22:07:49 2015 us=74426 77.xxx.xx.68:1194 [UserOpenVPN] Peer Connection Initiated with [AF_INET]77.180.69.68:1194
Tue Oct 20 22:07:49 2015 us=74572 UserOpenVPN/77.xxx.xx.68:1194 MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=(Not enabled)
Tue Oct 20 22:07:49 2015 us=74766 UserOpenVPN/77.xxx.xx.68:1194 MULTI: Learn: 10.8.0.6 -> UserOpenVPN/77.180.69.68:1194
Tue Oct 20 22:07:49 2015 us=74824 UserOpenVPN/77.xxx.xx.68:1194 MULTI: primary virtual IP for UserOpenVPN/77.180.69.68:1194: 10.8.0.6
Tue Oct 20 22:07:51 2015 us=82085 UserOpenVPN/77.xxx.xx.68:1194 PUSH: Received control message: 'PUSH_REQUEST'
Tue Oct 20 22:07:51 2015 us=82151 UserOpenVPN/77.xxx.xx.68:1194 send_push_reply(): safe_cap=940
Tue Oct 20 22:07:51 2015 us=82242 UserOpenVPN/77.xxx.xx.68:1194 SENT CONTROL [UserOpenVPN]: 'PUSH_REPLY,route 192.168.178.0 255.255.255.0,route 10.8.0.0 255.255.255.0,route 10.8.0.0 255.255.255.0,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' (status=1)
Tue Oct 20 22:07:51 2015 us=413121 UserOpenVPN/77.xxx.xx.68:1194 MULTI: bad source address from client [::], packet dropped
Thanks!
Top
User avatar
Traffic
OpenVPN Protagonist
Posts: 4066
Joined: Sat Aug 09, 2014 11:24 am

Re: Client - gateway: Can't reach network behind or internet

Post by Traffic » Wed Oct 21, 2015 10:57 am

BenneX wrote:I am at the progress to configure OpenVPN on my Synology Diskstation DS214+
BenneX wrote:I get the following error:
Code:
DS214> iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
iptables v1.4.21: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
I suggest you report this to Synology for help.
Top
BenneX
OpenVpn Newbie
Posts: 4
Joined: Mon Oct 19, 2015 8:20 pm

Re: Client - gateway: Can't reach network behind or internet

Post by BenneX » Fri Oct 23, 2015 4:51 pm

Okay, but wouldn't this just fix the problem with the not working internet connection on the clients?
What about the not reachable machines behind the server?

Greeting
Benjamin
Top
BenneX
OpenVpn Newbie
Posts: 4
Joined: Mon Oct 19, 2015 8:20 pm

Re: Client - gateway: Can't reach network behind or internet

Post by BenneX » Tue Oct 27, 2015 4:11 pm

Hello,

there were a lot of modules missing on the Diskstation.
Here is the solution to run openvpn by hand on a Synology Diskstation:

First of all we need to activate IP Forwarding if you want to connect machines behind the server.

Code: Select all

echo 1 > /proc/sys/net/ipv4/ip_forward
If it does not exists, we have to create the nat device

Code: Select all

mkdir -m 755 /dev/net
mknod /dev/net/tun c 10 200
Now we have to load all needed modules into the kernel

Code: Select all

insmod /lib/module/*****MODULNAME*****

Code: Select all

x_tables.ko ip_tables.ko iptable_filter.ko nf_conntrack.ko nf_defrag_ipv4.ko nf_conntrack_ipv4.ko nf_nat.ko
iptable_nat.ko ipt_REDIRECT.ko xt_multiport.ko xt_tcpudp.ko xt_state.ko ipt_MASQUERADE.ko tun.ko
If we want to use the redirect-gateway option we have to forward packages into the internet with

Code: Select all

iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
now you can run OpenVPN.

Greetings.
Top
Post Reply

Return to “Configuration”