[Solved] Openvp fails to access server when started as a service CentOS

This forum is for general conversation and user-user networking.
Locked
darkwind
OpenVPN User
Posts: 11
Joined: Thu Jun 09, 2016 11:10 am

[Solved] Openvp fails to access server when started as a service CentOS

Post by darkwind » Thu Jun 09, 2016 11:20 am

Hi,

I am running CentOS 6.7 with openvpn 2.2.2

I face the following weird problem, that I cannot figure out why it happens.

When I start the client as root-user over the command line with

Code: Select all

/usr/sbin/openvpn --daemon openvpn-client --writepid /run/openvpn/client.pid --config /etc/openvpn/client.conf --script-security 2 --log-append /var/log/openvpn.log --cd /etc/openvpn/
it connects right a way and works like charm.

But when I run the same line started from the service script also as root-user

Code: Select all

service start openvpn
it does not connect. The logfile writes the following line over and over again:

Code: Select all

TCP: connect to xxx.xxx.xxx.xxx:port failed, will try again in 5 seconds: Permission denied
Which permission is denied? I cannot find anything about this behavior. Please help me.
This problem is ticking me off.

Cheers,
Alex

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 3243
Joined: Fri Jun 03, 2016 1:17 pm

Re: Openvpn client fails to access server when started as a service

Post by TinCanTech » Thu Jun 09, 2016 1:18 pm

Do you have only one client.conf file or do you have other *.conf files in /etc/openvpn ?

Please post the conf file and your complete log file

darkwind
OpenVPN User
Posts: 11
Joined: Thu Jun 09, 2016 11:10 am

Re: Openvpn client fails to access server when started as a service

Post by darkwind » Thu Jun 09, 2016 1:39 pm

I only have one client.conf
it looks like that.

Code: Select all

client
remote vpn.nxxxxxxxxxxxm.de
port 2443
proto tcp
dev tun
comp-lzo
remote-cert-tls server
ca /etc/openvpn/ca.crt
cert client.crt
key client.key
I also used --verb 11 parameter, so the log is a bit noisy.

Code: Select all

Thu Jun  9 15:16:56 2016 OpenVPN 2.2.2 x86_64-unknown-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [eurephia] built on Apr  5 2012
Thu Jun  9 15:16:56 2016 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Thu Jun  9 15:16:56 2016 LZO compression initialized
Thu Jun  9 15:16:56 2016 Attempting to establish TCP connection with 130.xxx.xxx.xxx:2443 [nonblock]
Thu Jun  9 15:16:56 2016 TCP: connect to 130.xxx.xxx.xxx:2443 failed, will try again in 5 seconds: Permission denied
Thu Jun  9 15:17:01 2016 TCP: connect to 130.xxx.xxx.xxx:2443 failed, will try again in 5 seconds: Permission denied
Thu Jun  9 15:17:06 2016 TCP: connect to 130.xxx.xxx.xxx:2443 failed, will try again in 5 seconds: Permission denied
Thu Jun  9 15:17:11 2016 TCP: connect to 130.xxx.xxx.xxx:2443 failed, will try again in 5 seconds: Permission denied
Thu Jun  9 15:17:16 2016 TCP: connect to 130.xxx.xxx.xxx:2443 failed, will try again in 5 seconds: Permission denied
Thu Jun  9 15:17:21 2016 TCP: connect to 130.xxx.xxx.xxx:2443 failed, will try again in 5 seconds: Permission denied
Thu Jun  9 15:17:26 2016 TCP: connect to 130.xxx.xxx.xxx:2443 failed, will try again in 5 seconds: Permission denied
Thu Jun  9 15:17:26 2016 SIGTERM[hard,init_instance] received, process exiting
This was the log, when started as a service. I terminated this after 30 seconds.

Next is the log, when started directly from the command line.

Code: Select all

Thu Jun  9 15:37:24 2016 OpenVPN 2.2.2 x86_64-unknown-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [eurephia] built on Apr  5 2012
Thu Jun  9 15:37:24 2016 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Thu Jun  9 15:37:24 2016 LZO compression initialized
Thu Jun  9 15:37:24 2016 Attempting to establish TCP connection with 130.xxx.xxx.xxx:2443 [nonblock]
Thu Jun  9 15:37:25 2016 TCP connection established with 130.xxx.xxx.xxx:2443
Thu Jun  9 15:37:25 2016 TCPv4_CLIENT link local: [undef]
Thu Jun  9 15:37:25 2016 TCPv4_CLIENT link remote: 130.xxx.xxx.xxx:2443
Thu Jun  9 15:37:26 2016 [vpn.nxxxxxxxxxxxm.de] Peer Connection Initiated with 130.xxx.xxx.xxx:2443
Thu Jun  9 15:37:28 2016 TUN/TAP device tun0 opened
Thu Jun  9 15:37:28 2016 /sbin/ip link set dev tun0 up mtu 1500
Thu Jun  9 15:37:28 2016 /sbin/ip addr add dev tun0 local 10.181.179.6 peer 10.181.179.5
Thu Jun  9 15:37:28 2016 Initialization Sequence Completed
The connection got established right away.

What I try to achieve is that the vpn-connection is build after the network is up on boot time.

I hope you can make something up from that. Thank you very much for taking your time. It is highly appreciated.

Cheers,
Alex

darkwind
OpenVPN User
Posts: 11
Joined: Thu Jun 09, 2016 11:10 am

Re: Openvpn client fails to access server when started as a service

Post by darkwind » Thu Jun 09, 2016 2:47 pm

I just realized that the log wasn't created with --verb 11 parameter

So here it is when it fails when started as a service

Code: Select all

Thu Jun  9 16:38:02 2016 us=203144 Current Parameter Settings:
Thu Jun  9 16:38:02 2016 us=203295   config = '/etc/openvpn/client.conf'
Thu Jun  9 16:38:02 2016 us=203318   mode = 0
Thu Jun  9 16:38:02 2016 us=203349   persist_config = DISABLED
Thu Jun  9 16:38:02 2016 us=203366   persist_mode = 1
Thu Jun  9 16:38:02 2016 us=203382   show_ciphers = DISABLED
Thu Jun  9 16:38:02 2016 us=203398   show_digests = DISABLED
Thu Jun  9 16:38:02 2016 us=203424   show_engines = DISABLED
Thu Jun  9 16:38:02 2016 us=203451   genkey = DISABLED
Thu Jun  9 16:38:02 2016 us=203468   key_pass_file = '[UNDEF]'
Thu Jun  9 16:38:02 2016 us=203483   show_tls_ciphers = DISABLED
Thu Jun  9 16:38:02 2016 us=203497 Connection profiles [default]:
Thu Jun  9 16:38:02 2016 us=203513   proto = tcp-client
Thu Jun  9 16:38:02 2016 us=203528   local = '[UNDEF]'
Thu Jun  9 16:38:02 2016 us=203542   local_port = 0
Thu Jun  9 16:38:02 2016 us=203557   remote = 'vpn.nxxxxxxxm.de'
Thu Jun  9 16:38:02 2016 us=203572   remote_port = 2443
Thu Jun  9 16:38:02 2016 us=203588   remote_float = DISABLED
Thu Jun  9 16:38:02 2016 us=203602   bind_defined = DISABLED
Thu Jun  9 16:38:02 2016 us=203617   bind_local = DISABLED
Thu Jun  9 16:38:02 2016 us=203633   connect_retry_seconds = 5
Thu Jun  9 16:38:02 2016 us=203648   connect_timeout = 10
Thu Jun  9 16:38:02 2016 us=203664   connect_retry_max = 0
Thu Jun  9 16:38:02 2016 us=203680   socks_proxy_server = '[UNDEF]'
Thu Jun  9 16:38:02 2016 us=203695   socks_proxy_port = 0
Thu Jun  9 16:38:02 2016 us=203710   socks_proxy_retry = DISABLED
Thu Jun  9 16:38:02 2016 us=203727 Connection profiles END
Thu Jun  9 16:38:02 2016 us=203741   remote_random = DISABLED
Thu Jun  9 16:38:02 2016 us=203755   ipchange = '[UNDEF]'
Thu Jun  9 16:38:02 2016 us=203770   dev = 'tun'
Thu Jun  9 16:38:02 2016 us=203785   dev_type = '[UNDEF]'
Thu Jun  9 16:38:02 2016 us=203799   dev_node = '[UNDEF]'
Thu Jun  9 16:38:02 2016 us=203814   lladdr = '[UNDEF]'
Thu Jun  9 16:38:02 2016 us=203829   topology = 1
Thu Jun  9 16:38:02 2016 us=203844   tun_ipv6 = DISABLED
Thu Jun  9 16:38:02 2016 us=203858   ifconfig_local = '[UNDEF]'
Thu Jun  9 16:38:02 2016 us=203873   ifconfig_remote_netmask = '[UNDEF]'
Thu Jun  9 16:38:02 2016 us=203889   ifconfig_noexec = DISABLED
Thu Jun  9 16:38:02 2016 us=203906   ifconfig_nowarn = DISABLED
Thu Jun  9 16:38:02 2016 us=203921   shaper = 0
Thu Jun  9 16:38:02 2016 us=203936   tun_mtu = 1500
Thu Jun  9 16:38:02 2016 us=203950   tun_mtu_defined = ENABLED
Thu Jun  9 16:38:02 2016 us=203965   link_mtu = 1500
Thu Jun  9 16:38:02 2016 us=203980   link_mtu_defined = DISABLED
Thu Jun  9 16:38:02 2016 us=203994   tun_mtu_extra = 0
Thu Jun  9 16:38:02 2016 us=204009   tun_mtu_extra_defined = DISABLED
Thu Jun  9 16:38:02 2016 us=204024   fragment = 0
Thu Jun  9 16:38:02 2016 us=204039   mtu_discover_type = -1
Thu Jun  9 16:38:02 2016 us=204053   mtu_test = 0
Thu Jun  9 16:38:02 2016 us=204068   mlock = DISABLED
Thu Jun  9 16:38:02 2016 us=204082   keepalive_ping = 0
Thu Jun  9 16:38:02 2016 us=204106   keepalive_timeout = 0
Thu Jun  9 16:38:02 2016 us=204122   inactivity_timeout = 0
Thu Jun  9 16:38:02 2016 us=204136   ping_send_timeout = 0
Thu Jun  9 16:38:02 2016 us=204151   ping_rec_timeout = 0
Thu Jun  9 16:38:02 2016 us=204173   ping_rec_timeout_action = 0
Thu Jun  9 16:38:02 2016 us=204188   ping_timer_remote = DISABLED
Thu Jun  9 16:38:02 2016 us=204202   remap_sigusr1 = 0
Thu Jun  9 16:38:02 2016 us=204218   explicit_exit_notification = 0
Thu Jun  9 16:38:02 2016 us=204241   persist_tun = DISABLED
Thu Jun  9 16:38:02 2016 us=204256   persist_local_ip = DISABLED
Thu Jun  9 16:38:02 2016 us=204271   persist_remote_ip = DISABLED
Thu Jun  9 16:38:02 2016 us=204289   persist_key = DISABLED
Thu Jun  9 16:38:02 2016 us=204303   mssfix = 1450
Thu Jun  9 16:38:02 2016 us=204318   passtos = DISABLED
Thu Jun  9 16:38:02 2016 us=204339   resolve_retry_seconds = 1000000000
Thu Jun  9 16:38:02 2016 us=204356   username = '[UNDEF]'
Thu Jun  9 16:38:02 2016 us=204371   groupname = '[UNDEF]'
Thu Jun  9 16:38:02 2016 us=204384   chroot_dir = '[UNDEF]'
Thu Jun  9 16:38:02 2016 us=204397   cd_dir = '/etc/openvpn/'
Thu Jun  9 16:38:02 2016 us=204411   selinux_context = '[UNDEF]'
Thu Jun  9 16:38:02 2016 us=204438   writepid = '/var/run/openvpn/client.pid'
Thu Jun  9 16:38:02 2016 us=204452   up_script = '[UNDEF]'
Thu Jun  9 16:38:02 2016 us=204465   down_script = '[UNDEF]'
Thu Jun  9 16:38:02 2016 us=204478   down_pre = DISABLED
Thu Jun  9 16:38:02 2016 us=204492   up_restart = DISABLED
Thu Jun  9 16:38:02 2016 us=204514   up_delay = DISABLED
Thu Jun  9 16:38:02 2016 us=204529   daemon = ENABLED
Thu Jun  9 16:38:02 2016 us=204546   inetd = 0
Thu Jun  9 16:38:02 2016 us=204562   log = ENABLED
Thu Jun  9 16:38:02 2016 us=204576   suppress_timestamps = DISABLED
Thu Jun  9 16:38:02 2016 us=204591   nice = 0
Thu Jun  9 16:38:02 2016 us=204606   verbosity = 11
Thu Jun  9 16:38:02 2016 us=204620   mute = 0
Thu Jun  9 16:38:02 2016 us=204635   gremlin = 0
Thu Jun  9 16:38:02 2016 us=204651   status_file = '[UNDEF]'
Thu Jun  9 16:38:02 2016 us=204666   status_file_version = 1
Thu Jun  9 16:38:02 2016 us=204681   status_file_update_freq = 60
Thu Jun  9 16:38:02 2016 us=204696   occ = ENABLED
Thu Jun  9 16:38:02 2016 us=204711   rcvbuf = 65536
Thu Jun  9 16:38:02 2016 us=204725   sndbuf = 65536
Thu Jun  9 16:38:02 2016 us=204740   sockflags = 0
Thu Jun  9 16:38:02 2016 us=204754   fast_io = DISABLED
Thu Jun  9 16:38:02 2016 us=204769   lzo = 7
Thu Jun  9 16:38:02 2016 us=204783   route_script = '[UNDEF]'
Thu Jun  9 16:38:02 2016 us=204798   route_default_gateway = '[UNDEF]'
Thu Jun  9 16:38:02 2016 us=204813   route_default_metric = 0
Thu Jun  9 16:38:02 2016 us=204827   route_noexec = DISABLED
Thu Jun  9 16:38:02 2016 us=204842   route_delay = 0
Thu Jun  9 16:38:02 2016 us=204856   route_delay_window = 30
Thu Jun  9 16:38:02 2016 us=204871   route_delay_defined = DISABLED
Thu Jun  9 16:38:02 2016 us=204886   route_nopull = DISABLED
Thu Jun  9 16:38:02 2016 us=204900   route_gateway_via_dhcp = DISABLED
Thu Jun  9 16:38:02 2016 us=204915   max_routes = 100
Thu Jun  9 16:38:02 2016 us=204930   allow_pull_fqdn = DISABLED
Thu Jun  9 16:38:02 2016 us=204945   management_addr = '[UNDEF]'
Thu Jun  9 16:38:02 2016 us=204960   management_port = 0
Thu Jun  9 16:38:02 2016 us=204975   management_user_pass = '[UNDEF]'
Thu Jun  9 16:38:02 2016 us=204990   management_log_history_cache = 250
Thu Jun  9 16:38:02 2016 us=205005   management_echo_buffer_size = 100
Thu Jun  9 16:38:02 2016 us=205020   management_write_peer_info_file = '[UNDEF]'
Thu Jun  9 16:38:02 2016 us=205035   management_client_user = '[UNDEF]'
Thu Jun  9 16:38:02 2016 us=205050   management_client_group = '[UNDEF]'
Thu Jun  9 16:38:02 2016 us=205065   management_flags = 0
Thu Jun  9 16:38:02 2016 us=205080   shared_secret_file = '[UNDEF]'
Thu Jun  9 16:38:02 2016 us=205104   key_direction = 0
Thu Jun  9 16:38:02 2016 us=205118   ciphername_defined = ENABLED
Thu Jun  9 16:38:02 2016 us=205134   ciphername = 'BF-CBC'
Thu Jun  9 16:38:02 2016 us=205149   authname_defined = ENABLED
Thu Jun  9 16:38:02 2016 us=205170   authname = 'SHA1'
Thu Jun  9 16:38:02 2016 us=205186   prng_hash = 'SHA1'
Thu Jun  9 16:38:02 2016 us=205200   prng_nonce_secret_len = 16
Thu Jun  9 16:38:02 2016 us=205218   keysize = 0
Thu Jun  9 16:38:02 2016 us=205244   engine = DISABLED
Thu Jun  9 16:38:02 2016 us=205260   replay = ENABLED
Thu Jun  9 16:38:02 2016 us=205275   mute_replay_warnings = DISABLED
Thu Jun  9 16:38:02 2016 us=205289   replay_window = 64
Thu Jun  9 16:38:02 2016 us=205304   replay_time = 15
Thu Jun  9 16:38:02 2016 us=205318   packet_id_file = '[UNDEF]'
Thu Jun  9 16:38:02 2016 us=205352   use_iv = ENABLED
Thu Jun  9 16:38:02 2016 us=205368   test_crypto = DISABLED
Thu Jun  9 16:38:02 2016 us=205382   tls_server = DISABLED
Thu Jun  9 16:38:02 2016 us=205396   tls_client = ENABLED
Thu Jun  9 16:38:02 2016 us=205411   key_method = 2
Thu Jun  9 16:38:02 2016 us=205437   ca_file = '/etc/openvpn/ca.crt'
Thu Jun  9 16:38:02 2016 us=205454   ca_path = '[UNDEF]'
Thu Jun  9 16:38:02 2016 us=205470   dh_file = '[UNDEF]'
Thu Jun  9 16:38:02 2016 us=205486   cert_file = '/etc/openvpn/client.crt'
Thu Jun  9 16:38:02 2016 us=205501   priv_key_file = '/etc/openvpn/client.key'
Thu Jun  9 16:38:02 2016 us=205516   pkcs12_file = '[UNDEF]'
Thu Jun  9 16:38:02 2016 us=205531   cipher_list = '[UNDEF]'
Thu Jun  9 16:38:02 2016 us=205546   tls_verify = '[UNDEF]'
Thu Jun  9 16:38:02 2016 us=205561   tls_export_cert = '[UNDEF]'
Thu Jun  9 16:38:02 2016 us=205575   tls_remote = '[UNDEF]'
Thu Jun  9 16:38:02 2016 us=205596   crl_file = '[UNDEF]'
Thu Jun  9 16:38:02 2016 us=205612   ns_cert_type = 0
Thu Jun  9 16:38:02 2016 us=205627   remote_cert_ku[i] = 160
Thu Jun  9 16:38:02 2016 us=205642   remote_cert_ku[i] = 136
Thu Jun  9 16:38:02 2016 us=205656   remote_cert_ku[i] = 0
Thu Jun  9 16:38:02 2016 us=205671   remote_cert_ku[i] = 0
Thu Jun  9 16:38:02 2016 us=205685   remote_cert_ku[i] = 0
Thu Jun  9 16:38:02 2016 us=205700   remote_cert_ku[i] = 0
Thu Jun  9 16:38:02 2016 us=205714   remote_cert_ku[i] = 0
Thu Jun  9 16:38:02 2016 us=205728   remote_cert_ku[i] = 0
Thu Jun  9 16:38:02 2016 us=205743   remote_cert_ku[i] = 0
Thu Jun  9 16:38:02 2016 us=205757   remote_cert_ku[i] = 0
Thu Jun  9 16:38:02 2016 us=205772   remote_cert_ku[i] = 0
Thu Jun  9 16:38:02 2016 us=205786   remote_cert_ku[i] = 0
Thu Jun  9 16:38:02 2016 us=205803   remote_cert_ku[i] = 0
Thu Jun  9 16:38:02 2016 us=205817   remote_cert_ku[i] = 0
Thu Jun  9 16:38:02 2016 us=205831   remote_cert_ku[i] = 0
Thu Jun  9 16:38:02 2016 us=205846   remote_cert_ku[i] = 0
Thu Jun  9 16:38:02 2016 us=205861   remote_cert_eku = 'TLS Web Server Authentication'
Thu Jun  9 16:38:02 2016 us=205876   tls_timeout = 2
Thu Jun  9 16:38:02 2016 us=205891   renegotiate_bytes = 0
Thu Jun  9 16:38:02 2016 us=205906   renegotiate_packets = 0
Thu Jun  9 16:38:02 2016 us=205920   renegotiate_seconds = 3600
Thu Jun  9 16:38:02 2016 us=205935   handshake_window = 60
Thu Jun  9 16:38:02 2016 us=205950   transition_window = 3600
Thu Jun  9 16:38:02 2016 us=205964   single_session = DISABLED
Thu Jun  9 16:38:02 2016 us=205979   push_peer_info = DISABLED
Thu Jun  9 16:38:02 2016 us=205993   tls_exit = DISABLED
Thu Jun  9 16:38:02 2016 us=206008   tls_auth_file = '[UNDEF]'
Thu Jun  9 16:38:02 2016 us=206023   pkcs11_protected_authentication = DISABLED
Thu Jun  9 16:38:02 2016 us=206037   pkcs11_protected_authentication = DISABLED
Thu Jun  9 16:38:02 2016 us=206052   pkcs11_protected_authentication = DISABLED
Thu Jun  9 16:38:02 2016 us=206067   pkcs11_protected_authentication = DISABLED
Thu Jun  9 16:38:02 2016 us=206082   pkcs11_protected_authentication = DISABLED
Thu Jun  9 16:38:02 2016 us=206096   pkcs11_protected_authentication = DISABLED
Thu Jun  9 16:38:02 2016 us=206119   pkcs11_protected_authentication = DISABLED
Thu Jun  9 16:38:02 2016 us=206134   pkcs11_protected_authentication = DISABLED
Thu Jun  9 16:38:02 2016 us=206149   pkcs11_protected_authentication = DISABLED
Thu Jun  9 16:38:02 2016 us=206172   pkcs11_protected_authentication = DISABLED
Thu Jun  9 16:38:02 2016 us=206185   pkcs11_protected_authentication = DISABLED
Thu Jun  9 16:38:02 2016 us=206200   pkcs11_protected_authentication = DISABLED
Thu Jun  9 16:38:02 2016 us=206214   pkcs11_protected_authentication = DISABLED
Thu Jun  9 16:38:02 2016 us=206229   pkcs11_protected_authentication = DISABLED
Thu Jun  9 16:38:02 2016 us=206251   pkcs11_protected_authentication = DISABLED
Thu Jun  9 16:38:02 2016 us=206267   pkcs11_protected_authentication = DISABLED
Thu Jun  9 16:38:02 2016 us=206284   pkcs11_private_mode = 00000000
Thu Jun  9 16:38:02 2016 us=206299   pkcs11_private_mode = 00000000
Thu Jun  9 16:38:02 2016 us=206314   pkcs11_private_mode = 00000000
Thu Jun  9 16:38:02 2016 us=206334   pkcs11_private_mode = 00000000
Thu Jun  9 16:38:02 2016 us=206354   pkcs11_private_mode = 00000000
Thu Jun  9 16:38:02 2016 us=206369   pkcs11_private_mode = 00000000
Thu Jun  9 16:38:02 2016 us=206383   pkcs11_private_mode = 00000000
Thu Jun  9 16:38:02 2016 us=206398   pkcs11_private_mode = 00000000
Thu Jun  9 16:38:02 2016 us=206412   pkcs11_private_mode = 00000000
Thu Jun  9 16:38:02 2016 us=206426   pkcs11_private_mode = 00000000
Thu Jun  9 16:38:02 2016 us=206455   pkcs11_private_mode = 00000000
Thu Jun  9 16:38:02 2016 us=206471   pkcs11_private_mode = 00000000
Thu Jun  9 16:38:02 2016 us=206486   pkcs11_private_mode = 00000000
Thu Jun  9 16:38:02 2016 us=206499   pkcs11_private_mode = 00000000
Thu Jun  9 16:38:02 2016 us=206513   pkcs11_private_mode = 00000000
Thu Jun  9 16:38:02 2016 us=206535   pkcs11_private_mode = 00000000
Thu Jun  9 16:38:02 2016 us=206551   pkcs11_cert_private = DISABLED
Thu Jun  9 16:38:02 2016 us=206566   pkcs11_cert_private = DISABLED
Thu Jun  9 16:38:02 2016 us=206581   pkcs11_cert_private = DISABLED
Thu Jun  9 16:38:02 2016 us=206595   pkcs11_cert_private = DISABLED
Thu Jun  9 16:38:02 2016 us=206610   pkcs11_cert_private = DISABLED
Thu Jun  9 16:38:02 2016 us=206625   pkcs11_cert_private = DISABLED
Thu Jun  9 16:38:02 2016 us=206639   pkcs11_cert_private = DISABLED
Thu Jun  9 16:38:02 2016 us=206654   pkcs11_cert_private = DISABLED
Thu Jun  9 16:38:02 2016 us=206668   pkcs11_cert_private = DISABLED
Thu Jun  9 16:38:02 2016 us=206683   pkcs11_cert_private = DISABLED
Thu Jun  9 16:38:02 2016 us=206697   pkcs11_cert_private = DISABLED
Thu Jun  9 16:38:02 2016 us=206712   pkcs11_cert_private = DISABLED
Thu Jun  9 16:38:02 2016 us=206726   pkcs11_cert_private = DISABLED
Thu Jun  9 16:38:02 2016 us=206741   pkcs11_cert_private = DISABLED
Thu Jun  9 16:38:02 2016 us=206756   pkcs11_cert_private = DISABLED
Thu Jun  9 16:38:02 2016 us=206771   pkcs11_cert_private = DISABLED
Thu Jun  9 16:38:02 2016 us=206786   pkcs11_pin_cache_period = -1
Thu Jun  9 16:38:02 2016 us=206800   pkcs11_id = '[UNDEF]'
Thu Jun  9 16:38:02 2016 us=206815   pkcs11_id_management = DISABLED
Thu Jun  9 16:38:02 2016 us=206842   server_network = 0.0.0.0
Thu Jun  9 16:38:02 2016 us=206860   server_netmask = 0.0.0.0
Thu Jun  9 16:38:02 2016 us=206876   server_bridge_ip = 0.0.0.0
Thu Jun  9 16:38:02 2016 us=206892   server_bridge_netmask = 0.0.0.0
Thu Jun  9 16:38:02 2016 us=206909   server_bridge_pool_start = 0.0.0.0
Thu Jun  9 16:38:02 2016 us=206925   server_bridge_pool_end = 0.0.0.0
Thu Jun  9 16:38:02 2016 us=206940   ifconfig_pool_defined = DISABLED
Thu Jun  9 16:38:02 2016 us=206956   ifconfig_pool_start = 0.0.0.0
Thu Jun  9 16:38:02 2016 us=206972   ifconfig_pool_end = 0.0.0.0
Thu Jun  9 16:38:02 2016 us=206988   ifconfig_pool_netmask = 0.0.0.0
Thu Jun  9 16:38:02 2016 us=207003   ifconfig_pool_persist_filename = '[UNDEF]'
Thu Jun  9 16:38:02 2016 us=207018   ifconfig_pool_persist_refresh_freq = 600
Thu Jun  9 16:38:02 2016 us=207033   n_bcast_buf = 256
Thu Jun  9 16:38:02 2016 us=207048   tcp_queue_limit = 64
Thu Jun  9 16:38:02 2016 us=207062   real_hash_size = 256
Thu Jun  9 16:38:02 2016 us=207077   virtual_hash_size = 256
Thu Jun  9 16:38:02 2016 us=207092   client_connect_script = '[UNDEF]'
Thu Jun  9 16:38:02 2016 us=207117   learn_address_script = '[UNDEF]'
Thu Jun  9 16:38:02 2016 us=207131   client_disconnect_script = '[UNDEF]'
Thu Jun  9 16:38:02 2016 us=207146   client_config_dir = '[UNDEF]'
Thu Jun  9 16:38:02 2016 us=207161   ccd_exclusive = DISABLED
Thu Jun  9 16:38:02 2016 us=207183   tmp_dir = '/tmp'
Thu Jun  9 16:38:02 2016 us=207199   push_ifconfig_defined = DISABLED
Thu Jun  9 16:38:02 2016 us=207215   push_ifconfig_local = 0.0.0.0
Thu Jun  9 16:38:02 2016 us=207234   push_ifconfig_remote_netmask = 0.0.0.0
Thu Jun  9 16:38:02 2016 us=207256   enable_c2c = DISABLED
Thu Jun  9 16:38:02 2016 us=207272   duplicate_cn = DISABLED
Thu Jun  9 16:38:02 2016 us=207291   cf_max = 0
Thu Jun  9 16:38:02 2016 us=207305   cf_per = 0
Thu Jun  9 16:38:02 2016 us=207320   max_clients = 1024
Thu Jun  9 16:38:02 2016 us=207341   max_routes_per_client = 256
Thu Jun  9 16:38:02 2016 us=207356   auth_user_pass_verify_script = '[UNDEF]'
Thu Jun  9 16:38:02 2016 us=207371   auth_user_pass_verify_script_via_file = DISABLED
Thu Jun  9 16:38:02 2016 us=207388   ssl_flags = 0
Thu Jun  9 16:38:02 2016 us=207403   port_share_host = '[UNDEF]'
Thu Jun  9 16:38:02 2016 us=207418   port_share_port = 0
Thu Jun  9 16:38:02 2016 us=207432   client = ENABLED
Thu Jun  9 16:38:02 2016 us=207456   pull = ENABLED
Thu Jun  9 16:38:02 2016 us=207472   auth_user_pass_file = '[UNDEF]'
Thu Jun  9 16:38:02 2016 us=207492 OpenVPN 2.2.2 x86_64-unknown-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [eurephia] built on Apr  5 2012
Thu Jun  9 16:38:02 2016 us=207552 PKCS#11: pkcs11_initialize - entered
Thu Jun  9 16:38:02 2016 us=207622 PKCS#11: pkcs11_initialize - return 0-'CKR_OK'
Thu Jun  9 16:38:02 2016 us=207652 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Thu Jun  9 16:38:02 2016 us=207676 PO_INIT maxevents=4 flags=0x00000002
Thu Jun  9 16:38:02 2016 us=208358 WARNING: file '/etc/openvpn/client.key' is group or others accessible
Thu Jun  9 16:38:02 2016 us=208969 PRNG init md=SHA1 size=36
Thu Jun  9 16:38:02 2016 us=209023 LZO compression initialized
Thu Jun  9 16:38:02 2016 us=209045 MTU DYNAMIC mtu=0, flags=1, 0 -> 140
Thu Jun  9 16:38:02 2016 us=209060 TLS: tls_session_init: entry
Thu Jun  9 16:38:02 2016 us=209085 PID packet_id_init seq_backtrack=0 time_backtrack=0
Thu Jun  9 16:38:02 2016 us=209151 PID packet_id_init seq_backtrack=0 time_backtrack=0
Thu Jun  9 16:38:02 2016 us=209174 TLS: tls_session_init: new session object, sid=e37b518b 68ccf137
Thu Jun  9 16:38:02 2016 us=209196 TLS: tls_session_init: entry
Thu Jun  9 16:38:02 2016 us=209213 PID packet_id_init seq_backtrack=0 time_backtrack=0
Thu Jun  9 16:38:02 2016 us=209273 PID packet_id_init seq_backtrack=0 time_backtrack=0
Thu Jun  9 16:38:02 2016 us=209297 TLS: tls_session_init: new session object, sid=49c3ed14 d5fbd50c
Thu Jun  9 16:38:02 2016 us=209314 Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Thu Jun  9 16:38:02 2016 us=209361 MTU DYNAMIC mtu=1450, flags=2, 1544 -> 1450
Thu Jun  9 16:38:02 2016 us=209411 Socket Buffers: R=[87380->131072] S=[16384->131072]
Thu Jun  9 16:38:02 2016 us=212004 RESOLVE_REMOTE flags=0x0101 phase=1 rrs=0 sig=-1 status=1
Thu Jun  9 16:38:02 2016 us=212050 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Thu Jun  9 16:38:02 2016 us=212090 Local Options String: 'V4,dev-type tun,link-mtu 1544,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Thu Jun  9 16:38:02 2016 us=212105 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1544,tun-mtu 1500,proto TCPv4_SERVER,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Thu Jun  9 16:38:02 2016 us=212141 Local Options hash (VER=V4): '69109d17'
Thu Jun  9 16:38:02 2016 us=212164 Expected Remote Options hash (VER=V4): 'c0103fa8'
Thu Jun  9 16:38:02 2016 us=212599 PKCS#11: __pkcs11h_forkFixup entry pid=8177, activate_slotevent=1
Thu Jun  9 16:38:02 2016 us=212675 PKCS#11: __pkcs11h_forkFixup return
Thu Jun  9 16:38:02 2016 us=212780 STREAM: RESET
Thu Jun  9 16:38:02 2016 us=212795 STREAM: INIT maxlen=1544
Thu Jun  9 16:38:02 2016 us=212818 Attempting to establish TCP connection with 130.xxx.xxx.xxx:2443 [nonblock]
Thu Jun  9 16:38:02 2016 us=212980 TCP: connect to 130.xxx.xxx.xxx:2443 failed, will try again in 5 seconds: Permission denied
Thu Jun  9 16:38:07 2016 us=215477 TCP: connect to 130.xxx.xxx.xxx:2443 failed, will try again in 5 seconds: Permission denied
Thu Jun  9 16:38:12 2016 us=220084 TCP: connect to 130.xxx.xxx.xxx:2443 failed, will try again in 5 seconds: Permission denied
Thu Jun  9 16:38:17 2016 us=222958 TCP: connect to 130.xxx.xxx.xxx:2443 failed, will try again in 5 seconds: Permission denied
Thu Jun  9 16:38:22 2016 us=225386 TCP: connect to 130.xxx.xxx.xxx:2443 failed, will try again in 5 seconds: Permission denied
Thu Jun  9 16:38:27 2016 us=227814 TCP: connect to 130.xxx.xxx.xxx:2443 failed, will try again in 5 seconds: Permission denied
Thu Jun  9 16:38:32 2016 us=231308 TCP: connect to 130.xxx.xxx.xxx:2443 failed, will try again in 5 seconds: Permission denied
Thu Jun  9 16:38:32 2016 us=534005 PID packet_id_free
Thu Jun  9 16:38:32 2016 us=534184 PID packet_id_free
Thu Jun  9 16:38:32 2016 us=534215 PID packet_id_free
Thu Jun  9 16:38:32 2016 us=534229 PID packet_id_free
Thu Jun  9 16:38:32 2016 us=534273 PID packet_id_free
Thu Jun  9 16:38:32 2016 us=534291 PID packet_id_free
Thu Jun  9 16:38:32 2016 us=534304 PID packet_id_free
Thu Jun  9 16:38:32 2016 us=534317 PID packet_id_free
Thu Jun  9 16:38:32 2016 us=534457 PID packet_id_free
Thu Jun  9 16:38:32 2016 us=534496 SIGTERM[hard,init_instance] received, process exiting
Thu Jun  9 16:38:32 2016 us=535056 PKCS#11: pkcs11_terminate - entered
Thu Jun  9 16:38:32 2016 us=535089 PKCS#11: pkcs11h_terminate entry
Thu Jun  9 16:38:32 2016 us=535105 PKCS#11: Removing providers
Thu Jun  9 16:38:32 2016 us=535120 PKCS#11: Releasing sessions
Thu Jun  9 16:38:32 2016 us=535133 PKCS#11: Terminating slotevent
Thu Jun  9 16:38:32 2016 us=535150 PKCS#11: _pkcs11h_slotevent_terminate entry
Thu Jun  9 16:38:32 2016 us=535164 PKCS#11: _pkcs11h_slotevent_terminate return
Thu Jun  9 16:38:32 2016 us=535177 PKCS#11: Marking as uninitialized
Thu Jun  9 16:38:32 2016 us=535202 PKCS#11: pkcs11_terminate - return
So, this is noisy. :)

Code: Select all

Thu Jun  9 16:43:51 2016 us=107621 Current Parameter Settings:
Thu Jun  9 16:43:51 2016 us=107712   config = '/etc/openvpn/client.conf'
Thu Jun  9 16:43:51 2016 us=107733   mode = 0
Thu Jun  9 16:43:51 2016 us=107753   persist_config = DISABLED
Thu Jun  9 16:43:51 2016 us=107769   persist_mode = 1
Thu Jun  9 16:43:51 2016 us=107785   show_ciphers = DISABLED
Thu Jun  9 16:43:51 2016 us=107802   show_digests = DISABLED
Thu Jun  9 16:43:51 2016 us=107819   show_engines = DISABLED
Thu Jun  9 16:43:51 2016 us=107836   genkey = DISABLED
Thu Jun  9 16:43:51 2016 us=107851   key_pass_file = '[UNDEF]'
Thu Jun  9 16:43:51 2016 us=107867   show_tls_ciphers = DISABLED
Thu Jun  9 16:43:51 2016 us=107882 Connection profiles [default]:
Thu Jun  9 16:43:51 2016 us=107898   proto = tcp-client
Thu Jun  9 16:43:51 2016 us=107913   local = '[UNDEF]'
Thu Jun  9 16:43:51 2016 us=107929   local_port = 0
Thu Jun  9 16:43:51 2016 us=107944   remote = 'vpn.nxxxxxxm.de'
Thu Jun  9 16:43:51 2016 us=107959   remote_port = 2443
Thu Jun  9 16:43:51 2016 us=107976   remote_float = DISABLED
Thu Jun  9 16:43:51 2016 us=107992   bind_defined = DISABLED
Thu Jun  9 16:43:51 2016 us=108007   bind_local = DISABLED
Thu Jun  9 16:43:51 2016 us=108024   connect_retry_seconds = 5
Thu Jun  9 16:43:51 2016 us=108039   connect_timeout = 10
Thu Jun  9 16:43:51 2016 us=108055   connect_retry_max = 0
Thu Jun  9 16:43:51 2016 us=108070   socks_proxy_server = '[UNDEF]'
Thu Jun  9 16:43:51 2016 us=108086   socks_proxy_port = 0
Thu Jun  9 16:43:51 2016 us=108101   socks_proxy_retry = DISABLED
Thu Jun  9 16:43:51 2016 us=108119 Connection profiles END
Thu Jun  9 16:43:51 2016 us=108133   remote_random = DISABLED
Thu Jun  9 16:43:51 2016 us=108149   ipchange = '[UNDEF]'
Thu Jun  9 16:43:51 2016 us=108165   dev = 'tun'
Thu Jun  9 16:43:51 2016 us=108180   dev_type = '[UNDEF]'
Thu Jun  9 16:43:51 2016 us=108195   dev_node = '[UNDEF]'
Thu Jun  9 16:43:51 2016 us=108210   lladdr = '[UNDEF]'
Thu Jun  9 16:43:51 2016 us=108226   topology = 1
Thu Jun  9 16:43:51 2016 us=108241   tun_ipv6 = DISABLED
Thu Jun  9 16:43:51 2016 us=108256   ifconfig_local = '[UNDEF]'
Thu Jun  9 16:43:51 2016 us=108272   ifconfig_remote_netmask = '[UNDEF]'
Thu Jun  9 16:43:51 2016 us=108287   ifconfig_noexec = DISABLED
Thu Jun  9 16:43:51 2016 us=108350   ifconfig_nowarn = DISABLED
Thu Jun  9 16:43:51 2016 us=108374   shaper = 0
Thu Jun  9 16:43:51 2016 us=108390   tun_mtu = 1500
Thu Jun  9 16:43:51 2016 us=108405   tun_mtu_defined = ENABLED
Thu Jun  9 16:43:51 2016 us=108419   link_mtu = 1500
Thu Jun  9 16:43:51 2016 us=108434   link_mtu_defined = DISABLED
Thu Jun  9 16:43:51 2016 us=108450   tun_mtu_extra = 0
Thu Jun  9 16:43:51 2016 us=108468   tun_mtu_extra_defined = DISABLED
Thu Jun  9 16:43:51 2016 us=108484   fragment = 0
Thu Jun  9 16:43:51 2016 us=108500   mtu_discover_type = -1
Thu Jun  9 16:43:51 2016 us=108516   mtu_test = 0
Thu Jun  9 16:43:51 2016 us=108533   mlock = DISABLED
Thu Jun  9 16:43:51 2016 us=108548   keepalive_ping = 0
Thu Jun  9 16:43:51 2016 us=108564   keepalive_timeout = 0
Thu Jun  9 16:43:51 2016 us=108579   inactivity_timeout = 0
Thu Jun  9 16:43:51 2016 us=108594   ping_send_timeout = 0
Thu Jun  9 16:43:51 2016 us=108611   ping_rec_timeout = 0
Thu Jun  9 16:43:51 2016 us=108628   ping_rec_timeout_action = 0
Thu Jun  9 16:43:51 2016 us=108644   ping_timer_remote = DISABLED
Thu Jun  9 16:43:51 2016 us=108660   remap_sigusr1 = 0
Thu Jun  9 16:43:51 2016 us=108689   explicit_exit_notification = 0
Thu Jun  9 16:43:51 2016 us=108705   persist_tun = DISABLED
Thu Jun  9 16:43:51 2016 us=108720   persist_local_ip = DISABLED
Thu Jun  9 16:43:51 2016 us=108734   persist_remote_ip = DISABLED
Thu Jun  9 16:43:51 2016 us=108753   persist_key = DISABLED
Thu Jun  9 16:43:51 2016 us=108767   mssfix = 1450
Thu Jun  9 16:43:51 2016 us=108782   passtos = DISABLED
Thu Jun  9 16:43:51 2016 us=108797   resolve_retry_seconds = 1000000000
Thu Jun  9 16:43:51 2016 us=108812   username = '[UNDEF]'
Thu Jun  9 16:43:51 2016 us=108827   groupname = '[UNDEF]'
Thu Jun  9 16:43:51 2016 us=108842   chroot_dir = '[UNDEF]'
Thu Jun  9 16:43:51 2016 us=108857   cd_dir = '/etc/openvpn/'
Thu Jun  9 16:43:51 2016 us=108872   selinux_context = '[UNDEF]'
Thu Jun  9 16:43:51 2016 us=108887   writepid = '/var/run/openvpn/client.pid'
Thu Jun  9 16:43:51 2016 us=108902   up_script = '[UNDEF]'
Thu Jun  9 16:43:51 2016 us=108916   down_script = '[UNDEF]'
Thu Jun  9 16:43:51 2016 us=108931   down_pre = DISABLED
Thu Jun  9 16:43:51 2016 us=108946   up_restart = DISABLED
Thu Jun  9 16:43:51 2016 us=108960   up_delay = DISABLED
Thu Jun  9 16:43:51 2016 us=108976   daemon = ENABLED
Thu Jun  9 16:43:51 2016 us=108992   inetd = 0
Thu Jun  9 16:43:51 2016 us=109008   log = ENABLED
Thu Jun  9 16:43:51 2016 us=109023   suppress_timestamps = DISABLED
Thu Jun  9 16:43:51 2016 us=109039   nice = 0
Thu Jun  9 16:43:51 2016 us=109054   verbosity = 11
Thu Jun  9 16:43:51 2016 us=109068   mute = 0
Thu Jun  9 16:43:51 2016 us=109083   gremlin = 0
Thu Jun  9 16:43:51 2016 us=109097   status_file = '[UNDEF]'
Thu Jun  9 16:43:51 2016 us=109112   status_file_version = 1
Thu Jun  9 16:43:51 2016 us=109127   status_file_update_freq = 60
Thu Jun  9 16:43:51 2016 us=109142   occ = ENABLED
Thu Jun  9 16:43:51 2016 us=109156   rcvbuf = 65536
Thu Jun  9 16:43:51 2016 us=109171   sndbuf = 65536
Thu Jun  9 16:43:51 2016 us=109185   sockflags = 0
Thu Jun  9 16:43:51 2016 us=109200   fast_io = DISABLED
Thu Jun  9 16:43:51 2016 us=109215   lzo = 7
Thu Jun  9 16:43:51 2016 us=109229   route_script = '[UNDEF]'
Thu Jun  9 16:43:51 2016 us=109244   route_default_gateway = '[UNDEF]'
Thu Jun  9 16:43:51 2016 us=109259   route_default_metric = 0
Thu Jun  9 16:43:51 2016 us=109274   route_noexec = DISABLED
Thu Jun  9 16:43:51 2016 us=109288   route_delay = 0
Thu Jun  9 16:43:51 2016 us=109303   route_delay_window = 30
Thu Jun  9 16:43:51 2016 us=109318   route_delay_defined = DISABLED
Thu Jun  9 16:43:51 2016 us=109339   route_nopull = DISABLED
Thu Jun  9 16:43:51 2016 us=109388   route_gateway_via_dhcp = DISABLED
Thu Jun  9 16:43:51 2016 us=109459   max_routes = 100
Thu Jun  9 16:43:51 2016 us=109486   allow_pull_fqdn = DISABLED
Thu Jun  9 16:43:51 2016 us=109505   management_addr = '[UNDEF]'
Thu Jun  9 16:43:51 2016 us=109522   management_port = 0
Thu Jun  9 16:43:51 2016 us=109537   management_user_pass = '[UNDEF]'
Thu Jun  9 16:43:51 2016 us=109554   management_log_history_cache = 250
Thu Jun  9 16:43:51 2016 us=109569   management_echo_buffer_size = 100
Thu Jun  9 16:43:51 2016 us=109585   management_write_peer_info_file = '[UNDEF]'
Thu Jun  9 16:43:51 2016 us=109600   management_client_user = '[UNDEF]'
Thu Jun  9 16:43:51 2016 us=109615   management_client_group = '[UNDEF]'
Thu Jun  9 16:43:51 2016 us=109630   management_flags = 0
Thu Jun  9 16:43:51 2016 us=109645   shared_secret_file = '[UNDEF]'
Thu Jun  9 16:43:51 2016 us=109660   key_direction = 0
Thu Jun  9 16:43:51 2016 us=109676   ciphername_defined = ENABLED
Thu Jun  9 16:43:51 2016 us=109691   ciphername = 'BF-CBC'
Thu Jun  9 16:43:51 2016 us=109709   authname_defined = ENABLED
Thu Jun  9 16:43:51 2016 us=109729   authname = 'SHA1'
Thu Jun  9 16:43:51 2016 us=109745   prng_hash = 'SHA1'
Thu Jun  9 16:43:51 2016 us=109760   prng_nonce_secret_len = 16
Thu Jun  9 16:43:51 2016 us=109774   keysize = 0
Thu Jun  9 16:43:51 2016 us=109789   engine = DISABLED
Thu Jun  9 16:43:51 2016 us=109804   replay = ENABLED
Thu Jun  9 16:43:51 2016 us=109819   mute_replay_warnings = DISABLED
Thu Jun  9 16:43:51 2016 us=109842   replay_window = 64
Thu Jun  9 16:43:51 2016 us=109858   replay_time = 15
Thu Jun  9 16:43:51 2016 us=109874   packet_id_file = '[UNDEF]'
Thu Jun  9 16:43:51 2016 us=109889   use_iv = ENABLED
Thu Jun  9 16:43:51 2016 us=109904   test_crypto = DISABLED
Thu Jun  9 16:43:51 2016 us=109918   tls_server = DISABLED
Thu Jun  9 16:43:51 2016 us=109933   tls_client = ENABLED
Thu Jun  9 16:43:51 2016 us=109948   key_method = 2
Thu Jun  9 16:43:51 2016 us=109963   ca_file = '/etc/openvpn/ca.crt'
Thu Jun  9 16:43:51 2016 us=109979   ca_path = '[UNDEF]'
Thu Jun  9 16:43:51 2016 us=109995   dh_file = '[UNDEF]'
Thu Jun  9 16:43:51 2016 us=110010   cert_file = '/etc/openvpn/client.crt'
Thu Jun  9 16:43:51 2016 us=110025   priv_key_file = '/etc/openvpn/client.key'
Thu Jun  9 16:43:51 2016 us=110040   pkcs12_file = '[UNDEF]'
Thu Jun  9 16:43:51 2016 us=110055   cipher_list = '[UNDEF]'
Thu Jun  9 16:43:51 2016 us=110070   tls_verify = '[UNDEF]'
Thu Jun  9 16:43:51 2016 us=110085   tls_export_cert = '[UNDEF]'
Thu Jun  9 16:43:51 2016 us=110099   tls_remote = '[UNDEF]'
Thu Jun  9 16:43:51 2016 us=110114   crl_file = '[UNDEF]'
Thu Jun  9 16:43:51 2016 us=110129   ns_cert_type = 0
Thu Jun  9 16:43:51 2016 us=110144   remote_cert_ku[i] = 160
Thu Jun  9 16:43:51 2016 us=110158   remote_cert_ku[i] = 136
Thu Jun  9 16:43:51 2016 us=110173   remote_cert_ku[i] = 0
Thu Jun  9 16:43:51 2016 us=110188   remote_cert_ku[i] = 0
Thu Jun  9 16:43:51 2016 us=110202   remote_cert_ku[i] = 0
Thu Jun  9 16:43:51 2016 us=110217   remote_cert_ku[i] = 0
Thu Jun  9 16:43:51 2016 us=110231   remote_cert_ku[i] = 0
Thu Jun  9 16:43:51 2016 us=110246   remote_cert_ku[i] = 0
Thu Jun  9 16:43:51 2016 us=110260   remote_cert_ku[i] = 0
Thu Jun  9 16:43:51 2016 us=110275   remote_cert_ku[i] = 0
Thu Jun  9 16:43:51 2016 us=110289   remote_cert_ku[i] = 0
Thu Jun  9 16:43:51 2016 us=110304   remote_cert_ku[i] = 0
Thu Jun  9 16:43:51 2016 us=110319   remote_cert_ku[i] = 0
Thu Jun  9 16:43:51 2016 us=110372   remote_cert_ku[i] = 0
Thu Jun  9 16:43:51 2016 us=110390   remote_cert_ku[i] = 0
Thu Jun  9 16:43:51 2016 us=110404   remote_cert_ku[i] = 0
Thu Jun  9 16:43:51 2016 us=110420   remote_cert_eku = 'TLS Web Server Authentication'
Thu Jun  9 16:43:51 2016 us=110435   tls_timeout = 2
Thu Jun  9 16:43:51 2016 us=110451   renegotiate_bytes = 0
Thu Jun  9 16:43:51 2016 us=110465   renegotiate_packets = 0
Thu Jun  9 16:43:51 2016 us=110481   renegotiate_seconds = 3600
Thu Jun  9 16:43:51 2016 us=110496   handshake_window = 60
Thu Jun  9 16:43:51 2016 us=110510   transition_window = 3600
Thu Jun  9 16:43:51 2016 us=110526   single_session = DISABLED
Thu Jun  9 16:43:51 2016 us=110541   push_peer_info = DISABLED
Thu Jun  9 16:43:51 2016 us=110558   tls_exit = DISABLED
Thu Jun  9 16:43:51 2016 us=110573   tls_auth_file = '[UNDEF]'
Thu Jun  9 16:43:51 2016 us=110588   pkcs11_protected_authentication = DISABLED
Thu Jun  9 16:43:51 2016 us=110603   pkcs11_protected_authentication = DISABLED
Thu Jun  9 16:43:51 2016 us=110618   pkcs11_protected_authentication = DISABLED
Thu Jun  9 16:43:51 2016 us=110633   pkcs11_protected_authentication = DISABLED
Thu Jun  9 16:43:51 2016 us=110648   pkcs11_protected_authentication = DISABLED
Thu Jun  9 16:43:51 2016 us=110663   pkcs11_protected_authentication = DISABLED
Thu Jun  9 16:43:51 2016 us=110678   pkcs11_protected_authentication = DISABLED
Thu Jun  9 16:43:51 2016 us=110693   pkcs11_protected_authentication = DISABLED
Thu Jun  9 16:43:51 2016 us=110708   pkcs11_protected_authentication = DISABLED
Thu Jun  9 16:43:51 2016 us=110723   pkcs11_protected_authentication = DISABLED
Thu Jun  9 16:43:51 2016 us=110738   pkcs11_protected_authentication = DISABLED
Thu Jun  9 16:43:51 2016 us=110755   pkcs11_protected_authentication = DISABLED
Thu Jun  9 16:43:51 2016 us=110771   pkcs11_protected_authentication = DISABLED
Thu Jun  9 16:43:51 2016 us=110786   pkcs11_protected_authentication = DISABLED
Thu Jun  9 16:43:51 2016 us=110801   pkcs11_protected_authentication = DISABLED
Thu Jun  9 16:43:51 2016 us=110816   pkcs11_protected_authentication = DISABLED
Thu Jun  9 16:43:51 2016 us=110840   pkcs11_private_mode = 00000000
Thu Jun  9 16:43:51 2016 us=110856   pkcs11_private_mode = 00000000
Thu Jun  9 16:43:51 2016 us=110871   pkcs11_private_mode = 00000000
Thu Jun  9 16:43:51 2016 us=110886   pkcs11_private_mode = 00000000
Thu Jun  9 16:43:51 2016 us=110901   pkcs11_private_mode = 00000000
Thu Jun  9 16:43:51 2016 us=110916   pkcs11_private_mode = 00000000
Thu Jun  9 16:43:51 2016 us=110931   pkcs11_private_mode = 00000000
Thu Jun  9 16:43:51 2016 us=110946   pkcs11_private_mode = 00000000
Thu Jun  9 16:43:51 2016 us=110961   pkcs11_private_mode = 00000000
Thu Jun  9 16:43:51 2016 us=110976   pkcs11_private_mode = 00000000
Thu Jun  9 16:43:51 2016 us=110991   pkcs11_private_mode = 00000000
Thu Jun  9 16:43:51 2016 us=111007   pkcs11_private_mode = 00000000
Thu Jun  9 16:43:51 2016 us=111022   pkcs11_private_mode = 00000000
Thu Jun  9 16:43:51 2016 us=111037   pkcs11_private_mode = 00000000
Thu Jun  9 16:43:51 2016 us=111051   pkcs11_private_mode = 00000000
Thu Jun  9 16:43:51 2016 us=111066   pkcs11_private_mode = 00000000
Thu Jun  9 16:43:51 2016 us=111081   pkcs11_cert_private = DISABLED
Thu Jun  9 16:43:51 2016 us=111096   pkcs11_cert_private = DISABLED
Thu Jun  9 16:43:51 2016 us=111111   pkcs11_cert_private = DISABLED
Thu Jun  9 16:43:51 2016 us=111125   pkcs11_cert_private = DISABLED
Thu Jun  9 16:43:51 2016 us=111140   pkcs11_cert_private = DISABLED
Thu Jun  9 16:43:51 2016 us=111155   pkcs11_cert_private = DISABLED
Thu Jun  9 16:43:51 2016 us=111169   pkcs11_cert_private = DISABLED
Thu Jun  9 16:43:51 2016 us=111184   pkcs11_cert_private = DISABLED
Thu Jun  9 16:43:51 2016 us=111199   pkcs11_cert_private = DISABLED
Thu Jun  9 16:43:51 2016 us=111213   pkcs11_cert_private = DISABLED
Thu Jun  9 16:43:51 2016 us=111228   pkcs11_cert_private = DISABLED
Thu Jun  9 16:43:51 2016 us=111243   pkcs11_cert_private = DISABLED
Thu Jun  9 16:43:51 2016 us=111257   pkcs11_cert_private = DISABLED
Thu Jun  9 16:43:51 2016 us=111273   pkcs11_cert_private = DISABLED
Thu Jun  9 16:43:51 2016 us=111288   pkcs11_cert_private = DISABLED
Thu Jun  9 16:43:51 2016 us=111305   pkcs11_cert_private = DISABLED
Thu Jun  9 16:43:51 2016 us=111321   pkcs11_pin_cache_period = -1
Thu Jun  9 16:43:51 2016 us=111343   pkcs11_id = '[UNDEF]'
Thu Jun  9 16:43:51 2016 us=111369   pkcs11_id_management = DISABLED
Thu Jun  9 16:43:51 2016 us=111398   server_network = 0.0.0.0
Thu Jun  9 16:43:51 2016 us=111417   server_netmask = 0.0.0.0
Thu Jun  9 16:43:51 2016 us=111434   server_bridge_ip = 0.0.0.0
Thu Jun  9 16:43:51 2016 us=111451   server_bridge_netmask = 0.0.0.0
Thu Jun  9 16:43:51 2016 us=111468   server_bridge_pool_start = 0.0.0.0
Thu Jun  9 16:43:51 2016 us=111484   server_bridge_pool_end = 0.0.0.0
Thu Jun  9 16:43:51 2016 us=111499   ifconfig_pool_defined = DISABLED
Thu Jun  9 16:43:51 2016 us=111516   ifconfig_pool_start = 0.0.0.0
Thu Jun  9 16:43:51 2016 us=111532   ifconfig_pool_end = 0.0.0.0
Thu Jun  9 16:43:51 2016 us=111548   ifconfig_pool_netmask = 0.0.0.0
Thu Jun  9 16:43:51 2016 us=111566   ifconfig_pool_persist_filename = '[UNDEF]'
Thu Jun  9 16:43:51 2016 us=111581   ifconfig_pool_persist_refresh_freq = 600
Thu Jun  9 16:43:51 2016 us=111597   n_bcast_buf = 256
Thu Jun  9 16:43:51 2016 us=111612   tcp_queue_limit = 64
Thu Jun  9 16:43:51 2016 us=111626   real_hash_size = 256
Thu Jun  9 16:43:51 2016 us=111641   virtual_hash_size = 256
Thu Jun  9 16:43:51 2016 us=111656   client_connect_script = '[UNDEF]'
Thu Jun  9 16:43:51 2016 us=111671   learn_address_script = '[UNDEF]'
Thu Jun  9 16:43:51 2016 us=111686   client_disconnect_script = '[UNDEF]'
Thu Jun  9 16:43:51 2016 us=111701   client_config_dir = '[UNDEF]'
Thu Jun  9 16:43:51 2016 us=111716   ccd_exclusive = DISABLED
Thu Jun  9 16:43:51 2016 us=111732   tmp_dir = '/tmp'
Thu Jun  9 16:43:51 2016 us=111746   push_ifconfig_defined = DISABLED
Thu Jun  9 16:43:51 2016 us=111763   push_ifconfig_local = 0.0.0.0
Thu Jun  9 16:43:51 2016 us=111779   push_ifconfig_remote_netmask = 0.0.0.0
Thu Jun  9 16:43:51 2016 us=111805   enable_c2c = DISABLED
Thu Jun  9 16:43:51 2016 us=111822   duplicate_cn = DISABLED
Thu Jun  9 16:43:51 2016 us=111839   cf_max = 0
Thu Jun  9 16:43:51 2016 us=111855   cf_per = 0
Thu Jun  9 16:43:51 2016 us=111869   max_clients = 1024
Thu Jun  9 16:43:51 2016 us=111904   max_routes_per_client = 256
Thu Jun  9 16:43:51 2016 us=111920   auth_user_pass_verify_script = '[UNDEF]'
Thu Jun  9 16:43:51 2016 us=111935   auth_user_pass_verify_script_via_file = DISABLED
Thu Jun  9 16:43:51 2016 us=111950   ssl_flags = 0
Thu Jun  9 16:43:51 2016 us=111965   port_share_host = '[UNDEF]'
Thu Jun  9 16:43:51 2016 us=111980   port_share_port = 0
Thu Jun  9 16:43:51 2016 us=111997   client = ENABLED
Thu Jun  9 16:43:51 2016 us=112013   pull = ENABLED
Thu Jun  9 16:43:51 2016 us=112028   auth_user_pass_file = '[UNDEF]'
Thu Jun  9 16:43:51 2016 us=112048 OpenVPN 2.2.2 x86_64-unknown-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [eurephia] built on Apr  5 2012
Thu Jun  9 16:43:51 2016 us=112111 PKCS#11: pkcs11_initialize - entered
Thu Jun  9 16:43:51 2016 us=112176 PKCS#11: pkcs11_initialize - return 0-'CKR_OK'
Thu Jun  9 16:43:51 2016 us=112200 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Thu Jun  9 16:43:51 2016 us=112223 PO_INIT maxevents=4 flags=0x00000002
Thu Jun  9 16:43:51 2016 us=113050 WARNING: file '/etc/openvpn/client.key' is group or others accessible
Thu Jun  9 16:43:51 2016 us=113657 PRNG init md=SHA1 size=36
Thu Jun  9 16:43:51 2016 us=113713 LZO compression initialized
Thu Jun  9 16:43:51 2016 us=113736 MTU DYNAMIC mtu=0, flags=1, 0 -> 140
Thu Jun  9 16:43:51 2016 us=113750 TLS: tls_session_init: entry
Thu Jun  9 16:43:51 2016 us=113774 PID packet_id_init seq_backtrack=0 time_backtrack=0
Thu Jun  9 16:43:51 2016 us=113829 PID packet_id_init seq_backtrack=0 time_backtrack=0
Thu Jun  9 16:43:51 2016 us=113850 TLS: tls_session_init: new session object, sid=234802a4 c906ef59
Thu Jun  9 16:43:51 2016 us=113874 TLS: tls_session_init: entry
Thu Jun  9 16:43:51 2016 us=113892 PID packet_id_init seq_backtrack=0 time_backtrack=0
Thu Jun  9 16:43:51 2016 us=113934 PID packet_id_init seq_backtrack=0 time_backtrack=0
Thu Jun  9 16:43:51 2016 us=113953 TLS: tls_session_init: new session object, sid=0cfb73a1 4205759d
Thu Jun  9 16:43:51 2016 us=113971 Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Thu Jun  9 16:43:51 2016 us=113997 MTU DYNAMIC mtu=1450, flags=2, 1544 -> 1450
Thu Jun  9 16:43:51 2016 us=114041 Socket Buffers: R=[87380->131072] S=[16384->131072]
Thu Jun  9 16:43:51 2016 us=117383 RESOLVE_REMOTE flags=0x0101 phase=1 rrs=0 sig=-1 status=1
Thu Jun  9 16:43:51 2016 us=117424 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Thu Jun  9 16:43:51 2016 us=117456 Local Options String: 'V4,dev-type tun,link-mtu 1544,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Thu Jun  9 16:43:51 2016 us=117469 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1544,tun-mtu 1500,proto TCPv4_SERVER,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Thu Jun  9 16:43:51 2016 us=117502 Local Options hash (VER=V4): '69109d17'
Thu Jun  9 16:43:51 2016 us=117524 Expected Remote Options hash (VER=V4): 'c0103fa8'
Thu Jun  9 16:43:51 2016 us=118792 PKCS#11: __pkcs11h_forkFixup entry pid=12065, activate_slotevent=1
Thu Jun  9 16:43:51 2016 us=118872 PKCS#11: __pkcs11h_forkFixup return
Thu Jun  9 16:43:51 2016 us=119019 STREAM: RESET
Thu Jun  9 16:43:51 2016 us=119046 STREAM: INIT maxlen=1544
Thu Jun  9 16:43:51 2016 us=119077 Attempting to establish TCP connection with 130.xxx.xxx.xxx:2443 [nonblock]
Thu Jun  9 16:43:52 2016 us=119960 TCP connection established with 130.xxx.xxx.xxx:2443
Thu Jun  9 16:43:52 2016 us=120041 TCPv4_CLIENT link local: [undef]
Thu Jun  9 16:43:52 2016 us=120062 TCPv4_CLIENT link remote: 130.xxx.xxx.xxx:2443
Thu Jun  9 16:43:52 2016 us=120099 TIMER: coarse timer wakeup 1 seconds
Thu Jun  9 16:43:52 2016 us=120147 TLS: tls_multi_process: i=0 state=S_INITIAL, mysid=234802a4 c906ef59, stored-sid=00000000 00000000, stored-ip=130.xxx.xxx.xxx:2443
Thu Jun  9 16:43:52 2016 us=120174 TLS: tls_process: chg=0 ks=S_INITIAL lame=S_UNDEF to_link->len=0 wakeup=604800
Thu Jun  9 16:43:52 2016 us=120197 ACK mark active outgoing ID 0
Thu Jun  9 16:43:52 2016 us=120217 TLS: Initial Handshake, sid=234802a4 c906ef59
Thu Jun  9 16:43:52 2016 us=120233 ACK reliable_can_send active=1 current=1 : [1] 0
Thu Jun  9 16:43:52 2016 us=120248 ACK reliable_send ID 0 (size=4 to=2)
Thu Jun  9 16:43:52 2016 us=120265 Reliable -> TCP/UDP
Thu Jun  9 16:43:52 2016 us=120280 ACK reliable_send_timeout 2 [1] 0
Thu Jun  9 16:43:52 2016 us=120295 TLS: tls_process: timeout set to 2
Thu Jun  9 16:43:52 2016 us=120319 TLS: tls_multi_process: i=1 state=S_INITIAL, mysid=0cfb73a1 4205759d, stored-sid=00000000 00000000, stored-ip=[undef]
Thu Jun  9 16:43:52 2016 us=120341 TLS: tls_multi_process: i=2 state=S_UNDEF, mysid=00000000 00000000, stored-sid=00000000 00000000, stored-ip=[undef]
Thu Jun  9 16:43:52 2016 us=120389 RANDOM USEC=235265
Thu Jun  9 16:43:52 2016 us=120417 STREAM: SET NEXT, buf=[180,0] next=[180,1544] len=-1 maxlen=1544
Thu Jun  9 16:43:52 2016 us=120433 PO_CTL rwflags=0x0003 ev=3 arg=0x00688db0
Thu Jun  9 16:43:52 2016 us=120464 I/O WAIT T?|T?|SR|SW [1/235265]
Thu Jun  9 16:43:52 2016 us=120494 PO_WAIT[0,0] fd=3 rev=0x00000004 rwflags=0x0002 arg=0x00688db0 
Thu Jun  9 16:43:52 2016 us=120506  event_wait returned 1
Thu Jun  9 16:43:52 2016 us=120522 I/O WAIT status=0x0002
Thu Jun  9 16:43:52 2016 us=120552 TCPv4_CLIENT WRITE [14] to 130.xxx.xxx.xxx:2443: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=234802a4 c906ef59 [ ] pid=0 DATA 
Thu Jun  9 16:43:52 2016 us=120565 STREAM: WRITE 14 offset=26
Thu Jun  9 16:43:52 2016 us=120599 TCPv4_CLIENT write returned 16
Thu Jun  9 16:43:52 2016 us=120629 TLS: tls_multi_process: i=0 state=S_PRE_START, mysid=234802a4 c906ef59, stored-sid=00000000 00000000, stored-ip=130.xxx.xxx.xxx:2443
Thu Jun  9 16:43:52 2016 us=120643 TLS: tls_process: chg=0 ks=S_PRE_START lame=S_UNDEF to_link->len=0 wakeup=604800
Thu Jun  9 16:43:52 2016 us=120660 ACK reliable_can_send active=1 current=0 : [1] 0
Thu Jun  9 16:43:52 2016 us=120816 SSL state (connect): before/connect initialization
Thu Jun  9 16:43:52 2016 us=120887 SSL state (connect): SSLv3 write client hello A
Thu Jun  9 16:43:52 2016 us=120915 ACK reliable_send_timeout 2 [1] 0
Thu Jun  9 16:43:52 2016 us=120928 TLS: tls_process: timeout set to 2
Thu Jun  9 16:43:52 2016 us=120952 TLS: tls_multi_process: i=1 state=S_INITIAL, mysid=0cfb73a1 4205759d, stored-sid=00000000 00000000, stored-ip=[undef]
Thu Jun  9 16:43:52 2016 us=121009 TLS: tls_multi_process: i=2 state=S_UNDEF, mysid=00000000 00000000, stored-sid=00000000 00000000, stored-ip=[undef]
Thu Jun  9 16:43:52 2016 us=121031 STREAM: SET NEXT, buf=[180,0] next=[180,1544] len=-1 maxlen=1544
Thu Jun  9 16:43:52 2016 us=121045 PO_CTL rwflags=0x0001 ev=3 arg=0x00688db0
Thu Jun  9 16:43:52 2016 us=121068 I/O WAIT T?|T?|SR|Sw [1/235265]
Thu Jun  9 16:43:52 2016 us=151831 PO_WAIT[0,0] fd=3 rev=0x00000001 rwflags=0x0001 arg=0x00688db0 
Thu Jun  9 16:43:52 2016 us=151870  event_wait returned 1
Thu Jun  9 16:43:52 2016 us=151890 I/O WAIT status=0x0001
Thu Jun  9 16:43:52 2016 us=151908 STREAM: GET NEXT len=1544
Thu Jun  9 16:43:52 2016 us=151933 STREAM: ADD length_added=28
Thu Jun  9 16:43:52 2016 us=151949 STREAM: ADD returned TRUE, buf_len=26, residual_len=0
Thu Jun  9 16:43:52 2016 us=151964 STREAM: GET FINAL len=26
Thu Jun  9 16:43:52 2016 us=151979 STREAM: RESET
Thu Jun  9 16:43:52 2016 us=151997 TCPv4_CLIENT read returned 26
Thu Jun  9 16:43:52 2016 us=152035 TCPv4_CLIENT READ [26] from 130.xxx.xxx.xxx:2443: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 sid=fd8be839 b555a34f [ 0 sid=234802a4 c906ef59 ] pid=0 DATA 
Thu Jun  9 16:43:52 2016 us=152066 TLS: control channel, op=P_CONTROL_HARD_RESET_SERVER_V2, IP=130.xxx.xxx.xxx:2443
Thu Jun  9 16:43:52 2016 us=152101 TLS: initial packet test, i=0 state=S_PRE_START, mysid=234802a4 c906ef59, rec-sid=fd8be839 b555a34f, rec-ip=130.xxx.xxx.xxx:2443, stored-sid=00000000 00000000, stored-ip=130.xxx.xxx.xxx:2443
Thu Jun  9 16:43:52 2016 us=152143 TLS: initial packet test, i=1 state=S_INITIAL, mysid=0cfb73a1 4205759d, rec-sid=fd8be839 b555a34f, rec-ip=130.xxx.xxx.xxx:2443, stored-sid=00000000 00000000, stored-ip=[undef]
Thu Jun  9 16:43:52 2016 us=152190 TLS: initial packet test, i=2 state=S_UNDEF, mysid=00000000 00000000, rec-sid=fd8be839 b555a34f, rec-ip=130.xxx.xxx.xxx:2443, stored-sid=00000000 00000000, stored-ip=[undef]
Thu Jun  9 16:43:52 2016 us=152225 TLS: Initial packet from 130.xxx.xxx.xxx:2443, sid=fd8be839 b555a34f
Thu Jun  9 16:43:52 2016 us=152246 TLS: received control channel packet s#=0 sid=fd8be839 b555a34f
Thu Jun  9 16:43:52 2016 us=152270 ACK reliable_schedule_now
Thu Jun  9 16:43:52 2016 us=152287 ACK received for pid 0, deleting from send buffer
Thu Jun  9 16:43:52 2016 us=152302 ACK read ID 0 (buf->len=0)
Thu Jun  9 16:43:52 2016 us=152318 ACK RWBS rel->size=8 rel->packet_id=00000000 id=00000000 ret=1
This is the log of the same command when run directly.

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 3243
Joined: Fri Jun 03, 2016 1:17 pm

Re: Openvpn client fails to access server when started as a service

Post by TinCanTech » Thu Jun 09, 2016 7:21 pm

darkwind wrote:Thu Jun 9 16:38:02 2016 us=207492 OpenVPN 2.2.2 x86_64-unknown-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [eurephia] built on Apr 5 2012
Please update this to a supported version.

darkwind
OpenVPN User
Posts: 11
Joined: Thu Jun 09, 2016 11:10 am

Re: Openvpn client fails to access server when started as a service

Post by darkwind » Thu Jun 09, 2016 7:44 pm

I updated to

Code: Select all

OpenVPN 2.3.11 x86_64-redhat-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on May 10 2016
I hope this meets the requirement.

Btw. the server I want to connect to has

Code: Select all

OpenVPN 2.3.10 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Feb  2 2016
Nevertheless the problem stays the same. But I will post the log file's content in case something changed here.

Log entries when started using the service

Code: Select all

Thu Jun  9 21:35:16 2016 us=315649 Current Parameter Settings:
Thu Jun  9 21:35:16 2016 us=315798   config = 'client.conf'
Thu Jun  9 21:35:16 2016 us=315819   mode = 0
Thu Jun  9 21:35:16 2016 us=315833   persist_config = DISABLED
Thu Jun  9 21:35:16 2016 us=315847   persist_mode = 1
Thu Jun  9 21:35:16 2016 us=315861   show_ciphers = DISABLED
Thu Jun  9 21:35:16 2016 us=315876   show_digests = DISABLED
Thu Jun  9 21:35:16 2016 us=315889   show_engines = DISABLED
Thu Jun  9 21:35:16 2016 us=315902   genkey = DISABLED
Thu Jun  9 21:35:16 2016 us=315915   key_pass_file = '[UNDEF]'
Thu Jun  9 21:35:16 2016 us=315928   show_tls_ciphers = DISABLED
Thu Jun  9 21:35:16 2016 us=315938 Connection profiles [default]:
Thu Jun  9 21:35:16 2016 us=315947   proto = tcp-client
Thu Jun  9 21:35:16 2016 us=315955   local = '[UNDEF]'
Thu Jun  9 21:35:16 2016 us=315963   local_port = 0
Thu Jun  9 21:35:16 2016 us=315972   remote = 'vpn.nxxxxxxm.de'
Thu Jun  9 21:35:16 2016 us=315980   remote_port = 2443
Thu Jun  9 21:35:16 2016 us=315989   remote_float = DISABLED
Thu Jun  9 21:35:16 2016 us=315997   bind_defined = DISABLED
Thu Jun  9 21:35:16 2016 us=316005   bind_local = DISABLED
Thu Jun  9 21:35:16 2016 us=316014   connect_retry_seconds = 5
Thu Jun  9 21:35:16 2016 us=316022   connect_timeout = 10
Thu Jun  9 21:35:16 2016 us=316031   connect_retry_max = 0
Thu Jun  9 21:35:16 2016 us=316039   socks_proxy_server = '[UNDEF]'
Thu Jun  9 21:35:16 2016 us=316048   socks_proxy_port = 0
Thu Jun  9 21:35:16 2016 us=316056   socks_proxy_retry = DISABLED
Thu Jun  9 21:35:16 2016 us=316065   tun_mtu = 1500
Thu Jun  9 21:35:16 2016 us=316073   tun_mtu_defined = ENABLED
Thu Jun  9 21:35:16 2016 us=316081   link_mtu = 1500
Thu Jun  9 21:35:16 2016 us=316090   link_mtu_defined = DISABLED
Thu Jun  9 21:35:16 2016 us=316098   tun_mtu_extra = 0
Thu Jun  9 21:35:16 2016 us=316106   tun_mtu_extra_defined = DISABLED
Thu Jun  9 21:35:16 2016 us=316115   mtu_discover_type = -1
Thu Jun  9 21:35:16 2016 us=316123   fragment = 0
Thu Jun  9 21:35:16 2016 us=316131   mssfix = 1450
Thu Jun  9 21:35:16 2016 us=316140   explicit_exit_notification = 0
Thu Jun  9 21:35:16 2016 us=316151 Connection profiles END
Thu Jun  9 21:35:16 2016 us=316159   remote_random = DISABLED
Thu Jun  9 21:35:16 2016 us=316167   ipchange = '[UNDEF]'
Thu Jun  9 21:35:16 2016 us=316176   dev = 'tun'
Thu Jun  9 21:35:16 2016 us=316184   dev_type = '[UNDEF]'
Thu Jun  9 21:35:16 2016 us=316192   dev_node = '[UNDEF]'
Thu Jun  9 21:35:16 2016 us=316200   lladdr = '[UNDEF]'
Thu Jun  9 21:35:16 2016 us=316208   topology = 1
Thu Jun  9 21:35:16 2016 us=316217   tun_ipv6 = DISABLED
Thu Jun  9 21:35:16 2016 us=316225   ifconfig_local = '[UNDEF]'
Thu Jun  9 21:35:16 2016 us=316233   ifconfig_remote_netmask = '[UNDEF]'
Thu Jun  9 21:35:16 2016 us=316242   ifconfig_noexec = DISABLED
Thu Jun  9 21:35:16 2016 us=316250   ifconfig_nowarn = DISABLED
Thu Jun  9 21:35:16 2016 us=316258   ifconfig_ipv6_local = '[UNDEF]'
Thu Jun  9 21:35:16 2016 us=316267   ifconfig_ipv6_netbits = 0
Thu Jun  9 21:35:16 2016 us=316275   ifconfig_ipv6_remote = '[UNDEF]'
Thu Jun  9 21:35:16 2016 us=316283   shaper = 0
Thu Jun  9 21:35:16 2016 us=316292   mtu_test = 0
Thu Jun  9 21:35:16 2016 us=316300   mlock = DISABLED
Thu Jun  9 21:35:16 2016 us=316308   keepalive_ping = 0
Thu Jun  9 21:35:16 2016 us=316328   keepalive_timeout = 0
Thu Jun  9 21:35:16 2016 us=316337   inactivity_timeout = 0
Thu Jun  9 21:35:16 2016 us=316345   ping_send_timeout = 0
Thu Jun  9 21:35:16 2016 us=316353   ping_rec_timeout = 0
Thu Jun  9 21:35:16 2016 us=316362   ping_rec_timeout_action = 0
Thu Jun  9 21:35:16 2016 us=316370   ping_timer_remote = DISABLED
Thu Jun  9 21:35:16 2016 us=316378   remap_sigusr1 = 0
Thu Jun  9 21:35:16 2016 us=316389   persist_tun = DISABLED
Thu Jun  9 21:35:16 2016 us=316398   persist_local_ip = DISABLED
Thu Jun  9 21:35:16 2016 us=316408   persist_remote_ip = DISABLED
Thu Jun  9 21:35:16 2016 us=316418   persist_key = DISABLED
Thu Jun  9 21:35:16 2016 us=316428   passtos = DISABLED
Thu Jun  9 21:35:16 2016 us=316436   resolve_retry_seconds = 1000000000
Thu Jun  9 21:35:16 2016 us=316450   username = '[UNDEF]'
Thu Jun  9 21:35:16 2016 us=316458   groupname = '[UNDEF]'
Thu Jun  9 21:35:16 2016 us=316471   chroot_dir = '[UNDEF]'
Thu Jun  9 21:35:16 2016 us=316479   cd_dir = '/etc/openvpn'
Thu Jun  9 21:35:16 2016 us=316488   writepid = '/var/run/openvpn/client.pid'
Thu Jun  9 21:35:16 2016 us=316496   up_script = '[UNDEF]'
Thu Jun  9 21:35:16 2016 us=316504   down_script = '[UNDEF]'
Thu Jun  9 21:35:16 2016 us=316512   down_pre = DISABLED
Thu Jun  9 21:35:16 2016 us=316520   up_restart = DISABLED
Thu Jun  9 21:35:16 2016 us=316529   up_delay = DISABLED
Thu Jun  9 21:35:16 2016 us=316537   daemon = ENABLED
Thu Jun  9 21:35:16 2016 us=316545   inetd = 0
Thu Jun  9 21:35:16 2016 us=316553   log = ENABLED
Thu Jun  9 21:35:16 2016 us=316562   suppress_timestamps = DISABLED
Thu Jun  9 21:35:16 2016 us=316571   nice = 0
Thu Jun  9 21:35:16 2016 us=316595   verbosity = 11
Thu Jun  9 21:35:16 2016 us=316607   mute = 0
Thu Jun  9 21:35:16 2016 us=316624   gremlin = 0
Thu Jun  9 21:35:16 2016 us=316636   status_file = '[UNDEF]'
Thu Jun  9 21:35:16 2016 us=316648   status_file_version = 1
Thu Jun  9 21:35:16 2016 us=316657   status_file_update_freq = 60
Thu Jun  9 21:35:16 2016 us=316665   occ = ENABLED
Thu Jun  9 21:35:16 2016 us=316673   rcvbuf = 0
Thu Jun  9 21:35:16 2016 us=316681   sndbuf = 0
Thu Jun  9 21:35:16 2016 us=316690   mark = 0
Thu Jun  9 21:35:16 2016 us=316698   sockflags = 0
Thu Jun  9 21:35:16 2016 us=316706   fast_io = DISABLED
Thu Jun  9 21:35:16 2016 us=316714   lzo = 7
Thu Jun  9 21:35:16 2016 us=316722   route_script = '[UNDEF]'
Thu Jun  9 21:35:16 2016 us=316731   route_default_gateway = '[UNDEF]'
Thu Jun  9 21:35:16 2016 us=316739   route_default_metric = 0
Thu Jun  9 21:35:16 2016 us=316748   route_noexec = DISABLED
Thu Jun  9 21:35:16 2016 us=316756   route_delay = 0
Thu Jun  9 21:35:16 2016 us=316765   route_delay_window = 30
Thu Jun  9 21:35:16 2016 us=316777   route_delay_defined = DISABLED
Thu Jun  9 21:35:16 2016 us=316790   route_nopull = DISABLED
Thu Jun  9 21:35:16 2016 us=316802   route_gateway_via_dhcp = DISABLED
Thu Jun  9 21:35:16 2016 us=316816   max_routes = 100
Thu Jun  9 21:35:16 2016 us=316830   allow_pull_fqdn = DISABLED
Thu Jun  9 21:35:16 2016 us=316844   management_addr = '[UNDEF]'
Thu Jun  9 21:35:16 2016 us=316853   management_port = 0
Thu Jun  9 21:35:16 2016 us=316861   management_user_pass = '[UNDEF]'
Thu Jun  9 21:35:16 2016 us=316869   management_log_history_cache = 250
Thu Jun  9 21:35:16 2016 us=316878   management_echo_buffer_size = 100
Thu Jun  9 21:35:16 2016 us=316887   management_write_peer_info_file = '[UNDEF]'
Thu Jun  9 21:35:16 2016 us=316896   management_client_user = '[UNDEF]'
Thu Jun  9 21:35:16 2016 us=316904   management_client_group = '[UNDEF]'
Thu Jun  9 21:35:16 2016 us=316912   management_flags = 0
Thu Jun  9 21:35:16 2016 us=316921   shared_secret_file = '[UNDEF]'
Thu Jun  9 21:35:16 2016 us=316929   key_direction = 0
Thu Jun  9 21:35:16 2016 us=316938   ciphername_defined = ENABLED
Thu Jun  9 21:35:16 2016 us=316946   ciphername = 'BF-CBC'
Thu Jun  9 21:35:16 2016 us=316955   authname_defined = ENABLED
Thu Jun  9 21:35:16 2016 us=316963   authname = 'SHA1'
Thu Jun  9 21:35:16 2016 us=316972   prng_hash = 'SHA1'
Thu Jun  9 21:35:16 2016 us=316980   prng_nonce_secret_len = 16
Thu Jun  9 21:35:16 2016 us=316988   keysize = 0
Thu Jun  9 21:35:16 2016 us=316997   engine = DISABLED
Thu Jun  9 21:35:16 2016 us=317005   replay = ENABLED
Thu Jun  9 21:35:16 2016 us=317014   mute_replay_warnings = DISABLED
Thu Jun  9 21:35:16 2016 us=317022   replay_window = 64
Thu Jun  9 21:35:16 2016 us=317033   replay_time = 15
Thu Jun  9 21:35:16 2016 us=317047   packet_id_file = '[UNDEF]'
Thu Jun  9 21:35:16 2016 us=317061   use_iv = ENABLED
Thu Jun  9 21:35:16 2016 us=317075   test_crypto = DISABLED
Thu Jun  9 21:35:16 2016 us=317088   tls_server = DISABLED
Thu Jun  9 21:35:16 2016 us=317103   tls_client = ENABLED
Thu Jun  9 21:35:16 2016 us=317116   key_method = 2
Thu Jun  9 21:35:16 2016 us=317129   ca_file = '/etc/openvpn/ca.crt'
Thu Jun  9 21:35:16 2016 us=317149   ca_path = '[UNDEF]'
Thu Jun  9 21:35:16 2016 us=317162   dh_file = '[UNDEF]'
Thu Jun  9 21:35:16 2016 us=317175   cert_file = '/etc/openvpn/client.crt'
Thu Jun  9 21:35:16 2016 us=317188   extra_certs_file = '[UNDEF]'
Thu Jun  9 21:35:16 2016 us=317215   priv_key_file = '/etc/openvpn/client.key'
Thu Jun  9 21:35:16 2016 us=317230   pkcs12_file = '[UNDEF]'
Thu Jun  9 21:35:16 2016 us=317243   cipher_list = '[UNDEF]'
Thu Jun  9 21:35:16 2016 us=317256   tls_verify = '[UNDEF]'
Thu Jun  9 21:35:16 2016 us=317269   tls_export_cert = '[UNDEF]'
Thu Jun  9 21:35:16 2016 us=317283   verify_x509_type = 0
Thu Jun  9 21:35:16 2016 us=317295   verify_x509_name = '[UNDEF]'
Thu Jun  9 21:35:16 2016 us=317308   crl_file = '[UNDEF]'
Thu Jun  9 21:35:16 2016 us=317331   ns_cert_type = 0
Thu Jun  9 21:35:16 2016 us=317345   remote_cert_ku[i] = 160
Thu Jun  9 21:35:16 2016 us=317358   remote_cert_ku[i] = 136
Thu Jun  9 21:35:16 2016 us=317371   remote_cert_ku[i] = 0
Thu Jun  9 21:35:16 2016 us=317384   remote_cert_ku[i] = 0
Thu Jun  9 21:35:16 2016 us=317396   remote_cert_ku[i] = 0
Thu Jun  9 21:35:16 2016 us=317409   remote_cert_ku[i] = 0
Thu Jun  9 21:35:16 2016 us=317422   remote_cert_ku[i] = 0
Thu Jun  9 21:35:16 2016 us=317435   remote_cert_ku[i] = 0
Thu Jun  9 21:35:16 2016 us=317447   remote_cert_ku[i] = 0
Thu Jun  9 21:35:16 2016 us=317460   remote_cert_ku[i] = 0
Thu Jun  9 21:35:16 2016 us=317486   remote_cert_ku[i] = 0
Thu Jun  9 21:35:16 2016 us=317500   remote_cert_ku[i] = 0
Thu Jun  9 21:35:16 2016 us=317512   remote_cert_ku[i] = 0
Thu Jun  9 21:35:16 2016 us=317525   remote_cert_ku[i] = 0
Thu Jun  9 21:35:16 2016 us=317538   remote_cert_ku[i] = 0
Thu Jun  9 21:35:16 2016 us=317551   remote_cert_ku[i] = 0
Thu Jun  9 21:35:16 2016 us=317564   remote_cert_eku = 'TLS Web Server Authentication'
Thu Jun  9 21:35:16 2016 us=317578   ssl_flags = 0
Thu Jun  9 21:35:16 2016 us=317601   tls_timeout = 2
Thu Jun  9 21:35:16 2016 us=317623   renegotiate_bytes = 0
Thu Jun  9 21:35:16 2016 us=317637   renegotiate_packets = 0
Thu Jun  9 21:35:16 2016 us=317651   renegotiate_seconds = 3600
Thu Jun  9 21:35:16 2016 us=317664   handshake_window = 60
Thu Jun  9 21:35:16 2016 us=317678   transition_window = 3600
Thu Jun  9 21:35:16 2016 us=317691   single_session = DISABLED
Thu Jun  9 21:35:16 2016 us=317704   push_peer_info = DISABLED
Thu Jun  9 21:35:16 2016 us=317717   tls_exit = DISABLED
Thu Jun  9 21:35:16 2016 us=317730   tls_auth_file = '[UNDEF]'
Thu Jun  9 21:35:16 2016 us=317744   pkcs11_protected_authentication = DISABLED
Thu Jun  9 21:35:16 2016 us=317757   pkcs11_protected_authentication = DISABLED
Thu Jun  9 21:35:16 2016 us=317770   pkcs11_protected_authentication = DISABLED
Thu Jun  9 21:35:16 2016 us=317783   pkcs11_protected_authentication = DISABLED
Thu Jun  9 21:35:16 2016 us=317796   pkcs11_protected_authentication = DISABLED
Thu Jun  9 21:35:16 2016 us=317809   pkcs11_protected_authentication = DISABLED
Thu Jun  9 21:35:16 2016 us=317822   pkcs11_protected_authentication = DISABLED
Thu Jun  9 21:35:16 2016 us=317835   pkcs11_protected_authentication = DISABLED
Thu Jun  9 21:35:16 2016 us=317848   pkcs11_protected_authentication = DISABLED
Thu Jun  9 21:35:16 2016 us=317861   pkcs11_protected_authentication = DISABLED
Thu Jun  9 21:35:16 2016 us=317874   pkcs11_protected_authentication = DISABLED
Thu Jun  9 21:35:16 2016 us=317886   pkcs11_protected_authentication = DISABLED
Thu Jun  9 21:35:16 2016 us=317899   pkcs11_protected_authentication = DISABLED
Thu Jun  9 21:35:16 2016 us=317912   pkcs11_protected_authentication = DISABLED
Thu Jun  9 21:35:16 2016 us=317926   pkcs11_protected_authentication = DISABLED
Thu Jun  9 21:35:16 2016 us=317938   pkcs11_protected_authentication = DISABLED
Thu Jun  9 21:35:16 2016 us=317952   pkcs11_private_mode = 00000000
Thu Jun  9 21:35:16 2016 us=317966   pkcs11_private_mode = 00000000
Thu Jun  9 21:35:16 2016 us=317979   pkcs11_private_mode = 00000000
Thu Jun  9 21:35:16 2016 us=317992   pkcs11_private_mode = 00000000
Thu Jun  9 21:35:16 2016 us=318011   pkcs11_private_mode = 00000000
Thu Jun  9 21:35:16 2016 us=318024   pkcs11_private_mode = 00000000
Thu Jun  9 21:35:16 2016 us=318037   pkcs11_private_mode = 00000000
Thu Jun  9 21:35:16 2016 us=318050   pkcs11_private_mode = 00000000
Thu Jun  9 21:35:16 2016 us=318062   pkcs11_private_mode = 00000000
Thu Jun  9 21:35:16 2016 us=318075   pkcs11_private_mode = 00000000
Thu Jun  9 21:35:16 2016 us=318088   pkcs11_private_mode = 00000000
Thu Jun  9 21:35:16 2016 us=318101   pkcs11_private_mode = 00000000
Thu Jun  9 21:35:16 2016 us=318113   pkcs11_private_mode = 00000000
Thu Jun  9 21:35:16 2016 us=318126   pkcs11_private_mode = 00000000
Thu Jun  9 21:35:16 2016 us=318139   pkcs11_private_mode = 00000000
Thu Jun  9 21:35:16 2016 us=318152   pkcs11_private_mode = 00000000
Thu Jun  9 21:35:16 2016 us=318165   pkcs11_cert_private = DISABLED
Thu Jun  9 21:35:16 2016 us=318178   pkcs11_cert_private = DISABLED
Thu Jun  9 21:35:16 2016 us=318191   pkcs11_cert_private = DISABLED
Thu Jun  9 21:35:16 2016 us=318204   pkcs11_cert_private = DISABLED
Thu Jun  9 21:35:16 2016 us=318217   pkcs11_cert_private = DISABLED
Thu Jun  9 21:35:16 2016 us=318230   pkcs11_cert_private = DISABLED
Thu Jun  9 21:35:16 2016 us=318243   pkcs11_cert_private = DISABLED
Thu Jun  9 21:35:16 2016 us=318256   pkcs11_cert_private = DISABLED
Thu Jun  9 21:35:16 2016 us=318269   pkcs11_cert_private = DISABLED
Thu Jun  9 21:35:16 2016 us=318281   pkcs11_cert_private = DISABLED
Thu Jun  9 21:35:16 2016 us=318294   pkcs11_cert_private = DISABLED
Thu Jun  9 21:35:16 2016 us=318307   pkcs11_cert_private = DISABLED
Thu Jun  9 21:35:16 2016 us=318319   pkcs11_cert_private = DISABLED
Thu Jun  9 21:35:16 2016 us=318343   pkcs11_cert_private = DISABLED
Thu Jun  9 21:35:16 2016 us=318356   pkcs11_cert_private = DISABLED
Thu Jun  9 21:35:16 2016 us=318369   pkcs11_cert_private = DISABLED
Thu Jun  9 21:35:16 2016 us=318382   pkcs11_pin_cache_period = -1
Thu Jun  9 21:35:16 2016 us=318396   pkcs11_id = '[UNDEF]'
Thu Jun  9 21:35:16 2016 us=318409   pkcs11_id_management = DISABLED
Thu Jun  9 21:35:16 2016 us=318432   server_network = 0.0.0.0
Thu Jun  9 21:35:16 2016 us=318448   server_netmask = 0.0.0.0
Thu Jun  9 21:35:16 2016 us=318472   server_network_ipv6 = ::
Thu Jun  9 21:35:16 2016 us=318487   server_netbits_ipv6 = 0
Thu Jun  9 21:35:16 2016 us=318502   server_bridge_ip = 0.0.0.0
Thu Jun  9 21:35:16 2016 us=318517   server_bridge_netmask = 0.0.0.0
Thu Jun  9 21:35:16 2016 us=318548   server_bridge_pool_start = 0.0.0.0
Thu Jun  9 21:35:16 2016 us=318564   server_bridge_pool_end = 0.0.0.0
Thu Jun  9 21:35:16 2016 us=318578   ifconfig_pool_defined = DISABLED
Thu Jun  9 21:35:16 2016 us=318604   ifconfig_pool_start = 0.0.0.0
Thu Jun  9 21:35:16 2016 us=318629   ifconfig_pool_end = 0.0.0.0
Thu Jun  9 21:35:16 2016 us=318645   ifconfig_pool_netmask = 0.0.0.0
Thu Jun  9 21:35:16 2016 us=318658   ifconfig_pool_persist_filename = '[UNDEF]'
Thu Jun  9 21:35:16 2016 us=318672   ifconfig_pool_persist_refresh_freq = 600
Thu Jun  9 21:35:16 2016 us=318685   ifconfig_ipv6_pool_defined = DISABLED
Thu Jun  9 21:35:16 2016 us=318700   ifconfig_ipv6_pool_base = ::
Thu Jun  9 21:35:16 2016 us=318713   ifconfig_ipv6_pool_netbits = 0
Thu Jun  9 21:35:16 2016 us=318727   n_bcast_buf = 256
Thu Jun  9 21:35:16 2016 us=318740   tcp_queue_limit = 64
Thu Jun  9 21:35:16 2016 us=318753   real_hash_size = 256
Thu Jun  9 21:35:16 2016 us=318766   virtual_hash_size = 256
Thu Jun  9 21:35:16 2016 us=318780   client_connect_script = '[UNDEF]'
Thu Jun  9 21:35:16 2016 us=318792   learn_address_script = '[UNDEF]'
Thu Jun  9 21:35:16 2016 us=318800   client_disconnect_script = '[UNDEF]'
Thu Jun  9 21:35:16 2016 us=318809   client_config_dir = '[UNDEF]'
Thu Jun  9 21:35:16 2016 us=318817   ccd_exclusive = DISABLED
Thu Jun  9 21:35:16 2016 us=318826   tmp_dir = '/tmp'
Thu Jun  9 21:35:16 2016 us=318834   push_ifconfig_defined = DISABLED
Thu Jun  9 21:35:16 2016 us=318844   push_ifconfig_local = 0.0.0.0
Thu Jun  9 21:35:16 2016 us=318853   push_ifconfig_remote_netmask = 0.0.0.0
Thu Jun  9 21:35:16 2016 us=318867   push_ifconfig_ipv6_defined = DISABLED
Thu Jun  9 21:35:16 2016 us=318876   push_ifconfig_ipv6_local = ::/0
Thu Jun  9 21:35:16 2016 us=318888   push_ifconfig_ipv6_remote = ::
Thu Jun  9 21:35:16 2016 us=318897   enable_c2c = DISABLED
Thu Jun  9 21:35:16 2016 us=318905   duplicate_cn = DISABLED
Thu Jun  9 21:35:16 2016 us=318913   cf_max = 0
Thu Jun  9 21:35:16 2016 us=318922   cf_per = 0
Thu Jun  9 21:35:16 2016 us=318930   max_clients = 1024
Thu Jun  9 21:35:16 2016 us=318939   max_routes_per_client = 256
Thu Jun  9 21:35:16 2016 us=318947   auth_user_pass_verify_script = '[UNDEF]'
Thu Jun  9 21:35:16 2016 us=318956   auth_user_pass_verify_script_via_file = DISABLED
Thu Jun  9 21:35:16 2016 us=318964   port_share_host = '[UNDEF]'
Thu Jun  9 21:35:16 2016 us=318973   port_share_port = 0
Thu Jun  9 21:35:16 2016 us=318981   client = ENABLED
Thu Jun  9 21:35:16 2016 us=318990   pull = ENABLED
Thu Jun  9 21:35:16 2016 us=318998   auth_user_pass_file = '[UNDEF]'
Thu Jun  9 21:35:16 2016 us=319010 OpenVPN 2.3.11 x86_64-redhat-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on May 10 2016
Thu Jun  9 21:35:16 2016 us=319026 library versions: OpenSSL 1.0.1e-fips 11 Feb 2013, LZO 2.03
Thu Jun  9 21:35:16 2016 us=320115 PKCS#11: pkcs11_initialize - entered
Thu Jun  9 21:35:16 2016 us=320289 PKCS#11: pkcs11_initialize - return 0-'CKR_OK'
Thu Jun  9 21:35:16 2016 us=320320 PO_INIT maxevents=4 flags=0x00000002
Thu Jun  9 21:35:16 2016 us=321502 WARNING: file '/etc/openvpn/client.key' is group or others accessible
Thu Jun  9 21:35:16 2016 us=322029 PRNG init md=SHA1 size=36
Thu Jun  9 21:35:16 2016 us=322062 crypto_adjust_frame_parameters: Adjusting frame parameters for crypto by 40 bytes
Thu Jun  9 21:35:16 2016 us=322092 LZO compression initialized
Thu Jun  9 21:35:16 2016 us=322112 TLS: tls_session_init: entry
Thu Jun  9 21:35:16 2016 us=322131 PID packet_id_init tcp_mode=1 seq_backtrack=64 time_backtrack=15
Thu Jun  9 21:35:16 2016 us=322175 PID packet_id_init tcp_mode=1 seq_backtrack=64 time_backtrack=15
Thu Jun  9 21:35:16 2016 us=322192 TLS: tls_session_init: new session object, sid=d730e08f 8aaf3959
Thu Jun  9 21:35:16 2016 us=322202 TLS: tls_session_init: entry
Thu Jun  9 21:35:16 2016 us=322223 PID packet_id_init tcp_mode=1 seq_backtrack=64 time_backtrack=15
Thu Jun  9 21:35:16 2016 us=322253 PID packet_id_init tcp_mode=1 seq_backtrack=64 time_backtrack=15
Thu Jun  9 21:35:16 2016 us=322266 TLS: tls_session_init: new session object, sid=232537e1 6c1ca595
Thu Jun  9 21:35:16 2016 us=322282 Control Channel MTU parms [ L:1544 D:1210 EF:40 EB:0 ET:0 EL:3 ]
Thu Jun  9 21:35:16 2016 us=322303 MTU DYNAMIC mtu=1450, flags=2, 1544 -> 1450
Thu Jun  9 21:35:16 2016 us=322671 Socket Buffers: R=[87380->87380] S=[16384->16384]
Thu Jun  9 21:35:16 2016 us=323423 GETADDRINFO flags=0x0101 ai_family=2 ai_socktype=1
Thu Jun  9 21:35:16 2016 us=327638 RESOLVE_REMOTE flags=0x0101 phase=1 rrs=0 sig=-1 status=0
Thu Jun  9 21:35:16 2016 us=327680 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:143 ET:0 EL:3 AF:3/1 ]
Thu Jun  9 21:35:16 2016 us=327723 Local Options String: 'V4,dev-type tun,link-mtu 1544,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Thu Jun  9 21:35:16 2016 us=327737 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1544,tun-mtu 1500,proto TCPv4_SERVER,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Thu Jun  9 21:35:16 2016 us=327773 Local Options hash (VER=V4): '69109d17'
Thu Jun  9 21:35:16 2016 us=327796 Expected Remote Options hash (VER=V4): 'c0103fa8'
Thu Jun  9 21:35:16 2016 us=327818 STREAM: RESET
Thu Jun  9 21:35:16 2016 us=327830 STREAM: INIT maxlen=1547
Thu Jun  9 21:35:16 2016 us=327856 Attempting to establish TCP connection with [AF_INET]130.xxx.xxx.xxx:2443 [nonblock]
Thu Jun  9 21:35:16 2016 us=328227 TCP: connect to [AF_INET]130.xxx.xxx.xxx:2443 failed, will try again in 5 seconds: Permission denied
Thu Jun  9 21:35:21 2016 us=328658 GETADDRINFO flags=0x0101 ai_family=2 ai_socktype=1
Thu Jun  9 21:35:21 2016 us=330955 TCP: connect to [AF_INET]130.xxx.xxx.xxx:2443 failed, will try again in 5 seconds: Permission denied
Thu Jun  9 21:35:26 2016 us=331170 GETADDRINFO flags=0x0101 ai_family=2 ai_socktype=1
Thu Jun  9 21:35:26 2016 us=333449 TCP: connect to [AF_INET]130.xxx.xxx.xxx:2443 failed, will try again in 5 seconds: Permission denied
Thu Jun  9 21:35:31 2016 us=333704 GETADDRINFO flags=0x0101 ai_family=2 ai_socktype=1
Thu Jun  9 21:35:31 2016 us=339436 TCP: connect to [AF_INET]130.xxx.xxx.xxx:2443 failed, will try again in 5 seconds: Permission denied
Thu Jun  9 21:35:36 2016 us=339661 GETADDRINFO flags=0x0101 ai_family=2 ai_socktype=1
Thu Jun  9 21:35:36 2016 us=341955 TCP: connect to [AF_INET]130.xxx.xxx.xxx:2443 failed, will try again in 5 seconds: Permission denied
Thu Jun  9 21:35:41 2016 us=342177 GETADDRINFO flags=0x0101 ai_family=2 ai_socktype=1
Log entries when started manually on the command line will be in the next post. Forum allows only 60.000 chars per post. :)

I hope this helps. I am afraid I still don't have a clue why this happens.

Thanks,
Alex

darkwind
OpenVPN User
Posts: 11
Joined: Thu Jun 09, 2016 11:10 am

Re: Openvpn client fails to access server when started as a service

Post by darkwind » Thu Jun 09, 2016 7:47 pm

as promised here the log content, when the connection can be established. This is on the command line.

Code: Select all

Thu Jun  9 21:37:03 2016 us=293984 Current Parameter Settings:
Thu Jun  9 21:37:03 2016 us=294077   config = '/etc/openvpn/client.conf'
Thu Jun  9 21:37:03 2016 us=294098   mode = 0
Thu Jun  9 21:37:03 2016 us=294116   persist_config = DISABLED
Thu Jun  9 21:37:03 2016 us=294132   persist_mode = 1
Thu Jun  9 21:37:03 2016 us=294148   show_ciphers = DISABLED
Thu Jun  9 21:37:03 2016 us=294164   show_digests = DISABLED
Thu Jun  9 21:37:03 2016 us=294180   show_engines = DISABLED
Thu Jun  9 21:37:03 2016 us=294196   genkey = DISABLED
Thu Jun  9 21:37:03 2016 us=294214   key_pass_file = '[UNDEF]'
Thu Jun  9 21:37:03 2016 us=294230   show_tls_ciphers = DISABLED
Thu Jun  9 21:37:03 2016 us=294245 Connection profiles [default]:
Thu Jun  9 21:37:03 2016 us=294261   proto = tcp-client
Thu Jun  9 21:37:03 2016 us=294276   local = '[UNDEF]'
Thu Jun  9 21:37:03 2016 us=294291   local_port = 0
Thu Jun  9 21:37:03 2016 us=294306   remote = 'vpn.nxxxxxxm.de'
Thu Jun  9 21:37:03 2016 us=294321   remote_port = 2443
Thu Jun  9 21:37:03 2016 us=294345   remote_float = DISABLED
Thu Jun  9 21:37:03 2016 us=294361   bind_defined = DISABLED
Thu Jun  9 21:37:03 2016 us=294375   bind_local = DISABLED
Thu Jun  9 21:37:03 2016 us=294390   connect_retry_seconds = 5
Thu Jun  9 21:37:03 2016 us=294404   connect_timeout = 10
Thu Jun  9 21:37:03 2016 us=294420   connect_retry_max = 0
Thu Jun  9 21:37:03 2016 us=294434   socks_proxy_server = '[UNDEF]'
Thu Jun  9 21:37:03 2016 us=294446   socks_proxy_port = 0
Thu Jun  9 21:37:03 2016 us=294458   socks_proxy_retry = DISABLED
Thu Jun  9 21:37:03 2016 us=294480   tun_mtu = 1500
Thu Jun  9 21:37:03 2016 us=294492   tun_mtu_defined = ENABLED
Thu Jun  9 21:37:03 2016 us=294505   link_mtu = 1500
Thu Jun  9 21:37:03 2016 us=294519   link_mtu_defined = DISABLED
Thu Jun  9 21:37:03 2016 us=294533   tun_mtu_extra = 0
Thu Jun  9 21:37:03 2016 us=294549   tun_mtu_extra_defined = DISABLED
Thu Jun  9 21:37:03 2016 us=294564   mtu_discover_type = -1
Thu Jun  9 21:37:03 2016 us=294579   fragment = 0
Thu Jun  9 21:37:03 2016 us=294593   mssfix = 1450
Thu Jun  9 21:37:03 2016 us=294608   explicit_exit_notification = 0
Thu Jun  9 21:37:03 2016 us=294625 Connection profiles END
Thu Jun  9 21:37:03 2016 us=294639   remote_random = DISABLED
Thu Jun  9 21:37:03 2016 us=294653   ipchange = '[UNDEF]'
Thu Jun  9 21:37:03 2016 us=294667   dev = 'tun'
Thu Jun  9 21:37:03 2016 us=294681   dev_type = '[UNDEF]'
Thu Jun  9 21:37:03 2016 us=294697   dev_node = '[UNDEF]'
Thu Jun  9 21:37:03 2016 us=294713   lladdr = '[UNDEF]'
Thu Jun  9 21:37:03 2016 us=294727   topology = 1
Thu Jun  9 21:37:03 2016 us=294742   tun_ipv6 = DISABLED
Thu Jun  9 21:37:03 2016 us=294756   ifconfig_local = '[UNDEF]'
Thu Jun  9 21:37:03 2016 us=294771   ifconfig_remote_netmask = '[UNDEF]'
Thu Jun  9 21:37:03 2016 us=294787   ifconfig_noexec = DISABLED
Thu Jun  9 21:37:03 2016 us=294801   ifconfig_nowarn = DISABLED
Thu Jun  9 21:37:03 2016 us=294815   ifconfig_ipv6_local = '[UNDEF]'
Thu Jun  9 21:37:03 2016 us=294830   ifconfig_ipv6_netbits = 0
Thu Jun  9 21:37:03 2016 us=294844   ifconfig_ipv6_remote = '[UNDEF]'
Thu Jun  9 21:37:03 2016 us=294859   shaper = 0
Thu Jun  9 21:37:03 2016 us=294873   mtu_test = 0
Thu Jun  9 21:37:03 2016 us=294887   mlock = DISABLED
Thu Jun  9 21:37:03 2016 us=294901   keepalive_ping = 0
Thu Jun  9 21:37:03 2016 us=294915   keepalive_timeout = 0
Thu Jun  9 21:37:03 2016 us=294930   inactivity_timeout = 0
Thu Jun  9 21:37:03 2016 us=294944   ping_send_timeout = 0
Thu Jun  9 21:37:03 2016 us=294959   ping_rec_timeout = 0
Thu Jun  9 21:37:03 2016 us=294973   ping_rec_timeout_action = 0
Thu Jun  9 21:37:03 2016 us=294988   ping_timer_remote = DISABLED
Thu Jun  9 21:37:03 2016 us=295024   remap_sigusr1 = 0
Thu Jun  9 21:37:03 2016 us=295038   persist_tun = DISABLED
Thu Jun  9 21:37:03 2016 us=295053   persist_local_ip = DISABLED
Thu Jun  9 21:37:03 2016 us=295068   persist_remote_ip = DISABLED
Thu Jun  9 21:37:03 2016 us=295082   persist_key = DISABLED
Thu Jun  9 21:37:03 2016 us=295096   passtos = DISABLED
Thu Jun  9 21:37:03 2016 us=295112   resolve_retry_seconds = 1000000000
Thu Jun  9 21:37:03 2016 us=295128   username = '[UNDEF]'
Thu Jun  9 21:37:03 2016 us=295142   groupname = '[UNDEF]'
Thu Jun  9 21:37:03 2016 us=295156   chroot_dir = '[UNDEF]'
Thu Jun  9 21:37:03 2016 us=295182   cd_dir = '/etc/openvpn/'
Thu Jun  9 21:37:03 2016 us=295199   writepid = '/var/run/openvpn/client.pid'
Thu Jun  9 21:37:03 2016 us=295216   up_script = '[UNDEF]'
Thu Jun  9 21:37:03 2016 us=295231   down_script = '[UNDEF]'
Thu Jun  9 21:37:03 2016 us=295245   down_pre = DISABLED
Thu Jun  9 21:37:03 2016 us=295259   up_restart = DISABLED
Thu Jun  9 21:37:03 2016 us=295273   up_delay = DISABLED
Thu Jun  9 21:37:03 2016 us=295288   daemon = ENABLED
Thu Jun  9 21:37:03 2016 us=295302   inetd = 0
Thu Jun  9 21:37:03 2016 us=295316   log = ENABLED
Thu Jun  9 21:37:03 2016 us=295330   suppress_timestamps = DISABLED
Thu Jun  9 21:37:03 2016 us=295344   nice = 0
Thu Jun  9 21:37:03 2016 us=295358   verbosity = 11
Thu Jun  9 21:37:03 2016 us=295374   mute = 0
Thu Jun  9 21:37:03 2016 us=295396   gremlin = 0
Thu Jun  9 21:37:03 2016 us=295413   status_file = '[UNDEF]'
Thu Jun  9 21:37:03 2016 us=295446   status_file_version = 1
Thu Jun  9 21:37:03 2016 us=295484   status_file_update_freq = 60
Thu Jun  9 21:37:03 2016 us=295516   occ = ENABLED
Thu Jun  9 21:37:03 2016 us=295549   rcvbuf = 0
Thu Jun  9 21:37:03 2016 us=295582   sndbuf = 0
Thu Jun  9 21:37:03 2016 us=295614   mark = 0
Thu Jun  9 21:37:03 2016 us=295628   sockflags = 0
Thu Jun  9 21:37:03 2016 us=295643   fast_io = DISABLED
Thu Jun  9 21:37:03 2016 us=295658   lzo = 7
Thu Jun  9 21:37:03 2016 us=295672   route_script = '[UNDEF]'
Thu Jun  9 21:37:03 2016 us=295686   route_default_gateway = '[UNDEF]'
Thu Jun  9 21:37:03 2016 us=295701   route_default_metric = 0
Thu Jun  9 21:37:03 2016 us=295715   route_noexec = DISABLED
Thu Jun  9 21:37:03 2016 us=295730   route_delay = 0
Thu Jun  9 21:37:03 2016 us=295745   route_delay_window = 30
Thu Jun  9 21:37:03 2016 us=295760   route_delay_defined = DISABLED
Thu Jun  9 21:37:03 2016 us=295775   route_nopull = DISABLED
Thu Jun  9 21:37:03 2016 us=295790   route_gateway_via_dhcp = DISABLED
Thu Jun  9 21:37:03 2016 us=295804   max_routes = 100
Thu Jun  9 21:37:03 2016 us=295819   allow_pull_fqdn = DISABLED
Thu Jun  9 21:37:03 2016 us=295833   management_addr = '[UNDEF]'
Thu Jun  9 21:37:03 2016 us=295847   management_port = 0
Thu Jun  9 21:37:03 2016 us=295861   management_user_pass = '[UNDEF]'
Thu Jun  9 21:37:03 2016 us=295876   management_log_history_cache = 250
Thu Jun  9 21:37:03 2016 us=295890   management_echo_buffer_size = 100
Thu Jun  9 21:37:03 2016 us=295905   management_write_peer_info_file = '[UNDEF]'
Thu Jun  9 21:37:03 2016 us=295920   management_client_user = '[UNDEF]'
Thu Jun  9 21:37:03 2016 us=295934   management_client_group = '[UNDEF]'
Thu Jun  9 21:37:03 2016 us=295950   management_flags = 0
Thu Jun  9 21:37:03 2016 us=295964   shared_secret_file = '[UNDEF]'
Thu Jun  9 21:37:03 2016 us=295978   key_direction = 0
Thu Jun  9 21:37:03 2016 us=295993   ciphername_defined = ENABLED
Thu Jun  9 21:37:03 2016 us=296007   ciphername = 'BF-CBC'
Thu Jun  9 21:37:03 2016 us=296022   authname_defined = ENABLED
Thu Jun  9 21:37:03 2016 us=296036   authname = 'SHA1'
Thu Jun  9 21:37:03 2016 us=296051   prng_hash = 'SHA1'
Thu Jun  9 21:37:03 2016 us=296080   prng_nonce_secret_len = 16
Thu Jun  9 21:37:03 2016 us=296093   keysize = 0
Thu Jun  9 21:37:03 2016 us=296108   engine = DISABLED
Thu Jun  9 21:37:03 2016 us=296123   replay = ENABLED
Thu Jun  9 21:37:03 2016 us=296140   mute_replay_warnings = DISABLED
Thu Jun  9 21:37:03 2016 us=296156   replay_window = 64
Thu Jun  9 21:37:03 2016 us=296170   replay_time = 15
Thu Jun  9 21:37:03 2016 us=296185   packet_id_file = '[UNDEF]'
Thu Jun  9 21:37:03 2016 us=296201   use_iv = ENABLED
Thu Jun  9 21:37:03 2016 us=296216   test_crypto = DISABLED
Thu Jun  9 21:37:03 2016 us=296230   tls_server = DISABLED
Thu Jun  9 21:37:03 2016 us=296244   tls_client = ENABLED
Thu Jun  9 21:37:03 2016 us=296259   key_method = 2
Thu Jun  9 21:37:03 2016 us=296273   ca_file = '/etc/openvpn/ca.crt'
Thu Jun  9 21:37:03 2016 us=296288   ca_path = '[UNDEF]'
Thu Jun  9 21:37:03 2016 us=296302   dh_file = '[UNDEF]'
Thu Jun  9 21:37:03 2016 us=296317   cert_file = '/etc/openvpn/client.crt'
Thu Jun  9 21:37:03 2016 us=296331   extra_certs_file = '[UNDEF]'
Thu Jun  9 21:37:03 2016 us=296346   priv_key_file = '/etc/openvpn/client.key'
Thu Jun  9 21:37:03 2016 us=296361   pkcs12_file = '[UNDEF]'
Thu Jun  9 21:37:03 2016 us=296375   cipher_list = '[UNDEF]'
Thu Jun  9 21:37:03 2016 us=296389   tls_verify = '[UNDEF]'
Thu Jun  9 21:37:03 2016 us=296404   tls_export_cert = '[UNDEF]'
Thu Jun  9 21:37:03 2016 us=296420   verify_x509_type = 0
Thu Jun  9 21:37:03 2016 us=296434   verify_x509_name = '[UNDEF]'
Thu Jun  9 21:37:03 2016 us=296449   crl_file = '[UNDEF]'
Thu Jun  9 21:37:03 2016 us=296485   ns_cert_type = 0
Thu Jun  9 21:37:03 2016 us=296505   remote_cert_ku[i] = 160
Thu Jun  9 21:37:03 2016 us=296519   remote_cert_ku[i] = 136
Thu Jun  9 21:37:03 2016 us=296540   remote_cert_ku[i] = 0
Thu Jun  9 21:37:03 2016 us=296555   remote_cert_ku[i] = 0
Thu Jun  9 21:37:03 2016 us=296569   remote_cert_ku[i] = 0
Thu Jun  9 21:37:03 2016 us=296585   remote_cert_ku[i] = 0
Thu Jun  9 21:37:03 2016 us=296599   remote_cert_ku[i] = 0
Thu Jun  9 21:37:03 2016 us=296614   remote_cert_ku[i] = 0
Thu Jun  9 21:37:03 2016 us=296628   remote_cert_ku[i] = 0
Thu Jun  9 21:37:03 2016 us=296643   remote_cert_ku[i] = 0
Thu Jun  9 21:37:03 2016 us=296657   remote_cert_ku[i] = 0
Thu Jun  9 21:37:03 2016 us=296671   remote_cert_ku[i] = 0
Thu Jun  9 21:37:03 2016 us=296685   remote_cert_ku[i] = 0
Thu Jun  9 21:37:03 2016 us=296699   remote_cert_ku[i] = 0
Thu Jun  9 21:37:03 2016 us=296713   remote_cert_ku[i] = 0
Thu Jun  9 21:37:03 2016 us=296727   remote_cert_ku[i] = 0
Thu Jun  9 21:37:03 2016 us=296742   remote_cert_eku = 'TLS Web Server Authentication'
Thu Jun  9 21:37:03 2016 us=296756   ssl_flags = 0
Thu Jun  9 21:37:03 2016 us=296770   tls_timeout = 2
Thu Jun  9 21:37:03 2016 us=296785   renegotiate_bytes = 0
Thu Jun  9 21:37:03 2016 us=296799   renegotiate_packets = 0
Thu Jun  9 21:37:03 2016 us=296814   renegotiate_seconds = 3600
Thu Jun  9 21:37:03 2016 us=296831   handshake_window = 60
Thu Jun  9 21:37:03 2016 us=296845   transition_window = 3600
Thu Jun  9 21:37:03 2016 us=296860   single_session = DISABLED
Thu Jun  9 21:37:03 2016 us=296874   push_peer_info = DISABLED
Thu Jun  9 21:37:03 2016 us=296888   tls_exit = DISABLED
Thu Jun  9 21:37:03 2016 us=296902   tls_auth_file = '[UNDEF]'
Thu Jun  9 21:37:03 2016 us=296917   pkcs11_protected_authentication = DISABLED
Thu Jun  9 21:37:03 2016 us=296931   pkcs11_protected_authentication = DISABLED
Thu Jun  9 21:37:03 2016 us=296945   pkcs11_protected_authentication = DISABLED
Thu Jun  9 21:37:03 2016 us=296960   pkcs11_protected_authentication = DISABLED
Thu Jun  9 21:37:03 2016 us=296975   pkcs11_protected_authentication = DISABLED
Thu Jun  9 21:37:03 2016 us=296989   pkcs11_protected_authentication = DISABLED
Thu Jun  9 21:37:03 2016 us=297004   pkcs11_protected_authentication = DISABLED
Thu Jun  9 21:37:03 2016 us=297018   pkcs11_protected_authentication = DISABLED
Thu Jun  9 21:37:03 2016 us=297032   pkcs11_protected_authentication = DISABLED
Thu Jun  9 21:37:03 2016 us=297046   pkcs11_protected_authentication = DISABLED
Thu Jun  9 21:37:03 2016 us=297061   pkcs11_protected_authentication = DISABLED
Thu Jun  9 21:37:03 2016 us=297075   pkcs11_protected_authentication = DISABLED
Thu Jun  9 21:37:03 2016 us=297089   pkcs11_protected_authentication = DISABLED
Thu Jun  9 21:37:03 2016 us=297103   pkcs11_protected_authentication = DISABLED
Thu Jun  9 21:37:03 2016 us=297117   pkcs11_protected_authentication = DISABLED
Thu Jun  9 21:37:03 2016 us=297146   pkcs11_protected_authentication = DISABLED
Thu Jun  9 21:37:03 2016 us=297162   pkcs11_private_mode = 00000000
Thu Jun  9 21:37:03 2016 us=297177   pkcs11_private_mode = 00000000
Thu Jun  9 21:37:03 2016 us=297192   pkcs11_private_mode = 00000000
Thu Jun  9 21:37:03 2016 us=297207   pkcs11_private_mode = 00000000
Thu Jun  9 21:37:03 2016 us=297222   pkcs11_private_mode = 00000000
Thu Jun  9 21:37:03 2016 us=297235   pkcs11_private_mode = 00000000
Thu Jun  9 21:37:03 2016 us=297250   pkcs11_private_mode = 00000000
Thu Jun  9 21:37:03 2016 us=297264   pkcs11_private_mode = 00000000
Thu Jun  9 21:37:03 2016 us=297278   pkcs11_private_mode = 00000000
Thu Jun  9 21:37:03 2016 us=297292   pkcs11_private_mode = 00000000
Thu Jun  9 21:37:03 2016 us=297306   pkcs11_private_mode = 00000000
Thu Jun  9 21:37:03 2016 us=297320   pkcs11_private_mode = 00000000
Thu Jun  9 21:37:03 2016 us=297334   pkcs11_private_mode = 00000000
Thu Jun  9 21:37:03 2016 us=297348   pkcs11_private_mode = 00000000
Thu Jun  9 21:37:03 2016 us=297363   pkcs11_private_mode = 00000000
Thu Jun  9 21:37:03 2016 us=297377   pkcs11_private_mode = 00000000
Thu Jun  9 21:37:03 2016 us=297391   pkcs11_cert_private = DISABLED
Thu Jun  9 21:37:03 2016 us=297406   pkcs11_cert_private = DISABLED
Thu Jun  9 21:37:03 2016 us=297420   pkcs11_cert_private = DISABLED
Thu Jun  9 21:37:03 2016 us=297441   pkcs11_cert_private = DISABLED
Thu Jun  9 21:37:03 2016 us=297455   pkcs11_cert_private = DISABLED
Thu Jun  9 21:37:03 2016 us=297476   pkcs11_cert_private = DISABLED
Thu Jun  9 21:37:03 2016 us=297490   pkcs11_cert_private = DISABLED
Thu Jun  9 21:37:03 2016 us=297504   pkcs11_cert_private = DISABLED
Thu Jun  9 21:37:03 2016 us=297518   pkcs11_cert_private = DISABLED
Thu Jun  9 21:37:03 2016 us=297533   pkcs11_cert_private = DISABLED
Thu Jun  9 21:37:03 2016 us=297547   pkcs11_cert_private = DISABLED
Thu Jun  9 21:37:03 2016 us=297561   pkcs11_cert_private = DISABLED
Thu Jun  9 21:37:03 2016 us=297576   pkcs11_cert_private = DISABLED
Thu Jun  9 21:37:03 2016 us=297592   pkcs11_cert_private = DISABLED
Thu Jun  9 21:37:03 2016 us=297606   pkcs11_cert_private = DISABLED
Thu Jun  9 21:37:03 2016 us=297620   pkcs11_cert_private = DISABLED
Thu Jun  9 21:37:03 2016 us=297635   pkcs11_pin_cache_period = -1
Thu Jun  9 21:37:03 2016 us=297649   pkcs11_id = '[UNDEF]'
Thu Jun  9 21:37:03 2016 us=297664   pkcs11_id_management = DISABLED
Thu Jun  9 21:37:03 2016 us=297687   server_network = 0.0.0.0
Thu Jun  9 21:37:03 2016 us=297701   server_netmask = 0.0.0.0
Thu Jun  9 21:37:03 2016 us=297721   server_network_ipv6 = ::
Thu Jun  9 21:37:03 2016 us=297733   server_netbits_ipv6 = 0
Thu Jun  9 21:37:03 2016 us=297749   server_bridge_ip = 0.0.0.0
Thu Jun  9 21:37:03 2016 us=297765   server_bridge_netmask = 0.0.0.0
Thu Jun  9 21:37:03 2016 us=297782   server_bridge_pool_start = 0.0.0.0
Thu Jun  9 21:37:03 2016 us=297797   server_bridge_pool_end = 0.0.0.0
Thu Jun  9 21:37:03 2016 us=297811   ifconfig_pool_defined = DISABLED
Thu Jun  9 21:37:03 2016 us=297827   ifconfig_pool_start = 0.0.0.0
Thu Jun  9 21:37:03 2016 us=297843   ifconfig_pool_end = 0.0.0.0
Thu Jun  9 21:37:03 2016 us=297858   ifconfig_pool_netmask = 0.0.0.0
Thu Jun  9 21:37:03 2016 us=297875   ifconfig_pool_persist_filename = '[UNDEF]'
Thu Jun  9 21:37:03 2016 us=297891   ifconfig_pool_persist_refresh_freq = 600
Thu Jun  9 21:37:03 2016 us=297905   ifconfig_ipv6_pool_defined = DISABLED
Thu Jun  9 21:37:03 2016 us=297921   ifconfig_ipv6_pool_base = ::
Thu Jun  9 21:37:03 2016 us=297935   ifconfig_ipv6_pool_netbits = 0
Thu Jun  9 21:37:03 2016 us=297949   n_bcast_buf = 256
Thu Jun  9 21:37:03 2016 us=297963   tcp_queue_limit = 64
Thu Jun  9 21:37:03 2016 us=297978   real_hash_size = 256
Thu Jun  9 21:37:03 2016 us=297993   virtual_hash_size = 256
Thu Jun  9 21:37:03 2016 us=298007   client_connect_script = '[UNDEF]'
Thu Jun  9 21:37:03 2016 us=298022   learn_address_script = '[UNDEF]'
Thu Jun  9 21:37:03 2016 us=298036   client_disconnect_script = '[UNDEF]'
Thu Jun  9 21:37:03 2016 us=298050   client_config_dir = '[UNDEF]'
Thu Jun  9 21:37:03 2016 us=298065   ccd_exclusive = DISABLED
Thu Jun  9 21:37:03 2016 us=298079   tmp_dir = '/tmp'
Thu Jun  9 21:37:03 2016 us=298094   push_ifconfig_defined = DISABLED
Thu Jun  9 21:37:03 2016 us=298109   push_ifconfig_local = 0.0.0.0
Thu Jun  9 21:37:03 2016 us=298124   push_ifconfig_remote_netmask = 0.0.0.0
Thu Jun  9 21:37:03 2016 us=298139   push_ifconfig_ipv6_defined = DISABLED
Thu Jun  9 21:37:03 2016 us=298154   push_ifconfig_ipv6_local = ::/0
Thu Jun  9 21:37:03 2016 us=298177   push_ifconfig_ipv6_remote = ::
Thu Jun  9 21:37:03 2016 us=298210   enable_c2c = DISABLED
Thu Jun  9 21:37:03 2016 us=298226   duplicate_cn = DISABLED
Thu Jun  9 21:37:03 2016 us=298240   cf_max = 0
Thu Jun  9 21:37:03 2016 us=298255   cf_per = 0
Thu Jun  9 21:37:03 2016 us=298269   max_clients = 1024
Thu Jun  9 21:37:03 2016 us=298283   max_routes_per_client = 256
Thu Jun  9 21:37:03 2016 us=298298   auth_user_pass_verify_script = '[UNDEF]'
Thu Jun  9 21:37:03 2016 us=298312   auth_user_pass_verify_script_via_file = DISABLED
Thu Jun  9 21:37:03 2016 us=298327   port_share_host = '[UNDEF]'
Thu Jun  9 21:37:03 2016 us=298341   port_share_port = 0
Thu Jun  9 21:37:03 2016 us=298355   client = ENABLED
Thu Jun  9 21:37:03 2016 us=298370   pull = ENABLED
Thu Jun  9 21:37:03 2016 us=298384   auth_user_pass_file = '[UNDEF]'
Thu Jun  9 21:37:03 2016 us=298408 OpenVPN 2.3.11 x86_64-redhat-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on May 10 2016
Thu Jun  9 21:37:03 2016 us=298436 library versions: OpenSSL 1.0.1e-fips 11 Feb 2013, LZO 2.03
Thu Jun  9 21:37:03 2016 us=299381 PKCS#11: pkcs11_initialize - entered
Thu Jun  9 21:37:03 2016 us=299576 PKCS#11: pkcs11_initialize - return 0-'CKR_OK'
Thu Jun  9 21:37:03 2016 us=299631 PO_INIT maxevents=4 flags=0x00000002
Thu Jun  9 21:37:03 2016 us=300701 WARNING: file '/etc/openvpn/client.key' is group or others accessible
Thu Jun  9 21:37:03 2016 us=301060 PRNG init md=SHA1 size=36
Thu Jun  9 21:37:03 2016 us=301099 crypto_adjust_frame_parameters: Adjusting frame parameters for crypto by 40 bytes
Thu Jun  9 21:37:03 2016 us=301150 LZO compression initialized
Thu Jun  9 21:37:03 2016 us=301176 TLS: tls_session_init: entry
Thu Jun  9 21:37:03 2016 us=301198 PID packet_id_init tcp_mode=1 seq_backtrack=64 time_backtrack=15
Thu Jun  9 21:37:03 2016 us=301266 PID packet_id_init tcp_mode=1 seq_backtrack=64 time_backtrack=15
Thu Jun  9 21:37:03 2016 us=301298 TLS: tls_session_init: new session object, sid=73c67081 8a3cf597
Thu Jun  9 21:37:03 2016 us=301311 TLS: tls_session_init: entry
Thu Jun  9 21:37:03 2016 us=301329 PID packet_id_init tcp_mode=1 seq_backtrack=64 time_backtrack=15
Thu Jun  9 21:37:03 2016 us=301367 PID packet_id_init tcp_mode=1 seq_backtrack=64 time_backtrack=15
Thu Jun  9 21:37:03 2016 us=301384 TLS: tls_session_init: new session object, sid=8014fb3e 759a2f5c
Thu Jun  9 21:37:03 2016 us=301420 Control Channel MTU parms [ L:1544 D:1210 EF:40 EB:0 ET:0 EL:3 ]
Thu Jun  9 21:37:03 2016 us=301446 MTU DYNAMIC mtu=1450, flags=2, 1544 -> 1450
Thu Jun  9 21:37:03 2016 us=309058 Socket Buffers: R=[87380->87380] S=[16384->16384]
Thu Jun  9 21:37:03 2016 us=309423 GETADDRINFO flags=0x0101 ai_family=2 ai_socktype=1
Thu Jun  9 21:37:03 2016 us=312297 RESOLVE_REMOTE flags=0x0101 phase=1 rrs=0 sig=-1 status=0
Thu Jun  9 21:37:03 2016 us=312362 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:143 ET:0 EL:3 AF:3/1 ]
Thu Jun  9 21:37:03 2016 us=312418 Local Options String: 'V4,dev-type tun,link-mtu 1544,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Thu Jun  9 21:37:03 2016 us=312439 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1544,tun-mtu 1500,proto TCPv4_SERVER,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Thu Jun  9 21:37:03 2016 us=312481 Local Options hash (VER=V4): '69109d17'
Thu Jun  9 21:37:03 2016 us=312508 Expected Remote Options hash (VER=V4): 'c0103fa8'
Thu Jun  9 21:37:03 2016 us=312532 STREAM: RESET
Thu Jun  9 21:37:03 2016 us=312548 STREAM: INIT maxlen=1547
Thu Jun  9 21:37:03 2016 us=312571 Attempting to establish TCP connection with [AF_INET]130.xxx.xxx.xxx:2443 [nonblock]
Thu Jun  9 21:37:04 2016 us=313442 TCP: connect to [AF_INET]130.xxx.xxx.xxx:2443 failed, will try again in 5 seconds: No route to host
Thu Jun  9 21:37:09 2016 us=313698 GETADDRINFO flags=0x0101 ai_family=2 ai_socktype=1
Thu Jun  9 21:37:10 2016 us=316064 TCP connection established with [AF_INET]130.xxx.xxx.xxx:2443
Thu Jun  9 21:37:10 2016 us=316111 TCPv4_CLIENT link local: [undef]
Thu Jun  9 21:37:10 2016 us=316123 TCPv4_CLIENT link remote: [AF_INET]130.xxx.xxx.xxx:2443
Thu Jun  9 21:37:10 2016 us=316148 TIMER: coarse timer wakeup 1 seconds
Thu Jun  9 21:37:10 2016 us=316176 TLS: tls_multi_process: i=0 state=S_INITIAL, mysid=73c67081 8a3cf597, stored-sid=00000000 00000000, stored-ip=[AF_INET]130.xxx.xxx.xxx:2443
Thu Jun  9 21:37:10 2016 us=316190 TLS: tls_process: chg=0 ks=S_INITIAL lame=S_UNDEF to_link->len=0 wakeup=604800
Thu Jun  9 21:37:10 2016 us=316207 ACK mark active outgoing ID 0
Thu Jun  9 21:37:10 2016 us=316219 TLS: Initial Handshake, sid=73c67081 8a3cf597
Thu Jun  9 21:37:10 2016 us=316230 ACK reliable_can_send active=1 current=1 : [1] 0
Thu Jun  9 21:37:10 2016 us=316239 ACK reliable_send ID 0 (size=4 to=2)
Thu Jun  9 21:37:10 2016 us=316249 Reliable -> TCP/UDP
Thu Jun  9 21:37:10 2016 us=316269 ACK reliable_send_timeout 2 [1] 0
Thu Jun  9 21:37:10 2016 us=316280 TLS: tls_process: timeout set to 2
Thu Jun  9 21:37:10 2016 us=316295 TLS: tls_multi_process: i=1 state=S_INITIAL, mysid=8014fb3e 759a2f5c, stored-sid=00000000 00000000, stored-ip=[undef]
Thu Jun  9 21:37:10 2016 us=316309 TLS: tls_multi_process: i=2 state=S_UNDEF, mysid=00000000 00000000, stored-sid=00000000 00000000, stored-ip=[undef]
Thu Jun  9 21:37:10 2016 us=316327 RANDOM USEC=132136
Thu Jun  9 21:37:10 2016 us=316340 STREAM: SET NEXT, buf=[192,0] next=[192,1547] len=-1 maxlen=1547
Thu Jun  9 21:37:10 2016 us=316350 PO_CTL rwflags=0x0003 ev=3 arg=0x0069efe8
Thu Jun  9 21:37:10 2016 us=316363 I/O WAIT T?|T?|SR|SW [1/132136]
Thu Jun  9 21:37:10 2016 us=316391 PO_WAIT[0,0] fd=3 rev=0x00000004 rwflags=0x0002 arg=0x0069efe8 
Thu Jun  9 21:37:10 2016 us=316429  event_wait returned 1
Thu Jun  9 21:37:10 2016 us=316446 I/O WAIT status=0x0002
Thu Jun  9 21:37:10 2016 us=316478 TCPv4_CLIENT WRITE [14] to [AF_INET]130.xxx.xxx.xxx:2443: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=73c67081 8a3cf597 [ ] pid=0 DATA 
Thu Jun  9 21:37:10 2016 us=316491 STREAM: WRITE 14 offset=30
Thu Jun  9 21:37:10 2016 us=316539 TCPv4_CLIENT write returned 16
Thu Jun  9 21:37:10 2016 us=316570 TLS: tls_multi_process: i=0 state=S_PRE_START, mysid=73c67081 8a3cf597, stored-sid=00000000 00000000, stored-ip=[AF_INET]130.xxx.xxx.xxx:2443
Thu Jun  9 21:37:10 2016 us=316584 TLS: tls_process: chg=0 ks=S_PRE_START lame=S_UNDEF to_link->len=0 wakeup=604800
Thu Jun  9 21:37:10 2016 us=316599 ACK reliable_can_send active=1 current=0 : [1] 0
Thu Jun  9 21:37:10 2016 us=316674 SSL state (connect): before/connect initialization
Thu Jun  9 21:37:10 2016 us=316727 SSL state (connect): SSLv2/v3 write client hello A
Thu Jun  9 21:37:10 2016 us=316760 ACK reliable_send_timeout 2 [1] 0
Thu Jun  9 21:37:10 2016 us=316772 TLS: tls_process: timeout set to 2
Thu Jun  9 21:37:10 2016 us=316796 TLS: tls_multi_process: i=1 state=S_INITIAL, mysid=8014fb3e 759a2f5c, stored-sid=00000000 00000000, stored-ip=[undef]
Thu Jun  9 21:37:10 2016 us=316817 TLS: tls_multi_process: i=2 state=S_UNDEF, mysid=00000000 00000000, stored-sid=00000000 00000000, stored-ip=[undef]
Thu Jun  9 21:37:10 2016 us=316833 STREAM: SET NEXT, buf=[192,0] next=[192,1547] len=-1 maxlen=1547
Thu Jun  9 21:37:10 2016 us=316847 PO_CTL rwflags=0x0001 ev=3 arg=0x0069efe8
Thu Jun  9 21:37:10 2016 us=316867 I/O WAIT T?|T?|SR|Sw [1/132136]
Thu Jun  9 21:37:10 2016 us=346908 PO_WAIT[0,0] fd=3 rev=0x00000001 rwflags=0x0001 arg=0x0069efe8 
Thu Jun  9 21:37:10 2016 us=346933  event_wait returned 1
Thu Jun  9 21:37:10 2016 us=346947 I/O WAIT status=0x0001
Thu Jun  9 21:37:10 2016 us=346965 STREAM: GET NEXT len=1547
Thu Jun  9 21:37:10 2016 us=346983 STREAM: ADD length_added=28
Thu Jun  9 21:37:10 2016 us=346995 STREAM: ADD returned TRUE, buf_len=26, residual_len=0
Thu Jun  9 21:37:10 2016 us=347009 STREAM: GET FINAL len=26
Thu Jun  9 21:37:10 2016 us=347022 STREAM: RESET
Thu Jun  9 21:37:10 2016 us=347037 TCPv4_CLIENT read returned 26
Thu Jun  9 21:37:10 2016 us=347066 TCPv4_CLIENT READ [26] from [AF_INET]130.xxx.xxx.xxx:2443: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 sid=d75f6e90 4a091a97 [ 0 sid=73c67081 8a3cf597 ] pid=0 DATA 
Thu Jun  9 21:37:10 2016 us=347115 TLS: control channel, op=P_CONTROL_HARD_RESET_SERVER_V2, IP=[AF_INET]130.xxx.xxx.xxx:2443
Thu Jun  9 21:37:10 2016 us=347152 TLS: initial packet test, i=0 state=S_PRE_START, mysid=73c67081 8a3cf597, rec-sid=d75f6e90 4a091a97, rec-ip=[AF_INET]130.xxx.xxx.xxx:2443, stored-sid=00000000 00000000, stored-ip=[AF_INET]130.xxx.xxx.xxx:2443
Thu Jun  9 21:37:10 2016 us=347177 TLS: initial packet test, i=1 state=S_INITIAL, mysid=8014fb3e 759a2f5c, rec-sid=d75f6e90 4a091a97, rec-ip=[AF_INET]130.xxx.xxx.xxx:2443, stored-sid=00000000 00000000, stored-ip=[undef]
Thu Jun  9 21:37:10 2016 us=347201 TLS: initial packet test, i=2 state=S_UNDEF, mysid=00000000 00000000, rec-sid=d75f6e90 4a091a97, rec-ip=[AF_INET]130.xxx.xxx.xxx:2443, stored-sid=00000000 00000000, stored-ip=[undef]
Thu Jun  9 21:37:10 2016 us=347226 TLS: Initial packet from [AF_INET]130.xxx.xxx.xxx:2443, sid=d75f6e90 4a091a97
Thu Jun  9 21:37:10 2016 us=347248 TLS: received control channel packet s#=0 sid=d75f6e90 4a091a97
Thu Jun  9 21:37:10 2016 us=347261 ACK reliable_schedule_now
Thu Jun  9 21:37:10 2016 us=347275 ACK received for pid 0, deleting from send buffer
Thu Jun  9 21:37:10 2016 us=347289 ACK read ID 0 (buf->len=0)
Thu Jun  9 21:37:10 2016 us=347304 ACK RWBS rel->size=8 rel->packet_id=00000000 id=00000000 ret=1

Thu Jun  9 21:37:10 2016 us=347318 ACK mark active incoming ID 0
Thu Jun  9 21:37:10 2016 us=347344 ACK acknowledge ID 0 (ack->len=1)
Thu Jun  9 21:37:10 2016 us=347375 TLS: tls_multi_process: i=0 state=S_PRE_START, mysid=73c67081 8a3cf597, stored-sid=d75f6e90 4a091a97, stored-ip=[AF_INET]130.xxx.xxx.xxx:2443
Thu Jun  9 21:37:10 2016 us=347388 TLS: tls_process: chg=0 ks=S_PRE_START lame=S_UNDEF to_link->len=0 wakeup=604800
Thu Jun  9 21:37:10 2016 us=347411 ACK reliable_can_send active=0 current=0 : [1]
Thu Jun  9 21:37:10 2016 us=347430 Incoming Ciphertext -> TLS
Thu Jun  9 21:37:10 2016 us=347454 TLS: tls_process: chg=1 ks=S_PRE_START lame=S_UNDEF to_link->len=0 wakeup=604800
Thu Jun  9 21:37:10 2016 us=347466 ACK reliable_can_send active=0 current=0 : [1]
Thu Jun  9 21:37:10 2016 us=347486 ACK write ID 0 (ack->len=1, n=1)
Thu Jun  9 21:37:10 2016 us=347500 Dedicated ACK -> TCP/UDP
Thu Jun  9 21:37:10 2016 us=347515 ACK reliable_send_timeout 604800 [1]
Thu Jun  9 21:37:10 2016 us=347529 TLS: tls_process: timeout set to 60
Thu Jun  9 21:37:10 2016 us=347552 TLS: tls_multi_process: i=1 state=S_INITIAL, mysid=8014fb3e 759a2f5c, stored-sid=00000000 00000000, stored-ip=[undef]
Thu Jun  9 21:37:10 2016 us=347573 TLS: tls_multi_process: i=2 state=S_UNDEF, mysid=00000000 00000000, stored-sid=00000000 00000000, stored-ip=[undef]
Thu Jun  9 21:37:10 2016 us=347587 STREAM: SET NEXT, buf=[192,0] next=[192,1547] len=-1 maxlen=1547
Thu Jun  9 21:37:10 2016 us=347601 PO_CTL rwflags=0x0003 ev=3 arg=0x0069efe8
Thu Jun  9 21:37:10 2016 us=347620 I/O WAIT T?|T?|SR|SW [1/132136]
Thu Jun  9 21:37:10 2016 us=347636 PO_WAIT[0,0] fd=3 rev=0x00000004 rwflags=0x0002 arg=0x0069efe8 
Thu Jun  9 21:37:10 2016 us=347649  event_wait returned 1
Thu Jun  9 21:37:10 2016 us=347663 I/O WAIT status=0x0002
Thu Jun  9 21:37:10 2016 us=347689 TCPv4_CLIENT WRITE [22] to [AF_INET]130.xxx.xxx.xxx:2443: P_ACK_V1 kid=0 sid=73c67081 8a3cf597 [ 0 sid=d75f6e90 4a091a97 ]
Thu Jun  9 21:37:10 2016 us=347701 STREAM: WRITE 22 offset=35
Thu Jun  9 21:37:10 2016 us=347726 TCPv4_CLIENT write returned 24
Thu Jun  9 21:37:10 2016 us=347750 TLS: tls_multi_process: i=0 state=S_PRE_START, mysid=73c67081 8a3cf597, stored-sid=d75f6e90 4a091a97, stored-ip=[AF_INET]130.xxx.xxx.xxx:2443
Thu Jun  9 21:37:10 2016 us=347762 TLS: tls_process: chg=0 ks=S_PRE_START lame=S_UNDEF to_link->len=0 wakeup=604800
Thu Jun  9 21:37:10 2016 us=347775 STATE S_START
Thu Jun  9 21:37:10 2016 us=347790 ACK reliable_can_send active=0 current=0 : [1]
Thu Jun  9 21:37:10 2016 us=347826 STATE S_SENT_KEY
Thu Jun  9 21:37:10 2016 us=347849 BIO read tls_read_ciphertext 205 bytes
Thu Jun  9 21:37:10 2016 us=347861 ACK mark active outgoing ID 1
Thu Jun  9 21:37:10 2016 us=347875 Outgoing Ciphertext -> Reliable
Thu Jun  9 21:37:10 2016 us=347889 TLS: tls_process: chg=1 ks=S_SENT_KEY lame=S_UNDEF to_link->len=0 wakeup=604800
Thu Jun  9 21:37:10 2016 us=347904 ACK reliable_can_send active=1 current=1 : [2] 1
Thu Jun  9 21:37:10 2016 us=347918 ACK reliable_send ID 1 (size=209 to=2)
Thu Jun  9 21:37:10 2016 us=347932 Reliable -> TCP/UDP
Thu Jun  9 21:37:10 2016 us=347947 ACK reliable_send_timeout 2 [2] 1
Thu Jun  9 21:37:10 2016 us=347960 TLS: tls_process: timeout set to 2
Thu Jun  9 21:37:10 2016 us=347989 TLS: tls_multi_process: i=1 state=S_INITIAL, mysid=8014fb3e 759a2f5c, stored-sid=00000000 00000000, stored-ip=[undef]
Thu Jun  9 21:37:10 2016 us=348009 TLS: tls_multi_process: i=2 state=S_UNDEF, mysid=00000000 00000000, stored-sid=00000000 00000000, stored-ip=[undef]
Thu Jun  9 21:37:10 2016 us=348024 STREAM: SET NEXT, buf=[192,0] next=[192,1547] len=-1 maxlen=1547
Thu Jun  9 21:37:10 2016 us=348044 PO_CTL rwflags=0x0003 ev=3 arg=0x0069efe8
Thu Jun  9 21:37:10 2016 us=348062 I/O WAIT T?|T?|SR|SW [1/132136]
Thu Jun  9 21:37:10 2016 us=348078 PO_WAIT[0,0] fd=3 rev=0x00000004 rwflags=0x0002 arg=0x0069efe8 
Thu Jun  9 21:37:10 2016 us=348149  event_wait returned 1
Thu Jun  9 21:37:10 2016 us=348170 I/O WAIT status=0x0002
Thu Jun  9 21:37:10 2016 us=348299 TCPv4_CLIENT WRITE [219] to [AF_INET]130.xxx.xxx.xxx:2443: P_CONTROL_V1 kid=0 sid=73c67081 8a3cf597 [ ] pid=1 DATA 16030100 c8010000 c4030357 59c5662d 4e211e00 e6b1c6e2 05d130f5 11e6029[more...]
Thu Jun  9 21:37:10 2016 us=348317 STREAM: WRITE 219 offset=30
Thu Jun  9 21:37:10 2016 us=348335 TCPv4_CLIENT write returned 221
Thu Jun  9 21:37:10 2016 us=348362 TLS: tls_multi_process: i=0 state=S_SENT_KEY, mysid=73c67081 8a3cf597, stored-sid=d75f6e90 4a091a97, stored-ip=[AF_INET]130.xxx.xxx.xxx:2443
Thu Jun  9 21:37:10 2016 us=348392 TLS: tls_process: chg=0 ks=S_SENT_KEY lame=S_UNDEF to_link->len=0 wakeup=604800
Thu Jun  9 21:37:10 2016 us=348414 ACK reliable_can_send active=1 current=0 : [2] 1
Thu Jun  9 21:37:10 2016 us=348445 ACK reliable_send_timeout 2 [2] 1
Thu Jun  9 21:37:10 2016 us=348462 TLS: tls_process: timeout set to 2
Thu Jun  9 21:37:10 2016 us=348493 TLS: tls_multi_process: i=1 state=S_INITIAL, mysid=8014fb3e 759a2f5c, stored-sid=00000000 00000000, stored-ip=[undef]
Thu Jun  9 21:37:10 2016 us=348521 TLS: tls_multi_process: i=2 state=S_UNDEF, mysid=00000000 00000000, stored-sid=00000000 00000000, stored-ip=[undef]
Thu Jun  9 21:37:10 2016 us=348535 STREAM: SET NEXT, buf=[192,0] next=[192,1547] len=-1 maxlen=1547
Thu Jun  9 21:37:10 2016 us=348551 PO_CTL rwflags=0x0001 ev=3 arg=0x0069efe8
Thu Jun  9 21:37:10 2016 us=348570 I/O WAIT T?|T?|SR|Sw [1/132136]
Thu Jun  9 21:37:10 2016 us=461445 PO_WAIT[0,0] fd=3 rev=0x00000001 rwflags=0x0001 arg=0x0069efe8 
Thu Jun  9 21:37:10 2016 us=461487  event_wait returned 1
Thu Jun  9 21:37:10 2016 us=461505 I/O WAIT status=0x0001
Thu Jun  9 21:37:10 2016 us=461521 STREAM: GET NEXT len=1547
Thu Jun  9 21:37:10 2016 us=461544 STREAM: ADD length_added=1198
Thu Jun  9 21:37:10 2016 us=461557 STREAM: ADD returned TRUE, buf_len=1196, residual_len=0
Thu Jun  9 21:37:10 2016 us=461572 STREAM: GET FINAL len=1196
Thu Jun  9 21:37:10 2016 us=461586 STREAM: RESET
Thu Jun  9 21:37:10 2016 us=461602 TCPv4_CLIENT read returned 1196
Thu Jun  9 21:37:10 2016 us=462097 TCPv4_CLIENT READ [1196] from [AF_INET]130.xxx.xxx.xxx:2443: P_CONTROL_V1 kid=0 sid=d75f6e90 4a091a97 [ 1 sid=73c67081 8a3cf597 ] pid=1 DATA 16030300 36020000 320303ad fe4ba5c6 90c79936 e57424f0 97485c37 9974b34[more...]
Thu Jun  9 21:37:10 2016 us=462133 TLS: control channel, op=P_CONTROL_V1, IP=[AF_INET]130.xxx.xxx.xxx:2443
Thu Jun  9 21:37:10 2016 us=462168 TLS: initial packet test, i=0 state=S_SENT_KEY, mysid=73c67081 8a3cf597, rec-sid=d75f6e90 4a091a97, rec-ip=[AF_INET]130.xxx.xxx.xxx:2443, stored-sid=d75f6e90 4a091a97, stored-ip=[AF_INET]130.xxx.xxx.xxx:2443
Thu Jun  9 21:37:10 2016 us=462187 TLS: found match, session[0], sid=d75f6e90 4a091a97
Thu Jun  9 21:37:10 2016 us=462205 TLS: received control channel packet s#=0 sid=d75f6e90 4a091a97
Thu Jun  9 21:37:10 2016 us=462219 ACK received for pid 1, deleting from send buffer
Thu Jun  9 21:37:10 2016 us=462232 ACK read ID 1 (buf->len=1170)
Thu Jun  9 21:37:10 2016 us=462246 ACK RWBS rel->size=8 rel->packet_id=00000001 id=00000001 ret=1

Thu Jun  9 21:37:10 2016 us=462262 ACK mark active incoming ID 1
Thu Jun  9 21:37:10 2016 us=462277 ACK acknowledge ID 1 (ack->len=1)
Thu Jun  9 21:37:10 2016 us=462307 TLS: tls_multi_process: i=0 state=S_SENT_KEY, mysid=73c67081 8a3cf597, stored-sid=d75f6e90 4a091a97, stored-ip=[AF_INET]130.xxx.xxx.xxx:2443
Thu Jun  9 21:37:10 2016 us=462321 TLS: tls_process: chg=0 ks=S_SENT_KEY lame=S_UNDEF to_link->len=0 wakeup=604800
Thu Jun  9 21:37:10 2016 us=462337 ACK reliable_can_send active=0 current=0 : [2]
Thu Jun  9 21:37:10 2016 us=462355 BIO write tls_write_ciphertext 1170 bytes
Thu Jun  9 21:37:10 2016 us=462368 Incoming Ciphertext -> TLS
Thu Jun  9 21:37:10 2016 us=462467 SSL state (connect): SSLv3 read server hello A
Thu Jun  9 21:37:10 2016 us=462600 TLS: tls_process: chg=1 ks=S_SENT_KEY lame=S_UNDEF to_link->len=0 wakeup=604800
Thu Jun  9 21:37:10 2016 us=462619 ACK reliable_can_send active=0 current=0 : [2]
Thu Jun  9 21:37:10 2016 us=462644 ACK write ID 1 (ack->len=1, n=1)
Thu Jun  9 21:37:10 2016 us=462656 Dedicated ACK -> TCP/UDP
Thu Jun  9 21:37:10 2016 us=462671 ACK reliable_send_timeout 604800 [2]
Thu Jun  9 21:37:10 2016 us=462685 TLS: tls_process: timeout set to 60
Thu Jun  9 21:37:10 2016 us=462709 TLS: tls_multi_process: i=1 state=S_INITIAL, mysid=8014fb3e 759a2f5c, stored-sid=00000000 00000000, stored-ip=[undef]
Thu Jun  9 21:37:10 2016 us=462732 TLS: tls_multi_process: i=2 state=S_UNDEF, mysid=00000000 00000000, stored-sid=00000000 00000000, stored-ip=[undef]
Thu Jun  9 21:37:10 2016 us=462749 STREAM: SET NEXT, buf=[192,0] next=[192,1547] len=-1 maxlen=1547
Thu Jun  9 21:37:10 2016 us=462762 PO_CTL rwflags=0x0003 ev=3 arg=0x0069efe8
Thu Jun  9 21:37:10 2016 us=462789 I/O WAIT T?|T?|SR|SW [1/132136]
Thu Jun  9 21:37:10 2016 us=462807 PO_WAIT[0,0] fd=3 rev=0x00000004 rwflags=0x0002 arg=0x0069efe8 
Thu Jun  9 21:37:10 2016 us=462820  event_wait returned 1
Thu Jun  9 21:37:10 2016 us=462834 I/O WAIT status=0x0002
Thu Jun  9 21:37:10 2016 us=462863 TCPv4_CLIENT WRITE [22] to [AF_INET]130.xxx.xxx.xxx:2443: P_ACK_V1 kid=0 sid=73c67081 8a3cf597 [ 1 sid=d75f6e90 4a091a97 ]
Thu Jun  9 21:37:10 2016 us=462876 STREAM: WRITE 22 offset=35
Thu Jun  9 21:37:10 2016 us=462903 TCPv4_CLIENT write returned 24
Thu Jun  9 21:37:10 2016 us=462934 TLS: tls_multi_process: i=0 state=S_SENT_KEY, mysid=73c67081 8a3cf597, stored-sid=d75f6e90 4a091a97, stored-ip=[AF_INET]130.xxx.xxx.xxx:2443
Thu Jun  9 21:37:10 2016 us=462951 TLS: tls_process: chg=0 ks=S_SENT_KEY lame=S_UNDEF to_link->len=0 wakeup=604800
Thu Jun  9 21:37:10 2016 us=462996 ACK reliable_can_send active=0 current=0 : [2]
Thu Jun  9 21:37:10 2016 us=463032 ACK reliable_send_timeout 604800 [2]
Thu Jun  9 21:37:10 2016 us=463049 TLS: tls_process: timeout set to 60
Thu Jun  9 21:37:10 2016 us=463074 TLS: tls_multi_process: i=1 state=S_INITIAL, mysid=8014fb3e 759a2f5c, stored-sid=00000000 00000000, stored-ip=[undef]
Thu Jun  9 21:37:10 2016 us=463099 TLS: tls_multi_process: i=2 state=S_UNDEF, mysid=00000000 00000000, stored-sid=00000000 00000000, stored-ip=[undef]
Thu Jun  9 21:37:10 2016 us=463119 STREAM: SET NEXT, buf=[192,0] next=[192,1547] len=-1 maxlen=1547
Thu Jun  9 21:37:10 2016 us=463142 PO_CTL rwflags=0x0001 ev=3 arg=0x0069efe8
Thu Jun  9 21:37:10 2016 us=463163 I/O WAIT T?|T?|SR|Sw [1/132136]
Thu Jun  9 21:37:10 2016 us=467177 PO_WAIT[0,0] fd=3 rev=0x00000001 rwflags=0x0001 arg=0x0069efe8 
Thu Jun  9 21:37:10 2016 us=467224  event_wait returned 1
Thu Jun  9 21:37:10 2016 us=467245 I/O WAIT status=0x0001
Thu Jun  9 21:37:10 2016 us=467263 STREAM: GET NEXT len=1547
Thu Jun  9 21:37:10 2016 us=467288 STREAM: ADD length_added=1360
Thu Jun  9 21:37:10 2016 us=467305 STREAM: ADD returned TRUE, buf_len=1184, residual_len=174
Thu Jun  9 21:37:10 2016 us=467321 STREAM: GET FINAL len=1184
Thu Jun  9 21:37:10 2016 us=467334 STREAM: RESET
Thu Jun  9 21:37:10 2016 us=467350 TCPv4_CLIENT read returned 1184
Thu Jun  9 21:37:10 2016 us=468135 TCPv4_CLIENT READ [1184] from [AF_INET]130.xxx.xxx.xxx:2443: P_CONTROL_V1 kid=0 sid=d75f6e90 4a091a97 [ ] pid=2 DATA 6c69616e 6365311c 301a0603 55040313 136e7361 76706e2e 6e657473 7973746[more...]
Thu Jun  9 21:37:10 2016 us=468171 TLS: control channel, op=P_CONTROL_V1, IP=[AF_INET]130.xxx.xxx.xxx:2443
Thu Jun  9 21:37:10 2016 us=468241 TLS: initial packet test, i=0 state=S_SENT_KEY, mysid=73c67081 8a3cf597, rec-sid=d75f6e90 4a091a97, rec-ip=[AF_INET]130.xxx.xxx.xxx:2443, stored-sid=d75f6e90 4a091a97, stored-ip=[AF_INET]130.xxx.xxx.xxx:2443
Thu Jun  9 21:37:10 2016 us=468272 TLS: found match, session[0], sid=d75f6e90 4a091a97
Thu Jun  9 21:37:10 2016 us=468291 TLS: received control channel packet s#=0 sid=d75f6e90 4a091a97
Thu Jun  9 21:37:10 2016 us=468309 ACK read ID 2 (buf->len=1170)
Thu Jun  9 21:37:10 2016 us=468336 ACK RWBS rel->size=8 rel->packet_id=00000002 id=00000002 ret=1

Thu Jun  9 21:37:10 2016 us=468353 ACK mark active incoming ID 2
Thu Jun  9 21:37:10 2016 us=468368 ACK acknowledge ID 2 (ack->len=1)
Thu Jun  9 21:37:10 2016 us=468413 TLS: tls_multi_process: i=0 state=S_SENT_KEY, mysid=73c67081 8a3cf597, stored-sid=d75f6e90 4a091a97, stored-ip=[AF_INET]130.xxx.xxx.xxx:2443
Thu Jun  9 21:37:10 2016 us=468438 TLS: tls_process: chg=0 ks=S_SENT_KEY lame=S_UNDEF to_link->len=0 wakeup=604800
Thu Jun  9 21:37:10 2016 us=468454 ACK reliable_can_send active=0 current=0 : [2]
Thu Jun  9 21:37:10 2016 us=468473 BIO write tls_write_ciphertext 1170 bytes
Thu Jun  9 21:37:10 2016 us=468487 Incoming Ciphertext -> TLS
Thu Jun  9 21:37:10 2016 us=468523 TLS: tls_process: chg=1 ks=S_SENT_KEY lame=S_UNDEF to_link->len=0 wakeup=604800
Thu Jun  9 21:37:10 2016 us=468544 ACK reliable_can_send active=0 current=0 : [2]
Thu Jun  9 21:37:10 2016 us=468571 ACK write ID 2 (ack->len=1, n=1)
Thu Jun  9 21:37:10 2016 us=468590 Dedicated ACK -> TCP/UDP
Thu Jun  9 21:37:10 2016 us=468606 ACK reliable_send_timeout 604800 [2]
Thu Jun  9 21:37:10 2016 us=468622 TLS: tls_process: timeout set to 60
Thu Jun  9 21:37:10 2016 us=468648 TLS: tls_multi_process: i=1 state=S_INITIAL, mysid=8014fb3e 759a2f5c, stored-sid=00000000 00000000, stored-ip=[undef]
Thu Jun  9 21:37:10 2016 us=468674 TLS: tls_multi_process: i=2 state=S_UNDEF, mysid=00000000 00000000, stored-sid=00000000 00000000, stored-ip=[undef]
Thu Jun  9 21:37:10 2016 us=468694 STREAM: ADD length_added=0
Thu Jun  9 21:37:10 2016 us=468710 STREAM: ADD returned FALSE (have=172 need=1184)
Thu Jun  9 21:37:10 2016 us=468726 STREAM: SET NEXT, buf=[194,172] next=[366,1012] len=1184 maxlen=1547
Thu Jun  9 21:37:10 2016 us=468741 STREAM: RESIDUAL FULLY FORMED [NO], len=0
Thu Jun  9 21:37:10 2016 us=468756 STREAM: SET NEXT, buf=[194,172] next=[366,1012] len=1184 maxlen=1547
Thu Jun  9 21:37:10 2016 us=468773 PO_CTL rwflags=0x0003 ev=3 arg=0x0069efe8
Thu Jun  9 21:37:10 2016 us=468794 I/O WAIT T?|T?|SR|SW [1/132136]
Thu Jun  9 21:37:10 2016 us=468816 PO_WAIT[0,0] fd=3 rev=0x00000005 rwflags=0x0003 arg=0x0069efe8 
Thu Jun  9 21:37:10 2016 us=468833  event_wait returned 1
Thu Jun  9 21:37:10 2016 us=468846 I/O WAIT status=0x0003
Thu Jun  9 21:37:10 2016 us=468878 TCPv4_CLIENT WRITE [22] to [AF_INET]130.xxx.xxx.xxx:2443: P_ACK_V1 kid=0 sid=73c67081 8a3cf597 [ 2 sid=d75f6e90 4a091a97 ]
Thu Jun  9 21:37:10 2016 us=468896 STREAM: WRITE 22 offset=35
Thu Jun  9 21:37:10 2016 us=468915 TCPv4_CLIENT write returned 24
Thu Jun  9 21:37:10 2016 us=468946 TLS: tls_multi_process: i=0 state=S_SENT_KEY, mysid=73c67081 8a3cf597, stored-sid=d75f6e90 4a091a97, stored-ip=[AF_INET]130.xxx.xxx.xxx:2443
Thu Jun  9 21:37:10 2016 us=468965 TLS: tls_process: chg=0 ks=S_SENT_KEY lame=S_UNDEF to_link->len=0 wakeup=604800
Thu Jun  9 21:37:10 2016 us=468980 ACK reliable_can_send active=0 current=0 : [2]
Thu Jun  9 21:37:10 2016 us=469007 ACK reliable_send_timeout 604800 [2]
Thu Jun  9 21:37:10 2016 us=469171 TLS: tls_process: timeout set to 60
Thu Jun  9 21:37:10 2016 us=469199 TLS: tls_multi_process: i=1 state=S_INITIAL, mysid=8014fb3e 759a2f5c, stored-sid=00000000 00000000, stored-ip=[undef]
Thu Jun  9 21:37:10 2016 us=469226 TLS: tls_multi_process: i=2 state=S_UNDEF, mysid=00000000 00000000, stored-sid=00000000 00000000, stored-ip=[undef]
Thu Jun  9 21:37:10 2016 us=469248 STREAM: SET NEXT, buf=[194,172] next=[366,1012] len=1184 maxlen=1547
Thu Jun  9 21:37:10 2016 us=469264 PO_CTL rwflags=0x0001 ev=3 arg=0x0069efe8
Thu Jun  9 21:37:10 2016 us=469315 I/O WAIT T?|T?|SR|Sw [1/132136]
Thu Jun  9 21:37:10 2016 us=469338 PO_WAIT[0,0] fd=3 rev=0x00000001 rwflags=0x0001 arg=0x0069efe8 
Thu Jun  9 21:37:10 2016 us=469353  event_wait returned 1
Thu Jun  9 21:37:10 2016 us=469377 I/O WAIT status=0x0001
Thu Jun  9 21:37:10 2016 us=469394 STREAM: GET NEXT len=1012
Thu Jun  9 21:37:10 2016 us=469424 STREAM: ADD length_added=1012
Thu Jun  9 21:37:10 2016 us=469442 STREAM: ADD returned TRUE, buf_len=1184, residual_len=0
Thu Jun  9 21:37:10 2016 us=469466 STREAM: GET FINAL len=1184
Thu Jun  9 21:37:10 2016 us=469481 STREAM: RESET
Thu Jun  9 21:37:10 2016 us=469494 TCPv4_CLIENT read returned 1184
Thu Jun  9 21:37:10 2016 us=470255 TCPv4_CLIENT READ [1184] from [AF_INET]130.xxx.xxx.xxx:2443: P_CONTROL_V1 kid=0 sid=d75f6e90 4a091a97 [ ] pid=3 DATA bc4ee2bc 3dcf9bc8 4c63654d 35dd0af5 487e2c97 e0d43fec 9f683f34 1eda322[more...]
Thu Jun  9 21:37:10 2016 us=470285 TLS: control channel, op=P_CONTROL_V1, IP=[AF_INET]130.xxx.xxx.xxx:2443
Thu Jun  9 21:37:10 2016 us=470319 TLS: initial packet test, i=0 state=S_SENT_KEY, mysid=73c67081 8a3cf597, rec-sid=d75f6e90 4a091a97, rec-ip=[AF_INET]130.xxx.xxx.xxx:2443, stored-sid=d75f6e90 4a091a97, stored-ip=[AF_INET]130.xxx.xxx.xxx:2443
Thu Jun  9 21:37:10 2016 us=470381 TLS: found match, session[0], sid=d75f6e90 4a091a97
Thu Jun  9 21:37:10 2016 us=470413 TLS: received control channel packet s#=0 sid=d75f6e90 4a091a97
Thu Jun  9 21:37:10 2016 us=470432 ACK read ID 3 (buf->len=1170)
Thu Jun  9 21:37:10 2016 us=470446 ACK RWBS rel->size=8 rel->packet_id=00000003 id=00000003 ret=1

Thu Jun  9 21:37:10 2016 us=470460 ACK mark active incoming ID 3
Thu Jun  9 21:37:10 2016 us=470473 ACK acknowledge ID 3 (ack->len=1)
Thu Jun  9 21:37:10 2016 us=470504 TLS: tls_multi_process: i=0 state=S_SENT_KEY, mysid=73c67081 8a3cf597, stored-sid=d75f6e90 4a091a97, stored-ip=[AF_INET]130.xxx.xxx.xxx:2443
Thu Jun  9 21:37:10 2016 us=470521 TLS: tls_process: chg=0 ks=S_SENT_KEY lame=S_UNDEF to_link->len=0 wakeup=604800
Thu Jun  9 21:37:10 2016 us=470536 ACK reliable_can_send active=0 current=0 : [2]
Thu Jun  9 21:37:10 2016 us=470552 BIO write tls_write_ciphertext 1170 bytes
Thanks again.

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 3243
Joined: Fri Jun 03, 2016 1:17 pm

Re: Openvpn client fails to access server when started as a service

Post by TinCanTech » Thu Jun 09, 2016 7:49 pm

In future, please use --verb 4 not --verb 11

darkwind
OpenVPN User
Posts: 11
Joined: Thu Jun 09, 2016 11:10 am

Re: Openvpn client fails to access server when started as a service

Post by darkwind » Thu Jun 09, 2016 7:51 pm

ok. Sorry. Should I do it with verb 4 again?

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 3243
Joined: Fri Jun 03, 2016 1:17 pm

Re: Openvpn client fails to access server when started as a service

Post by TinCanTech » Thu Jun 09, 2016 7:59 pm

Please redo the failure (with service) at --verb 4.

darkwind
OpenVPN User
Posts: 11
Joined: Thu Jun 09, 2016 11:10 am

Re: Openvpn client fails to access server when started as a service

Post by darkwind » Thu Jun 09, 2016 8:05 pm

Code: Select all

Thu Jun  9 22:02:35 2016 us=173047 Current Parameter Settings:
Thu Jun  9 22:02:35 2016 us=173136   config = '/etc/openvpn/client.conf'
Thu Jun  9 22:02:35 2016 us=173156   mode = 0
Thu Jun  9 22:02:35 2016 us=173172   persist_config = DISABLED
Thu Jun  9 22:02:35 2016 us=173186   persist_mode = 1
Thu Jun  9 22:02:35 2016 us=173201   show_ciphers = DISABLED
Thu Jun  9 22:02:35 2016 us=173215   show_digests = DISABLED
Thu Jun  9 22:02:35 2016 us=173228   show_engines = DISABLED
Thu Jun  9 22:02:35 2016 us=173242   genkey = DISABLED
Thu Jun  9 22:02:35 2016 us=173256   key_pass_file = '[UNDEF]'
Thu Jun  9 22:02:35 2016 us=173269   show_tls_ciphers = DISABLED
Thu Jun  9 22:02:35 2016 us=173283 Connection profiles [default]:
Thu Jun  9 22:02:35 2016 us=173297   proto = tcp-client
Thu Jun  9 22:02:35 2016 us=173310   local = '[UNDEF]'
Thu Jun  9 22:02:35 2016 us=173324   local_port = 0
Thu Jun  9 22:02:35 2016 us=173338   remote = 'vpn.nxxxxxxm.de'
Thu Jun  9 22:02:35 2016 us=173352   remote_port = 2443
Thu Jun  9 22:02:35 2016 us=173366   remote_float = DISABLED
Thu Jun  9 22:02:35 2016 us=173380   bind_defined = DISABLED
Thu Jun  9 22:02:35 2016 us=173393   bind_local = DISABLED
Thu Jun  9 22:02:35 2016 us=173407   connect_retry_seconds = 5
Thu Jun  9 22:02:35 2016 us=173423   connect_timeout = 10
Thu Jun  9 22:02:35 2016 us=173437   connect_retry_max = 0
Thu Jun  9 22:02:35 2016 us=173461   socks_proxy_server = '[UNDEF]'
Thu Jun  9 22:02:35 2016 us=173482   socks_proxy_port = 0
Thu Jun  9 22:02:35 2016 us=173495   socks_proxy_retry = DISABLED
Thu Jun  9 22:02:35 2016 us=173523   tun_mtu = 1500
Thu Jun  9 22:02:35 2016 us=173536   tun_mtu_defined = ENABLED
Thu Jun  9 22:02:35 2016 us=173549   link_mtu = 1500
Thu Jun  9 22:02:35 2016 us=173562   link_mtu_defined = DISABLED
Thu Jun  9 22:02:35 2016 us=173575   tun_mtu_extra = 0
Thu Jun  9 22:02:35 2016 us=173588   tun_mtu_extra_defined = DISABLED
Thu Jun  9 22:02:35 2016 us=173601   mtu_discover_type = -1
Thu Jun  9 22:02:35 2016 us=173614   fragment = 0
Thu Jun  9 22:02:35 2016 us=173627   mssfix = 1450
Thu Jun  9 22:02:35 2016 us=173640   explicit_exit_notification = 0
Thu Jun  9 22:02:35 2016 us=173655 Connection profiles END
Thu Jun  9 22:02:35 2016 us=173669   remote_random = DISABLED
Thu Jun  9 22:02:35 2016 us=173682   ipchange = '[UNDEF]'
Thu Jun  9 22:02:35 2016 us=173694   dev = 'tun'
Thu Jun  9 22:02:35 2016 us=173707   dev_type = '[UNDEF]'
Thu Jun  9 22:02:35 2016 us=173729   dev_node = '[UNDEF]'
Thu Jun  9 22:02:35 2016 us=173744   lladdr = '[UNDEF]'
Thu Jun  9 22:02:35 2016 us=173764   topology = 1
Thu Jun  9 22:02:35 2016 us=173777   tun_ipv6 = DISABLED
Thu Jun  9 22:02:35 2016 us=173790   ifconfig_local = '[UNDEF]'
Thu Jun  9 22:02:35 2016 us=173804   ifconfig_remote_netmask = '[UNDEF]'
Thu Jun  9 22:02:35 2016 us=173816   ifconfig_noexec = DISABLED
Thu Jun  9 22:02:35 2016 us=173829   ifconfig_nowarn = DISABLED
Thu Jun  9 22:02:35 2016 us=173842   ifconfig_ipv6_local = '[UNDEF]'
Thu Jun  9 22:02:35 2016 us=173855   ifconfig_ipv6_netbits = 0
Thu Jun  9 22:02:35 2016 us=173868   ifconfig_ipv6_remote = '[UNDEF]'
Thu Jun  9 22:02:35 2016 us=173881   shaper = 0
Thu Jun  9 22:02:35 2016 us=173894   mtu_test = 0
Thu Jun  9 22:02:35 2016 us=173907   mlock = DISABLED
Thu Jun  9 22:02:35 2016 us=173920   keepalive_ping = 0
Thu Jun  9 22:02:35 2016 us=173933   keepalive_timeout = 0
Thu Jun  9 22:02:35 2016 us=173946   inactivity_timeout = 0
Thu Jun  9 22:02:35 2016 us=173959   ping_send_timeout = 0
Thu Jun  9 22:02:35 2016 us=173972   ping_rec_timeout = 0
Thu Jun  9 22:02:35 2016 us=173985   ping_rec_timeout_action = 0
Thu Jun  9 22:02:35 2016 us=173998   ping_timer_remote = DISABLED
Thu Jun  9 22:02:35 2016 us=174025   remap_sigusr1 = 0
Thu Jun  9 22:02:35 2016 us=174040   persist_tun = DISABLED
Thu Jun  9 22:02:35 2016 us=174053   persist_local_ip = DISABLED
Thu Jun  9 22:02:35 2016 us=174065   persist_remote_ip = DISABLED
Thu Jun  9 22:02:35 2016 us=174078   persist_key = DISABLED
Thu Jun  9 22:02:35 2016 us=174091   passtos = DISABLED
Thu Jun  9 22:02:35 2016 us=174104   resolve_retry_seconds = 1000000000
Thu Jun  9 22:02:35 2016 us=174117   username = '[UNDEF]'
Thu Jun  9 22:02:35 2016 us=174130   groupname = '[UNDEF]'
Thu Jun  9 22:02:35 2016 us=174143   chroot_dir = '[UNDEF]'
Thu Jun  9 22:02:35 2016 us=174155   cd_dir = '/etc/openvpn/'
Thu Jun  9 22:02:35 2016 us=174169   writepid = '/var/run/openvpn/client.pid'
Thu Jun  9 22:02:35 2016 us=174182   up_script = '[UNDEF]'
Thu Jun  9 22:02:35 2016 us=174195   down_script = '[UNDEF]'
Thu Jun  9 22:02:35 2016 us=174208   down_pre = DISABLED
Thu Jun  9 22:02:35 2016 us=174221   up_restart = DISABLED
Thu Jun  9 22:02:35 2016 us=174234   up_delay = DISABLED
Thu Jun  9 22:02:35 2016 us=174247   daemon = ENABLED
Thu Jun  9 22:02:35 2016 us=174260   inetd = 0
Thu Jun  9 22:02:35 2016 us=174273   log = ENABLED
Thu Jun  9 22:02:35 2016 us=174286   suppress_timestamps = DISABLED
Thu Jun  9 22:02:35 2016 us=174299   nice = 0
Thu Jun  9 22:02:35 2016 us=174312   verbosity = 4
Thu Jun  9 22:02:35 2016 us=174325   mute = 0
Thu Jun  9 22:02:35 2016 us=174338   gremlin = 0
Thu Jun  9 22:02:35 2016 us=174351   status_file = '[UNDEF]'
Thu Jun  9 22:02:35 2016 us=174364   status_file_version = 1
Thu Jun  9 22:02:35 2016 us=174377   status_file_update_freq = 60
Thu Jun  9 22:02:35 2016 us=174389   occ = ENABLED
Thu Jun  9 22:02:35 2016 us=174402   rcvbuf = 0
Thu Jun  9 22:02:35 2016 us=174415   sndbuf = 0
Thu Jun  9 22:02:35 2016 us=174434   mark = 0
Thu Jun  9 22:02:35 2016 us=174449   sockflags = 0
Thu Jun  9 22:02:35 2016 us=174461   fast_io = DISABLED
Thu Jun  9 22:02:35 2016 us=174484   lzo = 7
Thu Jun  9 22:02:35 2016 us=174497   route_script = '[UNDEF]'
Thu Jun  9 22:02:35 2016 us=174510   route_default_gateway = '[UNDEF]'
Thu Jun  9 22:02:35 2016 us=174523   route_default_metric = 0
Thu Jun  9 22:02:35 2016 us=174536   route_noexec = DISABLED
Thu Jun  9 22:02:35 2016 us=174549   route_delay = 0
Thu Jun  9 22:02:35 2016 us=174562   route_delay_window = 30
Thu Jun  9 22:02:35 2016 us=174575   route_delay_defined = DISABLED
Thu Jun  9 22:02:35 2016 us=174588   route_nopull = DISABLED
Thu Jun  9 22:02:35 2016 us=174601   route_gateway_via_dhcp = DISABLED
Thu Jun  9 22:02:35 2016 us=174614   max_routes = 100
Thu Jun  9 22:02:35 2016 us=174627   allow_pull_fqdn = DISABLED
Thu Jun  9 22:02:35 2016 us=174640   management_addr = '[UNDEF]'
Thu Jun  9 22:02:35 2016 us=174653   management_port = 0
Thu Jun  9 22:02:35 2016 us=174666   management_user_pass = '[UNDEF]'
Thu Jun  9 22:02:35 2016 us=174679   management_log_history_cache = 250
Thu Jun  9 22:02:35 2016 us=174692   management_echo_buffer_size = 100
Thu Jun  9 22:02:35 2016 us=174706   management_write_peer_info_file = '[UNDEF]'
Thu Jun  9 22:02:35 2016 us=174719   management_client_user = '[UNDEF]'
Thu Jun  9 22:02:35 2016 us=174742   management_client_group = '[UNDEF]'
Thu Jun  9 22:02:35 2016 us=174763   management_flags = 0
Thu Jun  9 22:02:35 2016 us=174778   shared_secret_file = '[UNDEF]'
Thu Jun  9 22:02:35 2016 us=174790   key_direction = 0
Thu Jun  9 22:02:35 2016 us=174803   ciphername_defined = ENABLED
Thu Jun  9 22:02:35 2016 us=174817   ciphername = 'BF-CBC'
Thu Jun  9 22:02:35 2016 us=174830   authname_defined = ENABLED
Thu Jun  9 22:02:35 2016 us=174843   authname = 'SHA1'
Thu Jun  9 22:02:35 2016 us=174856   prng_hash = 'SHA1'
Thu Jun  9 22:02:35 2016 us=174869   prng_nonce_secret_len = 16
Thu Jun  9 22:02:35 2016 us=174882   keysize = 0
Thu Jun  9 22:02:35 2016 us=174896   engine = DISABLED
Thu Jun  9 22:02:35 2016 us=174909   replay = ENABLED
Thu Jun  9 22:02:35 2016 us=174922   mute_replay_warnings = DISABLED
Thu Jun  9 22:02:35 2016 us=174935   replay_window = 64
Thu Jun  9 22:02:35 2016 us=174948   replay_time = 15
Thu Jun  9 22:02:35 2016 us=174961   packet_id_file = '[UNDEF]'
Thu Jun  9 22:02:35 2016 us=174975   use_iv = ENABLED
Thu Jun  9 22:02:35 2016 us=174988   test_crypto = DISABLED
Thu Jun  9 22:02:35 2016 us=175001   tls_server = DISABLED
Thu Jun  9 22:02:35 2016 us=175014   tls_client = ENABLED
Thu Jun  9 22:02:35 2016 us=175039   key_method = 2
Thu Jun  9 22:02:35 2016 us=175053   ca_file = '/etc/openvpn/ca.crt'
Thu Jun  9 22:02:35 2016 us=175065   ca_path = '[UNDEF]'
Thu Jun  9 22:02:35 2016 us=175078   dh_file = '[UNDEF]'
Thu Jun  9 22:02:35 2016 us=175091   cert_file = '/etc/openvpn/client.crt'
Thu Jun  9 22:02:35 2016 us=175105   extra_certs_file = '[UNDEF]'
Thu Jun  9 22:02:35 2016 us=175118   priv_key_file = '/etc/openvpn/client.key'
Thu Jun  9 22:02:35 2016 us=175132   pkcs12_file = '[UNDEF]'
Thu Jun  9 22:02:35 2016 us=175145   cipher_list = '[UNDEF]'
Thu Jun  9 22:02:35 2016 us=175158   tls_verify = '[UNDEF]'
Thu Jun  9 22:02:35 2016 us=175171   tls_export_cert = '[UNDEF]'
Thu Jun  9 22:02:35 2016 us=175184   verify_x509_type = 0
Thu Jun  9 22:02:35 2016 us=175196   verify_x509_name = '[UNDEF]'
Thu Jun  9 22:02:35 2016 us=175209   crl_file = '[UNDEF]'
Thu Jun  9 22:02:35 2016 us=175222   ns_cert_type = 0
Thu Jun  9 22:02:35 2016 us=175235   remote_cert_ku[i] = 160
Thu Jun  9 22:02:35 2016 us=175248   remote_cert_ku[i] = 136
Thu Jun  9 22:02:35 2016 us=175261   remote_cert_ku[i] = 0
Thu Jun  9 22:02:35 2016 us=175273   remote_cert_ku[i] = 0
Thu Jun  9 22:02:35 2016 us=175286   remote_cert_ku[i] = 0
Thu Jun  9 22:02:35 2016 us=175299   remote_cert_ku[i] = 0
Thu Jun  9 22:02:35 2016 us=175311   remote_cert_ku[i] = 0
Thu Jun  9 22:02:35 2016 us=175324   remote_cert_ku[i] = 0
Thu Jun  9 22:02:35 2016 us=175336   remote_cert_ku[i] = 0
Thu Jun  9 22:02:35 2016 us=175360   remote_cert_ku[i] = 0
Thu Jun  9 22:02:35 2016 us=175373   remote_cert_ku[i] = 0
Thu Jun  9 22:02:35 2016 us=175386   remote_cert_ku[i] = 0
Thu Jun  9 22:02:35 2016 us=175399   remote_cert_ku[i] = 0
Thu Jun  9 22:02:35 2016 us=175413   remote_cert_ku[i] = 0
Thu Jun  9 22:02:35 2016 us=175426   remote_cert_ku[i] = 0
Thu Jun  9 22:02:35 2016 us=175439   remote_cert_ku[i] = 0
Thu Jun  9 22:02:35 2016 us=175452   remote_cert_eku = 'TLS Web Server Authentication'
Thu Jun  9 22:02:35 2016 us=175471   ssl_flags = 0
Thu Jun  9 22:02:35 2016 us=175484   tls_timeout = 2
Thu Jun  9 22:02:35 2016 us=175497   renegotiate_bytes = 0
Thu Jun  9 22:02:35 2016 us=175510   renegotiate_packets = 0
Thu Jun  9 22:02:35 2016 us=175522   renegotiate_seconds = 3600
Thu Jun  9 22:02:35 2016 us=175535   handshake_window = 60
Thu Jun  9 22:02:35 2016 us=175548   transition_window = 3600
Thu Jun  9 22:02:35 2016 us=175561   single_session = DISABLED
Thu Jun  9 22:02:35 2016 us=175575   push_peer_info = DISABLED
Thu Jun  9 22:02:35 2016 us=175587   tls_exit = DISABLED
Thu Jun  9 22:02:35 2016 us=175600   tls_auth_file = '[UNDEF]'
Thu Jun  9 22:02:35 2016 us=175614   pkcs11_protected_authentication = DISABLED
Thu Jun  9 22:02:35 2016 us=175627   pkcs11_protected_authentication = DISABLED
Thu Jun  9 22:02:35 2016 us=175639   pkcs11_protected_authentication = DISABLED
Thu Jun  9 22:02:35 2016 us=175653   pkcs11_protected_authentication = DISABLED
Thu Jun  9 22:02:35 2016 us=175666   pkcs11_protected_authentication = DISABLED
Thu Jun  9 22:02:35 2016 us=175678   pkcs11_protected_authentication = DISABLED
Thu Jun  9 22:02:35 2016 us=175691   pkcs11_protected_authentication = DISABLED
Thu Jun  9 22:02:35 2016 us=175704   pkcs11_protected_authentication = DISABLED
Thu Jun  9 22:02:35 2016 us=175717   pkcs11_protected_authentication = DISABLED
Thu Jun  9 22:02:35 2016 us=175739   pkcs11_protected_authentication = DISABLED
Thu Jun  9 22:02:35 2016 us=175753   pkcs11_protected_authentication = DISABLED
Thu Jun  9 22:02:35 2016 us=175774   pkcs11_protected_authentication = DISABLED
Thu Jun  9 22:02:35 2016 us=175788   pkcs11_protected_authentication = DISABLED
Thu Jun  9 22:02:35 2016 us=175801   pkcs11_protected_authentication = DISABLED
Thu Jun  9 22:02:35 2016 us=175813   pkcs11_protected_authentication = DISABLED
Thu Jun  9 22:02:35 2016 us=175826   pkcs11_protected_authentication = DISABLED
Thu Jun  9 22:02:35 2016 us=175840   pkcs11_private_mode = 00000000
Thu Jun  9 22:02:35 2016 us=175853   pkcs11_private_mode = 00000000
Thu Jun  9 22:02:35 2016 us=175866   pkcs11_private_mode = 00000000
Thu Jun  9 22:02:35 2016 us=175879   pkcs11_private_mode = 00000000
Thu Jun  9 22:02:35 2016 us=175892   pkcs11_private_mode = 00000000
Thu Jun  9 22:02:35 2016 us=175905   pkcs11_private_mode = 00000000
Thu Jun  9 22:02:35 2016 us=175918   pkcs11_private_mode = 00000000
Thu Jun  9 22:02:35 2016 us=175930   pkcs11_private_mode = 00000000
Thu Jun  9 22:02:35 2016 us=175943   pkcs11_private_mode = 00000000
Thu Jun  9 22:02:35 2016 us=175956   pkcs11_private_mode = 00000000
Thu Jun  9 22:02:35 2016 us=175968   pkcs11_private_mode = 00000000
Thu Jun  9 22:02:35 2016 us=175981   pkcs11_private_mode = 00000000
Thu Jun  9 22:02:35 2016 us=175994   pkcs11_private_mode = 00000000
Thu Jun  9 22:02:35 2016 us=176006   pkcs11_private_mode = 00000000
Thu Jun  9 22:02:35 2016 us=176019   pkcs11_private_mode = 00000000
Thu Jun  9 22:02:35 2016 us=176043   pkcs11_private_mode = 00000000
Thu Jun  9 22:02:35 2016 us=176057   pkcs11_cert_private = DISABLED
Thu Jun  9 22:02:35 2016 us=176070   pkcs11_cert_private = DISABLED
Thu Jun  9 22:02:35 2016 us=176083   pkcs11_cert_private = DISABLED
Thu Jun  9 22:02:35 2016 us=176096   pkcs11_cert_private = DISABLED
Thu Jun  9 22:02:35 2016 us=176109   pkcs11_cert_private = DISABLED
Thu Jun  9 22:02:35 2016 us=176122   pkcs11_cert_private = DISABLED
Thu Jun  9 22:02:35 2016 us=176134   pkcs11_cert_private = DISABLED
Thu Jun  9 22:02:35 2016 us=176147   pkcs11_cert_private = DISABLED
Thu Jun  9 22:02:35 2016 us=176166   pkcs11_cert_private = DISABLED
Thu Jun  9 22:02:35 2016 us=176179   pkcs11_cert_private = DISABLED
Thu Jun  9 22:02:35 2016 us=176191   pkcs11_cert_private = DISABLED
Thu Jun  9 22:02:35 2016 us=176204   pkcs11_cert_private = DISABLED
Thu Jun  9 22:02:35 2016 us=176217   pkcs11_cert_private = DISABLED
Thu Jun  9 22:02:35 2016 us=176230   pkcs11_cert_private = DISABLED
Thu Jun  9 22:02:35 2016 us=176243   pkcs11_cert_private = DISABLED
Thu Jun  9 22:02:35 2016 us=176255   pkcs11_cert_private = DISABLED
Thu Jun  9 22:02:35 2016 us=176269   pkcs11_pin_cache_period = -1
Thu Jun  9 22:02:35 2016 us=176281   pkcs11_id = '[UNDEF]'
Thu Jun  9 22:02:35 2016 us=176295   pkcs11_id_management = DISABLED
Thu Jun  9 22:02:35 2016 us=176317   server_network = 0.0.0.0
Thu Jun  9 22:02:35 2016 us=176332   server_netmask = 0.0.0.0
Thu Jun  9 22:02:35 2016 us=176350   server_network_ipv6 = ::
Thu Jun  9 22:02:35 2016 us=176364   server_netbits_ipv6 = 0
Thu Jun  9 22:02:35 2016 us=176378   server_bridge_ip = 0.0.0.0
Thu Jun  9 22:02:35 2016 us=176393   server_bridge_netmask = 0.0.0.0
Thu Jun  9 22:02:35 2016 us=176408   server_bridge_pool_start = 0.0.0.0
Thu Jun  9 22:02:35 2016 us=176424   server_bridge_pool_end = 0.0.0.0
Thu Jun  9 22:02:35 2016 us=176437   ifconfig_pool_defined = DISABLED
Thu Jun  9 22:02:35 2016 us=176451   ifconfig_pool_start = 0.0.0.0
Thu Jun  9 22:02:35 2016 us=176470   ifconfig_pool_end = 0.0.0.0
Thu Jun  9 22:02:35 2016 us=176485   ifconfig_pool_netmask = 0.0.0.0
Thu Jun  9 22:02:35 2016 us=176499   ifconfig_pool_persist_filename = '[UNDEF]'
Thu Jun  9 22:02:35 2016 us=176513   ifconfig_pool_persist_refresh_freq = 600
Thu Jun  9 22:02:35 2016 us=176526   ifconfig_ipv6_pool_defined = DISABLED
Thu Jun  9 22:02:35 2016 us=176540   ifconfig_ipv6_pool_base = ::
Thu Jun  9 22:02:35 2016 us=176553   ifconfig_ipv6_pool_netbits = 0
Thu Jun  9 22:02:35 2016 us=176566   n_bcast_buf = 256
Thu Jun  9 22:02:35 2016 us=176579   tcp_queue_limit = 64
Thu Jun  9 22:02:35 2016 us=176592   real_hash_size = 256
Thu Jun  9 22:02:35 2016 us=176605   virtual_hash_size = 256
Thu Jun  9 22:02:35 2016 us=176618   client_connect_script = '[UNDEF]'
Thu Jun  9 22:02:35 2016 us=176631   learn_address_script = '[UNDEF]'
Thu Jun  9 22:02:35 2016 us=176644   client_disconnect_script = '[UNDEF]'
Thu Jun  9 22:02:35 2016 us=176657   client_config_dir = '[UNDEF]'
Thu Jun  9 22:02:35 2016 us=176670   ccd_exclusive = DISABLED
Thu Jun  9 22:02:35 2016 us=176683   tmp_dir = '/tmp'
Thu Jun  9 22:02:35 2016 us=176697   push_ifconfig_defined = DISABLED
Thu Jun  9 22:02:35 2016 us=176711   push_ifconfig_local = 0.0.0.0
Thu Jun  9 22:02:35 2016 us=176726   push_ifconfig_remote_netmask = 0.0.0.0
Thu Jun  9 22:02:35 2016 us=176750   push_ifconfig_ipv6_defined = DISABLED
Thu Jun  9 22:02:35 2016 us=176772   push_ifconfig_ipv6_local = ::/0
Thu Jun  9 22:02:35 2016 us=176800   push_ifconfig_ipv6_remote = ::
Thu Jun  9 22:02:35 2016 us=176814   enable_c2c = DISABLED
Thu Jun  9 22:02:35 2016 us=176827   duplicate_cn = DISABLED
Thu Jun  9 22:02:35 2016 us=176840   cf_max = 0
Thu Jun  9 22:02:35 2016 us=176853   cf_per = 0
Thu Jun  9 22:02:35 2016 us=176866   max_clients = 1024
Thu Jun  9 22:02:35 2016 us=176879   max_routes_per_client = 256
Thu Jun  9 22:02:35 2016 us=176892   auth_user_pass_verify_script = '[UNDEF]'
Thu Jun  9 22:02:35 2016 us=176906   auth_user_pass_verify_script_via_file = DISABLED
Thu Jun  9 22:02:35 2016 us=176919   port_share_host = '[UNDEF]'
Thu Jun  9 22:02:35 2016 us=176932   port_share_port = 0
Thu Jun  9 22:02:35 2016 us=176945   client = ENABLED
Thu Jun  9 22:02:35 2016 us=176958   pull = ENABLED
Thu Jun  9 22:02:35 2016 us=176971   auth_user_pass_file = '[UNDEF]'
Thu Jun  9 22:02:35 2016 us=176988 OpenVPN 2.3.11 x86_64-redhat-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on May 10 2016
Thu Jun  9 22:02:35 2016 us=177009 library versions: OpenSSL 1.0.1e-fips 11 Feb 2013, LZO 2.03
Thu Jun  9 22:02:35 2016 us=178709 WARNING: file '/etc/openvpn/client.key' is group or others accessible
Thu Jun  9 22:02:35 2016 us=179283 LZO compression initialized
Thu Jun  9 22:02:35 2016 us=179408 Control Channel MTU parms [ L:1544 D:1210 EF:40 EB:0 ET:0 EL:3 ]
Thu Jun  9 22:02:35 2016 us=179857 Socket Buffers: R=[87380->87380] S=[16384->16384]
Thu Jun  9 22:02:35 2016 us=185156 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:143 ET:0 EL:3 AF:3/1 ]
Thu Jun  9 22:02:35 2016 us=185274 Local Options String: 'V4,dev-type tun,link-mtu 1544,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Thu Jun  9 22:02:35 2016 us=185314 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1544,tun-mtu 1500,proto TCPv4_SERVER,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Thu Jun  9 22:02:35 2016 us=185371 Local Options hash (VER=V4): '69109d17'
Thu Jun  9 22:02:35 2016 us=185419 Expected Remote Options hash (VER=V4): 'c0103fa8'
Thu Jun  9 22:02:35 2016 us=185467 Attempting to establish TCP connection with [AF_INET]130.xxx.xxx.xxx:2443 [nonblock]
Thu Jun  9 22:02:35 2016 us=185640 TCP: connect to [AF_INET]130.xxx.xxx.xxx:2443 failed, will try again in 5 seconds: Permission denied
Thu Jun  9 22:02:40 2016 us=192491 TCP: connect to [AF_INET]130.xxx.xxx.xxx:2443 failed, will try again in 5 seconds: Permission denied
Thu Jun  9 22:02:45 2016 us=199266 TCP: connect to [AF_INET]130.xxx.xxx.xxx:2443 failed, will try again in 5 seconds: Permission denied
Thu Jun  9 22:02:50 2016 us=201989 TCP: connect to [AF_INET]130.xxx.xxx.xxx:2443 failed, will try again in 5 seconds: Permission denied
Thu Jun  9 22:02:55 2016 us=208193 TCP: connect to [AF_INET]130.xxx.xxx.xxx:2443 failed, will try again in 5 seconds: Permission denied
Thu Jun  9 22:03:00 2016 us=211064 TCP: connect to [AF_INET]130.xxx.xxx.xxx:2443 failed, will try again in 5 seconds: Permission denied
Thu Jun  9 22:03:05 2016 us=213537 TCP: connect to [AF_INET]130.xxx.xxx.xxx:2443 failed, will try again in 5 seconds: Permission denied
Thu Jun  9 22:03:05 2016 us=536069 SIGTERM[hard,init_instance] received, process exiting
Hope this is better. Thanks for your patience and time.

Cheers,
Alex

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 3243
Joined: Fri Jun 03, 2016 1:17 pm

Re: Openvpn client fails to access server when started as a service

Post by TinCanTech » Thu Jun 09, 2016 8:10 pm

You appear to have two problems:
  • Permission denied
  • Your client will not connect when started by service
For permission denied try adding these to your config file:

Code: Select all

daemon openvpn-client
writepid /run/openvpn/client.pid
script-security 2
log /var/log/openvpn.log
cd /etc/openvpn/
and try again.

darkwind
OpenVPN User
Posts: 11
Joined: Thu Jun 09, 2016 11:10 am

Re: Openvpn client fails to access server when started as a service

Post by darkwind » Thu Jun 09, 2016 8:19 pm

my /etc/client.conf now looks like this:

Code: Select all

client
remote nsavpn.netsystem.de
port 2443
proto tcp
dev tun
comp-lzo
remote-cert-tls server
ca /etc/openvpn/ca.crt
cert /etc/openvpn/client.crt
key /etc/openvpn/client.key
daemon openvpn-client
writepid /var/run/openvpn/client.pid
script-security 2
log /var/log/openvpn.log
cd /etc/openvpn/
The result is the same:

Code: Select all

Thu Jun  9 22:14:23 2016 us=242988 Current Parameter Settings:
Thu Jun  9 22:14:23 2016 us=243028   config = '/etc/openvpn/client.conf'
Thu Jun  9 22:14:23 2016 us=243040   mode = 0
Thu Jun  9 22:14:23 2016 us=243050   persist_config = DISABLED
Thu Jun  9 22:14:23 2016 us=243060   persist_mode = 1
Thu Jun  9 22:14:23 2016 us=243070   show_ciphers = DISABLED
Thu Jun  9 22:14:23 2016 us=243079   show_digests = DISABLED
Thu Jun  9 22:14:23 2016 us=243089   show_engines = DISABLED
Thu Jun  9 22:14:23 2016 us=243099   genkey = DISABLED
Thu Jun  9 22:14:23 2016 us=243109   key_pass_file = '[UNDEF]'
Thu Jun  9 22:14:23 2016 us=243118   show_tls_ciphers = DISABLED
Thu Jun  9 22:14:23 2016 us=243128 Connection profiles [default]:
Thu Jun  9 22:14:23 2016 us=243138   proto = tcp-client
Thu Jun  9 22:14:23 2016 us=243149   local = '[UNDEF]'
Thu Jun  9 22:14:23 2016 us=243159   local_port = 0
Thu Jun  9 22:14:23 2016 us=243170   remote = 'vpn.nxxxxxxm.de'
Thu Jun  9 22:14:23 2016 us=243198   remote_port = 2443
Thu Jun  9 22:14:23 2016 us=243208   remote_float = DISABLED
Thu Jun  9 22:14:23 2016 us=243218   bind_defined = DISABLED
Thu Jun  9 22:14:23 2016 us=243228   bind_local = DISABLED
Thu Jun  9 22:14:23 2016 us=243237   connect_retry_seconds = 5
Thu Jun  9 22:14:23 2016 us=243247   connect_timeout = 10
Thu Jun  9 22:14:23 2016 us=243257   connect_retry_max = 0
Thu Jun  9 22:14:23 2016 us=243267   socks_proxy_server = '[UNDEF]'
Thu Jun  9 22:14:23 2016 us=243276   socks_proxy_port = 0
Thu Jun  9 22:14:23 2016 us=243286   socks_proxy_retry = DISABLED
Thu Jun  9 22:14:23 2016 us=243296   tun_mtu = 1500
Thu Jun  9 22:14:23 2016 us=243306   tun_mtu_defined = ENABLED
Thu Jun  9 22:14:23 2016 us=243315   link_mtu = 1500
Thu Jun  9 22:14:23 2016 us=243325   link_mtu_defined = DISABLED
Thu Jun  9 22:14:23 2016 us=243345   tun_mtu_extra = 0
Thu Jun  9 22:14:23 2016 us=243360   tun_mtu_extra_defined = DISABLED
Thu Jun  9 22:14:23 2016 us=243382   mtu_discover_type = -1
Thu Jun  9 22:14:23 2016 us=243395   fragment = 0
Thu Jun  9 22:14:23 2016 us=243406   mssfix = 1450
Thu Jun  9 22:14:23 2016 us=243417   explicit_exit_notification = 0
Thu Jun  9 22:14:23 2016 us=243431 Connection profiles END
Thu Jun  9 22:14:23 2016 us=243440   remote_random = DISABLED
Thu Jun  9 22:14:23 2016 us=243450   ipchange = '[UNDEF]'
Thu Jun  9 22:14:23 2016 us=243461   dev = 'tun'
Thu Jun  9 22:14:23 2016 us=243483   dev_type = '[UNDEF]'
Thu Jun  9 22:14:23 2016 us=243493   dev_node = '[UNDEF]'
Thu Jun  9 22:14:23 2016 us=243503   lladdr = '[UNDEF]'
Thu Jun  9 22:14:23 2016 us=243512   topology = 1
Thu Jun  9 22:14:23 2016 us=243522   tun_ipv6 = DISABLED
Thu Jun  9 22:14:23 2016 us=243532   ifconfig_local = '[UNDEF]'
Thu Jun  9 22:14:23 2016 us=243541   ifconfig_remote_netmask = '[UNDEF]'
Thu Jun  9 22:14:23 2016 us=243551   ifconfig_noexec = DISABLED
Thu Jun  9 22:14:23 2016 us=243560   ifconfig_nowarn = DISABLED
Thu Jun  9 22:14:23 2016 us=243570   ifconfig_ipv6_local = '[UNDEF]'
Thu Jun  9 22:14:23 2016 us=243579   ifconfig_ipv6_netbits = 0
Thu Jun  9 22:14:23 2016 us=243589   ifconfig_ipv6_remote = '[UNDEF]'
Thu Jun  9 22:14:23 2016 us=243598   shaper = 0
Thu Jun  9 22:14:23 2016 us=243607   mtu_test = 0
Thu Jun  9 22:14:23 2016 us=243619   mlock = DISABLED
Thu Jun  9 22:14:23 2016 us=243632   keepalive_ping = 0
Thu Jun  9 22:14:23 2016 us=243647   keepalive_timeout = 0
Thu Jun  9 22:14:23 2016 us=243661   inactivity_timeout = 0
Thu Jun  9 22:14:23 2016 us=243676   ping_send_timeout = 0
Thu Jun  9 22:14:23 2016 us=243690   ping_rec_timeout = 0
Thu Jun  9 22:14:23 2016 us=243704   ping_rec_timeout_action = 0
Thu Jun  9 22:14:23 2016 us=243719   ping_timer_remote = DISABLED
Thu Jun  9 22:14:23 2016 us=243733   remap_sigusr1 = 0
Thu Jun  9 22:14:23 2016 us=243747   persist_tun = DISABLED
Thu Jun  9 22:14:23 2016 us=243771   persist_local_ip = DISABLED
Thu Jun  9 22:14:23 2016 us=243787   persist_remote_ip = DISABLED
Thu Jun  9 22:14:23 2016 us=243802   persist_key = DISABLED
Thu Jun  9 22:14:23 2016 us=243816   passtos = DISABLED
Thu Jun  9 22:14:23 2016 us=243831   resolve_retry_seconds = 1000000000
Thu Jun  9 22:14:23 2016 us=243851   username = '[UNDEF]'
Thu Jun  9 22:14:23 2016 us=243866   groupname = '[UNDEF]'
Thu Jun  9 22:14:23 2016 us=243881   chroot_dir = '[UNDEF]'
Thu Jun  9 22:14:23 2016 us=243895   cd_dir = '/etc/openvpn/'
Thu Jun  9 22:14:23 2016 us=243909   writepid = '/var/run/openvpn/client.pid'
Thu Jun  9 22:14:23 2016 us=243923   up_script = '[UNDEF]'
Thu Jun  9 22:14:23 2016 us=243939   down_script = '[UNDEF]'
Thu Jun  9 22:14:23 2016 us=243954   down_pre = DISABLED
Thu Jun  9 22:14:23 2016 us=243968   up_restart = DISABLED
Thu Jun  9 22:14:23 2016 us=243982   up_delay = DISABLED
Thu Jun  9 22:14:23 2016 us=243998   daemon = ENABLED
Thu Jun  9 22:14:23 2016 us=244012   inetd = 0
Thu Jun  9 22:14:23 2016 us=244026   log = ENABLED
Thu Jun  9 22:14:23 2016 us=244040   suppress_timestamps = DISABLED
Thu Jun  9 22:14:23 2016 us=244055   nice = 0
Thu Jun  9 22:14:23 2016 us=244069   verbosity = 4
Thu Jun  9 22:14:23 2016 us=244083   mute = 0
Thu Jun  9 22:14:23 2016 us=244097   gremlin = 0
Thu Jun  9 22:14:23 2016 us=244111   status_file = '[UNDEF]'
Thu Jun  9 22:14:23 2016 us=244125   status_file_version = 1
Thu Jun  9 22:14:23 2016 us=244140   status_file_update_freq = 60
Thu Jun  9 22:14:23 2016 us=244153   occ = ENABLED
Thu Jun  9 22:14:23 2016 us=244168   rcvbuf = 0
Thu Jun  9 22:14:23 2016 us=244196   sndbuf = 0
Thu Jun  9 22:14:23 2016 us=244209   mark = 0
Thu Jun  9 22:14:23 2016 us=244224   sockflags = 0
Thu Jun  9 22:14:23 2016 us=244238   fast_io = DISABLED
Thu Jun  9 22:14:23 2016 us=244252   lzo = 7
Thu Jun  9 22:14:23 2016 us=244266   route_script = '[UNDEF]'
Thu Jun  9 22:14:23 2016 us=244280   route_default_gateway = '[UNDEF]'
Thu Jun  9 22:14:23 2016 us=244295   route_default_metric = 0
Thu Jun  9 22:14:23 2016 us=244310   route_noexec = DISABLED
Thu Jun  9 22:14:23 2016 us=244324   route_delay = 0
Thu Jun  9 22:14:23 2016 us=244347   route_delay_window = 30
Thu Jun  9 22:14:23 2016 us=244365   route_delay_defined = DISABLED
Thu Jun  9 22:14:23 2016 us=244391   route_nopull = DISABLED
Thu Jun  9 22:14:23 2016 us=244407   route_gateway_via_dhcp = DISABLED
Thu Jun  9 22:14:23 2016 us=244422   max_routes = 100
Thu Jun  9 22:14:23 2016 us=244437   allow_pull_fqdn = DISABLED
Thu Jun  9 22:14:23 2016 us=244452   management_addr = '[UNDEF]'
Thu Jun  9 22:14:23 2016 us=244473   management_port = 0
Thu Jun  9 22:14:23 2016 us=244492   management_user_pass = '[UNDEF]'
Thu Jun  9 22:14:23 2016 us=244509   management_log_history_cache = 250
Thu Jun  9 22:14:23 2016 us=244523   management_echo_buffer_size = 100
Thu Jun  9 22:14:23 2016 us=244538   management_write_peer_info_file = '[UNDEF]'
Thu Jun  9 22:14:23 2016 us=244553   management_client_user = '[UNDEF]'
Thu Jun  9 22:14:23 2016 us=244570   management_client_group = '[UNDEF]'
Thu Jun  9 22:14:23 2016 us=244585   management_flags = 0
Thu Jun  9 22:14:23 2016 us=244600   shared_secret_file = '[UNDEF]'
Thu Jun  9 22:14:23 2016 us=244616   key_direction = 0
Thu Jun  9 22:14:23 2016 us=244630   ciphername_defined = ENABLED
Thu Jun  9 22:14:23 2016 us=244646   ciphername = 'BF-CBC'
Thu Jun  9 22:14:23 2016 us=244661   authname_defined = ENABLED
Thu Jun  9 22:14:23 2016 us=244677   authname = 'SHA1'
Thu Jun  9 22:14:23 2016 us=244692   prng_hash = 'SHA1'
Thu Jun  9 22:14:23 2016 us=244706   prng_nonce_secret_len = 16
Thu Jun  9 22:14:23 2016 us=244743   keysize = 0
Thu Jun  9 22:14:23 2016 us=244768   engine = DISABLED
Thu Jun  9 22:14:23 2016 us=244790   replay = ENABLED
Thu Jun  9 22:14:23 2016 us=244808   mute_replay_warnings = DISABLED
Thu Jun  9 22:14:23 2016 us=244823   replay_window = 64
Thu Jun  9 22:14:23 2016 us=244837   replay_time = 15
Thu Jun  9 22:14:23 2016 us=244852   packet_id_file = '[UNDEF]'
Thu Jun  9 22:14:23 2016 us=244866   use_iv = ENABLED
Thu Jun  9 22:14:23 2016 us=244880   test_crypto = DISABLED
Thu Jun  9 22:14:23 2016 us=244895   tls_server = DISABLED
Thu Jun  9 22:14:23 2016 us=244909   tls_client = ENABLED
Thu Jun  9 22:14:23 2016 us=244923   key_method = 2
Thu Jun  9 22:14:23 2016 us=244937   ca_file = '/etc/openvpn/ca.crt'
Thu Jun  9 22:14:23 2016 us=244958   ca_path = '[UNDEF]'
Thu Jun  9 22:14:23 2016 us=244972   dh_file = '[UNDEF]'
Thu Jun  9 22:14:23 2016 us=244984   cert_file = '/etc/openvpn/client.crt'
Thu Jun  9 22:14:23 2016 us=244998   extra_certs_file = '[UNDEF]'
Thu Jun  9 22:14:23 2016 us=245011   priv_key_file = '/etc/openvpn/client.key'
Thu Jun  9 22:14:23 2016 us=245024   pkcs12_file = '[UNDEF]'
Thu Jun  9 22:14:23 2016 us=245037   cipher_list = '[UNDEF]'
Thu Jun  9 22:14:23 2016 us=245050   tls_verify = '[UNDEF]'
Thu Jun  9 22:14:23 2016 us=245063   tls_export_cert = '[UNDEF]'
Thu Jun  9 22:14:23 2016 us=245076   verify_x509_type = 0
Thu Jun  9 22:14:23 2016 us=245089   verify_x509_name = '[UNDEF]'
Thu Jun  9 22:14:23 2016 us=245102   crl_file = '[UNDEF]'
Thu Jun  9 22:14:23 2016 us=245115   ns_cert_type = 0
Thu Jun  9 22:14:23 2016 us=245128   remote_cert_ku[i] = 160
Thu Jun  9 22:14:23 2016 us=245141   remote_cert_ku[i] = 136
Thu Jun  9 22:14:23 2016 us=245153   remote_cert_ku[i] = 0
Thu Jun  9 22:14:23 2016 us=245166   remote_cert_ku[i] = 0
Thu Jun  9 22:14:23 2016 us=245179   remote_cert_ku[i] = 0
Thu Jun  9 22:14:23 2016 us=245204   remote_cert_ku[i] = 0
Thu Jun  9 22:14:23 2016 us=245217   remote_cert_ku[i] = 0
Thu Jun  9 22:14:23 2016 us=245230   remote_cert_ku[i] = 0
Thu Jun  9 22:14:23 2016 us=245242   remote_cert_ku[i] = 0
Thu Jun  9 22:14:23 2016 us=245255   remote_cert_ku[i] = 0
Thu Jun  9 22:14:23 2016 us=245268   remote_cert_ku[i] = 0
Thu Jun  9 22:14:23 2016 us=245281   remote_cert_ku[i] = 0
Thu Jun  9 22:14:23 2016 us=245293   remote_cert_ku[i] = 0
Thu Jun  9 22:14:23 2016 us=245306   remote_cert_ku[i] = 0
Thu Jun  9 22:14:23 2016 us=245319   remote_cert_ku[i] = 0
Thu Jun  9 22:14:23 2016 us=245332   remote_cert_ku[i] = 0
Thu Jun  9 22:14:23 2016 us=245354   remote_cert_eku = 'TLS Web Server Authentication'
Thu Jun  9 22:14:23 2016 us=245369   ssl_flags = 0
Thu Jun  9 22:14:23 2016 us=245382   tls_timeout = 2
Thu Jun  9 22:14:23 2016 us=245406   renegotiate_bytes = 0
Thu Jun  9 22:14:23 2016 us=245420   renegotiate_packets = 0
Thu Jun  9 22:14:23 2016 us=245433   renegotiate_seconds = 3600
Thu Jun  9 22:14:23 2016 us=245446   handshake_window = 60
Thu Jun  9 22:14:23 2016 us=245459   transition_window = 3600
Thu Jun  9 22:14:23 2016 us=245481   single_session = DISABLED
Thu Jun  9 22:14:23 2016 us=245495   push_peer_info = DISABLED
Thu Jun  9 22:14:23 2016 us=245507   tls_exit = DISABLED
Thu Jun  9 22:14:23 2016 us=245521   tls_auth_file = '[UNDEF]'
Thu Jun  9 22:14:23 2016 us=245534   pkcs11_protected_authentication = DISABLED
Thu Jun  9 22:14:23 2016 us=245547   pkcs11_protected_authentication = DISABLED
Thu Jun  9 22:14:23 2016 us=245560   pkcs11_protected_authentication = DISABLED
Thu Jun  9 22:14:23 2016 us=245573   pkcs11_protected_authentication = DISABLED
Thu Jun  9 22:14:23 2016 us=245586   pkcs11_protected_authentication = DISABLED
Thu Jun  9 22:14:23 2016 us=245599   pkcs11_protected_authentication = DISABLED
Thu Jun  9 22:14:23 2016 us=245612   pkcs11_protected_authentication = DISABLED
Thu Jun  9 22:14:23 2016 us=245625   pkcs11_protected_authentication = DISABLED
Thu Jun  9 22:14:23 2016 us=245638   pkcs11_protected_authentication = DISABLED
Thu Jun  9 22:14:23 2016 us=245650   pkcs11_protected_authentication = DISABLED
Thu Jun  9 22:14:23 2016 us=245663   pkcs11_protected_authentication = DISABLED
Thu Jun  9 22:14:23 2016 us=245676   pkcs11_protected_authentication = DISABLED
Thu Jun  9 22:14:23 2016 us=245689   pkcs11_protected_authentication = DISABLED
Thu Jun  9 22:14:23 2016 us=245702   pkcs11_protected_authentication = DISABLED
Thu Jun  9 22:14:23 2016 us=245715   pkcs11_protected_authentication = DISABLED
Thu Jun  9 22:14:23 2016 us=245728   pkcs11_protected_authentication = DISABLED
Thu Jun  9 22:14:23 2016 us=245742   pkcs11_private_mode = 00000000
Thu Jun  9 22:14:23 2016 us=245754   pkcs11_private_mode = 00000000
Thu Jun  9 22:14:23 2016 us=245777   pkcs11_private_mode = 00000000
Thu Jun  9 22:14:23 2016 us=245808   pkcs11_private_mode = 00000000
Thu Jun  9 22:14:23 2016 us=245837   pkcs11_private_mode = 00000000
Thu Jun  9 22:14:23 2016 us=245852   pkcs11_private_mode = 00000000
Thu Jun  9 22:14:23 2016 us=245865   pkcs11_private_mode = 00000000
Thu Jun  9 22:14:23 2016 us=245878   pkcs11_private_mode = 00000000
Thu Jun  9 22:14:23 2016 us=245891   pkcs11_private_mode = 00000000
Thu Jun  9 22:14:23 2016 us=245903   pkcs11_private_mode = 00000000
Thu Jun  9 22:14:23 2016 us=245916   pkcs11_private_mode = 00000000
Thu Jun  9 22:14:23 2016 us=245928   pkcs11_private_mode = 00000000
Thu Jun  9 22:14:23 2016 us=245941   pkcs11_private_mode = 00000000
Thu Jun  9 22:14:23 2016 us=245954   pkcs11_private_mode = 00000000
Thu Jun  9 22:14:23 2016 us=245967   pkcs11_private_mode = 00000000
Thu Jun  9 22:14:23 2016 us=245980   pkcs11_private_mode = 00000000
Thu Jun  9 22:14:23 2016 us=245993   pkcs11_cert_private = DISABLED
Thu Jun  9 22:14:23 2016 us=246006   pkcs11_cert_private = DISABLED
Thu Jun  9 22:14:23 2016 us=246018   pkcs11_cert_private = DISABLED
Thu Jun  9 22:14:23 2016 us=246031   pkcs11_cert_private = DISABLED
Thu Jun  9 22:14:23 2016 us=246044   pkcs11_cert_private = DISABLED
Thu Jun  9 22:14:23 2016 us=246057   pkcs11_cert_private = DISABLED
Thu Jun  9 22:14:23 2016 us=246070   pkcs11_cert_private = DISABLED
Thu Jun  9 22:14:23 2016 us=246082   pkcs11_cert_private = DISABLED
Thu Jun  9 22:14:23 2016 us=246095   pkcs11_cert_private = DISABLED
Thu Jun  9 22:14:23 2016 us=246108   pkcs11_cert_private = DISABLED
Thu Jun  9 22:14:23 2016 us=246121   pkcs11_cert_private = DISABLED
Thu Jun  9 22:14:23 2016 us=246133   pkcs11_cert_private = DISABLED
Thu Jun  9 22:14:23 2016 us=246146   pkcs11_cert_private = DISABLED
Thu Jun  9 22:14:23 2016 us=246159   pkcs11_cert_private = DISABLED
Thu Jun  9 22:14:23 2016 us=246172   pkcs11_cert_private = DISABLED
Thu Jun  9 22:14:23 2016 us=246185   pkcs11_cert_private = DISABLED
Thu Jun  9 22:14:23 2016 us=246209   pkcs11_pin_cache_period = -1
Thu Jun  9 22:14:23 2016 us=246224   pkcs11_id = '[UNDEF]'
Thu Jun  9 22:14:23 2016 us=246237   pkcs11_id_management = DISABLED
Thu Jun  9 22:14:23 2016 us=246259   server_network = 0.0.0.0
Thu Jun  9 22:14:23 2016 us=246275   server_netmask = 0.0.0.0
Thu Jun  9 22:14:23 2016 us=246294   server_network_ipv6 = ::
Thu Jun  9 22:14:23 2016 us=246307   server_netbits_ipv6 = 0
Thu Jun  9 22:14:23 2016 us=246322   server_bridge_ip = 0.0.0.0
Thu Jun  9 22:14:23 2016 us=246336   server_bridge_netmask = 0.0.0.0
Thu Jun  9 22:14:23 2016 us=246360   server_bridge_pool_start = 0.0.0.0
Thu Jun  9 22:14:23 2016 us=246377   server_bridge_pool_end = 0.0.0.0
Thu Jun  9 22:14:23 2016 us=246400   ifconfig_pool_defined = DISABLED
Thu Jun  9 22:14:23 2016 us=246416   ifconfig_pool_start = 0.0.0.0
Thu Jun  9 22:14:23 2016 us=246431   ifconfig_pool_end = 0.0.0.0
Thu Jun  9 22:14:23 2016 us=246446   ifconfig_pool_netmask = 0.0.0.0
Thu Jun  9 22:14:23 2016 us=246459   ifconfig_pool_persist_filename = '[UNDEF]'
Thu Jun  9 22:14:23 2016 us=246480   ifconfig_pool_persist_refresh_freq = 600
Thu Jun  9 22:14:23 2016 us=246495   ifconfig_ipv6_pool_defined = DISABLED
Thu Jun  9 22:14:23 2016 us=246509   ifconfig_ipv6_pool_base = ::
Thu Jun  9 22:14:23 2016 us=246522   ifconfig_ipv6_pool_netbits = 0
Thu Jun  9 22:14:23 2016 us=246535   n_bcast_buf = 256
Thu Jun  9 22:14:23 2016 us=246548   tcp_queue_limit = 64
Thu Jun  9 22:14:23 2016 us=246561   real_hash_size = 256
Thu Jun  9 22:14:23 2016 us=246574   virtual_hash_size = 256
Thu Jun  9 22:14:23 2016 us=246587   client_connect_script = '[UNDEF]'
Thu Jun  9 22:14:23 2016 us=246601   learn_address_script = '[UNDEF]'
Thu Jun  9 22:14:23 2016 us=246614   client_disconnect_script = '[UNDEF]'
Thu Jun  9 22:14:23 2016 us=246627   client_config_dir = '[UNDEF]'
Thu Jun  9 22:14:23 2016 us=246640   ccd_exclusive = DISABLED
Thu Jun  9 22:14:23 2016 us=246653   tmp_dir = '/tmp'
Thu Jun  9 22:14:23 2016 us=246666   push_ifconfig_defined = DISABLED
Thu Jun  9 22:14:23 2016 us=246715   push_ifconfig_local = 0.0.0.0
Thu Jun  9 22:14:23 2016 us=246734   push_ifconfig_remote_netmask = 0.0.0.0
Thu Jun  9 22:14:23 2016 us=246755   push_ifconfig_ipv6_defined = DISABLED
Thu Jun  9 22:14:23 2016 us=246769   push_ifconfig_ipv6_local = ::/0
Thu Jun  9 22:14:23 2016 us=246795   push_ifconfig_ipv6_remote = ::
Thu Jun  9 22:14:23 2016 us=246808   enable_c2c = DISABLED
Thu Jun  9 22:14:23 2016 us=246822   duplicate_cn = DISABLED
Thu Jun  9 22:14:23 2016 us=246837   cf_max = 0
Thu Jun  9 22:14:23 2016 us=246850   cf_per = 0
Thu Jun  9 22:14:23 2016 us=246863   max_clients = 1024
Thu Jun  9 22:14:23 2016 us=246876   max_routes_per_client = 256
Thu Jun  9 22:14:23 2016 us=246890   auth_user_pass_verify_script = '[UNDEF]'
Thu Jun  9 22:14:23 2016 us=246904   auth_user_pass_verify_script_via_file = DISABLED
Thu Jun  9 22:14:23 2016 us=246917   port_share_host = '[UNDEF]'
Thu Jun  9 22:14:23 2016 us=246930   port_share_port = 0
Thu Jun  9 22:14:23 2016 us=246944   client = ENABLED
Thu Jun  9 22:14:23 2016 us=246957   pull = ENABLED
Thu Jun  9 22:14:23 2016 us=246970   auth_user_pass_file = '[UNDEF]'
Thu Jun  9 22:14:23 2016 us=246988 OpenVPN 2.3.11 x86_64-redhat-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on May 10 2016
Thu Jun  9 22:14:23 2016 us=247004 library versions: OpenSSL 1.0.1e-fips 11 Feb 2013, LZO 2.03
Thu Jun  9 22:14:23 2016 us=248932 WARNING: file '/etc/openvpn/client.key' is group or others accessible
Thu Jun  9 22:14:23 2016 us=249699 LZO compression initialized
Thu Jun  9 22:14:23 2016 us=249842 Control Channel MTU parms [ L:1544 D:1210 EF:40 EB:0 ET:0 EL:3 ]
Thu Jun  9 22:14:23 2016 us=249904 Socket Buffers: R=[87380->87380] S=[16384->16384]
Thu Jun  9 22:14:23 2016 us=253591 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:143 ET:0 EL:3 AF:3/1 ]
Thu Jun  9 22:14:23 2016 us=253662 Local Options String: 'V4,dev-type tun,link-mtu 1544,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Thu Jun  9 22:14:23 2016 us=253684 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1544,tun-mtu 1500,proto TCPv4_SERVER,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Thu Jun  9 22:14:23 2016 us=253730 Local Options hash (VER=V4): '69109d17'
Thu Jun  9 22:14:23 2016 us=253759 Expected Remote Options hash (VER=V4): 'c0103fa8'
Thu Jun  9 22:14:23 2016 us=253816 Attempting to establish TCP connection with [AF_INET]130.xxx.xxx.xxx:2443 [nonblock]
Thu Jun  9 22:14:23 2016 us=253912 TCP: connect to [AF_INET]130.xxx.xxx.xxx:2443 failed, will try again in 5 seconds: Permission denied
Thu Jun  9 22:14:28 2016 us=256837 TCP: connect to [AF_INET]130.xxx.xxx.xxx:2443 failed, will try again in 5 seconds: Permission denied
Thu Jun  9 22:14:33 2016 us=271210 TCP: connect to [AF_INET]130.xxx.xxx.xxx:2443 failed, will try again in 5 seconds: Permission denied
Thu Jun  9 22:14:38 2016 us=277895 TCP: connect to [AF_INET]130.xxx.xxx.xxx:2443 failed, will try again in 5 seconds: Permission denied
Thu Jun  9 22:14:43 2016 us=280481 TCP: connect to [AF_INET]130.xxx.xxx.xxx:2443 failed, will try again in 5 seconds: Permission denied
Thu Jun  9 22:14:48 2016 us=283005 TCP: connect to [AF_INET]130.xxx.xxx.xxx:2443 failed, will try again in 5 seconds: Permission denied
Thu Jun  9 22:14:53 2016 us=285851 TCP: connect to [AF_INET]130.xxx.xxx.xxx:2443 failed, will try again in 5 seconds: Permission denied
Thu Jun  9 22:14:53 2016 us=517567 SIGTERM[hard,init_instance] received, process exiting
So, I guess moving the parameters to the conf-file is elegant but didn't help in this case.

Any other ideas where this Permission denied can come from?

darkwind
OpenVPN User
Posts: 11
Joined: Thu Jun 09, 2016 11:10 am

Re: Openvpn client fails to access server when started as a service

Post by darkwind » Thu Jun 09, 2016 9:18 pm

Hi,

I kept working on this issue.
The problem is not openvpn itself. It seems to be an issue with the script /etc/init.d/openvpn
But not even with the script itself.

Here is the behavior:

I run

Code: Select all

/etc/init.d/openvpn start
and it fails to connect.

I copy the same file to the same folder with the name testvpn:

Code: Select all

cp /etc/init.d/openvpn /etc/init.d/testvpn
Then I do the same call of the script with the copy

Code: Select all

/etc/init.d/testvpn start
and it works. :ugeek:

So the issue must be with the name and the way the service works. But I am no expert in this myself. I just do know now where to dig further.
I will keep this thread posted about my progress.

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 3243
Joined: Fri Jun 03, 2016 1:17 pm

Re: Openvpn client fails to access server when started as a service

Post by TinCanTech » Thu Jun 09, 2016 9:23 pm

I am installing Cent OS in a VM ;)

darkwind
OpenVPN User
Posts: 11
Joined: Thu Jun 09, 2016 11:10 am

Re: Openvpn client fails to access server when started as a service

Post by darkwind » Thu Jun 09, 2016 9:52 pm

The problem is solved. Almost.

The problem maker was selinux. As I usually use ubuntu and not centos I haven't made much experience with this NSA-driven security system.

How did I get to it?

After I realized that the name was the problem I made a grep on /etc

Code: Select all

grep -R /etc 2>/dev/null
and quickly I read something like that

Code: Select all

selinux/targeted/modules/active/file_contexts:/usr/sbin/openvpn --      system_u:object_r:openvpn_exec_t:s0
And then I had a way more to go. And google quickly guided me to here:
https://ask.fedoraproject.org/en/questi ... onnection/

And so I found the solution:

Code: Select all

setenforce 0
And after that - even /etc/init.d/openvpn could connect

Code: Select all

/etc/init.d/openvpn start
Happy end. And I am not fond of a sequel. :lol:

Thank you very, very much for your support. It helped me a lot to know that I wasn't alone. It prevented me from going insane. :mrgreen:

Cheers,
Alex

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 3243
Joined: Fri Jun 03, 2016 1:17 pm

Re: Openvpn client fails to access server when started as a service

Post by TinCanTech » Thu Jun 09, 2016 10:06 pm

Thank you for your excellent feedback 8-)

darkwind
OpenVPN User
Posts: 11
Joined: Thu Jun 09, 2016 11:10 am

Re: Openvpn client fails to access server when started as a service

Post by darkwind » Thu Jun 09, 2016 10:39 pm

To finalize this:

The underlying problem was, that I didn't use the openvpn tcp default port, which is 443 but used 2443
This was a non allowed port for openvpn by selinux.

This is the way to go fix this:

1) Install semanage. This is a very helpful python tool. To find out which package contains semanage run

Code: Select all

yum provides \*/semanage
2) Then install it from the package that your search told you

Code: Select all

yum install policycoreutils-python
3) Add the port to the list of allowed ports. In my case TCP-port 2443. You can do this for any udp port too which is not default (1194)

Code: Select all

semanage port -a -t openvpn_port_t -p tcp 2443
That's all. All done well. No more problems on this site. Over and out. :D

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 3243
Joined: Fri Jun 03, 2016 1:17 pm

Re: [Solved] Openvp fails to access server when started as a service CentOS

Post by TinCanTech » Fri Jun 10, 2016 12:16 am

Thank you for your excellent follow up.

I would recommend you join the mailing lists to keep up to date with openvpn.

Highest regards.

* Closing thread *

Locked