Nothing. Here's the full log at verb level 5:
Code: Select all
WARNING: --keysize is DEPRECATED and will be removed in OpenVPN 2.6
Current Parameter Settings:
config = 'UK-VPN.conf'
mode = 0
persist_config = DISABLED
persist_mode = 1
show_ciphers = DISABLED
show_digests = DISABLED
show_engines = DISABLED
genkey = DISABLED
key_pass_file = '[UNDEF]'
show_tls_ciphers = DISABLED
connect_retry_max = 0
Connection profiles [0]:
proto = udp
local = '[UNDEF]'
local_port = '[UNDEF]'
remote = 'uk-berkshire-2-ca-version-2.expressnetw.com'
remote_port = '1195'
remote_float = DISABLED
bind_defined = DISABLED
bind_local = DISABLED
bind_ipv6_only = DISABLED
connect_retry_seconds = 5
connect_timeout = 120
socks_proxy_server = '[UNDEF]'
socks_proxy_port = '[UNDEF]'
tun_mtu = 1500
tun_mtu_defined = ENABLED
link_mtu = 1500
link_mtu_defined = DISABLED
tun_mtu_extra = 0
tun_mtu_extra_defined = DISABLED
mtu_discover_type = -1
fragment = 1300
mssfix = 1450
explicit_exit_notification = 0
Connection profiles END
remote_random = ENABLED
ipchange = '[UNDEF]'
dev = 'tun'
dev_type = '[UNDEF]'
dev_node = '[UNDEF]'
lladdr = '[UNDEF]'
topology = 1
ifconfig_local = '[UNDEF]'
ifconfig_remote_netmask = '[UNDEF]'
ifconfig_noexec = DISABLED
ifconfig_nowarn = DISABLED
ifconfig_ipv6_local = '[UNDEF]'
ifconfig_ipv6_netbits = 0
ifconfig_ipv6_remote = '[UNDEF]'
shaper = 0
mtu_test = 0
mlock = DISABLED
keepalive_ping = 0
keepalive_timeout = 0
inactivity_timeout = 0
ping_send_timeout = 0
ping_rec_timeout = 0
ping_rec_timeout_action = 0
ping_timer_remote = DISABLED
remap_sigusr1 = 0
persist_tun = ENABLED
persist_local_ip = DISABLED
persist_remote_ip = DISABLED
persist_key = ENABLED
passtos = DISABLED
resolve_retry_seconds = 1000000000
resolve_in_advance = DISABLED
username = '[UNDEF]'
groupname = '[UNDEF]'
chroot_dir = '[UNDEF]'
cd_dir = '[UNDEF]'
selinux_context = '[UNDEF]'
writepid = '[UNDEF]'
up_script = '/etc/openvpn/tunup.sh'
down_script = '/etc/openvpn/tundown.sh'
down_pre = DISABLED
up_restart = DISABLED
up_delay = DISABLED
daemon = DISABLED
inetd = 0
log = ENABLED
suppress_timestamps = ENABLED
machine_readable_output = DISABLED
nice = 0
verbosity = 5
mute = 0
gremlin = 0
status_file = '/var/log/openvpn/status-UK-VPN.log'
status_file_version = 1
status_file_update_freq = 60
occ = ENABLED
rcvbuf = 524288
sndbuf = 524288
mark = 0
sockflags = 0
fast_io = ENABLED
comp.alg = 2
comp.flags = 1
route_script = '/etc/openvpn/routeup.sh'
route_default_gateway = '[UNDEF]'
route_default_metric = 0
route_noexec = ENABLED
route_delay = 2
route_delay_window = 30
route_delay_defined = ENABLED
route_nopull = DISABLED
route_gateway_via_dhcp = DISABLED
allow_pull_fqdn = DISABLED
management_addr = '[UNDEF]'
management_port = '[UNDEF]'
management_user_pass = '[UNDEF]'
management_log_history_cache = 250
management_echo_buffer_size = 100
management_write_peer_info_file = '[UNDEF]'
management_client_user = '[UNDEF]'
management_client_group = '[UNDEF]'
management_flags = 0
shared_secret_file = '[UNDEF]'
key_direction = 2
ciphername = 'AES-256-CBC'
ncp_enabled = ENABLED
ncp_ciphers = 'AES-256-GCM:AES-128-GCM'
authname = 'SHA512'
prng_hash = 'SHA1'
prng_nonce_secret_len = 16
keysize = 32
engine = DISABLED
replay = ENABLED
mute_replay_warnings = DISABLED
replay_window = 64
replay_time = 15
packet_id_file = '[UNDEF]'
use_iv = ENABLED
test_crypto = DISABLED
tls_server = DISABLED
tls_client = ENABLED
key_method = 2
ca_file = '[[INLINE]]'
ca_path = '[UNDEF]'
dh_file = '[UNDEF]'
cert_file = '[[INLINE]]'
extra_certs_file = '[UNDEF]'
priv_key_file = '[[INLINE]]'
pkcs12_file = '[UNDEF]'
cipher_list = '[UNDEF]'
tls_verify = '[UNDEF]'
tls_export_cert = '[UNDEF]'
verify_x509_type = 3
verify_x509_name = 'Server'
crl_file = '[UNDEF]'
ns_cert_type = 1
remote_cert_ku[i] = 0
remote_cert_ku[i] = 0
remote_cert_ku[i] = 0
remote_cert_ku[i] = 0
remote_cert_ku[i] = 0
remote_cert_ku[i] = 0
remote_cert_ku[i] = 0
remote_cert_ku[i] = 0
remote_cert_ku[i] = 0
remote_cert_ku[i] = 0
remote_cert_ku[i] = 0
remote_cert_ku[i] = 0
remote_cert_ku[i] = 0
remote_cert_ku[i] = 0
remote_cert_ku[i] = 0
remote_cert_ku[i] = 0
remote_cert_eku = '[UNDEF]'
ssl_flags = 0
tls_timeout = 2
renegotiate_bytes = -1
renegotiate_packets = 0
renegotiate_seconds = 3600
handshake_window = 60
transition_window = 3600
single_session = DISABLED
push_peer_info = DISABLED
tls_exit = DISABLED
tls_auth_file = '[[INLINE]]'
tls_crypt_file = '[UNDEF]'
pkcs11_protected_authentication = DISABLED
pkcs11_protected_authentication = DISABLED
pkcs11_protected_authentication = DISABLED
pkcs11_protected_authentication = DISABLED
pkcs11_protected_authentication = DISABLED
pkcs11_protected_authentication = DISABLED
pkcs11_protected_authentication = DISABLED
pkcs11_protected_authentication = DISABLED
pkcs11_protected_authentication = DISABLED
pkcs11_protected_authentication = DISABLED
pkcs11_protected_authentication = DISABLED
pkcs11_protected_authentication = DISABLED
pkcs11_protected_authentication = DISABLED
pkcs11_protected_authentication = DISABLED
pkcs11_protected_authentication = DISABLED
pkcs11_protected_authentication = DISABLED
pkcs11_private_mode = 00000000
pkcs11_private_mode = 00000000
pkcs11_private_mode = 00000000
pkcs11_private_mode = 00000000
pkcs11_private_mode = 00000000
pkcs11_private_mode = 00000000
pkcs11_private_mode = 00000000
pkcs11_private_mode = 00000000
pkcs11_private_mode = 00000000
pkcs11_private_mode = 00000000
pkcs11_private_mode = 00000000
pkcs11_private_mode = 00000000
pkcs11_private_mode = 00000000
pkcs11_private_mode = 00000000
pkcs11_private_mode = 00000000
pkcs11_private_mode = 00000000
pkcs11_cert_private = DISABLED
pkcs11_cert_private = DISABLED
pkcs11_cert_private = DISABLED
pkcs11_cert_private = DISABLED
pkcs11_cert_private = DISABLED
pkcs11_cert_private = DISABLED
pkcs11_cert_private = DISABLED
pkcs11_cert_private = DISABLED
pkcs11_cert_private = DISABLED
pkcs11_cert_private = DISABLED
pkcs11_cert_private = DISABLED
pkcs11_cert_private = DISABLED
pkcs11_cert_private = DISABLED
pkcs11_cert_private = DISABLED
pkcs11_cert_private = DISABLED
pkcs11_cert_private = DISABLED
pkcs11_pin_cache_period = -1
pkcs11_id = '[UNDEF]'
pkcs11_id_management = DISABLED
server_network = 0.0.0.0
server_netmask = 0.0.0.0
server_network_ipv6 = ::
server_netbits_ipv6 = 0
server_bridge_ip = 0.0.0.0
server_bridge_netmask = 0.0.0.0
server_bridge_pool_start = 0.0.0.0
server_bridge_pool_end = 0.0.0.0
ifconfig_pool_defined = DISABLED
ifconfig_pool_start = 0.0.0.0
ifconfig_pool_end = 0.0.0.0
ifconfig_pool_netmask = 0.0.0.0
ifconfig_pool_persist_filename = '[UNDEF]'
ifconfig_pool_persist_refresh_freq = 600
ifconfig_ipv6_pool_defined = DISABLED
ifconfig_ipv6_pool_base = ::
ifconfig_ipv6_pool_netbits = 0
n_bcast_buf = 256
tcp_queue_limit = 64
real_hash_size = 256
virtual_hash_size = 256
client_connect_script = '[UNDEF]'
learn_address_script = '[UNDEF]'
client_disconnect_script = '[UNDEF]'
client_config_dir = '[UNDEF]'
ccd_exclusive = DISABLED
tmp_dir = '/tmp'
push_ifconfig_defined = DISABLED
push_ifconfig_local = 0.0.0.0
push_ifconfig_remote_netmask = 0.0.0.0
push_ifconfig_ipv6_defined = DISABLED
push_ifconfig_ipv6_local = ::/0
push_ifconfig_ipv6_remote = ::
enable_c2c = DISABLED
duplicate_cn = DISABLED
cf_max = 0
cf_per = 0
max_clients = 1024
max_routes_per_client = 256
auth_user_pass_verify_script = '[UNDEF]'
auth_user_pass_verify_script_via_file = DISABLED
auth_token_generate = DISABLED
auth_token_lifetime = 0
port_share_host = '[UNDEF]'
port_share_port = '[UNDEF]'
client = DISABLED
pull = ENABLED
auth_user_pass_file = '[UNDEF]'
OpenVPN 2.4.4 x86_64-redhat-linux-gnu [Fedora EPEL patched] [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Sep 26 2017
library versions: OpenSSL 1.0.2k-fips 26 Jan 2017, LZO 2.06
WARNING: --ns-cert-type is DEPRECATED. Use --remote-cert-tls instead.
NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
LZO compression initializing
Control Channel MTU parms [ L:1626 D:1140 EF:110 EB:0 ET:0 EL:3 ]
Data Channel MTU parms [ L:1626 D:1450 EF:126 EB:407 ET:0 EL:3 ]
Fragmentation MTU parms [ L:1626 D:1300 EF:125 EB:407 ET:1 EL:3 ]
Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1606,tun-mtu 1500,proto UDPv4,comp-lzo,mtu-dynamic,keydir 1,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-client'
Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1606,tun-mtu 1500,proto UDPv4,comp-lzo,mtu-dynamic,keydir 0,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-server'
TCP/UDP: Preserving recently used remote address: [AF_INET]217.147.89.17:1195
Socket Buffers: R=[212992->425984] S=[212992->425984]
UDP link local: (not bound)
UDP link remote: [AF_INET]217.147.89.17:1195
WRTLS: Initial packet from [AF_INET]217.147.89.17:1195, sid=1b9d4c6a 92a9fb71
WWRWRVERIFY OK: depth=1, C=VG, ST=BVI, O=ExpressVPN, OU=ExpressVPN, CN=ExpressVPN CA, emailAddress=support@expressvpn.com
VERIFY OK: nsCertType=SERVER
VERIFY X509NAME OK: C=VG, ST=BVI, O=ExpressVPN, OU=ExpressVPN, CN=Server-1222-1a, emailAddress=support@expressvpn.com
VERIFY OK: depth=0, C=VG, ST=BVI, O=ExpressVPN, OU=ExpressVPN, CN=Server-1222-1a, emailAddress=support@expressvpn.com
WRWWRRWRWControl Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
[Server-1222-1a] Peer Connection Initiated with [AF_INET]217.147.89.17:1195
SENT CONTROL [Server-1222-1a]: 'PUSH_REQUEST' (status=1)
WRRPUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.128.0.1,route 10.128.0.1,topology net30,ping 10,ping-restart 60,ifconfig 10.128.5.62 10.128.5.61'
OPTIONS IMPORT: timers and/or timeouts modified
OPTIONS IMPORT: --ifconfig/up options modified
OPTIONS IMPORT: route options modified
OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Data Channel MTU parms [ L:1606 D:1450 EF:106 EB:407 ET:0 EL:3 ]
Outgoing Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
Outgoing Data Channel: Using 512 bit message hash 'SHA512' for HMAC authentication
Incoming Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
Incoming Data Channel: Using 512 bit message hash 'SHA512' for HMAC authentication
ROUTE_GATEWAY 76.91.192.1/255.255.240.0 IFACE=eno1 HWADDR=00:25:90:a6:75:d0
TUN/TAP device tun0 opened
TUN/TAP TX queue length set to 250
do_ifconfig, tt->did_ifconfig_ipv6_setup=0
/sbin/ip link set dev tun0 up mtu 1500
/sbin/ip addr add dev tun0 local 10.128.5.62 peer 10.128.5.61
/etc/openvpn/tunup.sh tun0 1500 1606 10.128.5.62 10.128.5.61 init
WrWWARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Initialization Sequence Completed
rWevent_wait : Interrupted system call (code=4)
TCP/UDP: Closing socket
Closing TUN/TAP interface
/sbin/ip addr del dev tun0 local 10.128.5.62 peer 10.128.5.61
/etc/openvpn/tundown.sh tun0 1500 1606 10.128.5.62 10.128.5.61 init
SIGTERM[hard,] received, process exiting
I just copied the config from my CentOS 7 system (OpenVPN 2.4.4) to a Slackware 14.2 (OpenVPN 2.3.17) and here it appeared do work:
Code: Select all
root@The-Tardis:~/ExpreessVPN# cat /tmp/doflip
# Tun-up
# Route-up
# Tun-down
root@The-Tardis:~/ExpreessVPN#
Cheers.