Cert + Pam authentication trouble

Scripts which allow the use of special authentication methods (LDAP, AD, MySQL/PostgreSQL, etc).
Post Reply
mariern
OpenVpn Newbie
Posts: 2
Joined: Tue Dec 19, 2017 10:11 pm

Cert + Pam authentication trouble

Post by mariern » Tue Dec 19, 2017 11:01 pm

So my goal is to have an OpenVPN server running that I can access by using a certificate as well as a username and password. The username/password authentication would be used through the login PAM module on Ubuntu 17.10, if at all possible.

The part where I'm thinking it fails is the plugin line in the server config. I'm not sure that's the proper way to use the PAM authentication plugin, since I've seen a lot of different ways it has been done in other tutorials. Although, after hours of digging about this issue on google, I've yet to find a way to make it work, so any help would be truly appreciated.

(server.conf)

Code: Select all

port 37
proto udp
dev tun
sndbuf 0
rcvbuf 0
ca ca.crt
cert server.crt
key server.key
dh dh.pem
auth SHA512
tls-auth ta.key 0
topology subnet
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"
keepalive 10 120
cipher AES-256-CBC
comp-lzo
persist-key
user nobody
group nogroup
persist-tun
status openvpn-status.log
verb 4
crl-verify crl.pem
log-append /etc/openvpn/openvpn.log
plugin /usr/share/openvpn/plugin/lib/openvpn-auth-pam.so "login login USERNAME password PASSWORD"
(server log)

Code: Select all

Tue Dec 19 17:52:15 2017 us=308227 Current Parameter Settings:
Tue Dec 19 17:52:15 2017 us=308312   config = '/etc/openvpn/server.conf'
Tue Dec 19 17:52:15 2017 us=308328   mode = 1
Tue Dec 19 17:52:15 2017 us=308341   persist_config = DISABLED
Tue Dec 19 17:52:15 2017 us=308353   persist_mode = 1
Tue Dec 19 17:52:15 2017 us=308365   show_ciphers = DISABLED
Tue Dec 19 17:52:15 2017 us=308377   show_digests = DISABLED
Tue Dec 19 17:52:15 2017 us=308390   show_engines = DISABLED
Tue Dec 19 17:52:15 2017 us=308402   genkey = DISABLED
Tue Dec 19 17:52:15 2017 us=308414   key_pass_file = '[UNDEF]'
Tue Dec 19 17:52:15 2017 us=308426   show_tls_ciphers = DISABLED
Tue Dec 19 17:52:15 2017 us=308438   connect_retry_max = 0
Tue Dec 19 17:52:15 2017 us=308450 Connection profiles [0]:
Tue Dec 19 17:52:15 2017 us=308463   proto = udp
Tue Dec 19 17:52:15 2017 us=308475   local = '[UNDEF]'
Tue Dec 19 17:52:15 2017 us=308487   local_port = '37'
Tue Dec 19 17:52:15 2017 us=308499   remote = '[UNDEF]'
Tue Dec 19 17:52:15 2017 us=308511   remote_port = '37'
Tue Dec 19 17:52:15 2017 us=308523   remote_float = DISABLED
Tue Dec 19 17:52:15 2017 us=308535   bind_defined = DISABLED
Tue Dec 19 17:52:15 2017 us=308548   bind_local = ENABLED
Tue Dec 19 17:52:15 2017 us=308559   bind_ipv6_only = DISABLED
Tue Dec 19 17:52:15 2017 us=308572   connect_retry_seconds = 5
Tue Dec 19 17:52:15 2017 us=308584   connect_timeout = 120
Tue Dec 19 17:52:15 2017 us=308596   socks_proxy_server = '[UNDEF]'
Tue Dec 19 17:52:15 2017 us=308608   socks_proxy_port = '[UNDEF]'
Tue Dec 19 17:52:15 2017 us=308620   tun_mtu = 1500
Tue Dec 19 17:52:15 2017 us=308632   tun_mtu_defined = ENABLED
Tue Dec 19 17:52:15 2017 us=308644   link_mtu = 1500
Tue Dec 19 17:52:15 2017 us=308656   link_mtu_defined = DISABLED
Tue Dec 19 17:52:15 2017 us=308668   tun_mtu_extra = 0
Tue Dec 19 17:52:15 2017 us=308680   tun_mtu_extra_defined = DISABLED
Tue Dec 19 17:52:15 2017 us=308693   mtu_discover_type = -1
Tue Dec 19 17:52:15 2017 us=308705   fragment = 0
Tue Dec 19 17:52:15 2017 us=308717   mssfix = 1450
Tue Dec 19 17:52:15 2017 us=308729   explicit_exit_notification = 0
Tue Dec 19 17:52:15 2017 us=308741 Connection profiles END
Tue Dec 19 17:52:15 2017 us=308753   remote_random = DISABLED
Tue Dec 19 17:52:15 2017 us=308765   ipchange = '[UNDEF]'
Tue Dec 19 17:52:15 2017 us=308777   dev = 'tun'
Tue Dec 19 17:52:15 2017 us=308789   dev_type = '[UNDEF]'
Tue Dec 19 17:52:15 2017 us=308801   dev_node = '[UNDEF]'
Tue Dec 19 17:52:15 2017 us=308813   lladdr = '[UNDEF]'
Tue Dec 19 17:52:15 2017 us=308825   topology = 3
Tue Dec 19 17:52:15 2017 us=308837   ifconfig_local = '10.8.0.1'
Tue Dec 19 17:52:15 2017 us=308850   ifconfig_remote_netmask = '255.255.255.0'
Tue Dec 19 17:52:15 2017 us=308862   ifconfig_noexec = DISABLED
Tue Dec 19 17:52:15 2017 us=308874   ifconfig_nowarn = DISABLED
Tue Dec 19 17:52:15 2017 us=308886   ifconfig_ipv6_local = '[UNDEF]'
Tue Dec 19 17:52:15 2017 us=308898   ifconfig_ipv6_netbits = 0
Tue Dec 19 17:52:15 2017 us=308910   ifconfig_ipv6_remote = '[UNDEF]'
Tue Dec 19 17:52:15 2017 us=308922   shaper = 0
Tue Dec 19 17:52:15 2017 us=308934   mtu_test = 0
Tue Dec 19 17:52:15 2017 us=308946   mlock = DISABLED
Tue Dec 19 17:52:15 2017 us=308958   keepalive_ping = 10
Tue Dec 19 17:52:15 2017 us=308970   keepalive_timeout = 120
Tue Dec 19 17:52:15 2017 us=308983   inactivity_timeout = 0
Tue Dec 19 17:52:15 2017 us=308994   ping_send_timeout = 10
Tue Dec 19 17:52:15 2017 us=309006   ping_rec_timeout = 240
Tue Dec 19 17:52:15 2017 us=309018   ping_rec_timeout_action = 2
Tue Dec 19 17:52:15 2017 us=309030   ping_timer_remote = DISABLED
Tue Dec 19 17:52:15 2017 us=309042   remap_sigusr1 = 0
Tue Dec 19 17:52:15 2017 us=309054   persist_tun = ENABLED
Tue Dec 19 17:52:15 2017 us=309066   persist_local_ip = DISABLED
Tue Dec 19 17:52:15 2017 us=309078   persist_remote_ip = DISABLED
Tue Dec 19 17:52:15 2017 us=309090   persist_key = ENABLED
Tue Dec 19 17:52:15 2017 us=309102   passtos = DISABLED
Tue Dec 19 17:52:15 2017 us=309115   resolve_retry_seconds = 1000000000
Tue Dec 19 17:52:15 2017 us=309127   resolve_in_advance = DISABLED
Tue Dec 19 17:52:15 2017 us=309148   username = 'nobody'
Tue Dec 19 17:52:15 2017 us=309161   groupname = 'nogroup'
Tue Dec 19 17:52:15 2017 us=309174   chroot_dir = '[UNDEF]'
Tue Dec 19 17:52:15 2017 us=309186   cd_dir = '/etc/openvpn'
Tue Dec 19 17:52:15 2017 us=309198   writepid = '/run/openvpn/server.pid'
Tue Dec 19 17:52:15 2017 us=309210   up_script = '[UNDEF]'
Tue Dec 19 17:52:15 2017 us=309222   down_script = '[UNDEF]'
Tue Dec 19 17:52:15 2017 us=309333   down_pre = DISABLED
Tue Dec 19 17:52:15 2017 us=309354   up_restart = DISABLED
Tue Dec 19 17:52:15 2017 us=309367   up_delay = DISABLED
Tue Dec 19 17:52:15 2017 us=309379   daemon = ENABLED
Tue Dec 19 17:52:15 2017 us=309391   inetd = 0
Tue Dec 19 17:52:15 2017 us=309403   log = ENABLED
Tue Dec 19 17:52:15 2017 us=309415   suppress_timestamps = DISABLED
Tue Dec 19 17:52:15 2017 us=309428   machine_readable_output = DISABLED
Tue Dec 19 17:52:15 2017 us=309440   nice = 0
Tue Dec 19 17:52:15 2017 us=309452   verbosity = 6
Tue Dec 19 17:52:15 2017 us=309464   mute = 0
Tue Dec 19 17:52:15 2017 us=309476   gremlin = 0
Tue Dec 19 17:52:15 2017 us=309488   status_file = 'openvpn-status.log'
Tue Dec 19 17:52:15 2017 us=309500   status_file_version = 1
Tue Dec 19 17:52:15 2017 us=309512   status_file_update_freq = 10
Tue Dec 19 17:52:15 2017 us=309524   occ = ENABLED
Tue Dec 19 17:52:15 2017 us=309536   rcvbuf = 0
Tue Dec 19 17:52:15 2017 us=309548   sndbuf = 0
Tue Dec 19 17:52:15 2017 us=309560   mark = 0
Tue Dec 19 17:52:15 2017 us=309571   sockflags = 0
Tue Dec 19 17:52:15 2017 us=309583   fast_io = DISABLED
Tue Dec 19 17:52:15 2017 us=309595   comp.alg = 2
Tue Dec 19 17:52:15 2017 us=309607   comp.flags = 1
Tue Dec 19 17:52:15 2017 us=309619   route_script = '[UNDEF]'
Tue Dec 19 17:52:15 2017 us=309631   route_default_gateway = '10.8.0.2'
Tue Dec 19 17:52:15 2017 us=309643   route_default_metric = 0
Tue Dec 19 17:52:15 2017 us=309656   route_noexec = DISABLED
Tue Dec 19 17:52:15 2017 us=309668   route_delay = 0
Tue Dec 19 17:52:15 2017 us=309680   route_delay_window = 30
Tue Dec 19 17:52:15 2017 us=309692   route_delay_defined = DISABLED
Tue Dec 19 17:52:15 2017 us=309704   route_nopull = DISABLED
Tue Dec 19 17:52:15 2017 us=309717   route_gateway_via_dhcp = DISABLED
Tue Dec 19 17:52:15 2017 us=309729   allow_pull_fqdn = DISABLED
Tue Dec 19 17:52:15 2017 us=309741   management_addr = '[UNDEF]'
Tue Dec 19 17:52:15 2017 us=309753   management_port = '[UNDEF]'
Tue Dec 19 17:52:15 2017 us=309766   management_user_pass = '[UNDEF]'
Tue Dec 19 17:52:15 2017 us=309778   management_log_history_cache = 250
Tue Dec 19 17:52:15 2017 us=309791   management_echo_buffer_size = 100
Tue Dec 19 17:52:15 2017 us=309803   management_write_peer_info_file = '[UNDEF]'
Tue Dec 19 17:52:15 2017 us=309815   management_client_user = '[UNDEF]'
Tue Dec 19 17:52:15 2017 us=309828   management_client_group = '[UNDEF]'
Tue Dec 19 17:52:15 2017 us=309840   management_flags = 0
Tue Dec 19 17:52:15 2017 us=309866   plugin[0] /usr/share/openvpn/plugin/lib/openvpn-auth-pam.so '[/usr/share/openvpn/plugin/lib/openvpn-auth-pam.so] [login] [login] [USERNAME] [password] [PASSWORD]'
Tue Dec 19 17:52:15 2017 us=309880   shared_secret_file = '[UNDEF]'
Tue Dec 19 17:52:15 2017 us=309892   key_direction = 1
Tue Dec 19 17:52:15 2017 us=309905   ciphername = 'AES-256-CBC'
Tue Dec 19 17:52:15 2017 us=309917   ncp_enabled = ENABLED
Tue Dec 19 17:52:15 2017 us=309930   ncp_ciphers = 'AES-256-GCM:AES-128-GCM'
Tue Dec 19 17:52:15 2017 us=309942   authname = 'SHA512'
Tue Dec 19 17:52:15 2017 us=309954   prng_hash = 'SHA1'
Tue Dec 19 17:52:15 2017 us=309967   prng_nonce_secret_len = 16
Tue Dec 19 17:52:15 2017 us=309979   keysize = 0
Tue Dec 19 17:52:15 2017 us=309992   engine = DISABLED
Tue Dec 19 17:52:15 2017 us=310004   replay = ENABLED
Tue Dec 19 17:52:15 2017 us=310016   mute_replay_warnings = DISABLED
Tue Dec 19 17:52:15 2017 us=310029   replay_window = 64
Tue Dec 19 17:52:15 2017 us=310041   replay_time = 15
Tue Dec 19 17:52:15 2017 us=310053   packet_id_file = '[UNDEF]'
Tue Dec 19 17:52:15 2017 us=310075   use_iv = ENABLED
Tue Dec 19 17:52:15 2017 us=310088   test_crypto = DISABLED
Tue Dec 19 17:52:15 2017 us=310100   tls_server = ENABLED
Tue Dec 19 17:52:15 2017 us=310113   tls_client = DISABLED
Tue Dec 19 17:52:15 2017 us=310125   key_method = 2
Tue Dec 19 17:52:15 2017 us=310137   ca_file = 'ca.crt'
Tue Dec 19 17:52:15 2017 us=310149   ca_path = '[UNDEF]'
Tue Dec 19 17:52:15 2017 us=310161   dh_file = 'dh.pem'
Tue Dec 19 17:52:15 2017 us=310174   cert_file = 'server.crt'
Tue Dec 19 17:52:15 2017 us=310186   extra_certs_file = '[UNDEF]'
Tue Dec 19 17:52:15 2017 us=310199   priv_key_file = 'server.key'
Tue Dec 19 17:52:15 2017 us=310211   pkcs12_file = '[UNDEF]'
Tue Dec 19 17:52:15 2017 us=310223   cipher_list = '[UNDEF]'
Tue Dec 19 17:52:15 2017 us=310235   tls_verify = '[UNDEF]'
Tue Dec 19 17:52:15 2017 us=310247   tls_export_cert = '[UNDEF]'
Tue Dec 19 17:52:15 2017 us=310259   verify_x509_type = 0
Tue Dec 19 17:52:15 2017 us=310271   verify_x509_name = '[UNDEF]'
Tue Dec 19 17:52:15 2017 us=310283   crl_file = 'crl.pem'
Tue Dec 19 17:52:15 2017 us=310296   ns_cert_type = 0
Tue Dec 19 17:52:15 2017 us=310308   remote_cert_ku[i] = 0
Tue Dec 19 17:52:15 2017 us=310320   remote_cert_ku[i] = 0
Tue Dec 19 17:52:15 2017 us=310332   remote_cert_ku[i] = 0
Tue Dec 19 17:52:15 2017 us=310344   remote_cert_ku[i] = 0
Tue Dec 19 17:52:15 2017 us=310357   remote_cert_ku[i] = 0
Tue Dec 19 17:52:15 2017 us=310369   remote_cert_ku[i] = 0
Tue Dec 19 17:52:15 2017 us=310381   remote_cert_ku[i] = 0
Tue Dec 19 17:52:15 2017 us=310393   remote_cert_ku[i] = 0
Tue Dec 19 17:52:15 2017 us=310405   remote_cert_ku[i] = 0
Tue Dec 19 17:52:15 2017 us=310417   remote_cert_ku[i] = 0
Tue Dec 19 17:52:15 2017 us=310429   remote_cert_ku[i] = 0
Tue Dec 19 17:52:15 2017 us=310441   remote_cert_ku[i] = 0
Tue Dec 19 17:52:15 2017 us=310454   remote_cert_ku[i] = 0
Tue Dec 19 17:52:15 2017 us=310466   remote_cert_ku[i] = 0
Tue Dec 19 17:52:15 2017 us=310478   remote_cert_ku[i] = 0
Tue Dec 19 17:52:15 2017 us=310490   remote_cert_ku[i] = 0
Tue Dec 19 17:52:15 2017 us=310502   remote_cert_eku = '[UNDEF]'
Tue Dec 19 17:52:15 2017 us=310515   ssl_flags = 0
Tue Dec 19 17:52:15 2017 us=310527   tls_timeout = 2
Tue Dec 19 17:52:15 2017 us=310539   renegotiate_bytes = -1
Tue Dec 19 17:52:15 2017 us=310551   renegotiate_packets = 0
Tue Dec 19 17:52:15 2017 us=310563   renegotiate_seconds = 3600
Tue Dec 19 17:52:15 2017 us=310575   handshake_window = 60
Tue Dec 19 17:52:15 2017 us=310588   transition_window = 3600
Tue Dec 19 17:52:15 2017 us=310600   single_session = DISABLED
Tue Dec 19 17:52:15 2017 us=310612   push_peer_info = DISABLED
Tue Dec 19 17:52:15 2017 us=310625   tls_exit = DISABLED
Tue Dec 19 17:52:15 2017 us=310637   tls_auth_file = 'ta.key'
Tue Dec 19 17:52:15 2017 us=310650   tls_crypt_file = '[UNDEF]'
Tue Dec 19 17:52:15 2017 us=310662   pkcs11_protected_authentication = DISABLED
Tue Dec 19 17:52:15 2017 us=310674   pkcs11_protected_authentication = DISABLED
Tue Dec 19 17:52:15 2017 us=310686   pkcs11_protected_authentication = DISABLED
Tue Dec 19 17:52:15 2017 us=310699   pkcs11_protected_authentication = DISABLED
Tue Dec 19 17:52:15 2017 us=310711   pkcs11_protected_authentication = DISABLED
Tue Dec 19 17:52:15 2017 us=310723   pkcs11_protected_authentication = DISABLED
Tue Dec 19 17:52:15 2017 us=310736   pkcs11_protected_authentication = DISABLED
Tue Dec 19 17:52:15 2017 us=310748   pkcs11_protected_authentication = DISABLED
Tue Dec 19 17:52:15 2017 us=310760   pkcs11_protected_authentication = DISABLED
Tue Dec 19 17:52:15 2017 us=310772   pkcs11_protected_authentication = DISABLED
Tue Dec 19 17:52:15 2017 us=310784   pkcs11_protected_authentication = DISABLED
Tue Dec 19 17:52:15 2017 us=310797   pkcs11_protected_authentication = DISABLED
Tue Dec 19 17:52:15 2017 us=310809   pkcs11_protected_authentication = DISABLED
Tue Dec 19 17:52:15 2017 us=310821   pkcs11_protected_authentication = DISABLED
Tue Dec 19 17:52:15 2017 us=310834   pkcs11_protected_authentication = DISABLED
Tue Dec 19 17:52:15 2017 us=310846   pkcs11_protected_authentication = DISABLED
Tue Dec 19 17:52:15 2017 us=310865   pkcs11_private_mode = 00000000
Tue Dec 19 17:52:15 2017 us=310877   pkcs11_private_mode = 00000000
Tue Dec 19 17:52:15 2017 us=310890   pkcs11_private_mode = 00000000
Tue Dec 19 17:52:15 2017 us=310902   pkcs11_private_mode = 00000000
Tue Dec 19 17:52:15 2017 us=310914   pkcs11_private_mode = 00000000
Tue Dec 19 17:52:15 2017 us=310926   pkcs11_private_mode = 00000000
Tue Dec 19 17:52:15 2017 us=310939   pkcs11_private_mode = 00000000
Tue Dec 19 17:52:15 2017 us=310951   pkcs11_private_mode = 00000000
Tue Dec 19 17:52:15 2017 us=310963   pkcs11_private_mode = 00000000
Tue Dec 19 17:52:15 2017 us=310975   pkcs11_private_mode = 00000000
Tue Dec 19 17:52:15 2017 us=310987   pkcs11_private_mode = 00000000
Tue Dec 19 17:52:15 2017 us=310999   pkcs11_private_mode = 00000000
Tue Dec 19 17:52:15 2017 us=311011   pkcs11_private_mode = 00000000
Tue Dec 19 17:52:15 2017 us=311023   pkcs11_private_mode = 00000000
Tue Dec 19 17:52:15 2017 us=311035   pkcs11_private_mode = 00000000
Tue Dec 19 17:52:15 2017 us=311048   pkcs11_private_mode = 00000000
Tue Dec 19 17:52:15 2017 us=311060   pkcs11_cert_private = DISABLED
Tue Dec 19 17:52:15 2017 us=311072   pkcs11_cert_private = DISABLED
Tue Dec 19 17:52:15 2017 us=311084   pkcs11_cert_private = DISABLED
Tue Dec 19 17:52:15 2017 us=311096   pkcs11_cert_private = DISABLED
Tue Dec 19 17:52:15 2017 us=311108   pkcs11_cert_private = DISABLED
Tue Dec 19 17:52:15 2017 us=311120   pkcs11_cert_private = DISABLED
Tue Dec 19 17:52:15 2017 us=311132   pkcs11_cert_private = DISABLED
Tue Dec 19 17:52:15 2017 us=311144   pkcs11_cert_private = DISABLED
Tue Dec 19 17:52:15 2017 us=311157   pkcs11_cert_private = DISABLED
Tue Dec 19 17:52:15 2017 us=311169   pkcs11_cert_private = DISABLED
Tue Dec 19 17:52:15 2017 us=311181   pkcs11_cert_private = DISABLED
Tue Dec 19 17:52:15 2017 us=311193   pkcs11_cert_private = DISABLED
Tue Dec 19 17:52:15 2017 us=311205   pkcs11_cert_private = DISABLED
Tue Dec 19 17:52:15 2017 us=311217   pkcs11_cert_private = DISABLED
Tue Dec 19 17:52:15 2017 us=311230   pkcs11_cert_private = DISABLED
Tue Dec 19 17:52:15 2017 us=311242   pkcs11_cert_private = DISABLED
Tue Dec 19 17:52:15 2017 us=311254   pkcs11_pin_cache_period = -1
Tue Dec 19 17:52:15 2017 us=311266   pkcs11_id = '[UNDEF]'
Tue Dec 19 17:52:15 2017 us=311278   pkcs11_id_management = DISABLED
Tue Dec 19 17:52:15 2017 us=311292   server_network = 10.8.0.0
Tue Dec 19 17:52:15 2017 us=311305   server_netmask = 255.255.255.0
Tue Dec 19 17:52:15 2017 us=311320   server_network_ipv6 = ::
Tue Dec 19 17:52:15 2017 us=311332   server_netbits_ipv6 = 0
Tue Dec 19 17:52:15 2017 us=311346   server_bridge_ip = 0.0.0.0
Tue Dec 19 17:52:15 2017 us=311359   server_bridge_netmask = 0.0.0.0
Tue Dec 19 17:52:15 2017 us=311372   server_bridge_pool_start = 0.0.0.0
Tue Dec 19 17:52:15 2017 us=311385   server_bridge_pool_end = 0.0.0.0
Tue Dec 19 17:52:15 2017 us=311398   push_entry = 'redirect-gateway def1 bypass-dhcp'
Tue Dec 19 17:52:15 2017 us=311411   push_entry = 'dhcp-option DNS 208.67.222.222'
Tue Dec 19 17:52:15 2017 us=311423   push_entry = 'dhcp-option DNS 208.67.220.220'
Tue Dec 19 17:52:15 2017 us=311435   push_entry = 'route-gateway 10.8.0.1'
Tue Dec 19 17:52:15 2017 us=311448   push_entry = 'topology subnet'
Tue Dec 19 17:52:15 2017 us=311460   push_entry = 'ping 10'
Tue Dec 19 17:52:15 2017 us=311472   push_entry = 'ping-restart 120'
Tue Dec 19 17:52:15 2017 us=311484   ifconfig_pool_defined = ENABLED
Tue Dec 19 17:52:15 2017 us=311497   ifconfig_pool_start = 10.8.0.2
Tue Dec 19 17:52:15 2017 us=311511   ifconfig_pool_end = 10.8.0.253
Tue Dec 19 17:52:15 2017 us=311524   ifconfig_pool_netmask = 255.255.255.0
Tue Dec 19 17:52:15 2017 us=311536   ifconfig_pool_persist_filename = 'ipp.txt'
Tue Dec 19 17:52:15 2017 us=311549   ifconfig_pool_persist_refresh_freq = 600
Tue Dec 19 17:52:15 2017 us=311561   ifconfig_ipv6_pool_defined = DISABLED
Tue Dec 19 17:52:15 2017 us=311574   ifconfig_ipv6_pool_base = ::
Tue Dec 19 17:52:15 2017 us=311586   ifconfig_ipv6_pool_netbits = 0
Tue Dec 19 17:52:15 2017 us=311606   n_bcast_buf = 256
Tue Dec 19 17:52:15 2017 us=311619   tcp_queue_limit = 64
Tue Dec 19 17:52:15 2017 us=311631   real_hash_size = 256
Tue Dec 19 17:52:15 2017 us=311643   virtual_hash_size = 256
Tue Dec 19 17:52:15 2017 us=311656   client_connect_script = '[UNDEF]'
Tue Dec 19 17:52:15 2017 us=311668   learn_address_script = '[UNDEF]'
Tue Dec 19 17:52:15 2017 us=311680   client_disconnect_script = '[UNDEF]'
Tue Dec 19 17:52:15 2017 us=311692   client_config_dir = '[UNDEF]'
Tue Dec 19 17:52:15 2017 us=311705   ccd_exclusive = DISABLED
Tue Dec 19 17:52:15 2017 us=311717   tmp_dir = '/tmp'
Tue Dec 19 17:52:15 2017 us=311729   push_ifconfig_defined = DISABLED
Tue Dec 19 17:52:15 2017 us=311743   push_ifconfig_local = 0.0.0.0
Tue Dec 19 17:52:15 2017 us=311756   push_ifconfig_remote_netmask = 0.0.0.0
Tue Dec 19 17:52:15 2017 us=311769   push_ifconfig_ipv6_defined = DISABLED
Tue Dec 19 17:52:15 2017 us=311782   push_ifconfig_ipv6_local = ::/0
Tue Dec 19 17:52:15 2017 us=311795   push_ifconfig_ipv6_remote = ::
Tue Dec 19 17:52:15 2017 us=311808   enable_c2c = DISABLED
Tue Dec 19 17:52:15 2017 us=311820   duplicate_cn = DISABLED
Tue Dec 19 17:52:15 2017 us=311832   cf_max = 0
Tue Dec 19 17:52:15 2017 us=311845   cf_per = 0
Tue Dec 19 17:52:15 2017 us=311857   max_clients = 1024
Tue Dec 19 17:52:15 2017 us=311869   max_routes_per_client = 256
Tue Dec 19 17:52:15 2017 us=311882   auth_user_pass_verify_script = '[UNDEF]'
Tue Dec 19 17:52:15 2017 us=311894   auth_user_pass_verify_script_via_file = DISABLED
Tue Dec 19 17:52:15 2017 us=311906   auth_token_generate = DISABLED
Tue Dec 19 17:52:15 2017 us=311919   auth_token_lifetime = 0
Tue Dec 19 17:52:15 2017 us=311931   port_share_host = '[UNDEF]'
Tue Dec 19 17:52:15 2017 us=311943   port_share_port = '[UNDEF]'
Tue Dec 19 17:52:15 2017 us=311955   client = DISABLED
Tue Dec 19 17:52:15 2017 us=311968   pull = DISABLED
Tue Dec 19 17:52:15 2017 us=311980   auth_user_pass_file = '[UNDEF]'
Tue Dec 19 17:52:15 2017 us=311994 OpenVPN 2.4.3 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jul  3 2017
Tue Dec 19 17:52:15 2017 us=312016 library versions: OpenSSL 1.0.2g  1 Mar 2016, LZO 2.08
Tue Dec 19 17:52:15 2017 us=312394 NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x.  Be aware that this might create routing conflicts if you connect to the VPN server from public locations such as internet cafes that use the same subnet.
AUTH-PAM: BACKGROUND: INIT service='login'
Tue Dec 19 17:52:15 2017 us=313081 PLUGIN_INIT: POST /usr/share/openvpn/plugin/lib/openvpn-auth-pam.so '[/usr/share/openvpn/plugin/lib/openvpn-auth-pam.so] [login] [login] [USERNAME] [password] [PASSWORD]' intercepted=PLUGIN_AUTH_USER_PASS_VERIFY
Tue Dec 19 17:52:15 2017 us=313630 Diffie-Hellman initialized with 2048 bit key
Tue Dec 19 17:52:15 2017 us=314231 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Tue Dec 19 17:52:15 2017 us=314271 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Tue Dec 19 17:52:15 2017 us=314291 TLS-Auth MTU parms [ L:1622 D:1140 EF:110 EB:0 ET:0 EL:3 ]
Tue Dec 19 17:52:15 2017 us=315426 TUN/TAP device tun0 opened
Tue Dec 19 17:52:15 2017 us=315504 TUN/TAP TX queue length set to 100
Tue Dec 19 17:52:15 2017 us=315536 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Tue Dec 19 17:52:15 2017 us=315561 /sbin/ip link set dev tun0 up mtu 1500
Tue Dec 19 17:52:15 2017 us=319040 /sbin/ip addr add dev tun0 10.8.0.1/24 broadcast 10.8.0.255
Tue Dec 19 17:52:15 2017 us=322413 Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
Tue Dec 19 17:52:15 2017 us=323105 Could not determine IPv4/IPv6 protocol. Using AF_INET
Tue Dec 19 17:52:15 2017 us=323170 Socket Buffers: R=[212992->212992] S=[212992->212992]
Tue Dec 19 17:52:15 2017 us=323202 UDPv4 link local (bound): [AF_INET][undef]:37
Tue Dec 19 17:52:15 2017 us=323217 UDPv4 link remote: [AF_UNSPEC]
Tue Dec 19 17:52:15 2017 us=323237 GID set to nogroup
Tue Dec 19 17:52:15 2017 us=323278 UID set to nobody
Tue Dec 19 17:52:15 2017 us=323307 MULTI: multi_init called, r=256 v=256
Tue Dec 19 17:52:15 2017 us=323359 IFCONFIG POOL: base=10.8.0.2 size=252, ipv6=0
Tue Dec 19 17:52:15 2017 us=323386 ifconfig_pool_read(), in='n,10.8.0.2', TODO: IPv6
Tue Dec 19 17:52:15 2017 us=323404 succeeded -> ifconfig_pool_set()
Tue Dec 19 17:52:15 2017 us=323419 IFCONFIG POOL LIST
Tue Dec 19 17:52:15 2017 us=323433 n,10.8.0.2
Tue Dec 19 17:52:15 2017 us=323528 Initialization Sequence Completed
Tue Dec 19 17:52:57 2017 us=173161 MULTI: multi_create_instance called
Tue Dec 19 17:52:57 2017 us=173293 $ipAddress:62792 Re-using SSL/TLS context
Tue Dec 19 17:52:57 2017 us=173352 $ipAddress:62792 LZO compression initializing
Tue Dec 19 17:52:57 2017 us=173563 $ipAddress:62792 Control Channel MTU parms [ L:1622 D:1140 EF:110 EB:0 ET:0 EL:3 ]
Tue Dec 19 17:52:57 2017 us=173623 $ipAddress:62792 Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
Tue Dec 19 17:52:57 2017 us=173704 $ipAddress:62792 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1602,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 0,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-server'
Tue Dec 19 17:52:57 2017 us=173744 $ipAddress:62792 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1602,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-client'
Tue Dec 19 17:52:57 2017 us=173826 $ipAddress:62792 UDPv4 READ [86] from [AF_INET]$ipAddress:62792: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 pid=[ #1 ] [ ] pid=0 DATA len=0
Tue Dec 19 17:52:57 2017 us=173876 $ipAddress:62792 TLS: Initial packet from [AF_INET]$ipAddress:62792, sid=8d3dac43 cad8ea98
Tue Dec 19 17:52:57 2017 us=173966 $ipAddress:62792 UDPv4 WRITE [98] to [AF_INET]$ipAddress:62792: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 pid=[ #1 ] [ 0 ] pid=0 DATA len=0
Tue Dec 19 17:52:57 2017 us=178439 $ipAddress:62792 UDPv4 READ [94] from [AF_INET]$ipAddress:62792: P_ACK_V1 kid=0 pid=[ #2 ] [ 0 ]
Tue Dec 19 17:52:57 2017 us=178587 $ipAddress:62792 UDPv4 READ [259] from [AF_INET]$ipAddress:62792: P_CONTROL_V1 kid=0 pid=[ #3 ] [ ] pid=1 DATA len=173
Tue Dec 19 17:52:57 2017 us=186871 $ipAddress:62792 UDPv4 WRITE [1128] to [AF_INET]$ipAddress:62792: P_CONTROL_V1 kid=0 pid=[ #2 ] [ 1 ] pid=1 DATA len=1030
Tue Dec 19 17:52:57 2017 us=187035 $ipAddress:62792 UDPv4 WRITE [1116] to [AF_INET]$ipAddress:62792: P_CONTROL_V1 kid=0 pid=[ #3 ] [ ] pid=2 DATA len=1030
Tue Dec 19 17:52:57 2017 us=187132 $ipAddress:62792 UDPv4 WRITE [197] to [AF_INET]$ipAddress:62792: P_CONTROL_V1 kid=0 pid=[ #4 ] [ ] pid=3 DATA len=111
Tue Dec 19 17:52:57 2017 us=190664 $ipAddress:62792 UDPv4 READ [94] from [AF_INET]$ipAddress:62792: P_ACK_V1 kid=0 pid=[ #4 ] [ 1 ]
Tue Dec 19 17:52:57 2017 us=192902 $ipAddress:62792 UDPv4 READ [94] from [AF_INET]$ipAddress:62792: P_ACK_V1 kid=0 pid=[ #5 ] [ 2 ]
Tue Dec 19 17:52:57 2017 us=199317 $ipAddress:62792 UDPv4 READ [1128] from [AF_INET]$ipAddress:62792: P_CONTROL_V1 kid=0 pid=[ #6 ] [ 3 ] pid=2 DATA len=1030
Tue Dec 19 17:52:57 2017 us=199473 $ipAddress:62792 UDPv4 WRITE [94] to [AF_INET]$ipAddress:62792: P_ACK_V1 kid=0 pid=[ #5 ] [ 2 ]
Tue Dec 19 17:52:57 2017 us=199579 $ipAddress:62792 UDPv4 READ [1116] from [AF_INET]$ipAddress:62792: P_CONTROL_V1 kid=0 pid=[ #7 ] [ ] pid=3 DATA len=1030
Tue Dec 19 17:52:57 2017 us=200317 $ipAddress:62792 VERIFY OK: depth=1, CN=ChangeMe
Tue Dec 19 17:52:57 2017 us=200691 $ipAddress:62792 VERIFY OK: depth=0, CN=n
Tue Dec 19 17:52:57 2017 us=201599 $ipAddress:62792 UDPv4 WRITE [94] to [AF_INET]$ipAddress:62792: P_ACK_V1 kid=0 pid=[ #6 ] [ 3 ]
Tue Dec 19 17:52:57 2017 us=201736 $ipAddress:62792 UDPv4 READ [88] from [AF_INET]$ipAddress:62792: P_CONTROL_V1 kid=0 pid=[ #8 ] [ ] pid=4 DATA len=2
Tue Dec 19 17:52:57 2017 us=201932 $ipAddress:62792 UDPv4 WRITE [149] to [AF_INET]$ipAddress:62792: P_CONTROL_V1 kid=0 pid=[ #7 ] [ 4 ] pid=4 DATA len=51
Tue Dec 19 17:52:57 2017 us=204479 $ipAddress:62792 UDPv4 READ [560] from [AF_INET]$ipAddress:62792: P_CONTROL_V1 kid=0 pid=[ #9 ] [ 4 ] pid=5 DATA len=462
Tue Dec 19 17:52:57 2017 us=204580 $ipAddress:62792 peer info: IV_VER=2.4.3
Tue Dec 19 17:52:57 2017 us=204614 $ipAddress:62792 peer info: IV_PLAT=win
Tue Dec 19 17:52:57 2017 us=204639 $ipAddress:62792 peer info: IV_PROTO=2
Tue Dec 19 17:52:57 2017 us=204661 $ipAddress:62792 peer info: IV_NCP=2
Tue Dec 19 17:52:57 2017 us=204681 $ipAddress:62792 peer info: IV_LZ4=1
Tue Dec 19 17:52:57 2017 us=204702 $ipAddress:62792 peer info: IV_LZ4v2=1
Tue Dec 19 17:52:57 2017 us=204723 $ipAddress:62792 peer info: IV_LZO=1
Tue Dec 19 17:52:57 2017 us=204744 $ipAddress:62792 peer info: IV_COMP_STUB=1
Tue Dec 19 17:52:57 2017 us=204764 $ipAddress:62792 peer info: IV_COMP_STUBv2=1
Tue Dec 19 17:52:57 2017 us=204785 $ipAddress:62792 peer info: IV_TCPNL=1
Tue Dec 19 17:52:57 2017 us=204806 $ipAddress:62792 peer info: IV_GUI_VER=OpenVPN_GUI_11
AUTH-PAM: BACKGROUND: received command code: 0
AUTH-PAM: BACKGROUND: USER: $userName
AUTH-PAM: BACKGROUND: my_conv[0] query='login:' style=2
AUTH-PAM: BACKGROUND: name match found, query/match-string ['login:', 'login'] = 'USERNAME'
AUTH-PAM: BACKGROUND: my_conv[0] query='Password: ' style=1
AUTH-PAM: BACKGROUND: name match found, query/match-string ['Password: ', 'password'] = 'PASSWORD'
AUTH-PAM: BACKGROUND: user '$userName' failed to authenticate: System error
Tue Dec 19 17:52:57 2017 us=224297 $ipAddress:62792 PLUGIN_CALL: POST /usr/share/openvpn/plugin/lib/openvpn-auth-pam.so/PLUGIN_AUTH_USER_PASS_VERIFY status=1
Tue Dec 19 17:52:57 2017 us=224348 $ipAddress:62792 PLUGIN_CALL: plugin function PLUGIN_AUTH_USER_PASS_VERIFY failed with status 1: /usr/share/openvpn/plugin/lib/openvpn-auth-pam.so
Tue Dec 19 17:52:57 2017 us=224419 $ipAddress:62792 TLS Auth Error: Auth Username/Password verification failed for peer
Tue Dec 19 17:52:57 2017 us=224552 $ipAddress:62792 UDPv4 WRITE [353] to [AF_INET]$ipAddress:62792: P_CONTROL_V1 kid=0 pid=[ #8 ] [ 5 ] pid=5 DATA len=255
Tue Dec 19 17:52:57 2017 us=227970 $ipAddress:62792 UDPv4 READ [94] from [AF_INET]$ipAddress:62792: P_ACK_V1 kid=0 pid=[ #10 ] [ 5 ]
Tue Dec 19 17:52:57 2017 us=228043 $ipAddress:62792 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Tue Dec 19 17:52:57 2017 us=228077 $ipAddress:62792 [$userName] Peer Connection Initiated with [AF_INET]$ipAddress:62792
Tue Dec 19 17:52:58 2017 us=271526 $ipAddress:62792 UDPv4 READ [128] from [AF_INET]$ipAddress:62792: P_CONTROL_V1 kid=0 pid=[ #11 ] [ ] pid=6 DATA len=42
Tue Dec 19 17:52:58 2017 us=271684 $ipAddress:62792 PUSH: Received control message: 'PUSH_REQUEST'
Tue Dec 19 17:52:58 2017 us=271721 $ipAddress:62792 Delayed exit in 5 seconds
Tue Dec 19 17:52:58 2017 us=271761 $ipAddress:62792 SENT CONTROL [$userName]: 'AUTH_FAILED' (status=1)
Tue Dec 19 17:52:58 2017 us=271816 $ipAddress:62792 UDPv4 WRITE [94] to [AF_INET]$ipAddress:62792: P_ACK_V1 kid=0 pid=[ #9 ] [ 6 ]
Tue Dec 19 17:52:58 2017 us=271930 $ipAddress:62792 UDPv4 WRITE [127] to [AF_INET]$ipAddress:62792: P_CONTROL_V1 kid=0 pid=[ #10 ] [ ] pid=6 DATA len=41
Tue Dec 19 17:53:00 2017 us=483745 $ipAddress:62792 UDPv4 WRITE [127] to [AF_INET]$ipAddress:62792: P_CONTROL_V1 kid=0 pid=[ #11 ] [ ] pid=6 DATA len=41
Tue Dec 19 17:53:03 2017 us=698229 $ipAddress:62792 SIGTERM[soft,delayed-exit] received, client-instance exiting
(client.ovpn)

Code: Select all

client
dev tun
proto udp
sndbuf 0
rcvbuf 0
remote devbench.net 37
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
auth SHA512
auth-user-pass
cipher AES-256-CBC
comp-lzo
setenv opt block-outside-dns
key-direction 1
verb 6
(client log)

Code: Select all

Tue Dec 19 17:39:59 2017 us=7454 Current Parameter Settings:
Tue Dec 19 17:39:59 2017 us=7454   config = 'client.ovpn'
Tue Dec 19 17:39:59 2017 us=7454   mode = 0
Tue Dec 19 17:39:59 2017 us=7454   show_ciphers = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   show_digests = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   show_engines = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   genkey = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   key_pass_file = '[UNDEF]'
Tue Dec 19 17:39:59 2017 us=7454   show_tls_ciphers = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   connect_retry_max = 0
Tue Dec 19 17:39:59 2017 us=7454 Connection profiles [0]:
Tue Dec 19 17:39:59 2017 us=7454   proto = udp
Tue Dec 19 17:39:59 2017 us=7454   local = '[UNDEF]'
Tue Dec 19 17:39:59 2017 us=7454   local_port = '[UNDEF]'
Tue Dec 19 17:39:59 2017 us=7454   remote = '$domain'
Tue Dec 19 17:39:59 2017 us=7454   remote_port = '37'
Tue Dec 19 17:39:59 2017 us=7454   remote_float = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   bind_defined = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   bind_local = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   bind_ipv6_only = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   connect_retry_seconds = 5
Tue Dec 19 17:39:59 2017 us=7454   connect_timeout = 120
Tue Dec 19 17:39:59 2017 us=7454   socks_proxy_server = '[UNDEF]'
Tue Dec 19 17:39:59 2017 us=7454   socks_proxy_port = '[UNDEF]'
Tue Dec 19 17:39:59 2017 us=7454   tun_mtu = 1500
Tue Dec 19 17:39:59 2017 us=7454   tun_mtu_defined = ENABLED
Tue Dec 19 17:39:59 2017 us=7454   link_mtu = 1500
Tue Dec 19 17:39:59 2017 us=7454   link_mtu_defined = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   tun_mtu_extra = 0
Tue Dec 19 17:39:59 2017 us=7454   tun_mtu_extra_defined = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   mtu_discover_type = -1
Tue Dec 19 17:39:59 2017 us=7454   fragment = 0
Tue Dec 19 17:39:59 2017 us=7454   mssfix = 1450
Tue Dec 19 17:39:59 2017 us=7454   explicit_exit_notification = 0
Tue Dec 19 17:39:59 2017 us=7454 Connection profiles END
Tue Dec 19 17:39:59 2017 us=7454   remote_random = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   ipchange = '[UNDEF]'
Tue Dec 19 17:39:59 2017 us=7454   dev = 'tun'
Tue Dec 19 17:39:59 2017 us=7454   dev_type = '[UNDEF]'
Tue Dec 19 17:39:59 2017 us=7454   dev_node = '[UNDEF]'
Tue Dec 19 17:39:59 2017 us=7454   lladdr = '[UNDEF]'
Tue Dec 19 17:39:59 2017 us=7454   topology = 1
Tue Dec 19 17:39:59 2017 us=7454   ifconfig_local = '[UNDEF]'
Tue Dec 19 17:39:59 2017 us=7454   ifconfig_remote_netmask = '[UNDEF]'
Tue Dec 19 17:39:59 2017 us=7454   ifconfig_noexec = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   ifconfig_nowarn = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   ifconfig_ipv6_local = '[UNDEF]'
Tue Dec 19 17:39:59 2017 us=7454   ifconfig_ipv6_netbits = 0
Tue Dec 19 17:39:59 2017 us=7454   ifconfig_ipv6_remote = '[UNDEF]'
Tue Dec 19 17:39:59 2017 us=7454   shaper = 0
Tue Dec 19 17:39:59 2017 us=7454   mtu_test = 0
Tue Dec 19 17:39:59 2017 us=7454   mlock = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   keepalive_ping = 0
Tue Dec 19 17:39:59 2017 us=7454   keepalive_timeout = 0
Tue Dec 19 17:39:59 2017 us=7454   inactivity_timeout = 0
Tue Dec 19 17:39:59 2017 us=7454   ping_send_timeout = 0
Tue Dec 19 17:39:59 2017 us=7454   ping_rec_timeout = 0
Tue Dec 19 17:39:59 2017 us=7454   ping_rec_timeout_action = 0
Tue Dec 19 17:39:59 2017 us=7454   ping_timer_remote = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   remap_sigusr1 = 0
Tue Dec 19 17:39:59 2017 us=7454   persist_tun = ENABLED
Tue Dec 19 17:39:59 2017 us=7454   persist_local_ip = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   persist_remote_ip = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   persist_key = ENABLED
Tue Dec 19 17:39:59 2017 us=7454   passtos = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   resolve_retry_seconds = 1000000000
Tue Dec 19 17:39:59 2017 us=7454   resolve_in_advance = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   username = '[UNDEF]'
Tue Dec 19 17:39:59 2017 us=7454   groupname = '[UNDEF]'
Tue Dec 19 17:39:59 2017 us=7454   chroot_dir = '[UNDEF]'
Tue Dec 19 17:39:59 2017 us=7454   cd_dir = '[UNDEF]'
Tue Dec 19 17:39:59 2017 us=7454   writepid = '[UNDEF]'
Tue Dec 19 17:39:59 2017 us=7454   up_script = '[UNDEF]'
Tue Dec 19 17:39:59 2017 us=7454   down_script = '[UNDEF]'
Tue Dec 19 17:39:59 2017 us=7454   down_pre = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   up_restart = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   up_delay = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   daemon = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   inetd = 0
Tue Dec 19 17:39:59 2017 us=7454   log = ENABLED
Tue Dec 19 17:39:59 2017 us=7454   suppress_timestamps = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   machine_readable_output = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   nice = 0
Tue Dec 19 17:39:59 2017 us=7454   verbosity = 6
Tue Dec 19 17:39:59 2017 us=7454   mute = 0
Tue Dec 19 17:39:59 2017 us=7454   gremlin = 0
Tue Dec 19 17:39:59 2017 us=7454   status_file = '[UNDEF]'
Tue Dec 19 17:39:59 2017 us=7454   status_file_version = 1
Tue Dec 19 17:39:59 2017 us=7454   status_file_update_freq = 60
Tue Dec 19 17:39:59 2017 us=7454   occ = ENABLED
Tue Dec 19 17:39:59 2017 us=7454   rcvbuf = 0
Tue Dec 19 17:39:59 2017 us=7454   sndbuf = 0
Tue Dec 19 17:39:59 2017 us=7454   sockflags = 0
Tue Dec 19 17:39:59 2017 us=7454   fast_io = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   comp.alg = 2
Tue Dec 19 17:39:59 2017 us=7454   comp.flags = 1
Tue Dec 19 17:39:59 2017 us=7454   route_script = '[UNDEF]'
Tue Dec 19 17:39:59 2017 us=7454   route_default_gateway = '[UNDEF]'
Tue Dec 19 17:39:59 2017 us=7454   route_default_metric = 0
Tue Dec 19 17:39:59 2017 us=7454   route_noexec = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   route_delay = 5
Tue Dec 19 17:39:59 2017 us=7454   route_delay_window = 30
Tue Dec 19 17:39:59 2017 us=7454   route_delay_defined = ENABLED
Tue Dec 19 17:39:59 2017 us=7454   route_nopull = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   route_gateway_via_dhcp = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   allow_pull_fqdn = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   management_addr = '127.0.0.1'
Tue Dec 19 17:39:59 2017 us=7454   management_port = '25340'
Tue Dec 19 17:39:59 2017 us=7454   management_user_pass = 'stdin'
Tue Dec 19 17:39:59 2017 us=7454   management_log_history_cache = 250
Tue Dec 19 17:39:59 2017 us=7454   management_echo_buffer_size = 100
Tue Dec 19 17:39:59 2017 us=7454   management_write_peer_info_file = '[UNDEF]'
Tue Dec 19 17:39:59 2017 us=7454   management_client_user = '[UNDEF]'
Tue Dec 19 17:39:59 2017 us=7454   management_client_group = '[UNDEF]'
Tue Dec 19 17:39:59 2017 us=7454   management_flags = 6
Tue Dec 19 17:39:59 2017 us=7454   shared_secret_file = '[UNDEF]'
Tue Dec 19 17:39:59 2017 us=7454   key_direction = 2
Tue Dec 19 17:39:59 2017 us=7454   ciphername = 'AES-256-CBC'
Tue Dec 19 17:39:59 2017 us=7454   ncp_enabled = ENABLED
Tue Dec 19 17:39:59 2017 us=7454   ncp_ciphers = 'AES-256-GCM:AES-128-GCM'
Tue Dec 19 17:39:59 2017 us=7454   authname = 'SHA512'
Tue Dec 19 17:39:59 2017 us=7454   prng_hash = 'SHA1'
Tue Dec 19 17:39:59 2017 us=7454   prng_nonce_secret_len = 16
Tue Dec 19 17:39:59 2017 us=7454   keysize = 0
Tue Dec 19 17:39:59 2017 us=7454   engine = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   replay = ENABLED
Tue Dec 19 17:39:59 2017 us=7454   mute_replay_warnings = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   replay_window = 64
Tue Dec 19 17:39:59 2017 us=7454   replay_time = 15
Tue Dec 19 17:39:59 2017 us=7454   packet_id_file = '[UNDEF]'
Tue Dec 19 17:39:59 2017 us=7454   use_iv = ENABLED
Tue Dec 19 17:39:59 2017 us=7454   test_crypto = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   tls_server = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   tls_client = ENABLED
Tue Dec 19 17:39:59 2017 us=7454   key_method = 2
Tue Dec 19 17:39:59 2017 us=7454   ca_file = '[[INLINE]]'
Tue Dec 19 17:39:59 2017 us=7454   ca_path = '[UNDEF]'
Tue Dec 19 17:39:59 2017 us=7454   dh_file = '[UNDEF]'
Tue Dec 19 17:39:59 2017 us=7454   cert_file = '[[INLINE]]'
Tue Dec 19 17:39:59 2017 us=7454   extra_certs_file = '[UNDEF]'
Tue Dec 19 17:39:59 2017 us=7454   priv_key_file = '[[INLINE]]'
Tue Dec 19 17:39:59 2017 us=7454   pkcs12_file = '[UNDEF]'
Tue Dec 19 17:39:59 2017 us=7454   cryptoapi_cert = '[UNDEF]'
Tue Dec 19 17:39:59 2017 us=7454   cipher_list = '[UNDEF]'
Tue Dec 19 17:39:59 2017 us=7454   tls_verify = '[UNDEF]'
Tue Dec 19 17:39:59 2017 us=7454   tls_export_cert = '[UNDEF]'
Tue Dec 19 17:39:59 2017 us=7454   verify_x509_type = 0
Tue Dec 19 17:39:59 2017 us=7454   verify_x509_name = '[UNDEF]'
Tue Dec 19 17:39:59 2017 us=7454   crl_file = '[UNDEF]'
Tue Dec 19 17:39:59 2017 us=7454   ns_cert_type = 0
Tue Dec 19 17:39:59 2017 us=7454   remote_cert_ku[i] = 65535
Tue Dec 19 17:39:59 2017 us=7454   remote_cert_ku[i] = 0
Tue Dec 19 17:39:59 2017 us=7454   remote_cert_ku[i] = 0
Tue Dec 19 17:39:59 2017 us=7454   remote_cert_ku[i] = 0
Tue Dec 19 17:39:59 2017 us=7454   remote_cert_ku[i] = 0
Tue Dec 19 17:39:59 2017 us=7454   remote_cert_ku[i] = 0
Tue Dec 19 17:39:59 2017 us=7454   remote_cert_ku[i] = 0
Tue Dec 19 17:39:59 2017 us=7454   remote_cert_ku[i] = 0
Tue Dec 19 17:39:59 2017 us=7454   remote_cert_ku[i] = 0
Tue Dec 19 17:39:59 2017 us=7454   remote_cert_ku[i] = 0
Tue Dec 19 17:39:59 2017 us=7454   remote_cert_ku[i] = 0
Tue Dec 19 17:39:59 2017 us=7454   remote_cert_ku[i] = 0
Tue Dec 19 17:39:59 2017 us=7454   remote_cert_ku[i] = 0
Tue Dec 19 17:39:59 2017 us=7454   remote_cert_ku[i] = 0
Tue Dec 19 17:39:59 2017 us=7454   remote_cert_ku[i] = 0
Tue Dec 19 17:39:59 2017 us=7454   remote_cert_ku[i] = 0
Tue Dec 19 17:39:59 2017 us=7454   remote_cert_eku = 'TLS Web Server Authentication'
Tue Dec 19 17:39:59 2017 us=7454   ssl_flags = 0
Tue Dec 19 17:39:59 2017 us=7454   tls_timeout = 2
Tue Dec 19 17:39:59 2017 us=7454   renegotiate_bytes = -1
Tue Dec 19 17:39:59 2017 us=7454   renegotiate_packets = 0
Tue Dec 19 17:39:59 2017 us=7454   renegotiate_seconds = 3600
Tue Dec 19 17:39:59 2017 us=7454   handshake_window = 60
Tue Dec 19 17:39:59 2017 us=7454   transition_window = 3600
Tue Dec 19 17:39:59 2017 us=7454   single_session = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   push_peer_info = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   tls_exit = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   tls_auth_file = '[[INLINE]]'
Tue Dec 19 17:39:59 2017 us=7454   tls_crypt_file = '[UNDEF]'
Tue Dec 19 17:39:59 2017 us=7454   pkcs11_protected_authentication = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   pkcs11_protected_authentication = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   pkcs11_protected_authentication = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   pkcs11_protected_authentication = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   pkcs11_protected_authentication = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   pkcs11_protected_authentication = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   pkcs11_protected_authentication = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   pkcs11_protected_authentication = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   pkcs11_protected_authentication = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   pkcs11_protected_authentication = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   pkcs11_protected_authentication = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   pkcs11_protected_authentication = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   pkcs11_protected_authentication = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   pkcs11_protected_authentication = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   pkcs11_protected_authentication = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   pkcs11_protected_authentication = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   pkcs11_private_mode = 00000000
Tue Dec 19 17:39:59 2017 us=7454   pkcs11_private_mode = 00000000
Tue Dec 19 17:39:59 2017 us=7454   pkcs11_private_mode = 00000000
Tue Dec 19 17:39:59 2017 us=7454   pkcs11_private_mode = 00000000
Tue Dec 19 17:39:59 2017 us=7454   pkcs11_private_mode = 00000000
Tue Dec 19 17:39:59 2017 us=7454   pkcs11_private_mode = 00000000
Tue Dec 19 17:39:59 2017 us=7454   pkcs11_private_mode = 00000000
Tue Dec 19 17:39:59 2017 us=7454   pkcs11_private_mode = 00000000
Tue Dec 19 17:39:59 2017 us=7454   pkcs11_private_mode = 00000000
Tue Dec 19 17:39:59 2017 us=7454   pkcs11_private_mode = 00000000
Tue Dec 19 17:39:59 2017 us=7454   pkcs11_private_mode = 00000000
Tue Dec 19 17:39:59 2017 us=7454   pkcs11_private_mode = 00000000
Tue Dec 19 17:39:59 2017 us=7454   pkcs11_private_mode = 00000000
Tue Dec 19 17:39:59 2017 us=7454   pkcs11_private_mode = 00000000
Tue Dec 19 17:39:59 2017 us=7454   pkcs11_private_mode = 00000000
Tue Dec 19 17:39:59 2017 us=7454   pkcs11_private_mode = 00000000
Tue Dec 19 17:39:59 2017 us=7454   pkcs11_cert_private = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   pkcs11_cert_private = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   pkcs11_cert_private = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   pkcs11_cert_private = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   pkcs11_cert_private = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   pkcs11_cert_private = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   pkcs11_cert_private = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   pkcs11_cert_private = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   pkcs11_cert_private = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   pkcs11_cert_private = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   pkcs11_cert_private = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   pkcs11_cert_private = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   pkcs11_cert_private = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   pkcs11_cert_private = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   pkcs11_cert_private = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   pkcs11_cert_private = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   pkcs11_pin_cache_period = -1
Tue Dec 19 17:39:59 2017 us=7454   pkcs11_id = '[UNDEF]'
Tue Dec 19 17:39:59 2017 us=7454   pkcs11_id_management = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   server_network = 0.0.0.0
Tue Dec 19 17:39:59 2017 us=7454   server_netmask = 0.0.0.0
Tue Dec 19 17:39:59 2017 us=7454   server_network_ipv6 = ::
Tue Dec 19 17:39:59 2017 us=7454   server_netbits_ipv6 = 0
Tue Dec 19 17:39:59 2017 us=7454   server_bridge_ip = 0.0.0.0
Tue Dec 19 17:39:59 2017 us=7454   server_bridge_netmask = 0.0.0.0
Tue Dec 19 17:39:59 2017 us=7454   server_bridge_pool_start = 0.0.0.0
Tue Dec 19 17:39:59 2017 us=7454   server_bridge_pool_end = 0.0.0.0
Tue Dec 19 17:39:59 2017 us=7454   ifconfig_pool_defined = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   ifconfig_pool_start = 0.0.0.0
Tue Dec 19 17:39:59 2017 us=7454   ifconfig_pool_end = 0.0.0.0
Tue Dec 19 17:39:59 2017 us=7454   ifconfig_pool_netmask = 0.0.0.0
Tue Dec 19 17:39:59 2017 us=7454   ifconfig_pool_persist_filename = '[UNDEF]'
Tue Dec 19 17:39:59 2017 us=7454   ifconfig_pool_persist_refresh_freq = 600
Tue Dec 19 17:39:59 2017 us=7454   ifconfig_ipv6_pool_defined = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   ifconfig_ipv6_pool_base = ::
Tue Dec 19 17:39:59 2017 us=7454   ifconfig_ipv6_pool_netbits = 0
Tue Dec 19 17:39:59 2017 us=7454   n_bcast_buf = 256
Tue Dec 19 17:39:59 2017 us=7454   tcp_queue_limit = 64
Tue Dec 19 17:39:59 2017 us=7454   real_hash_size = 256
Tue Dec 19 17:39:59 2017 us=7454   virtual_hash_size = 256
Tue Dec 19 17:39:59 2017 us=7454   client_connect_script = '[UNDEF]'
Tue Dec 19 17:39:59 2017 us=7454   learn_address_script = '[UNDEF]'
Tue Dec 19 17:39:59 2017 us=7454   client_disconnect_script = '[UNDEF]'
Tue Dec 19 17:39:59 2017 us=7454   client_config_dir = '[UNDEF]'
Tue Dec 19 17:39:59 2017 us=7454   ccd_exclusive = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   tmp_dir = 'C:\Users\NICOLA~1\AppData\Local\Temp\'
Tue Dec 19 17:39:59 2017 us=7454   push_ifconfig_defined = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   push_ifconfig_local = 0.0.0.0
Tue Dec 19 17:39:59 2017 us=7454   push_ifconfig_remote_netmask = 0.0.0.0
Tue Dec 19 17:39:59 2017 us=7454   push_ifconfig_ipv6_defined = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   push_ifconfig_ipv6_local = ::/0
Tue Dec 19 17:39:59 2017 us=7454   push_ifconfig_ipv6_remote = ::
Tue Dec 19 17:39:59 2017 us=7454   enable_c2c = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   duplicate_cn = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   cf_max = 0
Tue Dec 19 17:39:59 2017 us=7454   cf_per = 0
Tue Dec 19 17:39:59 2017 us=7454   max_clients = 1024
Tue Dec 19 17:39:59 2017 us=7454   max_routes_per_client = 256
Tue Dec 19 17:39:59 2017 us=7454   auth_user_pass_verify_script = '[UNDEF]'
Tue Dec 19 17:39:59 2017 us=7454   auth_user_pass_verify_script_via_file = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   auth_token_generate = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   auth_token_lifetime = 0
Tue Dec 19 17:39:59 2017 us=7454   client = ENABLED
Tue Dec 19 17:39:59 2017 us=7454   pull = ENABLED
Tue Dec 19 17:39:59 2017 us=7454   auth_user_pass_file = 'stdin'
Tue Dec 19 17:39:59 2017 us=7454   show_net_up = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   route_method = 3
Tue Dec 19 17:39:59 2017 us=7454   block_outside_dns = ENABLED
Tue Dec 19 17:39:59 2017 us=7454   ip_win32_defined = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   ip_win32_type = 3
Tue Dec 19 17:39:59 2017 us=7454   dhcp_masq_offset = 0
Tue Dec 19 17:39:59 2017 us=7454   dhcp_lease_time = 31536000
Tue Dec 19 17:39:59 2017 us=7454   tap_sleep = 0
Tue Dec 19 17:39:59 2017 us=7454   dhcp_options = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   dhcp_renew = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   dhcp_pre_release = DISABLED
Tue Dec 19 17:39:59 2017 us=7454   domain = '[UNDEF]'
Tue Dec 19 17:39:59 2017 us=7454   netbios_scope = '[UNDEF]'
Tue Dec 19 17:39:59 2017 us=7454   netbios_node_type = 0
Tue Dec 19 17:39:59 2017 us=7454   disable_nbt = DISABLED
Tue Dec 19 17:39:59 2017 us=7454 OpenVPN 2.4.3 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Jul 14 2017
Tue Dec 19 17:39:59 2017 us=7454 Windows version 6.2 (Windows 8 or greater) 64bit
Tue Dec 19 17:39:59 2017 us=7454 library versions: OpenSSL 1.0.2l  25 May 2017, LZO 2.10
Enter Management Password:
Tue Dec 19 17:39:59 2017 us=7454 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Tue Dec 19 17:39:59 2017 us=7454 Need hold release from management interface, waiting...
Tue Dec 19 17:39:59 2017 us=491978 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Tue Dec 19 17:39:59 2017 us=601356 MANAGEMENT: CMD 'state on'
Tue Dec 19 17:39:59 2017 us=601356 MANAGEMENT: CMD 'log all on'
Tue Dec 19 17:39:59 2017 us=757532 MANAGEMENT: CMD 'echo all on'
Tue Dec 19 17:39:59 2017 us=773158 MANAGEMENT: CMD 'hold off'
Tue Dec 19 17:39:59 2017 us=773158 MANAGEMENT: CMD 'hold release'
Tue Dec 19 17:40:07 2017 us=242814 MANAGEMENT: CMD 'username "Auth" "$userName"'
Tue Dec 19 17:40:07 2017 us=242814 MANAGEMENT: CMD 'password [...]'
Tue Dec 19 17:40:07 2017 us=336492 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Tue Dec 19 17:40:07 2017 us=336492 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Tue Dec 19 17:40:07 2017 us=336492 LZO compression initializing
Tue Dec 19 17:40:07 2017 us=336492 Control Channel MTU parms [ L:1622 D:1140 EF:110 EB:0 ET:0 EL:3 ]
Tue Dec 19 17:40:07 2017 us=336492 MANAGEMENT: >STATE:1513723207,RESOLVE,,,,,,
Tue Dec 19 17:40:07 2017 us=352087 Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
Tue Dec 19 17:40:07 2017 us=352087 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1602,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-client'
Tue Dec 19 17:40:07 2017 us=352087 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1602,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 0,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-server'
Tue Dec 19 17:40:07 2017 us=352087 TCP/UDP: Preserving recently used remote address: [AF_INET]$ipAddress:37
Tue Dec 19 17:40:07 2017 us=352087 Socket Buffers: R=[65536->65536] S=[65536->65536]
Tue Dec 19 17:40:07 2017 us=352087 UDP link local: (not bound)
Tue Dec 19 17:40:07 2017 us=352087 UDP link remote: [AF_INET]$ipAddress:37
Tue Dec 19 17:40:07 2017 us=352087 MANAGEMENT: >STATE:1513723207,WAIT,,,,,,
Tue Dec 19 17:40:07 2017 us=352087 UDP WRITE [86] to [AF_INET]$ipAddress:37: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 pid=[ #1 ] [ ] pid=0 DATA len=0
Tue Dec 19 17:40:07 2017 us=352087 UDP READ [0] from [AF_UNSPEC]: DATA UNDEF len=-1
Tue Dec 19 17:40:07 2017 us=352087 UDP READ [98] from [AF_INET]$ipAddress:37: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 pid=[ #1 ] [ 0 ] pid=0 DATA len=0
Tue Dec 19 17:40:07 2017 us=352087 MANAGEMENT: >STATE:1513723207,AUTH,,,,,,
Tue Dec 19 17:40:07 2017 us=352087 TLS: Initial packet from [AF_INET]$ipAddress:37, sid=f8eb983c 5970fb63
Tue Dec 19 17:40:07 2017 us=352087 UDP WRITE [94] to [AF_INET]$ipAddress:37: P_ACK_V1 kid=0 pid=[ #2 ] [ 0 ]
Tue Dec 19 17:40:07 2017 us=352087 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Tue Dec 19 17:40:07 2017 us=352087 UDP WRITE [259] to [AF_INET]$ipAddress:37: P_CONTROL_V1 kid=0 pid=[ #3 ] [ ] pid=1 DATA len=173
Tue Dec 19 17:40:07 2017 us=352087 UDP READ [1128] from [AF_INET]$ipAddress:37: P_CONTROL_V1 kid=0 pid=[ #2 ] [ 1 ] pid=1 DATA len=1030
Tue Dec 19 17:40:07 2017 us=352087 UDP WRITE [94] to [AF_INET]$ipAddress:37: P_ACK_V1 kid=0 pid=[ #4 ] [ 1 ]
Tue Dec 19 17:40:07 2017 us=352087 UDP READ [1116] from [AF_INET]$ipAddress:37: P_CONTROL_V1 kid=0 pid=[ #3 ] [ ] pid=2 DATA len=1030
Tue Dec 19 17:40:07 2017 us=352087 VERIFY OK: depth=1, CN=ChangeMe
Tue Dec 19 17:40:07 2017 us=367714 VERIFY KU OK
Tue Dec 19 17:40:07 2017 us=367714 Validating certificate extended key usage
Tue Dec 19 17:40:07 2017 us=367714 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Tue Dec 19 17:40:07 2017 us=367714 VERIFY EKU OK
Tue Dec 19 17:40:07 2017 us=367714 VERIFY OK: depth=0, CN=server
Tue Dec 19 17:40:07 2017 us=367714 UDP WRITE [94] to [AF_INET]$ipAddress:37: P_ACK_V1 kid=0 pid=[ #5 ] [ 2 ]
Tue Dec 19 17:40:07 2017 us=367714 UDP READ [197] from [AF_INET]$ipAddress:37: P_CONTROL_V1 kid=0 pid=[ #4 ] [ ] pid=3 DATA len=111
Tue Dec 19 17:40:07 2017 us=367714 UDP WRITE [1128] to [AF_INET]$ipAddress:37: P_CONTROL_V1 kid=0 pid=[ #6 ] [ 3 ] pid=2 DATA len=1030
Tue Dec 19 17:40:07 2017 us=367714 UDP WRITE [1116] to [AF_INET]$ipAddress:37: P_CONTROL_V1 kid=0 pid=[ #7 ] [ ] pid=3 DATA len=1030
Tue Dec 19 17:40:07 2017 us=367714 UDP WRITE [88] to [AF_INET]$ipAddress:37: P_CONTROL_V1 kid=0 pid=[ #8 ] [ ] pid=4 DATA len=2
Tue Dec 19 17:40:07 2017 us=367714 UDP READ [94] from [AF_INET]$ipAddress:37: P_ACK_V1 kid=0 pid=[ #5 ] [ 2 ]
Tue Dec 19 17:40:07 2017 us=367714 UDP READ [94] from [AF_INET]$ipAddress:37: P_ACK_V1 kid=0 pid=[ #6 ] [ 3 ]
Tue Dec 19 17:40:07 2017 us=367714 UDP READ [149] from [AF_INET]$ipAddress:37: P_CONTROL_V1 kid=0 pid=[ #7 ] [ 4 ] pid=4 DATA len=51
Tue Dec 19 17:40:07 2017 us=367714 UDP WRITE [560] to [AF_INET]$ipAddress:37: P_CONTROL_V1 kid=0 pid=[ #9 ] [ 4 ] pid=5 DATA len=462
Tue Dec 19 17:40:07 2017 us=383341 UDP READ [353] from [AF_INET]$ipAddress:37: P_CONTROL_V1 kid=0 pid=[ #8 ] [ 5 ] pid=5 DATA len=255
Tue Dec 19 17:40:07 2017 us=383341 UDP WRITE [94] to [AF_INET]$ipAddress:37: P_ACK_V1 kid=0 pid=[ #10 ] [ 5 ]
Tue Dec 19 17:40:07 2017 us=383341 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Tue Dec 19 17:40:07 2017 us=383341 [server] Peer Connection Initiated with [AF_INET]$ipAddress:37
Tue Dec 19 17:40:08 2017 us=508475 MANAGEMENT: >STATE:1513723208,GET_CONFIG,,,,,,
Tue Dec 19 17:40:08 2017 us=508475 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Tue Dec 19 17:40:08 2017 us=508475 UDP WRITE [128] to [AF_INET]$ipAddress:37: P_CONTROL_V1 kid=0 pid=[ #11 ] [ ] pid=6 DATA len=42
Tue Dec 19 17:40:08 2017 us=508475 UDP READ [94] from [AF_INET]$ipAddress:37: P_ACK_V1 kid=0 pid=[ #9 ] [ 6 ]
Tue Dec 19 17:40:08 2017 us=508475 UDP READ [127] from [AF_INET]$ipAddress:37: P_CONTROL_V1 kid=0 pid=[ #10 ] [ ] pid=6 DATA len=41
Tue Dec 19 17:40:08 2017 us=508475 AUTH: Received control message: AUTH_FAILED
Tue Dec 19 17:40:08 2017 us=508475 TCP/UDP: Closing socket
Tue Dec 19 17:40:08 2017 us=508475 SIGUSR1[soft,auth-failure] received, process restarting
Tue Dec 19 17:40:08 2017 us=508475 MANAGEMENT: >STATE:1513723208,RECONNECTING,auth-failure,,,,,
Tue Dec 19 17:40:08 2017 us=508475 Restart pause, 5 second(s)
Tue Dec 19 17:40:14 2017 us=512693 MANAGEMENT: Client disconnected
Tue Dec 19 17:40:14 2017 us=512693 ERROR: could not read Auth username/password/ok/string from management interface
Tue Dec 19 17:40:14 2017 us=512693 Exiting due to fatal error

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 4042
Joined: Fri Jun 03, 2016 1:17 pm

Re: Cert + Pam authentication trouble

Post by TinCanTech » Wed Dec 20, 2017 12:47 pm


mariern
OpenVpn Newbie
Posts: 2
Joined: Tue Dec 19, 2017 10:11 pm

Re: Cert + Pam authentication trouble

Post by mariern » Mon Dec 25, 2017 7:22 pm

That was actually the first thing I did, although it did not work either.
I could set it back to what the howto says and post my logs once again if that helps!

Post Reply