Need help with configuration

mbierman · Post by **mbierman** » Thu Oct 11, 2018 6:28 pm

I reported a url where I have been unable to make a connection. Since this same configuration used to work for me, I assumed it was a client bug. But in the comments the suggestion was made to see if this could be a configuration issue

If it helps, I'm using a Synology NAS to run my OpenVPN server. settings image below.
I have checked that port 1194 is open on my firewall.
I'm usually connecting via iOS clients.
The connection is completed--I just can't download anything through the VPN connection.

Here's my config file.

Code: Select all

dev tun
tls-client
remote thebiermansv4.ddns.net 1194
remote thebiermans.ddns.net 1194
# remote thebiermans.dynamic-ddns.net 1194

# The "float" tells OpenVPN to accept authenticated packets from any address,
# not only the address which was specified in the --remote option.
# This is useful when you are connecting to a peer which holds a dynamic address
# such as a dial-in user or DHCP client.
# (Please refer to the manual of OpenVPN for more information.)
float

# If redirect-gateway is enabled, the client will redirect it's
# default network gateway through the VPN.
# It means the VPN connection will firstly connect to the VPN Server
# and then to the internet.
# (Please refer to the manual of OpenVPN for more information.)
redirect-gateway def1

# dhcp-option DNS: To set primary domain name server address.
# Repeat this option to set secondary DNS server addresses.
dhcp-option DNS 1.1.1.1
dhcp-option DNS 1.0.0.1

topology subnet
pull

# If you want to connect by Server's IPv6 address, you should use
# "proto udp6" in UDP mode or "proto tcp6-client" in TCP mode
proto udp
# remove tun-ipv6
# remove ifconfig-ipv6
# remove route-ipv6
# mute-replay-warnings

# keepalive 15 60

# Try to preserve some state across restarts.
# persist-key
# persist-tun


script-security 2

comp-lzo

reneg-sec 0

cipher BF-CBC

auth SHA1

auth-user-pass
<ca>
<ca>
-----BEGIN CERTIFICATE-----
REMOVED
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
REMOVED
-----END CERTIFICATE-----
</ca>

Server settings:

TinCanTech · Post by **TinCanTech** » Thu Oct 11, 2018 6:51 pm

mbierman wrote: ↑
Thu Oct 11, 2018 6:28 pm
I reported a url where I have been unable to make a connection

Your report clearly states that you can make a connection but you cannot access the internet once connected:

mbierman on trac wrote:2. Start a connection via OpenVPN. Note the log shows connection is successful

Your report also clearly states that this works when you connect to a correctly configured server:

novaflash on trac wrote:I have had contact with smelendro about this issue, and in his case, connecting to one of our test servers, worked perfectly fine

If you really want help please see:
viewtopic.php?f=30&t=22603

If you want to verify your server is correctly configured please see:
https://openvpn.net/index.php/open-sour ... l#redirect

mbierman · Post by **mbierman** » Thu Oct 11, 2018 7:40 pm

First, things have changed. There have been multiple iOS releases since this ticket was originally opened. I can now make a connection but can't download anything once the connection is made.

"If you really want help..." Wow. No, I love chasing this thing around for almost 6 months without getting anywhere. I have looked through a lot of sources before asking and spent many hours trying different things. The problem is they talk about a lot of platforms and possible situations. What I was looking for is something like, "oh, you have the wrong encryption! Try this."

TinCanTech · Post by **TinCanTech** » Thu Oct 11, 2018 8:54 pm

mbierman wrote: ↑
Thu Oct 11, 2018 7:40 pm
Wow. No, I love chasing this thing around for almost 6 months without getting anywhere

For almost 6 months ..

mbierman wrote: ↑
Thu Oct 11, 2018 7:40 pm
What I was looking for is something like, "oh, you have the wrong encryption! Try this."

Your firewall is not working .. check that IP-Forwarding and NAT are enabled.

TinCanTech wrote: ↑
Thu Oct 11, 2018 6:51 pm
If you really want help please see:
viewtopic.php?f=30&t=22603

Your logs, as described, will really help us understand.

Post by **Pippin** » Thu Oct 11, 2018 8:56 pm

Rustig maar Meneer Bierman

TinCanTech biedt de juiste hulp.

mbierman wrote: ↑
Thu Oct 11, 2018 7:40 pm
What I was looking for is something like, "oh, you have the wrong encryption! Try this."

Actually you do have the wrong encryption.

Code: Select all

reneg-sec 0
cipher BF-CBC
auth SHA1

Please change Encryption to AES-128-CBC or higher
and Authentication to SHA256 or higher.
See here why:
https://community.openvpn.net/openvpn/wiki/SWEET32
The way I experience Synology w.r.t. OpenVPN (but not only) is they are so lame... if lame is the correct word...

Now, how about your DS Firewall, did you allow the VPN traffic?
And what about other clients like Windows, Linux, ... ? Do they work?

Groet Pippin

TinCanTech · Post by **TinCanTech** » Thu Oct 11, 2018 9:24 pm

Pippin wrote: ↑
Thu Oct 11, 2018 8:56 pm
Rustig maar Meneer Bierman TinCanTech biedt de juiste hulp.
mbierman wrote: ↑
Thu Oct 11, 2018 7:40 pm
What I was looking for is something like, "oh, you have the wrong encryption! Try this."
Actually you do have the wrong encryption.
Code: Select all
reneg-sec 0
cipher BF-CBC
auth SHA1

@Pippin .. nice catch

That is not just wrong that is very bad indeed

I would advise Meneer Bierman that it is good that you cannot use this VPN for Six Months, otherwise all your "privacy" is gone .. because those settings are broken.

Pippin wrote: ↑
Thu Oct 11, 2018 8:56 pm
Please change Encryption to AES-128-CBC or higher
and Authentication to SHA256 or higher.

In fact, --auth SHA1 is the OpenVPN default because it is sufficient in this usage.

Pippin wrote: ↑
Thu Oct 11, 2018 8:56 pm
See here why:
https://community.openvpn.net/openvpn/wiki/SWEET32
The way I experience Synology w.r.t. OpenVPN (but not only) is they are so lame... if lame is the correct word...

Now, how about your DS Firewall, did you allow the VPN traffic?
And what about other clients like Windows, Linux, ... ? Do they work?

Groet Pippin

Considering how simple setting openvpn up is for Hardware Retailers ..
I would say "Lame" is an understatement of the truth.

Fuel for the fire

mbierman · Post by **mbierman** » Mon Oct 15, 2018 6:51 pm

Thanks.

Ports are forwarded in my firewall. The fact that the VPN server and client say that there is a connection seems to confirm that the ports aren't the issue. Unless I'm missing something?

Here's a log from my iOS device:

Code: Select all

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2841 4]: 0110:  [DELETED]

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2841 4]: 0120:  [DELETED]

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2841 4]: 0130: [DELETED]

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2841 4]: 0140:   [DELETED]

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2841 4]: 0150:   [DELETED]

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2841 4]: 0160:   [DELETED]

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2841 4]: 0170:   [DELETED]

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2841 4]: 0180:  7d 95 84 17 4c d1 c7 e9 e1 5e 3b                 }...L....^;

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2416 2]: => flush output

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2435 2]: message length: 395, out_left: 395

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2441 2]: ssl->f_send() returned 395 (-0xfffffe75)

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2460 2]: <= flush output

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2850 2]: <= write record

2018-10-15 11:44:29 mbed TLS[ssl_cli.c:3051 2]: <= write client key exchange

2018-10-15 11:44:29 mbed TLS[ssl_cli.c:3363 2]: client state: 9

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2416 2]: => flush output

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2428 2]: <= flush output

2018-10-15 11:44:29 mbed TLS[ssl_cli.c:3102 2]: => write certificate verify

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:501 2]: => derive keys

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:579 3]: dumping 'premaster secret' (384 bytes)

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:579 3]: 0000:  d2 61 6c 58 f5 d1 1e 17 db 23 49 32 37 5d ef d5  .alX.....#I27]..

 [DELETED]
 
 018-10-15 11:44:29 mbed TLS[ssl_tls.c:667 3]: ciphersuite = TLS-DHE-RSA-WITH-AES-256-GCM-SHA384

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:668 3]: dumping 'master secret' (48 bytes)

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:668 3]: 0000:  58 e5 42 0a 70 07 96 e4 ea 8a 22 45 8e 0a fc 2e  X.B.p....."E....

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:668 3]: 0010:  45 14 88 07 a0 48 44 8e be fe 44 39 62 01 25 db  E....HD...D9b.%.

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:668 3]: 0020:  00 a4 48 b9 e3 e1 d2 d0 be a9 c3 34 18 6c 88 03  ..H........4.l..

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:669 4]: dumping 'random bytes' (64 bytes)

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:669 4]: 0000:  1d a5 2c 7b 3b 38 21 d8 11 4d f9 ec a5 88 35 51  ..,{;8!..M....5Q

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:669 4]: 0010:  86 ba bf 95 60 e6 73 fa 81 7c e4 29 75 7c 52 5c  ....`.s..|.)u|R\

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:669 4]: 0020:  5b c4 e0 0c 97 bc 86 c2 b8 cd 42 49 79 56 c4 f0  [.........BIyV..

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:669 4]: 0030:  a5 e8 55 d3 5e 9c cf 93 6e 3a 81 07 72 67 63 9c  ..U.^...n:..rgc.

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:670 4]: dumping 'key block' (256 bytes)

 [DELETED]
 
2018-10-15 11:44:29 mbed TLS[ssl_tls.c:767 3]: keylen: 32, minlen: 24, ivlen: 12, maclen: 0

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:957 2]: <= derive keys

2018-10-15 11:44:29 mbed TLS[ssl_cli.c:3123 2]: <= skip write certificate verify

2018-10-15 11:44:29 mbed TLS[ssl_cli.c:3363 2]: client state: 10

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2416 2]: => flush output

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2428 2]: <= flush output

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:4700 2]: => write change cipher spec

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2701 2]: => write record

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2838 3]: output record: msgtype = 20, version = [3:3], msglen = 1

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2841 4]: dumping 'output record sent to network' (6 bytes)

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2841 4]: 0000:  14 03 03 00 01 01                                ......

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2416 2]: => flush output

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2435 2]: message length: 6, out_left: 6

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2441 2]: ssl->f_send() returned 6 (-0xfffffffa)

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2460 2]: <= flush output

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2850 2]: <= write record

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:4714 2]: <= write change cipher spec

2018-10-15 11:44:29 mbed TLS[ssl_cli.c:3363 2]: client state: 11

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2416 2]: => flush output

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2428 2]: <= flush output

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:5233 2]: => write finished

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:5107 2]: => calc  finished tls sha384

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:5119 4]: dumping 'finished sha512 state' (64 bytes)

[DELETED]
 
2018-10-15 11:44:29 mbed TLS[ssl_tls.c:5131 3]: dumping 'calc finished result' (12 bytes)

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:5131 3]: 0000:  d3 38 ea 27 18 58 db f1 4f 53 d7 e7              .8.'.X..OS..

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:5137 2]: <= calc  finished

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:5287 3]: switching to new transform spec for outbound data

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2701 2]: => write record

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1258 2]: => encrypt buf

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1269 4]: dumping 'before encrypt: output payload' (16 bytes)

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1269 4]: 0000:  14 00 00 0c d3 38 ea 27 18 58 db f1 4f 53 d7 e7  .....8.'.X..OS..

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1371 4]: dumping 'additional data used for AEAD' (13 bytes)

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1371 4]: 0000:  00 00 00 00 00 00 00 00 16 03 03 00 10           .............

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1388 4]: dumping 'IV used' (8 bytes)

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1388 4]: 0000:  00 00 00 00 00 00 00 00                          ........

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1400 3]: before encrypt: msglen = 24, including 0 bytes of padding

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1426 4]: dumping 'after encrypt: tag' (16 bytes)

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1426 4]: 0000:  65 66 7a d4 62 3b 82 4a 95 07 81 61 a7 c1 c4 3d  efz.b;.J...a...=

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1560 2]: <= encrypt buf

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2838 3]: output record: msgtype = 22, version = [3:3], msglen = 40

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2841 4]: dumping 'output record sent to network' (45 bytes)

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2841 4]: 0000:  16 03 03 00 28 00 00 00 00 00 00 00 00 29 aa 7c  ....(........).|

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2841 4]: 0010:  80 71 5b 59 f6 47 83 d1 18 ab 80 dc 05 65 66 7a  .q[Y.G.......efz

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2841 4]: 0020:  d4 62 3b 82 4a 95 07 81 61 a7 c1 c4 3d           .b;.J...a...=

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2416 2]: => flush output

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2435 2]: message length: 45, out_left: 45

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2441 2]: ssl->f_send() returned 45 (-0xffffffd3)

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2460 2]: <= flush output

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2850 2]: <= write record

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:5342 2]: <= write finished

2018-10-15 11:44:29 mbed TLS[ssl_cli.c:3363 2]: client state: 12

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2416 2]: => flush output

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2428 2]: <= flush output

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:4723 2]: => parse change cipher spec

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:3721 2]: => read record

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2208 2]: => fetch input

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2366 2]: in_left: 0, nb_want: 5

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2390 2]: in_left: 0, nb_want: 5

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2391 2]: ssl->f_recv(_timeout)() returned -32768 (-0x8000)

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:3875 1]: mbedtls_ssl_fetch_input() returned -32768 (-0x8000)

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:3729 1]: mbedtls_ssl_read_record_layer() returned -32768 (-0x8000)

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:4727 1]: mbedtls_ssl_read_record() returned -32768 (-0x8000)

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:6567 2]: <= handshake

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:6788 1]: mbedtls_ssl_handshake() returned -32768 (-0x8000)

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:7143 2]: => write

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:6557 2]: => handshake

2018-10-15 11:44:29 mbed TLS[ssl_cli.c:3363 2]: client state: 12

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2416 2]: => flush output

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2428 2]: <= flush output

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:4723 2]: => parse change cipher spec

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:3721 2]: => read record

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2208 2]: => fetch input

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2366 2]: in_left: 0, nb_want: 5

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2390 2]: in_left: 0, nb_want: 5

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2391 2]: ssl->f_recv(_timeout)() returned -32768 (-0x8000)

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:3875 1]: mbedtls_ssl_fetch_input() returned -32768 (-0x8000)

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:3729 1]: mbedtls_ssl_read_record_layer() returned -32768 (-0x8000)

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:4727 1]: mbedtls_ssl_read_record() returned -32768 (-0x8000)

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:6567 2]: <= handshake

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:7160 1]: mbedtls_ssl_handshake() returned -32768 (-0x8000)

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:6743 2]: => read

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:6557 2]: => handshake

2018-10-15 11:44:29 mbed TLS[ssl_cli.c:3363 2]: client state: 12

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2416 2]: => flush output

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2428 2]: <= flush output

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:4723 2]: => parse change cipher spec

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:3721 2]: => read record

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2208 2]: => fetch input

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2366 2]: in_left: 0, nb_want: 5

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2390 2]: in_left: 0, nb_want: 5

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2391 2]: ssl->f_recv(_timeout)() returned 5 (-0xfffffffb)

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2403 2]: <= fetch input

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:3478 4]: dumping 'input record header' (5 bytes)

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:3478 4]: 0000:  14 03 03 00 01                                   .....

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:3487 3]: input record: msgtype = 20, version = [3:3], msglen = 1

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2208 2]: => fetch input

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2366 2]: in_left: 5, nb_want: 6

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2390 2]: in_left: 5, nb_want: 6

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2391 2]: ssl->f_recv(_timeout)() returned 1 (-0xffffffff)

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2403 2]: <= fetch input

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:3650 4]: dumping 'input record from network' (6 bytes)

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:3650 4]: 0000:  14 03 03 00 01 01                                ......

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:3754 2]: <= read record

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:4751 3]: switching to new transform spec for inbound data

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:4801 2]: <= parse change cipher spec

2018-10-15 11:44:29 mbed TLS[ssl_cli.c:3363 2]: client state: 13

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2416 2]: => flush output

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2428 2]: <= flush output

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:5359 2]: => parse finished

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:5107 2]: => calc  finished tls sha384

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:5119 4]: dumping 'finished sha512 state' (64 bytes)

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:5119 4]: 0000:  32 8b 7d 14 d7 5f d0 e1 06 9f 3c c6 3d 83 9d 01  2.}.._....<.=...

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:5119 4]: 0010:  9e 7e ef 43 9f fd ac c0 ec 7e cf a2 9a f7 76 da  .~.C.....~....v.

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:5119 4]: 0020:  d6 5e 2c 81 96 c9 50 ec 09 ef 60 83 94 d6 4b ae  .^,...P...`...K.

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:5119 4]: 0030:  a6 1a 38 cb f6 16 66 e9 a3 9c 4d a0 cb 10 d8 09  ..8...f...M.....

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:5131 3]: dumping 'calc finished result' (12 bytes)

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:5131 3]: 0000:  11 a2 f3 30 3f 56 87 e2 a9 5d 57 49              ...0?V...]WI

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:5137 2]: <= calc  finished

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:3721 2]: => read record

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2208 2]: => fetch input

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2366 2]: in_left: 0, nb_want: 5

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2390 2]: in_left: 0, nb_want: 5

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2391 2]: ssl->f_recv(_timeout)() returned 5 (-0xfffffffb)

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2403 2]: <= fetch input

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:3478 4]: dumping 'input record header' (5 bytes)

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:3478 4]: 0000:  16 03 03 00 28                                   ....(

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:3487 3]: input record: msgtype = 22, version = [3:3], msglen = 40

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2208 2]: => fetch input

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2366 2]: in_left: 5, nb_want: 45

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2390 2]: in_left: 5, nb_want: 45

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2391 2]: ssl->f_recv(_timeout)() returned 40 (-0xffffffd8)

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2403 2]: <= fetch input

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:3650 4]: dumping 'input record from network' (45 bytes)

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:3650 4]: 0000:  16 03 03 00 28 38 ca e0 13 fd f8 56 10 43 bd f4  ....(8.....V.C..

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:3650 4]: 0010:  68 b1 09 81 ef 28 41 42 4d 50 29 34 af d7 5b e3  h....(ABMP)4..[.

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:3650 4]: 0020:  54 11 f8 3e 21 45 d3 b4 3c e1 f7 49 76           T..>!E..<..Iv

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1576 2]: => decrypt buf

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1654 4]: dumping 'additional data used for AEAD' (13 bytes)

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1654 4]: 0000:  00 00 00 00 00 00 00 00 16 03 03 00 10           .............

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1661 4]: dumping 'IV used' (12 bytes)

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1661 4]: 0000:  28 85 9d 34 38 ca e0 13 fd f8 56 10              (..48.....V.

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1662 4]: dumping 'TAG used' (16 bytes)

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1662 4]: 0000:  d7 5b e3 54 11 f8 3e 21 45 d3 b4 3c e1 f7 49 76  .[.T..>!E..<..Iv

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1912 4]: dumping 'raw buffer after decryption' (16 bytes)

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1912 4]: 0000:  14 00 00 0c 11 a2 f3 30 3f 56 87 e2 a9 5d 57 49  .......0?V...]WI

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2051 2]: <= decrypt buf

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:3677 4]: dumping 'input payload after decrypt' (16 bytes)

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:3677 4]: 0000:  14 00 00 0c 11 a2 f3 30 3f 56 87 e2 a9 5d 57 49  .......0?V...]WI

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:3089 3]: handshake message: msglen = 16, type = 20, hslen = 16

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:3754 2]: <= read record

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:5427 2]: <= parse finished

2018-10-15 11:44:29 mbed TLS[ssl_cli.c:3363 2]: client state: 14

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2416 2]: => flush output

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2428 2]: <= flush output

2018-10-15 11:44:29 mbed TLS[ssl_cli.c:3474 2]: handshake: done

2018-10-15 11:44:29 mbed TLS[ssl_cli.c:3363 2]: client state: 15

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2416 2]: => flush output

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2428 2]: <= flush output

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:5171 3]: => handshake wrapup

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:5144 3]: => handshake wrapup: final free

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:5164 3]: <= handshake wrapup: final free

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:5226 3]: <= handshake wrapup

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:6567 2]: <= handshake

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:3721 2]: => read record

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2208 2]: => fetch input

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2366 2]: in_left: 0, nb_want: 5

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2390 2]: in_left: 0, nb_want: 5

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2391 2]: ssl->f_recv(_timeout)() returned -32768 (-0x8000)

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:3875 1]: mbedtls_ssl_fetch_input() returned -32768 (-0x8000)

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:3729 1]: mbedtls_ssl_read_record_layer() returned -32768 (-0x8000)

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:6842 1]: mbedtls_ssl_read_record() returned -32768 (-0x8000)

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:7143 2]: => write

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2701 2]: => write record

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1258 2]: => encrypt buf

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1269 4]: dumping 'before encrypt: output payload' (449 bytes)

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1269 4]: 0000:  00 00 00 00 02 05 d2 fc ed 2d 32 57 4f 96 6f 98  .........-2WO.o.

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1269 4]: 0010:  18 20 01 aa 60 b3 5e ae a4 d3 c0 44 19 df 01 4d  . ..`.^....D...M

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1269 4]: 0020:  a4 33 bb 75 80 03 29 04 83 8d ad c1 a5 01 fa 2e  .3.u..).........

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1269 4]: 0030:  bb a9 88 4f 9b 18 7c 72 80 ea b4 bd 72 86 47 03  ...O..|r....r.G.

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1269 4]: 0040:  36 a1 34 38 67 12 54 39 8c 13 2a 29 54 35 52 2e  6.48g.T9..*)T5R.

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1269 4]: 0050:  80 1e 9a a3 ad e6 fd 82 2b 69 b1 b1 3e 1a 23 bb  ........+i..>.#.

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1269 4]: 0060:  0a 55 8d 06 4e 39 a3 a6 08 6a cd eb fc 3a 0a 4c  .U..N9...j...:.L

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1269 4]: 0070:  e4 7e 89 74 3b 00 81 56 34 2c 64 65 76 2d 74 79  .~.t;..V4,dev-ty

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1269 4]: 0080:  70 65 20 74 75 6e 2c 6c 69 6e 6b 2d 6d 74 75 20  pe tun,link-mtu 

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1269 4]: 0090:  31 35 35 38 2c 74 75 6e 2d 6d 74 75 20 31 35 30  1558,tun-mtu 150

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1269 4]: 00a0:  30 2c 70 72 6f 74 6f 20 55 44 50 76 34 2c 63 6f  0,proto UDPv4,co

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1269 4]: 00b0:  6d 70 2d 6c 7a 6f 2c 63 69 70 68 65 72 20 41 45  mp-lzo,cipher AE

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1269 4]: 00c0:  53 2d 31 39 32 2d 43 42 43 2c 61 75 74 68 20 53  S-192-CBC,auth S

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1269 4]: 00d0:  48 41 31 2c 6b 65 79 73 69 7a 65 20 31 39 32 2c  HA1,keysize 192,

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1269 4]: 00e0:  6b 65 79 2d 6d 65 74 68 6f 64 20 32 2c 74 6c 73  key-method 2,tls

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1269 4]: 00f0:  2d 63 6c 69 65 6e 74 00 00 08 6d 69 63 68 61 65  -client...michae

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1269 4]: 0100:  6c 00 00 1f 52 69 48 6b 4e 62 41 4b 5a 66 6a 6e  l...RiHkNbAKZfjn

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1269 4]: 0110:  59 72 4b 6f 59 7a 37 65 33 5d 46 41 6a 4e 7d 6d  YrKoYz7e3]FAjN}m

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1269 4]: 0120:  5a 65 00 00 9c 49 56 5f 47 55 49 5f 56 45 52 3d  Ze...IV_GUI_VER=

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1269 4]: 0130:  6e 65 74 2e 6f 70 65 6e 76 70 6e 2e 63 6f 6e 6e  net.openvpn.conn

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1269 4]: 0140:  65 63 74 2e 69 6f 73 20 33 2e 30 2e 32 2d 38 39  ect.ios 3.0.2-89

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1269 4]: 0150:  34 0a 49 56 5f 56 45 52 3d 33 2e 32 0a 49 56 5f  4.IV_VER=3.2.IV_

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1269 4]: 0160:  50 4c 41 54 3d 69 6f 73 0a 49 56 5f 4e 43 50 3d  PLAT=ios.IV_NCP=

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1269 4]: 0170:  32 0a 49 56 5f 54 43 50 4e 4c 3d 31 0a 49 56 5f  2.IV_TCPNL=1.IV_

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1269 4]: 0180:  50 52 4f 54 4f 3d 32 0a 49 56 5f 4c 5a 4f 5f 53  PROTO=2.IV_LZO_S

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1269 4]: 0190:  54 55 42 3d 31 0a 49 56 5f 43 4f 4d 50 5f 53 54  TUB=1.IV_COMP_ST

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1269 4]: 01a0:  55 42 3d 31 0a 49 56 5f 43 4f 4d 50 5f 53 54 55  UB=1.IV_COMP_STU

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1269 4]: 01b0:  42 76 32 3d 31 0a 49 56 5f 49 50 76 36 3d 30 0a  Bv2=1.IV_IPv6=0.

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1269 4]: 01c0:  00                                               .

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1371 4]: dumping 'additional data used for AEAD' (13 bytes)

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1371 4]: 0000:  00 00 00 00 00 00 00 01 17 03 03 01 c1           .............

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1388 4]: dumping 'IV used' (8 bytes)

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1388 4]: 0000:  00 00 00 00 00 00 00 01                          ........

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1400 3]: before encrypt: msglen = 457, including 0 bytes of padding

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1426 4]: dumping 'after encrypt: tag' (16 bytes)

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1426 4]: 0000:  ff 25 46 54 74 a9 96 02 14 e9 50 55 8c b6 3c fb  .%FTt.....PU..<.

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:1560 2]: <= encrypt buf

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2838 3]: output record: msgtype = 23, version = [3:3], msglen = 473

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2841 4]: dumping 'output record sent to network' (478 bytes)

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2841 4]: 0000:  17 03 03 01 d9 00 00 00 00 00 00 00 01 94 ce 59  ...............Y

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2841 4]: 0010:  fa c8 27 78 60 0e 3d bf 9d 27 7b f0 ad 62 d2 a6  ..'x`.=..'{..b..

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2841 4]: 0020:  e7 3f 9e 95 6b 0f a4 76 24 05 98 0b 84 1a 28 60  .?..k..v$.....(`

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2841 4]: 0030:  eb a1 24 e7 62 d2 83 93 32 9d e0 3d 00 df 94 b3  ..$.b...2..=....

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2841 4]: 0040:  3f b7 d4 55 7c 55 ec 3c b6 24 a5 e9 c2 1d 3f 38  ?..U|U.<.$....?8

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2841 4]: 0050:  3a f3 4d fb c7 58 20 0d f9 1f 11 cb 07 08 79 e3  :.M..X .......y.

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2841 4]: 0060:  1c 4b 96 10 73 19 50 34 94 5d f5 d9 99 f5 d0 8c  .K..s.P4.]......

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2841 4]: 0070:  44 a9 c9 4b e4 00 81 b6 22 54 43 ef 81 4e da 50  D..K...."TC..N.P

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2841 4]: 0080:  4a 06 e1 6f 3d be 87 3c c2 df bb c6 cf 93 da ad  J..o=..<........

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2841 4]: 0090:  b3 fa da 82 ad 99 9e b2 76 a1 0e 31 d0 ae 80 b1  ........v..1....

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2841 4]: 00a0:  64 7e ff 57 0c 5e ac a3 67 31 11 2c 12 79 fb ba  d~.W.^..g1.,.y..

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2841 4]: 00b0:  03 ac ea 87 83 ef b7 b8 04 55 8f 41 7e 9c 60 e0  .........U.A~.`.

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2841 4]: 00c0:  ae 6d b7 1e 68 62 5d 1f 87 cf 60 f5 44 8c 3c c5  .m..hb]...`.D.<.

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2841 4]: 00d0:  32 4a 99 3f c7 6a c4 20 ae c5 3a 0e 4a 10 43 8c  2J.?.j. ..:.J.C.

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2841 4]: 00e0:  7f 5d c5 1a ca 51 df a7 8b 48 2b 6f 65 1c 11 1b  .]...Q...H+oe...

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2841 4]: 00f0:  8e 31 42 68 fa cd b5 87 77 32 6d 30 55 a5 7f 99  .1Bh....w2m0U...

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2841 4]: 0100:  06 1a 7a 22 0f 6f 66 c5 6e 53 dc 0c 8f e1 26 9e  ..z".of.nS....&.

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2841 4]: 0110:  02 49 d3 1b e6 20 d9 24 17 55 08 2b 81 33 b2 89  .I... .$.U.+.3..

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2841 4]: 0120:  cf 98 c5 71 c4 3b 1e 07 c1 0e f7 a7 8a 8b 8e d1  ...q.;..........

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2841 4]: 0130:  5a 28 ec 88 64 8d e8 a5 15 5c 2e a8 5d 08 b7 a1  Z(..d....\..]...

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2841 4]: 0140:  73 1e f2 a7 9e d7 43 23 4f a8 05 d2 51 3a 0d c3  s.....C#O...Q:..

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2841 4]: 0150:  79 e9 b4 f9 78 d1 bf eb e6 4e eb 8e 8d 4e 67 fd  y...x....N...Ng.

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2841 4]: 0160:  34 96 37 e8 e0 b2 01 af ac 66 3f 30 54 d8 e6 d3  4.7......f?0T...

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2841 4]: 0170:  4d c1 ba 44 15 35 2a 4c 4d 1c 4d ab 1d 4e da ea  M..D.5*LM.M..N..

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2841 4]: 0180:  96 b2 2f 44 5c 44 74 f1 35 64 0b fd 5b 92 e9 36  ../D\Dt.5d..[..6

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2841 4]: 0190:  0f 91 0a cc ea 8d b0 08 5d 30 ed 88 44 36 fc 87  ........]0..D6..

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2841 4]: 01a0:  09 ec 07 ab 8d 7c 8c 6e 90 5c 04 dd a4 10 8a 0b  .....|.n.\......

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2841 4]: 01b0:  6c d6 13 81 0f 40 0c 96 8b ed ed c5 cf 49 c8 d5  l....@.......I..

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2841 4]: 01c0:  6a 61 56 6c ef 7b 84 1f d4 7b d8 cf a0 29 ff 25  jaVl.{...{...).%

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2841 4]: 01d0:  46 54 74 a9 96 02 14 e9 50 55 8c b6 3c fb        FTt.....PU..<.

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2416 2]: => flush output

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2435 2]: message length: 478, out_left: 478

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2441 2]: ssl->f_send() returned 478 (-0xfffffe22)

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2460 2]: <= flush output

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:2850 2]: <= write record

2018-10-15 11:44:29 mbed TLS[ssl_tls.c:7171 2]: <= write

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:6743 2]: => read

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3721 2]: => read record

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:2208 2]: => fetch input

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:2366 2]: in_left: 0, nb_want: 5

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:2390 2]: in_left: 0, nb_want: 5

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:2391 2]: ssl->f_recv(_timeout)() returned 5 (-0xfffffffb)

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:2403 2]: <= fetch input

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3478 4]: dumping 'input record header' (5 bytes)

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3478 4]: 0000:  17 03 03 00 dd                                   .....

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3487 3]: input record: msgtype = 23, version = [3:3], msglen = 221

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:2208 2]: => fetch input

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:2366 2]: in_left: 5, nb_want: 226

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:2390 2]: in_left: 5, nb_want: 226

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:2391 2]: ssl->f_recv(_timeout)() returned 221 (-0xffffff23)

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:2403 2]: <= fetch input

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3650 4]: dumping 'input record from network' (226 bytes)

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3650 4]: 0000:  17 03 03 00 dd 38 ca e0 13 fd f8 56 11 e4 1c 45  .....8.....V...E

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3650 4]: 0010:  1e 5f be dd 82 a0 47 f3 30 6c 6c 0f d1 96 23 a3  ._....G.0ll...#.

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3650 4]: 0020:  d0 67 13 e5 09 c7 4c ac 32 74 04 cb 2e 3b e1 08  .g....L.2t...;..

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3650 4]: 0030:  e1 c7 5f 72 9b c7 64 ff ec 41 cf 7a 27 fb 6a 1e  .._r..d..A.z'.j.

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3650 4]: 0040:  2d 80 b4 42 d2 30 56 51 e5 e5 1d fa 53 cb 29 86  -..B.0VQ....S.).

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3650 4]: 0050:  88 d1 f4 16 0b 9e 12 46 0c 2b c4 27 cb 1e 9e 63  .......F.+.'...c

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3650 4]: 0060:  ef 13 cf c0 ec 2d 79 5e bd 9e 38 ad ac 19 67 04  .....-y^..8...g.

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3650 4]: 0070:  57 a1 da 9d 85 74 6c 07 c2 b2 2f 06 89 75 9b 23  W....tl.../..u.#

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3650 4]: 0080:  2e 05 76 b4 8a c8 d8 12 be e0 a0 a9 ef 3c a8 21  ..v..........<.!

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3650 4]: 0090:  e6 71 87 03 0b 04 85 58 a6 85 a8 7d 8b 6e 16 8c  .q.....X...}.n..

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3650 4]: 00a0:  45 0f 18 7b 3e 10 f1 c9 78 9d 46 0e b1 3b 9f 06  E..{>...x.F..;..

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3650 4]: 00b0:  93 f8 f3 0e 3e 05 5d cd af fb 72 fe 7b a2 a1 69  ....>.]...r.{..i

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3650 4]: 00c0:  44 b3 fe 07 6b 38 3e 32 df 42 3c 35 35 d0 cf 75  D...k8>2.B<55..u

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3650 4]: 00d0:  73 3f dc fe 8e 45 1d 1f 02 f3 d8 ef 10 55 a2 c6  s?...E.......U..

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3650 4]: 00e0:  c7 c3                                            ..

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:1576 2]: => decrypt buf

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:1654 4]: dumping 'additional data used for AEAD' (13 bytes)

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:1654 4]: 0000:  00 00 00 00 00 00 00 01 17 03 03 00 c5           .............

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:1661 4]: dumping 'IV used' (12 bytes)

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:1661 4]: 0000:  28 85 9d 34 38 ca e0 13 fd f8 56 11              (..48.....V.

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:1662 4]: dumping 'TAG used' (16 bytes)

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:1662 4]: 0000:  dc fe 8e 45 1d 1f 02 f3 d8 ef 10 55 a2 c6 c7 c3  ...E.......U....

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:1912 4]: dumping 'raw buffer after decryption' (197 bytes)

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:1912 4]: 0000:  00 00 00 00 02 b3 d6 12 40 13 6a 6f 42 c2 ba 12  ........@.joB...

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:1912 4]: 0010:  fa 7d e3 10 67 a1 74 96 4b 88 d3 b3 ad 83 61 cf  .}..g.t.K.....a.

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:1912 4]: 0020:  3a 0d 89 86 71 fa eb ba 32 ad 2f a8 bf 3c 13 0d  :...q...2./..<..

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:1912 4]: 0030:  4e a4 0d 6d c0 67 aa e3 61 c4 42 6a 3f 56 59 d7  N..m.g..a.Bj?VY.

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:1912 4]: 0040:  43 6b 24 b4 93 00 78 56 34 2c 64 65 76 2d 74 79  Ck$...xV4,dev-ty

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:1912 4]: 0050:  70 65 20 74 75 6e 2c 6c 69 6e 6b 2d 6d 74 75 20  pe tun,link-mtu 

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:1912 4]: 0060:  31 35 35 37 2c 74 75 6e 2d 6d 74 75 20 31 35 30  1557,tun-mtu 150

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:1912 4]: 0070:  30 2c 70 72 6f 74 6f 20 55 44 50 76 34 2c 63 69  0,proto UDPv4,ci

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:1912 4]: 0080:  70 68 65 72 20 41 45 53 2d 32 35 36 2d 43 42 43  pher AES-256-CBC

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:1912 4]: 0090:  2c 61 75 74 68 20 53 48 41 31 2c 6b 65 79 73 69  ,auth SHA1,keysi

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:1912 4]: 00a0:  7a 65 20 32 35 36 2c 6b 65 79 2d 6d 65 74 68 6f  ze 256,key-metho

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:1912 4]: 00b0:  64 20 32 2c 74 6c 73 2d 73 65 72 76 65 72 00 00  d 2,tls-server..

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:1912 4]: 00c0:  00 00 00 00 00                                   .....

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:2051 2]: <= decrypt buf

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3677 4]: dumping 'input payload after decrypt' (197 bytes)

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3677 4]: 0000:  00 00 00 00 02 b3 d6 12 40 13 6a 6f 42 c2 ba 12  ........@.joB...

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3677 4]: 0010:  fa 7d e3 10 67 a1 74 96 4b 88 d3 b3 ad 83 61 cf  .}..g.t.K.....a.

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3677 4]: 0020:  3a 0d 89 86 71 fa eb ba 32 ad 2f a8 bf 3c 13 0d  :...q...2./..<..

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3677 4]: 0030:  4e a4 0d 6d c0 67 aa e3 61 c4 42 6a 3f 56 59 d7  N..m.g..a.Bj?VY.

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3677 4]: 0040:  43 6b 24 b4 93 00 78 56 34 2c 64 65 76 2d 74 79  Ck$...xV4,dev-ty

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3677 4]: 0050:  70 65 20 74 75 6e 2c 6c 69 6e 6b 2d 6d 74 75 20  pe tun,link-mtu 

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3677 4]: 0060:  31 35 35 37 2c 74 75 6e 2d 6d 74 75 20 31 35 30  1557,tun-mtu 150

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3677 4]: 0070:  30 2c 70 72 6f 74 6f 20 55 44 50 76 34 2c 63 69  0,proto UDPv4,ci

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3677 4]: 0080:  70 68 65 72 20 41 45 53 2d 32 35 36 2d 43 42 43  pher AES-256-CBC

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3677 4]: 0090:  2c 61 75 74 68 20 53 48 41 31 2c 6b 65 79 73 69  ,auth SHA1,keysi

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3677 4]: 00a0:  7a 65 20 32 35 36 2c 6b 65 79 2d 6d 65 74 68 6f  ze 256,key-metho

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3677 4]: 00b0:  64 20 32 2c 74 6c 73 2d 73 65 72 76 65 72 00 00  d 2,tls-server..

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3677 4]: 00c0:  00 00 00 00 00                                   .....

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3754 2]: <= read record

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:7042 2]: <= read

2018-10-15 11:44:30 SSL Handshake: TLSv1.2/TLS-DHE-RSA-WITH-AES-256-GCM-SHA384

2018-10-15 11:44:30 Session is ACTIVE

2018-10-15 11:44:30 EVENT: GET_CONFIG

2018-10-15 11:44:30 Sending PUSH_REQUEST to server...

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:7143 2]: => write

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:2701 2]: => write record

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:1258 2]: => encrypt buf

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:1269 4]: dumping 'before encrypt: output payload' (13 bytes)

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:1269 4]: 0000:  50 55 53 48 5f 52 45 51 55 45 53 54 00           PUSH_REQUEST.

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:1371 4]: dumping 'additional data used for AEAD' (13 bytes)

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:1371 4]: 0000:  00 00 00 00 00 00 00 02 17 03 03 00 0d           .............

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:1388 4]: dumping 'IV used' (8 bytes)

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:1388 4]: 0000:  00 00 00 00 00 00 00 02                          ........

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:1400 3]: before encrypt: msglen = 21, including 0 bytes of padding

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:1426 4]: dumping 'after encrypt: tag' (16 bytes)

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:1426 4]: 0000:  7f f6 92 cf 3f 23 e1 e0 95 fe 8e e3 e7 c7 37 ba  ....?#........7.

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:1560 2]: <= encrypt buf

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:2838 3]: output record: msgtype = 23, version = [3:3], msglen = 37

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:2841 4]: dumping 'output record sent to network' (42 bytes)

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:2841 4]: 0000:  17 03 03 00 25 00 00 00 00 00 00 00 02 dc 4f 03  ....%.........O.

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:2841 4]: 0010:  e8 34 37 91 36 11 c6 d4 28 89 7f f6 92 cf 3f 23  .47.6...(.....?#

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:2841 4]: 0020:  e1 e0 95 fe 8e e3 e7 c7 37 ba                    ........7.

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:2416 2]: => flush output

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:2435 2]: message length: 42, out_left: 42

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:2441 2]: ssl->f_send() returned 42 (-0xffffffd6)

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:2460 2]: <= flush output

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:2850 2]: <= write record

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:7171 2]: <= write

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:6743 2]: => read

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3721 2]: => read record

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:2208 2]: => fetch input

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:2366 2]: in_left: 0, nb_want: 5

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:2390 2]: in_left: 0, nb_want: 5

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:2391 2]: ssl->f_recv(_timeout)() returned 5 (-0xfffffffb)

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:2403 2]: <= fetch input

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3478 4]: dumping 'input record header' (5 bytes)

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3478 4]: 0000:  17 03 03 00 b1                                   .....

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3487 3]: input record: msgtype = 23, version = [3:3], msglen = 177

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:2208 2]: => fetch input

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:2366 2]: in_left: 5, nb_want: 182

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:2390 2]: in_left: 5, nb_want: 182

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:2391 2]: ssl->f_recv(_timeout)() returned 177 (-0xffffff4f)

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:2403 2]: <= fetch input

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3650 4]: dumping 'input record from network' (182 bytes)

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3650 4]: 0000:  17 03 03 00 b1 38 ca e0 13 fd f8 56 12 f7 20 96  .....8.....V.. .

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3650 4]: 0010:  6a eb c2 3f 5e 1b ee a7 20 c2 11 b9 86 ce 9f c0  j..?^... .......

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3650 4]: 0020:  7d f0 85 e9 c0 60 cd e9 c6 d9 e6 c1 01 14 93 a8  }....`..........

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3650 4]: 0030:  26 8f e8 d4 a7 44 10 5f 1b 72 a6 53 df c7 84 f8  &....D._.r.S....

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3650 4]: 0040:  14 b5 c0 6f f0 4e b0 71 b1 64 b6 94 a9 83 93 49  ...o.N.q.d.....I

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3650 4]: 0050:  b8 6a 21 7e 3c 88 dd f3 94 36 6f 99 59 69 f7 2b  .j!~<....6o.Yi.+

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3650 4]: 0060:  cb 77 cd 55 89 dd a8 8c d9 9f 6a 50 70 6b a2 93  .w.U......jPpk..

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3650 4]: 0070:  29 15 28 34 3f 06 57 1f fa 9b f9 8e eb 2a 43 96  ).(4?.W......*C.

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3650 4]: 0080:  e5 1e a0 50 b4 54 96 aa b3 11 15 15 67 93 84 14  ...P.T......g...

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3650 4]: 0090:  cf 81 13 e9 86 b2 8b 71 b2 c1 44 d9 3b 4d cd be  .......q..D.;M..

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3650 4]: 00a0:  49 d5 33 2f 66 d6 7a 4b f3 f0 81 94 16 32 96 cf  I.3/f.zK.....2..

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3650 4]: 00b0:  52 84 e6 a3 3f f4                                R...?.

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:1576 2]: => decrypt buf

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:1654 4]: dumping 'additional data used for AEAD' (13 bytes)

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:1654 4]: 0000:  00 00 00 00 00 00 00 02 17 03 03 00 99           .............

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:1661 4]: dumping 'IV used' (12 bytes)

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:1661 4]: 0000:  28 85 9d 34 38 ca e0 13 fd f8 56 12              (..48.....V.

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:1662 4]: dumping 'TAG used' (16 bytes)

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:1662 4]: 0000:  7a 4b f3 f0 81 94 16 32 96 cf 52 84 e6 a3 3f f4  zK.....2..R...?.

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:1912 4]: dumping 'raw buffer after decryption' (153 bytes)

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:1912 4]: 0000:  50 55 53 48 5f 52 45 50 4c 59 2c 72 6f 75 74 65  PUSH_REPLY,route

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:1912 4]: 0010:  20 31 39 32 2e 31 36 38 2e 30 2e 30 20 32 35 35   192.168.0.0 255

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:1912 4]: 0020:  2e 32 35 35 2e 32 35 35 2e 30 2c 72 6f 75 74 65  .255.255.0,route

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:1912 4]: 0030:  20 31 30 2e 38 2e 30 2e 30 20 32 35 35 2e 32 35   10.8.0.0 255.25

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:1912 4]: 0040:  35 2e 32 35 35 2e 30 2c 72 6f 75 74 65 20 31 30  5.255.0,route 10

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:1912 4]: 0050:  2e 38 2e 30 2e 31 2c 74 6f 70 6f 6c 6f 67 79 20  .8.0.1,topology 

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:1912 4]: 0060:  6e 65 74 33 30 2c 70 69 6e 67 20 31 30 2c 70 69  net30,ping 10,pi

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:1912 4]: 0070:  6e 67 2d 72 65 73 74 61 72 74 20 36 30 2c 69 66  ng-restart 60,if

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:1912 4]: 0080:  63 6f 6e 66 69 67 20 31 30 2e 38 2e 30 2e 36 20  config 10.8.0.6 

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:1912 4]: 0090:  31 30 2e 38 2e 30 2e 35 00                       10.8.0.5.

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:2051 2]: <= decrypt buf

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3677 4]: dumping 'input payload after decrypt' (153 bytes)

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3677 4]: 0000:  50 55 53 48 5f 52 45 50 4c 59 2c 72 6f 75 74 65  PUSH_REPLY,route

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3677 4]: 0010:  20 31 39 32 2e 31 36 38 2e 30 2e 30 20 32 35 35   192.168.0.0 255

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3677 4]: 0020:  2e 32 35 35 2e 32 35 35 2e 30 2c 72 6f 75 74 65  .255.255.0,route

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3677 4]: 0030:  20 31 30 2e 38 2e 30 2e 30 20 32 35 35 2e 32 35   10.8.0.0 255.25

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3677 4]: 0040:  35 2e 32 35 35 2e 30 2c 72 6f 75 74 65 20 31 30  5.255.0,route 10

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3677 4]: 0050:  2e 38 2e 30 2e 31 2c 74 6f 70 6f 6c 6f 67 79 20  .8.0.1,topology 

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3677 4]: 0060:  6e 65 74 33 30 2c 70 69 6e 67 20 31 30 2c 70 69  net30,ping 10,pi

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3677 4]: 0070:  6e 67 2d 72 65 73 74 61 72 74 20 36 30 2c 69 66  ng-restart 60,if

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3677 4]: 0080:  63 6f 6e 66 69 67 20 31 30 2e 38 2e 30 2e 36 20  config 10.8.0.6 

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3677 4]: 0090:  31 30 2e 38 2e 30 2e 35 00                       10.8.0.5.

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:3754 2]: <= read record

2018-10-15 11:44:30 mbed TLS[ssl_tls.c:7042 2]: <= read

2018-10-15 11:44:30 OPTIONS:
0 [redirect-gateway] [def1] 
1 [dhcp-option] [DNS] [1.1.1.1] 
2 [dhcp-option] [DNS] [1.0.0.1] 
3 [route] [192.168.0.0] [255.255.255.0] 
4 [route] [10.8.0.0] [255.255.255.0] 
5 [route] [10.8.0.1] 
6 [topology] [net30] 
7 [ping] [10] 
8 [ping-restart] [60] 
9 [ifconfig] [10.8.0.6] [10.8.0.5] 
10 [block-ipv6] 


2018-10-15 11:44:30 PROTOCOL OPTIONS:
  cipher: AES-192-CBC
  digest: SHA1
  compress: LZO_STUB
  peer ID: -1

2018-10-15 11:44:30 EVENT: ASSIGN_IP

2018-10-15 11:44:30 NIP: preparing TUN network settings

2018-10-15 11:44:30 NIP: init TUN network settings with endpoint: 2607:7700::1c:0:1:1806:8605

2018-10-15 11:44:30 NIP: adding IPv4 address to network settings 10.8.0.6/255.255.255.252

2018-10-15 11:44:30 NIP: adding (included) IPv4 route 10.8.0.4/30

2018-10-15 11:44:30 NIP: adding (included) IPv4 route 192.168.0.0/24

2018-10-15 11:44:30 NIP: adding (included) IPv4 route 10.8.0.0/24

2018-10-15 11:44:30 NIP: adding (included) IPv4 route 10.8.0.1/32

2018-10-15 11:44:30 NIP: redirecting all IPv4 traffic to TUN interface

2018-10-15 11:44:30 NIP: adding DNS 1.1.1.1

2018-10-15 11:44:30 NIP: adding DNS 1.0.0.1

2018-10-15 11:44:30 NIP: blocking all IPv6 traffic

2018-10-15 11:44:30 Connected via NetworkExtensionTUN

2018-10-15 11:44:30 LZO-ASYM init swap=0 asym=1

2018-10-15 11:44:30 Comp-stub init swap=0

2018-10-15 11:44:30 EVENT: CONNECTED michael@24.6.134.5:1194 (2607:7700::1c:0:1:1806:8605) via /UDPv6 on NetworkExtensionTUN/10.8.0.6/ gw=[/]

mbierman · Post by **mbierman** » Mon Oct 15, 2018 7:07 pm

Pippin wrote: ↑
Thu Oct 11, 2018 8:56 pm
Rustig maar Meneer Bierman TinCanTech biedt de juiste hulp.
mbierman wrote: ↑
Thu Oct 11, 2018 7:40 pm
What I was looking for is something like, "oh, you have the wrong encryption! Try this."
Actually you do have the wrong encryption.
Code: Select all
reneg-sec 0
cipher BF-CBC
auth SHA1
Please change Encryption to AES-128-CBC or higher
and Authentication to SHA256 or higher.
See here why:
https://community.openvpn.net/openvpn/wiki/SWEET32
The way I experience Synology w.r.t. OpenVPN (but not only) is they are so lame... if lame is the correct word...

Now, how about your DS Firewall, did you allow the VPN traffic?
And what about other clients like Windows, Linux, ... ? Do they work?

Groet Pippin

I'm sorry, I don't follow your suggestion. In the Synology server configuration, one can choose one (and only one) of the following for Encryption:

DES-CBC
IDEA-CBC
RC2-CBC
DES-EDE-CBC
DES-EDE3-CBC
DESX-CBC
BF-CBC
BF-CBC
RC2-40-CBC
CAST5-CBC
RC2-64-CBC
AES-128-CBC
AES-192-CBC
AES-256-CBC
CAMELLIA--128-CBC
CAMELLIA-192-CBC
CAMELLIA-256-256-CBC
SEED-CBC

I had been using AES-256-CBC.

mbierman · Post by **mbierman** » Mon Oct 15, 2018 7:11 pm

Pippin wrote: ↑
Thu Oct 11, 2018 8:56 pm
Now, how about your DS Firewall, did you allow the VPN traffic?
And what about other clients like Windows, Linux, ... ? Do they work?

Groet Pippin

Yes, the firewall is open and ports are forwarded. As you might have noticed, I am able to connect (both the client and VPN server show connection complete) but no traffic flows.

I have tried connecting from a mac with Tunnelblick via WAN and got the same results.

TinCanTech · Post by **TinCanTech** » Mon Oct 15, 2018 7:31 pm

You probably need to use NAT on your server.
https://openvpn.net/community-resources ... /#redirect

Post by **Pippin** » Mon Oct 15, 2018 8:26 pm

NAT (and push "localnet") is activated by the checkbox "Allow clients to access server's LAN", so should be taken care of.
But I doubt the correctness of @mbierman because he now writes using AES-256-CBC but clearly the openings post shows otherwise on the server screenshot and client config file. Please stick to the configuration posted, otherwise it gets confusing.

@mbierman
Yes, for Encryption can choose one and for Authentication can choose one...

Try to undo all and start fresh, don't forget to add a firewall rule: Port: ALL - Source: 10.8.0.0 255.255.255.0 - Action: Allow.
Put that rule on "VPN" in the drop down menu.
That should be it for the NAS.

OpenVPN Support Forum

Need help with configuration

Need help with configuration

Re: Need help with configuration

Re: Need help with configuration

Re: Need help with configuration

Re: Need help with configuration

Re: Need help with configuration

Re: Need help with configuration

Re: Need help with configuration

Re: Need help with configuration

Re: Need help with configuration

Re: Need help with configuration