Strange problem - throughput reduction

This forum is for admins who are looking to build or expand their OpenVPN setup.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
ZEXsx
OpenVpn Newbie
Posts: 10
Joined: Wed Sep 20, 2017 11:40 am

Strange problem - throughput reduction

Post by ZEXsx » Wed Sep 20, 2017 12:05 pm

A very strange problem was discovered.

OpenVPN versions: 2.3.17, 2.4.3.
Server OS: Windows Server 2008 R2.
Clients: Windows 7 SP1
Inner network: 192.168.1.0/24
Vpn-segment network: 10.10.10.0/24
Server outer address: 1.2.3.4
Server address in inner network: 192.168.1.1
Address of some host in inner network: 192.168.1.11

Server config:

Code: Select all

dev tun
dev-type tun
proto udp
tap-sleep 3
local 192.168.1.1
bind
cipher AES-128-CBC
engine rdrand
server 10.10.10.0 255.255.255.0
topology subnet
push "route 192.168.1.0 255.255.0.0"
(certificates/keys, etc.)
Client config:

Code: Select all

dev tun
dev-type tun
proto udp
tap-sleep 3
remote 1.2.3.4 1194 udp
nobind
cipher AES-128-CBC
client
(certificates/keys, etc.)
The tunnel is working fine.
But when I try to connect with a non-existent host inside the server network, then problems appears.
The bandwidth of the vpn channel drops to almost zero.

If I just try to ping a nonexistent host, then throughput reduces almost to zero.
And if I try to make tcp-ping, then throughput became zero - i.e. packets on the vpn-tunnel generally do not go.

For example, such actions lead to this problem:
ping -t 192.168.1.222
tcping -t 192.168.1.222 3389
Here 192.168.1.222 - a host address which physically is absent on an internal network of the server.

For example in case of a server ping everything looks approximately so:
(parallely we do a ping of a nonexistent node by means of a command: ping - t 192.168.1.222)

Code: Select all

>ping -t 10.10.10.1

Pinging 10.10.10.1 with 32 bytes of data:

Reply from 10.10.10.1: bytes=32 time=20ms TTL=128
Reply from 10.10.10.1: bytes=32 time=20ms TTL=128
Reply from 10.10.10.1: bytes=32 time=20ms TTL=128
Reply from 10.10.10.1: bytes=32 time=1563ms TTL=128
Reply from 10.10.10.1: bytes=32 time=2993ms TTL=128
Reply from 10.10.10.1: bytes=32 time=2995ms TTL=128
Reply from 10.10.10.1: bytes=32 time=2994ms TTL=128
Reply from 10.10.10.1: bytes=32 time=2995ms TTL=128
Reply from 10.10.10.1: bytes=32 time=19ms TTL=128
Reply from 10.10.10.1: bytes=32 time=1991ms TTL=128
Reply from 10.10.10.1: bytes=32 time=2995ms TTL=128
Reply from 10.10.10.1: bytes=32 time=2994ms TTL=128
Reply from 10.10.10.1: bytes=32 time=20ms TTL=128
Reply from 10.10.10.1: bytes=32 time=1992ms TTL=128
Reply from 10.10.10.1: bytes=32 time=20ms TTL=128


And when, for example, I execute such command: tcping - t 192.168.1.222 3389
everything looks so:

Code: Select all

>ping -t 10.10.10.1

Pinging 10.10.10.1 with 32 bytes of data:
Reply from 10.10.10.1: bytes=32 time=19ms TTL=128
Reply from 10.10.10.1: bytes=32 time=20ms TTL=128
Reply from 10.10.10.1: bytes=32 time=20ms TTL=128
Reply from 10.10.10.1: bytes=32 time=20ms TTL=128
Reply from 10.10.10.1: bytes=32 time=20ms TTL=128
Reply from 10.10.10.1: bytes=32 time=2241ms TTL=128
Request times out.
Request times out.
Request times out.
Request times out.
Request times out.
Request times out.
Request times out.
I tried both current versions at the moment: 2.3.17, 2.4.3 - the behavior is the same.
I tried the same thing on the OpenVPN 2.2.2 + Windows Server 2003 installation. This problem is not observed.

Please tell me how to solve this problem!

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: Strange problem - throughput reduction

Post by TinCanTech » Wed Sep 20, 2017 1:02 pm

Please set --verb 4 in your configs and post your sanitized logs.

See --log & --verb in The Manual v24x

ZEXsx
OpenVpn Newbie
Posts: 10
Joined: Wed Sep 20, 2017 11:40 am

Re: Strange problem - throughput reduction

Post by ZEXsx » Wed Sep 20, 2017 3:05 pm

TinCanTech wrote:
Wed Sep 20, 2017 1:02 pm
Please set --verb 4 in your configs and post your sanitized logs.
Server log:

Code: Select all

Wed Sep 20 16:13:13 2017 us=544280 Current Parameter Settings:
Wed Sep 20 16:13:13 2017 us=544280   config = 'server1.ovpn'
Wed Sep 20 16:13:13 2017 us=544280   mode = 1
Wed Sep 20 16:13:13 2017 us=544280   show_ciphers = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   show_digests = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   show_engines = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   genkey = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   key_pass_file = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   show_tls_ciphers = DISABLED
Wed Sep 20 16:13:13 2017 us=544280 Connection profiles [default]:
Wed Sep 20 16:13:13 2017 us=544280   proto = udp
Wed Sep 20 16:13:13 2017 us=544280   local = '192.168.1.1'
Wed Sep 20 16:13:13 2017 us=544280   local_port = 1194
Wed Sep 20 16:13:13 2017 us=544280   remote = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   remote_port = 1194
Wed Sep 20 16:13:13 2017 us=544280   remote_float = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   bind_defined = ENABLED
Wed Sep 20 16:13:13 2017 us=544280   bind_local = ENABLED
Wed Sep 20 16:13:13 2017 us=544280   connect_retry_seconds = 5
Wed Sep 20 16:13:13 2017 us=544280   connect_timeout = 10
Wed Sep 20 16:13:13 2017 us=544280   connect_retry_max = 0
Wed Sep 20 16:13:13 2017 us=544280   socks_proxy_server = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   socks_proxy_port = 0
Wed Sep 20 16:13:13 2017 us=544280   socks_proxy_retry = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   tun_mtu = 1500
Wed Sep 20 16:13:13 2017 us=544280   tun_mtu_defined = ENABLED
Wed Sep 20 16:13:13 2017 us=544280   link_mtu = 1500
Wed Sep 20 16:13:13 2017 us=544280   link_mtu_defined = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   tun_mtu_extra = 0
Wed Sep 20 16:13:13 2017 us=544280   tun_mtu_extra_defined = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   mtu_discover_type = -1
Wed Sep 20 16:13:13 2017 us=544280   fragment = 0
Wed Sep 20 16:13:13 2017 us=544280   mssfix = 1450
Wed Sep 20 16:13:13 2017 us=544280   explicit_exit_notification = 0
Wed Sep 20 16:13:13 2017 us=544280 Connection profiles END
Wed Sep 20 16:13:13 2017 us=544280   remote_random = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   ipchange = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   dev = 'tun'
Wed Sep 20 16:13:13 2017 us=544280   dev_type = 'tun'
Wed Sep 20 16:13:13 2017 us=544280   dev_node = 'ovpn'
Wed Sep 20 16:13:13 2017 us=544280   lladdr = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   topology = 3
Wed Sep 20 16:13:13 2017 us=544280   tun_ipv6 = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   ifconfig_local = '10.10.10.1'
Wed Sep 20 16:13:13 2017 us=544280   ifconfig_remote_netmask = '255.255.255.0'
Wed Sep 20 16:13:13 2017 us=544280   ifconfig_noexec = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   ifconfig_nowarn = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   ifconfig_ipv6_local = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   ifconfig_ipv6_netbits = 0
Wed Sep 20 16:13:13 2017 us=544280   ifconfig_ipv6_remote = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   shaper = 0
Wed Sep 20 16:13:13 2017 us=544280   mtu_test = 0
Wed Sep 20 16:13:13 2017 us=544280   mlock = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   keepalive_ping = 10
Wed Sep 20 16:13:13 2017 us=544280   keepalive_timeout = 120
Wed Sep 20 16:13:13 2017 us=544280   inactivity_timeout = 0
Wed Sep 20 16:13:13 2017 us=544280   ping_send_timeout = 10
Wed Sep 20 16:13:13 2017 us=544280   ping_rec_timeout = 240
Wed Sep 20 16:13:13 2017 us=544280   ping_rec_timeout_action = 2
Wed Sep 20 16:13:13 2017 us=544280   ping_timer_remote = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   remap_sigusr1 = 0
Wed Sep 20 16:13:13 2017 us=544280   persist_tun = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   persist_local_ip = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   persist_remote_ip = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   persist_key = ENABLED
Wed Sep 20 16:13:13 2017 us=544280   passtos = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   resolve_retry_seconds = 1000000000
Wed Sep 20 16:13:13 2017 us=544280   username = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   groupname = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   chroot_dir = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   cd_dir = 'c:\Program Files\OpenVPN\'
Wed Sep 20 16:13:13 2017 us=544280   writepid = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   up_script = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   down_script = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   down_pre = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   up_restart = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   up_delay = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   daemon = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   inetd = 0
Wed Sep 20 16:13:13 2017 us=544280   log = ENABLED
Wed Sep 20 16:13:13 2017 us=544280   suppress_timestamps = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   nice = 0
Wed Sep 20 16:13:13 2017 us=544280   verbosity = 4
Wed Sep 20 16:13:13 2017 us=544280   mute = 0
Wed Sep 20 16:13:13 2017 us=544280   gremlin = 0
Wed Sep 20 16:13:13 2017 us=544280   status_file = 'x:\openvpn-status.log'
Wed Sep 20 16:13:13 2017 us=544280   status_file_version = 1
Wed Sep 20 16:13:13 2017 us=544280   status_file_update_freq = 60
Wed Sep 20 16:13:13 2017 us=544280   occ = ENABLED
Wed Sep 20 16:13:13 2017 us=544280   rcvbuf = 0
Wed Sep 20 16:13:13 2017 us=544280   sndbuf = 0
Wed Sep 20 16:13:13 2017 us=544280   sockflags = 0
Wed Sep 20 16:13:13 2017 us=544280   fast_io = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   lzo = 0
Wed Sep 20 16:13:13 2017 us=544280   route_script = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   route_default_gateway = '10.10.10.2'
Wed Sep 20 16:13:13 2017 us=544280   route_default_metric = 0
Wed Sep 20 16:13:13 2017 us=544280   route_noexec = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   route_delay = 0
Wed Sep 20 16:13:13 2017 us=544280   route_delay_window = 30
Wed Sep 20 16:13:13 2017 us=544280   route_delay_defined = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   route_nopull = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   route_gateway_via_dhcp = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   max_routes = 100
Wed Sep 20 16:13:13 2017 us=544280   allow_pull_fqdn = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   management_addr = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   management_port = 0
Wed Sep 20 16:13:13 2017 us=544280   management_user_pass = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   management_log_history_cache = 250
Wed Sep 20 16:13:13 2017 us=544280   management_echo_buffer_size = 100
Wed Sep 20 16:13:13 2017 us=544280   management_write_peer_info_file = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   management_client_user = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   management_client_group = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   management_flags = 0
Wed Sep 20 16:13:13 2017 us=544280   shared_secret_file = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   key_direction = 1
Wed Sep 20 16:13:13 2017 us=544280   ciphername_defined = ENABLED
Wed Sep 20 16:13:13 2017 us=544280   ciphername = 'AES-128-CBC'
Wed Sep 20 16:13:13 2017 us=544280   authname_defined = ENABLED
Wed Sep 20 16:13:13 2017 us=544280   authname = 'SHA1'
Wed Sep 20 16:13:13 2017 us=544280   prng_hash = 'SHA1'
Wed Sep 20 16:13:13 2017 us=544280   prng_nonce_secret_len = 16
Wed Sep 20 16:13:13 2017 us=544280   keysize = 0
Wed Sep 20 16:13:13 2017 us=544280   engine = ENABLED
Wed Sep 20 16:13:13 2017 us=544280   replay = ENABLED
Wed Sep 20 16:13:13 2017 us=544280   mute_replay_warnings = ENABLED
Wed Sep 20 16:13:13 2017 us=544280   replay_window = 64
Wed Sep 20 16:13:13 2017 us=544280   replay_time = 15
Wed Sep 20 16:13:13 2017 us=544280   packet_id_file = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   use_iv = ENABLED
Wed Sep 20 16:13:13 2017 us=544280   test_crypto = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   tls_server = ENABLED
Wed Sep 20 16:13:13 2017 us=544280   tls_client = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   key_method = 2
Wed Sep 20 16:13:13 2017 us=544280   ca_file = '[[INLINE]]'
Wed Sep 20 16:13:13 2017 us=544280   ca_path = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   dh_file = '[[INLINE]]'
Wed Sep 20 16:13:13 2017 us=544280   cert_file = '[[INLINE]]'
Wed Sep 20 16:13:13 2017 us=544280   extra_certs_file = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   priv_key_file = '[[INLINE]]'
Wed Sep 20 16:13:13 2017 us=544280   pkcs12_file = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   cryptoapi_cert = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   cipher_list = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   tls_verify = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   tls_export_cert = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   verify_x509_type = 0
Wed Sep 20 16:13:13 2017 us=544280   verify_x509_name = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   crl_file = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   ns_cert_type = 0
Wed Sep 20 16:13:13 2017 us=544280   remote_cert_ku[i] = 128
Wed Sep 20 16:13:13 2017 us=544280   remote_cert_ku[i] = 8
Wed Sep 20 16:13:13 2017 us=544280   remote_cert_ku[i] = 136
Wed Sep 20 16:13:13 2017 us=544280   remote_cert_ku[i] = 0
Wed Sep 20 16:13:13 2017 us=544280   remote_cert_ku[i] = 0
Wed Sep 20 16:13:13 2017 us=544280   remote_cert_ku[i] = 0
Wed Sep 20 16:13:13 2017 us=544280   remote_cert_ku[i] = 0
Wed Sep 20 16:13:13 2017 us=544280   remote_cert_ku[i] = 0
Wed Sep 20 16:13:13 2017 us=544280   remote_cert_ku[i] = 0
Wed Sep 20 16:13:13 2017 us=544280   remote_cert_ku[i] = 0
Wed Sep 20 16:13:13 2017 us=544280   remote_cert_ku[i] = 0
Wed Sep 20 16:13:13 2017 us=544280   remote_cert_ku[i] = 0
Wed Sep 20 16:13:13 2017 us=544280   remote_cert_ku[i] = 0
Wed Sep 20 16:13:13 2017 us=544280   remote_cert_ku[i] = 0
Wed Sep 20 16:13:13 2017 us=544280   remote_cert_ku[i] = 0
Wed Sep 20 16:13:13 2017 us=544280   remote_cert_ku[i] = 0
Wed Sep 20 16:13:13 2017 us=544280   remote_cert_eku = 'TLS Web Client Authentication'
Wed Sep 20 16:13:13 2017 us=544280   ssl_flags = 208
Wed Sep 20 16:13:13 2017 us=544280   tls_timeout = 2
Wed Sep 20 16:13:13 2017 us=544280   renegotiate_bytes = -1
Wed Sep 20 16:13:13 2017 us=544280   renegotiate_packets = 0
Wed Sep 20 16:13:13 2017 us=544280   renegotiate_seconds = 3600
Wed Sep 20 16:13:13 2017 us=544280   handshake_window = 60
Wed Sep 20 16:13:13 2017 us=544280   transition_window = 3600
Wed Sep 20 16:13:13 2017 us=544280   single_session = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   push_peer_info = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   tls_exit = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   tls_auth_file = '[[INLINE]]'
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   pkcs11_pin_cache_period = -1
Wed Sep 20 16:13:13 2017 us=545281   pkcs11_id = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=545281   pkcs11_id_management = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   server_network = 10.10.10.0
Wed Sep 20 16:13:13 2017 us=545281   server_netmask = 255.255.255.0
Wed Sep 20 16:13:13 2017 us=545281   server_network_ipv6 = ::
Wed Sep 20 16:13:13 2017 us=545281   server_netbits_ipv6 = 0
Wed Sep 20 16:13:13 2017 us=545281   server_bridge_ip = 0.0.0.0
Wed Sep 20 16:13:13 2017 us=545281   server_bridge_netmask = 0.0.0.0
Wed Sep 20 16:13:13 2017 us=545281   server_bridge_pool_start = 0.0.0.0
Wed Sep 20 16:13:13 2017 us=545281   server_bridge_pool_end = 0.0.0.0
Wed Sep 20 16:13:13 2017 us=545281   push_entry = 'route 192.168.0.0 255.255.0.0'
Wed Sep 20 16:13:13 2017 us=545281   push_entry = 'route-gateway 10.10.10.1'
Wed Sep 20 16:13:13 2017 us=545281   push_entry = 'topology subnet'
Wed Sep 20 16:13:13 2017 us=545281   push_entry = 'ping 10'
Wed Sep 20 16:13:13 2017 us=545281   push_entry = 'ping-restart 120'
Wed Sep 20 16:13:13 2017 us=545281   ifconfig_pool_defined = ENABLED
Wed Sep 20 16:13:13 2017 us=545281   ifconfig_pool_start = 10.10.10.2
Wed Sep 20 16:13:13 2017 us=545281   ifconfig_pool_end = 10.10.10.253
Wed Sep 20 16:13:13 2017 us=545281   ifconfig_pool_netmask = 255.255.255.0
Wed Sep 20 16:13:13 2017 us=545281   ifconfig_pool_persist_filename = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=545281   ifconfig_pool_persist_refresh_freq = 600
Wed Sep 20 16:13:13 2017 us=545281   ifconfig_ipv6_pool_defined = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   ifconfig_ipv6_pool_base = ::
Wed Sep 20 16:13:13 2017 us=545281   ifconfig_ipv6_pool_netbits = 0
Wed Sep 20 16:13:13 2017 us=545281   n_bcast_buf = 256
Wed Sep 20 16:13:13 2017 us=545281   tcp_queue_limit = 64
Wed Sep 20 16:13:13 2017 us=545281   real_hash_size = 256
Wed Sep 20 16:13:13 2017 us=545281   virtual_hash_size = 256
Wed Sep 20 16:13:13 2017 us=545281   client_connect_script = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=545281   learn_address_script = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=545281   client_disconnect_script = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=545281   client_config_dir = 'config\ccd'
Wed Sep 20 16:13:13 2017 us=545281   ccd_exclusive = ENABLED
Wed Sep 20 16:13:13 2017 us=545281   tmp_dir = 'x:\'
Wed Sep 20 16:13:13 2017 us=545281   push_ifconfig_defined = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   push_ifconfig_local = 0.0.0.0
Wed Sep 20 16:13:13 2017 us=545281   push_ifconfig_remote_netmask = 0.0.0.0
Wed Sep 20 16:13:13 2017 us=545281   push_ifconfig_ipv6_defined = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   push_ifconfig_ipv6_local = ::/0
Wed Sep 20 16:13:13 2017 us=545281   push_ifconfig_ipv6_remote = ::
Wed Sep 20 16:13:13 2017 us=545281   enable_c2c = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   duplicate_cn = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   cf_max = 0
Wed Sep 20 16:13:13 2017 us=545281   cf_per = 0
Wed Sep 20 16:13:13 2017 us=545281   max_clients = 50
Wed Sep 20 16:13:13 2017 us=545281   max_routes_per_client = 10
Wed Sep 20 16:13:13 2017 us=545281   auth_user_pass_verify_script = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=545281   auth_user_pass_verify_script_via_file = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   client = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   pull = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   auth_user_pass_file = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=545281   show_net_up = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   route_method = 0
Wed Sep 20 16:13:13 2017 us=545281   block_outside_dns = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   ip_win32_defined = ENABLED
Wed Sep 20 16:13:13 2017 us=545281   ip_win32_type = 2
Wed Sep 20 16:13:13 2017 us=545281   dhcp_masq_offset = 0
Wed Sep 20 16:13:13 2017 us=545281   dhcp_lease_time = 31536000
Wed Sep 20 16:13:13 2017 us=545281   tap_sleep = 10
Wed Sep 20 16:13:13 2017 us=545281   dhcp_options = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   dhcp_renew = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   dhcp_pre_release = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   dhcp_release = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   domain = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=545281   netbios_scope = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=545281   netbios_node_type = 0
Wed Sep 20 16:13:13 2017 us=545281   disable_nbt = DISABLED
Wed Sep 20 16:13:13 2017 us=545281 OpenVPN 2.3.17 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on Jun 20 2017
Wed Sep 20 16:13:13 2017 us=545281 Windows version 6.1 (Windows 7) 64bit
Wed Sep 20 16:13:13 2017 us=545281 library versions: OpenSSL 1.0.2l  25 May 2017, LZO 2.10
Wed Sep 20 16:13:13 2017 us=546281 Initializing OpenSSL support for engine 'rdrand'
Wed Sep 20 16:13:13 2017 us=546281 Diffie-Hellman initialized with 4096 bit key
Wed Sep 20 16:13:13 2017 us=546281 Control Channel Authentication: tls-auth using INLINE static key file
Wed Sep 20 16:13:13 2017 us=546281 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Sep 20 16:13:13 2017 us=546281 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Sep 20 16:13:13 2017 us=546281 TLS-Auth MTU parms [ L:1557 D:1184 EF:66 EB:0 ET:0 EL:3 ]
Wed Sep 20 16:13:13 2017 us=546281 Socket Buffers: R=[8192->8192] S=[8192->8192]
Wed Sep 20 16:13:13 2017 us=547281 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Wed Sep 20 16:13:13 2017 us=547281 open_tun, tt->ipv6=0
Wed Sep 20 16:13:13 2017 us=547281 TAP-WIN32 device [ovpn] opened: \\.\Global\{...}.tap
Wed Sep 20 16:13:13 2017 us=547281 TAP-Windows Driver Version 9.21 
Wed Sep 20 16:13:13 2017 us=547281 TAP-Windows MTU=1500
Wed Sep 20 16:13:13 2017 us=547281 Set TAP-Windows TUN subnet mode network/local/netmask = 10.10.10.0/10.10.10.1/255.255.255.0 [SUCCEEDED]
Wed Sep 20 16:13:13 2017 us=547281 Sleeping for 10 seconds...
Wed Sep 20 16:13:23 2017 us=547853 Successful ARP Flush on interface [13] {...}
Wed Sep 20 16:13:23 2017 us=548853 Successfully deleted previously set dynamic IP/netmask: 169.254.26.223/255.255.0.0
Wed Sep 20 16:13:23 2017 us=548853 Succeeded in adding a temporary IP/netmask of 10.10.10.1/255.255.255.0 to interface {...} using the Win32 IP Helper API
Wed Sep 20 16:13:23 2017 us=549853 Data Channel MTU parms [ L:1557 D:1450 EF:57 EB:12 ET:0 EL:3 ]
Wed Sep 20 16:13:23 2017 us=549853 UDPv4 link local (bound): [AF_INET]192.168.1.1:1194
Wed Sep 20 16:13:23 2017 us=549853 UDPv4 link remote: [undef]
Wed Sep 20 16:13:23 2017 us=549853 MULTI: multi_init called, r=256 v=256
Wed Sep 20 16:13:23 2017 us=549853 IFCONFIG POOL: base=10.10.10.2 size=252, ipv6=0
Wed Sep 20 16:13:23 2017 us=549853 Initialization Sequence Completed
Wed Sep 20 16:13:39 2017 us=50739 MULTI: multi_create_instance called
Wed Sep 20 16:13:39 2017 us=50739 6.7.8.9:60882 Re-using SSL/TLS context
Wed Sep 20 16:13:39 2017 us=50739 6.7.8.9:60882 Control Channel MTU parms [ L:1557 D:1184 EF:66 EB:0 ET:0 EL:3 ]
Wed Sep 20 16:13:39 2017 us=50739 6.7.8.9:60882 Data Channel MTU parms [ L:1557 D:1450 EF:57 EB:12 ET:0 EL:3 ]
Wed Sep 20 16:13:39 2017 us=50739 6.7.8.9:60882 Local Options String: 'V4,dev-type tun,link-mtu 1557,tun-mtu 1500,proto UDPv4,keydir 0,cipher AES-128-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-server'
Wed Sep 20 16:13:39 2017 us=50739 6.7.8.9:60882 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1557,tun-mtu 1500,proto UDPv4,keydir 1,cipher AES-128-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-client'
Wed Sep 20 16:13:39 2017 us=50739 6.7.8.9:60882 Local Options hash (VER=V4): '2f3e190a'
Wed Sep 20 16:13:39 2017 us=50739 6.7.8.9:60882 Expected Remote Options hash (VER=V4): '0f816d6e'
Wed Sep 20 16:13:39 2017 us=50739 6.7.8.9:60882 TLS: Initial packet from [AF_INET]6.7.8.9:60882, sid=af7aa075 15b63c0f
Wed Sep 20 16:13:39 2017 us=265752 6.7.8.9:60882 VERIFY OK: depth=1, C=..., ST=..., L=..., O=..., OU=..., CN=..., name=..., emailAddress=...
Wed Sep 20 16:13:39 2017 us=265752 6.7.8.9:60882 Validating certificate key usage
Wed Sep 20 16:13:39 2017 us=265752 6.7.8.9:60882 ++ Certificate has key usage  0080, expects 0080
Wed Sep 20 16:13:39 2017 us=265752 6.7.8.9:60882 VERIFY KU OK
Wed Sep 20 16:13:39 2017 us=265752 6.7.8.9:60882 Validating certificate extended key usage
Wed Sep 20 16:13:39 2017 us=265752 6.7.8.9:60882 ++ Certificate has EKU (str) TLS Web Client Authentication, expects TLS Web Client Authentication
Wed Sep 20 16:13:39 2017 us=265752 6.7.8.9:60882 VERIFY EKU OK
Wed Sep 20 16:13:39 2017 us=265752 6.7.8.9:60882 VERIFY OK: depth=0, C=..., ST=..., L=..., O=..., OU=..., CN=mike1, name=mike1, emailAddress=...
Wed Sep 20 16:13:39 2017 us=308754 6.7.8.9:60882 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Wed Sep 20 16:13:39 2017 us=308754 6.7.8.9:60882 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Sep 20 16:13:39 2017 us=308754 6.7.8.9:60882 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Wed Sep 20 16:13:39 2017 us=308754 6.7.8.9:60882 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Sep 20 16:13:39 2017 us=329755 6.7.8.9:60882 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
Wed Sep 20 16:13:39 2017 us=329755 6.7.8.9:60882 [mike1] Peer Connection Initiated with [AF_INET]6.7.8.9:60882
Wed Sep 20 16:13:39 2017 us=329755 mike1/6.7.8.9:60882 OPTIONS IMPORT: reading client specific options from: config\ccd\mike1
Wed Sep 20 16:13:39 2017 us=329755 mike1/6.7.8.9:60882 MULTI_sva: pool returned IPv4=10.10.10.2, IPv6=(Not enabled)
Wed Sep 20 16:13:39 2017 us=329755 mike1/6.7.8.9:60882 MULTI: Learn: 10.10.10.2 -> mike1/6.7.8.9:60882
Wed Sep 20 16:13:39 2017 us=329755 mike1/6.7.8.9:60882 MULTI: primary virtual IP for mike1/6.7.8.9:60882: 10.10.10.2
Wed Sep 20 16:13:41 2017 us=338870 mike1/6.7.8.9:60882 PUSH: Received control message: 'PUSH_REQUEST'
Wed Sep 20 16:13:41 2017 us=338870 mike1/6.7.8.9:60882 send_push_reply(): safe_cap=940
Wed Sep 20 16:13:41 2017 us=338870 mike1/6.7.8.9:60882 SENT CONTROL [mike1]: 'PUSH_REPLY,route 192.168.0.0 255.255.0.0,route-gateway 10.10.10.1,topology subnet,ping 10,ping-restart 120,ifconfig 10.10.10.2 255.255.255.0' (status=1)
Wed Sep 20 16:26:50 2017 us=686018 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Wed Sep 20 16:27:00 2017 us=790596 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Wed Sep 20 16:27:10 2017 us=821170 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Wed Sep 20 16:27:21 2017 us=66756 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Wed Sep 20 16:27:31 2017 us=289341 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Wed Sep 20 16:27:41 2017 us=659934 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Wed Sep 20 16:27:51 2017 us=701508 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Wed Sep 20 16:28:01 2017 us=784085 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Wed Sep 20 16:28:12 2017 us=196680 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Wed Sep 20 16:28:22 2017 us=313259 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Wed Sep 20 16:28:32 2017 us=413837 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Wed Sep 20 16:28:42 2017 us=770429 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Wed Sep 20 16:28:52 2017 us=805003 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Wed Sep 20 16:29:02 2017 us=819576 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Wed Sep 20 16:29:13 2017 us=28160 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Wed Sep 20 16:29:23 2017 us=80735 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Wed Sep 20 16:29:33 2017 us=165312 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Wed Sep 20 16:29:43 2017 us=581907 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Wed Sep 20 16:29:53 2017 us=660484 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Wed Sep 20 16:30:03 2017 us=835066 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Wed Sep 20 16:30:13 2017 us=915642 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Wed Sep 20 16:30:24 2017 us=68223 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Wed Sep 20 16:30:34 2017 us=134799 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Wed Sep 20 16:30:40 2017 us=233148 mike1/6.7.8.9:60882 [mike1] Inactivity timeout (--ping-restart), restarting
Wed Sep 20 16:30:40 2017 us=233148 mike1/6.7.8.9:60882 SIGUSR1[soft,ping-restart] received, client-instance restarting
Wed Sep 20 16:38:55 2017 us=827494 TCP/UDP: Closing socket
Wed Sep 20 16:38:55 2017 us=827494 Closing TUN/TAP interface
Wed Sep 20 16:38:55 2017 us=827494 SIGTERM[hard,] received, process exiting

Client log:

Code: Select all

Wed Sep 20 16:13:36 2017 us=310705 Current Parameter Settings:
Wed Sep 20 16:13:36 2017 us=311705   config = 'c:\Program Files\OpenVPN\config\ovpn_mike1.ovpn'
Wed Sep 20 16:13:36 2017 us=311705   mode = 0
Wed Sep 20 16:13:36 2017 us=311705   show_ciphers = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   show_digests = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   show_engines = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   genkey = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   key_pass_file = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=311705   show_tls_ciphers = DISABLED
Wed Sep 20 16:13:36 2017 us=311705 Connection profiles [default]:
Wed Sep 20 16:13:36 2017 us=311705   proto = udp
Wed Sep 20 16:13:36 2017 us=311705   local = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=311705   local_port = 0
Wed Sep 20 16:13:36 2017 us=311705   remote = '1.2.3.4'
Wed Sep 20 16:13:36 2017 us=311705   remote_port = 1194
Wed Sep 20 16:13:36 2017 us=311705   remote_float = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   bind_defined = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   bind_local = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   connect_retry_seconds = 5
Wed Sep 20 16:13:36 2017 us=311705   connect_timeout = 10
Wed Sep 20 16:13:36 2017 us=311705   connect_retry_max = 0
Wed Sep 20 16:13:36 2017 us=311705   socks_proxy_server = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=311705   socks_proxy_port = 0
Wed Sep 20 16:13:36 2017 us=311705   socks_proxy_retry = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   tun_mtu = 1500
Wed Sep 20 16:13:36 2017 us=311705   tun_mtu_defined = ENABLED
Wed Sep 20 16:13:36 2017 us=311705   link_mtu = 1500
Wed Sep 20 16:13:36 2017 us=311705   link_mtu_defined = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   tun_mtu_extra = 0
Wed Sep 20 16:13:36 2017 us=311705   tun_mtu_extra_defined = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   mtu_discover_type = -1
Wed Sep 20 16:13:36 2017 us=311705   fragment = 0
Wed Sep 20 16:13:36 2017 us=311705   mssfix = 1450
Wed Sep 20 16:13:36 2017 us=311705   explicit_exit_notification = 0
Wed Sep 20 16:13:36 2017 us=311705 Connection profiles END
Wed Sep 20 16:13:36 2017 us=311705   remote_random = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   ipchange = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=311705   dev = 'tun'
Wed Sep 20 16:13:36 2017 us=311705   dev_type = 'tun'
Wed Sep 20 16:13:36 2017 us=311705   dev_node = 'ovpn'
Wed Sep 20 16:13:36 2017 us=311705   lladdr = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=311705   topology = 1
Wed Sep 20 16:13:36 2017 us=311705   tun_ipv6 = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   ifconfig_local = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=311705   ifconfig_remote_netmask = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=311705   ifconfig_noexec = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   ifconfig_nowarn = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   ifconfig_ipv6_local = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=311705   ifconfig_ipv6_netbits = 0
Wed Sep 20 16:13:36 2017 us=311705   ifconfig_ipv6_remote = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=311705   shaper = 0
Wed Sep 20 16:13:36 2017 us=311705   mtu_test = 0
Wed Sep 20 16:13:36 2017 us=311705   mlock = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   keepalive_ping = 0
Wed Sep 20 16:13:36 2017 us=311705   keepalive_timeout = 0
Wed Sep 20 16:13:36 2017 us=311705   inactivity_timeout = 0
Wed Sep 20 16:13:36 2017 us=311705   ping_send_timeout = 0
Wed Sep 20 16:13:36 2017 us=311705   ping_rec_timeout = 0
Wed Sep 20 16:13:36 2017 us=311705   ping_rec_timeout_action = 0
Wed Sep 20 16:13:36 2017 us=311705   ping_timer_remote = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   remap_sigusr1 = 0
Wed Sep 20 16:13:36 2017 us=311705   persist_tun = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   persist_local_ip = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   persist_remote_ip = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   persist_key = ENABLED
Wed Sep 20 16:13:36 2017 us=311705   passtos = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   resolve_retry_seconds = 1000000000
Wed Sep 20 16:13:36 2017 us=311705   username = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=311705   groupname = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=311705   chroot_dir = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=311705   cd_dir = 'c:\Program Files\OpenVPN\'
Wed Sep 20 16:13:36 2017 us=311705   writepid = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=311705   up_script = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=311705   down_script = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=311705   down_pre = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   up_restart = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   up_delay = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   daemon = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   inetd = 0
Wed Sep 20 16:13:36 2017 us=311705   log = ENABLED
Wed Sep 20 16:13:36 2017 us=311705   suppress_timestamps = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   nice = 0
Wed Sep 20 16:13:36 2017 us=311705   verbosity = 4
Wed Sep 20 16:13:36 2017 us=311705   mute = 0
Wed Sep 20 16:13:36 2017 us=311705   gremlin = 0
Wed Sep 20 16:13:36 2017 us=311705   status_file = 'x:\openvpn-status.log'
Wed Sep 20 16:13:36 2017 us=311705   status_file_version = 1
Wed Sep 20 16:13:36 2017 us=311705   status_file_update_freq = 60
Wed Sep 20 16:13:36 2017 us=311705   occ = ENABLED
Wed Sep 20 16:13:36 2017 us=311705   rcvbuf = 0
Wed Sep 20 16:13:36 2017 us=311705   sndbuf = 0
Wed Sep 20 16:13:36 2017 us=311705   sockflags = 0
Wed Sep 20 16:13:36 2017 us=311705   fast_io = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   lzo = 0
Wed Sep 20 16:13:36 2017 us=311705   route_script = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=311705   route_default_gateway = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=311705   route_default_metric = 0
Wed Sep 20 16:13:36 2017 us=311705   route_noexec = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   route_delay = 5
Wed Sep 20 16:13:36 2017 us=311705   route_delay_window = 30
Wed Sep 20 16:13:36 2017 us=311705   route_delay_defined = ENABLED
Wed Sep 20 16:13:36 2017 us=311705   route_nopull = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   route_gateway_via_dhcp = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   max_routes = 100
Wed Sep 20 16:13:36 2017 us=311705   allow_pull_fqdn = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   management_addr = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=311705   management_port = 0
Wed Sep 20 16:13:36 2017 us=311705   management_user_pass = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=311705   management_log_history_cache = 250
Wed Sep 20 16:13:36 2017 us=311705   management_echo_buffer_size = 100
Wed Sep 20 16:13:36 2017 us=311705   management_write_peer_info_file = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=311705   management_client_user = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=311705   management_client_group = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=311705   management_flags = 0
Wed Sep 20 16:13:36 2017 us=311705   shared_secret_file = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=311705   key_direction = 2
Wed Sep 20 16:13:36 2017 us=311705   ciphername_defined = ENABLED
Wed Sep 20 16:13:36 2017 us=311705   ciphername = 'AES-128-CBC'
Wed Sep 20 16:13:36 2017 us=311705   authname_defined = ENABLED
Wed Sep 20 16:13:36 2017 us=311705   authname = 'SHA1'
Wed Sep 20 16:13:36 2017 us=311705   prng_hash = 'SHA1'
Wed Sep 20 16:13:36 2017 us=311705   prng_nonce_secret_len = 16
Wed Sep 20 16:13:36 2017 us=311705   keysize = 0
Wed Sep 20 16:13:36 2017 us=311705   engine = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   replay = ENABLED
Wed Sep 20 16:13:36 2017 us=311705   mute_replay_warnings = ENABLED
Wed Sep 20 16:13:36 2017 us=311705   replay_window = 64
Wed Sep 20 16:13:36 2017 us=311705   replay_time = 15
Wed Sep 20 16:13:36 2017 us=311705   packet_id_file = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=311705   use_iv = ENABLED
Wed Sep 20 16:13:36 2017 us=311705   test_crypto = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   tls_server = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   tls_client = ENABLED
Wed Sep 20 16:13:36 2017 us=311705   key_method = 2
Wed Sep 20 16:13:36 2017 us=311705   ca_file = '[[INLINE]]'
Wed Sep 20 16:13:36 2017 us=311705   ca_path = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=311705   dh_file = '[[INLINE]]'
Wed Sep 20 16:13:36 2017 us=311705   cert_file = '[[INLINE]]'
Wed Sep 20 16:13:36 2017 us=311705   extra_certs_file = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=312705   priv_key_file = '[[INLINE]]'
Wed Sep 20 16:13:36 2017 us=312705   pkcs12_file = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=312705   cryptoapi_cert = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=312705   cipher_list = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=312705   tls_verify = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=312705   tls_export_cert = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=312705   verify_x509_type = 3
Wed Sep 20 16:13:36 2017 us=312705   verify_x509_name = 'server'
Wed Sep 20 16:13:36 2017 us=312705   crl_file = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=312705   ns_cert_type = 0
Wed Sep 20 16:13:36 2017 us=312705   remote_cert_ku[i] = 160
Wed Sep 20 16:13:36 2017 us=312705   remote_cert_ku[i] = 136
Wed Sep 20 16:13:36 2017 us=312705   remote_cert_ku[i] = 0
Wed Sep 20 16:13:36 2017 us=312705   remote_cert_ku[i] = 0
Wed Sep 20 16:13:36 2017 us=312705   remote_cert_ku[i] = 0
Wed Sep 20 16:13:36 2017 us=312705   remote_cert_ku[i] = 0
Wed Sep 20 16:13:36 2017 us=312705   remote_cert_ku[i] = 0
Wed Sep 20 16:13:36 2017 us=312705   remote_cert_ku[i] = 0
Wed Sep 20 16:13:36 2017 us=312705   remote_cert_ku[i] = 0
Wed Sep 20 16:13:36 2017 us=312705   remote_cert_ku[i] = 0
Wed Sep 20 16:13:36 2017 us=312705   remote_cert_ku[i] = 0
Wed Sep 20 16:13:36 2017 us=312705   remote_cert_ku[i] = 0
Wed Sep 20 16:13:36 2017 us=312705   remote_cert_ku[i] = 0
Wed Sep 20 16:13:36 2017 us=312705   remote_cert_ku[i] = 0
Wed Sep 20 16:13:36 2017 us=312705   remote_cert_ku[i] = 0
Wed Sep 20 16:13:36 2017 us=312705   remote_cert_ku[i] = 0
Wed Sep 20 16:13:36 2017 us=312705   remote_cert_eku = 'TLS Web Server Authentication'
Wed Sep 20 16:13:36 2017 us=312705   ssl_flags = 0
Wed Sep 20 16:13:36 2017 us=312705   tls_timeout = 2
Wed Sep 20 16:13:36 2017 us=312705   renegotiate_bytes = -1
Wed Sep 20 16:13:36 2017 us=312705   renegotiate_packets = 0
Wed Sep 20 16:13:36 2017 us=312705   renegotiate_seconds = 3600
Wed Sep 20 16:13:36 2017 us=312705   handshake_window = 60
Wed Sep 20 16:13:36 2017 us=312705   transition_window = 3600
Wed Sep 20 16:13:36 2017 us=312705   single_session = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   push_peer_info = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   tls_exit = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   tls_auth_file = '[[INLINE]]'
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_pin_cache_period = -1
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_id = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_id_management = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   server_network = 0.0.0.0
Wed Sep 20 16:13:36 2017 us=312705   server_netmask = 0.0.0.0
Wed Sep 20 16:13:36 2017 us=314705   server_network_ipv6 = ::
Wed Sep 20 16:13:36 2017 us=314705   server_netbits_ipv6 = 0
Wed Sep 20 16:13:36 2017 us=314705   server_bridge_ip = 0.0.0.0
Wed Sep 20 16:13:36 2017 us=314705   server_bridge_netmask = 0.0.0.0
Wed Sep 20 16:13:36 2017 us=314705   server_bridge_pool_start = 0.0.0.0
Wed Sep 20 16:13:36 2017 us=314705   server_bridge_pool_end = 0.0.0.0
Wed Sep 20 16:13:36 2017 us=314705   ifconfig_pool_defined = DISABLED
Wed Sep 20 16:13:36 2017 us=314705   ifconfig_pool_start = 0.0.0.0
Wed Sep 20 16:13:36 2017 us=314705   ifconfig_pool_end = 0.0.0.0
Wed Sep 20 16:13:36 2017 us=314705   ifconfig_pool_netmask = 0.0.0.0
Wed Sep 20 16:13:36 2017 us=314705   ifconfig_pool_persist_filename = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=314705   ifconfig_pool_persist_refresh_freq = 600
Wed Sep 20 16:13:36 2017 us=314705   ifconfig_ipv6_pool_defined = DISABLED
Wed Sep 20 16:13:36 2017 us=314705   ifconfig_ipv6_pool_base = ::
Wed Sep 20 16:13:36 2017 us=314705   ifconfig_ipv6_pool_netbits = 0
Wed Sep 20 16:13:36 2017 us=314705   n_bcast_buf = 256
Wed Sep 20 16:13:36 2017 us=314705   tcp_queue_limit = 64
Wed Sep 20 16:13:36 2017 us=314705   real_hash_size = 256
Wed Sep 20 16:13:36 2017 us=314705   virtual_hash_size = 256
Wed Sep 20 16:13:36 2017 us=314705   client_connect_script = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=314705   learn_address_script = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=314705   client_disconnect_script = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=314705   client_config_dir = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=314705   ccd_exclusive = DISABLED
Wed Sep 20 16:13:36 2017 us=314705   tmp_dir = 'x:\temp\'
Wed Sep 20 16:13:36 2017 us=314705   push_ifconfig_defined = DISABLED
Wed Sep 20 16:13:36 2017 us=314705   push_ifconfig_local = 0.0.0.0
Wed Sep 20 16:13:36 2017 us=314705   push_ifconfig_remote_netmask = 0.0.0.0
Wed Sep 20 16:13:36 2017 us=314705   push_ifconfig_ipv6_defined = DISABLED
Wed Sep 20 16:13:36 2017 us=314705   push_ifconfig_ipv6_local = ::/0
Wed Sep 20 16:13:36 2017 us=314705   push_ifconfig_ipv6_remote = ::
Wed Sep 20 16:13:36 2017 us=314705   enable_c2c = DISABLED
Wed Sep 20 16:13:36 2017 us=314705   duplicate_cn = DISABLED
Wed Sep 20 16:13:36 2017 us=314705   cf_max = 0
Wed Sep 20 16:13:36 2017 us=314705   cf_per = 0
Wed Sep 20 16:13:36 2017 us=314705   max_clients = 1024
Wed Sep 20 16:13:36 2017 us=314705   max_routes_per_client = 256
Wed Sep 20 16:13:36 2017 us=314705   auth_user_pass_verify_script = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=314705   auth_user_pass_verify_script_via_file = DISABLED
Wed Sep 20 16:13:36 2017 us=314705   client = ENABLED
Wed Sep 20 16:13:36 2017 us=314705   pull = ENABLED
Wed Sep 20 16:13:36 2017 us=314705   auth_user_pass_file = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=314705   show_net_up = ENABLED
Wed Sep 20 16:13:36 2017 us=314705   route_method = 0
Wed Sep 20 16:13:36 2017 us=314705   block_outside_dns = DISABLED
Wed Sep 20 16:13:36 2017 us=314705   ip_win32_defined = DISABLED
Wed Sep 20 16:13:36 2017 us=314705   ip_win32_type = 3
Wed Sep 20 16:13:36 2017 us=314705   dhcp_masq_offset = 0
Wed Sep 20 16:13:36 2017 us=314705   dhcp_lease_time = 31536000
Wed Sep 20 16:13:36 2017 us=314705   tap_sleep = 3
Wed Sep 20 16:13:36 2017 us=314705   dhcp_options = DISABLED
Wed Sep 20 16:13:36 2017 us=314705   dhcp_renew = DISABLED
Wed Sep 20 16:13:36 2017 us=314705   dhcp_pre_release = DISABLED
Wed Sep 20 16:13:36 2017 us=314705   dhcp_release = DISABLED
Wed Sep 20 16:13:36 2017 us=314705   domain = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=314705   netbios_scope = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=314705   netbios_node_type = 0
Wed Sep 20 16:13:36 2017 us=314705   disable_nbt = DISABLED
Wed Sep 20 16:13:36 2017 us=314705 OpenVPN 2.3.17 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on Jun 20 2017
Wed Sep 20 16:13:36 2017 us=314705 Windows version 6.1 (Windows 7) 64bit
Wed Sep 20 16:13:36 2017 us=315705 library versions: OpenSSL 1.0.2l  25 May 2017, LZO 2.10
Wed Sep 20 16:13:36 2017 us=436712 Control Channel Authentication: tls-auth using INLINE static key file
Wed Sep 20 16:13:36 2017 us=436712 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Sep 20 16:13:36 2017 us=436712 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Sep 20 16:13:36 2017 us=437712 Control Channel MTU parms [ L:1557 D:1184 EF:66 EB:0 ET:0 EL:3 ]
Wed Sep 20 16:13:36 2017 us=439712 Socket Buffers: R=[8192->8192] S=[8192->8192]
Wed Sep 20 16:13:36 2017 us=439712 Data Channel MTU parms [ L:1557 D:1450 EF:57 EB:12 ET:0 EL:3 ]
Wed Sep 20 16:13:36 2017 us=439712 Local Options String: 'V4,dev-type tun,link-mtu 1557,tun-mtu 1500,proto UDPv4,keydir 1,cipher AES-128-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-client'
Wed Sep 20 16:13:36 2017 us=439712 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1557,tun-mtu 1500,proto UDPv4,keydir 0,cipher AES-128-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-server'
Wed Sep 20 16:13:36 2017 us=439712 Local Options hash (VER=V4): '0f816d6e'
Wed Sep 20 16:13:36 2017 us=439712 Expected Remote Options hash (VER=V4): '2f3e190a'
Wed Sep 20 16:13:36 2017 us=439712 UDPv4 link local: [undef]
Wed Sep 20 16:13:36 2017 us=439712 UDPv4 link remote: [AF_INET]1.2.3.4:1194
Wed Sep 20 16:13:36 2017 us=461713 TLS: Initial packet from [AF_INET]1.2.3.4:1194, sid=440a6a89 b174d087
Wed Sep 20 16:13:36 2017 us=517717 VERIFY OK: depth=1, C=..., ST=..., L=..., O=..., OU=..., CN=..., name=..., emailAddress=...
Wed Sep 20 16:13:36 2017 us=519717 Validating certificate key usage
Wed Sep 20 16:13:36 2017 us=519717 ++ Certificate has key usage  00a0, expects 00a0
Wed Sep 20 16:13:36 2017 us=519717 VERIFY KU OK
Wed Sep 20 16:13:36 2017 us=519717 Validating certificate extended key usage
Wed Sep 20 16:13:36 2017 us=519717 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Wed Sep 20 16:13:36 2017 us=519717 VERIFY EKU OK
Wed Sep 20 16:13:36 2017 us=519717 VERIFY X509NAME OK: C=..., ST=..., L=..., O=..., OU=..., CN=server1, name=server1, emailAddress=...
Wed Sep 20 16:13:36 2017 us=519717 VERIFY OK: depth=0, C=..., ST=..., L=..., O=..., OU=..., CN=server1, name=server1, emailAddress=...
Wed Sep 20 16:13:36 2017 us=719728 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Wed Sep 20 16:13:36 2017 us=719728 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Sep 20 16:13:36 2017 us=719728 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Wed Sep 20 16:13:36 2017 us=719728 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Sep 20 16:13:36 2017 us=719728 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
Wed Sep 20 16:13:36 2017 us=719728 [server1] Peer Connection Initiated with [AF_INET]1.2.3.4:1194
Wed Sep 20 16:13:38 2017 us=726843 SENT CONTROL [server1]: 'PUSH_REQUEST' (status=1)
Wed Sep 20 16:13:38 2017 us=750844 PUSH: Received control message: 'PUSH_REPLY,route 192.168.0.0 255.255.0.0,route-gateway 10.10.10.1,topology subnet,ping 10,ping-restart 120,ifconfig 10.10.10.2 255.255.255.0'
Wed Sep 20 16:13:38 2017 us=751844 OPTIONS IMPORT: timers and/or timeouts modified
Wed Sep 20 16:13:38 2017 us=751844 OPTIONS IMPORT: --ifconfig/up options modified
Wed Sep 20 16:13:38 2017 us=751844 OPTIONS IMPORT: route options modified
Wed Sep 20 16:13:38 2017 us=751844 OPTIONS IMPORT: route-related options modified
Wed Sep 20 16:13:38 2017 us=753844 ROUTE_GATEWAY 10.88.99.1/255.255.255.0 I=13 HWADDR=...
Wed Sep 20 16:13:38 2017 us=754845 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Wed Sep 20 16:13:38 2017 us=754845 open_tun, tt->ipv6=0
Wed Sep 20 16:13:38 2017 us=754845 TAP-WIN32 device [ovpn] opened: \\.\Global\{...}.tap
Wed Sep 20 16:13:38 2017 us=754845 TAP-Windows Driver Version 9.21 
Wed Sep 20 16:13:38 2017 us=754845 TAP-Windows MTU=1500
Wed Sep 20 16:13:38 2017 us=755845 Set TAP-Windows TUN subnet mode network/local/netmask = 10.10.10.0/10.10.10.2/255.255.255.0 [SUCCEEDED]
Wed Sep 20 16:13:38 2017 us=755845 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.10.10.2/255.255.255.0 on interface {...} [DHCP-serv: 10.10.10.254, lease-time: 31536000]
Wed Sep 20 16:13:38 2017 us=755845 Sleeping for 3 seconds...
Wed Sep 20 16:13:41 2017 us=756016 Successful ARP Flush on interface [18] {...}
Wed Sep 20 16:13:46 2017 us=763303 TEST ROUTES: 1/1 succeeded len=1 ret=1 a=0 u/d=up
Wed Sep 20 16:13:46 2017 us=763303 C:\Windows\system32\route.exe ADD 192.168.0.0 MASK 255.255.0.0 10.10.10.1
Wed Sep 20 16:13:46 2017 us=766303 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=20 and dwForwardType=4
Wed Sep 20 16:13:46 2017 us=766303 Route addition via IPAPI succeeded [adaptive]
SYSTEM ROUTING TABLE
0.0.0.0 0.0.0.0 10.88.99.1 p=0 i=13 t=4 pr=3 a=2614 h=0 m=257/0/0/0/0
10.10.10.0 255.255.255.0 10.10.10.2 p=0 i=18 t=3 pr=3 a=8 h=0 m=276/0/0/0/0
10.10.10.2 255.255.255.255 10.10.10.2 p=0 i=18 t=3 pr=3 a=8 h=0 m=276/0/0/0/0
10.10.10.255 255.255.255.255 10.10.10.2 p=0 i=18 t=3 pr=3 a=8 h=0 m=276/0/0/0/0
192.168.0.0 255.255.0.0 10.10.10.1 p=0 i=18 t=4 pr=3 a=0 h=0 m=20/0/0/0/0
127.0.0.0 255.0.0.0 127.0.0.1 p=0 i=1 t=3 pr=3 a=2685 h=0 m=306/0/0/0/0
127.0.0.1 255.255.255.255 127.0.0.1 p=0 i=1 t=3 pr=3 a=2685 h=0 m=306/0/0/0/0
127.255.255.255 255.255.255.255 127.0.0.1 p=0 i=1 t=3 pr=3 a=2685 h=0 m=306/0/0/0/0
10.88.99.0 255.255.255.0 10.88.99.4 p=0 i=13 t=3 pr=3 a=2608 h=0 m=257/0/0/0/0
10.88.99.4 255.255.255.255 10.88.99.4 p=0 i=13 t=3 pr=3 a=2608 h=0 m=257/0/0/0/0
10.88.99.255 255.255.255.255 10.88.99.4 p=0 i=13 t=3 pr=3 a=2608 h=0 m=257/0/0/0/0
224.0.0.0 240.0.0.0 127.0.0.1 p=0 i=1 t=3 pr=3 a=2685 h=0 m=306/0/0/0/0
224.0.0.0 240.0.0.0 10.88.99.4 p=0 i=13 t=3 pr=3 a=2614 h=0 m=257/0/0/0/0
224.0.0.0 240.0.0.0 10.10.10.2 p=0 i=18 t=3 pr=3 a=2605 h=0 m=276/0/0/0/0
255.255.255.255 255.255.255.255 127.0.0.1 p=0 i=1 t=3 pr=3 a=2685 h=0 m=306/0/0/0/0
255.255.255.255 255.255.255.255 10.88.99.4 p=0 i=13 t=3 pr=3 a=2614 h=0 m=257/0/0/0/0
255.255.255.255 255.255.255.255 10.10.10.2 p=0 i=18 t=3 pr=3 a=2605 h=0 m=276/0/0/0/0
SYSTEM ADAPTER LIST
Intel(R) 82577LM Gigabit Network Connection
  Index = 13
  GUID = {...}
  IP = 10.88.99.4/255.255.255.0 
  MAC = ...
  GATEWAY = 10.88.99.1/255.255.255.255 
  DNS SERV = 10.88.99.1/255.255.255.255 
TAP-Windows Adapter V9
  Index = 18
  GUID = {...}
  IP = 10.10.10.2/255.255.255.0 
  MAC = ...
  GATEWAY = 0.0.0.0/255.255.255.255 
  DHCP SERV = 10.10.10.254/255.255.255.255 
  DHCP LEASE OBTAINED = Wed Sep 20 16:13:38 2017
  DHCP LEASE EXPIRES  = Thu Sep 20 16:13:38 2018
  DNS SERV =  
Wed Sep 20 16:13:46 2017 us=776303 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Wed Sep 20 16:13:46 2017 us=776303 Initialization Sequence Completed
Wed Sep 20 16:26:46 2017 us=745915 TCP/UDP: Closing socket
Wed Sep 20 16:26:46 2017 us=745915 C:\Windows\system32\route.exe DELETE 192.168.0.0 MASK 255.255.0.0 10.10.10.1
Wed Sep 20 16:26:46 2017 us=746915 Route deletion via IPAPI succeeded [adaptive]
Wed Sep 20 16:26:46 2017 us=746915 Closing TUN/TAP interface
Wed Sep 20 16:26:46 2017 us=747915 SIGTERM[hard,] received, process exiting

ZEXsx
OpenVpn Newbie
Posts: 10
Joined: Wed Sep 20, 2017 11:40 am

Re: Strange problem - throughput reduction

Post by ZEXsx » Wed Sep 20, 2017 3:33 pm

I started vpn-connections on two clients.
Then, on one of them, I started pinging to nonexistent address in the server's internal network.
And the connection was cut off on both clients.
Thus, we got the simplest DOS-attack.

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: Strange problem - throughput reduction

Post by TinCanTech » Wed Sep 20, 2017 3:46 pm

It looks like you have some errors in your expected config:
ZEXsx wrote:
Wed Sep 20, 2017 12:05 pm
server 10.10.10.0 255.255.255.0
topology subnet
push "route 192.168.1.0 255.255.0.0"
However:
ZEXsx wrote:
Wed Sep 20, 2017 3:05 pm
Wed Sep 20 16:13:46 2017 us=763303 C:\Windows\system32\route.exe ADD 192.168.0.0 MASK 255.255.0.0 10.10.10.1
Just double check what you think you have ..

Also,
  • NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x. Be aware that this might create routing conflicts if you connect to the VPN server from public locations such as internet cafes that use the same subnet.
:arrow: Never use 192.168.0.0/24 or 192.168.1.0/24 (or other common subnets) for your OpenVPN Server LAN :!:
  • You are advised to change your server LAN to a more unique RFC1918 compliant subnet.
    For example: 192.168.143.0/24
Also, ensure IP forwarding is enabled on your server.

ZEXsx
OpenVpn Newbie
Posts: 10
Joined: Wed Sep 20, 2017 11:40 am

Re: Strange problem - throughput reduction

Post by ZEXsx » Wed Sep 20, 2017 4:23 pm

TinCanTech wrote:
Wed Sep 20, 2017 3:46 pm
It looks like you have some errors in your expected config:
Sorry! It is result of a mistake in sanitizing of the logs.

Here are less sanitized logs:
Server inner network: 10.234.0.0/16
Server address in inner network: 10.234.252.2
Server outer address: 1.2.3.4
VPN-segment network: 10.124.174.0/24
Client inner network: 192.168.57.0/24
Client outer address: 6.7.8.9

Server log:

Code: Select all

Wed Sep 20 16:13:13 2017 us=544280 Current Parameter Settings:
Wed Sep 20 16:13:13 2017 us=544280   config = 'server1.ovpn'
Wed Sep 20 16:13:13 2017 us=544280   mode = 1
Wed Sep 20 16:13:13 2017 us=544280   show_ciphers = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   show_digests = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   show_engines = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   genkey = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   key_pass_file = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   show_tls_ciphers = DISABLED
Wed Sep 20 16:13:13 2017 us=544280 Connection profiles [default]:
Wed Sep 20 16:13:13 2017 us=544280   proto = udp
Wed Sep 20 16:13:13 2017 us=544280   local = '10.234.252.2'
Wed Sep 20 16:13:13 2017 us=544280   local_port = 33444
Wed Sep 20 16:13:13 2017 us=544280   remote = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   remote_port = 1194
Wed Sep 20 16:13:13 2017 us=544280   remote_float = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   bind_defined = ENABLED
Wed Sep 20 16:13:13 2017 us=544280   bind_local = ENABLED
Wed Sep 20 16:13:13 2017 us=544280   connect_retry_seconds = 5
Wed Sep 20 16:13:13 2017 us=544280   connect_timeout = 10
Wed Sep 20 16:13:13 2017 us=544280   connect_retry_max = 0
Wed Sep 20 16:13:13 2017 us=544280   socks_proxy_server = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   socks_proxy_port = 0
Wed Sep 20 16:13:13 2017 us=544280   socks_proxy_retry = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   tun_mtu = 1500
Wed Sep 20 16:13:13 2017 us=544280   tun_mtu_defined = ENABLED
Wed Sep 20 16:13:13 2017 us=544280   link_mtu = 1500
Wed Sep 20 16:13:13 2017 us=544280   link_mtu_defined = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   tun_mtu_extra = 0
Wed Sep 20 16:13:13 2017 us=544280   tun_mtu_extra_defined = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   mtu_discover_type = -1
Wed Sep 20 16:13:13 2017 us=544280   fragment = 0
Wed Sep 20 16:13:13 2017 us=544280   mssfix = 1450
Wed Sep 20 16:13:13 2017 us=544280   explicit_exit_notification = 0
Wed Sep 20 16:13:13 2017 us=544280 Connection profiles END
Wed Sep 20 16:13:13 2017 us=544280   remote_random = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   ipchange = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   dev = 'tun'
Wed Sep 20 16:13:13 2017 us=544280   dev_type = 'tun'
Wed Sep 20 16:13:13 2017 us=544280   dev_node = 'ovpn'
Wed Sep 20 16:13:13 2017 us=544280   lladdr = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   topology = 3
Wed Sep 20 16:13:13 2017 us=544280   tun_ipv6 = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   ifconfig_local = '10.124.174.1'
Wed Sep 20 16:13:13 2017 us=544280   ifconfig_remote_netmask = '255.255.255.0'
Wed Sep 20 16:13:13 2017 us=544280   ifconfig_noexec = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   ifconfig_nowarn = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   ifconfig_ipv6_local = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   ifconfig_ipv6_netbits = 0
Wed Sep 20 16:13:13 2017 us=544280   ifconfig_ipv6_remote = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   shaper = 0
Wed Sep 20 16:13:13 2017 us=544280   mtu_test = 0
Wed Sep 20 16:13:13 2017 us=544280   mlock = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   keepalive_ping = 10
Wed Sep 20 16:13:13 2017 us=544280   keepalive_timeout = 120
Wed Sep 20 16:13:13 2017 us=544280   inactivity_timeout = 0
Wed Sep 20 16:13:13 2017 us=544280   ping_send_timeout = 10
Wed Sep 20 16:13:13 2017 us=544280   ping_rec_timeout = 240
Wed Sep 20 16:13:13 2017 us=544280   ping_rec_timeout_action = 2
Wed Sep 20 16:13:13 2017 us=544280   ping_timer_remote = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   remap_sigusr1 = 0
Wed Sep 20 16:13:13 2017 us=544280   persist_tun = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   persist_local_ip = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   persist_remote_ip = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   persist_key = ENABLED
Wed Sep 20 16:13:13 2017 us=544280   passtos = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   resolve_retry_seconds = 1000000000
Wed Sep 20 16:13:13 2017 us=544280   username = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   groupname = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   chroot_dir = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   cd_dir = 'c:\Program Files\OpenVPN\'
Wed Sep 20 16:13:13 2017 us=544280   writepid = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   up_script = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   down_script = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   down_pre = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   up_restart = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   up_delay = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   daemon = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   inetd = 0
Wed Sep 20 16:13:13 2017 us=544280   log = ENABLED
Wed Sep 20 16:13:13 2017 us=544280   suppress_timestamps = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   nice = 0
Wed Sep 20 16:13:13 2017 us=544280   verbosity = 4
Wed Sep 20 16:13:13 2017 us=544280   mute = 0
Wed Sep 20 16:13:13 2017 us=544280   gremlin = 0
Wed Sep 20 16:13:13 2017 us=544280   status_file = 'x:\openvpn-status.log'
Wed Sep 20 16:13:13 2017 us=544280   status_file_version = 1
Wed Sep 20 16:13:13 2017 us=544280   status_file_update_freq = 60
Wed Sep 20 16:13:13 2017 us=544280   occ = ENABLED
Wed Sep 20 16:13:13 2017 us=544280   rcvbuf = 0
Wed Sep 20 16:13:13 2017 us=544280   sndbuf = 0
Wed Sep 20 16:13:13 2017 us=544280   sockflags = 0
Wed Sep 20 16:13:13 2017 us=544280   fast_io = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   lzo = 0
Wed Sep 20 16:13:13 2017 us=544280   route_script = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   route_default_gateway = '10.124.174.2'
Wed Sep 20 16:13:13 2017 us=544280   route_default_metric = 0
Wed Sep 20 16:13:13 2017 us=544280   route_noexec = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   route_delay = 0
Wed Sep 20 16:13:13 2017 us=544280   route_delay_window = 30
Wed Sep 20 16:13:13 2017 us=544280   route_delay_defined = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   route_nopull = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   route_gateway_via_dhcp = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   max_routes = 100
Wed Sep 20 16:13:13 2017 us=544280   allow_pull_fqdn = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   management_addr = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   management_port = 0
Wed Sep 20 16:13:13 2017 us=544280   management_user_pass = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   management_log_history_cache = 250
Wed Sep 20 16:13:13 2017 us=544280   management_echo_buffer_size = 100
Wed Sep 20 16:13:13 2017 us=544280   management_write_peer_info_file = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   management_client_user = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   management_client_group = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   management_flags = 0
Wed Sep 20 16:13:13 2017 us=544280   shared_secret_file = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   key_direction = 1
Wed Sep 20 16:13:13 2017 us=544280   ciphername_defined = ENABLED
Wed Sep 20 16:13:13 2017 us=544280   ciphername = 'AES-128-CBC'
Wed Sep 20 16:13:13 2017 us=544280   authname_defined = ENABLED
Wed Sep 20 16:13:13 2017 us=544280   authname = 'SHA1'
Wed Sep 20 16:13:13 2017 us=544280   prng_hash = 'SHA1'
Wed Sep 20 16:13:13 2017 us=544280   prng_nonce_secret_len = 16
Wed Sep 20 16:13:13 2017 us=544280   keysize = 0
Wed Sep 20 16:13:13 2017 us=544280   engine = ENABLED
Wed Sep 20 16:13:13 2017 us=544280   replay = ENABLED
Wed Sep 20 16:13:13 2017 us=544280   mute_replay_warnings = ENABLED
Wed Sep 20 16:13:13 2017 us=544280   replay_window = 64
Wed Sep 20 16:13:13 2017 us=544280   replay_time = 15
Wed Sep 20 16:13:13 2017 us=544280   packet_id_file = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   use_iv = ENABLED
Wed Sep 20 16:13:13 2017 us=544280   test_crypto = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   tls_server = ENABLED
Wed Sep 20 16:13:13 2017 us=544280   tls_client = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   key_method = 2
Wed Sep 20 16:13:13 2017 us=544280   ca_file = '[[INLINE]]'
Wed Sep 20 16:13:13 2017 us=544280   ca_path = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   dh_file = '[[INLINE]]'
Wed Sep 20 16:13:13 2017 us=544280   cert_file = '[[INLINE]]'
Wed Sep 20 16:13:13 2017 us=544280   extra_certs_file = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   priv_key_file = '[[INLINE]]'
Wed Sep 20 16:13:13 2017 us=544280   pkcs12_file = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   cryptoapi_cert = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   cipher_list = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   tls_verify = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   tls_export_cert = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   verify_x509_type = 0
Wed Sep 20 16:13:13 2017 us=544280   verify_x509_name = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   crl_file = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=544280   ns_cert_type = 0
Wed Sep 20 16:13:13 2017 us=544280   remote_cert_ku[i] = 128
Wed Sep 20 16:13:13 2017 us=544280   remote_cert_ku[i] = 8
Wed Sep 20 16:13:13 2017 us=544280   remote_cert_ku[i] = 136
Wed Sep 20 16:13:13 2017 us=544280   remote_cert_ku[i] = 0
Wed Sep 20 16:13:13 2017 us=544280   remote_cert_ku[i] = 0
Wed Sep 20 16:13:13 2017 us=544280   remote_cert_ku[i] = 0
Wed Sep 20 16:13:13 2017 us=544280   remote_cert_ku[i] = 0
Wed Sep 20 16:13:13 2017 us=544280   remote_cert_ku[i] = 0
Wed Sep 20 16:13:13 2017 us=544280   remote_cert_ku[i] = 0
Wed Sep 20 16:13:13 2017 us=544280   remote_cert_ku[i] = 0
Wed Sep 20 16:13:13 2017 us=544280   remote_cert_ku[i] = 0
Wed Sep 20 16:13:13 2017 us=544280   remote_cert_ku[i] = 0
Wed Sep 20 16:13:13 2017 us=544280   remote_cert_ku[i] = 0
Wed Sep 20 16:13:13 2017 us=544280   remote_cert_ku[i] = 0
Wed Sep 20 16:13:13 2017 us=544280   remote_cert_ku[i] = 0
Wed Sep 20 16:13:13 2017 us=544280   remote_cert_ku[i] = 0
Wed Sep 20 16:13:13 2017 us=544280   remote_cert_eku = 'TLS Web Client Authentication'
Wed Sep 20 16:13:13 2017 us=544280   ssl_flags = 208
Wed Sep 20 16:13:13 2017 us=544280   tls_timeout = 2
Wed Sep 20 16:13:13 2017 us=544280   renegotiate_bytes = -1
Wed Sep 20 16:13:13 2017 us=544280   renegotiate_packets = 0
Wed Sep 20 16:13:13 2017 us=544280   renegotiate_seconds = 3600
Wed Sep 20 16:13:13 2017 us=544280   handshake_window = 60
Wed Sep 20 16:13:13 2017 us=544280   transition_window = 3600
Wed Sep 20 16:13:13 2017 us=544280   single_session = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   push_peer_info = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   tls_exit = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   tls_auth_file = '[[INLINE]]'
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:13 2017 us=544280   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   pkcs11_pin_cache_period = -1
Wed Sep 20 16:13:13 2017 us=545281   pkcs11_id = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=545281   pkcs11_id_management = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   server_network = 10.124.174.0
Wed Sep 20 16:13:13 2017 us=545281   server_netmask = 255.255.255.0
Wed Sep 20 16:13:13 2017 us=545281   server_network_ipv6 = ::
Wed Sep 20 16:13:13 2017 us=545281   server_netbits_ipv6 = 0
Wed Sep 20 16:13:13 2017 us=545281   server_bridge_ip = 0.0.0.0
Wed Sep 20 16:13:13 2017 us=545281   server_bridge_netmask = 0.0.0.0
Wed Sep 20 16:13:13 2017 us=545281   server_bridge_pool_start = 0.0.0.0
Wed Sep 20 16:13:13 2017 us=545281   server_bridge_pool_end = 0.0.0.0
Wed Sep 20 16:13:13 2017 us=545281   push_entry = 'route 10.234.0.0 255.255.0.0'
Wed Sep 20 16:13:13 2017 us=545281   push_entry = 'route-gateway 10.124.174.1'
Wed Sep 20 16:13:13 2017 us=545281   push_entry = 'topology subnet'
Wed Sep 20 16:13:13 2017 us=545281   push_entry = 'ping 10'
Wed Sep 20 16:13:13 2017 us=545281   push_entry = 'ping-restart 120'
Wed Sep 20 16:13:13 2017 us=545281   ifconfig_pool_defined = ENABLED
Wed Sep 20 16:13:13 2017 us=545281   ifconfig_pool_start = 10.124.174.2
Wed Sep 20 16:13:13 2017 us=545281   ifconfig_pool_end = 10.124.174.253
Wed Sep 20 16:13:13 2017 us=545281   ifconfig_pool_netmask = 255.255.255.0
Wed Sep 20 16:13:13 2017 us=545281   ifconfig_pool_persist_filename = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=545281   ifconfig_pool_persist_refresh_freq = 600
Wed Sep 20 16:13:13 2017 us=545281   ifconfig_ipv6_pool_defined = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   ifconfig_ipv6_pool_base = ::
Wed Sep 20 16:13:13 2017 us=545281   ifconfig_ipv6_pool_netbits = 0
Wed Sep 20 16:13:13 2017 us=545281   n_bcast_buf = 256
Wed Sep 20 16:13:13 2017 us=545281   tcp_queue_limit = 64
Wed Sep 20 16:13:13 2017 us=545281   real_hash_size = 256
Wed Sep 20 16:13:13 2017 us=545281   virtual_hash_size = 256
Wed Sep 20 16:13:13 2017 us=545281   client_connect_script = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=545281   learn_address_script = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=545281   client_disconnect_script = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=545281   client_config_dir = 'config\ccd'
Wed Sep 20 16:13:13 2017 us=545281   ccd_exclusive = ENABLED
Wed Sep 20 16:13:13 2017 us=545281   tmp_dir = 'x:\'
Wed Sep 20 16:13:13 2017 us=545281   push_ifconfig_defined = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   push_ifconfig_local = 0.0.0.0
Wed Sep 20 16:13:13 2017 us=545281   push_ifconfig_remote_netmask = 0.0.0.0
Wed Sep 20 16:13:13 2017 us=545281   push_ifconfig_ipv6_defined = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   push_ifconfig_ipv6_local = ::/0
Wed Sep 20 16:13:13 2017 us=545281   push_ifconfig_ipv6_remote = ::
Wed Sep 20 16:13:13 2017 us=545281   enable_c2c = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   duplicate_cn = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   cf_max = 0
Wed Sep 20 16:13:13 2017 us=545281   cf_per = 0
Wed Sep 20 16:13:13 2017 us=545281   max_clients = 50
Wed Sep 20 16:13:13 2017 us=545281   max_routes_per_client = 10
Wed Sep 20 16:13:13 2017 us=545281   auth_user_pass_verify_script = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=545281   auth_user_pass_verify_script_via_file = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   client = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   pull = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   auth_user_pass_file = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=545281   show_net_up = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   route_method = 0
Wed Sep 20 16:13:13 2017 us=545281   block_outside_dns = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   ip_win32_defined = ENABLED
Wed Sep 20 16:13:13 2017 us=545281   ip_win32_type = 2
Wed Sep 20 16:13:13 2017 us=545281   dhcp_masq_offset = 0
Wed Sep 20 16:13:13 2017 us=545281   dhcp_lease_time = 31536000
Wed Sep 20 16:13:13 2017 us=545281   tap_sleep = 10
Wed Sep 20 16:13:13 2017 us=545281   dhcp_options = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   dhcp_renew = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   dhcp_pre_release = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   dhcp_release = DISABLED
Wed Sep 20 16:13:13 2017 us=545281   domain = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=545281   netbios_scope = '[UNDEF]'
Wed Sep 20 16:13:13 2017 us=545281   netbios_node_type = 0
Wed Sep 20 16:13:13 2017 us=545281   disable_nbt = DISABLED
Wed Sep 20 16:13:13 2017 us=545281 OpenVPN 2.3.17 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on Jun 20 2017
Wed Sep 20 16:13:13 2017 us=545281 Windows version 6.1 (Windows 7) 64bit
Wed Sep 20 16:13:13 2017 us=545281 library versions: OpenSSL 1.0.2l  25 May 2017, LZO 2.10
Wed Sep 20 16:13:13 2017 us=546281 Initializing OpenSSL support for engine 'rdrand'
Wed Sep 20 16:13:13 2017 us=546281 Diffie-Hellman initialized with 4096 bit key
Wed Sep 20 16:13:13 2017 us=546281 Control Channel Authentication: tls-auth using INLINE static key file
Wed Sep 20 16:13:13 2017 us=546281 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Sep 20 16:13:13 2017 us=546281 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Sep 20 16:13:13 2017 us=546281 TLS-Auth MTU parms [ L:1557 D:1184 EF:66 EB:0 ET:0 EL:3 ]
Wed Sep 20 16:13:13 2017 us=546281 Socket Buffers: R=[8192->8192] S=[8192->8192]
Wed Sep 20 16:13:13 2017 us=547281 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Wed Sep 20 16:13:13 2017 us=547281 open_tun, tt->ipv6=0
Wed Sep 20 16:13:13 2017 us=547281 TAP-WIN32 device [ovpn] opened: \\.\Global\{98A6F8C6-7537-4468-8366-912F04A7D7D9}.tap
Wed Sep 20 16:13:13 2017 us=547281 TAP-Windows Driver Version 9.21 
Wed Sep 20 16:13:13 2017 us=547281 TAP-Windows MTU=1500
Wed Sep 20 16:13:13 2017 us=547281 Set TAP-Windows TUN subnet mode network/local/netmask = 10.124.174.0/10.124.174.1/255.255.255.0 [SUCCEEDED]
Wed Sep 20 16:13:13 2017 us=547281 Sleeping for 10 seconds...
Wed Sep 20 16:13:23 2017 us=547853 Successful ARP Flush on interface [13] {98A6F8C6-7537-4468-8366-912F04A7D7D9}
Wed Sep 20 16:13:23 2017 us=548853 Successfully deleted previously set dynamic IP/netmask: 169.254.26.223/255.255.0.0
Wed Sep 20 16:13:23 2017 us=548853 Succeeded in adding a temporary IP/netmask of 10.124.174.1/255.255.255.0 to interface {98A6F8C6-7537-4468-8366-912F04A7D7D9} using the Win32 IP Helper API
Wed Sep 20 16:13:23 2017 us=549853 Data Channel MTU parms [ L:1557 D:1450 EF:57 EB:12 ET:0 EL:3 ]
Wed Sep 20 16:13:23 2017 us=549853 UDPv4 link local (bound): [AF_INET]10.234.252.2:33444
Wed Sep 20 16:13:23 2017 us=549853 UDPv4 link remote: [undef]
Wed Sep 20 16:13:23 2017 us=549853 MULTI: multi_init called, r=256 v=256
Wed Sep 20 16:13:23 2017 us=549853 IFCONFIG POOL: base=10.124.174.2 size=252, ipv6=0
Wed Sep 20 16:13:23 2017 us=549853 Initialization Sequence Completed
Wed Sep 20 16:13:39 2017 us=50739 MULTI: multi_create_instance called
Wed Sep 20 16:13:39 2017 us=50739 6.7.8.9:60882 Re-using SSL/TLS context
Wed Sep 20 16:13:39 2017 us=50739 6.7.8.9:60882 Control Channel MTU parms [ L:1557 D:1184 EF:66 EB:0 ET:0 EL:3 ]
Wed Sep 20 16:13:39 2017 us=50739 6.7.8.9:60882 Data Channel MTU parms [ L:1557 D:1450 EF:57 EB:12 ET:0 EL:3 ]
Wed Sep 20 16:13:39 2017 us=50739 6.7.8.9:60882 Local Options String: 'V4,dev-type tun,link-mtu 1557,tun-mtu 1500,proto UDPv4,keydir 0,cipher AES-128-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-server'
Wed Sep 20 16:13:39 2017 us=50739 6.7.8.9:60882 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1557,tun-mtu 1500,proto UDPv4,keydir 1,cipher AES-128-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-client'
Wed Sep 20 16:13:39 2017 us=50739 6.7.8.9:60882 Local Options hash (VER=V4): '2f3e190a'
Wed Sep 20 16:13:39 2017 us=50739 6.7.8.9:60882 Expected Remote Options hash (VER=V4): '0f816d6e'
Wed Sep 20 16:13:39 2017 us=50739 6.7.8.9:60882 TLS: Initial packet from [AF_INET]6.7.8.9:60882, sid=af7aa075 15b63c0f
Wed Sep 20 16:13:39 2017 us=265752 6.7.8.9:60882 VERIFY OK: depth=1, C=......
Wed Sep 20 16:13:39 2017 us=265752 6.7.8.9:60882 Validating certificate key usage
Wed Sep 20 16:13:39 2017 us=265752 6.7.8.9:60882 ++ Certificate has key usage  0080, expects 0080
Wed Sep 20 16:13:39 2017 us=265752 6.7.8.9:60882 VERIFY KU OK
Wed Sep 20 16:13:39 2017 us=265752 6.7.8.9:60882 Validating certificate extended key usage
Wed Sep 20 16:13:39 2017 us=265752 6.7.8.9:60882 ++ Certificate has EKU (str) TLS Web Client Authentication, expects TLS Web Client Authentication
Wed Sep 20 16:13:39 2017 us=265752 6.7.8.9:60882 VERIFY EKU OK
Wed Sep 20 16:13:39 2017 us=265752 6.7.8.9:60882 VERIFY OK: depth=0, C=......, CN=mike1, name=mike1, ......
Wed Sep 20 16:13:39 2017 us=308754 6.7.8.9:60882 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Wed Sep 20 16:13:39 2017 us=308754 6.7.8.9:60882 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Sep 20 16:13:39 2017 us=308754 6.7.8.9:60882 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Wed Sep 20 16:13:39 2017 us=308754 6.7.8.9:60882 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Sep 20 16:13:39 2017 us=329755 6.7.8.9:60882 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
Wed Sep 20 16:13:39 2017 us=329755 6.7.8.9:60882 [mike1] Peer Connection Initiated with [AF_INET]6.7.8.9:60882
Wed Sep 20 16:13:39 2017 us=329755 mike1/6.7.8.9:60882 OPTIONS IMPORT: reading client specific options from: config\ccd\mike1
Wed Sep 20 16:13:39 2017 us=329755 mike1/6.7.8.9:60882 MULTI_sva: pool returned IPv4=10.124.174.2, IPv6=(Not enabled)
Wed Sep 20 16:13:39 2017 us=329755 mike1/6.7.8.9:60882 MULTI: Learn: 10.124.174.2 -> mike1/6.7.8.9:60882
Wed Sep 20 16:13:39 2017 us=329755 mike1/6.7.8.9:60882 MULTI: primary virtual IP for mike1/6.7.8.9:60882: 10.124.174.2
Wed Sep 20 16:13:41 2017 us=338870 mike1/6.7.8.9:60882 PUSH: Received control message: 'PUSH_REQUEST'
Wed Sep 20 16:13:41 2017 us=338870 mike1/6.7.8.9:60882 send_push_reply(): safe_cap=940
Wed Sep 20 16:13:41 2017 us=338870 mike1/6.7.8.9:60882 SENT CONTROL [mike1]: 'PUSH_REPLY,route 10.234.0.0 255.255.0.0,route-gateway 10.124.174.1,topology subnet,ping 10,ping-restart 120,ifconfig 10.124.174.2 255.255.255.0' (status=1)
Wed Sep 20 16:26:50 2017 us=686018 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Wed Sep 20 16:27:00 2017 us=790596 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Wed Sep 20 16:27:10 2017 us=821170 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Wed Sep 20 16:27:21 2017 us=66756 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Wed Sep 20 16:27:31 2017 us=289341 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Wed Sep 20 16:27:41 2017 us=659934 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Wed Sep 20 16:27:51 2017 us=701508 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Wed Sep 20 16:28:01 2017 us=784085 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Wed Sep 20 16:28:12 2017 us=196680 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Wed Sep 20 16:28:22 2017 us=313259 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Wed Sep 20 16:28:32 2017 us=413837 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Wed Sep 20 16:28:42 2017 us=770429 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Wed Sep 20 16:28:52 2017 us=805003 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Wed Sep 20 16:29:02 2017 us=819576 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Wed Sep 20 16:29:13 2017 us=28160 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Wed Sep 20 16:29:23 2017 us=80735 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Wed Sep 20 16:29:33 2017 us=165312 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Wed Sep 20 16:29:43 2017 us=581907 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Wed Sep 20 16:29:53 2017 us=660484 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Wed Sep 20 16:30:03 2017 us=835066 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Wed Sep 20 16:30:13 2017 us=915642 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Wed Sep 20 16:30:24 2017 us=68223 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Wed Sep 20 16:30:34 2017 us=134799 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Wed Sep 20 16:30:40 2017 us=233148 mike1/6.7.8.9:60882 [mike1] Inactivity timeout (--ping-restart), restarting
Wed Sep 20 16:30:40 2017 us=233148 mike1/6.7.8.9:60882 SIGUSR1[soft,ping-restart] received, client-instance restarting
Wed Sep 20 16:38:55 2017 us=827494 TCP/UDP: Closing socket
Wed Sep 20 16:38:55 2017 us=827494 Closing TUN/TAP interface
Wed Sep 20 16:38:55 2017 us=827494 SIGTERM[hard,] received, process exiting
Client log:

Code: Select all

Wed Sep 20 16:13:36 2017 us=310705 Current Parameter Settings:
Wed Sep 20 16:13:36 2017 us=311705   config = 'c:\Program Files\OpenVPN\config\ovpn_mike1.ovpn'
Wed Sep 20 16:13:36 2017 us=311705   mode = 0
Wed Sep 20 16:13:36 2017 us=311705   show_ciphers = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   show_digests = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   show_engines = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   genkey = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   key_pass_file = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=311705   show_tls_ciphers = DISABLED
Wed Sep 20 16:13:36 2017 us=311705 Connection profiles [default]:
Wed Sep 20 16:13:36 2017 us=311705   proto = udp
Wed Sep 20 16:13:36 2017 us=311705   local = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=311705   local_port = 0
Wed Sep 20 16:13:36 2017 us=311705   remote = '1.2.3.4'
Wed Sep 20 16:13:36 2017 us=311705   remote_port = 33444
Wed Sep 20 16:13:36 2017 us=311705   remote_float = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   bind_defined = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   bind_local = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   connect_retry_seconds = 5
Wed Sep 20 16:13:36 2017 us=311705   connect_timeout = 10
Wed Sep 20 16:13:36 2017 us=311705   connect_retry_max = 0
Wed Sep 20 16:13:36 2017 us=311705   socks_proxy_server = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=311705   socks_proxy_port = 0
Wed Sep 20 16:13:36 2017 us=311705   socks_proxy_retry = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   tun_mtu = 1500
Wed Sep 20 16:13:36 2017 us=311705   tun_mtu_defined = ENABLED
Wed Sep 20 16:13:36 2017 us=311705   link_mtu = 1500
Wed Sep 20 16:13:36 2017 us=311705   link_mtu_defined = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   tun_mtu_extra = 0
Wed Sep 20 16:13:36 2017 us=311705   tun_mtu_extra_defined = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   mtu_discover_type = -1
Wed Sep 20 16:13:36 2017 us=311705   fragment = 0
Wed Sep 20 16:13:36 2017 us=311705   mssfix = 1450
Wed Sep 20 16:13:36 2017 us=311705   explicit_exit_notification = 0
Wed Sep 20 16:13:36 2017 us=311705 Connection profiles END
Wed Sep 20 16:13:36 2017 us=311705   remote_random = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   ipchange = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=311705   dev = 'tun'
Wed Sep 20 16:13:36 2017 us=311705   dev_type = 'tun'
Wed Sep 20 16:13:36 2017 us=311705   dev_node = 'ovpn'
Wed Sep 20 16:13:36 2017 us=311705   lladdr = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=311705   topology = 1
Wed Sep 20 16:13:36 2017 us=311705   tun_ipv6 = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   ifconfig_local = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=311705   ifconfig_remote_netmask = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=311705   ifconfig_noexec = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   ifconfig_nowarn = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   ifconfig_ipv6_local = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=311705   ifconfig_ipv6_netbits = 0
Wed Sep 20 16:13:36 2017 us=311705   ifconfig_ipv6_remote = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=311705   shaper = 0
Wed Sep 20 16:13:36 2017 us=311705   mtu_test = 0
Wed Sep 20 16:13:36 2017 us=311705   mlock = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   keepalive_ping = 0
Wed Sep 20 16:13:36 2017 us=311705   keepalive_timeout = 0
Wed Sep 20 16:13:36 2017 us=311705   inactivity_timeout = 0
Wed Sep 20 16:13:36 2017 us=311705   ping_send_timeout = 0
Wed Sep 20 16:13:36 2017 us=311705   ping_rec_timeout = 0
Wed Sep 20 16:13:36 2017 us=311705   ping_rec_timeout_action = 0
Wed Sep 20 16:13:36 2017 us=311705   ping_timer_remote = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   remap_sigusr1 = 0
Wed Sep 20 16:13:36 2017 us=311705   persist_tun = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   persist_local_ip = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   persist_remote_ip = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   persist_key = ENABLED
Wed Sep 20 16:13:36 2017 us=311705   passtos = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   resolve_retry_seconds = 1000000000
Wed Sep 20 16:13:36 2017 us=311705   username = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=311705   groupname = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=311705   chroot_dir = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=311705   cd_dir = 'c:\Program Files\OpenVPN\'
Wed Sep 20 16:13:36 2017 us=311705   writepid = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=311705   up_script = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=311705   down_script = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=311705   down_pre = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   up_restart = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   up_delay = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   daemon = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   inetd = 0
Wed Sep 20 16:13:36 2017 us=311705   log = ENABLED
Wed Sep 20 16:13:36 2017 us=311705   suppress_timestamps = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   nice = 0
Wed Sep 20 16:13:36 2017 us=311705   verbosity = 4
Wed Sep 20 16:13:36 2017 us=311705   mute = 0
Wed Sep 20 16:13:36 2017 us=311705   gremlin = 0
Wed Sep 20 16:13:36 2017 us=311705   status_file = 'x:\openvpn-status.log'
Wed Sep 20 16:13:36 2017 us=311705   status_file_version = 1
Wed Sep 20 16:13:36 2017 us=311705   status_file_update_freq = 60
Wed Sep 20 16:13:36 2017 us=311705   occ = ENABLED
Wed Sep 20 16:13:36 2017 us=311705   rcvbuf = 0
Wed Sep 20 16:13:36 2017 us=311705   sndbuf = 0
Wed Sep 20 16:13:36 2017 us=311705   sockflags = 0
Wed Sep 20 16:13:36 2017 us=311705   fast_io = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   lzo = 0
Wed Sep 20 16:13:36 2017 us=311705   route_script = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=311705   route_default_gateway = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=311705   route_default_metric = 0
Wed Sep 20 16:13:36 2017 us=311705   route_noexec = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   route_delay = 5
Wed Sep 20 16:13:36 2017 us=311705   route_delay_window = 30
Wed Sep 20 16:13:36 2017 us=311705   route_delay_defined = ENABLED
Wed Sep 20 16:13:36 2017 us=311705   route_nopull = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   route_gateway_via_dhcp = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   max_routes = 100
Wed Sep 20 16:13:36 2017 us=311705   allow_pull_fqdn = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   management_addr = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=311705   management_port = 0
Wed Sep 20 16:13:36 2017 us=311705   management_user_pass = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=311705   management_log_history_cache = 250
Wed Sep 20 16:13:36 2017 us=311705   management_echo_buffer_size = 100
Wed Sep 20 16:13:36 2017 us=311705   management_write_peer_info_file = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=311705   management_client_user = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=311705   management_client_group = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=311705   management_flags = 0
Wed Sep 20 16:13:36 2017 us=311705   shared_secret_file = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=311705   key_direction = 2
Wed Sep 20 16:13:36 2017 us=311705   ciphername_defined = ENABLED
Wed Sep 20 16:13:36 2017 us=311705   ciphername = 'AES-128-CBC'
Wed Sep 20 16:13:36 2017 us=311705   authname_defined = ENABLED
Wed Sep 20 16:13:36 2017 us=311705   authname = 'SHA1'
Wed Sep 20 16:13:36 2017 us=311705   prng_hash = 'SHA1'
Wed Sep 20 16:13:36 2017 us=311705   prng_nonce_secret_len = 16
Wed Sep 20 16:13:36 2017 us=311705   keysize = 0
Wed Sep 20 16:13:36 2017 us=311705   engine = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   replay = ENABLED
Wed Sep 20 16:13:36 2017 us=311705   mute_replay_warnings = ENABLED
Wed Sep 20 16:13:36 2017 us=311705   replay_window = 64
Wed Sep 20 16:13:36 2017 us=311705   replay_time = 15
Wed Sep 20 16:13:36 2017 us=311705   packet_id_file = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=311705   use_iv = ENABLED
Wed Sep 20 16:13:36 2017 us=311705   test_crypto = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   tls_server = DISABLED
Wed Sep 20 16:13:36 2017 us=311705   tls_client = ENABLED
Wed Sep 20 16:13:36 2017 us=311705   key_method = 2
Wed Sep 20 16:13:36 2017 us=311705   ca_file = '[[INLINE]]'
Wed Sep 20 16:13:36 2017 us=311705   ca_path = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=311705   dh_file = '[[INLINE]]'
Wed Sep 20 16:13:36 2017 us=311705   cert_file = '[[INLINE]]'
Wed Sep 20 16:13:36 2017 us=311705   extra_certs_file = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=312705   priv_key_file = '[[INLINE]]'
Wed Sep 20 16:13:36 2017 us=312705   pkcs12_file = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=312705   cryptoapi_cert = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=312705   cipher_list = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=312705   tls_verify = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=312705   tls_export_cert = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=312705   verify_x509_type = 3
Wed Sep 20 16:13:36 2017 us=312705   verify_x509_name = 'server'
Wed Sep 20 16:13:36 2017 us=312705   crl_file = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=312705   ns_cert_type = 0
Wed Sep 20 16:13:36 2017 us=312705   remote_cert_ku[i] = 160
Wed Sep 20 16:13:36 2017 us=312705   remote_cert_ku[i] = 136
Wed Sep 20 16:13:36 2017 us=312705   remote_cert_ku[i] = 0
Wed Sep 20 16:13:36 2017 us=312705   remote_cert_ku[i] = 0
Wed Sep 20 16:13:36 2017 us=312705   remote_cert_ku[i] = 0
Wed Sep 20 16:13:36 2017 us=312705   remote_cert_ku[i] = 0
Wed Sep 20 16:13:36 2017 us=312705   remote_cert_ku[i] = 0
Wed Sep 20 16:13:36 2017 us=312705   remote_cert_ku[i] = 0
Wed Sep 20 16:13:36 2017 us=312705   remote_cert_ku[i] = 0
Wed Sep 20 16:13:36 2017 us=312705   remote_cert_ku[i] = 0
Wed Sep 20 16:13:36 2017 us=312705   remote_cert_ku[i] = 0
Wed Sep 20 16:13:36 2017 us=312705   remote_cert_ku[i] = 0
Wed Sep 20 16:13:36 2017 us=312705   remote_cert_ku[i] = 0
Wed Sep 20 16:13:36 2017 us=312705   remote_cert_ku[i] = 0
Wed Sep 20 16:13:36 2017 us=312705   remote_cert_ku[i] = 0
Wed Sep 20 16:13:36 2017 us=312705   remote_cert_ku[i] = 0
Wed Sep 20 16:13:36 2017 us=312705   remote_cert_eku = 'TLS Web Server Authentication'
Wed Sep 20 16:13:36 2017 us=312705   ssl_flags = 0
Wed Sep 20 16:13:36 2017 us=312705   tls_timeout = 2
Wed Sep 20 16:13:36 2017 us=312705   renegotiate_bytes = -1
Wed Sep 20 16:13:36 2017 us=312705   renegotiate_packets = 0
Wed Sep 20 16:13:36 2017 us=312705   renegotiate_seconds = 3600
Wed Sep 20 16:13:36 2017 us=312705   handshake_window = 60
Wed Sep 20 16:13:36 2017 us=312705   transition_window = 3600
Wed Sep 20 16:13:36 2017 us=312705   single_session = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   push_peer_info = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   tls_exit = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   tls_auth_file = '[[INLINE]]'
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_protected_authentication = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_private_mode = 00000000
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_cert_private = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_pin_cache_period = -1
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_id = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=312705   pkcs11_id_management = DISABLED
Wed Sep 20 16:13:36 2017 us=312705   server_network = 0.0.0.0
Wed Sep 20 16:13:36 2017 us=312705   server_netmask = 0.0.0.0
Wed Sep 20 16:13:36 2017 us=314705   server_network_ipv6 = ::
Wed Sep 20 16:13:36 2017 us=314705   server_netbits_ipv6 = 0
Wed Sep 20 16:13:36 2017 us=314705   server_bridge_ip = 0.0.0.0
Wed Sep 20 16:13:36 2017 us=314705   server_bridge_netmask = 0.0.0.0
Wed Sep 20 16:13:36 2017 us=314705   server_bridge_pool_start = 0.0.0.0
Wed Sep 20 16:13:36 2017 us=314705   server_bridge_pool_end = 0.0.0.0
Wed Sep 20 16:13:36 2017 us=314705   ifconfig_pool_defined = DISABLED
Wed Sep 20 16:13:36 2017 us=314705   ifconfig_pool_start = 0.0.0.0
Wed Sep 20 16:13:36 2017 us=314705   ifconfig_pool_end = 0.0.0.0
Wed Sep 20 16:13:36 2017 us=314705   ifconfig_pool_netmask = 0.0.0.0
Wed Sep 20 16:13:36 2017 us=314705   ifconfig_pool_persist_filename = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=314705   ifconfig_pool_persist_refresh_freq = 600
Wed Sep 20 16:13:36 2017 us=314705   ifconfig_ipv6_pool_defined = DISABLED
Wed Sep 20 16:13:36 2017 us=314705   ifconfig_ipv6_pool_base = ::
Wed Sep 20 16:13:36 2017 us=314705   ifconfig_ipv6_pool_netbits = 0
Wed Sep 20 16:13:36 2017 us=314705   n_bcast_buf = 256
Wed Sep 20 16:13:36 2017 us=314705   tcp_queue_limit = 64
Wed Sep 20 16:13:36 2017 us=314705   real_hash_size = 256
Wed Sep 20 16:13:36 2017 us=314705   virtual_hash_size = 256
Wed Sep 20 16:13:36 2017 us=314705   client_connect_script = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=314705   learn_address_script = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=314705   client_disconnect_script = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=314705   client_config_dir = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=314705   ccd_exclusive = DISABLED
Wed Sep 20 16:13:36 2017 us=314705   tmp_dir = 'x:\'
Wed Sep 20 16:13:36 2017 us=314705   push_ifconfig_defined = DISABLED
Wed Sep 20 16:13:36 2017 us=314705   push_ifconfig_local = 0.0.0.0
Wed Sep 20 16:13:36 2017 us=314705   push_ifconfig_remote_netmask = 0.0.0.0
Wed Sep 20 16:13:36 2017 us=314705   push_ifconfig_ipv6_defined = DISABLED
Wed Sep 20 16:13:36 2017 us=314705   push_ifconfig_ipv6_local = ::/0
Wed Sep 20 16:13:36 2017 us=314705   push_ifconfig_ipv6_remote = ::
Wed Sep 20 16:13:36 2017 us=314705   enable_c2c = DISABLED
Wed Sep 20 16:13:36 2017 us=314705   duplicate_cn = DISABLED
Wed Sep 20 16:13:36 2017 us=314705   cf_max = 0
Wed Sep 20 16:13:36 2017 us=314705   cf_per = 0
Wed Sep 20 16:13:36 2017 us=314705   max_clients = 1024
Wed Sep 20 16:13:36 2017 us=314705   max_routes_per_client = 256
Wed Sep 20 16:13:36 2017 us=314705   auth_user_pass_verify_script = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=314705   auth_user_pass_verify_script_via_file = DISABLED
Wed Sep 20 16:13:36 2017 us=314705   client = ENABLED
Wed Sep 20 16:13:36 2017 us=314705   pull = ENABLED
Wed Sep 20 16:13:36 2017 us=314705   auth_user_pass_file = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=314705   show_net_up = ENABLED
Wed Sep 20 16:13:36 2017 us=314705   route_method = 0
Wed Sep 20 16:13:36 2017 us=314705   block_outside_dns = DISABLED
Wed Sep 20 16:13:36 2017 us=314705   ip_win32_defined = DISABLED
Wed Sep 20 16:13:36 2017 us=314705   ip_win32_type = 3
Wed Sep 20 16:13:36 2017 us=314705   dhcp_masq_offset = 0
Wed Sep 20 16:13:36 2017 us=314705   dhcp_lease_time = 31536000
Wed Sep 20 16:13:36 2017 us=314705   tap_sleep = 3
Wed Sep 20 16:13:36 2017 us=314705   dhcp_options = DISABLED
Wed Sep 20 16:13:36 2017 us=314705   dhcp_renew = DISABLED
Wed Sep 20 16:13:36 2017 us=314705   dhcp_pre_release = DISABLED
Wed Sep 20 16:13:36 2017 us=314705   dhcp_release = DISABLED
Wed Sep 20 16:13:36 2017 us=314705   domain = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=314705   netbios_scope = '[UNDEF]'
Wed Sep 20 16:13:36 2017 us=314705   netbios_node_type = 0
Wed Sep 20 16:13:36 2017 us=314705   disable_nbt = DISABLED
Wed Sep 20 16:13:36 2017 us=314705 OpenVPN 2.3.17 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on Jun 20 2017
Wed Sep 20 16:13:36 2017 us=314705 Windows version 6.1 (Windows 7) 64bit
Wed Sep 20 16:13:36 2017 us=315705 library versions: OpenSSL 1.0.2l  25 May 2017, LZO 2.10
Wed Sep 20 16:13:36 2017 us=436712 Control Channel Authentication: tls-auth using INLINE static key file
Wed Sep 20 16:13:36 2017 us=436712 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Sep 20 16:13:36 2017 us=436712 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Sep 20 16:13:36 2017 us=437712 Control Channel MTU parms [ L:1557 D:1184 EF:66 EB:0 ET:0 EL:3 ]
Wed Sep 20 16:13:36 2017 us=439712 Socket Buffers: R=[8192->8192] S=[8192->8192]
Wed Sep 20 16:13:36 2017 us=439712 Data Channel MTU parms [ L:1557 D:1450 EF:57 EB:12 ET:0 EL:3 ]
Wed Sep 20 16:13:36 2017 us=439712 Local Options String: 'V4,dev-type tun,link-mtu 1557,tun-mtu 1500,proto UDPv4,keydir 1,cipher AES-128-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-client'
Wed Sep 20 16:13:36 2017 us=439712 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1557,tun-mtu 1500,proto UDPv4,keydir 0,cipher AES-128-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-server'
Wed Sep 20 16:13:36 2017 us=439712 Local Options hash (VER=V4): '0f816d6e'
Wed Sep 20 16:13:36 2017 us=439712 Expected Remote Options hash (VER=V4): '2f3e190a'
Wed Sep 20 16:13:36 2017 us=439712 UDPv4 link local: [undef]
Wed Sep 20 16:13:36 2017 us=439712 UDPv4 link remote: [AF_INET]1.2.3.4:33444
Wed Sep 20 16:13:36 2017 us=461713 TLS: Initial packet from [AF_INET]1.2.3.4:33444, sid=440a6a89 b174d087
Wed Sep 20 16:13:36 2017 us=517717 VERIFY OK: depth=1, C=......
Wed Sep 20 16:13:36 2017 us=519717 Validating certificate key usage
Wed Sep 20 16:13:36 2017 us=519717 ++ Certificate has key usage  00a0, expects 00a0
Wed Sep 20 16:13:36 2017 us=519717 VERIFY KU OK
Wed Sep 20 16:13:36 2017 us=519717 Validating certificate extended key usage
Wed Sep 20 16:13:36 2017 us=519717 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Wed Sep 20 16:13:36 2017 us=519717 VERIFY EKU OK
Wed Sep 20 16:13:36 2017 us=519717 VERIFY X509NAME OK: C=...... CN=server1, name=server1 ......
Wed Sep 20 16:13:36 2017 us=519717 VERIFY OK: depth=0, C=...... CN=server1, name=server1 ......
Wed Sep 20 16:13:36 2017 us=719728 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Wed Sep 20 16:13:36 2017 us=719728 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Sep 20 16:13:36 2017 us=719728 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Wed Sep 20 16:13:36 2017 us=719728 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Sep 20 16:13:36 2017 us=719728 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
Wed Sep 20 16:13:36 2017 us=719728 [server1] Peer Connection Initiated with [AF_INET]1.2.3.4:33444
Wed Sep 20 16:13:38 2017 us=726843 SENT CONTROL [server1]: 'PUSH_REQUEST' (status=1)
Wed Sep 20 16:13:38 2017 us=750844 PUSH: Received control message: 'PUSH_REPLY,route 10.234.0.0 255.255.0.0,route-gateway 10.124.174.1,topology subnet,ping 10,ping-restart 120,ifconfig 10.124.174.2 255.255.255.0'
Wed Sep 20 16:13:38 2017 us=751844 OPTIONS IMPORT: timers and/or timeouts modified
Wed Sep 20 16:13:38 2017 us=751844 OPTIONS IMPORT: --ifconfig/up options modified
Wed Sep 20 16:13:38 2017 us=751844 OPTIONS IMPORT: route options modified
Wed Sep 20 16:13:38 2017 us=751844 OPTIONS IMPORT: route-related options modified
Wed Sep 20 16:13:38 2017 us=753844 ROUTE_GATEWAY 192.168.57.253/255.255.255.0 I=13 HWADDR=b4:99:ba:e0:a0:61
Wed Sep 20 16:13:38 2017 us=754845 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Wed Sep 20 16:13:38 2017 us=754845 open_tun, tt->ipv6=0
Wed Sep 20 16:13:38 2017 us=754845 TAP-WIN32 device [ovpn] opened: \\.\Global\{3E099DB0-61D6-4B94-99C8-1E7E3B93C2CF}.tap
Wed Sep 20 16:13:38 2017 us=754845 TAP-Windows Driver Version 9.21 
Wed Sep 20 16:13:38 2017 us=754845 TAP-Windows MTU=1500
Wed Sep 20 16:13:38 2017 us=755845 Set TAP-Windows TUN subnet mode network/local/netmask = 10.124.174.0/10.124.174.2/255.255.255.0 [SUCCEEDED]
Wed Sep 20 16:13:38 2017 us=755845 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.124.174.2/255.255.255.0 on interface {3E099DB0-61D6-4B94-99C8-1E7E3B93C2CF} [DHCP-serv: 10.124.174.254, lease-time: 31536000]
Wed Sep 20 16:13:38 2017 us=755845 Sleeping for 3 seconds...
Wed Sep 20 16:13:41 2017 us=756016 Successful ARP Flush on interface [18] {3E099DB0-61D6-4B94-99C8-1E7E3B93C2CF}
Wed Sep 20 16:13:46 2017 us=763303 TEST ROUTES: 1/1 succeeded len=1 ret=1 a=0 u/d=up
Wed Sep 20 16:13:46 2017 us=763303 C:\Windows\system32\route.exe ADD 10.234.0.0 MASK 255.255.0.0 10.124.174.1
Wed Sep 20 16:13:46 2017 us=766303 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=20 and dwForwardType=4
Wed Sep 20 16:13:46 2017 us=766303 Route addition via IPAPI succeeded [adaptive]
SYSTEM ROUTING TABLE
0.0.0.0 0.0.0.0 192.168.57.253 p=0 i=13 t=4 pr=3 a=2614 h=0 m=257/0/0/0/0
10.124.174.0 255.255.255.0 10.124.174.2 p=0 i=18 t=3 pr=3 a=8 h=0 m=276/0/0/0/0
10.124.174.2 255.255.255.255 10.124.174.2 p=0 i=18 t=3 pr=3 a=8 h=0 m=276/0/0/0/0
10.124.174.255 255.255.255.255 10.124.174.2 p=0 i=18 t=3 pr=3 a=8 h=0 m=276/0/0/0/0
10.234.0.0 255.255.0.0 10.124.174.1 p=0 i=18 t=4 pr=3 a=0 h=0 m=20/0/0/0/0
127.0.0.0 255.0.0.0 127.0.0.1 p=0 i=1 t=3 pr=3 a=2685 h=0 m=306/0/0/0/0
127.0.0.1 255.255.255.255 127.0.0.1 p=0 i=1 t=3 pr=3 a=2685 h=0 m=306/0/0/0/0
127.255.255.255 255.255.255.255 127.0.0.1 p=0 i=1 t=3 pr=3 a=2685 h=0 m=306/0/0/0/0
192.168.57.0 255.255.255.0 192.168.57.4 p=0 i=13 t=3 pr=3 a=2608 h=0 m=257/0/0/0/0
192.168.57.4 255.255.255.255 192.168.57.4 p=0 i=13 t=3 pr=3 a=2608 h=0 m=257/0/0/0/0
192.168.57.255 255.255.255.255 192.168.57.4 p=0 i=13 t=3 pr=3 a=2608 h=0 m=257/0/0/0/0
224.0.0.0 240.0.0.0 127.0.0.1 p=0 i=1 t=3 pr=3 a=2685 h=0 m=306/0/0/0/0
224.0.0.0 240.0.0.0 192.168.57.4 p=0 i=13 t=3 pr=3 a=2614 h=0 m=257/0/0/0/0
224.0.0.0 240.0.0.0 10.124.174.2 p=0 i=18 t=3 pr=3 a=2605 h=0 m=276/0/0/0/0
255.255.255.255 255.255.255.255 127.0.0.1 p=0 i=1 t=3 pr=3 a=2685 h=0 m=306/0/0/0/0
255.255.255.255 255.255.255.255 192.168.57.4 p=0 i=13 t=3 pr=3 a=2614 h=0 m=257/0/0/0/0
255.255.255.255 255.255.255.255 10.124.174.2 p=0 i=18 t=3 pr=3 a=2605 h=0 m=276/0/0/0/0
SYSTEM ADAPTER LIST
Intel(R) 82577LM Gigabit Network Connection
  Index = 13
  GUID = {9824548E-E139-4344-8574-65B22993C70B}
  IP = 192.168.57.4/255.255.255.0 
  MAC = b4:99:ba:e0:a0:61
  GATEWAY = 192.168.57.253/255.255.255.255 
  DNS SERV = 192.168.57.253/255.255.255.255 
TAP-Windows Adapter V9
  Index = 18
  GUID = {3E099DB0-61D6-4B94-99C8-1E7E3B93C2CF}
  IP = 10.124.174.2/255.255.255.0 
  MAC = 00:ff:3e:09:9d:b0
  GATEWAY = 0.0.0.0/255.255.255.255 
  DHCP SERV = 10.124.174.254/255.255.255.255 
  DHCP LEASE OBTAINED = Wed Sep 20 16:13:38 2017
  DHCP LEASE EXPIRES  = Thu Sep 20 16:13:38 2018
  DNS SERV =  
Wed Sep 20 16:13:46 2017 us=776303 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Wed Sep 20 16:13:46 2017 us=776303 Initialization Sequence Completed
Wed Sep 20 16:26:46 2017 us=745915 TCP/UDP: Closing socket
Wed Sep 20 16:26:46 2017 us=745915 C:\Windows\system32\route.exe DELETE 10.234.0.0 MASK 255.255.0.0 10.124.174.1
Wed Sep 20 16:26:46 2017 us=746915 Route deletion via IPAPI succeeded [adaptive]
Wed Sep 20 16:26:46 2017 us=746915 Closing TUN/TAP interface
Wed Sep 20 16:26:46 2017 us=747915 SIGTERM[hard,] received, process exiting

ZEXsx
OpenVpn Newbie
Posts: 10
Joined: Wed Sep 20, 2017 11:40 am

Re: Strange problem - throughput reduction

Post by ZEXsx » Wed Sep 20, 2017 4:31 pm

TinCanTech wrote:
Wed Sep 20, 2017 3:46 pm
Also, ensure IP forwarding is enabled on your server.
Routing is enabled:

Code: Select all

>ipconfig /all

Windows IP Configuration
   ..............
   IP Routing Enabled. . . . . . . . : Yes
   ..............
And I can successfully ping various existing hosts in internal network of the server.

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: Strange problem - throughput reduction

Post by TinCanTech » Wed Sep 20, 2017 5:17 pm

This:
ZEXsx wrote:
Wed Sep 20, 2017 4:23 pm
Wed Sep 20 16:13:46 2017 us=766303 Route addition via IPAPI succeeded [adaptive]
SYSTEM ROUTING TABLE
0.0.0.0 0.0.0.0 10.88.99.1 p=0 i=13 t=4 pr=3 a=2614 h=0 m=257/0/0/0/0
10.10.10.0 255.255.255.0 10.10.10.2 p=0 i=18 t=3 pr=3 a=8 h=0 m=276/0/0/0/0
10.10.10.2 255.255.255.255 10.10.10.2 p=0 i=18 t=3 pr=3 a=8 h=0 m=276/0/0/0/0
10.10.10.255 255.255.255.255 10.10.10.2 p=0 i=18 t=3 pr=3 a=8 h=0 m=276/0/0/0/0
192.168.0.0 255.255.0.0 10.10.10.1 p=0 i=18 t=4 pr=3 a=0 h=0 m=20/0/0/0/0
127.0.0.0 255.0.0.0 127.0.0.1 p=0 i=1 t=3 pr=3 a=2685 h=0 m=306/0/0/0/0
127.0.0.1 255.255.255.255 127.0.0.1 p=0 i=1 t=3 pr=3 a=2685 h=0 m=306/0/0/0/0
127.255.255.255 255.255.255.255 127.0.0.1 p=0 i=1 t=3 pr=3 a=2685 h=0 m=306/0/0/0/0
10.88.99.0 255.255.255.0 10.88.99.4 p=0 i=13 t=3 pr=3 a=2608 h=0 m=257/0/0/0/0
10.88.99.4 255.255.255.255 10.88.99.4 p=0 i=13 t=3 pr=3 a=2608 h=0 m=257/0/0/0/0
10.88.99.255 255.255.255.255 10.88.99.4 p=0 i=13 t=3 pr=3 a=2608 h=0 m=257/0/0/0/0
224.0.0.0 240.0.0.0 127.0.0.1 p=0 i=1 t=3 pr=3 a=2685 h=0 m=306/0/0/0/0
224.0.0.0 240.0.0.0 10.88.99.4 p=0 i=13 t=3 pr=3 a=2614 h=0 m=257/0/0/0/0
224.0.0.0 240.0.0.0 10.10.10.2 p=0 i=18 t=3 pr=3 a=2605 h=0 m=276/0/0/0/0
255.255.255.255 255.255.255.255 127.0.0.1 p=0 i=1 t=3 pr=3 a=2685 h=0 m=306/0/0/0/0
255.255.255.255 255.255.255.255 10.88.99.4 p=0 i=13 t=3 pr=3 a=2614 h=0 m=257/0/0/0/0
255.255.255.255 255.255.255.255 10.10.10.2 p=0 i=18 t=3 pr=3 a=2605 h=0 m=276/0/0/0/0
SYSTEM ADAPTER LIST
Intel(R) 82577LM Gigabit Network Connection
Index = 13
GUID = {...}
IP = 10.88.99.4/255.255.255.0
MAC = ...
GATEWAY = 10.88.99.1/255.255.255.255
DNS SERV = 10.88.99.1/255.255.255.255
TAP-Windows Adapter V9
Index = 18
GUID = {...}
IP = 10.10.10.2/255.255.255.0
MAC = ...
GATEWAY = 0.0.0.0/255.255.255.255
DHCP SERV = 10.10.10.254/255.255.255.255
DHCP LEASE OBTAINED = Wed Sep 20 16:13:38 2017
DHCP LEASE EXPIRES = Thu Sep 20 16:13:38 2018
DNS SERV =
Wed Sep 20 16:13:46 2017 us=776303 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Wed Sep 20 16:13:46 2017 us=776303 Initialization Sequence Completed
usually indicates a problem but I cannot see one ..

FYI: The client must be running the Windows DHCP Client service.

I run an openvpn server on Windows 10 with a few mixed clients and have no such issue.

What does ccd/mike1 have configured ?

ZEXsx
OpenVpn Newbie
Posts: 10
Joined: Wed Sep 20, 2017 11:40 am

Re: Strange problem - throughput reduction

Post by ZEXsx » Wed Sep 20, 2017 5:43 pm

If not to try to ping nonexistent hosts, then communication works perfectly.
Respectively – initialization of the tunnel takes place successfully.
The problem arises if in the tunnel suddenly there are packages which are intended to addresses of hosts which don't exist in server network.
In my case for example: 10.234.1.1, 10.234.2.2 and so on.

That is, there are hosts 10.234.10.1 and 10.234.10.2 in the server network, but there are no hosts 10.234.1.1 and 10.234.1.2.
If to ping host 10.234.10.1, then the communication will work fine.
If to ping host 10.234.1.1, then the communication will fail.

ZEXsx
OpenVpn Newbie
Posts: 10
Joined: Wed Sep 20, 2017 11:40 am

Re: Strange problem - throughput reduction

Post by ZEXsx » Wed Sep 20, 2017 5:46 pm

TinCanTech wrote:
Wed Sep 20, 2017 5:17 pm
FYI: The client must be running the Windows DHCP Client service.
This service works normally.
TinCanTech wrote:
Wed Sep 20, 2017 5:17 pm
What does ccd/mike1 have configured ?
The ccd directory contains empty files with the names corresponding to common names of clients.

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: Strange problem - throughput reduction

Post by TinCanTech » Wed Sep 20, 2017 8:04 pm

Personally, I cannot see anything wrong with your openvpn setup,
you could try with version 2.4.3 to see if the problem persists.

ZEXsx
OpenVpn Newbie
Posts: 10
Joined: Wed Sep 20, 2017 11:40 am

Re: Strange problem - throughput reduction

Post by ZEXsx » Wed Sep 20, 2017 8:09 pm

TinCanTech wrote:
Wed Sep 20, 2017 8:04 pm
you could try with version 2.4.3 to see if the problem persists.
I already tried 2.3.17, 2.4.3 and 2.2.2. All versions work identically.

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: Strange problem - throughput reduction

Post by TinCanTech » Wed Sep 20, 2017 8:47 pm

ZEXsx wrote:
Wed Sep 20, 2017 12:05 pm
OpenVPN versions: 2.3.17, 2.4.3.
Server OS: Windows Server 2008 R2.
ZEXsx wrote:
Wed Sep 20, 2017 8:09 pm
I tried both current versions at the moment: 2.3.17, 2.4.3 - the behavior is the same.
I tried the same thing on the OpenVPN 2.2.2 + Windows Server 2003 installation. This problem is not observed.
Two different machines two different setups .. I doubt the problem is openvpn tho ..

Check your routing and firewall and antivirus and what-not.

ZEXsx
OpenVpn Newbie
Posts: 10
Joined: Wed Sep 20, 2017 11:40 am

Re: Strange problem - throughput reduction

Post by ZEXsx » Thu Sep 21, 2017 1:19 am

TinCanTech wrote:
Wed Sep 20, 2017 8:47 pm
Two different machines two different setups .. I doubt the problem is openvpn tho ..
Check your routing and firewall and antivirus and what-not.
I tried 2.4.3 on two different machines.
The firewall on both machines was disabled.
The anti-virus was disabled.
Routing works correctly because hosts in the internal network of the server successfully respond.

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: Strange problem - throughput reduction

Post by TinCanTech » Thu Sep 21, 2017 1:56 am

You already pointed out that this all works with a different server ..

ZEXsx
OpenVpn Newbie
Posts: 10
Joined: Wed Sep 20, 2017 11:40 am

Re: Strange problem - throughput reduction

Post by ZEXsx » Thu Sep 21, 2017 2:04 am

TinCanTech wrote:
Thu Sep 21, 2017 1:56 am
You already pointed out that this all works with a different server ..
Different OS with different network stack.

Post Reply