Hello TinCanTech,
I am sorry I did not set up my OG post the correct way.
I have been looking through my logs and I still don't really understand what is going on.
Server Config File:
Code: Select all
dev ovpns1
verb 1
dev-type tun
dev-node /dev/tun1
writepid /var/run/openvpn_server1.pid
#user nobody
#group nobody
script-security 3
daemon
keepalive 10 60
ping-timer-rem
persist-tun
persist-key
proto tcp-server
cipher none
auth SHA1
up /usr/local/sbin/ovpn-linkup
down /usr/local/sbin/ovpn-linkdown
client-connect /usr/local/sbin/openvpn.attributes.sh
client-disconnect /usr/local/sbin/openvpn.attributes.sh
multihome
engine cryptodev
tls-server
server 0.0.0.0 255.255.255.0
server-ipv6 ADDRESS
client-config-dir /var/etc/openvpn-csc/server1
username-as-common-name
plugin /usr/local/lib/openvpn/plugins/openvpn-plugin-auth-script.so /usr/local/sbin/ovpn_auth_verify_async user SW50ZXJuYWwgQXV0aA== false server1 1197
tls-verify "/usr/local/sbin/ovpn_auth_verify tls 'SERVER' 1"
lport 1197
management /var/etc/openvpn/server1.sock unix
max-clients 20
push "route 0.0.0.0 255.255.0.0"
push "route-ipv6 ADDRESS"
push "dhcp-option DOMAIN SERVER.COM"
push "dhcp-option DNS ADDRESS"
push "dhcp-option DNS ADDRESS"
push "dhcp-option DNS6 Address"
push "dhcp-option DNS6 Address"
duplicate-cn
ca /var/etc/openvpn/server1.ca
cert /var/etc/openvpn/server1.cert
key /var/etc/openvpn/server1.key
dh /etc/dh-parameters.1024
tls-auth /var/etc/openvpn/server1.tls-auth 0
ncp-disable
topology subnet
client-disconnect /scripts/traffic.sh
keepalive 5 30
Server Log File: (This is pretty much just me connecting and then OpenVPN resetting my connection which is the issue I am having)
Code: Select all
Jun 19 09:15:50 openvpn 39418 IPv6Address [ccoggins] Peer Connection Initiated with [AF_INET6]IPv6Address:63864
Jun 19 09:15:50 openvpn user 'ccoggins' authenticated
Jun 19 09:15:50 openvpn 39418 ccoggins/IPv6Address MULTI_sva: pool returned IPv4=Address, IPv6=Address
Jun 19 09:16:16 openvpn 39418 ccoggins/IPv6Address [ccoggins] Inactivity timeout (--ping-restart), restarting
Jun 19 09:16:16 openvpn Disconnect: Username: ccoggins HostIP: UNSET Duration: 5070 seconds Traffic: TX: 21585284 bytes RX: 6007877 bytes
Jun 19 09:16:22 openvpn 39418 ccoggins/IPv6Address Authenticate/Decrypt packet error: packet HMAC authentication failed
Jun 19 09:16:22 openvpn 39418 ccoggins/IPv6Address Fatal decryption error (process_incoming_link), restarting
Jun 19 09:16:22 openvpn Disconnect: Username: ccoggins HostIP: UNSET Duration: 41 seconds Traffic: TX: 54782 bytes RX: 99009 bytes
Jun 19 09:16:28 openvpn 39418 TCP connection established with [AF_INET6]IPv6Address:63953
Jun 19 09:16:35 openvpn 39418 IPv6Address peer info: IV_VER=2.4.8
Jun 19 09:16:35 openvpn 39418 IPv6Address peer info: IV_PLAT=win
Jun 19 09:16:35 openvpn 39418 IPv6Address peer info: IV_PROTO=2
Jun 19 09:16:35 openvpn 39418 IPv6Address peer info: IV_LZ4=1
Jun 19 09:16:35 openvpn 39418 IPv6Address peer info: IV_LZ4v2=1
Jun 19 09:16:35 openvpn 39418 IPv6Address peer info: IV_LZO=1
Jun 19 09:16:35 openvpn 39418 IPv6Address peer info: IV_COMP_STUB=1
Jun 19 09:16:35 openvpn 39418 IPv6Address peer info: IV_COMP_STUBv2=1
Jun 19 09:16:35 openvpn 39418 IPv6Address peer info: IV_TCPNL=1
Jun 19 09:16:35 openvpn 39418 IPv6Address peer info: IV_GUI_VER=OpenVPN_GUI_11
Jun 19 09:16:35 openvpn user 'ccoggins' authenticated
Jun 19 09:16:36 openvpn 39418 IPv6Address [ccoggins] Peer Connection Initiated with [AF_INET6]IPv6Address:63953
Jun 19 09:16:36 openvpn 39418 ccoggins/IPv6 MULTI_sva: pool returned IPv4=Address, IPv6=Address
Jun 19 09:16:48 openvpn 39418 ccoggins/IPv6 Authenticate/Decrypt packet error: packet HMAC authentication failed
Jun 19 09:16:48 openvpn 39418 ccoggins/IPv6 Fatal decryption error (process_incoming_link), restarting
Jun 19 09:16:48 openvpn Disconnect: Username: ccoggins HostIP: UNSET Duration: 20 seconds Traffic: TX: 151770 bytes RX: 50220 bytes
Jun 19 09:16:58 openvpn 39418 TCP connection established with [AF_INET6]IPv6Address:64024
Jun 19 09:17:32 openvpn 39418 TCP connection established with [AF_INET6]::IPv6Address:64065
Jun 19 09:17:45 openvpn 39418 IPv4Address peer info: IV_VER=2.4.8
Jun 19 09:17:45 openvpn 39418 IPv4Address peer info: IV_PLAT=win
Jun 19 09:17:45 openvpn 39418 IPv4Address peer info: IV_PROTO=2
Jun 19 09:17:45 openvpn 39418 IPv4Address peer info: IV_LZ4=1
Jun 19 09:17:45 openvpn 39418 IPv4Address peer info: IV_LZ4v2=1
Jun 19 09:17:45 openvpn 39418 IPv4Address peer info: IV_LZO=1
Jun 19 09:17:45 openvpn 39418 IPv4Address peer info: IV_COMP_STUB=1
Jun 19 09:17:45 openvpn 39418 IPv4Address peer info: IV_COMP_STUBv2=1
Jun 19 09:17:45 openvpn 39418 IPv4Address peer info: IV_TCPNL=1
Jun 19 09:17:45 openvpn 39418 IPv4Address peer info: IV_GUI_VER=OpenVPN_GUI_11
Jun 19 09:17:45 openvpn 39418 IPv4Address [ccoggins] Peer Connection Initiated with [AF_INET6]::Address:64065
Jun 19 09:17:45 openvpn user 'ccoggins' authenticated
Jun 19 09:17:46 openvpn 39418 ccoggins/IPv4 MULTI_sva: pool returned IPv4=Address, IPv6=Address
Jun 19 09:17:58 openvpn 39418 IPv6Address TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Jun 19 09:17:58 openvpn 39418 IPv6Address TLS Error: TLS handshake failed
Jun 19 09:17:58 openvpn 39418 IPv6Address Fatal TLS error (check_tls_errors_co), restarting
Client Config File:
Code: Select all
dev tun
tun-ipv6
persist-tun
persist-key
cipher none
ncp-disable
auth SHA1
tls-client
client
resolv-retry infinite
remote SERVERNAME 1197 tcp-client
setenv opt block-outside-dns
verify-x509-name "SERVERNAME" name
auth-user-pass
remote-cert-tls server
<ca>
-----BEGIN CERTIFICATE-----
KEY
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
KEY
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
KEY
-----END PRIVATE KEY-----
</key>
key-direction 1
<tls-auth>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
KEY
-----END OpenVPN Static key V1-----
</tls-auth>
Client Log:
Code: Select all
Fri Jun 19 07:51:43 2020 Note: option tun-ipv6 is ignored because modern operating systems do not need special IPv6 tun handling anymore.
Fri Jun 19 07:51:43 2020 OpenVPN 2.4.8 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Oct 31 2019
Fri Jun 19 07:51:43 2020 Windows version 6.2 (Windows 8 or greater) 64bit
Fri Jun 19 07:51:43 2020 library versions: OpenSSL 1.1.0l 10 Sep 2019, LZO 2.10
Fri Jun 19 07:51:46 2020 ******* WARNING *******: '--cipher none' was specified. This means NO encryption will be performed and tunnelled data WILL be transmitted in clear text over the network! PLEASE DO RECONSIDER THIS SETTING!
Fri Jun 19 07:51:46 2020 TCP/UDP: Preserving recently used remote address: [AF_INET6]IPv6:1197
Fri Jun 19 07:51:46 2020 Attempting to establish TCP connection with [AF_INET6]IPv6:1197 [nonblock]
Fri Jun 19 07:51:47 2020 TCP connection established with [AF_INET6]IPv6:1197
Fri Jun 19 07:51:47 2020 TCP_CLIENT link local: (not bound)
Fri Jun 19 07:51:47 2020 TCP_CLIENT link remote: [AF_INET6]IPv6:1197
Fri Jun 19 07:51:47 2020 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Fri Jun 19 07:51:47 2020 [SERVERNAME] Peer Connection Initiated with [AF_INET6]IPv6:1197
Fri Jun 19 07:51:48 2020 ******* WARNING *******: '--cipher none' was specified. This means NO encryption will be performed and tunnelled data WILL be transmitted in clear text over the network! PLEASE DO RECONSIDER THIS SETTING!
Fri Jun 19 07:51:48 2020 open_tun
Fri Jun 19 07:51:48 2020 TAP-WIN32 device [Local Area Connection] opened: \\.\Global\{DB158D27-343E-4CEE-A512-64F7765B6091}.tap
Fri Jun 19 07:51:48 2020 Set TAP-Windows TUN subnet mode network/local/netmask = 0.0.0.0/0.0.0.0/255.255.255.0 [SUCCEEDED]
Fri Jun 19 07:51:48 2020 Notified TAP-Windows driver to set a DHCP IP/netmask of 0.0.0.0/255.255.255.0 on interface {DB158D27-343E-4CEE-A512-64F7765B6091} [DHCP-serv: 0.0.0.054, lease-time: 31536000]
Fri Jun 19 07:51:48 2020 Successful ARP Flush on interface [17] {DB158D27-343E-4CEE-A512-64F7765B6091}
Fri Jun 19 07:51:49 2020 IPv6 dns servers set using service
Fri Jun 19 07:51:49 2020 add_route_ipv6(IPv6 -> IPv6 metric 0) dev Local Area Connection
Fri Jun 19 07:51:49 2020 Blocking outside dns using service succeeded.
Fri Jun 19 07:51:54 2020 add_route_ipv6(IPv6 -> IPv6 metric -1) dev Local Area Connection
Fri Jun 19 07:51:54 2020 Initialization Sequence Completed
Fri Jun 19 09:15:34 2020 read TCP_CLIENT: Unknown error (code=10060)
Fri Jun 19 09:15:34 2020 Connection reset, restarting [-1]
Fri Jun 19 09:15:34 2020 Unblocking outside dns using service succeeded.
Fri Jun 19 09:15:34 2020 SIGUSR1[soft,connection-reset] received, process restarting
Fri Jun 19 09:15:39 2020 TCP/UDP: Preserving recently used remote address: [AF_INET6]IPv6:1197
Fri Jun 19 09:15:39 2020 Attempting to establish TCP connection with [AF_INET6]IPv6:1197 [nonblock]
Fri Jun 19 09:15:40 2020 TCP connection established with [AF_INET6]IPv6:1197
Fri Jun 19 09:15:40 2020 TCP_CLIENT link local: (not bound)
Fri Jun 19 09:15:40 2020 TCP_CLIENT link remote: [AF_INET6]IPv6:1197
Fri Jun 19 09:15:49 2020 [SERVERNAME] Peer Connection Initiated with [AF_INET6]IPv6:1197
Fri Jun 19 09:15:55 2020 ******* WARNING *******: '--cipher none' was specified. This means NO encryption will be performed and tunnelled data WILL be transmitted in clear text over the network! PLEASE DO RECONSIDER THIS SETTING!
Fri Jun 19 09:15:55 2020 Preserving previous TUN/TAP instance: Local Area Connection
Fri Jun 19 09:15:55 2020 Blocking outside dns using service succeeded.
Fri Jun 19 09:15:55 2020 NOTE: Pulled options changed on restart, will need to close and reopen TUN/TAP device.
Fri Jun 19 09:15:55 2020 delete_route_ipv6(IPv6)
Fri Jun 19 09:15:55 2020 delete_route_ipv6(IPv6)
Fri Jun 19 09:15:55 2020 IPv6 dns servers deleted using service
Fri Jun 19 09:15:55 2020 Unblocking outside dns using service succeeded.
Fri Jun 19 09:15:56 2020 open_tun
Fri Jun 19 09:15:56 2020 TAP-WIN32 device [Local Area Connection] opened: \\.\Global\{DB158D27-343E-4CEE-A512-64F7765B6091}.tap
Fri Jun 19 09:15:56 2020 Set TAP-Windows TUN subnet mode network/local/netmask = 0.0.0.0/0.0.0.0/255.255.255.0 [SUCCEEDED]
Fri Jun 19 09:15:56 2020 Notified TAP-Windows driver to set a DHCP IP/netmask of 0.0.0.0/255.255.255.0 on interface {DB158D27-343E-4CEE-A512-64F7765B6091} [DHCP-serv: 0.0.0.054, lease-time: 31536000]
Fri Jun 19 09:15:56 2020 Successful ARP Flush on interface [17] {DB158D27-343E-4CEE-A512-64F7765B6091}
Fri Jun 19 09:15:57 2020 IPv6 dns servers set using service
Fri Jun 19 09:15:57 2020 add_route_ipv6(IPv6 -> IPv6 metric 0) dev Local Area Connection
Fri Jun 19 09:15:57 2020 Blocking outside dns using service succeeded.
Fri Jun 19 09:16:02 2020 add_route_ipv6(IPv6 -> IPv6 metric -1) dev Local Area Connection
Fri Jun 19 09:16:02 2020 Initialization Sequence Completed
Fri Jun 19 09:16:22 2020 Connection reset, restarting [0]
Fri Jun 19 09:16:22 2020 Unblocking outside dns using service succeeded.
Fri Jun 19 09:16:22 2020 SIGUSR1[soft,connection-reset] received, process restarting
Fri Jun 19 09:16:27 2020 TCP/UDP: Preserving recently used remote address: [AF_INET6]IPv6:1197
Fri Jun 19 09:16:27 2020 Attempting to establish TCP connection with [AF_INET6]IPv6:1197 [nonblock]
Fri Jun 19 09:16:28 2020 TCP connection established with [AF_INET6]IPv6:1197
Fri Jun 19 09:16:28 2020 TCP_CLIENT link local: (not bound)
Fri Jun 19 09:16:28 2020 TCP_CLIENT link remote: [AF_INET6]IPv6:1197
Fri Jun 19 09:16:35 2020 [SERVERNAME] Peer Connection Initiated with [AF_INET6]IPv6:1197
Fri Jun 19 09:16:37 2020 ******* WARNING *******: '--cipher none' was specified. This means NO encryption will be performed and tunnelled data WILL be transmitted in clear text over the network! PLEASE DO RECONSIDER THIS SETTING!
Fri Jun 19 09:16:37 2020 Preserving previous TUN/TAP instance: Local Area Connection
Fri Jun 19 09:16:37 2020 Blocking outside dns using service succeeded.
Fri Jun 19 09:16:37 2020 NOTE: Pulled options changed on restart, will need to close and reopen TUN/TAP device.
Fri Jun 19 09:16:37 2020 delete_route_ipv6(IPv6)
Fri Jun 19 09:16:37 2020 delete_route_ipv6(IPv6)
Fri Jun 19 09:16:37 2020 IPv6 dns servers deleted using service
Fri Jun 19 09:16:37 2020 Unblocking outside dns using service succeeded.
Fri Jun 19 09:16:38 2020 open_tun
Fri Jun 19 09:16:38 2020 TAP-WIN32 device [Local Area Connection] opened: \\.\Global\{DB158D27-343E-4CEE-A512-64F7765B6091}.tap
Fri Jun 19 09:16:38 2020 Set TAP-Windows TUN subnet mode network/local/netmask = 0.0.0.0/0.0.0.0/255.255.255.0 [SUCCEEDED]
Fri Jun 19 09:16:38 2020 Notified TAP-Windows driver to set a DHCP IP/netmask of 0.0.0.0/255.255.255.0 on interface {DB158D27-343E-4CEE-A512-64F7765B6091} [DHCP-serv: 0.0.0.054, lease-time: 31536000]
Fri Jun 19 09:16:38 2020 Successful ARP Flush on interface [17] {DB158D27-343E-4CEE-A512-64F7765B6091}
Fri Jun 19 09:16:38 2020 IPv6 dns servers set using service
Fri Jun 19 09:16:38 2020 add_route_ipv6(IPv6 -> IPv6 metric 0) dev Local Area Connection
Fri Jun 19 09:16:38 2020 Blocking outside dns using service succeeded.
Fri Jun 19 09:16:43 2020 add_route_ipv6(IPv6 -> IPv6 metric -1) dev Local Area Connection
Fri Jun 19 09:16:43 2020 Initialization Sequence Completed
Fri Jun 19 09:16:48 2020 Connection reset, restarting [0]
Fri Jun 19 09:16:48 2020 Unblocking outside dns using service succeeded.
Fri Jun 19 09:16:48 2020 SIGUSR1[soft,connection-reset] received, process restarting
Fri Jun 19 09:16:53 2020 TCP/UDP: Preserving recently used remote address: [AF_INET6]IPv6:1197
Fri Jun 19 09:16:53 2020 Attempting to establish TCP connection with [AF_INET6]IPv6:1197 [nonblock]
Fri Jun 19 09:16:57 2020 TCP connection established with [AF_INET6]IPv6:1197
Fri Jun 19 09:16:57 2020 TCP_CLIENT link local: (not bound)
Fri Jun 19 09:16:57 2020 TCP_CLIENT link remote: [AF_INET6]IPv6:1197
Fri Jun 19 09:17:26 2020 read TCP_CLIENT: Unknown error (code=10060)
Fri Jun 19 09:17:26 2020 Connection reset, restarting [-1]
Fri Jun 19 09:17:26 2020 Unblocking outside dns using service succeeded.
Fri Jun 19 09:17:26 2020 SIGUSR1[soft,connection-reset] received, process restarting
Fri Jun 19 09:17:31 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]IPv4Address:1197
Fri Jun 19 09:17:31 2020 Attempting to establish TCP connection with [AF_INET]IPv4Address:1197 [nonblock]
Fri Jun 19 09:17:33 2020 TCP connection established with [AF_INET]IPv4Address:1197
Fri Jun 19 09:17:33 2020 TCP_CLIENT link local: (not bound)
Fri Jun 19 09:17:33 2020 TCP_CLIENT link remote: [AF_INET]IPv4Address:1197
Fri Jun 19 09:17:45 2020 [SERVERNAME] Peer Connection Initiated with [AF_INET]IPv4Address:1197
Fri Jun 19 09:17:51 2020 ******* WARNING *******: '--cipher none' was specified. This means NO encryption will be performed and tunnelled data WILL be transmitted in clear text over the network! PLEASE DO RECONSIDER THIS SETTING!
Fri Jun 19 09:17:51 2020 Preserving previous TUN/TAP instance: Local Area Connection
Fri Jun 19 09:17:51 2020 Blocking outside dns using service succeeded.
Fri Jun 19 09:17:51 2020 Initialization Sequence Completed
Thank you for any and all help you can provide!