Hi,
it will be probably silly question, we need very minimum setup for public access, so we have created common user sharing by all public.
However will that secure when they are sharing just 1 user. because I am also seeing a config reply from server there is a private key which is persistence for that common user.
So, we would still need common user, but is there any way to make it secure such as randomly changing the key everytime user login?
Thank you.
why seeing private key in the config from the server
-
cryptobug
- OpenVpn Newbie
- Posts: 4
- Joined: Mon Feb 22, 2021 7:58 pm
-
TinCanTech
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: why seeing private key in the config from the server
Openvpn does this for you, automatically. (Although not the way you expect)
I doubt this will fit your security model but there is also TLS key verification:
https://github.com/TinCanTech/easy-tls
-
cryptobug
- OpenVpn Newbie
- Posts: 4
- Joined: Mon Feb 22, 2021 7:58 pm
Re: why seeing private key in the config from the server
Thank you for the reply and I will have a look the link.
My concern is that since all public are sharing same account, public can see the private key and that might compromise the encryption.
However, when I test the other open vpn servers from training web site, there is no private key in the reply from the server, how can I make it stop for the server sending the private key in the initial authentication/config file send to user? How about using proper signed certificate instead of self sign?
Thank you.
My concern is that since all public are sharing same account, public can see the private key and that might compromise the encryption.
However, when I test the other open vpn servers from training web site, there is no private key in the reply from the server, how can I make it stop for the server sending the private key in the initial authentication/config file send to user? How about using proper signed certificate instead of self sign?
Thank you.
-
TinCanTech
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: why seeing private key in the config from the server
Openvpn does not send the private key. If it did then that would be a considerable security protocol violation ..
Please post your log file at --verb 4 showing what you mean.
-
cryptobug
- OpenVpn Newbie
- Posts: 4
- Joined: Mon Feb 22, 2021 7:58 pm
Re: why seeing private key in the config from the server
Hi,
Please find the vpn warning, when connecting to the vpn for the first time.
in the details it show as follow. (keys and named are altered abit)
OpenVPN configuration file:
# Automatically generated OpenVPN client config file
# Default Cipher
cipher AES-256-CBC
# Note: this config file contains inline private keys
# and therefore should be kept confidential!
# Note: this configuration is user-locked to the username below
# OVPN_ACCESS_SERVER_USERNAME=free
# Define the profile name of this particular configuration file
# OVPN_ACCESS_SERVER_PROFILE=free@vpn.testvpn.com/AUTOLOGIN
# OVPN_ACCESS_SERVER_AUTOLOGIN=1
# OVPN_ACCESS_SERVER_CLI_PREF_ALLOW_WEB_IMPORT=True
# OVPN_ACCESS_SERVER_CLI_PREF_BASIC_CLIENT=False
# OVPN_ACCESS_SERVER_CLI_PREF_ENABLE_CONNECT=True
# OVPN_ACCESS_SERVER_CLI_PREF_ENABLE_XD_PROXY=True
# OVPN_ACCESS_SERVER_WSHOST=vpn.testvpn.com:443
# OVPN_ACCESS_SERVER_WEB_CA_BUNDLE_START
# -----BEGIN CERTIFICATE-----
# MIIE0DCCA7igAwIBAgIBBzANBgkqhkiG9w0BAQsFADCBgzELMAkGA1UEBhMCVVMx
# EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAYBgNVBAoT
# EUdvRGFkZHkuY29tLCBJbmMuMTEwLwYDVQQDEyhHbyBEYWRkeSBSb290IENlcnRp
# ZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTExMDUwMzA3MDAwMFoXDTMxMDUwMzA3
# MDAwMFowgbQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQH
# EwpTY290dHNkYWxlMRowGAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjEtMCsGA1UE
# CxMkaHR0cDovL2NlcnRzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkvMTMwMQYDVQQD
# EypHbyBEYWRkeSBTZWN1cmUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gRzIwggEi
# MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC54MsQ1K92vdSTYuswZLiBCGzD
# BNliF44v/z5lz4/asdfasdfasdfasdf4a2ODYpDOD2lsmcgaFItMzEUz6ojcnqOv
# K/6AYZ15V8TPLvQ/MDxdR/yaFrzDN5ZBUY4RS1T4KL7QjL7wMDge87Am+GZHY23e
# cSZHjzhHU9FGHbTj3ADqRay9vHHZqm8A29vNMDp5T19MR/gd71vCxJ1gO7GyQ5HY
# pDNO6rPWJ0+tJYqlxvTV0KaudAVkV4i1RFXULSo6Pvi4vekyCgKUZMQWOlDxSq7n
# eTOvDCAHf+jfBDnCaQJsY1L6d8EbyHSHyLmTGFBUNUtpTrw700kuH9zB0lL7AgMB
# AAGjggEaMIIBFjAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNV
# HQ4EFgQUQMK9J47MNIMwojPX+2yz8LQsgM4wHwYDVR0jBBgwFoAUOpqFBxBnKLbv
# 9r0FQW4gwZTaD94wNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8v
# b2NzcC5nb2RhZGR5LmNvbS8wNQYDVR0fBC4wLDAqoCigJoYkaHR0cDovL2NybC5n
# b2RhZGR5LmNvbS9nZHJvb3QtZzIuY3JsMEYGA1UdIAQ/MD0wOwYEVR0gADAzMDEG
# CCsGAQUFBwIBFiVodHRwczovL2NlcnRzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkv
# MA0GCSqGSIb3DQEBCwasdfasdfasdfasdfasdfapkEv/oV9PBO9sPpyIBslQj6Zz
# 91cxG7685C/b+LrTW+C05+Z5Yg4MotdqY3MxtfWoSKQ7CC2iXZDXtHwlTxFWMMS2
# RJ17LJ3lXubvDGGqv+QqG+6EnriDfcFDzkSnE3ANkR/0yBOtg2DZ2HKocyQetawi
# DsoXiWJYRBuriSUBAA/NxBti21G00w9RKpv0vHP8ds42pM3Z2Czqrpv1KrKQ0U11
# GIo/ikGQI31bS/6kA1ibRrLDYGCD+H1QQc7CoZDDu+8CL9IVVO5EFdkKrqeKM+2x
# LXY2JtwE65/3YR8V3Idv7kaWKK2hJn0KCacuBKONvPi8BDAB
# -----END CERTIFICATE-----
# -----BEGIN CERTIFICATE-----
# MIIEfTCCA2WgAwIBAgIDG+cVMA0GCSqGSIb3DQEBCwUAMGMxCzAJBgNVBAYTAlVT
# MSEwHwYDVQQKExhUaGUgR28gRGFkZHkgR3JvdXAsIEluYy4xMTAvBgNVBAsTKEdv
# IERhZGR5IENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTQwMTAx
# MDcwMDAwWhcNMzEwNTMwMDcwMDAwWjCBgzELMAkGA1UEBhMCVVMxEDAOBgNVBAgT
# B0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAYBgNVBAoTEUdvRGFkZHku
# Y29tLCBJbmMuMTEwLwYDVQQDEyhHbyBEYWRkeSBSb290IENlcnRpZmljYXRlIEF1
# dGhvcml0eSAtIEcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3Fi
# CPH6WTT3G8kYo/eASVjpIoMTpsUgQwE7hPHmhUmfJ+r2hBtOoLTbcJjHMgGxBT4H
# Tu70+k8vWTAi56sZVmvigAf88xZ1gDlRe+X5NbZ0TqmNghPktj+pA4P6or6KFWp/
# 3gvDthkUBcrqw6asdfasdfasdffmIsiNaW02jBEYt9OyHGC0OPoCjM7T3UYH3go+
# 6118yHz7sCtTpJJiaVElBWEaRIGMLKlDliPfrDqBmg4pxRyp6V0etp6eMAo5zvGI
# gPtLXcwy7IViQyU0AlYnAZG0O3AqP26x6JyIAX2f1PnbU21gnb8s51iruF9G/M7E
# GwM8CetJMVxpRrasdfasdfasdfasdfasdfMwDwYDVR0TAQH/BAUwAwEB/zAOBgNV
# HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFDqahQcQZyi27/a9BUFuIMGU2g/eMB8GA1Ud
# IwQYMBaAFNLEsNKR1EwRcbNhyz2h/t2oatTjMDQGCCsGAQUFBwEBBCgwJjAkBggr
# BgEFBQcwAYYYaHR0cDovL29jc3AuZ29kYWRkeS5jb20vMDIGA1UdHwQrMCkwJ6Al
# oCOGIWh0dHA6Ly9jcmwuZ29kYWRkeS5jb20vZ2Ryb290LmNybDBGBgNVHSAEPzA9
# MDsGBFUdIAAwMzAxBggrBgEFBQcCARYlaHR0cHM6Ly9jZXJ0cy5nb2RhZGR5LmNv
# bS9yZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEAWQtTvZKGEacke+1bMc8d
# H2xwxbhuvk679r6XUOEwf7ooXGKUwuN+M/f7QnaF25UcjCJYdQkMiGVnOQoWCcWg
# OJekxSOTP7QYpgEGRJHjp2kntFolfzq3Ms3dhP8qOCkzpN1nsoX+oYggHFCJyNwq
# 9kIDN0zmiN/VryTyscPfzLXs4Jlet0lUIDyUGAzHHFIYSaRt4bNYC8nY7NmuHDKO
# KHAN4v6mF56ED71XcLNa6R+ghlO773z/aQvgSMO3kwvIClTErF0UZzdsyqUvMQg3
# qm5vjLyb4lddJIGvl5echK1srDdMZvNhkREg5L4wn3qkKQmw4TRfZHcYQFHfjDCm
# rw==
# -----END CERTIFICATE-----
# -----BEGIN CERTIFICATE-----
# MIIEADCCAuigAwIBAgIBADANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJVUzEh
# MB8GA1UEChMYVGhlIEdvIERhZGR5IEdyb3VwLCBJbmMuMTEwLwYDVQQLEyhHbyBE
# YWRkeSBDbGFzcyAyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA0MDYyOTE3
# MDYyMFoXDTM0MDYyOTE3MDYyMFowYzELMAkGA1UEBhMCVVMxITAfBgNVBAoTGFRo
# ZSBHbyBEYWRkeSBHcm91cCwgSW5jLjExMC8GA1UECxMoR28gRGFkZHkgQ2xhc3Mg
# MiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCASAwDQYJKoZIhvcNAQEBBQADggEN
# ADCCAQgCggEBAN6d1+pXGEmhW+vXX0iG6r7d/+TvZxz0ZWizV3GgXne77ZtJ6XCA
# PVYYYwhv2vLM0D9/AlQiVBDYsoHUwHU9S3/Hd8M+eKsaA7Ugay9qK7HFiH7Eux6w
# wdhFJ2+qN1j3hybX2C32qRe3H3I2TqYXP2WYktsqbl2i/ojgC95/5Y0V4evLOtXi
# EqITLdiOr18SPaAIBQi2XKVlOARFmR6jYGB0xUGlcmIbYsUfb18aQr4CUWWoriMY
# avx4A6lNf4DD+qta/KFApMoZFv6yyO9ecw3ud72a9nmYvLEHZ6IVDd2gWMZEewo+
# YihfukEHU1jPEX44dMX4/7VpkI+EdOqXG68CAQOjgcAwgb0wHQYDVR0OBBYEFNLE
# sNKR1EwRcbNhyz2h/t2oatTjMIGNBgNVHSMEgYUwgYKAFNLEsNKR1EwRcbNhyz2h
# /t2oatTjoWekZTBjMQswCQYDVQQGEwJVUzEhMB8GA1UEChMYVGhlIEdvIERhZGR5
# IEdyb3VwLCBJbmMuMTEwasdfasdfasdfasdfasRkeSBDbGFzcyAyIENlcnRpZmlj
# YXRpb24gQXV0aG9yaXR5ggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQAD
# ggEBADJL87LKPpH8EsahB4yOd6AzBhRckB4Y9wimPQoZ+YeAEW5p5JYXMP80kWNy
# OO7MHAGjHZQopDH2esRU1/blMVgDoszOYtuURXO1v0XJJLXVggKtI3lpjbi2Tc7P
# TMozI+gciKqdi0FuFskg5YmezTvacPd+mSYgFFQlq25zheabIZ0KbIIOqPjCDPoQ
# HmyW74cNxA9hi63ugyuV+I6ShHI56yDqg+2DzZduCLzrTia2cyvk0/ZM/iZx4mER
# dEr/VxqHD3VILs9RaRegAhJhldXRQLIQTO7ErBBDpqWeCtWVYpoNz4iCxTIM5Cuf
# ReYNnyicsbkqWletNw+vHX/bvZ8=
# -----END CERTIFICATE-----
# OVPN_ACCESS_SERVER_WEB_CA_BUNDLE_STOP
# OVPN_ACCESS_SERVER_IS_OPENVPN_WEB_CA=0
# OVPN_ACCESS_SERVER_ORGANIZATION=OpenVPN, Inc.
setenv FORWARD_COMPATIBLE 1
client
server-poll-timeout 4
nobind
remote vpn.testvpn.com 500 udp
remote vpn.testvpn.com 500 udp
remote vpn.testvpn.com 443 tcp
remote vpn.testvpn.com 500 udp
remote vpn.testvpn.com 500 udp
remote vpn.testvpn.com 500 udp
remote vpn.testvpn.com 500 udp
remote vpn.testvpn.com 500 udp
dev tun
dev-type tun
ns-cert-type server
setenv opt tls-version-min 1.0 or-highest
reneg-sec 604800
sndbuf 100000
rcvbuf 100000
# NOTE: LZO commands are pushed by the Access Server at connect time.
# NOTE: The below line doesn't disable LZO.
comp-lzo no
verb 3
setenv PUSH_PEER_INFO
<ca>
-----BEGIN CERTIFICATE-----
MIICuDCCAaCgAwIBAgIEYC6XxDANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQDDApP
cGVuVlBOIENBMB4XDTIxMDIxMTE2MzcyNFoXDTMxMDIxNjE2MzcyNFowFTETMBEG
A1UEAwwKT3BlblZQTiBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ALTUwMDxRS6+ZKhtePkp2WWxNAQcUqcQDKhhJ50xCqUfDxIwkJnPGSDieRWhB5Yh
c3tpu6Y2zVbwvsA8SvsOjHtf1F4S6rFa5WwZsgd1jGtVgqo/Ka4aKSJ1gy7qy2qK
paZ2UqWdDOTsdfasdfasdfasdfasdfasdtUNybO6gQDDw6Fu1l1NlWnbA7J8ry4j
ITldR5XNIah2ZWAOK8x1zECDUAC9Pzgx1Pe4ooi5rQ5eliZXNWa+VIFPXgzkmYfv
f0SloPrANyDCvTG8rPskwFZx5NLvgsVRlvVCnz2e209VWeJYm0YFxKs12qX5UVE6
xZP1y4uP7g1e4k41K7muzmUCAwEAAaMQMA4wDAYDVR0TBAUwAwEB/zANBgkqhkiG
9w0BAQsFAAOCAQEAEEeG8UxqlQ9IevBm+7sNvKAPDqSkaxTjO9uz03S/XXT1fF9k
Qhmvm7bEyJ2THhAfxwD07IrAzc/S8VP2Jqq3tpbF4J2ug1dCf5GWdHrgjAAWEVZB
ytRAVYaJT7COY2pIYRwNI7TfbY7oK0Uiekujbldi5FteaFiZU208XrVGwdKFFVXc
fGRwhrcL8evXQaxoJIPYWVylnz82h3htcGqPjQ9nhaVzqI3WHNOAqsHQVurV/sAZ
WEfKB5Pem7vegcrCOl4tKOjoh9lvn5B0KqUpueqmsWmE2WxAqpzv55NGwnRsFRC1
qLdjPB1l6DFYqQ5XzArBps+br/M+yOmRjbhCow==
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
MIICyTCCAbGgAwIBAgIBCjANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQDDApPcGVu
VlBOIENBMB4XDTIxMDIxNzE4NTUyM1oXDTMxMDIyMjE4NTUyM1owGTEXMBUGA1UE
AwwOZnJlZV9BVVRPTE9HSU4wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDeCqICcqstBrCxQmnDp9eSq6z8IsK5GFdNBSGTvbt/RPW5LUOMXECSETsYAgms
y/hdwnuAP69W9VZoP55h95Jqqpy6X97/pOvYVsIZ9e7CbYScJfnCMk0UU9KdGAcj
oK39qrnoUg6HlFwtLshc9qM2onhx7m2LZQlMR9K5x8nN5S5sffcIZJ6Ywvp4enE9
j9yjN/9KOqVzE5/Dsdafasdfasdfasdfsdfsg1j4fKUcoTlndng39IGtgRurH86Q
pU4OkwmSnfwSvJFi1l8CNW74NrTOEENgo53aXV4uyd+GZjCEMnhVWfn40GdiLUA3
6JKODGM5RFqeUGtQJPoCs2vzAgMBAAGjIDAeMAkGA1UdEwQCMAAwEQYJYIZIAYb4
QgEBBAQDAgeAMA0GCSqGSIb3DQEBCwUAA4IBAQCdvW1tNU8gt0pH182A1Em2YTUS
a6LABrutb/+QdpU1w3jMNx8h6dveR5ZfTu9w9a7Zcm2azRtLy40UE+jtsivrHzPU
INeBrD6N5HAZgP11inxFAhfHWchogCHlauWslqHqKxwAaXy2oD/I+HzNSFHeEzLu
nUvZwoMYZ0GaQRAt9Cjow2hxR049p4zN8gBmg+Nm5ezmSDdLFcY5kpDU3kwcsz8d
O+wiekchDVrg9PVMi7sTrXVJ+A6O+3S21jtAdHc9LtWMaPjPBLQXiBcCFBomF8sT
mkIAwEeKAd9wvivZxf0anWr4UgC8D88yiUwguIzaqSMgQP5/Fl+AfJD8bsiB
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDeCqICcqstBrCx
QmnDp9eSq6z8IsK5GFdNBSGTvbt/RPW5LUOMXECSETsYAgmsy/hdwnuAP69W9VZo
P55h95Jqqpy6X97/pOvYVsIZ9e7CbYScJfnCMk0UU9KdGAcjoK39qrnoUg6HlFwt
Lshc9qM2onhx7m2LZQlMR9K5x8nN5S5sffcIZJ6Ywvp4enE9j9yjN/9KOqVzE5/D
gvgCxPJEDmNjmb6AGR3og1j4fKUcoTlndng39IGtgRurH86QpU4OkwmSnfwSvJFi
1l8CNW74NrTOEENgo53aXV4uyd+GZjCEMnhVWfn40GdiLUA36JKODGM5RFqeUGtQ
JPoCs2vzAgMBAAECggEBALlo/ZG3uPJ3RLIv9+s2S0+hZWiBikJPbg7Vew1IgLms
lteTUXVyT0TpeIP6p6OQCwwX61LTWxHs+cNBZHr/5VaGsyr6BVdJmtriz2AoOcBG
/VX6bA1aPXz85cDiIIwCj2dj2auCYbmbDEF6cDsYhH+JubPBWd3td48n5nHVv9DZ
wcQGlNtJ1TzTFIkGel69pcLWmocEEkwQuNcNHnd5jDEZjBjAeonKLmP5uYJuej5v
aq4GH6u5kIrOYAZabx3aMJg2mf9+k4Sv+e7fqBJj0gh01qI90bA71lHZ179rXmUg
5g4c9/i/1O3k7C2WM2aasdfasdfasdfasdffTGjK+iECgYEA9g2UvH/vm18OSy7G
ppIBnxjxPg6jntPhlJacABmfB2ATP6CP3OCid0tJHzNOSUgSeTWbuS57A152jxhV
GU+RG4WJL6iHhgjQ4FIvew+mr1W2MkHC/OakIy6m2eeOx01cxydRecTUxe//MTHz
mQF9+tOW9VM/O+T3jCRPGV8lcoMCgYEA5wSOG5IFLe6QCT1KrATv1XQtFdSQomRL
pq9f7GB5CpSdy5YIv3fRvR51pHy75VV83wP+MA1Mzvpe98nMKlPazT35tOlXXNn8
/N30UeIoQyweOxU2qstsoHl/zjKfvcNj1wJFl84/IRl1FFO9AniVZQU2lvw0zN0i
h13R9gHcJdECgYEAok2nFQhXJ2f2Z8V9KBcblrS/PS4u4+/j1z3ZvX8pFZZcXBYv
j4Vl5cb1fu068L/n36hrBiYQ4tIG5rEoQT/o+fyF17gVXWanUbEkvMpAK1wgiNo0
ItqI3uRBD2/dEL6JOp1G80nRCJgc/3hxtTX0weWcqEq3ZWzNldXFj3jhnL0CgYA+
AwMCc5fgVIFleYZp1olqitzvVzfb34BPJhRhpyPWqz4QQB3pB4jNczexB6qITQJP
+wpoa6mKhbqoWQrs8cVyAojc/yXsTreSSSIkOMkF/vm+cltSTXjDOtoLx5sJnUFX
ncyAi2R2xhafdjruRuATVerpbJnfxBxYqd6KYsVtgQKBgQDddM03JtLJTIogLWKR
23ooi2scnx/7it29CmimO45KdVhOQrNGEIhIcAUiAOMEJakUbj9y7OkHP+XB4BEt
3UQPCg/JSsAds4v0PYPxfX/rth9ljPmXlSyOTIgGm92uVc4Dc66oZ0np/58UU7jn
xckq/sjrEIDVBabB4HZmPtPiPg==
-----END PRIVATE KEY-----
</key>
key-direction 1
<tls-auth>
#
# 2048 bit OpenVPN static key (Server Agent)
#
-----BEGIN OpenVPN Static key V1-----
7b6409d2edb613ea0e3e3b72812c0adf
f88e3a6ae40fc33fd77160c2bab7ed86
bafb880df099faa1969f891032fa1c4a
3c12daae4ddb8a41daa4e784237505eb
2070a45ceb0e8773f16111219cde9f2e
8ef42054422426ae9732b13008dd49cf
0ea0855328ba4a9fe516de97a5535965
7601asdfasdfsdwedfwff81a7c3757ef
ecbb524acf2a85dc10e433e943347a44
4dd3a7bb25d31a516e488ce0981d53c1
b3e4a60c4b60000e7932ba278076748d
2699ba6b626e2eefd8901a9fd6872e9c
ea54d1080580b0a6a88e1c35718a8213
b4846b39961a13d42528b7026dd9c0b2
666d25c798191eb75abf36033756a8fa
f478360384b8639f378754a8d4b804ca
-----END OpenVPN Static key V1-----
</tls-auth>
Please find the vpn warning, when connecting to the vpn for the first time.
in the details it show as follow. (keys and named are altered abit)
OpenVPN configuration file:
Client config
# Automatically generated OpenVPN client config file
# Default Cipher
cipher AES-256-CBC
# Note: this config file contains inline private keys
# and therefore should be kept confidential!
# Note: this configuration is user-locked to the username below
# OVPN_ACCESS_SERVER_USERNAME=free
# Define the profile name of this particular configuration file
# OVPN_ACCESS_SERVER_PROFILE=free@vpn.testvpn.com/AUTOLOGIN
# OVPN_ACCESS_SERVER_AUTOLOGIN=1
# OVPN_ACCESS_SERVER_CLI_PREF_ALLOW_WEB_IMPORT=True
# OVPN_ACCESS_SERVER_CLI_PREF_BASIC_CLIENT=False
# OVPN_ACCESS_SERVER_CLI_PREF_ENABLE_CONNECT=True
# OVPN_ACCESS_SERVER_CLI_PREF_ENABLE_XD_PROXY=True
# OVPN_ACCESS_SERVER_WSHOST=vpn.testvpn.com:443
# OVPN_ACCESS_SERVER_WEB_CA_BUNDLE_START
# -----BEGIN CERTIFICATE-----
# MIIE0DCCA7igAwIBAgIBBzANBgkqhkiG9w0BAQsFADCBgzELMAkGA1UEBhMCVVMx
# EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAYBgNVBAoT
# EUdvRGFkZHkuY29tLCBJbmMuMTEwLwYDVQQDEyhHbyBEYWRkeSBSb290IENlcnRp
# ZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTExMDUwMzA3MDAwMFoXDTMxMDUwMzA3
# MDAwMFowgbQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQH
# EwpTY290dHNkYWxlMRowGAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjEtMCsGA1UE
# CxMkaHR0cDovL2NlcnRzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkvMTMwMQYDVQQD
# EypHbyBEYWRkeSBTZWN1cmUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gRzIwggEi
# MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC54MsQ1K92vdSTYuswZLiBCGzD
# BNliF44v/z5lz4/asdfasdfasdfasdf4a2ODYpDOD2lsmcgaFItMzEUz6ojcnqOv
# K/6AYZ15V8TPLvQ/MDxdR/yaFrzDN5ZBUY4RS1T4KL7QjL7wMDge87Am+GZHY23e
# cSZHjzhHU9FGHbTj3ADqRay9vHHZqm8A29vNMDp5T19MR/gd71vCxJ1gO7GyQ5HY
# pDNO6rPWJ0+tJYqlxvTV0KaudAVkV4i1RFXULSo6Pvi4vekyCgKUZMQWOlDxSq7n
# eTOvDCAHf+jfBDnCaQJsY1L6d8EbyHSHyLmTGFBUNUtpTrw700kuH9zB0lL7AgMB
# AAGjggEaMIIBFjAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNV
# HQ4EFgQUQMK9J47MNIMwojPX+2yz8LQsgM4wHwYDVR0jBBgwFoAUOpqFBxBnKLbv
# 9r0FQW4gwZTaD94wNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8v
# b2NzcC5nb2RhZGR5LmNvbS8wNQYDVR0fBC4wLDAqoCigJoYkaHR0cDovL2NybC5n
# b2RhZGR5LmNvbS9nZHJvb3QtZzIuY3JsMEYGA1UdIAQ/MD0wOwYEVR0gADAzMDEG
# CCsGAQUFBwIBFiVodHRwczovL2NlcnRzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkv
# MA0GCSqGSIb3DQEBCwasdfasdfasdfasdfasdfapkEv/oV9PBO9sPpyIBslQj6Zz
# 91cxG7685C/b+LrTW+C05+Z5Yg4MotdqY3MxtfWoSKQ7CC2iXZDXtHwlTxFWMMS2
# RJ17LJ3lXubvDGGqv+QqG+6EnriDfcFDzkSnE3ANkR/0yBOtg2DZ2HKocyQetawi
# DsoXiWJYRBuriSUBAA/NxBti21G00w9RKpv0vHP8ds42pM3Z2Czqrpv1KrKQ0U11
# GIo/ikGQI31bS/6kA1ibRrLDYGCD+H1QQc7CoZDDu+8CL9IVVO5EFdkKrqeKM+2x
# LXY2JtwE65/3YR8V3Idv7kaWKK2hJn0KCacuBKONvPi8BDAB
# -----END CERTIFICATE-----
# -----BEGIN CERTIFICATE-----
# MIIEfTCCA2WgAwIBAgIDG+cVMA0GCSqGSIb3DQEBCwUAMGMxCzAJBgNVBAYTAlVT
# MSEwHwYDVQQKExhUaGUgR28gRGFkZHkgR3JvdXAsIEluYy4xMTAvBgNVBAsTKEdv
# IERhZGR5IENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTQwMTAx
# MDcwMDAwWhcNMzEwNTMwMDcwMDAwWjCBgzELMAkGA1UEBhMCVVMxEDAOBgNVBAgT
# B0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAYBgNVBAoTEUdvRGFkZHku
# Y29tLCBJbmMuMTEwLwYDVQQDEyhHbyBEYWRkeSBSb290IENlcnRpZmljYXRlIEF1
# dGhvcml0eSAtIEcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3Fi
# CPH6WTT3G8kYo/eASVjpIoMTpsUgQwE7hPHmhUmfJ+r2hBtOoLTbcJjHMgGxBT4H
# Tu70+k8vWTAi56sZVmvigAf88xZ1gDlRe+X5NbZ0TqmNghPktj+pA4P6or6KFWp/
# 3gvDthkUBcrqw6asdfasdfasdffmIsiNaW02jBEYt9OyHGC0OPoCjM7T3UYH3go+
# 6118yHz7sCtTpJJiaVElBWEaRIGMLKlDliPfrDqBmg4pxRyp6V0etp6eMAo5zvGI
# gPtLXcwy7IViQyU0AlYnAZG0O3AqP26x6JyIAX2f1PnbU21gnb8s51iruF9G/M7E
# GwM8CetJMVxpRrasdfasdfasdfasdfasdfMwDwYDVR0TAQH/BAUwAwEB/zAOBgNV
# HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFDqahQcQZyi27/a9BUFuIMGU2g/eMB8GA1Ud
# IwQYMBaAFNLEsNKR1EwRcbNhyz2h/t2oatTjMDQGCCsGAQUFBwEBBCgwJjAkBggr
# BgEFBQcwAYYYaHR0cDovL29jc3AuZ29kYWRkeS5jb20vMDIGA1UdHwQrMCkwJ6Al
# oCOGIWh0dHA6Ly9jcmwuZ29kYWRkeS5jb20vZ2Ryb290LmNybDBGBgNVHSAEPzA9
# MDsGBFUdIAAwMzAxBggrBgEFBQcCARYlaHR0cHM6Ly9jZXJ0cy5nb2RhZGR5LmNv
# bS9yZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEAWQtTvZKGEacke+1bMc8d
# H2xwxbhuvk679r6XUOEwf7ooXGKUwuN+M/f7QnaF25UcjCJYdQkMiGVnOQoWCcWg
# OJekxSOTP7QYpgEGRJHjp2kntFolfzq3Ms3dhP8qOCkzpN1nsoX+oYggHFCJyNwq
# 9kIDN0zmiN/VryTyscPfzLXs4Jlet0lUIDyUGAzHHFIYSaRt4bNYC8nY7NmuHDKO
# KHAN4v6mF56ED71XcLNa6R+ghlO773z/aQvgSMO3kwvIClTErF0UZzdsyqUvMQg3
# qm5vjLyb4lddJIGvl5echK1srDdMZvNhkREg5L4wn3qkKQmw4TRfZHcYQFHfjDCm
# rw==
# -----END CERTIFICATE-----
# -----BEGIN CERTIFICATE-----
# MIIEADCCAuigAwIBAgIBADANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJVUzEh
# MB8GA1UEChMYVGhlIEdvIERhZGR5IEdyb3VwLCBJbmMuMTEwLwYDVQQLEyhHbyBE
# YWRkeSBDbGFzcyAyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA0MDYyOTE3
# MDYyMFoXDTM0MDYyOTE3MDYyMFowYzELMAkGA1UEBhMCVVMxITAfBgNVBAoTGFRo
# ZSBHbyBEYWRkeSBHcm91cCwgSW5jLjExMC8GA1UECxMoR28gRGFkZHkgQ2xhc3Mg
# MiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCASAwDQYJKoZIhvcNAQEBBQADggEN
# ADCCAQgCggEBAN6d1+pXGEmhW+vXX0iG6r7d/+TvZxz0ZWizV3GgXne77ZtJ6XCA
# PVYYYwhv2vLM0D9/AlQiVBDYsoHUwHU9S3/Hd8M+eKsaA7Ugay9qK7HFiH7Eux6w
# wdhFJ2+qN1j3hybX2C32qRe3H3I2TqYXP2WYktsqbl2i/ojgC95/5Y0V4evLOtXi
# EqITLdiOr18SPaAIBQi2XKVlOARFmR6jYGB0xUGlcmIbYsUfb18aQr4CUWWoriMY
# avx4A6lNf4DD+qta/KFApMoZFv6yyO9ecw3ud72a9nmYvLEHZ6IVDd2gWMZEewo+
# YihfukEHU1jPEX44dMX4/7VpkI+EdOqXG68CAQOjgcAwgb0wHQYDVR0OBBYEFNLE
# sNKR1EwRcbNhyz2h/t2oatTjMIGNBgNVHSMEgYUwgYKAFNLEsNKR1EwRcbNhyz2h
# /t2oatTjoWekZTBjMQswCQYDVQQGEwJVUzEhMB8GA1UEChMYVGhlIEdvIERhZGR5
# IEdyb3VwLCBJbmMuMTEwasdfasdfasdfasdfasRkeSBDbGFzcyAyIENlcnRpZmlj
# YXRpb24gQXV0aG9yaXR5ggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQAD
# ggEBADJL87LKPpH8EsahB4yOd6AzBhRckB4Y9wimPQoZ+YeAEW5p5JYXMP80kWNy
# OO7MHAGjHZQopDH2esRU1/blMVgDoszOYtuURXO1v0XJJLXVggKtI3lpjbi2Tc7P
# TMozI+gciKqdi0FuFskg5YmezTvacPd+mSYgFFQlq25zheabIZ0KbIIOqPjCDPoQ
# HmyW74cNxA9hi63ugyuV+I6ShHI56yDqg+2DzZduCLzrTia2cyvk0/ZM/iZx4mER
# dEr/VxqHD3VILs9RaRegAhJhldXRQLIQTO7ErBBDpqWeCtWVYpoNz4iCxTIM5Cuf
# ReYNnyicsbkqWletNw+vHX/bvZ8=
# -----END CERTIFICATE-----
# OVPN_ACCESS_SERVER_WEB_CA_BUNDLE_STOP
# OVPN_ACCESS_SERVER_IS_OPENVPN_WEB_CA=0
# OVPN_ACCESS_SERVER_ORGANIZATION=OpenVPN, Inc.
setenv FORWARD_COMPATIBLE 1
client
server-poll-timeout 4
nobind
remote vpn.testvpn.com 500 udp
remote vpn.testvpn.com 500 udp
remote vpn.testvpn.com 443 tcp
remote vpn.testvpn.com 500 udp
remote vpn.testvpn.com 500 udp
remote vpn.testvpn.com 500 udp
remote vpn.testvpn.com 500 udp
remote vpn.testvpn.com 500 udp
dev tun
dev-type tun
ns-cert-type server
setenv opt tls-version-min 1.0 or-highest
reneg-sec 604800
sndbuf 100000
rcvbuf 100000
# NOTE: LZO commands are pushed by the Access Server at connect time.
# NOTE: The below line doesn't disable LZO.
comp-lzo no
verb 3
setenv PUSH_PEER_INFO
<ca>
-----BEGIN CERTIFICATE-----
MIICuDCCAaCgAwIBAgIEYC6XxDANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQDDApP
cGVuVlBOIENBMB4XDTIxMDIxMTE2MzcyNFoXDTMxMDIxNjE2MzcyNFowFTETMBEG
A1UEAwwKT3BlblZQTiBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ALTUwMDxRS6+ZKhtePkp2WWxNAQcUqcQDKhhJ50xCqUfDxIwkJnPGSDieRWhB5Yh
c3tpu6Y2zVbwvsA8SvsOjHtf1F4S6rFa5WwZsgd1jGtVgqo/Ka4aKSJ1gy7qy2qK
paZ2UqWdDOTsdfasdfasdfasdfasdfasdtUNybO6gQDDw6Fu1l1NlWnbA7J8ry4j
ITldR5XNIah2ZWAOK8x1zECDUAC9Pzgx1Pe4ooi5rQ5eliZXNWa+VIFPXgzkmYfv
f0SloPrANyDCvTG8rPskwFZx5NLvgsVRlvVCnz2e209VWeJYm0YFxKs12qX5UVE6
xZP1y4uP7g1e4k41K7muzmUCAwEAAaMQMA4wDAYDVR0TBAUwAwEB/zANBgkqhkiG
9w0BAQsFAAOCAQEAEEeG8UxqlQ9IevBm+7sNvKAPDqSkaxTjO9uz03S/XXT1fF9k
Qhmvm7bEyJ2THhAfxwD07IrAzc/S8VP2Jqq3tpbF4J2ug1dCf5GWdHrgjAAWEVZB
ytRAVYaJT7COY2pIYRwNI7TfbY7oK0Uiekujbldi5FteaFiZU208XrVGwdKFFVXc
fGRwhrcL8evXQaxoJIPYWVylnz82h3htcGqPjQ9nhaVzqI3WHNOAqsHQVurV/sAZ
WEfKB5Pem7vegcrCOl4tKOjoh9lvn5B0KqUpueqmsWmE2WxAqpzv55NGwnRsFRC1
qLdjPB1l6DFYqQ5XzArBps+br/M+yOmRjbhCow==
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
MIICyTCCAbGgAwIBAgIBCjANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQDDApPcGVu
VlBOIENBMB4XDTIxMDIxNzE4NTUyM1oXDTMxMDIyMjE4NTUyM1owGTEXMBUGA1UE
AwwOZnJlZV9BVVRPTE9HSU4wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDeCqICcqstBrCxQmnDp9eSq6z8IsK5GFdNBSGTvbt/RPW5LUOMXECSETsYAgms
y/hdwnuAP69W9VZoP55h95Jqqpy6X97/pOvYVsIZ9e7CbYScJfnCMk0UU9KdGAcj
oK39qrnoUg6HlFwtLshc9qM2onhx7m2LZQlMR9K5x8nN5S5sffcIZJ6Ywvp4enE9
j9yjN/9KOqVzE5/Dsdafasdfasdfasdfsdfsg1j4fKUcoTlndng39IGtgRurH86Q
pU4OkwmSnfwSvJFi1l8CNW74NrTOEENgo53aXV4uyd+GZjCEMnhVWfn40GdiLUA3
6JKODGM5RFqeUGtQJPoCs2vzAgMBAAGjIDAeMAkGA1UdEwQCMAAwEQYJYIZIAYb4
QgEBBAQDAgeAMA0GCSqGSIb3DQEBCwUAA4IBAQCdvW1tNU8gt0pH182A1Em2YTUS
a6LABrutb/+QdpU1w3jMNx8h6dveR5ZfTu9w9a7Zcm2azRtLy40UE+jtsivrHzPU
INeBrD6N5HAZgP11inxFAhfHWchogCHlauWslqHqKxwAaXy2oD/I+HzNSFHeEzLu
nUvZwoMYZ0GaQRAt9Cjow2hxR049p4zN8gBmg+Nm5ezmSDdLFcY5kpDU3kwcsz8d
O+wiekchDVrg9PVMi7sTrXVJ+A6O+3S21jtAdHc9LtWMaPjPBLQXiBcCFBomF8sT
mkIAwEeKAd9wvivZxf0anWr4UgC8D88yiUwguIzaqSMgQP5/Fl+AfJD8bsiB
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDeCqICcqstBrCx
QmnDp9eSq6z8IsK5GFdNBSGTvbt/RPW5LUOMXECSETsYAgmsy/hdwnuAP69W9VZo
P55h95Jqqpy6X97/pOvYVsIZ9e7CbYScJfnCMk0UU9KdGAcjoK39qrnoUg6HlFwt
Lshc9qM2onhx7m2LZQlMR9K5x8nN5S5sffcIZJ6Ywvp4enE9j9yjN/9KOqVzE5/D
gvgCxPJEDmNjmb6AGR3og1j4fKUcoTlndng39IGtgRurH86QpU4OkwmSnfwSvJFi
1l8CNW74NrTOEENgo53aXV4uyd+GZjCEMnhVWfn40GdiLUA36JKODGM5RFqeUGtQ
JPoCs2vzAgMBAAECggEBALlo/ZG3uPJ3RLIv9+s2S0+hZWiBikJPbg7Vew1IgLms
lteTUXVyT0TpeIP6p6OQCwwX61LTWxHs+cNBZHr/5VaGsyr6BVdJmtriz2AoOcBG
/VX6bA1aPXz85cDiIIwCj2dj2auCYbmbDEF6cDsYhH+JubPBWd3td48n5nHVv9DZ
wcQGlNtJ1TzTFIkGel69pcLWmocEEkwQuNcNHnd5jDEZjBjAeonKLmP5uYJuej5v
aq4GH6u5kIrOYAZabx3aMJg2mf9+k4Sv+e7fqBJj0gh01qI90bA71lHZ179rXmUg
5g4c9/i/1O3k7C2WM2aasdfasdfasdfasdffTGjK+iECgYEA9g2UvH/vm18OSy7G
ppIBnxjxPg6jntPhlJacABmfB2ATP6CP3OCid0tJHzNOSUgSeTWbuS57A152jxhV
GU+RG4WJL6iHhgjQ4FIvew+mr1W2MkHC/OakIy6m2eeOx01cxydRecTUxe//MTHz
mQF9+tOW9VM/O+T3jCRPGV8lcoMCgYEA5wSOG5IFLe6QCT1KrATv1XQtFdSQomRL
pq9f7GB5CpSdy5YIv3fRvR51pHy75VV83wP+MA1Mzvpe98nMKlPazT35tOlXXNn8
/N30UeIoQyweOxU2qstsoHl/zjKfvcNj1wJFl84/IRl1FFO9AniVZQU2lvw0zN0i
h13R9gHcJdECgYEAok2nFQhXJ2f2Z8V9KBcblrS/PS4u4+/j1z3ZvX8pFZZcXBYv
j4Vl5cb1fu068L/n36hrBiYQ4tIG5rEoQT/o+fyF17gVXWanUbEkvMpAK1wgiNo0
ItqI3uRBD2/dEL6JOp1G80nRCJgc/3hxtTX0weWcqEq3ZWzNldXFj3jhnL0CgYA+
AwMCc5fgVIFleYZp1olqitzvVzfb34BPJhRhpyPWqz4QQB3pB4jNczexB6qITQJP
+wpoa6mKhbqoWQrs8cVyAojc/yXsTreSSSIkOMkF/vm+cltSTXjDOtoLx5sJnUFX
ncyAi2R2xhafdjruRuATVerpbJnfxBxYqd6KYsVtgQKBgQDddM03JtLJTIogLWKR
23ooi2scnx/7it29CmimO45KdVhOQrNGEIhIcAUiAOMEJakUbj9y7OkHP+XB4BEt
3UQPCg/JSsAds4v0PYPxfX/rth9ljPmXlSyOTIgGm92uVc4Dc66oZ0np/58UU7jn
xckq/sjrEIDVBabB4HZmPtPiPg==
-----END PRIVATE KEY-----
</key>
key-direction 1
<tls-auth>
#
# 2048 bit OpenVPN static key (Server Agent)
#
-----BEGIN OpenVPN Static key V1-----
7b6409d2edb613ea0e3e3b72812c0adf
f88e3a6ae40fc33fd77160c2bab7ed86
bafb880df099faa1969f891032fa1c4a
3c12daae4ddb8a41daa4e784237505eb
2070a45ceb0e8773f16111219cde9f2e
8ef42054422426ae9732b13008dd49cf
0ea0855328ba4a9fe516de97a5535965
7601asdfasdfsdwedfwff81a7c3757ef
ecbb524acf2a85dc10e433e943347a44
4dd3a7bb25d31a516e488ce0981d53c1
b3e4a60c4b60000e7932ba278076748d
2699ba6b626e2eefd8901a9fd6872e9c
ea54d1080580b0a6a88e1c35718a8213
b4846b39961a13d42528b7026dd9c0b2
666d25c798191eb75abf36033756a8fa
f478360384b8639f378754a8d4b804ca
-----END OpenVPN Static key V1-----
</tls-auth>
Last edited by Pippin on Sat Feb 27, 2021 11:20 am, edited 1 time in total.
Reason: Formatting
Reason: Formatting
-
cryptobug
- OpenVpn Newbie
- Posts: 4
- Joined: Mon Feb 22, 2021 7:58 pm
Re: why seeing private key in the config from the server
following are some of the log from /var/log/openvpnas.log
I am also seeing TLS error, eventhough we are using the ssl cert properly signed by CA.
Is there potential replay or intercept by the teleco or government?
I am also seeing TLS error, eventhough we are using the ssl cert properly signed by CA.
Is there potential replay or intercept by the teleco or government?
Code: Select all
2021-02-27 10:06:13+0000 [-] OVPN 5 OUT: 'Sat Feb 27 10:06:13 2021 65.18.126.99:16950 peer info: IV_PLAT=android'
2021-02-27 10:06:13+0000 [-] OVPN 5 OUT: 'Sat Feb 27 10:06:13 2021 65.18.126.99:16950 peer info: IV_NCP=2'
2021-02-27 10:06:13+0000 [-] OVPN 5 OUT: 'Sat Feb 27 10:06:13 2021 65.18.126.99:16950 peer info: IV_TCPNL=1'
2021-02-27 10:06:13+0000 [-] OVPN 5 OUT: 'Sat Feb 27 10:06:13 2021 65.18.126.99:16950 peer info: IV_PROTO=2'
2021-02-27 10:06:13+0000 [-] OVPN 5 OUT: 'Sat Feb 27 10:06:13 2021 65.18.126.99:16950 peer info: IV_LZO_STUB=1'
2021-02-27 10:06:13+0000 [-] OVPN 5 OUT: 'Sat Feb 27 10:06:13 2021 65.18.126.99:16950 peer info: IV_COMP_STUB=1'
2021-02-27 10:06:13+0000 [-] OVPN 5 OUT: 'Sat Feb 27 10:06:13 2021 65.18.126.99:16950 peer info: IV_COMP_STUBv2=1'
2021-02-27 10:06:13+0000 [-] OVPN 5 OUT: 'Sat Feb 27 10:06:13 2021 65.18.126.99:16950 peer info: IV_GUI_VER=net.openvpn.connect.android_3.2.4-5891'
2021-02-27 10:06:13+0000 [-] OVPN 5 OUT: 'Sat Feb 27 10:06:13 2021 65.18.126.99:16950 peer info: IV_SSO=openurl'
2021-02-27 10:06:13+0000 [-] OVPN 5 OUT: 'Sat Feb 27 10:06:13 2021 65.18.126.99:16950 peer info: IV_HWADDR=32:37:61:37:31:34:35'
2021-02-27 10:06:13+0000 [-] OVPN 5 OUT: 'Sat Feb 27 10:06:13 2021 65.18.126.99:16950 peer info: IV_SSL=OpenSSL_1.1.1h__22_Sep_2020'
2021-02-27 10:06:13+0000 [-] AUTH SUCCESS {'status': 0, 'reason': 'local auth succeeded', 'serial_list': [], 'user': u'free', 'proplist': {u'prop_autologin': u'true', u'pvt_password_digest': '[redacted]', u'type': u'user_connect', u'prop_autogenerate': u'true'}, 'common_name': u'free', 'serial': '11'} cli=u'android'/u'3.git:released:662eae9a:Release'
2021-02-27 10:06:13+0000 [-] OVPN 5 OUT: "Sat Feb 27 10:06:13 2021 MANAGEMENT: CMD 'client-auth 17219 0'"
2021-02-27 10:06:13+0000 [-] OVPN 5 OUT: 'Sat Feb 27 10:06:13 2021 65.18.126.99:16950 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA'
2021-02-27 10:06:13+0000 [-] OVPN 5 OUT: 'Sat Feb 27 10:06:13 2021 65.18.126.99:16950 [free] Peer Connection Initiated with [AF_INET]65.18.126.99:16950 (via [AF_INET]10.15.0.6%eth0)'
2021-02-27 10:06:13+0000 [-] OVPN 5 OUT: 'Sat Feb 27 10:06:13 2021 free/65.18.126.99:16950 OPTIONS IMPORT: compression parms modified'
2021-02-27 10:06:13+0000 [-] OVPN 5 OUT: 'Sat Feb 27 10:06:13 2021 free/65.18.126.99:16950 MULTI: Learn: 172.27.235.31 -> free/65.18.126.99:16950'
2021-02-27 10:06:13+0000 [-] OVPN 5 OUT: 'Sat Feb 27 10:06:13 2021 free/65.18.126.99:16950 MULTI: primary virtual IP for free/65.18.126.99:16950: 172.27.235.31'
2021-02-27 10:06:13+0000 [-] OVPN 5 OUT: "Sat Feb 27 10:06:13 2021 free/65.18.126.99:16950 SENT CONTROL [free]: 'PUSH_REPLY,explicit-exit-notify,topology subnet,route-delay 5 30,dhcp-pre-release,dhcp-renew,dhcp-release,route-metric 101,ping 12,ping-restart 50,auth-tokenSESS_ID,comp-lzo no,redirect-gateway def1,redirect-gateway bypass-dhcp,redirect-gateway autolocal,route-gateway 172.27.234.1,dhcp-option DNS 67.207.67.2,dhcp-option DNS 67.207.67.3,register-dns,block-ipv6,ifconfig 172.27.235.31 255.255.254.0,peer-id 14,cipher AES-256-GCM' (status=1)"
2021-02-27 10:06:13+0000 [-] OVPN 5 OUT: "Sat Feb 27 10:06:13 2021 free/65.18.126.99:16950 Data Channel: using negotiated cipher 'AES-256-GCM'"
2021-02-27 10:06:13+0000 [-] OVPN 5 OUT: "Sat Feb 27 10:06:13 2021 free/65.18.126.99:16950 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key"
2021-02-27 10:06:13+0000 [-] OVPN 5 OUT: "Sat Feb 27 10:06:13 2021 free/65.18.126.99:16950 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key"
2021-02-27 10:06:13+0000 [-] OVPN 6 OUT: 'Sat Feb 27 10:06:13 2021 free/69.160.30.88:39829 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #8 / time = (1614420002) Sat Feb 27 10:00:02 2021 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings'
2021-02-27 10:06:13+0000 [-] OVPN 6 OUT: 'Sat Feb 27 10:06:13 2021 free/69.160.30.88:39829 TLS Error: incoming packet authentication failed from [AF_INET]69.160.30.88:39829 (via [AF_INET]10.15.0.6%eth0)'
2021-02-27 10:06:13+0000 [-] OVPN 7 OUT: 'Sat Feb 27 10:06:13 2021 htaywin1/136.228.174.56:20546 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #8 / time = (1614420177) Sat Feb 27 10:02:57 2021 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings'
2021-02-27 10:06:13+0000 [-] OVPN 7 OUT: 'Sat Feb 27 10:06:13 2021 htaywin1/136.228.174.56:20546 TLS Error: incoming packet authentication failed from [AF_INET]136.228.174.56:20546 (via [AF_INET]10.15.0.6%eth0)'
2021-02-27 10:06:13+0000 [-] OVPN 0 OUT: 'Sat Feb 27 10:06:13 2021 free_AUTOLOGIN/103.121.224.226:65111 Connection reset, restarting [0]'
2021-02-27 10:06:13+0000 [-] OVPN 0 OUT: 'Sat Feb 27 10:06:13 2021 free_AUTOLOGIN/103.121.224.226:65111 SIGUSR1[soft,connection-reset] received, client-instance restarting'
2021-02-27 10:06:14+0000 [-] OVPN 6 OUT: 'Sat Feb 27 10:06:14 2021 136.228.172.64:31267 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)'
2021-02-27 10:06:14+0000 [-] OVPN 6 OUT: 'Sat Feb 27 10:06:14 2021 136.228.172.64:31267 TLS Error: TLS handshake failed'
2021-02-27 10:06:14+0000 [-] OVPN 6 OUT: 'Sat Feb 27 10:06:14 2021 136.228.172.64:31267 SIGUSR1[soft,tls-error] received, client-instance restarting'
2021-02-27 10:06:14+0000 [-] OVPN 6 OUT: 'Sat Feb 27 10:06:14 2021 136.228.172.107:37748 TLS: Initial packet from [AF_INET]136.228.172.107:37748 (via [AF_INET]10.15.0.6%eth0), sid=1c429af1 a587af35'
2021-02-27 10:06:14+0000 [-] OVPN 6 OUT: 'Sat Feb 27 10:06:14 2021 free/69.160.30.88:39829 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #8 / time = (1614420002) Sat Feb 27 10:00:02 2021 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings'
2021-02-27 10:06:14+0000 [-] OVPN 6 OUT: 'Sat Feb 27 10:06:14 2021 free/69.160.30.88:39829 TLS Error: incoming packet authentication failed from [AF_INET]69.160.30.88:39829 (via [AF_INET]10.15.0.6%eth0)'
2021-02-27 10:06:14+0000 [-] OVPN 7 OUT: 'Sat Feb 27 10:06:14 2021 htaywin1/136.228.174.56:20546 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #8 / time = (1614420177) Sat Feb 27 10:02:57 2021 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings'
2021-02-27 10:06:14+0000 [-] OVPN 7 OUT: 'Sat Feb 27 10:06:14 2021 htaywin1/136.228.174.56:20546 TLS Error: incoming packet authentication failed from [AF_INET]136.228.174.56:20546 (via [AF_INET]10.15.0.6%eth0)'
2021-02-27 10:06:15+0000 [-] OVPN 6 OUT: 'Sat Feb 27 10:06:15 2021 free/69.160.30.88:39829 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #8 / time = (1614420002) Sat Feb 27 10:00:02 2021 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings'
2021-02-27 10:06:15+0000 [-] OVPN 6 OUT: 'Sat Feb 27 10:06:15 2021 free/69.160.30.88:39829 TLS Error: incoming packet authentication failed from [AF_INET]69.160.30.88:39829 (via [AF_INET]10.15.0.6%eth0)'
2021-02-27 10:06:15+0000 [-] OVPN 7 OUT: 'Sat Feb 27 10:06:15 2021 htaywin1/136.228.174.56:20546 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #8 / time = (1614420177) Sat Feb 27 10:02:57 2021 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings'
2021-02-27 10:06:15+0000 [-] OVPN 7 OUT: 'Sat Feb 27 10:06:15 2021 htaywin1/136.228.174.56:20546 TLS Error: incoming packet authentication failed from [AF_INET]136.228.174.56:20546 (via [AF_INET]10.15.0.6%eth0)'
2021-02-27 10:06:16+0000 [-] OVPN 5 OUT: 'Sat Feb 27 10:06:16 2021 37.111.4.139:42687 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)'
2021-02-27 10:06:16+0000 [-] OVPN 5 OUT: 'Sat Feb 27 10:06:16 2021 37.111.4.139:42687 TLS Error: TLS handshake failed'
2021-02-27 10:06:16+0000 [-] OVPN 5 OUT: 'Sat Feb 27 10:06:16 2021 37.111.4.139:42687 SIGUSR1[soft,tls-error] received, client-instance restarting'
2021-02-27 10:06:16+0000 [-] OVPN 6 OUT: 'Sat Feb 27 10:06:16 2021 free/69.160.30.88:39829 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #8 / time = (1614420002) Sat Feb 27 10:00:02 2021 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings'
2021-02-27 10:06:16+0000 [-] OVPN 6 OUT: 'Sat Feb 27 10:06:16 2021 free/69.160.30.88:39829 TLS Error: incoming packet authentication failed from [AF_INET]69.160.30.88:39829 (via [AF_INET]10.15.0.6%eth0)'
2021-02-27 10:06:16+0000 [-] OVPN 7 OUT: 'Sat Feb 27 10:06:16 2021 37.111.4.139:43287 TLS: Initial packet from [AF_INET]37.111.4.139:43287 (via [AF_INET]10.15.0.6%eth0), sid=78182b1a fb27cc7e'
2021-02-27 10:06:16+0000 [-] OVPN 7 OUT: 'Sat Feb 27 10:06:16 2021 htaywin1/136.228.174.56:20546 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #8 / time = (1614420177) Sat Feb 27 10:02:57 2021 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings'
2021-02-27 10:06:16+0000 [-] OVPN 7 OUT: 'Sat Feb 27 10:06:16 2021 htaywin1/136.228.174.56:20546 TLS Error: incoming packet authentication failed from [AF_INET]136.228.174.56:20546 (via [AF_INET]10.15.0.6%eth0)'
2021-02-27 10:06:17+0000 [-] OVPN 7 OUT: 'Sat Feb 27 10:06:17 2021 136.228.172.64:31277 TLS: Initial packet from [AF_INET]136.228.172.64:31277 (via [AF_INET]10.15.0.6%eth0), sid=6315fa27 426c5fef'
2021-02-27 10:06:17+0000 [-] OVPN 7 OUT: 'Sat Feb 27 10:06:17 2021 210.14.105.70:45439 TLS: Initial packet from [AF_INET]210.14.105.70:45439 (via [AF_INET]10.15.0.6%eth0), sid=b1ff6457 0218896c'
2021-02-27 10:06:17+0000 [-] OVPN 6 OUT: 'Sat Feb 27 10:06:17 2021 free/69.160.30.88:39829 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #8 / time = (1614420002) Sat Feb 27 10:00:02 2021 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings'
2021-02-27 10:06:17+0000 [-] OVPN 6 OUT: 'Sat Feb 27 10:06:17 2021 free/69.160.30.88:39829 TLS Error: incoming packet authentication failed from [AF_INET]69.160.30.88:39829 (via [AF_INET]10.15.0.6%eth0)'
2021-02-27 10:06:17+0000 [-] OVPN 7 OUT: 'Sat Feb 27 10:06:17 2021 210.14.105.70:45439 VERIFY OK: depth=1, /CN=OpenVPN CA'
2021-02-27 10:06:17+0000 [-] OVPN 7 OUT: 'Sat Feb 27 10:06:17 2021 210.14.105.70:45439 VERIFY OK: nsCertType=CLIENT'
2021-02-27 10:06:17+0000 [-] OVPN 7 OUT: 'Sat Feb 27 10:06:17 2021 210.14.105.70:45439 VERIFY OK: depth=0, /CN=free'
2021-02-27 10:06:17+0000 [-] OVPN 7 OUT: 'Sat Feb 27 10:06:17 2021 210.14.105.70:45439 peer info: IV_VER=3.git::58b92569'
2021-02-27 10:06:17+0000 [-] OVPN 7 OUT: 'Sat Feb 27 10:06:17 2021 210.14.105.70:45439 peer info: IV_PLAT=ios'
2021-02-27 10:06:17+0000 [-] OVPN 7 OUT: 'Sat Feb 27 10:06:17 2021 210.14.105.70:45439 peer info: IV_NCP=2'
2021-02-27 10:06:17+0000 [-] OVPN 7 OUT: 'Sat Feb 27 10:06:17 2021 210.14.105.70:45439 peer info: IV_TCPNL=1'
2021-02-27 10:06:17+0000 [-] OVPN 7 OUT: 'Sat Feb 27 10:06:17 2021 210.14.105.70:45439 peer info: IV_PROTO=2'
2021-02-27 10:06:17+0000 [-] OVPN 7 OUT: 'Sat Feb 27 10:06:17 2021 210.14.105.70:45439 peer info: IV_LZO_STUB=1'
2021-02-27 10:06:17+0000 [-] OVPN 7 OUT: 'Sat Feb 27 10:06:17 2021 210.14.105.70:45439 peer info: IV_COMP_STUB=1'
2021-02-27 10:06:17+0000 [-] OVPN 7 OUT: 'Sat Feb 27 10:06:17 2021 210.14.105.70:45439 peer info: IV_COMP_STUBv2=1'
2021-02-27 10:06:17+0000 [-] OVPN 7 OUT: 'Sat Feb 27 10:06:17 2021 210.14.105.70:45439 peer info: IV_GUI_VER=net.openvpn.connect.ios_3.2.3-3760'
2021-02-27 10:06:17+0000 [-] OVPN 7 OUT: 'Sat Feb 27 10:06:17 2021 210.14.105.70:45439 peer info: IV_SSO=openurl'
2021-02-27 10:06:17+0000 [-] OVPN 7 OUT: 'Sat Feb 27 10:06:17 2021 210.14.105.70:45439 peer info: IV_HWADDR=4F95A5F2-CF8F-49EA-B425-17CB85DED803'
2021-02-27 10:06:17+0000 [-] OVPN 7 OUT: 'Sat Feb 27 10:06:17 2021 210.14.105.70:45439 peer info: IV_SSL=OpenSSL_1.1.1i__8_Dec_2020'
2021-02-27 10:06:17+0000 [-] AUTH SUCCESS {'status': 0, 'session_id': '[redacted]', 'reason': 'SESSION_ID auth succeeded', 'serial_list': [], 'user': u'free', 'proplist': {u'prop_autologin': u'true', u'pvt_password_digest': '[redacted]', u'type': u'user_connect', u'prop_autogenerate': u'true'}, 'common_name': u'free', 'serial': '11'} cli=u'ios'/u'3.git::58b92569'
2021-02-27 10:06:17+0000 [-] OVPN 7 OUT: "Sat Feb 27 10:06:17 2021 MANAGEMENT: CMD 'client-auth 19227 0'"
2021-02-27 10:06:17+0000 [-] OVPN 7 OUT: 'Sat Feb 27 10:06:17 2021 210.14.105.70:45439 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA'
2021-02-27 10:06:17+0000 [-] OVPN 7 OUT: 'Sat Feb 27 10:06:17 2021 210.14.105.70:45439 [free] Peer Connection Initiated with [AF_INET]210.14.105.70:45439 (via [AF_INET]10.15.0.6%eth0)'
2021-02-27 10:06:17+0000 [-] OVPN 7 OUT: 'Sat Feb 27 10:06:17 2021 free/210.14.105.70:45439 OPTIONS IMPORT: compression parms modified'
2021-02-27 10:06:17+0000 [-] OVPN 7 OUT: 'Sat Feb 27 10:06:17 2021 free/210.14.105.70:45439 MULTI: Learn: 172.27.239.35 -> free/210.14.105.70:45439'
2021-02-27 10:06:17+0000 [-] OVPN 7 OUT: 'Sat Feb 27 10:06:17 2021 free/210.14.105.70:45439 MULTI: primary virtual IP for free/210.14.105.70:45439: 172.27.239.35'
2021-02-27 10:06:17+0000 [-] OVPN 7 OUT: "Sat Feb 27 10:06:17 2021 free/210.14.105.70:45439 SENT CONTROL [free]: 'PUSH_REPLY,explicit-exit-notify,topology subnet,route-delay 5 30,dhcp-pre-release,dhcp-renew,dhcp-release,route-metric 101,ping 12,ping-restart 50,auth-tokenSESS_ID,comp-lzo no,redirect-gateway def1,redirect-gateway bypass-dhcp,redirect-gateway autolocal,route-gateway 172.27.238.1,dhcp-option DNS 67.207.67.2,dhcp-option DNS 67.207.67.3,register-dns,block-ipv6,ifconfig 172.27.239.35 255.255.254.0,peer-id 9,cipher AES-256-GCM' (status=1)"
2021-02-27 10:06:17+0000 [-] OVPN 7 OUT: "Sat Feb 27 10:06:17 2021 free/210.14.105.70:45439 Data Channel: using negotiated cipher 'AES-256-GCM'"
2021-02-27 10:06:17+0000 [-] OVPN 7 OUT: "Sat Feb 27 10:06:17 2021 free/210.14.105.70:45439 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key"
2021-02-27 10:06:17+0000 [-] OVPN 7 OUT: "Sat Feb 27 10:06:17 2021 free/210.14.105.70:45439 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key"
2021-02-27 10:06:17+0000 [-] OVPN 7 OUT: 'Sat Feb 27 10:06:17 2021 htaywin1/136.228.174.56:20546 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #8 / time = (1614420177) Sat Feb 27 10:02:57 2021 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings'
2021-02-27 10:06:17+0000 [-] OVPN 7 OUT: 'Sat Feb 27 10:06:17 2021 htaywin1/136.228.174.56:20546 TLS Error: incoming packet authentication failed from [AF_INET]136.228.174.56:20546 (via [AF_INET]10.15.0.6%eth0)'
2021-02-27 10:06:18+0000 [-] OVPN 6 OUT: 'Sat Feb 27 10:06:18 2021 136.228.172.107:37737 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)'
2021-02-27 10:06:18+0000 [-] OVPN 6 OUT: 'Sat Feb 27 10:06:18 2021 136.228.172.107:37737 TLS Error: TLS handshake failed'
2021-02-27 10:06:18+0000 [-] OVPN 6 OUT: 'Sat Feb 27 10:06:18 2021 136.228.172.107:37737 SIGUSR1[soft,tls-error] received, client-instance restarting'
2021-02-27 10:06:18+0000 [-] OVPN 6 OUT: 'Sat Feb 27 10:06:18 2021 free/69.160.30.88:39829 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #8 / time = (1614420002) Sat Feb 27 10:00:02 2021 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings'
2021-02-27 10:06:18+0000 [-] OVPN 6 OUT: 'Sat Feb 27 10:06:18 2021 free/69.160.30.88:39829 TLS Error: incoming packet authentication failed from [AF_INET]69.160.30.88:39829 (via [AF_INET]10.15.0.6%eth0)'
2021-02-27 10:06:18+0000 [-] OVPN 6 OUT: 'Sat Feb 27 10:06:18 2021 136.228.172.107:37749 TLS: Initial packet from [AF_INET]136.228.172.107:37749 (via [AF_INET]10.15.0.6%eth0), sid=d993fbb6 faf918e4'
2021-02-27 10:06:18+0000 [-] OVPN 7 OUT: 'Sat Feb 27 10:06:18 2021 htaywin1/136.228.174.56:20546 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #8 / time = (1614420177) Sat Feb 27 10:02:57 2021 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings'
2021-02-27 10:06:18+0000 [-] OVPN 7 OUT: 'Sat Feb 27 10:06:18 2021 htaywin1/136.228.174.56:20546 TLS Error: incoming packet authentication failed from [AF_INET]136.228.174.56:20546 (via [AF_INET]10.15.0.6%eth0)'
2021-02-27 10:06:19+0000 [-] OVPN 6 OUT: 'Sat Feb 27 10:06:19 2021 136.228.172.64:31268 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)'
2021-02-27 10:06:19+0000 [-] OVPN 6 OUT: 'Sat Feb 27 10:06:19 2021 136.228.172.64:31268 TLS Error: TLS handshake failed'
2021-02-27 10:06:19+0000 [-] OVPN 6 OUT: 'Sat Feb 27 10:06:19 2021 136.228.172.64:31268 SIGUSR1[soft,tls-error] received, client-instance restarting'
2021-02-27 10:06:19+0000 [-] OVPN 6 OUT: 'Sat Feb 27 10:06:19 2021 free/69.160.30.88:39829 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #8 / time = (1614420002) Sat Feb 27 10:00:02 2021 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings'
2021-02-27 10:06:19+0000 [-] OVPN 6 OUT: 'Sat Feb 27 10:06:19 2021 free/69.160.30.88:39829 TLS Error: incoming packet authentication failed from [AF_INET]69.160.30.88:39829 (via [AF_INET]10.15.0.6%eth0)'
2021-02-27 10:06:19+0000 [-] OVPN 7 OUT: 'Sat Feb 27 10:06:19 2021 htaywin1/136.228.174.56:20546 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #8 / time = (1614420177) Sat Feb 27 10:02:57 2021 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings'
2021-02-27 10:06:19+0000 [-] OVPN 7 OUT: 'Sat Feb 27 10:06:19 2021 htaywin1/136.228.174.56:20546 TLS Error: incoming packet authentication failed from [AF_INET]136.228.174.56:20546 (via [AF_INET]10.15.0.6%eth0)'
2021-02-27 10:06:20+0000 [-] OVPN 6 OUT: 'Sat Feb 27 10:06:20 2021 free/69.160.30.88:39829 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #8 / time = (1614420002) Sat Feb 27 10:00:02 2021 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings'
2021-02-27 10:06:20+0000 [-] OVPN 6 OUT: 'Sat Feb 27 10:06:20 2021 free/69.160.30.88:39829 TLS Error: incoming packet authentication failed from [AF_INET]69.160.30.88:39829 (via [AF_INET]10.15.0.6%eth0)'
2021-02-27 10:06:20+0000 [-] OVPN 4 OUT: 'Sat Feb 27 10:06:20 2021 37.111.4.139:42688 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)'
2021-02-27 10:06:20+0000 [-] OVPN 4 OUT: 'Sat Feb 27 10:06:20 2021 37.111.4.139:42688 TLS Error: TLS handshake failed'
2021-02-27 10:06:20+0000 [-] OVPN 4 OUT: 'Sat Feb 27 10:06:20 2021 37.111.4.139:42688 SIGUSR1[soft,tls-error] received, client-instance restarting'
2021-02-27 10:06:20+0000 [-] OVPN 6 OUT: 'Sat Feb 27 10:06:20 2021 136.228.172.64:31278 TLS: Initial packet from [AF_INET]136.228.172.64:31278 (via [AF_INET]10.15.0.6%eth0), sid=2edd5bf3 b4f485ca'
2021-02-27 10:06:21+0000 [-] OVPN 7 OUT: 'Sat Feb 27 10:06:21 2021 htaywin1/136.228.174.56:20546 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #8 / time = (1614420177) Sat Feb 27 10:02:57 2021 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings'
2021-02-27 10:06:21+0000 [-] OVPN 7 OUT: 'Sat Feb 27 10:06:21 2021 htaywin1/136.228.174.56:20546 TLS Error: incoming packet authentication failed from [AF_INET]136.228.174.56:20546 (via [AF_INET]10.15.0.6%eth0)'
2021-02-27 10:06:21+0000 [-] OVPN 6 OUT: 'Sat Feb 27 10:06:21 2021 free/69.160.30.88:39829 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #8 / time = (1614420002) Sat Feb 27 10:00:02 2021 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings'
2021-02-27 10:06:21+0000 [-] OVPN 6 OUT: 'Sat Feb 27 10:06:21 2021 free/69.160.30.88:39829 TLS Error: incoming packet authentication failed from [AF_INET]69.160.30.88:39829 (via [AF_INET]10.15.0.6%eth0)'
2021-02-27 10:06:22+0000 [-] OVPN 6 OUT: 'Sat Feb 27 10:06:22 2021 136.228.172.64:31269 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)'
2021-02-27 10:06:22+0000 [-] OVPN 6 OUT: 'Sat Feb 27 10:06:22 2021 136.228.172.64:31269 TLS Error: TLS handshake failed'
2021-02-27 10:06:22+0000 [-] OVPN 6 OUT: 'Sat Feb 27 10:06:22 2021 136.228.172.64:31269 SIGUSR1[soft,tls-error] received, client-instance restarting'
2021-02-27 10:06:22+0000 [-] OVPN 7 OUT: 'Sat Feb 27 10:06:22 2021 htaywin1/136.228.174.56:20546 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #8 / time = (1614420177) Sat Feb 27 10:02:57 2021 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings'
2021-02-27 10:06:22+0000 [-] OVPN 7 OUT: 'Sat Feb 27 10:06:22 2021 htaywin1/136.228.174.56:20546 TLS Error: incoming packet authentication failed from [AF_INET]136.228.174.56:20546 (via [AF_INET]10.15.0.6%eth0)'
2021-02-27 10:06:22+0000 [-] OVPN 5 OUT: 'Sat Feb 27 10:06:22 2021 136.228.172.107:37738 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)'
2021-02-27 10:06:22+0000 [-] OVPN 5 OUT: 'Sat Feb 27 10:06:22 2021 136.228.172.107:37738 TLS Error: TLS handshake failed'
2021-02-27 10:06:22+0000 [-] OVPN 5 OUT: 'Sat Feb 27 10:06:22 2021 136.228.172.107:37738 SIGUSR1[soft,tls-error] received, client-instance restarting'
2021-02-27 10:06:22+0000 [-] OVPN 6 OUT: 'Sat Feb 27 10:06:22 2021 free/69.160.30.88:39829 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #8 / time = (1614420002) Sat Feb 27 10:00:02 2021 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings'
2021-02-27 10:06:22+0000 [-] OVPN 6 OUT: 'Sat Feb 27 10:06:22 2021 free/69.160.30.88:39829 TLS Error: incoming packet authentication failed from [AF_INET]69.160.30.88:39829 (via [AF_INET]10.15.0.6%eth0)'
2021-02-27 10:06:22+0000 [-] OVPN 5 OUT: 'Sat Feb 27 10:06:22 2021 136.228.172.107:37750 TLS: Initial packet from [AF_INET]136.228.172.107:37750 (via [AF_INET]10
Last edited by Pippin on Sat Feb 27, 2021 11:21 am, edited 1 time in total.
Reason: Formatting
Reason: Formatting
-
Pippin
- Forum Team
- Posts: 1201
- Joined: Wed Jul 01, 2015 8:03 am
- Location: irc://irc.libera.chat:6697/openvpn
Re: why seeing private key in the config from the server
Be so kind and use code tags,
Thanks
Thanks
I gloomily came to the ironic conclusion that if you take a highly intelligent person and give them the best possible, elite education, then you will most likely wind up with an academic who is completely impervious to reality.
Halton Arp
Halton Arp