Connection stalls

This forum is for admins who are looking to build or expand their OpenVPN setup.
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
markr
OpenVpn Newbie
Posts: 1
Joined: Tue Sep 07, 2010 7:54 pm

Connection stalls

Post by markr » Tue Sep 07, 2010 8:38 pm

I'm sorry to bring up this issue as it is discussed often. But unfortunately, none of the solutions I could find helped me. So...

I set up a OpenVPN connection. Can ping/ssh etc. Big transfers like running scp starts at full speed, but always after about 2 MB they stall. The transfer resumes but the speed get extreme slow (lots of stalling).

I tried all mssfix/fraqment/tun-mtu 1000/1200/1300/1400 setting I could think of, but never got a reliable connection. It's driving me mad. Grr. So perhaps any of you can help me towards a fix. Would be really really great!!!

mtu-test gave:
  • Empirical MTU test completed [Tried,Actual] local->remote=[1541,1437] remote->local=[1541,1445]
Server side log:
  • Sep 7 22:26:08 alkmene openvpn[24341]: Current Parameter Settings:
    Sep 7 22:26:08 alkmene openvpn[24341]: config = 'server.conf'
    Sep 7 22:26:08 alkmene openvpn[24341]: mode = 1
    Sep 7 22:26:08 alkmene openvpn[24341]: persist_config = DISABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: persist_mode = 1
    Sep 7 22:26:08 alkmene openvpn[24341]: show_ciphers = DISABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: show_digests = DISABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: show_engines = DISABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: genkey = DISABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: key_pass_file = '[UNDEF]'
    Sep 7 22:26:08 alkmene openvpn[24341]: show_tls_ciphers = DISABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: Connection profiles [default]:
    Sep 7 22:26:08 alkmene openvpn[24341]: proto = udp
    Sep 7 22:26:08 alkmene openvpn[24341]: local = '[UNDEF]'
    Sep 7 22:26:08 alkmene openvpn[24341]: local_port = 1194
    Sep 7 22:26:08 alkmene openvpn[24341]: remote = '[UNDEF]'
    Sep 7 22:26:08 alkmene openvpn[24341]: remote_port = 1194
    Sep 7 22:26:08 alkmene openvpn[24341]: remote_float = DISABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: bind_defined = DISABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: bind_local = ENABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: connect_retry_seconds = 5
    Sep 7 22:26:08 alkmene openvpn[24341]: connect_timeout = 10
    Sep 7 22:26:08 alkmene openvpn[24341]: connect_retry_max = 0
    Sep 7 22:26:08 alkmene openvpn[24341]: socks_proxy_server = '[UNDEF]'
    Sep 7 22:26:08 alkmene openvpn[24341]: socks_proxy_port = 0
    Sep 7 22:26:08 alkmene openvpn[24341]: socks_proxy_retry = DISABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: Connection profiles END
    Sep 7 22:26:08 alkmene openvpn[24341]: remote_random = DISABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: ipchange = '[UNDEF]'
    Sep 7 22:26:08 alkmene openvpn[24341]: dev = 'tun'
    Sep 7 22:26:08 alkmene openvpn[24341]: dev_type = '[UNDEF]'
    Sep 7 22:26:08 alkmene openvpn[24341]: dev_node = '[UNDEF]'
    Sep 7 22:26:08 alkmene openvpn[24341]: lladdr = '[UNDEF]'
    Sep 7 22:26:08 alkmene openvpn[24341]: topology = 1
    Sep 7 22:26:08 alkmene openvpn[24341]: tun_ipv6 = DISABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: ifconfig_local = '10.8.0.1'
    Sep 7 22:26:08 alkmene openvpn[24341]: ifconfig_remote_netmask = '10.8.0.2'
    Sep 7 22:26:08 alkmene openvpn[24341]: ifconfig_noexec = DISABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: ifconfig_nowarn = DISABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: shaper = 0
    Sep 7 22:26:08 alkmene openvpn[24341]: tun_mtu = 1500
    Sep 7 22:26:08 alkmene openvpn[24341]: tun_mtu_defined = ENABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: link_mtu = 1500
    Sep 7 22:26:08 alkmene openvpn[24341]: link_mtu_defined = DISABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: tun_mtu_extra = 0
    Sep 7 22:26:08 alkmene openvpn[24341]: tun_mtu_extra_defined = DISABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: fragment = 0
    Sep 7 22:26:08 alkmene openvpn[24341]: mtu_discover_type = -1
    Sep 7 22:26:08 alkmene openvpn[24341]: mtu_test = 0
    Sep 7 22:26:08 alkmene openvpn[24341]: mlock = DISABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: keepalive_ping = 10
    Sep 7 22:26:08 alkmene openvpn[24341]: keepalive_timeout = 120
    Sep 7 22:26:08 alkmene openvpn[24341]: inactivity_timeout = 0
    Sep 7 22:26:08 alkmene openvpn[24341]: ping_send_timeout = 10
    Sep 7 22:26:08 alkmene openvpn[24341]: ping_rec_timeout = 240
    Sep 7 22:26:08 alkmene openvpn[24341]: ping_rec_timeout_action = 2
    Sep 7 22:26:08 alkmene openvpn[24341]: ping_timer_remote = DISABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: remap_sigusr1 = 0
    Sep 7 22:26:08 alkmene openvpn[24341]: explicit_exit_notification = 0
    Sep 7 22:26:08 alkmene openvpn[24341]: persist_tun = ENABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: persist_local_ip = DISABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: persist_remote_ip = DISABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: persist_key = ENABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: mssfix = 1450
    Sep 7 22:26:08 alkmene openvpn[24341]: passtos = DISABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: resolve_retry_seconds = 1000000000
    Sep 7 22:26:08 alkmene openvpn[24341]: username = 'nobody'
    Sep 7 22:26:08 alkmene openvpn[24341]: groupname = 'nobody'
    Sep 7 22:26:08 alkmene openvpn[24341]: chroot_dir = '[UNDEF]'
    Sep 7 22:26:08 alkmene openvpn[24341]: cd_dir = '/etc/openvpn'
    Sep 7 22:26:08 alkmene openvpn[24341]: selinux_context = '[UNDEF]'
    Sep 7 22:26:08 alkmene openvpn[24341]: writepid = '/var/run/openvpn/server.pid'
    Sep 7 22:26:08 alkmene openvpn[24341]: up_script = '[UNDEF]'
    Sep 7 22:26:08 alkmene openvpn[24341]: down_script = '[UNDEF]'
    Sep 7 22:26:08 alkmene openvpn[24341]: down_pre = DISABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: up_restart = DISABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: up_delay = DISABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: daemon = ENABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: inetd = 0
    Sep 7 22:26:08 alkmene openvpn[24341]: log = DISABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: suppress_timestamps = DISABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: nice = 0
    Sep 7 22:26:08 alkmene openvpn[24341]: verbosity = 5
    Sep 7 22:26:08 alkmene openvpn[24341]: mute = 0
    Sep 7 22:26:08 alkmene openvpn[24341]: gremlin = 0
    Sep 7 22:26:08 alkmene openvpn[24341]: status_file = 'openvpn-status.log'
    Sep 7 22:26:08 alkmene openvpn[24341]: status_file_version = 1
    Sep 7 22:26:08 alkmene openvpn[24341]: status_file_update_freq = 60
    Sep 7 22:26:08 alkmene openvpn[24341]: occ = ENABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: rcvbuf = 65536
    Sep 7 22:26:08 alkmene openvpn[24341]: sndbuf = 65536
    Sep 7 22:26:08 alkmene openvpn[24341]: sockflags = 0
    Sep 7 22:26:08 alkmene openvpn[24341]: fast_io = DISABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: lzo = 7
    Sep 7 22:26:08 alkmene openvpn[24341]: route_script = '[UNDEF]'
    Sep 7 22:26:08 alkmene openvpn[24341]: route_default_gateway = '[UNDEF]'
    Sep 7 22:26:08 alkmene openvpn[24341]: route_default_metric = 0
    Sep 7 22:26:08 alkmene openvpn[24341]: route_noexec = DISABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: route_delay = 0
    Sep 7 22:26:08 alkmene openvpn[24341]: route_delay_window = 30
    Sep 7 22:26:08 alkmene openvpn[24341]: route_delay_defined = DISABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: route_nopull = DISABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: route_gateway_via_dhcp = DISABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: max_routes = 100
    Sep 7 22:26:08 alkmene openvpn[24341]: allow_pull_fqdn = DISABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: route 10.8.0.0/255.255.255.0/nil/nil
    Sep 7 22:26:08 alkmene openvpn[24341]: management_addr = '[UNDEF]'
    Sep 7 22:26:08 alkmene openvpn[24341]: management_port = 0
    Sep 7 22:26:08 alkmene openvpn[24341]: management_user_pass = '[UNDEF]'
    Sep 7 22:26:08 alkmene openvpn[24341]: management_log_history_cache = 250
    Sep 7 22:26:08 alkmene openvpn[24341]: management_echo_buffer_size = 100
    Sep 7 22:26:08 alkmene openvpn[24341]: management_write_peer_info_file = '[UNDEF]'
    Sep 7 22:26:08 alkmene openvpn[24341]: management_client_user = '[UNDEF]'
    Sep 7 22:26:08 alkmene openvpn[24341]: management_client_group = '[UNDEF]'
    Sep 7 22:26:08 alkmene openvpn[24341]: management_flags = 0
    Sep 7 22:26:08 alkmene openvpn[24341]: shared_secret_file = '[UNDEF]'
    Sep 7 22:26:08 alkmene openvpn[24341]: key_direction = 0
    Sep 7 22:26:08 alkmene openvpn[24341]: ciphername_defined = ENABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: ciphername = 'BF-CBC'
    Sep 7 22:26:08 alkmene openvpn[24341]: authname_defined = ENABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: authname = 'SHA1'
    Sep 7 22:26:08 alkmene openvpn[24341]: prng_hash = 'SHA1'
    Sep 7 22:26:08 alkmene openvpn[24341]: prng_nonce_secret_len = 16
    Sep 7 22:26:08 alkmene openvpn[24341]: keysize = 0
    Sep 7 22:26:08 alkmene openvpn[24341]: engine = DISABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: replay = ENABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: mute_replay_warnings = DISABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: replay_window = 64
    Sep 7 22:26:08 alkmene openvpn[24341]: replay_time = 15
    Sep 7 22:26:08 alkmene openvpn[24341]: packet_id_file = '[UNDEF]'
    Sep 7 22:26:08 alkmene openvpn[24341]: use_iv = ENABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: test_crypto = DISABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: tls_server = ENABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: tls_client = DISABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: key_method = 2
    Sep 7 22:26:08 alkmene openvpn[24341]: ca_file = '/etc/pki/tls/certs/root-in2sports.crt'
    Sep 7 22:26:08 alkmene openvpn[24341]: ca_path = '[UNDEF]'
    Sep 7 22:26:08 alkmene openvpn[24341]: dh_file = '/etc/openvpn/dh2048.pem'
    Sep 7 22:26:08 alkmene openvpn[24341]: cert_file = '/etc/pki/tls/certs/alkmene.in2office.net.crt'
    Sep 7 22:26:08 alkmene openvpn[24341]: priv_key_file = '/etc/pki/tls/private/alkmene.in2office.net.key'
    Sep 7 22:26:08 alkmene openvpn[24341]: pkcs12_file = '[UNDEF]'
    Sep 7 22:26:08 alkmene openvpn[24341]: cipher_list = '[UNDEF]'
    Sep 7 22:26:08 alkmene openvpn[24341]: tls_verify = '[UNDEF]'
    Sep 7 22:26:08 alkmene openvpn[24341]: tls_remote = '[UNDEF]'
    Sep 7 22:26:08 alkmene openvpn[24341]: crl_file = '[UNDEF]'
    Sep 7 22:26:08 alkmene openvpn[24341]: ns_cert_type = 0
    Sep 7 22:26:08 alkmene openvpn[24341]: remote_cert_ku = 0
    Sep 7 22:26:08 alkmene last message repeated 15 times
    Sep 7 22:26:08 alkmene openvpn[24341]: remote_cert_eku = '[UNDEF]'
    Sep 7 22:26:08 alkmene openvpn[24341]: tls_timeout = 2
    Sep 7 22:26:08 alkmene openvpn[24341]: renegotiate_bytes = 0
    Sep 7 22:26:08 alkmene openvpn[24341]: renegotiate_packets = 0
    Sep 7 22:26:08 alkmene openvpn[24341]: renegotiate_seconds = 3600
    Sep 7 22:26:08 alkmene openvpn[24341]: handshake_window = 60
    Sep 7 22:26:08 alkmene openvpn[24341]: transition_window = 3600
    Sep 7 22:26:08 alkmene openvpn[24341]: single_session = DISABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: tls_exit = DISABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: tls_auth_file = '[UNDEF]'
    Sep 7 22:26:08 alkmene openvpn[24341]: pkcs11_protected_authentication = DISABLED
    Sep 7 22:26:08 alkmene last message repeated 15 times
    Sep 7 22:26:08 alkmene openvpn[24341]: pkcs11_private_mode = 00000000
    Sep 7 22:26:08 alkmene last message repeated 15 times
    Sep 7 22:26:08 alkmene openvpn[24341]: pkcs11_cert_private = DISABLED
    Sep 7 22:26:08 alkmene last message repeated 15 times
    Sep 7 22:26:08 alkmene openvpn[24341]: pkcs11_pin_cache_period = -1
    Sep 7 22:26:08 alkmene openvpn[24341]: pkcs11_id = '[UNDEF]'
    Sep 7 22:26:08 alkmene openvpn[24341]: pkcs11_id_management = DISABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: server_network = 10.8.0.0
    Sep 7 22:26:08 alkmene openvpn[24341]: server_netmask = 255.255.255.0
    Sep 7 22:26:08 alkmene openvpn[24341]: server_bridge_ip = 0.0.0.0
    Sep 7 22:26:08 alkmene openvpn[24341]: server_bridge_netmask = 0.0.0.0
    Sep 7 22:26:08 alkmene openvpn[24341]: server_bridge_pool_start = 0.0.0.0
    Sep 7 22:26:08 alkmene openvpn[24341]: server_bridge_pool_end = 0.0.0.0
    Sep 7 22:26:08 alkmene openvpn[24341]: push_entry = 'route 192.168.24.0 255.255.255.0'
    Sep 7 22:26:08 alkmene openvpn[24341]: push_entry = 'dhcp-option DNS 192.168.24.12'
    Sep 7 22:26:08 alkmene openvpn[24341]: push_entry = 'route 10.8.0.1'
    Sep 7 22:26:08 alkmene openvpn[24341]: push_entry = 'topology net30'
    Sep 7 22:26:08 alkmene openvpn[24341]: push_entry = 'ping 10'
    Sep 7 22:26:08 alkmene openvpn[24341]: push_entry = 'ping-restart 120'
    Sep 7 22:26:08 alkmene openvpn[24341]: ifconfig_pool_defined = ENABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: ifconfig_pool_start = 10.8.0.4
    Sep 7 22:26:08 alkmene openvpn[24341]: ifconfig_pool_end = 10.8.0.251
    Sep 7 22:26:08 alkmene openvpn[24341]: ifconfig_pool_netmask = 0.0.0.0
    Sep 7 22:26:08 alkmene openvpn[24341]: ifconfig_pool_persist_filename = 'ipp.txt'
    Sep 7 22:26:08 alkmene openvpn[24341]: ifconfig_pool_persist_refresh_freq = 600
    Sep 7 22:26:08 alkmene openvpn[24341]: n_bcast_buf = 256
    Sep 7 22:26:08 alkmene openvpn[24341]: tcp_queue_limit = 64
    Sep 7 22:26:08 alkmene openvpn[24341]: real_hash_size = 256
    Sep 7 22:26:08 alkmene openvpn[24341]: virtual_hash_size = 256
    Sep 7 22:26:08 alkmene openvpn[24341]: client_connect_script = '[UNDEF]'
    Sep 7 22:26:08 alkmene openvpn[24341]: learn_address_script = '[UNDEF]'
    Sep 7 22:26:08 alkmene openvpn[24341]: client_disconnect_script = '[UNDEF]'
    Sep 7 22:26:08 alkmene openvpn[24341]: client_config_dir = '[UNDEF]'
    Sep 7 22:26:08 alkmene openvpn[24341]: ccd_exclusive = DISABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: tmp_dir = '[UNDEF]'
    Sep 7 22:26:08 alkmene openvpn[24341]: push_ifconfig_defined = DISABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: push_ifconfig_local = 0.0.0.0
    Sep 7 22:26:08 alkmene openvpn[24341]: push_ifconfig_remote_netmask = 0.0.0.0
    Sep 7 22:26:08 alkmene openvpn[24341]: enable_c2c = DISABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: duplicate_cn = DISABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: cf_max = 0
    Sep 7 22:26:08 alkmene openvpn[24341]: cf_per = 0
    Sep 7 22:26:08 alkmene openvpn[24341]: max_clients = 1024
    Sep 7 22:26:08 alkmene openvpn[24341]: max_routes_per_client = 256
    Sep 7 22:26:08 alkmene openvpn[24341]: auth_user_pass_verify_script = '[UNDEF]'
    Sep 7 22:26:08 alkmene openvpn[24341]: auth_user_pass_verify_script_via_file = DISABLED
    Sep 7 22:26:08 alkmene openvpn[24341]: ssl_flags = 0
    Sep 7 22:26:08 alkmene openvpn[24341]: port_share_host = '[UNDEF]'
    Sep 7 22:26:08 alkmene openvpn[24341]: port_share_port = 0
    Sep 7 22:26:08 alkmene openvpn[24341]: client = DISABLED
    Sep 7 22:26:09 alkmene openvpn[24341]: pull = DISABLED
    Sep 7 22:26:09 alkmene openvpn[24341]: auth_user_pass_file = '[UNDEF]'
    Sep 7 22:26:09 alkmene openvpn[24341]: OpenVPN 2.1.1 x86_64-redhat-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] built on Jan 26 2010
    Sep 7 22:26:09 alkmene openvpn[24341]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
    Sep 7 22:26:09 alkmene openvpn[24341]: Diffie-Hellman initialized with 2048 bit key
    Sep 7 22:26:09 alkmene openvpn[24341]: TLS-Auth MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
    Sep 7 22:26:09 alkmene openvpn[24341]: ROUTE default_gateway=192.168.24.1
    Sep 7 22:26:09 alkmene openvpn[24341]: TUN/TAP device tun0 opened
    Sep 7 22:26:09 alkmene openvpn[24341]: TUN/TAP TX queue length set to 100
    Sep 7 22:26:09 alkmene openvpn[24341]: /sbin/ip link set dev tun0 up mtu 1500
    Sep 7 22:26:09 alkmene openvpn[24341]: /sbin/ip addr add dev tun0 local 10.8.0.1 peer 10.8.0.2
    Sep 7 22:26:09 alkmene openvpn[24341]: /sbin/ip route add 10.8.0.0/24 via 10.8.0.2
    Sep 7 22:26:09 alkmene openvpn[24341]: Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
    Sep 7 22:26:09 alkmene openvpn[24349]: GID set to nobody
    Sep 7 22:26:09 alkmene openvpn[24349]: UID set to nobody
    Sep 7 22:26:09 alkmene openvpn[24349]: Socket Buffers: R=[129024->131072] S=[129024->131072]
    Sep 7 22:26:09 alkmene openvpn[24349]: UDPv4 link local (bound): [undef]:1194
    Sep 7 22:26:09 alkmene openvpn[24349]: UDPv4 link remote: [undef]
    Sep 7 22:26:09 alkmene openvpn[24349]: MULTI: multi_init called, r=256 v=256
    Sep 7 22:26:09 alkmene openvpn[24349]: IFCONFIG POOL: base=10.8.0.4 size=62
    Sep 7 22:26:09 alkmene openvpn[24349]: IFCONFIG POOL LIST
    Sep 7 22:26:09 alkmene openvpn[24349]: mark.ruys,10.8.0.4
    Sep 7 22:26:09 alkmene openvpn[24349]: nagios,10.8.0.8
    Sep 7 22:26:09 alkmene openvpn[24349]: backupuser,10.8.0.12
    Sep 7 22:26:09 alkmene openvpn[24349]: Initialization Sequence Completed
    Sep 7 22:26:15 alkmene openvpn[24349]: MULTI: multi_create_instance called
    Sep 7 22:26:15 alkmene openvpn[24349]: 194.43.22.59:54087 Re-using SSL/TLS context
    Sep 7 22:26:15 alkmene openvpn[24349]: 194.43.22.59:54087 LZO compression initialized
    Sep 7 22:26:15 alkmene openvpn[24349]: 194.43.22.59:54087 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
    Sep 7 22:26:15 alkmene openvpn[24349]: 194.43.22.59:54087 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
    Sep 7 22:26:15 alkmene openvpn[24349]: 194.43.22.59:54087 Local Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
    Sep 7 22:26:15 alkmene openvpn[24349]: 194.43.22.59:54087 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
    Sep 7 22:26:15 alkmene openvpn[24349]: 194.43.22.59:54087 Local Options hash (VER=V4): '530fdded'
    Sep 7 22:26:15 alkmene openvpn[24349]: 194.43.22.59:54087 Expected Remote Options hash (VER=V4): '41690919'
    Sep 7 22:26:15 alkmene openvpn[24349]: 194.43.22.59:54087 TLS: Initial packet from 194.43.22.59:54087, sid=c0f6031e d0a7f02e
    Sep 7 22:26:15 alkmene openvpn[24349]: 194.43.22.59:54087 VERIFY OK: depth=1, /C=NL/L=Geldermalsen/O=In2sports/CN=ROOTCA-in2sports/emailAddress=mark.ruys@in2sports.net
    Sep 7 22:26:15 alkmene openvpn[24349]: 194.43.22.59:54087 VERIFY OK: depth=0, /C=NL/L=Geldermalsen/O=In2sports/CN=backupuser/emailAddress=mark.ruys@in2sports.net
    Sep 7 22:26:15 alkmene openvpn[24349]: 194.43.22.59:54087 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
    Sep 7 22:26:15 alkmene openvpn[24349]: 194.43.22.59:54087 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Sep 7 22:26:15 alkmene openvpn[24349]: 194.43.22.59:54087 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
    Sep 7 22:26:15 alkmene openvpn[24349]: 194.43.22.59:54087 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Sep 7 22:26:15 alkmene openvpn[24349]: 194.43.22.59:54087 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
    Sep 7 22:26:15 alkmene openvpn[24349]: 194.43.22.59:54087 [backupuser] Peer Connection Initiated with 194.43.22.59:54087
    Sep 7 22:26:15 alkmene openvpn[24349]: backupuser/194.43.22.59:54087 MULTI: Learn: 10.8.0.14 -> backupuser/194.43.22.59:54087
    Sep 7 22:26:15 alkmene openvpn[24349]: backupuser/194.43.22.59:54087 MULTI: primary virtual IP for backupuser/194.43.22.59:54087: 10.8.0.14
    Sep 7 22:26:17 alkmene openvpn[24349]: backupuser/194.43.22.59:54087 PUSH: Received control message: 'PUSH_REQUEST'
    Sep 7 22:26:17 alkmene openvpn[24349]: backupuser/194.43.22.59:54087 SENT CONTROL [backupuser]: 'PUSH_REPLY,route 192.168.24.0 255.255.255.0,dhcp-option DNS 192.168.24.12,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.14 10.8.0.13' (status=1)
    Sep 7 22:27:53 alkmene openvpn[24349]: mark.ruys/188.142.56.16:57482 Bad LZO decompression header byte: 0
    Sep 7 22:28:02 alkmene openvpn[24349]: mark.ruys/188.142.56.16:57482 Bad LZO decompression header byte: 0


Client side:
  • Sep 7 22:26:14 billy openvpn[12015]: OpenVPN 2.1.1 x86_64-redhat-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] built on Jan 26 2010
    Sep 7 22:26:14 billy openvpn[12015]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
    Sep 7 22:26:14 billy openvpn[12015]: LZO compression initialized
    Sep 7 22:26:14 billy openvpn[12015]: Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
    Sep 7 22:26:15 billy openvpn[12015]: Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
    Sep 7 22:26:15 billy openvpn[12015]: Local Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
    Sep 7 22:26:15 billy openvpn[12015]: Expected Remote Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
    Sep 7 22:26:15 billy openvpn[12015]: Local Options hash (VER=V4): '41690919'
    Sep 7 22:26:15 billy openvpn[12015]: Expected Remote Options hash (VER=V4): '530fdded'
    Sep 7 22:26:15 billy openvpn[12016]: NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
    Sep 7 22:26:15 billy openvpn[12016]: Socket Buffers: R=[129024->131072] S=[129024->131072]
    Sep 7 22:26:15 billy openvpn[12016]: UDPv4 link local: [undef]
    Sep 7 22:26:15 billy openvpn[12016]: UDPv4 link remote: 194.99.22.82:1194
    Sep 7 22:26:15 billy openvpn[12016]: TLS: Initial packet from 194.99.22.82:1194, sid=ab5b59ed aaee30dd
    Sep 7 22:26:15 billy openvpn[12016]: VERIFY OK: depth=1, /C=NL/L=Geldermalsen/O=In2sports/CN=ROOTCA-in2sports/emailAddress=mark.ruys@in2sports.net
    Sep 7 22:26:15 billy openvpn[12016]: VERIFY OK: nsCertType=SERVER
    Sep 7 22:26:15 billy openvpn[12016]: VERIFY OK: depth=0, /C=NL/L=Geldermalsen/O=In2sports/CN=alkmene.in2office.net/emailAddress=mark.ruys@in2sports.net
    Sep 7 22:26:15 billy openvpn[12016]: Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
    Sep 7 22:26:15 billy openvpn[12016]: Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Sep 7 22:26:15 billy openvpn[12016]: Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
    Sep 7 22:26:15 billy openvpn[12016]: Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Sep 7 22:26:15 billy openvpn[12016]: Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
    Sep 7 22:26:15 billy openvpn[12016]: [alkmene.in2office.net] Peer Connection Initiated with 194.99.22.82:1194
    Sep 7 22:26:17 billy openvpn[12016]: SENT CONTROL [alkmene.in2office.net]: 'PUSH_REQUEST' (status=1)
    Sep 7 22:26:17 billy openvpn[12016]: PUSH: Received control message: 'PUSH_REPLY,route 192.168.24.0 255.255.255.0,dhcp-option DNS 192.168.24.12,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.14 10.8.0.13'
    Sep 7 22:26:17 billy openvpn[12016]: OPTIONS IMPORT: timers and/or timeouts modified
    Sep 7 22:26:17 billy openvpn[12016]: OPTIONS IMPORT: --ifconfig/up options modified
    Sep 7 22:26:17 billy openvpn[12016]: OPTIONS IMPORT: route options modified
    Sep 7 22:26:17 billy openvpn[12016]: OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
    Sep 7 22:26:17 billy openvpn[12016]: ROUTE default_gateway=194.43.22.49
    Sep 7 22:26:17 billy openvpn[12016]: TUN/TAP device tun0 opened
    Sep 7 22:26:17 billy openvpn[12016]: TUN/TAP TX queue length set to 100
    Sep 7 22:26:17 billy openvpn[12016]: /sbin/ip link set dev tun0 up mtu 1500
    Sep 7 22:26:17 billy openvpn[12016]: /sbin/ip addr add dev tun0 local 10.8.0.14 peer 10.8.0.13
    Sep 7 22:26:17 billy openvpn[12016]: /sbin/ip route add 192.168.24.0/24 via 10.8.0.13
    Sep 7 22:26:17 billy openvpn[12016]: /sbin/ip route add 10.8.0.1/32 via 10.8.0.13
    Sep 7 22:26:17 billy openvpn[12016]: GID set to nobody
    Sep 7 22:26:17 billy openvpn[12016]: UID set to nobody
    Sep 7 22:26:17 billy openvpn[12016]: Initialization Sequence Completed

Post Reply