Client connected but no access to server (Windows -> Ubuntu)

This forum is for general conversation and user-user networking.
Post Reply
marsman
OpenVpn Newbie
Posts: 5
Joined: Mon Jun 19, 2017 5:41 am

Client connected but no access to server (Windows -> Ubuntu)

Post by marsman » Mon Jun 19, 2017 6:15 am

Hi,

I'm new to OpenVPN. I have installed OpenVPN server V2.1.6 on my virtual hosted Ubuntu server and the client V 2.4.2 on my Windows 10 machine at home. I'm starting OpenVPN client as administrator and connecting succesfull to the server. But when I try to access tomcat management console thru the tunnel for example (http://10.8.0.6:8080), connection fails. Ping to 10.8.0.6 runs succesful. May anyone please help me. Thanks in advance.

Titus

Client log:

Code: Select all

Mon Jun 19 07:56:24 2017 OpenVPN 2.4.2 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on May 11 2017
Mon Jun 19 07:56:24 2017 Windows version 6.2 (Windows 8 or greater) 64bit
Mon Jun 19 07:56:24 2017 library versions: OpenSSL 1.0.2k  26 Jan 2017, LZO 2.10
Enter Management Password:
Mon Jun 19 07:56:24 2017 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Mon Jun 19 07:56:24 2017 Need hold release from management interface, waiting...
Mon Jun 19 07:56:24 2017 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Mon Jun 19 07:56:24 2017 MANAGEMENT: CMD 'state on'
Mon Jun 19 07:56:24 2017 MANAGEMENT: CMD 'log all on'
Mon Jun 19 07:56:24 2017 MANAGEMENT: CMD 'echo all on'
Mon Jun 19 07:56:24 2017 MANAGEMENT: CMD 'hold off'
Mon Jun 19 07:56:24 2017 MANAGEMENT: CMD 'hold release'
Mon Jun 19 07:56:30 2017 MANAGEMENT: CMD 'password [...]'
Mon Jun 19 07:56:30 2017 MANAGEMENT: >STATE:1497851790,RESOLVE,,,,,,
Mon Jun 19 07:56:30 2017 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:1194
Mon Jun 19 07:56:30 2017 Socket Buffers: R=[65536->65536] S=[65536->65536]
Mon Jun 19 07:56:30 2017 UDP link local: (not bound)
Mon Jun 19 07:56:30 2017 UDP link remote: [AF_INET]x.x.x.x:1194
Mon Jun 19 07:56:30 2017 MANAGEMENT: >STATE:1497851790,WAIT,,,,,,
Mon Jun 19 07:56:30 2017 MANAGEMENT: >STATE:1497851790,AUTH,,,,,,
Mon Jun 19 07:56:30 2017 TLS: Initial packet from [AF_INET]x.x.x.x:1194, sid=59351699 48c52749
Mon Jun 19 07:56:30 2017 VERIFY OK: depth=1, C=DE, ST=Hamburg, L=Hamburg, O=Tikron, CN=myserver.serverprofi24.de, name=VServer, emailAddress=webmaster@mydomain
Mon Jun 19 07:56:30 2017 VERIFY KU OK
Mon Jun 19 07:56:30 2017 Validating certificate extended key usage
Mon Jun 19 07:56:30 2017 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Mon Jun 19 07:56:30 2017 VERIFY EKU OK
Mon Jun 19 07:56:30 2017 VERIFY OK: depth=0, C=DE, ST=Hamburg, L=Hamburg, O=Tikron, CN=myserver.serverprofi24.de, name=VServer, emailAddress=webmaster@mydomain
Mon Jun 19 07:56:30 2017 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Mon Jun 19 07:56:30 2017 [myserver.serverprofi24.de] Peer Connection Initiated with [AF_INET]x.x.x.x:1194
Mon Jun 19 07:56:32 2017 MANAGEMENT: >STATE:1497851792,GET_CONFIG,,,,,,
Mon Jun 19 07:56:32 2017 SENT CONTROL [myserver.serverprofi24.de]: 'PUSH_REQUEST' (status=1)
Mon Jun 19 07:56:32 2017 PUSH: Received control message: 'PUSH_REPLY,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5'
Mon Jun 19 07:56:32 2017 OPTIONS IMPORT: timers and/or timeouts modified
Mon Jun 19 07:56:32 2017 OPTIONS IMPORT: --ifconfig/up options modified
Mon Jun 19 07:56:32 2017 OPTIONS IMPORT: route options modified
Mon Jun 19 07:56:32 2017 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mon Jun 19 07:56:32 2017 WARNING: INSECURE cipher with block size less than 128 bit (64 bit).  This allows attacks like SWEET32.  Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Mon Jun 19 07:56:32 2017 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Jun 19 07:56:32 2017 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mon Jun 19 07:56:32 2017 WARNING: INSECURE cipher with block size less than 128 bit (64 bit).  This allows attacks like SWEET32.  Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Mon Jun 19 07:56:32 2017 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Jun 19 07:56:32 2017 WARNING: cipher with small block size in use, reducing reneg-bytes to 64MB to mitigate SWEET32 attacks.
Mon Jun 19 07:56:32 2017 interactive service msg_channel=0
Mon Jun 19 07:56:32 2017 ROUTE_GATEWAY 192.168.2.1/255.255.255.0 I=4 HWADDR=00:1a:4d:58:0e:9c
Mon Jun 19 07:56:32 2017 open_tun
Mon Jun 19 07:56:32 2017 TAP-WIN32 device [Ethernet 2] opened: \\.\Global\{78A562A2-88E7-4A96-88AA-3590A4DC43E6}.tap
Mon Jun 19 07:56:32 2017 TAP-Windows Driver Version 9.21 
Mon Jun 19 07:56:32 2017 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.8.0.6/255.255.255.252 on interface {78A562A2-88E7-4A96-88AA-3590A4DC43E6} [DHCP-serv: 10.8.0.5, lease-time: 31536000]
Mon Jun 19 07:56:32 2017 Successful ARP Flush on interface [10] {78A562A2-88E7-4A96-88AA-3590A4DC43E6}
Mon Jun 19 07:56:32 2017 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Mon Jun 19 07:56:32 2017 MANAGEMENT: >STATE:1497851792,ASSIGN_IP,,10.8.0.6,,,,
Mon Jun 19 07:56:37 2017 TEST ROUTES: 1/1 succeeded len=1 ret=1 a=0 u/d=up
Mon Jun 19 07:56:37 2017 MANAGEMENT: >STATE:1497851797,ADD_ROUTES,,,,,,
Mon Jun 19 07:56:37 2017 C:\WINDOWS\system32\route.exe ADD 10.8.0.1 MASK 255.255.255.255 10.8.0.5
Mon Jun 19 07:56:37 2017 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=35 and dwForwardType=4
Mon Jun 19 07:56:37 2017 Route addition via IPAPI succeeded [adaptive]
Mon Jun 19 07:56:37 2017 Initialization Sequence Completed
Mon Jun 19 07:56:37 2017 MANAGEMENT: >STATE:1497851797,CONNECTED,SUCCESS,10.8.0.6,x.x.x.x,1194,,
Client conf:
Client Config.
client
dev tun
proto udp
remote myserver.serverprofi24.de 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client.crt
key client.key
remote-cert-tls server
comp-lzo
verb 3
auth-nocache
route print:

Code: Select all

===========================================================================
Schnittstellenliste
  4...00 1a 4d 58 0e 9c ......Realtek PCIe GBE Family Controller
 10...00 ff 78 a5 62 a2 ......TAP-Windows Adapter V9
  1...........................Software Loopback Interface 1
  5...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4-Routentabelle
===========================================================================
Aktive Routen:
     Netzwerkziel    Netzwerkmaske          Gateway    Schnittstelle Metrik
          0.0.0.0          0.0.0.0      192.168.2.1    192.168.2.112     35
         10.8.0.1  255.255.255.255         10.8.0.5         10.8.0.6     35
         10.8.0.4  255.255.255.252   Auf Verbindung          10.8.0.6    291
         10.8.0.6  255.255.255.255   Auf Verbindung          10.8.0.6    291
         10.8.0.7  255.255.255.255   Auf Verbindung          10.8.0.6    291
        127.0.0.0        255.0.0.0   Auf Verbindung         127.0.0.1    331
        127.0.0.1  255.255.255.255   Auf Verbindung         127.0.0.1    331
  127.255.255.255  255.255.255.255   Auf Verbindung         127.0.0.1    331
      192.168.2.0    255.255.255.0   Auf Verbindung     192.168.2.112    291
    192.168.2.112  255.255.255.255   Auf Verbindung     192.168.2.112    291
    192.168.2.255  255.255.255.255   Auf Verbindung     192.168.2.112    291
        224.0.0.0        240.0.0.0   Auf Verbindung         127.0.0.1    331
        224.0.0.0        240.0.0.0   Auf Verbindung     192.168.2.112    291
        224.0.0.0        240.0.0.0   Auf Verbindung          10.8.0.6    291
  255.255.255.255  255.255.255.255   Auf Verbindung         127.0.0.1    331
  255.255.255.255  255.255.255.255   Auf Verbindung     192.168.2.112    291
  255.255.255.255  255.255.255.255   Auf Verbindung          10.8.0.6    291
===========================================================================

...
Services:

"OpenVPN Interactive Service" -> running
"OpenVPN Legacy Service" -> manual
"OpenVPN Service" -> manual

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 2808
Joined: Fri Jun 03, 2016 1:17 pm

Re: Client connected but no access to server (Windows -> Ubuntu)

Post by TinCanTech » Mon Jun 19, 2017 12:11 pm

marsman wrote:I have installed OpenVPN server V2.1.6 on my virtual hosted Ubuntu server
Is that Openvpn-AccessServer ?

marsman
OpenVpn Newbie
Posts: 5
Joined: Mon Jun 19, 2017 5:41 am

Re: Client connected but no access to server (Windows -> Ubuntu)

Post by marsman » Mon Jun 19, 2017 12:29 pm

No. I don't think so.

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 2808
Joined: Fri Jun 03, 2016 1:17 pm

Re: Client connected but no access to server (Windows -> Ubuntu)

Post by TinCanTech » Mon Jun 19, 2017 12:47 pm


marsman
OpenVpn Newbie
Posts: 5
Joined: Mon Jun 19, 2017 5:41 am

Re: Client connected but no access to server (Windows -> Ubuntu)

Post by marsman » Mon Jun 19, 2017 3:33 pm

I'm using OpenVPN community edition V2.4.2. I've set verb = 4 and connected the client to the server (see logfiles). Then I tried some IPs, but no connection to remote service (x.x.x.x is the remote server IP):

http://10.8.0.1:8080/, http://10.8.0.6:8080/, http://x.x.x.x:8080/

OpenVPN server runs on Ubuntu 16.04 and client on Windows 10 pro 64bit.

Client log:

Code: Select all

Mon Jun 19 17:15:50 2017 us=225241 Current Parameter Settings:
Mon Jun 19 17:15:50 2017 us=225241   config = 'client.ovpn'
Mon Jun 19 17:15:50 2017 us=225241   mode = 0
Mon Jun 19 17:15:50 2017 us=225241   show_ciphers = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   show_digests = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   show_engines = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   genkey = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   key_pass_file = '[UNDEF]'
Mon Jun 19 17:15:50 2017 us=225241   show_tls_ciphers = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   connect_retry_max = 0
Mon Jun 19 17:15:50 2017 us=225241 Connection profiles [0]:
Mon Jun 19 17:15:50 2017 us=225241   proto = udp
Mon Jun 19 17:15:50 2017 us=225241   local = '[UNDEF]'
Mon Jun 19 17:15:50 2017 us=225241   local_port = '[UNDEF]'
Mon Jun 19 17:15:50 2017 us=225241   remote = 'myserver.serverprofi24.de'
Mon Jun 19 17:15:50 2017 us=225241   remote_port = '1194'
Mon Jun 19 17:15:50 2017 us=225241   remote_float = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   bind_defined = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   bind_local = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   bind_ipv6_only = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   connect_retry_seconds = 5
Mon Jun 19 17:15:50 2017 us=225241   connect_timeout = 120
Mon Jun 19 17:15:50 2017 us=225241   socks_proxy_server = '[UNDEF]'
Mon Jun 19 17:15:50 2017 us=225241   socks_proxy_port = '[UNDEF]'
Mon Jun 19 17:15:50 2017 us=225241   tun_mtu = 1500
Mon Jun 19 17:15:50 2017 us=225241   tun_mtu_defined = ENABLED
Mon Jun 19 17:15:50 2017 us=225241   link_mtu = 1500
Mon Jun 19 17:15:50 2017 us=225241   link_mtu_defined = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   tun_mtu_extra = 0
Mon Jun 19 17:15:50 2017 us=225241   tun_mtu_extra_defined = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   mtu_discover_type = -1
Mon Jun 19 17:15:50 2017 us=225241   fragment = 0
Mon Jun 19 17:15:50 2017 us=225241   mssfix = 1450
Mon Jun 19 17:15:50 2017 us=225241   explicit_exit_notification = 0
Mon Jun 19 17:15:50 2017 us=225241 Connection profiles END
Mon Jun 19 17:15:50 2017 us=225241   remote_random = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   ipchange = '[UNDEF]'
Mon Jun 19 17:15:50 2017 us=225241   dev = 'tun'
Mon Jun 19 17:15:50 2017 us=225241   dev_type = '[UNDEF]'
Mon Jun 19 17:15:50 2017 us=225241   dev_node = '[UNDEF]'
Mon Jun 19 17:15:50 2017 us=225241   lladdr = '[UNDEF]'
Mon Jun 19 17:15:50 2017 us=225241   topology = 1
Mon Jun 19 17:15:50 2017 us=225241   ifconfig_local = '[UNDEF]'
Mon Jun 19 17:15:50 2017 us=225241   ifconfig_remote_netmask = '[UNDEF]'
Mon Jun 19 17:15:50 2017 us=225241   ifconfig_noexec = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   ifconfig_nowarn = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   ifconfig_ipv6_local = '[UNDEF]'
Mon Jun 19 17:15:50 2017 us=225241   ifconfig_ipv6_netbits = 0
Mon Jun 19 17:15:50 2017 us=225241   ifconfig_ipv6_remote = '[UNDEF]'
Mon Jun 19 17:15:50 2017 us=225241   shaper = 0
Mon Jun 19 17:15:50 2017 us=225241   mtu_test = 0
Mon Jun 19 17:15:50 2017 us=225241   mlock = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   keepalive_ping = 0
Mon Jun 19 17:15:50 2017 us=225241   keepalive_timeout = 0
Mon Jun 19 17:15:50 2017 us=225241   inactivity_timeout = 0
Mon Jun 19 17:15:50 2017 us=225241   ping_send_timeout = 0
Mon Jun 19 17:15:50 2017 us=225241   ping_rec_timeout = 0
Mon Jun 19 17:15:50 2017 us=225241   ping_rec_timeout_action = 0
Mon Jun 19 17:15:50 2017 us=225241   ping_timer_remote = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   remap_sigusr1 = 0
Mon Jun 19 17:15:50 2017 us=225241   persist_tun = ENABLED
Mon Jun 19 17:15:50 2017 us=225241   persist_local_ip = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   persist_remote_ip = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   persist_key = ENABLED
Mon Jun 19 17:15:50 2017 us=225241   passtos = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   resolve_retry_seconds = 1000000000
Mon Jun 19 17:15:50 2017 us=225241   resolve_in_advance = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   username = '[UNDEF]'
Mon Jun 19 17:15:50 2017 us=225241   groupname = '[UNDEF]'
Mon Jun 19 17:15:50 2017 us=225241   chroot_dir = '[UNDEF]'
Mon Jun 19 17:15:50 2017 us=225241   cd_dir = '[UNDEF]'
Mon Jun 19 17:15:50 2017 us=225241   writepid = '[UNDEF]'
Mon Jun 19 17:15:50 2017 us=225241   up_script = '[UNDEF]'
Mon Jun 19 17:15:50 2017 us=225241   down_script = '[UNDEF]'
Mon Jun 19 17:15:50 2017 us=225241   down_pre = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   up_restart = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   up_delay = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   daemon = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   inetd = 0
Mon Jun 19 17:15:50 2017 us=225241   log = ENABLED
Mon Jun 19 17:15:50 2017 us=225241   suppress_timestamps = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   machine_readable_output = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   nice = 0
Mon Jun 19 17:15:50 2017 us=225241   verbosity = 4
Mon Jun 19 17:15:50 2017 us=225241   mute = 0
Mon Jun 19 17:15:50 2017 us=225241   gremlin = 0
Mon Jun 19 17:15:50 2017 us=225241   status_file = '[UNDEF]'
Mon Jun 19 17:15:50 2017 us=225241   status_file_version = 1
Mon Jun 19 17:15:50 2017 us=225241   status_file_update_freq = 60
Mon Jun 19 17:15:50 2017 us=225241   occ = ENABLED
Mon Jun 19 17:15:50 2017 us=225241   rcvbuf = 0
Mon Jun 19 17:15:50 2017 us=225241   sndbuf = 0
Mon Jun 19 17:15:50 2017 us=225241   sockflags = 0
Mon Jun 19 17:15:50 2017 us=225241   fast_io = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   comp.alg = 2
Mon Jun 19 17:15:50 2017 us=225241   comp.flags = 1
Mon Jun 19 17:15:50 2017 us=225241   route_script = '[UNDEF]'
Mon Jun 19 17:15:50 2017 us=225241   route_default_gateway = '[UNDEF]'
Mon Jun 19 17:15:50 2017 us=225241   route_default_metric = 0
Mon Jun 19 17:15:50 2017 us=225241   route_noexec = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   route_delay = 5
Mon Jun 19 17:15:50 2017 us=225241   route_delay_window = 30
Mon Jun 19 17:15:50 2017 us=225241   route_delay_defined = ENABLED
Mon Jun 19 17:15:50 2017 us=225241   route_nopull = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   route_gateway_via_dhcp = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   allow_pull_fqdn = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   management_addr = '127.0.0.1'
Mon Jun 19 17:15:50 2017 us=225241   management_port = '25340'
Mon Jun 19 17:15:50 2017 us=225241   management_user_pass = 'stdin'
Mon Jun 19 17:15:50 2017 us=225241   management_log_history_cache = 250
Mon Jun 19 17:15:50 2017 us=225241   management_echo_buffer_size = 100
Mon Jun 19 17:15:50 2017 us=225241   management_write_peer_info_file = '[UNDEF]'
Mon Jun 19 17:15:50 2017 us=225241   management_client_user = '[UNDEF]'
Mon Jun 19 17:15:50 2017 us=225241   management_client_group = '[UNDEF]'
Mon Jun 19 17:15:50 2017 us=225241   management_flags = 6
Mon Jun 19 17:15:50 2017 us=225241   shared_secret_file = '[UNDEF]'
Mon Jun 19 17:15:50 2017 us=225241   key_direction = 0
Mon Jun 19 17:15:50 2017 us=225241   ciphername = 'BF-CBC'
Mon Jun 19 17:15:50 2017 us=225241   ncp_enabled = ENABLED
Mon Jun 19 17:15:50 2017 us=225241   ncp_ciphers = 'AES-256-GCM:AES-128-GCM'
Mon Jun 19 17:15:50 2017 us=225241   authname = 'SHA1'
Mon Jun 19 17:15:50 2017 us=225241   prng_hash = 'SHA1'
Mon Jun 19 17:15:50 2017 us=225241   prng_nonce_secret_len = 16
Mon Jun 19 17:15:50 2017 us=225241   keysize = 0
Mon Jun 19 17:15:50 2017 us=225241   engine = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   replay = ENABLED
Mon Jun 19 17:15:50 2017 us=225241   mute_replay_warnings = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   replay_window = 64
Mon Jun 19 17:15:50 2017 us=225241   replay_time = 15
Mon Jun 19 17:15:50 2017 us=225241   packet_id_file = '[UNDEF]'
Mon Jun 19 17:15:50 2017 us=225241   use_iv = ENABLED
Mon Jun 19 17:15:50 2017 us=225241   test_crypto = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   tls_server = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   tls_client = ENABLED
Mon Jun 19 17:15:50 2017 us=225241   key_method = 2
Mon Jun 19 17:15:50 2017 us=225241   ca_file = 'ca.crt'
Mon Jun 19 17:15:50 2017 us=225241   ca_path = '[UNDEF]'
Mon Jun 19 17:15:50 2017 us=225241   dh_file = '[UNDEF]'
Mon Jun 19 17:15:50 2017 us=225241   cert_file = 'zuse.crt'
Mon Jun 19 17:15:50 2017 us=225241   extra_certs_file = '[UNDEF]'
Mon Jun 19 17:15:50 2017 us=225241   priv_key_file = 'zuse.key'
Mon Jun 19 17:15:50 2017 us=225241   pkcs12_file = '[UNDEF]'
Mon Jun 19 17:15:50 2017 us=225241   cryptoapi_cert = '[UNDEF]'
Mon Jun 19 17:15:50 2017 us=225241   cipher_list = '[UNDEF]'
Mon Jun 19 17:15:50 2017 us=225241   tls_verify = '[UNDEF]'
Mon Jun 19 17:15:50 2017 us=225241   tls_export_cert = '[UNDEF]'
Mon Jun 19 17:15:50 2017 us=225241   verify_x509_type = 0
Mon Jun 19 17:15:50 2017 us=225241   verify_x509_name = '[UNDEF]'
Mon Jun 19 17:15:50 2017 us=225241   crl_file = '[UNDEF]'
Mon Jun 19 17:15:50 2017 us=225241   ns_cert_type = 0
Mon Jun 19 17:15:50 2017 us=225241   remote_cert_ku[i] = 65535
Mon Jun 19 17:15:50 2017 us=225241   remote_cert_ku[i] = 0
Mon Jun 19 17:15:50 2017 us=225241   remote_cert_ku[i] = 0
Mon Jun 19 17:15:50 2017 us=225241   remote_cert_ku[i] = 0
Mon Jun 19 17:15:50 2017 us=225241   remote_cert_ku[i] = 0
Mon Jun 19 17:15:50 2017 us=225241   remote_cert_ku[i] = 0
Mon Jun 19 17:15:50 2017 us=225241   remote_cert_ku[i] = 0
Mon Jun 19 17:15:50 2017 us=225241   remote_cert_ku[i] = 0
Mon Jun 19 17:15:50 2017 us=225241   remote_cert_ku[i] = 0
Mon Jun 19 17:15:50 2017 us=225241   remote_cert_ku[i] = 0
Mon Jun 19 17:15:50 2017 us=225241   remote_cert_ku[i] = 0
Mon Jun 19 17:15:50 2017 us=225241   remote_cert_ku[i] = 0
Mon Jun 19 17:15:50 2017 us=225241   remote_cert_ku[i] = 0
Mon Jun 19 17:15:50 2017 us=225241   remote_cert_ku[i] = 0
Mon Jun 19 17:15:50 2017 us=225241   remote_cert_ku[i] = 0
Mon Jun 19 17:15:50 2017 us=225241   remote_cert_ku[i] = 0
Mon Jun 19 17:15:50 2017 us=225241   remote_cert_eku = 'TLS Web Server Authentication'
Mon Jun 19 17:15:50 2017 us=225241   ssl_flags = 0
Mon Jun 19 17:15:50 2017 us=225241   tls_timeout = 2
Mon Jun 19 17:15:50 2017 us=225241   renegotiate_bytes = -1
Mon Jun 19 17:15:50 2017 us=225241   renegotiate_packets = 0
Mon Jun 19 17:15:50 2017 us=225241   renegotiate_seconds = 3600
Mon Jun 19 17:15:50 2017 us=225241   handshake_window = 60
Mon Jun 19 17:15:50 2017 us=225241   transition_window = 3600
Mon Jun 19 17:15:50 2017 us=225241   single_session = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   push_peer_info = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   tls_exit = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   tls_auth_file = '[UNDEF]'
Mon Jun 19 17:15:50 2017 us=225241   tls_crypt_file = '[UNDEF]'
Mon Jun 19 17:15:50 2017 us=225241   pkcs11_protected_authentication = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   pkcs11_protected_authentication = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   pkcs11_protected_authentication = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   pkcs11_protected_authentication = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   pkcs11_protected_authentication = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   pkcs11_protected_authentication = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   pkcs11_protected_authentication = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   pkcs11_protected_authentication = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   pkcs11_protected_authentication = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   pkcs11_protected_authentication = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   pkcs11_protected_authentication = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   pkcs11_protected_authentication = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   pkcs11_protected_authentication = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   pkcs11_protected_authentication = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   pkcs11_protected_authentication = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   pkcs11_protected_authentication = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   pkcs11_private_mode = 00000000
Mon Jun 19 17:15:50 2017 us=225241   pkcs11_private_mode = 00000000
Mon Jun 19 17:15:50 2017 us=225241   pkcs11_private_mode = 00000000
Mon Jun 19 17:15:50 2017 us=225241   pkcs11_private_mode = 00000000
Mon Jun 19 17:15:50 2017 us=225241   pkcs11_private_mode = 00000000
Mon Jun 19 17:15:50 2017 us=225241   pkcs11_private_mode = 00000000
Mon Jun 19 17:15:50 2017 us=225241   pkcs11_private_mode = 00000000
Mon Jun 19 17:15:50 2017 us=225241   pkcs11_private_mode = 00000000
Mon Jun 19 17:15:50 2017 us=225241   pkcs11_private_mode = 00000000
Mon Jun 19 17:15:50 2017 us=225241   pkcs11_private_mode = 00000000
Mon Jun 19 17:15:50 2017 us=225241   pkcs11_private_mode = 00000000
Mon Jun 19 17:15:50 2017 us=225241   pkcs11_private_mode = 00000000
Mon Jun 19 17:15:50 2017 us=225241   pkcs11_private_mode = 00000000
Mon Jun 19 17:15:50 2017 us=225241   pkcs11_private_mode = 00000000
Mon Jun 19 17:15:50 2017 us=225241   pkcs11_private_mode = 00000000
Mon Jun 19 17:15:50 2017 us=225241   pkcs11_private_mode = 00000000
Mon Jun 19 17:15:50 2017 us=225241   pkcs11_cert_private = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   pkcs11_cert_private = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   pkcs11_cert_private = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   pkcs11_cert_private = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   pkcs11_cert_private = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   pkcs11_cert_private = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   pkcs11_cert_private = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   pkcs11_cert_private = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   pkcs11_cert_private = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   pkcs11_cert_private = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   pkcs11_cert_private = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   pkcs11_cert_private = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   pkcs11_cert_private = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   pkcs11_cert_private = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   pkcs11_cert_private = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   pkcs11_cert_private = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   pkcs11_pin_cache_period = -1
Mon Jun 19 17:15:50 2017 us=225241   pkcs11_id = '[UNDEF]'
Mon Jun 19 17:15:50 2017 us=225241   pkcs11_id_management = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   server_network = 0.0.0.0
Mon Jun 19 17:15:50 2017 us=225241   server_netmask = 0.0.0.0
Mon Jun 19 17:15:50 2017 us=225241   server_network_ipv6 = ::
Mon Jun 19 17:15:50 2017 us=225241   server_netbits_ipv6 = 0
Mon Jun 19 17:15:50 2017 us=225241   server_bridge_ip = 0.0.0.0
Mon Jun 19 17:15:50 2017 us=225241   server_bridge_netmask = 0.0.0.0
Mon Jun 19 17:15:50 2017 us=225241   server_bridge_pool_start = 0.0.0.0
Mon Jun 19 17:15:50 2017 us=225241   server_bridge_pool_end = 0.0.0.0
Mon Jun 19 17:15:50 2017 us=225241   ifconfig_pool_defined = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   ifconfig_pool_start = 0.0.0.0
Mon Jun 19 17:15:50 2017 us=225241   ifconfig_pool_end = 0.0.0.0
Mon Jun 19 17:15:50 2017 us=225241   ifconfig_pool_netmask = 0.0.0.0
Mon Jun 19 17:15:50 2017 us=225241   ifconfig_pool_persist_filename = '[UNDEF]'
Mon Jun 19 17:15:50 2017 us=225241   ifconfig_pool_persist_refresh_freq = 600
Mon Jun 19 17:15:50 2017 us=225241   ifconfig_ipv6_pool_defined = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   ifconfig_ipv6_pool_base = ::
Mon Jun 19 17:15:50 2017 us=225241   ifconfig_ipv6_pool_netbits = 0
Mon Jun 19 17:15:50 2017 us=225241   n_bcast_buf = 256
Mon Jun 19 17:15:50 2017 us=225241   tcp_queue_limit = 64
Mon Jun 19 17:15:50 2017 us=225241   real_hash_size = 256
Mon Jun 19 17:15:50 2017 us=225241   virtual_hash_size = 256
Mon Jun 19 17:15:50 2017 us=225241   client_connect_script = '[UNDEF]'
Mon Jun 19 17:15:50 2017 us=225241   learn_address_script = '[UNDEF]'
Mon Jun 19 17:15:50 2017 us=225241   client_disconnect_script = '[UNDEF]'
Mon Jun 19 17:15:50 2017 us=225241   client_config_dir = '[UNDEF]'
Mon Jun 19 17:15:50 2017 us=225241   ccd_exclusive = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   tmp_dir = 'C:\Users\Admin\AppData\Local\Temp\'
Mon Jun 19 17:15:50 2017 us=225241   push_ifconfig_defined = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   push_ifconfig_local = 0.0.0.0
Mon Jun 19 17:15:50 2017 us=225241   push_ifconfig_remote_netmask = 0.0.0.0
Mon Jun 19 17:15:50 2017 us=225241   push_ifconfig_ipv6_defined = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   push_ifconfig_ipv6_local = ::/0
Mon Jun 19 17:15:50 2017 us=225241   push_ifconfig_ipv6_remote = ::
Mon Jun 19 17:15:50 2017 us=225241   enable_c2c = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   duplicate_cn = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   cf_max = 0
Mon Jun 19 17:15:50 2017 us=225241   cf_per = 0
Mon Jun 19 17:15:50 2017 us=225241   max_clients = 1024
Mon Jun 19 17:15:50 2017 us=225241   max_routes_per_client = 256
Mon Jun 19 17:15:50 2017 us=225241   auth_user_pass_verify_script = '[UNDEF]'
Mon Jun 19 17:15:50 2017 us=225241   auth_user_pass_verify_script_via_file = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   auth_token_generate = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   auth_token_lifetime = 0
Mon Jun 19 17:15:50 2017 us=225241   client = ENABLED
Mon Jun 19 17:15:50 2017 us=225241   pull = ENABLED
Mon Jun 19 17:15:50 2017 us=225241   auth_user_pass_file = '[UNDEF]'
Mon Jun 19 17:15:50 2017 us=225241   show_net_up = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   route_method = 0
Mon Jun 19 17:15:50 2017 us=225241   block_outside_dns = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   ip_win32_defined = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   ip_win32_type = 3
Mon Jun 19 17:15:50 2017 us=225241   dhcp_masq_offset = 0
Mon Jun 19 17:15:50 2017 us=225241   dhcp_lease_time = 31536000
Mon Jun 19 17:15:50 2017 us=225241   tap_sleep = 0
Mon Jun 19 17:15:50 2017 us=225241   dhcp_options = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   dhcp_renew = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   dhcp_pre_release = DISABLED
Mon Jun 19 17:15:50 2017 us=225241   domain = '[UNDEF]'
Mon Jun 19 17:15:50 2017 us=225241   netbios_scope = '[UNDEF]'
Mon Jun 19 17:15:50 2017 us=225241   netbios_node_type = 0
Mon Jun 19 17:15:50 2017 us=225241   disable_nbt = DISABLED
Mon Jun 19 17:15:50 2017 us=225241 OpenVPN 2.4.2 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on May 11 2017
Mon Jun 19 17:15:50 2017 us=225241 Windows version 6.2 (Windows 8 or greater) 64bit
Mon Jun 19 17:15:50 2017 us=225241 library versions: OpenSSL 1.0.2k  26 Jan 2017, LZO 2.10
Enter Management Password:
Mon Jun 19 17:15:50 2017 us=240865 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Mon Jun 19 17:15:50 2017 us=240865 Need hold release from management interface, waiting...
Mon Jun 19 17:15:50 2017 us=709613 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Mon Jun 19 17:15:50 2017 us=818989 MANAGEMENT: CMD 'state on'
Mon Jun 19 17:15:50 2017 us=818989 MANAGEMENT: CMD 'log all on'
Mon Jun 19 17:15:50 2017 us=975239 MANAGEMENT: CMD 'echo all on'
Mon Jun 19 17:15:50 2017 us=975239 MANAGEMENT: CMD 'hold off'
Mon Jun 19 17:15:50 2017 us=975239 MANAGEMENT: CMD 'hold release'
Mon Jun 19 17:15:58 2017 us=350236 MANAGEMENT: CMD 'password [...]'
Mon Jun 19 17:15:58 2017 us=350236 LZO compression initializing
Mon Jun 19 17:15:58 2017 us=350236 Control Channel MTU parms [ L:1622 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Mon Jun 19 17:15:58 2017 us=350236 MANAGEMENT: >STATE:1497885358,RESOLVE,,,,,,
Mon Jun 19 17:15:58 2017 us=350236 Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
Mon Jun 19 17:15:58 2017 us=350236 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Mon Jun 19 17:15:58 2017 us=350236 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Mon Jun 19 17:15:58 2017 us=350236 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:1194
Mon Jun 19 17:15:58 2017 us=350236 Socket Buffers: R=[65536->65536] S=[65536->65536]
Mon Jun 19 17:15:58 2017 us=350236 UDP link local: (not bound)
Mon Jun 19 17:15:58 2017 us=350236 UDP link remote: [AF_INET]x.x.x.x:1194
Mon Jun 19 17:15:58 2017 us=350236 MANAGEMENT: >STATE:1497885358,WAIT,,,,,,
Mon Jun 19 17:15:58 2017 us=397110 MANAGEMENT: >STATE:1497885358,AUTH,,,,,,
Mon Jun 19 17:15:58 2017 us=397110 TLS: Initial packet from [AF_INET]x.x.x.x:1194, sid=5c7a29c2 16796952
Mon Jun 19 17:15:58 2017 us=459610 VERIFY OK: depth=1, C=DE, ST=Hamburg, L=Hamburg, O=Mydomain, CN=myserver.serverprofi24.de, name=VServer, emailAddress=webmaster@mydomain.de
Mon Jun 19 17:15:58 2017 us=459610 VERIFY KU OK
Mon Jun 19 17:15:58 2017 us=459610 Validating certificate extended key usage
Mon Jun 19 17:15:58 2017 us=459610 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Mon Jun 19 17:15:58 2017 us=459610 VERIFY EKU OK
Mon Jun 19 17:15:58 2017 us=459610 VERIFY OK: depth=0, C=DE, ST=Hamburg, L=Hamburg, O=Mydomain, CN=myserver.serverprofi24.de, name=VServer, emailAddress=webmaster@mydomain.de
Mon Jun 19 17:15:58 2017 us=615859 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Mon Jun 19 17:15:58 2017 us=615859 [myserver.serverprofi24.de] Peer Connection Initiated with [AF_INET]x.x.x.x:1194
Mon Jun 19 17:15:59 2017 us=725233 MANAGEMENT: >STATE:1497885359,GET_CONFIG,,,,,,
Mon Jun 19 17:15:59 2017 us=725233 SENT CONTROL [myserver.serverprofi24.de]: 'PUSH_REQUEST' (status=1)
Mon Jun 19 17:15:59 2017 us=756483 PUSH: Received control message: 'PUSH_REPLY,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5'
Mon Jun 19 17:15:59 2017 us=756483 OPTIONS IMPORT: timers and/or timeouts modified
Mon Jun 19 17:15:59 2017 us=756483 OPTIONS IMPORT: --ifconfig/up options modified
Mon Jun 19 17:15:59 2017 us=756483 OPTIONS IMPORT: route options modified
Mon Jun 19 17:15:59 2017 us=756483 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:406 ET:0 EL:3 ]
Mon Jun 19 17:15:59 2017 us=756483 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mon Jun 19 17:15:59 2017 us=756483 WARNING: INSECURE cipher with block size less than 128 bit (64 bit).  This allows attacks like SWEET32.  Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Mon Jun 19 17:15:59 2017 us=756483 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Jun 19 17:15:59 2017 us=756483 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mon Jun 19 17:15:59 2017 us=756483 WARNING: INSECURE cipher with block size less than 128 bit (64 bit).  This allows attacks like SWEET32.  Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Mon Jun 19 17:15:59 2017 us=756483 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Jun 19 17:15:59 2017 us=756483 WARNING: cipher with small block size in use, reducing reneg-bytes to 64MB to mitigate SWEET32 attacks.
Mon Jun 19 17:15:59 2017 us=756483 interactive service msg_channel=0
Mon Jun 19 17:15:59 2017 us=756483 ROUTE_GATEWAY 192.168.2.1/255.255.255.0 I=4 HWADDR=00:1a:4d:58:0e:9c
Mon Jun 19 17:15:59 2017 us=756483 open_tun
Mon Jun 19 17:15:59 2017 us=756483 TAP-WIN32 device [Ethernet 2] opened: \\.\Global\{78A562A2-88E7-4A96-88AA-3590A4DC43E6}.tap
Mon Jun 19 17:15:59 2017 us=756483 TAP-Windows Driver Version 9.21 
Mon Jun 19 17:15:59 2017 us=756483 TAP-Windows MTU=1500
Mon Jun 19 17:15:59 2017 us=772109 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.8.0.6/255.255.255.252 on interface {78A562A2-88E7-4A96-88AA-3590A4DC43E6} [DHCP-serv: 10.8.0.5, lease-time: 31536000]
Mon Jun 19 17:15:59 2017 us=772109 Successful ARP Flush on interface [10] {78A562A2-88E7-4A96-88AA-3590A4DC43E6}
Mon Jun 19 17:15:59 2017 us=772109 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Mon Jun 19 17:15:59 2017 us=772109 MANAGEMENT: >STATE:1497885359,ASSIGN_IP,,10.8.0.6,,,,
Mon Jun 19 17:16:04 2017 us=256481 TEST ROUTES: 1/1 succeeded len=1 ret=1 a=0 u/d=up
Mon Jun 19 17:16:04 2017 us=256481 MANAGEMENT: >STATE:1497885364,ADD_ROUTES,,,,,,
Mon Jun 19 17:16:04 2017 us=256481 C:\WINDOWS\system32\route.exe ADD 10.8.0.1 MASK 255.255.255.255 10.8.0.5
Mon Jun 19 17:16:04 2017 us=256481 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=35 and dwForwardType=4
Mon Jun 19 17:16:04 2017 us=256481 Route addition via IPAPI succeeded [adaptive]
Mon Jun 19 17:16:04 2017 us=256481 Initialization Sequence Completed
Mon Jun 19 17:16:04 2017 us=256481 MANAGEMENT: >STATE:1497885364,CONNECTED,SUCCESS,10.8.0.6,x.x.x.x,1194,,
Server log:

Code: Select all

Mon Jun 19 17:14:23 2017 us=699397 Current Parameter Settings:
Mon Jun 19 17:14:23 2017 us=699463   config = '/etc/openvpn/server.conf'
Mon Jun 19 17:14:23 2017 us=699480   mode = 1
Mon Jun 19 17:14:23 2017 us=699490   persist_config = DISABLED
Mon Jun 19 17:14:23 2017 us=699501   persist_mode = 1
Mon Jun 19 17:14:23 2017 us=699511   show_ciphers = DISABLED
Mon Jun 19 17:14:23 2017 us=699521   show_digests = DISABLED
Mon Jun 19 17:14:23 2017 us=699531   show_engines = DISABLED
Mon Jun 19 17:14:23 2017 us=699541   genkey = DISABLED
Mon Jun 19 17:14:23 2017 us=699551   key_pass_file = '[UNDEF]'
Mon Jun 19 17:14:23 2017 us=699561   show_tls_ciphers = DISABLED
Mon Jun 19 17:14:23 2017 us=699571 Connection profiles [default]:
Mon Jun 19 17:14:23 2017 us=699581   proto = udp
Mon Jun 19 17:14:23 2017 us=699591   local = '[UNDEF]'
Mon Jun 19 17:14:23 2017 us=699601   local_port = 1194
Mon Jun 19 17:14:23 2017 us=699611   remote = '[UNDEF]'
Mon Jun 19 17:14:23 2017 us=699621   remote_port = 1194
Mon Jun 19 17:14:23 2017 us=699633   remote_float = DISABLED
Mon Jun 19 17:14:23 2017 us=699647   bind_defined = DISABLED
Mon Jun 19 17:14:23 2017 us=699657   bind_local = ENABLED
Mon Jun 19 17:14:23 2017 us=699667   connect_retry_seconds = 5
Mon Jun 19 17:14:23 2017 us=699677   connect_timeout = 10
Mon Jun 19 17:14:23 2017 us=699687   connect_retry_max = 0
Mon Jun 19 17:14:23 2017 us=699697   socks_proxy_server = '[UNDEF]'
Mon Jun 19 17:14:23 2017 us=699707   socks_proxy_port = 0
Mon Jun 19 17:14:23 2017 us=699717   socks_proxy_retry = DISABLED
Mon Jun 19 17:14:23 2017 us=699727   tun_mtu = 1500
Mon Jun 19 17:14:23 2017 us=699737   tun_mtu_defined = ENABLED
Mon Jun 19 17:14:23 2017 us=699748   link_mtu = 1500
Mon Jun 19 17:14:23 2017 us=699757   link_mtu_defined = DISABLED
Mon Jun 19 17:14:23 2017 us=699767   tun_mtu_extra = 0
Mon Jun 19 17:14:23 2017 us=699777   tun_mtu_extra_defined = DISABLED
Mon Jun 19 17:14:23 2017 us=699787   mtu_discover_type = -1
Mon Jun 19 17:14:23 2017 us=699797   fragment = 0
Mon Jun 19 17:14:23 2017 us=699807   mssfix = 1450
Mon Jun 19 17:14:23 2017 us=699818   explicit_exit_notification = 0
Mon Jun 19 17:14:23 2017 us=699828 Connection profiles END
Mon Jun 19 17:14:23 2017 us=699846   remote_random = DISABLED
Mon Jun 19 17:14:23 2017 us=699863   ipchange = '[UNDEF]'
Mon Jun 19 17:14:23 2017 us=699875   dev = 'tun'
Mon Jun 19 17:14:23 2017 us=699885   dev_type = '[UNDEF]'
Mon Jun 19 17:14:23 2017 us=699894   dev_node = '[UNDEF]'
Mon Jun 19 17:14:23 2017 us=699904   lladdr = '[UNDEF]'
Mon Jun 19 17:14:23 2017 us=699914   topology = 1
Mon Jun 19 17:14:23 2017 us=699924   tun_ipv6 = DISABLED
Mon Jun 19 17:14:23 2017 us=699934   ifconfig_local = '10.8.0.1'
Mon Jun 19 17:14:23 2017 us=699944   ifconfig_remote_netmask = '10.8.0.2'
Mon Jun 19 17:14:23 2017 us=699954   ifconfig_noexec = DISABLED
Mon Jun 19 17:14:23 2017 us=699964   ifconfig_nowarn = DISABLED
Mon Jun 19 17:14:23 2017 us=699974   ifconfig_ipv6_local = '[UNDEF]'
Mon Jun 19 17:14:23 2017 us=699984   ifconfig_ipv6_netbits = 0
Mon Jun 19 17:14:23 2017 us=699993   ifconfig_ipv6_remote = '[UNDEF]'
Mon Jun 19 17:14:23 2017 us=700004   shaper = 0
Mon Jun 19 17:14:23 2017 us=700013   mtu_test = 0
Mon Jun 19 17:14:23 2017 us=700038   mlock = DISABLED
Mon Jun 19 17:14:23 2017 us=700050   keepalive_ping = 10
Mon Jun 19 17:14:23 2017 us=700059   keepalive_timeout = 120
Mon Jun 19 17:14:23 2017 us=700069   inactivity_timeout = 0
Mon Jun 19 17:14:23 2017 us=700079   ping_send_timeout = 10
Mon Jun 19 17:14:23 2017 us=700089   ping_rec_timeout = 240
Mon Jun 19 17:14:23 2017 us=700099   ping_rec_timeout_action = 2
Mon Jun 19 17:14:23 2017 us=700108   ping_timer_remote = DISABLED
Mon Jun 19 17:14:23 2017 us=700118   remap_sigusr1 = 0
Mon Jun 19 17:14:23 2017 us=700128   persist_tun = ENABLED
Mon Jun 19 17:14:23 2017 us=700140   persist_local_ip = DISABLED
Mon Jun 19 17:14:23 2017 us=700153   persist_remote_ip = DISABLED
Mon Jun 19 17:14:23 2017 us=700163   persist_key = ENABLED
Mon Jun 19 17:14:23 2017 us=700172   passtos = DISABLED
Mon Jun 19 17:14:23 2017 us=700183   resolve_retry_seconds = 1000000000
Mon Jun 19 17:14:23 2017 us=700202   username = 'openvpn'
Mon Jun 19 17:14:23 2017 us=700214   groupname = 'openvpn'
Mon Jun 19 17:14:23 2017 us=700228   chroot_dir = '[UNDEF]'
Mon Jun 19 17:14:23 2017 us=700246   cd_dir = '/etc/openvpn'
Mon Jun 19 17:14:23 2017 us=700257   writepid = '/run/openvpn/server.pid'
Mon Jun 19 17:14:23 2017 us=700268   up_script = '[UNDEF]'
Mon Jun 19 17:14:23 2017 us=700285   down_script = '[UNDEF]'
Mon Jun 19 17:14:23 2017 us=700302   down_pre = DISABLED
Mon Jun 19 17:14:23 2017 us=700312   up_restart = DISABLED
Mon Jun 19 17:14:23 2017 us=700322   up_delay = DISABLED
Mon Jun 19 17:14:23 2017 us=700332   daemon = ENABLED
Mon Jun 19 17:14:23 2017 us=700342   inetd = 0
Mon Jun 19 17:14:23 2017 us=700352   log = ENABLED
Mon Jun 19 17:14:23 2017 us=700362   suppress_timestamps = DISABLED
Mon Jun 19 17:14:23 2017 us=700372   nice = 0
Mon Jun 19 17:14:23 2017 us=700382   verbosity = 4
Mon Jun 19 17:14:23 2017 us=700392   mute = 0
Mon Jun 19 17:14:23 2017 us=700401   gremlin = 0
Mon Jun 19 17:14:23 2017 us=700411   status_file = 'openvpn-status.log'
Mon Jun 19 17:14:23 2017 us=700422   status_file_version = 1
Mon Jun 19 17:14:23 2017 us=700431   status_file_update_freq = 10
Mon Jun 19 17:14:23 2017 us=700441   occ = ENABLED
Mon Jun 19 17:14:23 2017 us=700451   rcvbuf = 0
Mon Jun 19 17:14:23 2017 us=700461   sndbuf = 0
Mon Jun 19 17:14:23 2017 us=700471   mark = 0
Mon Jun 19 17:14:23 2017 us=700481   sockflags = 0
Mon Jun 19 17:14:23 2017 us=700491   fast_io = DISABLED
Mon Jun 19 17:14:23 2017 us=700501   lzo = 7
Mon Jun 19 17:14:23 2017 us=700510   route_script = '[UNDEF]'
Mon Jun 19 17:14:23 2017 us=700520   route_default_gateway = '[UNDEF]'
Mon Jun 19 17:14:23 2017 us=700530   route_default_metric = 0
Mon Jun 19 17:14:23 2017 us=700890   route_noexec = DISABLED
Mon Jun 19 17:14:23 2017 us=700926   route_delay = 0
Mon Jun 19 17:14:23 2017 us=700948   route_delay_window = 30
Mon Jun 19 17:14:23 2017 us=701007   route_delay_defined = DISABLED
Mon Jun 19 17:14:23 2017 us=701028   route_nopull = DISABLED
Mon Jun 19 17:14:23 2017 us=701051   route_gateway_via_dhcp = DISABLED
Mon Jun 19 17:14:23 2017 us=701075   max_routes = 100
Mon Jun 19 17:14:23 2017 us=701095   allow_pull_fqdn = DISABLED
Mon Jun 19 17:14:23 2017 us=701115   route 10.8.0.0/255.255.255.0/nil/nil
Mon Jun 19 17:14:23 2017 us=701262   management_addr = '[UNDEF]'
Mon Jun 19 17:14:23 2017 us=701331   management_port = 0
Mon Jun 19 17:14:23 2017 us=701351   management_user_pass = '[UNDEF]'
Mon Jun 19 17:14:23 2017 us=701374   management_log_history_cache = 250
Mon Jun 19 17:14:23 2017 us=701394   management_echo_buffer_size = 100
Mon Jun 19 17:14:23 2017 us=701418   management_write_peer_info_file = '[UNDEF]'
Mon Jun 19 17:14:23 2017 us=701436   management_client_user = '[UNDEF]'
Mon Jun 19 17:14:23 2017 us=701455   management_client_group = '[UNDEF]'
Mon Jun 19 17:14:23 2017 us=701477   management_flags = 0
Mon Jun 19 17:14:23 2017 us=701500   shared_secret_file = '[UNDEF]'
Mon Jun 19 17:14:23 2017 us=701519   key_direction = 0
Mon Jun 19 17:14:23 2017 us=701537   ciphername_defined = ENABLED
Mon Jun 19 17:14:23 2017 us=701556   ciphername = 'BF-CBC'
Mon Jun 19 17:14:23 2017 us=701576   authname_defined = ENABLED
Mon Jun 19 17:14:23 2017 us=701594   authname = 'SHA1'
Mon Jun 19 17:14:23 2017 us=701613   prng_hash = 'SHA1'
Mon Jun 19 17:14:23 2017 us=701632   prng_nonce_secret_len = 16
Mon Jun 19 17:14:23 2017 us=701671   keysize = 0
Mon Jun 19 17:14:23 2017 us=701690   engine = DISABLED
Mon Jun 19 17:14:23 2017 us=701708   replay = ENABLED
Mon Jun 19 17:14:23 2017 us=701727   mute_replay_warnings = DISABLED
Mon Jun 19 17:14:23 2017 us=701745   replay_window = 64
Mon Jun 19 17:14:23 2017 us=701805   replay_time = 15
Mon Jun 19 17:14:23 2017 us=701824   packet_id_file = '[UNDEF]'
Mon Jun 19 17:14:23 2017 us=701843   use_iv = ENABLED
Mon Jun 19 17:14:23 2017 us=701861   test_crypto = DISABLED
Mon Jun 19 17:14:23 2017 us=701879   tls_server = ENABLED
Mon Jun 19 17:14:23 2017 us=701897   tls_client = DISABLED
Mon Jun 19 17:14:23 2017 us=701917   key_method = 2
Mon Jun 19 17:14:23 2017 us=701946   ca_file = '/etc/openvpn/easy-rsa2/keys/ca.crt'
Mon Jun 19 17:14:23 2017 us=701986   ca_path = '[UNDEF]'
Mon Jun 19 17:14:23 2017 us=702011   dh_file = '/etc/openvpn/easy-rsa2/keys/dh2048.pem'
Mon Jun 19 17:14:23 2017 us=702075   cert_file = '/etc/openvpn/easy-rsa2/keys/server.crt'
Mon Jun 19 17:14:23 2017 us=702094   extra_certs_file = '[UNDEF]'
Mon Jun 19 17:14:23 2017 us=702114   priv_key_file = '/etc/openvpn/easy-rsa2/keys/server.key'
Mon Jun 19 17:14:23 2017 us=702134   pkcs12_file = '[UNDEF]'
Mon Jun 19 17:14:23 2017 us=702151   cipher_list = '[UNDEF]'
Mon Jun 19 17:14:23 2017 us=702169   tls_verify = '[UNDEF]'
Mon Jun 19 17:14:23 2017 us=702188   tls_export_cert = '[UNDEF]'
Mon Jun 19 17:14:23 2017 us=702207   verify_x509_type = 0
Mon Jun 19 17:14:23 2017 us=702228   verify_x509_name = '[UNDEF]'
Mon Jun 19 17:14:23 2017 us=702248   crl_file = '[UNDEF]'
Mon Jun 19 17:14:23 2017 us=702265   ns_cert_type = 0
Mon Jun 19 17:14:23 2017 us=702324   remote_cert_ku[i] = 0
Mon Jun 19 17:14:23 2017 us=702343   remote_cert_ku[i] = 0
Mon Jun 19 17:14:23 2017 us=702362   remote_cert_ku[i] = 0
Mon Jun 19 17:14:23 2017 us=702387   remote_cert_ku[i] = 0
Mon Jun 19 17:14:23 2017 us=702410   remote_cert_ku[i] = 0
Mon Jun 19 17:14:23 2017 us=702428   remote_cert_ku[i] = 0
Mon Jun 19 17:14:23 2017 us=702447   remote_cert_ku[i] = 0
Mon Jun 19 17:14:23 2017 us=702466   remote_cert_ku[i] = 0
Mon Jun 19 17:14:23 2017 us=702484   remote_cert_ku[i] = 0
Mon Jun 19 17:14:23 2017 us=702503   remote_cert_ku[i] = 0
Mon Jun 19 17:14:23 2017 us=702521   remote_cert_ku[i] = 0
Mon Jun 19 17:14:23 2017 us=702539   remote_cert_ku[i] = 0
Mon Jun 19 17:14:23 2017 us=702557   remote_cert_ku[i] = 0
Mon Jun 19 17:14:23 2017 us=702575   remote_cert_ku[i] = 0
Mon Jun 19 17:14:23 2017 us=702594   remote_cert_ku[i] = 0
Mon Jun 19 17:14:23 2017 us=702612   remote_cert_ku[i] = 0
Mon Jun 19 17:14:23 2017 us=702630   remote_cert_eku = '[UNDEF]'
Mon Jun 19 17:14:23 2017 us=702649   ssl_flags = 0
Mon Jun 19 17:14:23 2017 us=702668   tls_timeout = 2
Mon Jun 19 17:14:23 2017 us=702687   renegotiate_bytes = 0
Mon Jun 19 17:14:23 2017 us=702705   renegotiate_packets = 0
Mon Jun 19 17:14:23 2017 us=702724   renegotiate_seconds = 3600
Mon Jun 19 17:14:23 2017 us=702742   handshake_window = 60
Mon Jun 19 17:14:23 2017 us=702760   transition_window = 3600
Mon Jun 19 17:14:23 2017 us=702778   single_session = DISABLED
Mon Jun 19 17:14:23 2017 us=702796   push_peer_info = DISABLED
Mon Jun 19 17:14:23 2017 us=702815   tls_exit = DISABLED
Mon Jun 19 17:14:23 2017 us=702833   tls_auth_file = '[UNDEF]'
Mon Jun 19 17:14:23 2017 us=702852   pkcs11_protected_authentication = DISABLED
Mon Jun 19 17:14:23 2017 us=702872   pkcs11_protected_authentication = DISABLED
Mon Jun 19 17:14:23 2017 us=702890   pkcs11_protected_authentication = DISABLED
Mon Jun 19 17:14:23 2017 us=702909   pkcs11_protected_authentication = DISABLED
Mon Jun 19 17:14:23 2017 us=702927   pkcs11_protected_authentication = DISABLED
Mon Jun 19 17:14:23 2017 us=702946   pkcs11_protected_authentication = DISABLED
Mon Jun 19 17:14:23 2017 us=703036   pkcs11_protected_authentication = DISABLED
Mon Jun 19 17:14:23 2017 us=703062   pkcs11_protected_authentication = DISABLED
Mon Jun 19 17:14:23 2017 us=703081   pkcs11_protected_authentication = DISABLED
Mon Jun 19 17:14:23 2017 us=703101   pkcs11_protected_authentication = DISABLED
Mon Jun 19 17:14:23 2017 us=703122   pkcs11_protected_authentication = DISABLED
Mon Jun 19 17:14:23 2017 us=703141   pkcs11_protected_authentication = DISABLED
Mon Jun 19 17:14:23 2017 us=703160   pkcs11_protected_authentication = DISABLED
Mon Jun 19 17:14:23 2017 us=703178   pkcs11_protected_authentication = DISABLED
Mon Jun 19 17:14:23 2017 us=703196   pkcs11_protected_authentication = DISABLED
Mon Jun 19 17:14:23 2017 us=703222   pkcs11_protected_authentication = DISABLED
Mon Jun 19 17:14:23 2017 us=703242   pkcs11_private_mode = 00000000
Mon Jun 19 17:14:23 2017 us=703266   pkcs11_private_mode = 00000000
Mon Jun 19 17:14:23 2017 us=703328   pkcs11_private_mode = 00000000
Mon Jun 19 17:14:23 2017 us=703357   pkcs11_private_mode = 00000000
Mon Jun 19 17:14:23 2017 us=703381   pkcs11_private_mode = 00000000
Mon Jun 19 17:14:23 2017 us=703404   pkcs11_private_mode = 00000000
Mon Jun 19 17:14:23 2017 us=703423   pkcs11_private_mode = 00000000
Mon Jun 19 17:14:23 2017 us=703480   pkcs11_private_mode = 00000000
Mon Jun 19 17:14:23 2017 us=703499   pkcs11_private_mode = 00000000
Mon Jun 19 17:14:23 2017 us=703518   pkcs11_private_mode = 00000000
Mon Jun 19 17:14:23 2017 us=703537   pkcs11_private_mode = 00000000
Mon Jun 19 17:14:23 2017 us=703555   pkcs11_private_mode = 00000000
Mon Jun 19 17:14:23 2017 us=703574   pkcs11_private_mode = 00000000
Mon Jun 19 17:14:23 2017 us=703596   pkcs11_private_mode = 00000000
Mon Jun 19 17:14:23 2017 us=703615   pkcs11_private_mode = 00000000
Mon Jun 19 17:14:23 2017 us=703633   pkcs11_private_mode = 00000000
Mon Jun 19 17:14:23 2017 us=703651   pkcs11_cert_private = DISABLED
Mon Jun 19 17:14:23 2017 us=703669   pkcs11_cert_private = DISABLED
Mon Jun 19 17:14:23 2017 us=703687   pkcs11_cert_private = DISABLED
Mon Jun 19 17:14:23 2017 us=703711   pkcs11_cert_private = DISABLED
Mon Jun 19 17:14:23 2017 us=703772   pkcs11_cert_private = DISABLED
Mon Jun 19 17:14:23 2017 us=703791   pkcs11_cert_private = DISABLED
Mon Jun 19 17:14:23 2017 us=703809   pkcs11_cert_private = DISABLED
Mon Jun 19 17:14:23 2017 us=703830   pkcs11_cert_private = DISABLED
Mon Jun 19 17:14:23 2017 us=703848   pkcs11_cert_private = DISABLED
Mon Jun 19 17:14:23 2017 us=703866   pkcs11_cert_private = DISABLED
Mon Jun 19 17:14:23 2017 us=703885   pkcs11_cert_private = DISABLED
Mon Jun 19 17:14:23 2017 us=703903   pkcs11_cert_private = DISABLED
Mon Jun 19 17:14:23 2017 us=703922   pkcs11_cert_private = DISABLED
Mon Jun 19 17:14:23 2017 us=703940   pkcs11_cert_private = DISABLED
Mon Jun 19 17:14:23 2017 us=703975   pkcs11_cert_private = DISABLED
Mon Jun 19 17:14:23 2017 us=704001   pkcs11_cert_private = DISABLED
Mon Jun 19 17:14:23 2017 us=704067   pkcs11_pin_cache_period = -1
Mon Jun 19 17:14:23 2017 us=704087   pkcs11_id = '[UNDEF]'
Mon Jun 19 17:14:23 2017 us=704107   pkcs11_id_management = DISABLED
Mon Jun 19 17:14:23 2017 us=704127   server_network = 10.8.0.0
Mon Jun 19 17:14:23 2017 us=704147   server_netmask = 255.255.255.0
Mon Jun 19 17:14:23 2017 us=704175   server_network_ipv6 = ::
Mon Jun 19 17:14:23 2017 us=704195   server_netbits_ipv6 = 0
Mon Jun 19 17:14:23 2017 us=704216   server_bridge_ip = 0.0.0.0
Mon Jun 19 17:14:23 2017 us=704285   server_bridge_netmask = 0.0.0.0
Mon Jun 19 17:14:23 2017 us=704306   server_bridge_pool_start = 0.0.0.0
Mon Jun 19 17:14:23 2017 us=704328   server_bridge_pool_end = 0.0.0.0
Mon Jun 19 17:14:23 2017 us=704348   push_entry = 'route 10.8.0.1'
Mon Jun 19 17:14:23 2017 us=704367   push_entry = 'topology net30'
Mon Jun 19 17:14:23 2017 us=704387   push_entry = 'ping 10'
Mon Jun 19 17:14:23 2017 us=704410   push_entry = 'ping-restart 120'
Mon Jun 19 17:14:23 2017 us=704429   ifconfig_pool_defined = ENABLED
Mon Jun 19 17:14:23 2017 us=704454   ifconfig_pool_start = 10.8.0.4
Mon Jun 19 17:14:23 2017 us=704477   ifconfig_pool_end = 10.8.0.251
Mon Jun 19 17:14:23 2017 us=704501   ifconfig_pool_netmask = 0.0.0.0
Mon Jun 19 17:14:23 2017 us=704522   ifconfig_pool_persist_filename = 'ipp.txt'
Mon Jun 19 17:14:23 2017 us=704581   ifconfig_pool_persist_refresh_freq = 600
Mon Jun 19 17:14:23 2017 us=704600   ifconfig_ipv6_pool_defined = DISABLED
Mon Jun 19 17:14:23 2017 us=704621   ifconfig_ipv6_pool_base = ::
Mon Jun 19 17:14:23 2017 us=704640   ifconfig_ipv6_pool_netbits = 0
Mon Jun 19 17:14:23 2017 us=704660   n_bcast_buf = 256
Mon Jun 19 17:14:23 2017 us=704679   tcp_queue_limit = 64
Mon Jun 19 17:14:23 2017 us=704698   real_hash_size = 256
Mon Jun 19 17:14:23 2017 us=704716   virtual_hash_size = 256
Mon Jun 19 17:14:23 2017 us=704734   client_connect_script = '[UNDEF]'
Mon Jun 19 17:14:23 2017 us=704772   learn_address_script = '[UNDEF]'
Mon Jun 19 17:14:23 2017 us=704796   client_disconnect_script = '[UNDEF]'
Mon Jun 19 17:14:23 2017 us=704823   client_config_dir = '[UNDEF]'
Mon Jun 19 17:14:23 2017 us=704843   ccd_exclusive = DISABLED
Mon Jun 19 17:14:23 2017 us=704862   tmp_dir = '/tmp'
Mon Jun 19 17:14:23 2017 us=704881   push_ifconfig_defined = DISABLED
Mon Jun 19 17:14:23 2017 us=704901   push_ifconfig_local = 0.0.0.0
Mon Jun 19 17:14:23 2017 us=704920   push_ifconfig_remote_netmask = 0.0.0.0
Mon Jun 19 17:14:23 2017 us=704939   push_ifconfig_ipv6_defined = DISABLED
Mon Jun 19 17:14:23 2017 us=704976   push_ifconfig_ipv6_local = ::/0
Mon Jun 19 17:14:23 2017 us=705005   push_ifconfig_ipv6_remote = ::
Mon Jun 19 17:14:23 2017 us=705070   enable_c2c = DISABLED
Mon Jun 19 17:14:23 2017 us=705090   duplicate_cn = DISABLED
Mon Jun 19 17:14:23 2017 us=705110   cf_max = 0
Mon Jun 19 17:14:23 2017 us=705129   cf_per = 0
Mon Jun 19 17:14:23 2017 us=705186   max_clients = 1024
Mon Jun 19 17:14:23 2017 us=705204   max_routes_per_client = 256
Mon Jun 19 17:14:23 2017 us=705226   auth_user_pass_verify_script = '[UNDEF]'
Mon Jun 19 17:14:23 2017 us=705246   auth_user_pass_verify_script_via_file = DISABLED
Mon Jun 19 17:14:23 2017 us=705265   port_share_host = '[UNDEF]'
Mon Jun 19 17:14:23 2017 us=705288   port_share_port = 0
Mon Jun 19 17:14:23 2017 us=705334   client = DISABLED
Mon Jun 19 17:14:23 2017 us=705354   pull = DISABLED
Mon Jun 19 17:14:23 2017 us=705372   auth_user_pass_file = '[UNDEF]'
Mon Jun 19 17:14:23 2017 us=705426 OpenVPN 2.3.10 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Feb  2 2016
Mon Jun 19 17:14:23 2017 us=705460 library versions: OpenSSL 1.0.2g  1 Mar 2016, LZO 2.08
Mon Jun 19 17:14:23 2017 us=706773 Diffie-Hellman initialized with 2048 bit key
Mon Jun 19 17:14:23 2017 us=707210 TLS-Auth MTU parms [ L:1542 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Mon Jun 19 17:14:23 2017 us=707240 Socket Buffers: R=[133120->133120] S=[133120->133120]
Mon Jun 19 17:14:23 2017 us=707338 ROUTE_GATEWAY ON_LINK IFACE=venet0 HWADDR=00:00:00:00:00:00
Mon Jun 19 17:14:23 2017 us=707618 TUN/TAP device tun0 opened
Mon Jun 19 17:14:23 2017 us=707645 TUN/TAP TX queue length set to 100
Mon Jun 19 17:14:23 2017 us=707665 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Mon Jun 19 17:14:23 2017 us=707692 /sbin/ip link set dev tun0 up mtu 1500
Mon Jun 19 17:14:23 2017 us=711483 /sbin/ip addr add dev tun0 local 10.8.0.1 peer 10.8.0.2
Mon Jun 19 17:14:23 2017 us=712766 /sbin/ip route add 10.8.0.0/24 via 10.8.0.2
Mon Jun 19 17:14:23 2017 us=713628 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:143 ET:0 EL:3 AF:3/1 ]
Mon Jun 19 17:14:23 2017 us=714175 GID set to openvpn
Mon Jun 19 17:14:23 2017 us=714201 UID set to openvpn
Mon Jun 19 17:14:23 2017 us=714217 UDPv4 link local (bound): [undef]
Mon Jun 19 17:14:23 2017 us=714229 UDPv4 link remote: [undef]
Mon Jun 19 17:14:23 2017 us=714248 MULTI: multi_init called, r=256 v=256
Mon Jun 19 17:14:23 2017 us=714284 IFCONFIG POOL: base=10.8.0.4 size=62, ipv6=0
Mon Jun 19 17:14:23 2017 us=714303 ifconfig_pool_read(), in='zuse,10.8.0.4', TODO: IPv6
Mon Jun 19 17:14:23 2017 us=714321 succeeded -> ifconfig_pool_set()
Mon Jun 19 17:14:23 2017 us=714333 IFCONFIG POOL LIST
Mon Jun 19 17:14:23 2017 us=714345 zuse,10.8.0.4
Mon Jun 19 17:14:23 2017 us=714375 Initialization Sequence Completed
Mon Jun 19 17:15:58 2017 us=735347 MULTI: multi_create_instance called
Mon Jun 19 17:15:58 2017 us=735478 87.156.31.171:61016 Re-using SSL/TLS context
Mon Jun 19 17:15:58 2017 us=735531 87.156.31.171:61016 LZO compression initialized
Mon Jun 19 17:15:58 2017 us=735691 87.156.31.171:61016 Control Channel MTU parms [ L:1542 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Mon Jun 19 17:15:58 2017 us=735721 87.156.31.171:61016 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:143 ET:0 EL:3 AF:3/1 ]
Mon Jun 19 17:15:58 2017 us=735771 87.156.31.171:61016 Local Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Mon Jun 19 17:15:58 2017 us=735794 87.156.31.171:61016 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Mon Jun 19 17:15:58 2017 us=735851 87.156.31.171:61016 Local Options hash (VER=V4): '530fdded'
Mon Jun 19 17:15:58 2017 us=735884 87.156.31.171:61016 Expected Remote Options hash (VER=V4): '41690919'
Mon Jun 19 17:15:58 2017 us=735956 87.156.31.171:61016 TLS: Initial packet from [AF_INET]87.156.31.171:61016, sid=dbb6d277 573b0804
Mon Jun 19 17:15:58 2017 us=891723 87.156.31.171:61016 VERIFY OK: depth=1, C=DE, ST=Hamburg, L=Hamburg, O=Mydomain, CN=myserver.serverprofi24.de, name=VServer, emailAddress=webmaster@mydomain.de
Mon Jun 19 17:15:58 2017 us=891953 87.156.31.171:61016 VERIFY OK: depth=0, C=DE, ST=Hamburg, L=Hamburg, O=Mydomain, CN=zuse, name=VServer, emailAddress=webmaster@mydomain.de
Mon Jun 19 17:15:58 2017 us=946370 87.156.31.171:61016 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mon Jun 19 17:15:58 2017 us=946427 87.156.31.171:61016 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Jun 19 17:15:58 2017 us=946489 87.156.31.171:61016 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mon Jun 19 17:15:58 2017 us=946502 87.156.31.171:61016 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Jun 19 17:15:58 2017 us=986683 87.156.31.171:61016 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Mon Jun 19 17:15:58 2017 us=986759 87.156.31.171:61016 [zuse] Peer Connection Initiated with [AF_INET]87.156.31.171:61016
Mon Jun 19 17:15:58 2017 us=986801 zuse/87.156.31.171:61016 MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=(Not enabled)
Mon Jun 19 17:15:58 2017 us=986850 zuse/87.156.31.171:61016 MULTI: Learn: 10.8.0.6 -> zuse/87.156.31.171:61016
Mon Jun 19 17:15:58 2017 us=986866 zuse/87.156.31.171:61016 MULTI: primary virtual IP for zuse/87.156.31.171:61016: 10.8.0.6
Mon Jun 19 17:16:00 2017 us=96636 zuse/87.156.31.171:61016 PUSH: Received control message: 'PUSH_REQUEST'
Mon Jun 19 17:16:00 2017 us=96697 zuse/87.156.31.171:61016 send_push_reply(): safe_cap=940
Mon Jun 19 17:16:00 2017 us=96745 zuse/87.156.31.171:61016 SENT CONTROL [zuse]: 'PUSH_REPLY,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' (status=1)
Mon Jun 19 17:16:00 2017 us=627837 zuse/87.156.31.171:61016 MULTI: bad source address from client [::], packet dropped  
Server status log:

Code: Select all

OpenVPN CLIENT LIST
Updated,Mon Jun 19 17:27:46 2017
Common Name,Real Address,Bytes Received,Bytes Sent,Connected Since
zuse,87.156.31.171:61016,19124,7942,Mon Jun 19 17:15:58 2017
ROUTING TABLE
Virtual Address,Common Name,Real Address,Last Ref
10.8.0.6,zuse,87.156.31.171:61016,Mon Jun 19 17:15:58 2017
GLOBAL STATS
Max bcast/mcast queue length,0
END 
Titus

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 2808
Joined: Fri Jun 03, 2016 1:17 pm

Re: Client connected but no access to server (Windows -> Ubuntu)

Post by TinCanTech » Mon Jun 19, 2017 4:23 pm

marsman wrote:Server log:

Mon Jun 19 17:14:23 2017 us=705426 OpenVPN 2.3.10 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Feb 2 2016
See here for up to date stuff:
https://community.openvpn.net/openvpn/w ... twareRepos
marsman wrote:when I try to access tomcat management console thru the tunnel for example (http://10.8.0.6:8080), connection fails. Ping to 10.8.0.6 runs succesful
Is tomcat using that address ?

marsman
OpenVpn Newbie
Posts: 5
Joined: Mon Jun 19, 2017 5:41 am

Re: Client connected but no access to server (Windows -> Ubuntu)

Post by marsman » Mon Jun 19, 2017 5:29 pm

Sorry for naming the wrong server software version. And the address 10.8.0.6 show me the OpenVPN gui after successful connection. The port 8080 is assigned to the Tomcat manager web UI on the target system. But I tried other services like internal status page on Apache httpd and also no connection thru the tunnel. On my client machines I got Shrew Soft VPN client installed next to OpenVPN to connect to home LAN with Fritz Box. This only for your information.

Any idea, whats the problem? :shock: I'm a software developer and VPN is not my daily business.

marsman
OpenVpn Newbie
Posts: 5
Joined: Mon Jun 19, 2017 5:41 am

Re: Client connected but no access to server (Windows -> Ubuntu)

Post by marsman » Thu Jun 22, 2017 5:07 am

For the records: I've solved the problem on my own. I noticed that I have to allow incomming TCP on source address 10.8.0.6 additional to port 1194 in iptables. :oops:

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 2808
Joined: Fri Jun 03, 2016 1:17 pm

Re: Client connected but no access to server (Windows -> Ubuntu)

Post by TinCanTech » Thu Jun 22, 2017 1:38 pm

Thanks for letting us know you solved this 8-)

Post Reply