TCP/UDP: Incoming packet rejected from [AF_INET]192.168.1.3

Need help configuring your VPN? Just post here and you'll get that help.
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Locked
cor9003
OpenVpn Newbie
Posts: 9
Joined: Sun Jan 31, 2016 10:05 am

TCP/UDP: Incoming packet rejected from [AF_INET]192.168.1.3

Post by cor9003 » Sun Jan 31, 2016 10:14 am

Hello,
I've installed other times openvpn working fine in raspberry, but now I'm intalling from scratch in a raspberry PI 2 and after days trying don´t get works.
Finally I've decided to make a proof-of-concept very simple, but still with the same problem. The error always is the same: TCP/UDP: Incoming packet rejected from [AF_INET]192.168.1.33:1194[2], expected peer address: [AF_INET]192.168.1.76:1194 (allow this incoming source address/port by removing --remote or adding --float)

I run the command openvpn --config ./server.conf in the raspbian server with the following output:
Sun Jan 31 09:53:30 2016 OpenVPN 2.3.4 arm-unknown-linux-gnueabihf [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jan 23 2016
Sun Jan 31 09:53:30 2016 library versions: OpenSSL 1.0.1k 8 Jan 2015, LZO 2.08
Sun Jan 31 09:53:30 2016 TUN/TAP device tun0 opened
Sun Jan 31 09:53:30 2016 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Sun Jan 31 09:53:30 2016 /sbin/ip link set dev tun0 up mtu 1500
Sun Jan 31 09:53:30 2016 /sbin/ip addr add dev tun0 local 10.8.0.1 peer 10.8.0.2
Sun Jan 31 09:53:30 2016 UDPv4 link local (bound): [undef]
Sun Jan 31 09:53:30 2016 UDPv4 link remote: [undef]
Sun Jan 31 09:53:41 2016 Peer Connection Initiated with [AF_INET]192.168.1.35:1194
Sun Jan 31 09:53:42 2016 Initialization Sequence Completed


But whe I try to connect from windows laptop as client always get the same error

The server.conf is very simple:
dev tun
ifconfig 10.8.0.1 10.8.0.2
secret static.key

And config in client too is the simplest:
remote 192.168.1.76 1194
dev tun
ifconfig 10.8.0.2 10.8.0.1
secret static.key

Note I'm running inside the subnet that should works.

Also past days I did the configuration using certificates with the same problem. For this reason decided to use the simplet until works but not works. Seems that something is blocked


This is the firewall settings.
root@raspbx:/etc/openvpn# iptables-save
# Generated by iptables-save v1.4.21 on Sun Jan 31 10:13:41 2016
*nat
:PREROUTING ACCEPT [1048:36687]
:INPUT ACCEPT [43:3871]
:OUTPUT ACCEPT [75:6278]
:POSTROUTING ACCEPT [75:6278]
-A POSTROUTING -s 10.8.0.0/24 -o wlan0 -j MASQUERADE
COMMIT
# Completed on Sun Jan 31 10:13:41 2016
# Generated by iptables-save v1.4.21 on Sun Jan 31 10:13:41 2016
*filter
:INPUT ACCEPT [2029:191355]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [1606:482099]
-A FORWARD -i wlan0 -o tun0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -s 10.8.0.0/24 -o wlan0 -j ACCEPT
COMMIT
# Completed on Sun Jan 31 10:13:41 2016


Any help ?

User avatar
Traffic
OpenVPN Protagonist
Posts: 4081
Joined: Sat Aug 09, 2014 11:24 am

Re: TCP/UDP: Incoming packet rejected from [AF_INET]192.168.

Post by Traffic » Sun Jan 31, 2016 2:00 pm

cor9003 wrote:The server.conf is very simple:
dev tun
ifconfig 10.8.0.1 10.8.0.2
secret static.key
This type of config allows for only one tunnel.

If you want a server to many clients you must use --server

See:
Server / Client config

cor9003
OpenVpn Newbie
Posts: 9
Joined: Sun Jan 31, 2016 10:05 am

Re: TCP/UDP: Incoming packet rejected from [AF_INET]192.168.

Post by cor9003 » Sun Jan 31, 2016 4:02 pm

Yes, I know.

This is the simplest example as proof-of-concept to reduce as minimum, with the configuration you told me also have the same error. The client with one or other confiuration show the same error when try to contact with the sever.

TCP/UDP: Incoming packet rejected from [AF_INET]192.168.1.33:1194[2], expected peer address: [AF_INET]192.168.1.76:1194 (allow this incoming source address/port by removing --remote or adding --float)

User avatar
Traffic
OpenVPN Protagonist
Posts: 4081
Joined: Sat Aug 09, 2014 11:24 am

Re: TCP/UDP: Incoming packet rejected from [AF_INET]192.168.

Post by Traffic » Sun Jan 31, 2016 6:17 pm

cor9003 wrote:This is the simplest example as proof-of-concept
Your concept is flawed .. the proof is that it does not work.

cor9003
OpenVpn Newbie
Posts: 9
Joined: Sun Jan 31, 2016 10:05 am

Re: TCP/UDP: Incoming packet rejected from [AF_INET]192.168.

Post by cor9003 » Mon Feb 01, 2016 12:46 pm

Hello, I've created a new openvpn installation from scratch and the same error:

Code: Select all

Mon Feb 01 13:42:27 2016 TCP/UDP: Incoming packet rejected from [AF_INET]192.168.1.40:1194[2], expected peer address: [AF_INET]192.168.1.76:1194 (allow this incoming source address/port by removing --remote or adding --float)
server.conf file

Code: Select all

port 1194
proto udp
dev tun
ca ca.crt
cert raspberry.home.local.crt
key raspberry.home.local.key  # This file should be kept secret
dh dh2048.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "route 192.168.1.0 255.255.255.0"
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 3
client file

Code: Select all

client
dev tun
proto udp
remote 192.168.1.76 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ../certificados/despacho_test/ca.crt
cert ../certificados/despacho_test/client1.crt
key ../certificados/despacho_test/client1.key
remote-cert-tls server
comp-lzo
verb 5
iptables-save

Code: Select all

root@raspbx:/etc/openvpn# iptables-save
# Generated by iptables-save v1.4.21 on Mon Feb  1 12:44:39 2016
*nat
:PREROUTING ACCEPT [2078:154658]
:INPUT ACCEPT [85:9142]
:OUTPUT ACCEPT [385:31341]
:POSTROUTING ACCEPT [385:31341]
-A POSTROUTING -s 10.8.0.0/24 -o wlan00 -j MASQUERADE
COMMIT
# Completed on Mon Feb  1 12:44:39 2016
# Generated by iptables-save v1.4.21 on Mon Feb  1 12:44:39 2016
*filter
:INPUT ACCEPT [16604:1090410]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [14684:1531846]
-A FORWARD -i wlan0 -o tun0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -s 10.8.0.0/24 -o wlan0 -j ACCEPT
COMMIT
# Completed on Mon Feb  1 12:44:39 2016
ifconfig

Code: Select all

eth0      Link encap:Ethernet  HWaddr b8:27:eb:ea:aa:0c
          inet6 addr: fe80::20bf:2005:a128:dec2/64 Scope:Link
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:5363 errors:0 dropped:0 overruns:0 frame:0
          TX packets:5363 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:464985 (454.0 KiB)  TX bytes:464985 (454.0 KiB)

tun0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
          inet addr:10.8.0.1  P-t-P:10.8.0.2  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

wlan0     Link encap:Ethernet  HWaddr 44:33:4c:71:49:ca
          inet addr:192.168.1.76  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::5f63:819f:30a3:fc7b/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:14557 errors:0 dropped:3 overruns:0 frame:0
          TX packets:10374 errors:0 dropped:1 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:1572432 (1.4 MiB)  TX bytes:1590539 (1.5 MiB)
Thanks for your support Traffic. But I do not have any idea what is happening

User avatar
Traffic
OpenVPN Protagonist
Posts: 4081
Joined: Sat Aug 09, 2014 11:24 am

Re: TCP/UDP: Incoming packet rejected from [AF_INET]192.168.

Post by Traffic » Mon Feb 01, 2016 2:34 pm

cor9003 wrote:

Code: Select all

wlan0     Link encap:Ethernet  HWaddr 44:33:4c:71:49:ca
          inet addr:192.168.1.76  Bcast:192.168.1.255  Mask:255.255.255.0
As you are using your server wlan0, try disabling eth0 completely.

cor9003
OpenVpn Newbie
Posts: 9
Joined: Sun Jan 31, 2016 10:05 am

Re: TCP/UDP: Incoming packet rejected from [AF_INET]192.168.

Post by cor9003 » Mon Feb 01, 2016 3:06 pm

Yes, I'm using wan0. eth0 has been disabled but same error

root@raspbx:~# ifconfig eth0 down
root@raspbx:~# service openvpn restart
root@raspbx:~# ifconfig
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:40 errors:0 dropped:0 overruns:0 frame:0
TX packets:40 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:3012 (2.9 KiB) TX bytes:3012 (2.9 KiB)

tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.8.0.1 P-t-P:10.8.0.2 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)

wlan0 Link encap:Ethernet HWaddr 44:33:4c:71:49:ca
inet addr:192.168.1.76 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::5f63:819f:30a3:fc7b/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:238 errors:0 dropped:2 overruns:0 frame:0
TX packets:287 errors:0 dropped:3 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:30211 (29.5 KiB) TX bytes:46962 (45.8 KiB)

User avatar
Traffic
OpenVPN Protagonist
Posts: 4081
Joined: Sat Aug 09, 2014 11:24 am

Re: TCP/UDP: Incoming packet rejected from [AF_INET]192.168.

Post by Traffic » Mon Feb 01, 2016 3:25 pm

cor9003 wrote:The error always is the same:

Code: Select all

TCP/UDP: Incoming packet rejected from [AF_INET]192.168.1.33:1194[2], expected peer address: [AF_INET]192.168.1.76:1194 (allow this incoming source address/port by removing --remote or adding --float)
What machine is 192.168.1.33 ?

cor9003
OpenVpn Newbie
Posts: 9
Joined: Sun Jan 31, 2016 10:05 am

Re: TCP/UDP: Incoming packet rejected from [AF_INET]192.168.

Post by cor9003 » Mon Feb 01, 2016 4:36 pm

192.168.1.33 is the client (windows 10 using where opnvpn gui V10 is installed )
192.168.1.76 is the server (Linux Raspbian Jessie Lite kernel 4.1.15+ )

The error is showed when try to conect from client 192.168.1.33 to server 192.168.1.76

The status of openvpn seems ok as you can see below

root@raspbx:~# service openvpn status
● openvpn.service - OpenVPN service
Loaded: loaded (/lib/systemd/system/openvpn.service; enabled)
Active: active (exited) since Mon 2016-02-01 15:03:35 GMT; 1h 32min ago
Process: 1727 ExecStart=/bin/true (code=exited, status=0/SUCCESS)
Main PID: 1727 (code=exited, status=0/SUCCESS)
CGroup: /system.slice/openvpn.service

Feb 01 15:03:35 raspbx systemd[1]: Started OpenVPN service.

User avatar
Traffic
OpenVPN Protagonist
Posts: 4081
Joined: Sat Aug 09, 2014 11:24 am

Re: TCP/UDP: Incoming packet rejected from [AF_INET]192.168.

Post by Traffic » Mon Feb 01, 2016 5:06 pm

For testing disable all iptables rules on your Pi Server.

cor9003
OpenVpn Newbie
Posts: 9
Joined: Sun Jan 31, 2016 10:05 am

Re: TCP/UDP: Incoming packet rejected from [AF_INET]192.168.

Post by cor9003 » Mon Feb 01, 2016 5:40 pm

Done and none changes

Mon Feb 01 18:38:59 2016 TCP/UDP: Incoming packet rejected from [AF_INET]192.168.1.33:1194[2], expected peer address: [AF_INET]192.168.1.76:1194 (allow this incoming source address/port by removing --remote or adding --float)
Mon Feb 01 18:39:01 2016 TCP/UDP: Incoming packet rejected from [AF_INET]192.168.1.33:1194[2], expected peer address: [AF_INET]192.168.1.76:1194 (allow this incoming source address/port by removing --remote or adding --float)
Mon Feb 01 18:39:02 2016 TCP/UDP: Incoming packet rejected from [AF_INET]192.168.1.33:1194[2], expected peer address: [AF_INET]192.168.1.76:1194 (allow this incoming source address/port by removing --remote or adding --float)

User avatar
Traffic
OpenVPN Protagonist
Posts: 4081
Joined: Sat Aug 09, 2014 11:24 am

Re: TCP/UDP: Incoming packet rejected from [AF_INET]192.168.

Post by Traffic » Mon Feb 01, 2016 6:20 pm

Please post your entire client config and log file at verb 4

cor9003
OpenVpn Newbie
Posts: 9
Joined: Sun Jan 31, 2016 10:05 am

Re: TCP/UDP: Incoming packet rejected from [AF_INET]192.168.

Post by cor9003 » Mon Feb 01, 2016 7:04 pm

Client log

Mon Feb 01 19:31:03 2016 us=920068 Current Parameter Settings:
Mon Feb 01 19:31:03 2016 us=920068 config = 'despacho test.ovpn'
Mon Feb 01 19:31:03 2016 us=920068 mode = 0
Mon Feb 01 19:31:03 2016 us=920068 show_ciphers = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 show_digests = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 show_engines = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 genkey = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 key_pass_file = '[UNDEF]'
Mon Feb 01 19:31:03 2016 us=920068 show_tls_ciphers = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 Connection profiles [default]:
Mon Feb 01 19:31:03 2016 us=920068 proto = udp
Mon Feb 01 19:31:03 2016 us=920068 local = '[UNDEF]'
Mon Feb 01 19:31:03 2016 us=920068 local_port = 0
Mon Feb 01 19:31:03 2016 us=920068 remote = '192.168.1.76'
Mon Feb 01 19:31:03 2016 us=920068 remote_port = 1194
Mon Feb 01 19:31:03 2016 us=920068 remote_float = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 bind_defined = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 bind_local = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 connect_retry_seconds = 5
Mon Feb 01 19:31:03 2016 us=920068 connect_timeout = 10
Mon Feb 01 19:31:03 2016 us=920068 connect_retry_max = 0
Mon Feb 01 19:31:03 2016 us=920068 socks_proxy_server = '[UNDEF]'
Mon Feb 01 19:31:03 2016 us=920068 socks_proxy_port = 0
Mon Feb 01 19:31:03 2016 us=920068 socks_proxy_retry = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 tun_mtu = 1500
Mon Feb 01 19:31:03 2016 us=920068 tun_mtu_defined = ENABLED
Mon Feb 01 19:31:03 2016 us=920068 link_mtu = 1500
Mon Feb 01 19:31:03 2016 us=920068 link_mtu_defined = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 tun_mtu_extra = 0
Mon Feb 01 19:31:03 2016 us=920068 tun_mtu_extra_defined = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 mtu_discover_type = -1
Mon Feb 01 19:31:03 2016 us=920068 fragment = 0
Mon Feb 01 19:31:03 2016 us=920068 mssfix = 1450
Mon Feb 01 19:31:03 2016 us=920068 explicit_exit_notification = 0
Mon Feb 01 19:31:03 2016 us=920068 Connection profiles END
Mon Feb 01 19:31:03 2016 us=920068 remote_random = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 ipchange = '[UNDEF]'
Mon Feb 01 19:31:03 2016 us=920068 dev = 'tun'
Mon Feb 01 19:31:03 2016 us=920068 dev_type = '[UNDEF]'
Mon Feb 01 19:31:03 2016 us=920068 dev_node = '[UNDEF]'
Mon Feb 01 19:31:03 2016 us=920068 lladdr = '[UNDEF]'
Mon Feb 01 19:31:03 2016 us=920068 topology = 1
Mon Feb 01 19:31:03 2016 us=920068 tun_ipv6 = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 ifconfig_local = '[UNDEF]'
Mon Feb 01 19:31:03 2016 us=920068 ifconfig_remote_netmask = '[UNDEF]'
Mon Feb 01 19:31:03 2016 us=920068 ifconfig_noexec = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 ifconfig_nowarn = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 ifconfig_ipv6_local = '[UNDEF]'
Mon Feb 01 19:31:03 2016 us=920068 ifconfig_ipv6_netbits = 0
Mon Feb 01 19:31:03 2016 us=920068 ifconfig_ipv6_remote = '[UNDEF]'
Mon Feb 01 19:31:03 2016 us=920068 shaper = 0
Mon Feb 01 19:31:03 2016 us=920068 mtu_test = 0
Mon Feb 01 19:31:03 2016 us=920068 mlock = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 keepalive_ping = 0
Mon Feb 01 19:31:03 2016 us=920068 keepalive_timeout = 0
Mon Feb 01 19:31:03 2016 us=920068 inactivity_timeout = 0
Mon Feb 01 19:31:03 2016 us=920068 ping_send_timeout = 0
Mon Feb 01 19:31:03 2016 us=920068 ping_rec_timeout = 0
Mon Feb 01 19:31:03 2016 us=920068 ping_rec_timeout_action = 0
Mon Feb 01 19:31:03 2016 us=920068 ping_timer_remote = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 remap_sigusr1 = 0
Mon Feb 01 19:31:03 2016 us=920068 persist_tun = ENABLED
Mon Feb 01 19:31:03 2016 us=920068 persist_local_ip = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 persist_remote_ip = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 persist_key = ENABLED
Mon Feb 01 19:31:03 2016 us=920068 passtos = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 resolve_retry_seconds = 1000000000
Mon Feb 01 19:31:03 2016 us=920068 username = '[UNDEF]'
Mon Feb 01 19:31:03 2016 us=920068 groupname = '[UNDEF]'
Mon Feb 01 19:31:03 2016 us=920068 chroot_dir = '[UNDEF]'
Mon Feb 01 19:31:03 2016 us=920068 cd_dir = '[UNDEF]'
Mon Feb 01 19:31:03 2016 us=920068 writepid = '[UNDEF]'
Mon Feb 01 19:31:03 2016 us=920068 up_script = '[UNDEF]'
Mon Feb 01 19:31:03 2016 us=920068 down_script = '[UNDEF]'
Mon Feb 01 19:31:03 2016 us=920068 down_pre = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 up_restart = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 up_delay = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 daemon = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 inetd = 0
Mon Feb 01 19:31:03 2016 us=920068 log = ENABLED
Mon Feb 01 19:31:03 2016 us=920068 suppress_timestamps = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 nice = 0
Mon Feb 01 19:31:03 2016 us=920068 verbosity = 4
Mon Feb 01 19:31:03 2016 us=920068 mute = 0
Mon Feb 01 19:31:03 2016 us=920068 gremlin = 0
Mon Feb 01 19:31:03 2016 us=920068 status_file = '[UNDEF]'
Mon Feb 01 19:31:03 2016 us=920068 status_file_version = 1
Mon Feb 01 19:31:03 2016 us=920068 status_file_update_freq = 60
Mon Feb 01 19:31:03 2016 us=920068 occ = ENABLED
Mon Feb 01 19:31:03 2016 us=920068 rcvbuf = 0
Mon Feb 01 19:31:03 2016 us=920068 sndbuf = 0
Mon Feb 01 19:31:03 2016 us=920068 sockflags = 0
Mon Feb 01 19:31:03 2016 us=920068 fast_io = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 lzo = 7
Mon Feb 01 19:31:03 2016 us=920068 route_script = '[UNDEF]'
Mon Feb 01 19:31:03 2016 us=920068 route_default_gateway = '[UNDEF]'
Mon Feb 01 19:31:03 2016 us=920068 route_default_metric = 0
Mon Feb 01 19:31:03 2016 us=920068 route_noexec = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 route_delay = 5
Mon Feb 01 19:31:03 2016 us=920068 route_delay_window = 30
Mon Feb 01 19:31:03 2016 us=920068 route_delay_defined = ENABLED
Mon Feb 01 19:31:03 2016 us=920068 route_nopull = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 route_gateway_via_dhcp = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 max_routes = 100
Mon Feb 01 19:31:03 2016 us=920068 allow_pull_fqdn = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 management_addr = '127.0.0.1'
Mon Feb 01 19:31:03 2016 us=920068 management_port = 25341
Mon Feb 01 19:31:03 2016 us=920068 management_user_pass = 'stdin'
Mon Feb 01 19:31:03 2016 us=920068 management_log_history_cache = 250
Mon Feb 01 19:31:03 2016 us=920068 management_echo_buffer_size = 100
Mon Feb 01 19:31:03 2016 us=920068 management_write_peer_info_file = '[UNDEF]'
Mon Feb 01 19:31:03 2016 us=920068 management_client_user = '[UNDEF]'
Mon Feb 01 19:31:03 2016 us=920068 management_client_group = '[UNDEF]'
Mon Feb 01 19:31:03 2016 us=920068 management_flags = 6
Mon Feb 01 19:31:03 2016 us=920068 shared_secret_file = '[UNDEF]'
Mon Feb 01 19:31:03 2016 us=920068 key_direction = 0
Mon Feb 01 19:31:03 2016 us=920068 ciphername_defined = ENABLED
Mon Feb 01 19:31:03 2016 us=920068 ciphername = 'BF-CBC'
Mon Feb 01 19:31:03 2016 us=920068 authname_defined = ENABLED
Mon Feb 01 19:31:03 2016 us=920068 authname = 'SHA1'
Mon Feb 01 19:31:03 2016 us=920068 prng_hash = 'SHA1'
Mon Feb 01 19:31:03 2016 us=920068 prng_nonce_secret_len = 16
Mon Feb 01 19:31:03 2016 us=920068 keysize = 0
Mon Feb 01 19:31:03 2016 us=920068 engine = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 replay = ENABLED
Mon Feb 01 19:31:03 2016 us=920068 mute_replay_warnings = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 replay_window = 64
Mon Feb 01 19:31:03 2016 us=920068 replay_time = 15
Mon Feb 01 19:31:03 2016 us=920068 packet_id_file = '[UNDEF]'
Mon Feb 01 19:31:03 2016 us=920068 use_iv = ENABLED
Mon Feb 01 19:31:03 2016 us=920068 test_crypto = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 tls_server = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 tls_client = ENABLED
Mon Feb 01 19:31:03 2016 us=920068 key_method = 2
Mon Feb 01 19:31:03 2016 us=920068 ca_file = '../certificados/despacho_test/ca.crt'
Mon Feb 01 19:31:03 2016 us=920068 ca_path = '[UNDEF]'
Mon Feb 01 19:31:03 2016 us=920068 dh_file = '[UNDEF]'
Mon Feb 01 19:31:03 2016 us=920068 cert_file = '../certificados/despacho_test/client1.crt'
Mon Feb 01 19:31:03 2016 us=920068 extra_certs_file = '[UNDEF]'
Mon Feb 01 19:31:03 2016 us=920068 priv_key_file = '../certificados/despacho_test/client1.key'
Mon Feb 01 19:31:03 2016 us=920068 pkcs12_file = '[UNDEF]'
Mon Feb 01 19:31:03 2016 us=920068 cryptoapi_cert = '[UNDEF]'
Mon Feb 01 19:31:03 2016 us=920068 cipher_list = '[UNDEF]'
Mon Feb 01 19:31:03 2016 us=920068 tls_verify = '[UNDEF]'
Mon Feb 01 19:31:03 2016 us=920068 tls_export_cert = '[UNDEF]'
Mon Feb 01 19:31:03 2016 us=920068 verify_x509_type = 0
Mon Feb 01 19:31:03 2016 us=920068 verify_x509_name = '[UNDEF]'
Mon Feb 01 19:31:03 2016 us=920068 crl_file = '[UNDEF]'
Mon Feb 01 19:31:03 2016 us=920068 ns_cert_type = 0
Mon Feb 01 19:31:03 2016 us=920068 remote_cert_ku = 160
Mon Feb 01 19:31:03 2016 us=920068 remote_cert_ku = 136
Mon Feb 01 19:31:03 2016 us=920068 remote_cert_ku = 0
Mon Feb 01 19:31:03 2016 us=920068 remote_cert_ku = 0
Mon Feb 01 19:31:03 2016 us=920068 remote_cert_ku = 0
Mon Feb 01 19:31:03 2016 us=920068 remote_cert_ku = 0
Mon Feb 01 19:31:03 2016 us=920068 remote_cert_ku = 0
Mon Feb 01 19:31:03 2016 us=920068 remote_cert_ku = 0
Mon Feb 01 19:31:03 2016 us=920068 remote_cert_ku = 0
Mon Feb 01 19:31:03 2016 us=920068 remote_cert_ku = 0
Mon Feb 01 19:31:03 2016 us=920068 remote_cert_ku[i] = 0
Mon Feb 01 19:31:03 2016 us=920068 remote_cert_ku[i] = 0
Mon Feb 01 19:31:03 2016 us=920068 remote_cert_ku[i] = 0
Mon Feb 01 19:31:03 2016 us=920068 remote_cert_ku[i] = 0
Mon Feb 01 19:31:03 2016 us=920068 remote_cert_ku[i] = 0
Mon Feb 01 19:31:03 2016 us=920068 remote_cert_ku[i] = 0
Mon Feb 01 19:31:03 2016 us=920068 remote_cert_eku = 'TLS Web Server Authentication'
Mon Feb 01 19:31:03 2016 us=920068 ssl_flags = 0
Mon Feb 01 19:31:03 2016 us=920068 tls_timeout = 2
Mon Feb 01 19:31:03 2016 us=920068 renegotiate_bytes = 0
Mon Feb 01 19:31:03 2016 us=920068 renegotiate_packets = 0
Mon Feb 01 19:31:03 2016 us=920068 renegotiate_seconds = 3600
Mon Feb 01 19:31:03 2016 us=920068 handshake_window = 60
Mon Feb 01 19:31:03 2016 us=920068 transition_window = 3600
Mon Feb 01 19:31:03 2016 us=920068 single_session = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 push_peer_info = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 tls_exit = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 tls_auth_file = '[UNDEF]'
Mon Feb 01 19:31:03 2016 us=920068 pkcs11_protected_authentication = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 pkcs11_protected_authentication = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 pkcs11_protected_authentication = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 pkcs11_protected_authentication = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 pkcs11_protected_authentication = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 pkcs11_protected_authentication = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 pkcs11_protected_authentication = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 pkcs11_protected_authentication = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 pkcs11_protected_authentication = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 pkcs11_protected_authentication = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 pkcs11_protected_authentication = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 pkcs11_protected_authentication = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 pkcs11_protected_authentication = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 pkcs11_protected_authentication = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 pkcs11_protected_authentication = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 pkcs11_protected_authentication = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 pkcs11_private_mode = 00000000
Mon Feb 01 19:31:03 2016 us=920068 pkcs11_private_mode = 00000000
Mon Feb 01 19:31:03 2016 us=920068 pkcs11_private_mode = 00000000
Mon Feb 01 19:31:03 2016 us=920068 pkcs11_private_mode = 00000000
Mon Feb 01 19:31:03 2016 us=920068 pkcs11_private_mode = 00000000
Mon Feb 01 19:31:03 2016 us=920068 pkcs11_private_mode = 00000000
Mon Feb 01 19:31:03 2016 us=920068 pkcs11_private_mode = 00000000
Mon Feb 01 19:31:03 2016 us=920068 pkcs11_private_mode = 00000000
Mon Feb 01 19:31:03 2016 us=920068 pkcs11_private_mode = 00000000
Mon Feb 01 19:31:03 2016 us=920068 pkcs11_private_mode = 00000000
Mon Feb 01 19:31:03 2016 us=920068 pkcs11_private_mode = 00000000
Mon Feb 01 19:31:03 2016 us=920068 pkcs11_private_mode = 00000000
Mon Feb 01 19:31:03 2016 us=920068 pkcs11_private_mode = 00000000
Mon Feb 01 19:31:03 2016 us=920068 pkcs11_private_mode = 00000000
Mon Feb 01 19:31:03 2016 us=920068 pkcs11_private_mode = 00000000
Mon Feb 01 19:31:03 2016 us=920068 pkcs11_private_mode = 00000000
Mon Feb 01 19:31:03 2016 us=920068 pkcs11_cert_private = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 pkcs11_cert_private = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 pkcs11_cert_private = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 pkcs11_cert_private = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 pkcs11_cert_private = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 pkcs11_cert_private = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 pkcs11_cert_private = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 pkcs11_cert_private = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 pkcs11_cert_private = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 pkcs11_cert_private = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 pkcs11_cert_private = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 pkcs11_cert_private = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 pkcs11_cert_private = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 pkcs11_cert_private = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 pkcs11_cert_private = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 pkcs11_cert_private = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 pkcs11_pin_cache_period = -1
Mon Feb 01 19:31:03 2016 us=920068 pkcs11_id = '[UNDEF]'
Mon Feb 01 19:31:03 2016 us=920068 pkcs11_id_management = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 server_network = 0.0.0.0
Mon Feb 01 19:31:03 2016 us=920068 server_netmask = 0.0.0.0
Mon Feb 01 19:31:03 2016 us=920068 server_network_ipv6 = ::
Mon Feb 01 19:31:03 2016 us=920068 server_netbits_ipv6 = 0
Mon Feb 01 19:31:03 2016 us=920068 server_bridge_ip = 0.0.0.0
Mon Feb 01 19:31:03 2016 us=920068 server_bridge_netmask = 0.0.0.0
Mon Feb 01 19:31:03 2016 us=920068 server_bridge_pool_start = 0.0.0.0
Mon Feb 01 19:31:03 2016 us=920068 server_bridge_pool_end = 0.0.0.0
Mon Feb 01 19:31:03 2016 us=920068 ifconfig_pool_defined = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 ifconfig_pool_start = 0.0.0.0
Mon Feb 01 19:31:03 2016 us=920068 ifconfig_pool_end = 0.0.0.0
Mon Feb 01 19:31:03 2016 us=920068 ifconfig_pool_netmask = 0.0.0.0
Mon Feb 01 19:31:03 2016 us=920068 ifconfig_pool_persist_filename = '[UNDEF]'
Mon Feb 01 19:31:03 2016 us=920068 ifconfig_pool_persist_refresh_freq = 600
Mon Feb 01 19:31:03 2016 us=920068 ifconfig_ipv6_pool_defined = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 ifconfig_ipv6_pool_base = ::
Mon Feb 01 19:31:03 2016 us=920068 ifconfig_ipv6_pool_netbits = 0
Mon Feb 01 19:31:03 2016 us=920068 n_bcast_buf = 256
Mon Feb 01 19:31:03 2016 us=920068 tcp_queue_limit = 64
Mon Feb 01 19:31:03 2016 us=920068 real_hash_size = 256
Mon Feb 01 19:31:03 2016 us=920068 virtual_hash_size = 256
Mon Feb 01 19:31:03 2016 us=920068 client_connect_script = '[UNDEF]'
Mon Feb 01 19:31:03 2016 us=920068 learn_address_script = '[UNDEF]'
Mon Feb 01 19:31:03 2016 us=920068 client_disconnect_script = '[UNDEF]'
Mon Feb 01 19:31:03 2016 us=920068 client_config_dir = '[UNDEF]'
Mon Feb 01 19:31:03 2016 us=920068 ccd_exclusive = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 tmp_dir = 'C:\Users\DAVIDM~1\AppData\Local\Temp\'
Mon Feb 01 19:31:03 2016 us=920068 push_ifconfig_defined = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 push_ifconfig_local = 0.0.0.0
Mon Feb 01 19:31:03 2016 us=920068 push_ifconfig_remote_netmask = 0.0.0.0
Mon Feb 01 19:31:03 2016 us=920068 push_ifconfig_ipv6_defined = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 push_ifconfig_ipv6_local = ::/0
Mon Feb 01 19:31:03 2016 us=920068 push_ifconfig_ipv6_remote = ::
Mon Feb 01 19:31:03 2016 us=920068 enable_c2c = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 duplicate_cn = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 cf_max = 0
Mon Feb 01 19:31:03 2016 us=920068 cf_per = 0
Mon Feb 01 19:31:03 2016 us=920068 max_clients = 1024
Mon Feb 01 19:31:03 2016 us=920068 max_routes_per_client = 256
Mon Feb 01 19:31:03 2016 us=920068 auth_user_pass_verify_script = '[UNDEF]'
Mon Feb 01 19:31:03 2016 us=920068 auth_user_pass_verify_script_via_file = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 client = ENABLED
Mon Feb 01 19:31:03 2016 us=920068 pull = ENABLED
Mon Feb 01 19:31:03 2016 us=920068 auth_user_pass_file = '[UNDEF]'
Mon Feb 01 19:31:03 2016 us=920068 show_net_up = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 route_method = 0
Mon Feb 01 19:31:03 2016 us=920068 block_outside_dns = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 ip_win32_defined = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 ip_win32_type = 3
Mon Feb 01 19:31:03 2016 us=920068 dhcp_masq_offset = 0
Mon Feb 01 19:31:03 2016 us=920068 dhcp_lease_time = 31536000
Mon Feb 01 19:31:03 2016 us=920068 tap_sleep = 0
Mon Feb 01 19:31:03 2016 us=920068 dhcp_options = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 dhcp_renew = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 dhcp_pre_release = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 dhcp_release = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 domain = '[UNDEF]'
Mon Feb 01 19:31:03 2016 us=920068 netbios_scope = '[UNDEF]'
Mon Feb 01 19:31:03 2016 us=920068 netbios_node_type = 0
Mon Feb 01 19:31:03 2016 us=920068 disable_nbt = DISABLED
Mon Feb 01 19:31:03 2016 us=920068 OpenVPN 2.3.10 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on Jan 4 2016
Mon Feb 01 19:31:03 2016 us=920068 Windows version 6.2 (Windows 8 or greater)
Mon Feb 01 19:31:03 2016 us=920068 library versions: OpenSSL 1.0.1q 3 Dec 2015, LZO 2.09
Enter Management Password:
Mon Feb 01 19:31:03 2016 us=920068 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25341
Mon Feb 01 19:31:03 2016 us=920068 Need hold release from management interface, waiting...
Mon Feb 01 19:31:04 2016 us=398173 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25341
Mon Feb 01 19:31:04 2016 us=513769 MANAGEMENT: CMD 'state on'
Mon Feb 01 19:31:04 2016 us=513769 MANAGEMENT: CMD 'log all on'
Mon Feb 01 19:31:04 2016 us=598413 MANAGEMENT: CMD 'hold off'
Mon Feb 01 19:31:04 2016 us=598413 MANAGEMENT: CMD 'hold release'
Mon Feb 01 19:31:04 2016 us=698676 LZO compression initialized
Mon Feb 01 19:31:04 2016 us=698676 Control Channel MTU parms [ L:1542 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Mon Feb 01 19:31:04 2016 us=698676 Socket Buffers: R=[65536->65536] S=[65536->65536]
Mon Feb 01 19:31:04 2016 us=698676 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:143 ET:0 EL:3 AF:3/1 ]
Mon Feb 01 19:31:04 2016 us=698676 Local Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Mon Feb 01 19:31:04 2016 us=698676 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Mon Feb 01 19:31:04 2016 us=698676 Local Options hash (VER=V4): '41690919'
Mon Feb 01 19:31:04 2016 us=698676 Expected Remote Options hash (VER=V4): '530fdded'
Mon Feb 01 19:31:04 2016 us=698676 UDPv4 link local: [undef]
Mon Feb 01 19:31:04 2016 us=698676 UDPv4 link remote: [AF_INET]192.168.1.76:1194
Mon Feb 01 19:31:04 2016 us=698676 MANAGEMENT: >STATE:1454351464,WAIT,,,
Mon Feb 01 19:31:04 2016 us=720322 TCP/UDP: Incoming packet rejected from [AF_INET]192.168.1.40:1194[2], expected peer address: [AF_INET]192.168.1.76:1194 (allow this incoming source address/port by removing --remote or adding --float)
Mon Feb 01 19:31:06 2016 us=938129 TCP/UDP: Incoming packet rejected from [AF_INET]192.168.1.40:1194[2], expected peer address: [AF_INET]192.168.1.76:1194 (allow this incoming source address/port by removing --remote or adding --float)
Mon Feb 01 19:31:06 2016 us=938129 TCP/UDP: Incoming packet rejected from [AF_INET]192.168.1.40:1194[2], expected peer address: [AF_INET]192.168.1.76:1194 (allow this incoming source address/port by removing --remote or adding --float)
Mon Feb 01 19:31:10 2016 us=241944 TCP/UDP: Incoming packet rejected from [AF_INET]192.168.1.40:1194[2], expected peer address: [AF_INET]192.168.1.76:1194 (allow this incoming source address/port by removing --remote or adding --float)
Mon Feb 01 19:31:10 2016 us=241944 TCP/UDP: Incoming packet rejected from [AF_INET]192.168.1.40:1194[2], expected peer address: [AF_INET]192.168.1.76:1194 (allow this incoming source address/port by removing --remote or adding --float)
Mon Feb 01 19:31:18 2016 us=232305 TCP/UDP: Incoming packet rejected from [AF_INET]192.168.1.40:1194[2], expected peer address: [AF_INET]192.168.1.76:1194 (allow this incoming source address/port by removing --remote or adding --float)
Mon Feb 01 19:31:20 2016 us=530449 TCP/UDP: Closing socket
Mon Feb 01 19:31:20 2016 us=530449 SIGTERM[hard,] received, process exiting
Mon Feb 01 19:31:20 2016 us=530449 MANAGEMENT: >STATE:1454351480,EXITING,SIGTERM,,

Server log

Mon Feb 1 18:30:36 2016 us=638690 Current Parameter Settings:
Mon Feb 1 18:30:36 2016 us=639435 config = '/etc/openvpn/server.conf'
Mon Feb 1 18:30:36 2016 us=639646 mode = 1
Mon Feb 1 18:30:36 2016 us=639822 persist_config = DISABLED
Mon Feb 1 18:30:36 2016 us=639993 persist_mode = 1
Mon Feb 1 18:30:36 2016 us=640166 show_ciphers = DISABLED
Mon Feb 1 18:30:36 2016 us=640338 show_digests = DISABLED
Mon Feb 1 18:30:36 2016 us=640506 show_engines = DISABLED
Mon Feb 1 18:30:36 2016 us=640669 genkey = DISABLED
Mon Feb 1 18:30:36 2016 us=641103 key_pass_file = '[UNDEF]'
Mon Feb 1 18:30:36 2016 us=641329 show_tls_ciphers = DISABLED
Mon Feb 1 18:30:36 2016 us=641504 Connection profiles [default]:
Mon Feb 1 18:30:36 2016 us=641677 proto = udp
Mon Feb 1 18:30:36 2016 us=641848 local = '[UNDEF]'
Mon Feb 1 18:30:36 2016 us=642018 local_port = 1194
Mon Feb 1 18:30:36 2016 us=642192 remote = '[UNDEF]'
Mon Feb 1 18:30:36 2016 us=642366 remote_port = 1194
Mon Feb 1 18:30:36 2016 us=642534 remote_float = DISABLED
Mon Feb 1 18:30:36 2016 us=642706 bind_defined = DISABLED
Mon Feb 1 18:30:36 2016 us=642873 bind_local = ENABLED
Mon Feb 1 18:30:36 2016 us=643045 connect_retry_seconds = 5
Mon Feb 1 18:30:36 2016 us=643221 connect_timeout = 10
Mon Feb 1 18:30:36 2016 us=643392 connect_retry_max = 0
Mon Feb 1 18:30:36 2016 us=643560 socks_proxy_server = '[UNDEF]'
Mon Feb 1 18:30:36 2016 us=643733 socks_proxy_port = 0
Mon Feb 1 18:30:36 2016 us=643903 socks_proxy_retry = DISABLED
Mon Feb 1 18:30:36 2016 us=644076 tun_mtu = 1500
Mon Feb 1 18:30:36 2016 us=644247 tun_mtu_defined = ENABLED
Mon Feb 1 18:30:36 2016 us=644418 link_mtu = 1500
Mon Feb 1 18:30:36 2016 us=644593 link_mtu_defined = DISABLED
Mon Feb 1 18:30:36 2016 us=644765 tun_mtu_extra = 0
Mon Feb 1 18:30:36 2016 us=644936 tun_mtu_extra_defined = DISABLED
Mon Feb 1 18:30:36 2016 us=645111 mtu_discover_type = -1
Mon Feb 1 18:30:36 2016 us=645280 fragment = 0
Mon Feb 1 18:30:36 2016 us=645451 mssfix = 1450
Mon Feb 1 18:30:36 2016 us=645623 explicit_exit_notification = 0
Mon Feb 1 18:30:36 2016 us=645929 Connection profiles END
Mon Feb 1 18:30:36 2016 us=646112 remote_random = DISABLED
Mon Feb 1 18:30:36 2016 us=646286 ipchange = '[UNDEF]'
Mon Feb 1 18:30:36 2016 us=646458 dev = 'tun'
Mon Feb 1 18:30:36 2016 us=646627 dev_type = '[UNDEF]'
Mon Feb 1 18:30:36 2016 us=646796 dev_node = '[UNDEF]'
Mon Feb 1 18:30:36 2016 us=646966 lladdr = '[UNDEF]'
Mon Feb 1 18:30:36 2016 us=647137 topology = 1
Mon Feb 1 18:30:36 2016 us=647307 tun_ipv6 = DISABLED
Mon Feb 1 18:30:36 2016 us=647479 ifconfig_local = '10.8.0.1'
Mon Feb 1 18:30:36 2016 us=647650 ifconfig_remote_netmask = '10.8.0.2'
Mon Feb 1 18:30:36 2016 us=647822 ifconfig_noexec = DISABLED
Mon Feb 1 18:30:36 2016 us=647989 ifconfig_nowarn = DISABLED
Mon Feb 1 18:30:36 2016 us=648158 ifconfig_ipv6_local = '[UNDEF]'
Mon Feb 1 18:30:36 2016 us=648332 ifconfig_ipv6_netbits = 0
Mon Feb 1 18:30:36 2016 us=648501 ifconfig_ipv6_remote = '[UNDEF]'
Mon Feb 1 18:30:36 2016 us=648671 shaper = 0
Mon Feb 1 18:30:36 2016 us=648890 mtu_test = 0
Mon Feb 1 18:30:36 2016 us=649114 mlock = DISABLED
Mon Feb 1 18:30:36 2016 us=649288 keepalive_ping = 10
Mon Feb 1 18:30:36 2016 us=649460 keepalive_timeout = 120
Mon Feb 1 18:30:36 2016 us=649630 inactivity_timeout = 0
Mon Feb 1 18:30:36 2016 us=649798 ping_send_timeout = 10
Mon Feb 1 18:30:36 2016 us=649972 ping_rec_timeout = 240
Mon Feb 1 18:30:36 2016 us=650145 ping_rec_timeout_action = 2
Mon Feb 1 18:30:36 2016 us=650315 ping_timer_remote = DISABLED
Mon Feb 1 18:30:36 2016 us=650486 remap_sigusr1 = 0
Mon Feb 1 18:30:36 2016 us=650656 persist_tun = ENABLED
Mon Feb 1 18:30:36 2016 us=650826 persist_local_ip = DISABLED
Mon Feb 1 18:30:36 2016 us=650997 persist_remote_ip = DISABLED
Mon Feb 1 18:30:36 2016 us=651171 persist_key = ENABLED
Mon Feb 1 18:30:36 2016 us=651341 passtos = DISABLED
Mon Feb 1 18:30:36 2016 us=651513 resolve_retry_seconds = 1000000000
Mon Feb 1 18:30:36 2016 us=651778 username = '[UNDEF]'
Mon Feb 1 18:30:36 2016 us=651958 groupname = '[UNDEF]'
Mon Feb 1 18:30:36 2016 us=652129 chroot_dir = '[UNDEF]'
Mon Feb 1 18:30:36 2016 us=652298 cd_dir = '/etc/openvpn'
Mon Feb 1 18:30:36 2016 us=652468 writepid = '[UNDEF]'
Mon Feb 1 18:30:36 2016 us=652636 up_script = '[UNDEF]'
Mon Feb 1 18:30:36 2016 us=652804 down_script = '[UNDEF]'
Mon Feb 1 18:30:36 2016 us=652973 down_pre = DISABLED
Mon Feb 1 18:30:36 2016 us=653141 up_restart = DISABLED
Mon Feb 1 18:30:36 2016 us=653310 up_delay = DISABLED
Mon Feb 1 18:30:36 2016 us=653481 daemon = ENABLED
Mon Feb 1 18:30:36 2016 us=653650 inetd = 0
Mon Feb 1 18:30:36 2016 us=653814 log = ENABLED
Mon Feb 1 18:30:36 2016 us=653984 suppress_timestamps = DISABLED
Mon Feb 1 18:30:36 2016 us=654156 nice = 0
Mon Feb 1 18:30:36 2016 us=654326 verbosity = 4
Mon Feb 1 18:30:36 2016 us=654496 mute = 0
Mon Feb 1 18:30:36 2016 us=654664 gremlin = 0
Mon Feb 1 18:30:36 2016 us=654836 status_file = 'openvpn-status.log'
Mon Feb 1 18:30:36 2016 us=655008 status_file_version = 1
Mon Feb 1 18:30:36 2016 us=655180 status_file_update_freq = 10
Mon Feb 1 18:30:36 2016 us=655350 occ = ENABLED
Mon Feb 1 18:30:36 2016 us=655522 rcvbuf = 65536
Mon Feb 1 18:30:36 2016 us=655777 sndbuf = 65536
Mon Feb 1 18:30:36 2016 us=655995 mark = 0
Mon Feb 1 18:30:36 2016 us=656170 sockflags = 0
Mon Feb 1 18:30:36 2016 us=656342 fast_io = DISABLED
Mon Feb 1 18:30:36 2016 us=656512 lzo = 7
Mon Feb 1 18:30:36 2016 us=656680 route_script = '[UNDEF]'
Mon Feb 1 18:30:36 2016 us=656897 route_default_gateway = '[UNDEF]'
Mon Feb 1 18:30:36 2016 us=657125 route_default_metric = 0
Mon Feb 1 18:30:36 2016 us=657302 route_noexec = DISABLED
Mon Feb 1 18:30:36 2016 us=657481 route_delay = 0
Mon Feb 1 18:30:36 2016 us=657660 route_delay_window = 30
Mon Feb 1 18:30:36 2016 us=657837 route_delay_defined = DISABLED
Mon Feb 1 18:30:36 2016 us=658013 route_nopull = DISABLED
Mon Feb 1 18:30:36 2016 us=658190 route_gateway_via_dhcp = DISABLED
Mon Feb 1 18:30:36 2016 us=658369 max_routes = 100
Mon Feb 1 18:30:36 2016 us=658542 allow_pull_fqdn = DISABLED
Mon Feb 1 18:30:36 2016 us=658724 route 10.8.0.0/255.255.255.0/nil/nil
Mon Feb 1 18:30:36 2016 us=658902 management_addr = '[UNDEF]'
Mon Feb 1 18:30:36 2016 us=659082 management_port = 0
Mon Feb 1 18:30:36 2016 us=659259 management_user_pass = '[UNDEF]'
Mon Feb 1 18:30:36 2016 us=659435 management_log_history_cache = 250
Mon Feb 1 18:30:36 2016 us=659612 management_echo_buffer_size = 100
Mon Feb 1 18:30:36 2016 us=659788 management_write_peer_info_file = '[UNDEF]'
Mon Feb 1 18:30:36 2016 us=659965 management_client_user = '[UNDEF]'
Mon Feb 1 18:30:36 2016 us=660177 management_client_group = '[UNDEF]'
Mon Feb 1 18:30:36 2016 us=660367 management_flags = 0
Mon Feb 1 18:30:36 2016 us=660545 shared_secret_file = '[UNDEF]'
Mon Feb 1 18:30:36 2016 us=660721 key_direction = 0
Mon Feb 1 18:30:36 2016 us=660898 ciphername_defined = ENABLED
Mon Feb 1 18:30:36 2016 us=661075 ciphername = 'BF-CBC'
Mon Feb 1 18:30:36 2016 us=661252 authname_defined = ENABLED
Mon Feb 1 18:30:36 2016 us=661425 authname = 'SHA1'
Mon Feb 1 18:30:36 2016 us=661597 prng_hash = 'SHA1'
Mon Feb 1 18:30:36 2016 us=661768 prng_nonce_secret_len = 16
Mon Feb 1 18:30:36 2016 us=661936 keysize = 0
Mon Feb 1 18:30:36 2016 us=662109 engine = DISABLED
Mon Feb 1 18:30:36 2016 us=662280 replay = ENABLED
Mon Feb 1 18:30:36 2016 us=662455 mute_replay_warnings = DISABLED
Mon Feb 1 18:30:36 2016 us=662627 replay_window = 64
Mon Feb 1 18:30:36 2016 us=662799 replay_time = 15
Mon Feb 1 18:30:36 2016 us=662972 packet_id_file = '[UNDEF]'
Mon Feb 1 18:30:36 2016 us=663146 use_iv = ENABLED
Mon Feb 1 18:30:36 2016 us=663317 test_crypto = DISABLED
Mon Feb 1 18:30:36 2016 us=663494 tls_server = ENABLED
Mon Feb 1 18:30:36 2016 us=663669 tls_client = DISABLED
Mon Feb 1 18:30:36 2016 us=663845 key_method = 2
Mon Feb 1 18:30:36 2016 us=664115 ca_file = 'ca.crt'
Mon Feb 1 18:30:36 2016 us=664298 ca_path = '[UNDEF]'
Mon Feb 1 18:30:36 2016 us=664475 dh_file = 'dh2048.pem'
Mon Feb 1 18:30:36 2016 us=664647 cert_file = 'raspberry.home.local.crt'
Mon Feb 1 18:30:36 2016 us=664869 priv_key_file = 'raspberry.home.local.key'
Mon Feb 1 18:30:36 2016 us=665101 pkcs12_file = '[UNDEF]'
Mon Feb 1 18:30:36 2016 us=665280 cipher_list = '[UNDEF]'
Mon Feb 1 18:30:36 2016 us=665455 tls_verify = '[UNDEF]'
Mon Feb 1 18:30:36 2016 us=665629 tls_export_cert = '[UNDEF]'
Mon Feb 1 18:30:36 2016 us=665931 verify_x509_type = 0
Mon Feb 1 18:30:36 2016 us=666120 verify_x509_name = '[UNDEF]'
Mon Feb 1 18:30:36 2016 us=666295 crl_file = '[UNDEF]'
Mon Feb 1 18:30:36 2016 us=666472 ns_cert_type = 0
Mon Feb 1 18:30:36 2016 us=666648 remote_cert_ku[i] = 0
Mon Feb 1 18:30:36 2016 us=666826 remote_cert_ku[i] = 0
Mon Feb 1 18:30:36 2016 us=667002 remote_cert_ku[i] = 0
Mon Feb 1 18:30:36 2016 us=667181 remote_cert_ku[i] = 0
Mon Feb 1 18:30:36 2016 us=667356 remote_cert_ku[i] = 0
Mon Feb 1 18:30:36 2016 us=667530 remote_cert_ku[i] = 0
Mon Feb 1 18:30:36 2016 us=667707 remote_cert_ku[i] = 0
Mon Feb 1 18:30:36 2016 us=667882 remote_cert_ku[i] = 0
Mon Feb 1 18:30:36 2016 us=668054 remote_cert_ku[i] = 0
Mon Feb 1 18:30:36 2016 us=668232 remote_cert_ku[i] = 0
Mon Feb 1 18:30:36 2016 us=668406 remote_cert_ku[i] = 0
Mon Feb 1 18:30:36 2016 us=668584 remote_cert_ku[i] = 0
Mon Feb 1 18:30:36 2016 us=668757 remote_cert_ku[i] = 0
Mon Feb 1 18:30:36 2016 us=668930 remote_cert_ku[i] = 0
Mon Feb 1 18:30:36 2016 us=669106 remote_cert_ku[i] = 0
Mon Feb 1 18:30:36 2016 us=669282 remote_cert_ku[i] = 0
Mon Feb 1 18:30:36 2016 us=669456 remote_cert_eku = '[UNDEF]'
Mon Feb 1 18:30:36 2016 us=669630 ssl_flags = 0
Mon Feb 1 18:30:36 2016 us=669804 tls_timeout = 2
Mon Feb 1 18:30:36 2016 us=669979 renegotiate_bytes = 0
Mon Feb 1 18:30:36 2016 us=670153 renegotiate_packets = 0
Mon Feb 1 18:30:36 2016 us=670331 renegotiate_seconds = 3600
Mon Feb 1 18:30:36 2016 us=670503 handshake_window = 60
Mon Feb 1 18:30:36 2016 us=670675 transition_window = 3600
Mon Feb 1 18:30:36 2016 us=670846 single_session = DISABLED
Mon Feb 1 18:30:36 2016 us=671016 push_peer_info = DISABLED
Mon Feb 1 18:30:36 2016 us=671186 tls_exit = DISABLED
Mon Feb 1 18:30:36 2016 us=671360 tls_auth_file = '[UNDEF]'
Mon Feb 1 18:30:36 2016 us=671535 pkcs11_protected_authentication = DISABLED
Mon Feb 1 18:30:36 2016 us=671712 pkcs11_protected_authentication = DISABLED
Mon Feb 1 18:30:36 2016 us=671885 pkcs11_protected_authentication = DISABLED
Mon Feb 1 18:30:36 2016 us=672060 pkcs11_protected_authentication = DISABLED
Mon Feb 1 18:30:36 2016 us=672238 pkcs11_protected_authentication = DISABLED
Mon Feb 1 18:30:36 2016 us=672413 pkcs11_protected_authentication = DISABLED
Mon Feb 1 18:30:36 2016 us=672588 pkcs11_protected_authentication = DISABLED
Mon Feb 1 18:30:36 2016 us=672762 pkcs11_protected_authentication = DISABLED
Mon Feb 1 18:30:36 2016 us=673027 pkcs11_protected_authentication = DISABLED
Mon Feb 1 18:30:36 2016 us=673217 pkcs11_protected_authentication = DISABLED
Mon Feb 1 18:30:36 2016 us=673398 pkcs11_protected_authentication = DISABLED
Mon Feb 1 18:30:36 2016 us=673571 pkcs11_protected_authentication = DISABLED
Mon Feb 1 18:30:36 2016 us=673749 pkcs11_protected_authentication = DISABLED
Mon Feb 1 18:30:36 2016 us=673924 pkcs11_protected_authentication = DISABLED
Mon Feb 1 18:30:36 2016 us=674101 pkcs11_protected_authentication = DISABLED
Mon Feb 1 18:30:36 2016 us=674278 pkcs11_protected_authentication = DISABLED
Mon Feb 1 18:30:36 2016 us=674460 pkcs11_private_mode = 00000000
Mon Feb 1 18:30:36 2016 us=674641 pkcs11_private_mode = 00000000
Mon Feb 1 18:30:36 2016 us=674820 pkcs11_private_mode = 00000000
Mon Feb 1 18:30:36 2016 us=675000 pkcs11_private_mode = 00000000
Mon Feb 1 18:30:36 2016 us=675178 pkcs11_private_mode = 00000000
Mon Feb 1 18:30:36 2016 us=675452 pkcs11_private_mode = 00000000
Mon Feb 1 18:30:36 2016 us=675644 pkcs11_private_mode = 00000000
Mon Feb 1 18:30:36 2016 us=675951 pkcs11_private_mode = 00000000
Mon Feb 1 18:30:36 2016 us=676142 pkcs11_private_mode = 00000000
Mon Feb 1 18:30:36 2016 us=676326 pkcs11_private_mode = 00000000
Mon Feb 1 18:30:36 2016 us=676504 pkcs11_private_mode = 00000000
Mon Feb 1 18:30:36 2016 us=676681 pkcs11_private_mode = 00000000
Mon Feb 1 18:30:36 2016 us=676859 pkcs11_private_mode = 00000000
Mon Feb 1 18:30:36 2016 us=677037 pkcs11_private_mode = 00000000
Mon Feb 1 18:30:36 2016 us=677216 pkcs11_private_mode = 00000000
Mon Feb 1 18:30:36 2016 us=677396 pkcs11_private_mode = 00000000
Mon Feb 1 18:30:36 2016 us=677576 pkcs11_cert_private = DISABLED
Mon Feb 1 18:30:36 2016 us=677752 pkcs11_cert_private = DISABLED
Mon Feb 1 18:30:36 2016 us=677926 pkcs11_cert_private = DISABLED
Mon Feb 1 18:30:36 2016 us=678103 pkcs11_cert_private = DISABLED
Mon Feb 1 18:30:36 2016 us=678279 pkcs11_cert_private = DISABLED
Mon Feb 1 18:30:36 2016 us=678454 pkcs11_cert_private = DISABLED
Mon Feb 1 18:30:36 2016 us=678630 pkcs11_cert_private = DISABLED
Mon Feb 1 18:30:36 2016 us=678804 pkcs11_cert_private = DISABLED
Mon Feb 1 18:30:36 2016 us=678978 pkcs11_cert_private = DISABLED
Mon Feb 1 18:30:36 2016 us=679154 pkcs11_cert_private = DISABLED
Mon Feb 1 18:30:36 2016 us=679330 pkcs11_cert_private = DISABLED
Mon Feb 1 18:30:36 2016 us=679502 pkcs11_cert_private = DISABLED
Mon Feb 1 18:30:36 2016 us=679676 pkcs11_cert_private = DISABLED
Mon Feb 1 18:30:36 2016 us=679854 pkcs11_cert_private = DISABLED
Mon Feb 1 18:30:36 2016 us=680026 pkcs11_cert_private = DISABLED
Mon Feb 1 18:30:36 2016 us=680200 pkcs11_cert_private = DISABLED
Mon Feb 1 18:30:36 2016 us=680374 pkcs11_pin_cache_period = -1
Mon Feb 1 18:30:36 2016 us=680550 pkcs11_id = '[UNDEF]'
Mon Feb 1 18:30:36 2016 us=680724 pkcs11_id_management = DISABLED
Mon Feb 1 18:30:36 2016 us=681042 server_network = 10.8.0.0
Mon Feb 1 18:30:36 2016 us=681256 server_netmask = 255.255.255.0
Mon Feb 1 18:30:36 2016 us=681452 server_network_ipv6 = ::
Mon Feb 1 18:30:36 2016 us=681631 server_netbits_ipv6 = 0
Mon Feb 1 18:30:36 2016 us=681822 server_bridge_ip = 0.0.0.0
Mon Feb 1 18:30:36 2016 us=682014 server_bridge_netmask = 0.0.0.0
Mon Feb 1 18:30:36 2016 us=682207 server_bridge_pool_start = 0.0.0.0
Mon Feb 1 18:30:36 2016 us=682400 server_bridge_pool_end = 0.0.0.0
Mon Feb 1 18:30:36 2016 us=682582 push_entry = 'route 192.168.1.0 255.255.255.0'
Mon Feb 1 18:30:36 2016 us=682783 push_entry = 'redirect-gateway def1 bypass-dhcp'
Mon Feb 1 18:30:36 2016 us=682972 push_entry = 'dhcp-option DNS 80.58.61.250'
Mon Feb 1 18:30:36 2016 us=683153 push_entry = 'dhcp-option DNS 80.58.61.254'
Mon Feb 1 18:30:36 2016 us=683333 push_entry = 'route 10.8.0.1'
Mon Feb 1 18:30:36 2016 us=683508 push_entry = 'topology net30'
Mon Feb 1 18:30:36 2016 us=683679 push_entry = 'ping 10'
Mon Feb 1 18:30:36 2016 us=683851 push_entry = 'ping-restart 120'
Mon Feb 1 18:30:36 2016 us=684025 ifconfig_pool_defined = ENABLED
Mon Feb 1 18:30:36 2016 us=684219 ifconfig_pool_start = 10.8.0.4
Mon Feb 1 18:30:36 2016 us=684412 ifconfig_pool_end = 10.8.0.251
Mon Feb 1 18:30:36 2016 us=684609 ifconfig_pool_netmask = 0.0.0.0
Mon Feb 1 18:30:36 2016 us=684788 ifconfig_pool_persist_filename = 'ipp.txt'
Mon Feb 1 18:30:36 2016 us=684970 ifconfig_pool_persist_refresh_freq = 600
Mon Feb 1 18:30:36 2016 us=685146 ifconfig_ipv6_pool_defined = DISABLED
Mon Feb 1 18:30:36 2016 us=685339 ifconfig_ipv6_pool_base = ::
Mon Feb 1 18:30:36 2016 us=685519 ifconfig_ipv6_pool_netbits = 0
Mon Feb 1 18:30:36 2016 us=685781 n_bcast_buf = 256
Mon Feb 1 18:30:36 2016 us=686001 tcp_queue_limit = 64
Mon Feb 1 18:30:36 2016 us=686181 real_hash_size = 256
Mon Feb 1 18:30:36 2016 us=686359 virtual_hash_size = 256
Mon Feb 1 18:30:36 2016 us=686534 client_connect_script = '[UNDEF]'
Mon Feb 1 18:30:36 2016 us=686797 learn_address_script = '[UNDEF]'
Mon Feb 1 18:30:36 2016 us=686989 client_disconnect_script = '[UNDEF]'
Mon Feb 1 18:30:36 2016 us=687167 client_config_dir = '[UNDEF]'
Mon Feb 1 18:30:36 2016 us=687338 ccd_exclusive = DISABLED
Mon Feb 1 18:30:36 2016 us=687510 tmp_dir = '/tmp'
Mon Feb 1 18:30:36 2016 us=687681 push_ifconfig_defined = DISABLED
Mon Feb 1 18:30:36 2016 us=687871 push_ifconfig_local = 0.0.0.0
Mon Feb 1 18:30:36 2016 us=688064 push_ifconfig_remote_netmask = 0.0.0.0
Mon Feb 1 18:30:36 2016 us=688245 push_ifconfig_ipv6_defined = DISABLED
Mon Feb 1 18:30:36 2016 us=688437 push_ifconfig_ipv6_local = ::/0
Mon Feb 1 18:30:36 2016 us=688627 push_ifconfig_ipv6_remote = ::
Mon Feb 1 18:30:36 2016 us=688803 enable_c2c = DISABLED
Mon Feb 1 18:30:36 2016 us=689081 duplicate_cn = DISABLED
Mon Feb 1 18:30:36 2016 us=689266 cf_max = 0
Mon Feb 1 18:30:36 2016 us=689444 cf_per = 0
Mon Feb 1 18:30:36 2016 us=689624 max_clients = 1024
Mon Feb 1 18:30:36 2016 us=689796 max_routes_per_client = 256
Mon Feb 1 18:30:36 2016 us=689973 auth_user_pass_verify_script = '[UNDEF]'
Mon Feb 1 18:30:36 2016 us=690151 auth_user_pass_verify_script_via_file = DISABLED
Mon Feb 1 18:30:36 2016 us=690331 port_share_host = '[UNDEF]'
Mon Feb 1 18:30:36 2016 us=690507 port_share_port = 0
Mon Feb 1 18:30:36 2016 us=690680 client = DISABLED
Mon Feb 1 18:30:36 2016 us=690852 pull = DISABLED
Mon Feb 1 18:30:36 2016 us=691028 auth_user_pass_file = '[UNDEF]'
Mon Feb 1 18:30:36 2016 us=691224 OpenVPN 2.3.4 arm-unknown-linux-gnueabihf [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jan 23 2016
Mon Feb 1 18:30:36 2016 us=691512 library versions: OpenSSL 1.0.1k 8 Jan 2015, LZO 2.08
Mon Feb 1 18:30:36 2016 us=693600 NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x. Be aware that this might create routing conflicts if you connect to the VPN server from public locations such as internet cafes that use the same subnet.
Mon Feb 1 18:30:36 2016 us=966717 Diffie-Hellman initialized with 2048 bit key
Mon Feb 1 18:30:36 2016 us=974045 TLS-Auth MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Mon Feb 1 18:30:36 2016 us=974410 Socket Buffers: R=[163840->131072] S=[163840->131072]
Mon Feb 1 18:30:36 2016 us=975659 ROUTE_GATEWAY 192.168.1.1/255.255.255.0 IFACE=wlan0 HWADDR=44:33:4c:71:49:ca
Mon Feb 1 18:30:36 2016 us=983045 TUN/TAP device tun0 opened
Mon Feb 1 18:30:36 2016 us=983404 TUN/TAP TX queue length set to 100
Mon Feb 1 18:30:36 2016 us=983661 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Mon Feb 1 18:30:36 2016 us=984087 /sbin/ip link set dev tun0 up mtu 1500
Mon Feb 1 18:30:37 2016 us=8944 /sbin/ip addr add dev tun0 local 10.8.0.1 peer 10.8.0.2
Mon Feb 1 18:30:37 2016 us=31696 /sbin/ip route add 10.8.0.0/24 via 10.8.0.2
Mon Feb 1 18:30:37 2016 us=60035 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Mon Feb 1 18:30:37 2016 us=82266 UDPv4 link local (bound): [undef]
Mon Feb 1 18:30:37 2016 us=82922 UDPv4 link remote: [undef]
Mon Feb 1 18:30:37 2016 us=83129 MULTI: multi_init called, r=256 v=256
Mon Feb 1 18:30:37 2016 us=84238 IFCONFIG POOL: base=10.8.0.4 size=62, ipv6=0
Mon Feb 1 18:30:37 2016 us=84479 IFCONFIG POOL LIST
Mon Feb 1 18:30:37 2016 us=84856 Initialization Sequence Completed
Mon Feb 1 18:31:05 2016 us=616742 MULTI: multi_create_instance called
Mon Feb 1 18:31:05 2016 us=617374 192.168.1.38:50475 Re-using SSL/TLS context
Mon Feb 1 18:31:05 2016 us=617898 192.168.1.38:50475 LZO compression initialized
Mon Feb 1 18:31:05 2016 us=619985 192.168.1.38:50475 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Mon Feb 1 18:31:05 2016 us=620262 192.168.1.38:50475 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Mon Feb 1 18:31:05 2016 us=620983 192.168.1.38:50475 Local Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Mon Feb 1 18:31:05 2016 us=621335 192.168.1.38:50475 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Mon Feb 1 18:31:05 2016 us=621734 192.168.1.38:50475 Local Options hash (VER=V4): '530fdded'
Mon Feb 1 18:31:05 2016 us=622032 192.168.1.38:50475 Expected Remote Options hash (VER=V4): '41690919'
Mon Feb 1 18:31:05 2016 us=622459 192.168.1.38:50475 TLS: Initial packet from [AF_INET]192.168.1.38:50475, sid=883080c8 01e48827
Mon Feb 1 18:32:05 2016 us=473635 192.168.1.38:50475 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Mon Feb 1 18:32:05 2016 us=474063 192.168.1.38:50475 TLS Error: TLS handshake failed
Mon Feb 1 18:32:05 2016 us=475161 192.168.1.38:50475 SIGUSR1[soft,tls-error] received, client-instance restarting



Something extrange in the windows client the ip is 192.168.1.38, but the log client show the IP 192.168.1.40


WIndows IPCONFIG

Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS específico para la conexión. . :

Adaptador de LAN inalámbrica Conexión de área local* 2:

Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS específico para la conexión. . :

Adaptador de Ethernet VMware Network Adapter VMnet1:

Sufijo DNS específico para la conexión. . :
Vínculo: dirección IPv6 local. . . : fe80::7035:90f1:3aed:9c9a%6
Dirección IPv4. . . . . . . . . . . . . . : 192.168.119.1
Máscara de subred . . . . . . . . . . . . : 255.255.255.0
Puerta de enlace predeterminada . . . . . :

Adaptador de Ethernet VMware Network Adapter VMnet8:

Sufijo DNS específico para la conexión. . :
Vínculo: dirección IPv6 local. . . : fe80::8977:8cb8:2219:78c2%5
Dirección IPv4. . . . . . . . . . . . . . : 192.168.163.1
Máscara de subred . . . . . . . . . . . . : 255.255.255.0
Puerta de enlace predeterminada . . . . . :

Adaptador de Ethernet Ethernet 2:

Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS específico para la conexión. . :

Adaptador de LAN inalámbrica Wi-Fi:

Sufijo DNS específico para la conexión. . :
Vínculo: dirección IPv6 local. . . : fe80::1d89:f401:8979:4e%3
Dirección IPv4. . . . . . . . . . . . . . : 192.168.1.38
Máscara de subred . . . . . . . . . . . . : 255.255.255.0
Puerta de enlace predeterminada . . . . . : 192.168.1.1

Adaptador de túnel isatap.{4A3D0CA1-F138-4D06-8C86-6227BC2DE380}:

Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS específico para la conexión. . :

Adaptador de túnel isatap.{1C588743-073B-4825-BC00-AD6632C44B36}:

Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS específico para la conexión. . :

Adaptador de túnel Teredo Tunneling Pseudo-Interface:

Sufijo DNS específico para la conexión. . :
Dirección IPv6 . . . . . . . . . . : 2001:0:9d38:6abd:c3e:3183:accc:3a30
Vínculo: dirección IPv6 local. . . : fe80::c3e:3183:accc:3a30%16
Puerta de enlace predeterminada . . . . . : ::

Adaptador de túnel isatap.{48B74852-41B6-4653-A56D-4E11B61E1B06}:

Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS específico para la conexión. . :

User avatar
Traffic
OpenVPN Protagonist
Posts: 4081
Joined: Sat Aug 09, 2014 11:24 am

Re: TCP/UDP: Incoming packet rejected from [AF_INET]192.168.

Post by Traffic » Mon Feb 01, 2016 11:55 pm

I have no idea what you have done to your network but this has nothing to do with OpenVPN.

Maybe the VMWare networking is confusing things ..

cor9003
OpenVpn Newbie
Posts: 9
Joined: Sun Jan 31, 2016 10:05 am

Re: TCP/UDP: Incoming packet rejected from [AF_INET]192.168.

Post by cor9003 » Tue Feb 02, 2016 1:06 pm

Hello,

I think it is related to the openvpn because we have other openvpn installed in the same network working fine. We followed the same procedure to install. The client is the same, the network is the same and the only difference is the openvpn server.

For this reason I think this is not an network issue

I' going to install again from the operating system and let you know

Thanks a lot for your support

cor9003
OpenVpn Newbie
Posts: 9
Joined: Sun Jan 31, 2016 10:05 am

Re: TCP/UDP: Incoming packet rejected from [AF_INET]192.168.

Post by cor9003 » Fri Feb 05, 2016 12:45 pm

Hello, openvpn is working fine when install it in a raspberry with raspbian Jessie.

The problem I had is because I used the following image http://www.raspberry-asterisk.org/downloads/beta-image/ with Asterisk included, and this image althought is based in the same raspbian Jessie release not works maybe some incompatibility with Asterisk software. The image contains
Asterisk 11.21.0
FreePBX 13.0.51
Official Jessie Lite 2015-11-21 image

Thanks a lot for the support !!!

User avatar
Traffic
OpenVPN Protagonist
Posts: 4081
Joined: Sat Aug 09, 2014 11:24 am

Re: TCP/UDP: Incoming packet rejected from [AF_INET]192.168.

Post by Traffic » Fri Feb 05, 2016 12:50 pm

Thanks for letting us know your solution 8-)

As this Asterix for Pi is a beta perhaps you can inform them of the issue .. thanks.

worm6666
OpenVpn Newbie
Posts: 2
Joined: Fri Feb 26, 2016 10:55 am

Re: TCP/UDP: Incoming packet rejected from [AF_INET]192.168.1.3

Post by worm6666 » Fri Feb 16, 2018 8:33 am

Short: float

Long with explanation where, why and how:

I have had this problem when I simulated second firewall-router-ed LAN inside our physical LAN on VirtualBOX platform to simulate virtual LAN behind virtual ROUTER - because I wanted to test traffic shaping on Mikrotik CHR and/or OPNsense - compare options, funcionality and so one...

And the OPNsense's OpenVPN is the reason why I write this here, because at home the virtual enviroment works perfect, but at work it does allways make some strange errors :-) But I love it to solve them...

It does not matter what config I have had, allways I ended at this stupid message. But the solution was simple - like it is wroted in the message self - but it lacks information where to write or remove something... as seen here: https://serverfault.com/questions/31837 ... -in-office - scroll till END of thread.

Also I used the option "float" - I wrote it at the end of client config file "OPNsense-udp-1195-vpnuser01.ovpn" and it looks now:

client

dev tun
persist-tun
persist-key
cipher AES-256-CBC
auth SHA256
tls-client
client
resolv-retry infinite
remote 192.168.2.15 1195 udp
lport 0
verify-x509-name "VPN Server Cert" name
auth-user-pass
pkcs12 OPNsense-udp-1195-vpnuser01.p12
tls-auth OPNsense-udp-1195-vpnuser01-tls.key 1
remote-cert-tls server
comp-lzo no
float



Because we have already one VPN Server here, therefore the port change to 1195.

If there is no "float" option, it makes this error:
Fri Feb 16 08:38:35 2018 TCP/UDP: Incoming packet rejected from [AF_INET]192.168.2.254:1195[2], expected peer address: [AF_INET]192.168.2.15:1195 (allow this incoming source address/port by removing --remote or adding --float)
- the 192.168.2.254 is LAN card of our physical firewall

Have a nice day... :)

p.s. first time I added "--float" - it also works... now it is only "float"

worm6666
OpenVpn Newbie
Posts: 2
Joined: Fri Feb 26, 2016 10:55 am

Re: TCP/UDP: Incoming packet rejected from [AF_INET]192.168.1.3

Post by worm6666 » Fri Feb 16, 2018 9:07 am

Probably this was somehow confusing for the second virtual OpenVPN server:

Image

But it works now with the "float" parameter...

Locked