[Solved] OpenVPN GUI cant connect

MEG · Post by **MEG** » Tue Oct 03, 2017 6:37 am

Hello All,
I am using OpenVPN server to access to internal network and some servers.
Clients are using laptops with Windows 10 and OpenVPN GUI (2.4.4-I601). Clients are using CA certificate, own certificate, key file and password to access to server. This configuration works fine for more than one year.

In last few weeks i am faced that some clients cant connect to server. In log i see:

Code: Select all

Tue Oct 03 08:25:03 2017 OpenVPN 2.4.4 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Sep 26 2017
Tue Oct 03 08:25:03 2017 Windows version 6.2 (Windows 8 or greater) 64bit
Tue Oct 03 08:25:03 2017 library versions: OpenSSL 1.0.2l  25 May 2017, LZO 2.10
Enter Management Password:
Tue Oct 03 08:25:03 2017 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Tue Oct 03 08:25:03 2017 Need hold release from management interface, waiting...
Tue Oct 03 08:25:03 2017 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Tue Oct 03 08:25:04 2017 MANAGEMENT: CMD 'state on'
Tue Oct 03 08:25:04 2017 MANAGEMENT: CMD 'log all on'
Tue Oct 03 08:25:04 2017 MANAGEMENT: CMD 'echo all on'
Tue Oct 03 08:25:04 2017 MANAGEMENT: CMD 'hold off'
Tue Oct 03 08:25:04 2017 MANAGEMENT: CMD 'hold release'
Tue Oct 03 08:25:04 2017 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Tue Oct 03 08:25:06 2017 MANAGEMENT: CMD 'password [...]'
Tue Oct 03 08:25:06 2017 MANAGEMENT: CMD '"'

Nothing happen after typing password.
I don't see any packets on client interface (TAP and physical too)
There wast any change on server or client configuration
Other clients dosnt have any issue
When i move client certificates to another client where VPN is working it will connect without any issue - so certificate is not demaged
I tried to reinstall OpenVPN gui to older version, newest version - no change
I tried to reinstall last windows update - no change
I tried to update windows latest version - no change
I tried to run Windows in Safe mode and run OpenVPN - no change
I am running OpenVPN like administartor.

Can you please give me some advice's what should i change in client configuration?
Thank you,
MEG

TinCanTech · Post by **TinCanTech** » Tue Oct 03, 2017 11:56 am

Please see:
HOWTO: Request Help ! {2}

MEG · Post by **MEG** » Tue Oct 03, 2017 3:20 pm

Hello,
I am adding client information according How to page:
Windows version:
Microsoft Windows [Version 10.0.15063]
IPCONFIG output:

Code: Select all

C:\Users\user>ipconfig -all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : DESKTOP-9S8SIKP
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Ethernet:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : apelbyhq.local
   Description . . . . . . . . . . . : Intel(R) Ethernet Connection (2) I219-V
   Physical Address. . . . . . . . . : C8-5B-76-C4-94-71
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Připojení k místní síti* 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : F4-8C-50-8E-DD-A8
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Ethernet 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : TAP-Windows Adapter V9
   Physical Address. . . . . . . . . : 00-FF-FC-44-E3-CD
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wi-Fi:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel(R) Dual Band Wireless-AC 8260
   Physical Address. . . . . . . . . : F4-8C-50-8E-DD-A7
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::948:6580:9d20:6687%9(Preferred)
   IPv4 Address. . . . . . . . . . . : 10.223.154.147(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.0.0.0
   Lease Obtained. . . . . . . . . . : pondělí 2. října 2017 13:06:04
   Lease Expires . . . . . . . . . . : středa 4. října 2017 17:02:08
   Default Gateway . . . . . . . . . : 10.128.128.128
   DHCP Server . . . . . . . . . . . : 10.128.128.128
   DHCPv6 IAID . . . . . . . . . . . : 99912784
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-20-5D-CC-5E-C8-5B-76-C4-94-71
   DNS Servers . . . . . . . . . . . : 10.128.128.128
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Síťové připojení Bluetooth:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : F4-8C-50-8E-DD-AB
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Připojení k místní síti* 4:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Client log file:

Code: Select all

Mon Oct 02 11:20:44 2017 us=200972 Current Parameter Settings:
Mon Oct 02 11:20:44 2017 us=200972   config = '13.ovpn'
Mon Oct 02 11:20:44 2017 us=200972   mode = 0
Mon Oct 02 11:20:44 2017 us=200972   show_ciphers = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   show_digests = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   show_engines = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   genkey = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   key_pass_file = '[UNDEF]'
Mon Oct 02 11:20:44 2017 us=200972   show_tls_ciphers = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   connect_retry_max = 0
Mon Oct 02 11:20:44 2017 us=200972 Connection profiles [0]:
Mon Oct 02 11:20:44 2017 us=200972   proto = udp
Mon Oct 02 11:20:44 2017 us=200972   local = '[UNDEF]'
Mon Oct 02 11:20:44 2017 us=200972   local_port = '[UNDEF]'
Mon Oct 02 11:20:44 2017 us=200972   remote = 'x.x.x.x'
Mon Oct 02 11:20:44 2017 us=200972   remote_port = 'yyy'
Mon Oct 02 11:20:44 2017 us=200972   remote_float = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   bind_defined = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   bind_local = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   bind_ipv6_only = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   connect_retry_seconds = 5
Mon Oct 02 11:20:44 2017 us=200972   connect_timeout = 120
Mon Oct 02 11:20:44 2017 us=200972   socks_proxy_server = '[UNDEF]'
Mon Oct 02 11:20:44 2017 us=200972   socks_proxy_port = '[UNDEF]'
Mon Oct 02 11:20:44 2017 us=200972   tun_mtu = 1500
Mon Oct 02 11:20:44 2017 us=200972   tun_mtu_defined = ENABLED
Mon Oct 02 11:20:44 2017 us=200972   link_mtu = 1500
Mon Oct 02 11:20:44 2017 us=200972   link_mtu_defined = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   tun_mtu_extra = 32
Mon Oct 02 11:20:44 2017 us=200972   tun_mtu_extra_defined = ENABLED
Mon Oct 02 11:20:44 2017 us=200972   mtu_discover_type = -1
Mon Oct 02 11:20:44 2017 us=200972   fragment = 0
Mon Oct 02 11:20:44 2017 us=200972   mssfix = 1450
Mon Oct 02 11:20:44 2017 us=200972   explicit_exit_notification = 0
Mon Oct 02 11:20:44 2017 us=200972 Connection profiles END
Mon Oct 02 11:20:44 2017 us=200972   remote_random = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   ipchange = '[UNDEF]'
Mon Oct 02 11:20:44 2017 us=200972   dev = 'tap'
Mon Oct 02 11:20:44 2017 us=200972   dev_type = '[UNDEF]'
Mon Oct 02 11:20:44 2017 us=200972   dev_node = 'Evolution_apelby13'
Mon Oct 02 11:20:44 2017 us=200972   lladdr = '[UNDEF]'
Mon Oct 02 11:20:44 2017 us=200972   topology = 1
Mon Oct 02 11:20:44 2017 us=200972   ifconfig_local = '[UNDEF]'
Mon Oct 02 11:20:44 2017 us=200972   ifconfig_remote_netmask = '[UNDEF]'
Mon Oct 02 11:20:44 2017 us=200972   ifconfig_noexec = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   ifconfig_nowarn = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   ifconfig_ipv6_local = '[UNDEF]'
Mon Oct 02 11:20:44 2017 us=200972   ifconfig_ipv6_netbits = 0
Mon Oct 02 11:20:44 2017 us=200972   ifconfig_ipv6_remote = '[UNDEF]'
Mon Oct 02 11:20:44 2017 us=200972   shaper = 0
Mon Oct 02 11:20:44 2017 us=200972   mtu_test = 0
Mon Oct 02 11:20:44 2017 us=200972   mlock = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   keepalive_ping = 0
Mon Oct 02 11:20:44 2017 us=200972   keepalive_timeout = 0
Mon Oct 02 11:20:44 2017 us=200972   inactivity_timeout = 0
Mon Oct 02 11:20:44 2017 us=200972   ping_send_timeout = 0
Mon Oct 02 11:20:44 2017 us=200972   ping_rec_timeout = 0
Mon Oct 02 11:20:44 2017 us=200972   ping_rec_timeout_action = 0
Mon Oct 02 11:20:44 2017 us=200972   ping_timer_remote = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   remap_sigusr1 = 0
Mon Oct 02 11:20:44 2017 us=200972   persist_tun = ENABLED
Mon Oct 02 11:20:44 2017 us=200972   persist_local_ip = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   persist_remote_ip = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   persist_key = ENABLED
Mon Oct 02 11:20:44 2017 us=200972   passtos = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   resolve_retry_seconds = 1000000000
Mon Oct 02 11:20:44 2017 us=200972   resolve_in_advance = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   username = '[UNDEF]'
Mon Oct 02 11:20:44 2017 us=200972   groupname = '[UNDEF]'
Mon Oct 02 11:20:44 2017 us=200972   chroot_dir = '[UNDEF]'
Mon Oct 02 11:20:44 2017 us=200972   cd_dir = '[UNDEF]'
Mon Oct 02 11:20:44 2017 us=200972   writepid = '[UNDEF]'
Mon Oct 02 11:20:44 2017 us=200972   up_script = '[UNDEF]'
Mon Oct 02 11:20:44 2017 us=200972   down_script = '[UNDEF]'
Mon Oct 02 11:20:44 2017 us=200972   down_pre = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   up_restart = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   up_delay = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   daemon = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   inetd = 0
Mon Oct 02 11:20:44 2017 us=200972   log = ENABLED
Mon Oct 02 11:20:44 2017 us=200972   suppress_timestamps = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   machine_readable_output = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   nice = 0
Mon Oct 02 11:20:44 2017 us=200972   verbosity = 6
Mon Oct 02 11:20:44 2017 us=200972   mute = 0
Mon Oct 02 11:20:44 2017 us=200972   gremlin = 0
Mon Oct 02 11:20:44 2017 us=200972   status_file = '[UNDEF]'
Mon Oct 02 11:20:44 2017 us=200972   status_file_version = 1
Mon Oct 02 11:20:44 2017 us=200972   status_file_update_freq = 60
Mon Oct 02 11:20:44 2017 us=200972   occ = ENABLED
Mon Oct 02 11:20:44 2017 us=200972   rcvbuf = 0
Mon Oct 02 11:20:44 2017 us=200972   sndbuf = 0
Mon Oct 02 11:20:44 2017 us=200972   sockflags = 0
Mon Oct 02 11:20:44 2017 us=200972   fast_io = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   comp.alg = 2
Mon Oct 02 11:20:44 2017 us=200972   comp.flags = 1
Mon Oct 02 11:20:44 2017 us=200972   route_script = '[UNDEF]'
Mon Oct 02 11:20:44 2017 us=200972   route_default_gateway = '[UNDEF]'
Mon Oct 02 11:20:44 2017 us=200972   route_default_metric = 0
Mon Oct 02 11:20:44 2017 us=200972   route_noexec = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   route_delay = 5
Mon Oct 02 11:20:44 2017 us=200972   route_delay_window = 30
Mon Oct 02 11:20:44 2017 us=200972   route_delay_defined = ENABLED
Mon Oct 02 11:20:44 2017 us=200972   route_nopull = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   route_gateway_via_dhcp = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   allow_pull_fqdn = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   management_addr = '127.0.0.1'
Mon Oct 02 11:20:44 2017 us=200972   management_port = '25340'
Mon Oct 02 11:20:44 2017 us=200972   management_user_pass = 'stdin'
Mon Oct 02 11:20:44 2017 us=200972   management_log_history_cache = 250
Mon Oct 02 11:20:44 2017 us=200972   management_echo_buffer_size = 100
Mon Oct 02 11:20:44 2017 us=200972   management_write_peer_info_file = '[UNDEF]'
Mon Oct 02 11:20:44 2017 us=200972   management_client_user = '[UNDEF]'
Mon Oct 02 11:20:44 2017 us=200972   management_client_group = '[UNDEF]'
Mon Oct 02 11:20:44 2017 us=200972   management_flags = 6
Mon Oct 02 11:20:44 2017 us=200972   shared_secret_file = '[UNDEF]'
Mon Oct 02 11:20:44 2017 us=200972   key_direction = 0
Mon Oct 02 11:20:44 2017 us=200972   ciphername = 'BF-CBC'
Mon Oct 02 11:20:44 2017 us=200972   ncp_enabled = ENABLED
Mon Oct 02 11:20:44 2017 us=200972   ncp_ciphers = 'AES-256-GCM:AES-128-GCM'
Mon Oct 02 11:20:44 2017 us=200972   authname = 'SHA1'
Mon Oct 02 11:20:44 2017 us=200972   prng_hash = 'SHA1'
Mon Oct 02 11:20:44 2017 us=200972   prng_nonce_secret_len = 16
Mon Oct 02 11:20:44 2017 us=200972   keysize = 0
Mon Oct 02 11:20:44 2017 us=200972   engine = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   replay = ENABLED
Mon Oct 02 11:20:44 2017 us=200972   mute_replay_warnings = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   replay_window = 64
Mon Oct 02 11:20:44 2017 us=200972   replay_time = 15
Mon Oct 02 11:20:44 2017 us=200972   packet_id_file = '[UNDEF]'
Mon Oct 02 11:20:44 2017 us=200972   use_iv = ENABLED
Mon Oct 02 11:20:44 2017 us=200972   test_crypto = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   tls_server = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   tls_client = ENABLED
Mon Oct 02 11:20:44 2017 us=200972   key_method = 2
Mon Oct 02 11:20:44 2017 us=200972   ca_file = 'ca2.crt'
Mon Oct 02 11:20:44 2017 us=200972   ca_path = '[UNDEF]'
Mon Oct 02 11:20:44 2017 us=200972   dh_file = '[UNDEF]'
Mon Oct 02 11:20:44 2017 us=200972   cert_file = 'name13.crt'
Mon Oct 02 11:20:44 2017 us=200972   extra_certs_file = '[UNDEF]'
Mon Oct 02 11:20:44 2017 us=200972   priv_key_file = 'apelby13.key'
Mon Oct 02 11:20:44 2017 us=200972   pkcs12_file = '[UNDEF]'
Mon Oct 02 11:20:44 2017 us=200972   cryptoapi_cert = '[UNDEF]'
Mon Oct 02 11:20:44 2017 us=200972   cipher_list = '[UNDEF]'
Mon Oct 02 11:20:44 2017 us=200972   tls_verify = '[UNDEF]'
Mon Oct 02 11:20:44 2017 us=200972   tls_export_cert = '[UNDEF]'
Mon Oct 02 11:20:44 2017 us=200972   verify_x509_type = 0
Mon Oct 02 11:20:44 2017 us=200972   verify_x509_name = '[UNDEF]'
Mon Oct 02 11:20:44 2017 us=200972   crl_file = '[UNDEF]'
Mon Oct 02 11:20:44 2017 us=200972   ns_cert_type = 0
Mon Oct 02 11:20:44 2017 us=200972   remote_cert_ku[i] = 0
Mon Oct 02 11:20:44 2017 us=200972   remote_cert_ku[i] = 0
Mon Oct 02 11:20:44 2017 us=200972   remote_cert_ku[i] = 0
Mon Oct 02 11:20:44 2017 us=200972   remote_cert_ku[i] = 0
Mon Oct 02 11:20:44 2017 us=200972   remote_cert_ku[i] = 0
Mon Oct 02 11:20:44 2017 us=200972   remote_cert_ku[i] = 0
Mon Oct 02 11:20:44 2017 us=200972   remote_cert_ku[i] = 0
Mon Oct 02 11:20:44 2017 us=200972   remote_cert_ku[i] = 0
Mon Oct 02 11:20:44 2017 us=200972   remote_cert_ku[i] = 0
Mon Oct 02 11:20:44 2017 us=200972   remote_cert_ku[i] = 0
Mon Oct 02 11:20:44 2017 us=200972   remote_cert_ku[i] = 0
Mon Oct 02 11:20:44 2017 us=200972   remote_cert_ku[i] = 0
Mon Oct 02 11:20:44 2017 us=200972   remote_cert_ku[i] = 0
Mon Oct 02 11:20:44 2017 us=200972   remote_cert_ku[i] = 0
Mon Oct 02 11:20:44 2017 us=200972   remote_cert_ku[i] = 0
Mon Oct 02 11:20:44 2017 us=200972   remote_cert_ku[i] = 0
Mon Oct 02 11:20:44 2017 us=200972   remote_cert_eku = '[UNDEF]'
Mon Oct 02 11:20:44 2017 us=200972   ssl_flags = 0
Mon Oct 02 11:20:44 2017 us=200972   tls_timeout = 2
Mon Oct 02 11:20:44 2017 us=200972   renegotiate_bytes = -1
Mon Oct 02 11:20:44 2017 us=200972   renegotiate_packets = 0
Mon Oct 02 11:20:44 2017 us=200972   renegotiate_seconds = 3600
Mon Oct 02 11:20:44 2017 us=200972   handshake_window = 60
Mon Oct 02 11:20:44 2017 us=200972   transition_window = 3600
Mon Oct 02 11:20:44 2017 us=200972   single_session = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   push_peer_info = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   tls_exit = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   tls_auth_file = '[UNDEF]'
Mon Oct 02 11:20:44 2017 us=200972   tls_crypt_file = '[UNDEF]'
Mon Oct 02 11:20:44 2017 us=200972   pkcs11_protected_authentication = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   pkcs11_protected_authentication = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   pkcs11_protected_authentication = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   pkcs11_protected_authentication = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   pkcs11_protected_authentication = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   pkcs11_protected_authentication = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   pkcs11_protected_authentication = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   pkcs11_protected_authentication = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   pkcs11_protected_authentication = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   pkcs11_protected_authentication = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   pkcs11_protected_authentication = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   pkcs11_protected_authentication = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   pkcs11_protected_authentication = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   pkcs11_protected_authentication = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   pkcs11_protected_authentication = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   pkcs11_protected_authentication = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   pkcs11_private_mode = 00000000
Mon Oct 02 11:20:44 2017 us=200972   pkcs11_private_mode = 00000000
Mon Oct 02 11:20:44 2017 us=200972   pkcs11_private_mode = 00000000
Mon Oct 02 11:20:44 2017 us=200972   pkcs11_private_mode = 00000000
Mon Oct 02 11:20:44 2017 us=200972   pkcs11_private_mode = 00000000
Mon Oct 02 11:20:44 2017 us=200972   pkcs11_private_mode = 00000000
Mon Oct 02 11:20:44 2017 us=200972   pkcs11_private_mode = 00000000
Mon Oct 02 11:20:44 2017 us=200972   pkcs11_private_mode = 00000000
Mon Oct 02 11:20:44 2017 us=200972   pkcs11_private_mode = 00000000
Mon Oct 02 11:20:44 2017 us=200972   pkcs11_private_mode = 00000000
Mon Oct 02 11:20:44 2017 us=200972   pkcs11_private_mode = 00000000
Mon Oct 02 11:20:44 2017 us=200972   pkcs11_private_mode = 00000000
Mon Oct 02 11:20:44 2017 us=200972   pkcs11_private_mode = 00000000
Mon Oct 02 11:20:44 2017 us=200972   pkcs11_private_mode = 00000000
Mon Oct 02 11:20:44 2017 us=200972   pkcs11_private_mode = 00000000
Mon Oct 02 11:20:44 2017 us=200972   pkcs11_private_mode = 00000000
Mon Oct 02 11:20:44 2017 us=200972   pkcs11_cert_private = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   pkcs11_cert_private = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   pkcs11_cert_private = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   pkcs11_cert_private = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   pkcs11_cert_private = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   pkcs11_cert_private = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   pkcs11_cert_private = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   pkcs11_cert_private = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   pkcs11_cert_private = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   pkcs11_cert_private = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   pkcs11_cert_private = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   pkcs11_cert_private = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   pkcs11_cert_private = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   pkcs11_cert_private = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   pkcs11_cert_private = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   pkcs11_cert_private = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   pkcs11_pin_cache_period = -1
Mon Oct 02 11:20:44 2017 us=200972   pkcs11_id = '[UNDEF]'
Mon Oct 02 11:20:44 2017 us=200972   pkcs11_id_management = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   server_network = 0.0.0.0
Mon Oct 02 11:20:44 2017 us=200972   server_netmask = 0.0.0.0
Mon Oct 02 11:20:44 2017 us=200972   server_network_ipv6 = ::
Mon Oct 02 11:20:44 2017 us=200972   server_netbits_ipv6 = 0
Mon Oct 02 11:20:44 2017 us=200972   server_bridge_ip = 0.0.0.0
Mon Oct 02 11:20:44 2017 us=200972   server_bridge_netmask = 0.0.0.0
Mon Oct 02 11:20:44 2017 us=200972   server_bridge_pool_start = 0.0.0.0
Mon Oct 02 11:20:44 2017 us=200972   server_bridge_pool_end = 0.0.0.0
Mon Oct 02 11:20:44 2017 us=200972   ifconfig_pool_defined = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   ifconfig_pool_start = 0.0.0.0
Mon Oct 02 11:20:44 2017 us=200972   ifconfig_pool_end = 0.0.0.0
Mon Oct 02 11:20:44 2017 us=200972   ifconfig_pool_netmask = 0.0.0.0
Mon Oct 02 11:20:44 2017 us=200972   ifconfig_pool_persist_filename = '[UNDEF]'
Mon Oct 02 11:20:44 2017 us=200972   ifconfig_pool_persist_refresh_freq = 600
Mon Oct 02 11:20:44 2017 us=200972   ifconfig_ipv6_pool_defined = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   ifconfig_ipv6_pool_base = ::
Mon Oct 02 11:20:44 2017 us=200972   ifconfig_ipv6_pool_netbits = 0
Mon Oct 02 11:20:44 2017 us=200972   n_bcast_buf = 256
Mon Oct 02 11:20:44 2017 us=200972   tcp_queue_limit = 64
Mon Oct 02 11:20:44 2017 us=200972   real_hash_size = 256
Mon Oct 02 11:20:44 2017 us=200972   virtual_hash_size = 256
Mon Oct 02 11:20:44 2017 us=200972   client_connect_script = '[UNDEF]'
Mon Oct 02 11:20:44 2017 us=200972   learn_address_script = '[UNDEF]'
Mon Oct 02 11:20:44 2017 us=200972   client_disconnect_script = '[UNDEF]'
Mon Oct 02 11:20:44 2017 us=200972   client_config_dir = '[UNDEF]'
Mon Oct 02 11:20:44 2017 us=200972   ccd_exclusive = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   tmp_dir = 'C:\Users\user\AppData\Local\Temp\'
Mon Oct 02 11:20:44 2017 us=200972   push_ifconfig_defined = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   push_ifconfig_local = 0.0.0.0
Mon Oct 02 11:20:44 2017 us=200972   push_ifconfig_remote_netmask = 0.0.0.0
Mon Oct 02 11:20:44 2017 us=200972   push_ifconfig_ipv6_defined = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   push_ifconfig_ipv6_local = ::/0
Mon Oct 02 11:20:44 2017 us=200972   push_ifconfig_ipv6_remote = ::
Mon Oct 02 11:20:44 2017 us=200972   enable_c2c = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   duplicate_cn = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   cf_max = 0
Mon Oct 02 11:20:44 2017 us=200972   cf_per = 0
Mon Oct 02 11:20:44 2017 us=200972   max_clients = 1024
Mon Oct 02 11:20:44 2017 us=200972   max_routes_per_client = 256
Mon Oct 02 11:20:44 2017 us=200972   auth_user_pass_verify_script = '[UNDEF]'
Mon Oct 02 11:20:44 2017 us=200972   auth_user_pass_verify_script_via_file = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   auth_token_generate = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   auth_token_lifetime = 0
Mon Oct 02 11:20:44 2017 us=200972   client = ENABLED
Mon Oct 02 11:20:44 2017 us=200972   pull = ENABLED
Mon Oct 02 11:20:44 2017 us=200972   auth_user_pass_file = '[UNDEF]'
Mon Oct 02 11:20:44 2017 us=200972   show_net_up = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   route_method = 0
Mon Oct 02 11:20:44 2017 us=200972   block_outside_dns = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   ip_win32_defined = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   ip_win32_type = 3
Mon Oct 02 11:20:44 2017 us=200972   dhcp_masq_offset = 0
Mon Oct 02 11:20:44 2017 us=200972   dhcp_lease_time = 31536000
Mon Oct 02 11:20:44 2017 us=200972   tap_sleep = 0
Mon Oct 02 11:20:44 2017 us=200972   dhcp_options = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   dhcp_renew = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   dhcp_pre_release = DISABLED
Mon Oct 02 11:20:44 2017 us=200972   domain = '[UNDEF]'
Mon Oct 02 11:20:44 2017 us=200972   netbios_scope = '[UNDEF]'
Mon Oct 02 11:20:44 2017 us=200972   netbios_node_type = 0
Mon Oct 02 11:20:44 2017 us=200972   disable_nbt = DISABLED
Mon Oct 02 11:20:44 2017 us=200972 OpenVPN 2.4.4 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Sep 26 2017
Mon Oct 02 11:20:44 2017 us=200972 Windows version 6.2 (Windows 8 or greater) 64bit
Mon Oct 02 11:20:44 2017 us=200972 library versions: OpenSSL 1.0.2l  25 May 2017, LZO 2.10
Enter Management Password:
Mon Oct 02 11:20:44 2017 us=200972 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Mon Oct 02 11:20:44 2017 us=200972 Need hold release from management interface, waiting...
Mon Oct 02 11:20:44 2017 us=701357 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Mon Oct 02 11:20:44 2017 us=810574 MANAGEMENT: CMD 'state on'
Mon Oct 02 11:20:44 2017 us=810574 MANAGEMENT: CMD 'log all on'
Mon Oct 02 11:20:44 2017 us=924805 MANAGEMENT: CMD 'echo all on'
Mon Oct 02 11:20:44 2017 us=940403 MANAGEMENT: CMD 'hold off'
Mon Oct 02 11:20:44 2017 us=940403 MANAGEMENT: CMD 'hold release'
Mon Oct 02 11:20:44 2017 us=940403 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Mon Oct 02 11:20:47 2017 us=956769 MANAGEMENT: CMD 'password [...]'
Mon Oct 02 11:20:47 2017 us=956769 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Mon Oct 02 11:20:47 2017 us=956769 SIGUSR1[soft,private-key-password-failure] received, process restarting
Mon Oct 02 11:20:47 2017 us=956769 MANAGEMENT: >STATE:1506936047,RECONNECTING,private-key-password-failure,,,,,
Mon Oct 02 11:20:47 2017 us=956769 Restart pause, 5 second(s)
Mon Oct 02 11:20:52 2017 us=977622 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Mon Oct 02 11:20:55 2017 us=651913 MANAGEMENT: CMD 'password [...]'
Mon Oct 02 11:20:55 2017 us=651913 MANAGEMENT: CMD '"'
Mon Oct 02 11:33:37 2017 us=117151 MANAGEMENT: Client disconnected
Mon Oct 02 11:33:37 2017 us=117151 ERROR: could not read Private Key username/password/ok/string from management interface
Mon Oct 02 11:33:37 2017 us=117151 Exiting due to fatal error

OVPN file:

Code: Select all

client
dev tap
proto udp
remote x.x.x.x
port y
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca2.crt
cert name13.crt
key 13.key
comp-lzo
verb 3

TinCanTech · Post by **TinCanTech** » Tue Oct 03, 2017 4:02 pm

See --askpass in The Manual v24x

MEG · Post by **MEG** » Wed Oct 04, 2017 7:06 am

TinCanTech wrote: ↑
Tue Oct 03, 2017 4:02 pm
See --askpass in The Manual v24x

Thank you for help. Askpass option help me to solve issue - i am going to apply it to all devices.
Regards,
MEG

OpenVPN Support Forum

[Solved] OpenVPN GUI cant connect

[Solved] OpenVPN GUI cant connect

Re: OpenVPN GUI cant connect

Re: OpenVPN GUI cant connect

Re: OpenVPN GUI cant connect

Re: OpenVPN GUI cant connect