Firstly, I have followed this guide to help me set it up.
https://www.digitalocean.com/community/ ... untu-16-04
Code: Select all
Linux Prune 4.4.0-101-generic #124-Ubuntu SMP Fri Nov 10 18:29:59 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
Code: Select all
enp1s0f0 Link encap:Ethernet HWaddr ***
inet addr:***.***.***.*** Bcast:***.***.***.*** Mask:255.255.255.0
inet6 addr: *** Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:23205295 errors:0 dropped:0 overruns:0 frame:0
TX packets:334080 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1451692898 (1.4 GB) TX bytes:102976953 (102.9 MB)
Memory:c0000000-c001ffff
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:100 errors:0 dropped:0 overruns:0 frame:0
TX packets:100 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:23811 (23.8 KB) TX bytes:23811 (23.8 KB)
tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.8.0.1 P-t-P:10.8.0.2 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
Code: Select all
Fri Feb 09 11:04:13 2018 NOTE: --user option is not implemented on Windows
Fri Feb 09 11:04:13 2018 NOTE: --group option is not implemented on Windows
Fri Feb 09 11:04:13 2018 OpenVPN 2.4.4 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Sep 26 2017
Fri Feb 09 11:04:13 2018 Windows version 6.2 (Windows 8 or greater) 64bit
Fri Feb 09 11:04:13 2018 library versions: OpenSSL 1.0.2l 25 May 2017, LZO 2.10
Fri Feb 09 11:04:13 2018 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Fri Feb 09 11:04:13 2018 Need hold release from management interface, waiting...
Fri Feb 09 11:04:14 2018 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Fri Feb 09 11:04:14 2018 MANAGEMENT: CMD 'state on'
Fri Feb 09 11:04:14 2018 MANAGEMENT: CMD 'log all on'
Fri Feb 09 11:04:14 2018 MANAGEMENT: CMD 'echo all on'
Fri Feb 09 11:04:14 2018 MANAGEMENT: CMD 'hold off'
Fri Feb 09 11:04:14 2018 MANAGEMENT: CMD 'hold release'
Fri Feb 09 11:04:14 2018 MANAGEMENT: CMD 'password [...]'
Fri Feb 09 11:04:14 2018 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Fri Feb 09 11:04:14 2018 Outgoing Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Fri Feb 09 11:04:14 2018 Incoming Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Fri Feb 09 11:04:14 2018 TCP/UDP: Preserving recently used remote address: [AF_INET] ***.***.***.***:1194
Fri Feb 09 11:04:14 2018 Socket Buffers: R=[65536->65536] S=[65536->65536]
Fri Feb 09 11:04:14 2018 UDP link local: (not bound)
Fri Feb 09 11:04:14 2018 UDP link remote: [AF_INET] ***.***.***.***:1194
Fri Feb 09 11:04:14 2018 MANAGEMENT: >STATE:1518174254,WAIT,,,,,,
Fri Feb 09 11:04:14 2018 MANAGEMENT: >STATE:1518174254,AUTH,,,,,,
Fri Feb 09 11:04:14 2018 TLS: Initial packet from [AF_INET] ***.***.***.***:1194, sid=c4097541 d580c913
Fri Feb 09 11:04:14 2018 TLS Error: cannot locate HMAC in incoming packet from [AF_INET] ***.***.***.***:1194
Fri Feb 09 11:04:16 2018 MANAGEMENT: >STATE:1518174256,AUTH,,,,,,
Fri Feb 09 11:04:16 2018 TLS: Initial packet from [AF_INET] ***.***.***.***:1194, sid=c4097541 d580c913
Fri Feb 09 11:04:16 2018 TLS Error: cannot locate HMAC in incoming packet from [AF_INET] ***.***.***.***:1194
Fri Feb 09 11:04:20 2018 MANAGEMENT: >STATE:1518174260,AUTH,,,,,,
Fri Feb 09 11:04:20 2018 TLS: Initial packet from [AF_INET] ***.***.***.***:1194, sid=c4097541 d580c913
Fri Feb 09 11:04:20 2018 TLS Error: cannot locate HMAC in incoming packet from [AF_INET] ***.***.***.***:1194
Server.conf
port 1194
proto udp
dev tun
dh dh2048.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"
keepalive 10 120
key-direction 0
cipher AES-128-CBC # AES
auth SHA256
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
verb 4
Client
client
dev tun
proto udp
remote ***.***.***.*** 1194
resolv-retry infinite
nobind
user nobody
group nogroup
persist-key
persist-tun
remote-cert-tls server
cipher AES-128-CBC
auth SHA256
key-direction 1
comp-lzo
verb 4
Code: Select all
Feb 9 03:12:05 Prune ovpn-server[862]: ***.***.***.***:60744 TLS Error: TLS handshake failed
Feb 9 03:12:05 Prune ovpn-server[862]: ***.***.***.***:60744 SIGUSR1[soft,tls-error] received, client-instance restarting
Feb 9 03:12:45 Prune ovpn-server[862]: ***.***.***.***:24788 TLS: Initial packet from [AF_INET] ***.***.***.***:24788, sid=$
Feb 9 03:12:45 Prune ovpn-server[862]: ***.***.***.***:24788 TLS Error: reading acknowledgement record from packet
Feb 9 03:13:15 Prune ovpn-server[862]: message repeated 4 times: [ ***.***.***.***:24788 TLS Error: reading acknowledgeme$
Feb 9 03:13:45 Prune ovpn-server[862]: ***.***.***.***:24788 TLS Error: TLS key negotiation failed to occur within 60 sec$
Feb 9 03:13:45 Prune ovpn-server[862]: ***.***.***.***:24788 TLS Error: TLS handshake failed
Feb 9 03:13:45 Prune ovpn-server[862]: ***.***.***.***:24788 SIGUSR1[soft,tls-error] received, client-instance restarting
Feb 9 03:13:59 Prune kernel: [674329.698868] [UFW BLOCK] IN=enp1s0f0 OUT= MAC= $
Feb 9 03:14:42 Prune kernel: [674373.030616] [UFW BLOCK] IN=enp1s0f0 OUT= MAC= $
Feb 9 03:15:05 Prune ovpn-server[862]: ***.***.***.***:39303 TLS: Initial packet from [AF_INET] ***.***.***.***:39303, sid=$
Feb 9 03:15:05 Prune ovpn-server[862]: ***.***.***.***:39303 TLS Error: reading acknowledgement record from packet
Feb 9 03:15:33 Prune kernel: [674424.072810] [UFW BLOCK] IN=enp1s0f0 OUT= MAC= $
Feb 9 03:15:19 Prune ovpn-server[862]: message repeated 3 times: [ ***.***.***.***:39303 TLS Error: reading acknowledgeme$
Feb 9 03:16:05 Prune ovpn-server[862]: ***.***.***.***:39303 TLS Error: TLS key negotiation failed to occur within 60 sec$
Feb 9 03:16:05 Prune ovpn-server[862]: ***.***.***.***:39303 TLS Error: TLS handshake failed
Feb 9 03:16:05 Prune ovpn-server[862]: ***.***.***.***:39303 SIGUSR1[soft,tls-error] received, client-instance restarting