# Config for OpenVPN 2.x
# Enables connection to GUI
management /data/user/0/de.blinkt.openvpn/cache/mgmtsocket unix
management-client
management-query-passwords
management-hold
setenv IV_GUI_VER "de.blinkt.openvpn 0.7.15"
setenv IV_SSO openurl,crtext
setenv IV_PLAT_VER "28 9 arm64-v8a samsung msm8998 SM-G950U"
machine-readable-output
allow-recursive-routing
ifconfig-nowarn
client
verb 4
connect-retry 2 300
resolv-retry 60
dev tun
remote xx.xx.xx.xxx.xxx udp
<ca>
-----BEGIN CERTIFICATE-----
M...
-----END CERTIFICATE-----
</ca>
<key>
-----BEGIN PRIVATE KEY-----
MIIJ...
-----END PRIVATE KEY-----
</key>
<cert>
-----BEGIN CERTIFICATE-----
M...
-----END CERTIFICATE-----
</cert>
key-direction 1
<tls-auth>
-----BEGIN OpenVPN Static key V1-----
7...
-----END OpenVPN Static key V1-----
</tls-auth>
#comp-lzo
nobind
remote-cert-tls server
cipher AES-256-CBC
persist-tun
# persist-tun also enables pre resolving to avoid DNS resolve problem
preresolve
# Use system proxy setting
management-query-proxy
# Custom configuration options
# You are on your on own here

# These options found in the config file do not map to config settings:
keepalive 10 120
Client log
Code: Select all
2020-06-23 21:09:26 official build 0.7.15 running on samsung SM-G950U (msm8998), Android 9 (PPR1.180610.011) API 28, ABI arm64-v8a, (samsung/dreamqltesq/dreamqltesq:9/PPR1.180610.011/G950USQS7DTC1:user/release-keys)
2020-06-23 21:09:26 Building configuration…
2020-06-23 21:09:26 started Socket Thread
2020-06-23 21:09:26 Network Status: CONNECTED to WIFI
2020-06-23 21:09:26 Debug state info: CONNECTED to WIFI , pause: userPause, shouldbeconnected: true, network: SHOULDBECONNECTED
2020-06-23 21:09:26 Debug state info: CONNECTED to WIFI , pause: userPause, shouldbeconnected: true, network: SHOULDBECONNECTED
2020-06-23 21:09:26 P:WARNING: linker: Warning: "/data/app/de.blinkt.openvpn-FngHtl-kSZgfjtMb5UNwfg==/lib/arm64/libovpnexec.so" is not a directory (ignoring)
2020-06-23 21:09:26 Current Parameter Settings:
2020-06-23 21:09:26 config = '/data/user/0/de.blinkt.openvpn/cache/android.conf'
2020-06-23 21:09:26 mode = 0
2020-06-23 21:09:26 show_ciphers = DISABLED
2020-06-23 21:09:26 show_digests = DISABLED
2020-06-23 21:09:26 show_engines = DISABLED
2020-06-23 21:09:26 genkey = DISABLED
2020-06-23 21:09:26 genkey_filename = '[UNDEF]'
2020-06-23 21:09:26 key_pass_file = '[UNDEF]'
2020-06-23 21:09:26 show_tls_ciphers = DISABLED
2020-06-23 21:09:26 connect_retry_max = 0
2020-06-23 21:09:26 Connection profiles [0]:
2020-06-23 21:09:26 proto = udp
2020-06-23 21:09:26 local = '[UNDEF]'
2020-06-23 21:09:26 local_port = '[UNDEF]'
2020-06-23 21:09:26 remote = '47.38.246.205'
2020-06-23 21:09:26 remote_port = '443'
2020-06-23 21:09:26 remote_float = DISABLED
2020-06-23 21:09:26 bind_defined = DISABLED
2020-06-23 21:09:26 bind_local = DISABLED
2020-06-23 21:09:26 bind_ipv6_only = DISABLED
2020-06-23 21:09:26 connect_retry_seconds = 2
2020-06-23 21:09:26 connect_timeout = 120
2020-06-23 21:09:26 socks_proxy_server = '[UNDEF]'
2020-06-23 21:09:26 socks_proxy_port = '[UNDEF]'
2020-06-23 21:09:26 tun_mtu = 1500
2020-06-23 21:09:26 tun_mtu_defined = ENABLED
2020-06-23 21:09:26 link_mtu = 1500
2020-06-23 21:09:26 link_mtu_defined = DISABLED
2020-06-23 21:09:26 tun_mtu_extra = 0
2020-06-23 21:09:26 tun_mtu_extra_defined = DISABLED
2020-06-23 21:09:26 mtu_discover_type = -1
2020-06-23 21:09:26 fragment = 0
2020-06-23 21:09:26 mssfix = 1450
2020-06-23 21:09:26 explicit_exit_notification = 0
2020-06-23 21:09:26 tls_auth_file = '[[INLINE]]'
2020-06-23 21:09:26 key_direction = 1
2020-06-23 21:09:26 tls_crypt_file = '[UNDEF]'
2020-06-23 21:09:26 tls_crypt_v2_file = '[UNDEF]'
2020-06-23 21:09:26 Connection profiles END
2020-06-23 21:09:26 remote_random = DISABLED
2020-06-23 21:09:26 ipchange = '[UNDEF]'
2020-06-23 21:09:26 dev = 'tun'
2020-06-23 21:09:26 dev_type = '[UNDEF]'
2020-06-23 21:09:26 dev_node = '[UNDEF]'
2020-06-23 21:09:26 lladdr = '[UNDEF]'
2020-06-23 21:09:26 topology = 1
2020-06-23 21:09:26 ifconfig_local = '[UNDEF]'
2020-06-23 21:09:26 ifconfig_remote_netmask = '[UNDEF]'
2020-06-23 21:09:26 ifconfig_noexec = DISABLED
2020-06-23 21:09:26 ifconfig_nowarn = ENABLED
2020-06-23 21:09:26 ifconfig_ipv6_local = '[UNDEF]'
2020-06-23 21:09:26 ifconfig_ipv6_netbits = 0
2020-06-23 21:09:26 ifconfig_ipv6_remote = '[UNDEF]'
2020-06-23 21:09:26 shaper = 0
2020-06-23 21:09:26 mtu_test = 0
2020-06-23 21:09:26 mlock = DISABLED
2020-06-23 21:09:26 keepalive_ping = 10
2020-06-23 21:09:26 keepalive_timeout = 120
2020-06-23 21:09:26 inactivity_timeout = 0
2020-06-23 21:09:26 ping_send_timeout = 10
2020-06-23 21:09:26 ping_rec_timeout = 120
2020-06-23 21:09:26 Waiting 0s seconds between connection attempt
2020-06-23 21:09:26 ping_rec_timeout_action = 2
2020-06-23 21:09:26 ping_timer_remote = DISABLED
2020-06-23 21:09:26 remap_sigusr1 = 0
2020-06-23 21:09:26 persist_tun = ENABLED
2020-06-23 21:09:26 persist_local_ip = DISABLED
2020-06-23 21:09:26 persist_remote_ip = DISABLED
2020-06-23 21:09:26 persist_key = DISABLED
2020-06-23 21:09:26 passtos = DISABLED
2020-06-23 21:09:26 resolve_retry_seconds = 60
2020-06-23 21:09:26 resolve_in_advance = ENABLED
2020-06-23 21:09:26 username = '[UNDEF]'
2020-06-23 21:09:26 groupname = '[UNDEF]'
2020-06-23 21:09:26 chroot_dir = '[UNDEF]'
2020-06-23 21:09:26 cd_dir = '[UNDEF]'
2020-06-23 21:09:26 writepid = '[UNDEF]'
2020-06-23 21:09:26 up_script = '[UNDEF]'
2020-06-23 21:09:26 down_script = '[UNDEF]'
2020-06-23 21:09:26 down_pre = DISABLED
2020-06-23 21:09:26 up_restart = DISABLED
2020-06-23 21:09:26 up_delay = DISABLED
2020-06-23 21:09:26 daemon = DISABLED
2020-06-23 21:09:26 inetd = 0
2020-06-23 21:09:26 log = DISABLED
2020-06-23 21:09:26 suppress_timestamps = DISABLED
2020-06-23 21:09:26 machine_readable_output = ENABLED
2020-06-23 21:09:26 nice = 0
2020-06-23 21:09:26 verbosity = 4
2020-06-23 21:09:26 mute = 0
2020-06-23 21:09:26 gremlin = 0
2020-06-23 21:09:26 status_file = '[UNDEF]'
2020-06-23 21:09:26 status_file_version = 1
2020-06-23 21:09:26 status_file_update_freq = 60
2020-06-23 21:09:26 occ = ENABLED
2020-06-23 21:09:26 rcvbuf = 0
2020-06-23 21:09:26 sndbuf = 0
2020-06-23 21:09:26 sockflags = 0
2020-06-23 21:09:26 fast_io = DISABLED
2020-06-23 21:09:26 comp.alg = 0
2020-06-23 21:09:26 comp.flags = 0
2020-06-23 21:09:26 route_script = '[UNDEF]'
2020-06-23 21:09:26 route_default_gateway = '[UNDEF]'
2020-06-23 21:09:26 route_default_metric = 0
2020-06-23 21:09:26 route_noexec = DISABLED
2020-06-23 21:09:26 route_delay = 0
2020-06-23 21:09:26 route_delay_window = 30
2020-06-23 21:09:26 route_delay_defined = DISABLED
2020-06-23 21:09:26 route_nopull = DISABLED
2020-06-23 21:09:26 route_gateway_via_dhcp = DISABLED
2020-06-23 21:09:26 allow_pull_fqdn = DISABLED
2020-06-23 21:09:26 management_addr = '/data/user/0/de.blinkt.openvpn/cache/mgmtsocket'
2020-06-23 21:09:26 management_port = 'unix'
2020-06-23 21:09:26 management_user_pass = '[UNDEF]'
2020-06-23 21:09:26 management_log_history_cache = 250
2020-06-23 21:09:26 management_echo_buffer_size = 100
2020-06-23 21:09:26 management_write_peer_info_file = '[UNDEF]'
2020-06-23 21:09:26 management_client_user = '[UNDEF]'
2020-06-23 21:09:26 management_client_group = '[UNDEF]'
2020-06-23 21:09:26 management_flags = 16678
2020-06-23 21:09:26 shared_secret_file = '[UNDEF]'
2020-06-23 21:09:26 key_direction = 1
2020-06-23 21:09:26 ciphername = 'AES-256-CBC'
2020-06-23 21:09:26 ncp_enabled = ENABLED
2020-06-23 21:09:26 ncp_ciphers = 'AES-256-GCM:AES-128-GCM'
2020-06-23 21:09:26 authname = 'SHA1'
2020-06-23 21:09:26 prng_hash = 'SHA1'
2020-06-23 21:09:26 prng_nonce_secret_len = 16
2020-06-23 21:09:26 keysize = 0
2020-06-23 21:09:26 engine = DISABLED
2020-06-23 21:09:26 replay = ENABLED
2020-06-23 21:09:26 mute_replay_warnings = DISABLED
2020-06-23 21:09:26 replay_window = 64
2020-06-23 21:09:26 replay_time = 15
2020-06-23 21:09:26 packet_id_file = '[UNDEF]'
2020-06-23 21:09:26 test_crypto = DISABLED
2020-06-23 21:09:26 tls_server = DISABLED
2020-06-23 21:09:26 tls_client = ENABLED
2020-06-23 21:09:26 key_method = 2
2020-06-23 21:09:26 ca_file = '[[INLINE]]'
2020-06-23 21:09:26 ca_path = '[UNDEF]'
2020-06-23 21:09:26 dh_file = '[UNDEF]'
2020-06-23 21:09:26 cert_file = '[[INLINE]]'
2020-06-23 21:09:26 extra_certs_file = '[UNDEF]'
2020-06-23 21:09:26 priv_key_file = '[[INLINE]]'
2020-06-23 21:09:26 pkcs12_file = '[UNDEF]'
2020-06-23 21:09:26 cipher_list = '[UNDEF]'
2020-06-23 21:09:26 cipher_list_tls13 = '[UNDEF]'
2020-06-23 21:09:26 tls_cert_profile = '[UNDEF]'
2020-06-23 21:09:26 tls_verify = '[UNDEF]'
2020-06-23 21:09:26 tls_export_cert = '[UNDEF]'
2020-06-23 21:09:26 verify_x509_type = 0
2020-06-23 21:09:26 verify_x509_name = '[UNDEF]'
2020-06-23 21:09:26 crl_file = '[UNDEF]'
2020-06-23 21:09:26 ns_cert_type = 0
2020-06-23 21:09:26 remote_cert_ku[i] = 65535
2020-06-23 21:09:26 remote_cert_ku[i] = 0
2020-06-23 21:09:26 remote_cert_ku[i] = 0
2020-06-23 21:09:26 remote_cert_ku[i] = 0
2020-06-23 21:09:26 remote_cert_ku[i] = 0
2020-06-23 21:09:26 remote_cert_ku[i] = 0
2020-06-23 21:09:26 remote_cert_ku[i] = 0
2020-06-23 21:09:26 remote_cert_ku[i] = 0
2020-06-23 21:09:26 remote_cert_ku[i] = 0
2020-06-23 21:09:26 remote_cert_ku[i] = 0
2020-06-23 21:09:26 remote_cert_ku[i] = 0
2020-06-23 21:09:26 remote_cert_ku[i] = 0
2020-06-23 21:09:26 remote_cert_ku[i] = 0
2020-06-23 21:09:26 remote_cert_ku[i] = 0
2020-06-23 21:09:26 remote_cert_ku[i] = 0
2020-06-23 21:09:26 remote_cert_ku[i] = 0
2020-06-23 21:09:26 remote_cert_eku = 'TLS Web Server Authentication'
2020-06-23 21:09:26 ssl_flags = 0
2020-06-23 21:09:26 tls_timeout = 2
2020-06-23 21:09:26 renegotiate_bytes = -1
2020-06-23 21:09:26 renegotiate_packets = 0
2020-06-23 21:09:26 renegotiate_seconds = 3600
2020-06-23 21:09:26 handshake_window = 60
2020-06-23 21:09:26 transition_window = 3600
2020-06-23 21:09:26 single_session = DISABLED
2020-06-23 21:09:26 push_peer_info = DISABLED
2020-06-23 21:09:26 tls_exit = DISABLED
2020-06-23 21:09:26 tls_crypt_v2_metadata = '[UNDEF]'
2020-06-23 21:09:26 client = ENABLED
2020-06-23 21:09:26 pull = ENABLED
2020-06-23 21:09:26 auth_user_pass_file = '[UNDEF]'
2020-06-23 21:09:26 OpenVPN 2.5-icsopenvpn [git:icsopenvpn/v0.7.14-0-gb3eb7a46] arm64-v8a [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Mar 5 2020
2020-06-23 21:09:26 library versions: OpenSSL 1.1.1d 10 Sep 2019, LZO 2.10
2020-06-23 21:09:26 MANAGEMENT: Connected to management server at /data/user/0/de.blinkt.openvpn/cache/mgmtsocket
2020-06-23 21:09:26 MANAGEMENT: CMD 'version 3'
2020-06-23 21:09:26 MANAGEMENT: CMD 'hold release'
2020-06-23 21:09:26 MANAGEMENT: CMD 'proxy NONE'
2020-06-23 21:09:26 MANAGEMENT: CMD 'bytecount 2'
2020-06-23 21:09:26 MANAGEMENT: CMD 'state on'
2020-06-23 21:09:27 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2020-06-23 21:09:27 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2020-06-23 21:09:27 Control Channel MTU parms [ L:1621 D:1184 EF:66 EB:0 ET:0 EL:3 ]
2020-06-23 21:09:27 Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
2020-06-23 21:09:27 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1557,tun-mtu 1500,proto UDPv4,keydir 1,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-client'
2020-06-23 21:09:27 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1557,tun-mtu 1500,proto UDPv4,keydir 0,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-server'
2020-06-23 21:09:27 TCP/UDP: Preserving recently used remote address: [AF_INET]xx.xx.xx.xxx.xxx
2020-06-23 21:09:27 Socket Buffers: R=[229376->229376] S=[229376->229376]
2020-06-23 21:09:27 MANAGEMENT: CMD 'needok 'PROTECTFD' ok'
2020-06-23 21:09:27 UDP link local: (not bound)
2020-06-23 21:09:27 UDP link remote: [AF_INET]47.38.246.205:443
2020-06-23 21:09:27 MANAGEMENT: >STATE:1592964567,WAIT,,,,,,
2020-06-23 21:09:27 MANAGEMENT: >STATE:1592964567,AUTH,,,,,,
2020-06-23 21:09:27 TLS: Initial packet from [AF_INET]xx.xx.xxx.xxx:xxx, sid="xxxxxxxxxxx
2020-06-23 21:09:27 VERIFY OK: depth=1, C=US, ST=TX, L=city, O=OpenVPN, OU=changeme, CN=ServerVPN, name=changeme, emailAddress=email@.com
2020-06-23 21:09:27 VERIFY KU OK
2020-06-23 21:09:27 Validating certificate extended key usage
2020-06-23 21:09:27 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2020-06-23 21:09:27 VERIFY EKU OK
2020-06-23 21:09:27 VERIFY OK: depth=0, C=US, ST=CA, L=SanFrancisco, O=OpenVPN, OU=changeme, CN=ServerVPN, name=changeme, emailAddress=mail@host.domain
2020-06-23 21:09:27 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, 4096 bit RSA
2020-06-23 21:09:27 [ServerVPN] Peer Connection Initiated with [AF_INET]xx.xx.xxx.xxx:xx
2020-06-23 21:09:28 MANAGEMENT: >STATE:1592964568,GET_CONFIG,,,,,,
2020-06-23 21:09:28 SENT CONTROL [ServerVPN]: 'PUSH_REQUEST' (status=1)
2020-06-23 21:09:28 PUSH: Received control message: 'PUSH_REPLY,route 192.168.0.0 255.255.255.0,route 192.168.87.0 255.255.255.0,topology net30,ping 15,ping-restart 60,ifconfig 192.168.87.6 192.168.87.5,peer-id 0,cipher AES-256-GCM'
2020-06-23 21:09:28 OPTIONS IMPORT: timers and/or timeouts modified
2020-06-23 21:09:28 OPTIONS IMPORT: --ifconfig/up options modified
2020-06-23 21:09:28 OPTIONS IMPORT: route options modified
2020-06-23 21:09:28 OPTIONS IMPORT: peer-id set
2020-06-23 21:09:28 OPTIONS IMPORT: adjusting link_mtu to 1624
2020-06-23 21:09:28 OPTIONS IMPORT: data channel crypto options modified
2020-06-23 21:09:28 Data Channel: using negotiated cipher 'AES-256-GCM'
2020-06-23 21:09:28 Data Channel MTU parms [ L:1552 D:1450 EF:52 EB:406 ET:0 EL:3 ]
2020-06-23 21:09:28 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2020-06-23 21:09:28 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2020-06-23 21:09:28 ROUTE_GATEWAY 127.100.103.119 IFACE=android-gw
2020-06-23 21:09:28 do_ifconfig, ipv4=1, ipv6=0
2020-06-23 21:09:28 MANAGEMENT: >STATE:1592964568,ASSIGN_IP,,192.168.87.6,,,,
2020-06-23 21:09:28 MANAGEMENT: CMD 'needok 'IFCONFIG' ok'
2020-06-23 21:09:28 MANAGEMENT: >STATE:1592964568,ADD_ROUTES,,,,,,
2020-06-23 21:09:28 MANAGEMENT: CMD 'needok 'ROUTE' ok'
2020-06-23 21:09:28 MANAGEMENT: CMD 'needok 'ROUTE' ok'
2020-06-23 21:09:28 MANAGEMENT: CMD 'needok 'PERSIST_TUN_ACTION' OPEN_BEFORE_CLOSE'
2020-06-23 21:09:28 Opening tun interface:
2020-06-23 21:09:28 Local IPv4: 192.168.87.6/30 IPv6: (not set) MTU: 1500
2020-06-23 21:09:28 DNS Server: , Domain: null
2020-06-23 21:09:28 Routes: 192.168.0.0/24, 192.168.87.0/24, 192.168.87.4/30
2020-06-23 21:09:28 Routes excluded: 192.168.1.137/24 2600:6c56:7f08:3046:ac07:d8de:d739:39e7/64, fe80:0:0:0:e317:42ff:1f1d:10b/64
2020-06-23 21:09:28 VpnService routes installed: 192.168.0.0/24, 192.168.87.0/24
2020-06-23 21:09:28 Disallowed VPN apps:
2020-06-23 21:09:28 No DNS servers being used. Name resolution may not work. Consider setting custom DNS Servers. Please also note that Android will keep using your proxy settings specified for your mobile/Wi-Fi connection when no DNS servers are set.
2020-06-23 21:09:29 MANAGEMENT: CMD 'needok 'OPENTUN' ok'
2020-06-23 21:09:29 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2020-06-23 21:09:29 Initialization Sequence Completed
2020-06-23 21:09:29 MANAGEMENT: >STATE:1592964569,CONNECTED,SUCCESS,192.168.87.6,xx.xx.xxx.xxx:xx,,
2020-06-23 21:09:29 Debug state info: CONNECTED to WIFI , pause: userPause, shouldbeconnected: true, network: SHOULDBECONNECTED