I'm having trouble with OpenVPN client initiating a connection with OpenVPN server. I've read through threads with a similar error but all suggestions related to tls-auth files matching between server and client don't seem to help as they already match. Initially I tried using tls-crypt instead of tls-auth but kept receiving tls-crypt unwrap error: packet too short and was unable to solve that issue with any existing forum support threads. Any help is appreciated.
Server:
OS: Linux ovpns 5.8.0-55-generic #62~20.04.1-Ubuntu SMP Wed Jun 2 08:55:04 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux
Network Setup:
Code: Select all
enp1s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.122.25 netmask 255.255.255.0 broadcast 192.168.122.255
inet6 fe80::edfa:f677:a174:ebe3 prefixlen 64 scopeid 0x20<link>
ether 52:54:00:66:52:52 txqueuelen 1000 (Ethernet)
RX packets 388447 bytes 251739916 (251.7 MB)
RX errors 0 dropped 129832 overruns 0 frame 0
TX packets 177419 bytes 33855654 (33.8 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 18010 bytes 1797104 (1.7 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 18010 bytes 1797104 (1.7 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
tun0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500
inet 10.15.0.1 netmask 255.255.255.0 destination 10.15.0.1
inet6 fe80::9717:4bb6:890c:af7a prefixlen 64 scopeid 0x20<link>
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 100 (UNSPEC)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 7 bytes 336 (336.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
Server conf
local 192.168.122.25
port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh.pem
auth SHA512
tls-auth tc.key 0
#key-direction 0
#tls-crypt tc.key
topology subnet
server 10.15.0.0 255.255.255.0
push "redirect-gateway def1 bypass-dhcp"
ifconfig-pool-persist ipp.txt
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
keepalive 10 120
cipher AES-256-CBC
user nobody
group nogroup
persist-key
persist-tun
verb 4
crl-verify crl.pem
explicit-exit-notify
status openvpn-status.log
port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh.pem
auth SHA512
tls-auth tc.key 0
#key-direction 0
#tls-crypt tc.key
topology subnet
server 10.15.0.0 255.255.255.0
push "redirect-gateway def1 bypass-dhcp"
ifconfig-pool-persist ipp.txt
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
keepalive 10 120
cipher AES-256-CBC
user nobody
group nogroup
persist-key
persist-tun
verb 4
crl-verify crl.pem
explicit-exit-notify
status openvpn-status.log
Server Log:
Code: Select all
GNU nano 4.8 /etc/openvpn/server/openvpn-status.log
TITLE,OpenVPN 2.4.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AE>
TIME,Thu Jun 17 14:59:38 2021,1623956378
HEADER,CLIENT_LIST,Common Name,Real Address,Virtual Address,Virtual IPv6 Address,Bytes Received,Bytes>
HEADER,ROUTING_TABLE,Virtual Address,Common Name,Real Address,Last Ref,Last Ref (time_t)
GLOBAL_STATS,Max bcast/mcast queue length,0
END
OS: Linux xxx 5.8.0-55-generic #62~20.04.1-Ubuntu SMP Wed Jun 2 08:55:04 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux
Network Setup:
Code: Select all
enp112s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.110 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::1bd:cf94:5c02:1ff9 prefixlen 64 scopeid 0x20<link>
ether a4:ae:11:1e:4c:1f txqueuelen 1000 (Ethernet)
RX packets 535240 bytes 285665915 (285.6 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 440074 bytes 44375190 (44.3 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device memory 0x6e100000-6e17ffff
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 48414 bytes 5082905 (5.0 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 48414 bytes 5082905 (5.0 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
Client conf
client
dev tun
proto udp
remote xxx 1194
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
cipher AES-256-CBC
auth SHA512
ignore-unknown-option block-outside-dns
#block-outside-dns
verb 4
#tls-client
tls-auth /etc/openvpn/tc.key 1
<ca>
-----BEGIN CERTIFICATE-----
xxx
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
xxx
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
xxx
-----END PRIVATE KEY-----
</key>
dev tun
proto udp
remote xxx 1194
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
cipher AES-256-CBC
auth SHA512
ignore-unknown-option block-outside-dns
#block-outside-dns
verb 4
#tls-client
tls-auth /etc/openvpn/tc.key 1
<ca>
-----BEGIN CERTIFICATE-----
xxx
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
xxx
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
xxx
-----END PRIVATE KEY-----
</key>
Client Log:
Code: Select all
Thu Jun 17 15:12:08 2021 us=615949 WARNING: file '/etc/openvpn/tc.key' is group or others accessible
Thu Jun 17 15:12:08 2021 us=615972 Current Parameter Settings:
Thu Jun 17 15:12:08 2021 us=615976 config = 'ov-ubuntu.ovpn'
Thu Jun 17 15:12:08 2021 us=616007 mode = 0
Thu Jun 17 15:12:08 2021 us=616010 persist_config = DISABLED
Thu Jun 17 15:12:08 2021 us=616014 persist_mode = 1
Thu Jun 17 15:12:08 2021 us=616018 show_ciphers = DISABLED
Thu Jun 17 15:12:08 2021 us=616022 show_digests = DISABLED
Thu Jun 17 15:12:08 2021 us=616025 show_engines = DISABLED
Thu Jun 17 15:12:08 2021 us=616029 genkey = DISABLED
Thu Jun 17 15:12:08 2021 us=616032 key_pass_file = '[UNDEF]'
Thu Jun 17 15:12:08 2021 us=616036 show_tls_ciphers = DISABLED
Thu Jun 17 15:12:08 2021 us=616040 connect_retry_max = 0
Thu Jun 17 15:12:08 2021 us=616043 Connection profiles [0]:
Thu Jun 17 15:12:08 2021 us=616047 proto = udp
Thu Jun 17 15:12:08 2021 us=616051 local = '[UNDEF]'
Thu Jun 17 15:12:08 2021 us=616054 local_port = '[UNDEF]'
Thu Jun 17 15:12:08 2021 us=616058 remote = 'xxx'
Thu Jun 17 15:12:08 2021 us=616061 remote_port = '1194'
Thu Jun 17 15:12:08 2021 us=616065 remote_float = DISABLED
Thu Jun 17 15:12:08 2021 us=616069 bind_defined = DISABLED
Thu Jun 17 15:12:08 2021 us=616072 bind_local = DISABLED
Thu Jun 17 15:12:08 2021 us=616075 bind_ipv6_only = DISABLED
Thu Jun 17 15:12:08 2021 us=616079 connect_retry_seconds = 5
Thu Jun 17 15:12:08 2021 us=616083 connect_timeout = 120
Thu Jun 17 15:12:08 2021 us=616086 socks_proxy_server = '[UNDEF]'
Thu Jun 17 15:12:08 2021 us=616115 socks_proxy_port = '[UNDEF]'
Thu Jun 17 15:12:08 2021 us=616120 tun_mtu = 1500
Thu Jun 17 15:12:08 2021 us=616123 tun_mtu_defined = ENABLED
Thu Jun 17 15:12:08 2021 us=616127 link_mtu = 1500
Thu Jun 17 15:12:08 2021 us=616146 link_mtu_defined = DISABLED
Thu Jun 17 15:12:08 2021 us=616150 tun_mtu_extra = 0
Thu Jun 17 15:12:08 2021 us=616154 tun_mtu_extra_defined = DISABLED
Thu Jun 17 15:12:08 2021 us=616157 mtu_discover_type = -1
Thu Jun 17 15:12:08 2021 us=616161 fragment = 0
Thu Jun 17 15:12:08 2021 us=616164 mssfix = 1450
Thu Jun 17 15:12:08 2021 us=616168 explicit_exit_notification = 0
Thu Jun 17 15:12:08 2021 us=616172 Connection profiles END
Thu Jun 17 15:12:08 2021 us=616175 remote_random = DISABLED
Thu Jun 17 15:12:08 2021 us=616179 ipchange = '[UNDEF]'
Thu Jun 17 15:12:08 2021 us=616182 dev = 'tun'
Thu Jun 17 15:12:08 2021 us=616186 dev_type = '[UNDEF]'
Thu Jun 17 15:12:08 2021 us=616190 dev_node = '[UNDEF]'
Thu Jun 17 15:12:08 2021 us=616193 lladdr = '[UNDEF]'
Thu Jun 17 15:12:08 2021 us=616197 topology = 1
Thu Jun 17 15:12:08 2021 us=616200 ifconfig_local = '[UNDEF]'
Thu Jun 17 15:12:08 2021 us=616204 ifconfig_remote_netmask = '[UNDEF]'
Thu Jun 17 15:12:08 2021 us=616207 ifconfig_noexec = DISABLED
Thu Jun 17 15:12:08 2021 us=616211 ifconfig_nowarn = DISABLED
Thu Jun 17 15:12:08 2021 us=616215 ifconfig_ipv6_local = '[UNDEF]'
Thu Jun 17 15:12:08 2021 us=616218 ifconfig_ipv6_netbits = 0
Thu Jun 17 15:12:08 2021 us=616222 ifconfig_ipv6_remote = '[UNDEF]'
Thu Jun 17 15:12:08 2021 us=616226 shaper = 0
Thu Jun 17 15:12:08 2021 us=616229 mtu_test = 0
Thu Jun 17 15:12:08 2021 us=616233 mlock = DISABLED
Thu Jun 17 15:12:08 2021 us=616236 keepalive_ping = 0
Thu Jun 17 15:12:08 2021 us=616240 keepalive_timeout = 0
Thu Jun 17 15:12:08 2021 us=616263 inactivity_timeout = 0
Thu Jun 17 15:12:08 2021 us=616266 ping_send_timeout = 0
Thu Jun 17 15:12:08 2021 us=616270 ping_rec_timeout = 0
Thu Jun 17 15:12:08 2021 us=616273 ping_rec_timeout_action = 0
Thu Jun 17 15:12:08 2021 us=616277 ping_timer_remote = DISABLED
Thu Jun 17 15:12:08 2021 us=616281 remap_sigusr1 = 0
Thu Jun 17 15:12:08 2021 us=616284 persist_tun = ENABLED
Thu Jun 17 15:12:08 2021 us=616288 persist_local_ip = DISABLED
Thu Jun 17 15:12:08 2021 us=616292 persist_remote_ip = DISABLED
Thu Jun 17 15:12:08 2021 us=616311 persist_key = ENABLED
Thu Jun 17 15:12:08 2021 us=616315 passtos = DISABLED
Thu Jun 17 15:12:08 2021 us=616318 resolve_retry_seconds = 1000000000
Thu Jun 17 15:12:08 2021 us=616322 resolve_in_advance = DISABLED
Thu Jun 17 15:12:08 2021 us=616325 username = '[UNDEF]'
Thu Jun 17 15:12:08 2021 us=616329 groupname = '[UNDEF]'
Thu Jun 17 15:12:08 2021 us=616332 chroot_dir = '[UNDEF]'
Thu Jun 17 15:12:08 2021 us=616350 cd_dir = '[UNDEF]'
Thu Jun 17 15:12:08 2021 us=616353 writepid = '[UNDEF]'
Thu Jun 17 15:12:08 2021 us=616356 up_script = '[UNDEF]'
Thu Jun 17 15:12:08 2021 us=616360 down_script = '[UNDEF]'
Thu Jun 17 15:12:08 2021 us=616363 down_pre = DISABLED
Thu Jun 17 15:12:08 2021 us=616367 up_restart = DISABLED
Thu Jun 17 15:12:08 2021 us=616370 up_delay = DISABLED
Thu Jun 17 15:12:08 2021 us=616373 daemon = DISABLED
Thu Jun 17 15:12:08 2021 us=616377 inetd = 0
Thu Jun 17 15:12:08 2021 us=616380 log = DISABLED
Thu Jun 17 15:12:08 2021 us=616384 suppress_timestamps = DISABLED
Thu Jun 17 15:12:08 2021 us=616387 machine_readable_output = DISABLED
Thu Jun 17 15:12:08 2021 us=616391 nice = 0
Thu Jun 17 15:12:08 2021 us=616394 verbosity = 4
Thu Jun 17 15:12:08 2021 us=616398 mute = 0
Thu Jun 17 15:12:08 2021 us=616401 gremlin = 0
Thu Jun 17 15:12:08 2021 us=616404 status_file = '[UNDEF]'
Thu Jun 17 15:12:08 2021 us=616408 status_file_version = 1
Thu Jun 17 15:12:08 2021 us=616411 status_file_update_freq = 60
Thu Jun 17 15:12:08 2021 us=616415 occ = ENABLED
Thu Jun 17 15:12:08 2021 us=616418 rcvbuf = 0
Thu Jun 17 15:12:08 2021 us=616422 sndbuf = 0
Thu Jun 17 15:12:08 2021 us=616425 mark = 0
Thu Jun 17 15:12:08 2021 us=616428 sockflags = 0
Thu Jun 17 15:12:08 2021 us=616432 fast_io = DISABLED
Thu Jun 17 15:12:08 2021 us=616435 comp.alg = 0
Thu Jun 17 15:12:08 2021 us=616439 comp.flags = 0
Thu Jun 17 15:12:08 2021 us=616442 route_script = '[UNDEF]'
Thu Jun 17 15:12:08 2021 us=616446 route_default_gateway = '[UNDEF]'
Thu Jun 17 15:12:08 2021 us=616449 route_default_metric = 0
Thu Jun 17 15:12:08 2021 us=616453 route_noexec = DISABLED
Thu Jun 17 15:12:08 2021 us=616456 route_delay = 0
Thu Jun 17 15:12:08 2021 us=616460 route_delay_window = 30
Thu Jun 17 15:12:08 2021 us=616476 route_delay_defined = DISABLED
Thu Jun 17 15:12:08 2021 us=616480 route_nopull = DISABLED
Thu Jun 17 15:12:08 2021 us=616484 route_gateway_via_dhcp = DISABLED
Thu Jun 17 15:12:08 2021 us=616487 allow_pull_fqdn = DISABLED
Thu Jun 17 15:12:08 2021 us=616491 management_addr = '[UNDEF]'
Thu Jun 17 15:12:08 2021 us=616495 management_port = '[UNDEF]'
Thu Jun 17 15:12:08 2021 us=616498 management_user_pass = '[UNDEF]'
Thu Jun 17 15:12:08 2021 us=616502 management_log_history_cache = 250
Thu Jun 17 15:12:08 2021 us=616506 management_echo_buffer_size = 100
Thu Jun 17 15:12:08 2021 us=616510 management_write_peer_info_file = '[UNDEF]'
Thu Jun 17 15:12:08 2021 us=616513 management_client_user = '[UNDEF]'
Thu Jun 17 15:12:08 2021 us=616517 management_client_group = '[UNDEF]'
Thu Jun 17 15:12:08 2021 us=616521 management_flags = 0
Thu Jun 17 15:12:08 2021 us=616525 shared_secret_file = '[UNDEF]'
Thu Jun 17 15:12:08 2021 us=616529 key_direction = 1
Thu Jun 17 15:12:08 2021 us=616532 ciphername = 'AES-256-CBC'
Thu Jun 17 15:12:08 2021 us=616536 ncp_enabled = ENABLED
Thu Jun 17 15:12:08 2021 us=616540 ncp_ciphers = 'AES-256-GCM:AES-128-GCM'
Thu Jun 17 15:12:08 2021 us=616544 authname = 'SHA512'
Thu Jun 17 15:12:08 2021 us=616548 prng_hash = 'SHA1'
Thu Jun 17 15:12:08 2021 us=616552 prng_nonce_secret_len = 16
Thu Jun 17 15:12:08 2021 us=616555 keysize = 0
Thu Jun 17 15:12:08 2021 us=616559 engine = DISABLED
Thu Jun 17 15:12:08 2021 us=616563 replay = ENABLED
Thu Jun 17 15:12:08 2021 us=616567 mute_replay_warnings = DISABLED
Thu Jun 17 15:12:08 2021 us=616570 replay_window = 64
Thu Jun 17 15:12:08 2021 us=616574 replay_time = 15
Thu Jun 17 15:12:08 2021 us=616578 packet_id_file = '[UNDEF]'
Thu Jun 17 15:12:08 2021 us=616582 use_iv = ENABLED
Thu Jun 17 15:12:08 2021 us=616585 test_crypto = DISABLED
Thu Jun 17 15:12:08 2021 us=616589 tls_server = DISABLED
Thu Jun 17 15:12:08 2021 us=616593 tls_client = ENABLED
Thu Jun 17 15:12:08 2021 us=616597 key_method = 2
Thu Jun 17 15:12:08 2021 us=616600 ca_file = '[[INLINE]]'
Thu Jun 17 15:12:08 2021 us=616604 ca_path = '[UNDEF]'
Thu Jun 17 15:12:08 2021 us=616608 dh_file = '[UNDEF]'
Thu Jun 17 15:12:08 2021 us=616612 cert_file = '[[INLINE]]'
Thu Jun 17 15:12:08 2021 us=616615 extra_certs_file = '[UNDEF]'
Thu Jun 17 15:12:08 2021 us=616619 priv_key_file = '[[INLINE]]'
Thu Jun 17 15:12:08 2021 us=616623 pkcs12_file = '[UNDEF]'
Thu Jun 17 15:12:08 2021 us=616627 cipher_list = '[UNDEF]'
Thu Jun 17 15:12:08 2021 us=616630 cipher_list_tls13 = '[UNDEF]'
Thu Jun 17 15:12:08 2021 us=616634 tls_cert_profile = '[UNDEF]'
Thu Jun 17 15:12:08 2021 us=616638 tls_verify = '[UNDEF]'
Thu Jun 17 15:12:08 2021 us=616641 tls_export_cert = '[UNDEF]'
Thu Jun 17 15:12:08 2021 us=616645 verify_x509_type = 0
Thu Jun 17 15:12:08 2021 us=616649 verify_x509_name = '[UNDEF]'
Thu Jun 17 15:12:08 2021 us=616652 crl_file = '[UNDEF]'
Thu Jun 17 15:12:08 2021 us=616656 ns_cert_type = 0
Thu Jun 17 15:12:08 2021 us=616660 remote_cert_ku[i] = 65535
Thu Jun 17 15:12:08 2021 us=616664 remote_cert_ku[i] = 0
Thu Jun 17 15:12:08 2021 us=616668 remote_cert_ku[i] = 0
Thu Jun 17 15:12:08 2021 us=616671 remote_cert_ku[i] = 0
Thu Jun 17 15:12:08 2021 us=616675 remote_cert_ku[i] = 0
Thu Jun 17 15:12:08 2021 us=616678 remote_cert_ku[i] = 0
Thu Jun 17 15:12:08 2021 us=616682 remote_cert_ku[i] = 0
Thu Jun 17 15:12:08 2021 us=616686 remote_cert_ku[i] = 0
Thu Jun 17 15:12:08 2021 us=616689 remote_cert_ku[i] = 0
Thu Jun 17 15:12:08 2021 us=616693 remote_cert_ku[i] = 0
Thu Jun 17 15:12:08 2021 us=616697 remote_cert_ku[i] = 0
Thu Jun 17 15:12:08 2021 us=616700 remote_cert_ku[i] = 0
Thu Jun 17 15:12:08 2021 us=616704 remote_cert_ku[i] = 0
Thu Jun 17 15:12:08 2021 us=616707 remote_cert_ku[i] = 0
Thu Jun 17 15:12:08 2021 us=616711 remote_cert_ku[i] = 0
Thu Jun 17 15:12:08 2021 us=616715 remote_cert_ku[i] = 0
Thu Jun 17 15:12:08 2021 us=616718 remote_cert_eku = 'TLS Web Server Authentication'
Thu Jun 17 15:12:08 2021 us=616722 ssl_flags = 0
Thu Jun 17 15:12:08 2021 us=616726 tls_timeout = 2
Thu Jun 17 15:12:08 2021 us=616730 renegotiate_bytes = -1
Thu Jun 17 15:12:08 2021 us=616734 renegotiate_packets = 0
Thu Jun 17 15:12:08 2021 us=616737 renegotiate_seconds = 3600
Thu Jun 17 15:12:08 2021 us=616741 handshake_window = 60
Thu Jun 17 15:12:08 2021 us=616745 transition_window = 3600
Thu Jun 17 15:12:08 2021 us=616748 single_session = DISABLED
Thu Jun 17 15:12:08 2021 us=616752 push_peer_info = DISABLED
Thu Jun 17 15:12:08 2021 us=616756 tls_exit = DISABLED
Thu Jun 17 15:12:08 2021 us=616760 tls_auth_file = '/etc/openvpn/tc.key'
Thu Jun 17 15:12:08 2021 us=616763 tls_crypt_file = '[UNDEF]'
Thu Jun 17 15:12:08 2021 us=616767 pkcs11_protected_authentication = DISABLED
Thu Jun 17 15:12:08 2021 us=616771 pkcs11_protected_authentication = DISABLED
Thu Jun 17 15:12:08 2021 us=616775 pkcs11_protected_authentication = DISABLED
Thu Jun 17 15:12:08 2021 us=616778 pkcs11_protected_authentication = DISABLED
Thu Jun 17 15:12:08 2021 us=616782 pkcs11_protected_authentication = DISABLED
Thu Jun 17 15:12:08 2021 us=616786 pkcs11_protected_authentication = DISABLED
Thu Jun 17 15:12:08 2021 us=616790 pkcs11_protected_authentication = DISABLED
Thu Jun 17 15:12:08 2021 us=616793 pkcs11_protected_authentication = DISABLED
Thu Jun 17 15:12:08 2021 us=616797 pkcs11_protected_authentication = DISABLED
Thu Jun 17 15:12:08 2021 us=616801 pkcs11_protected_authentication = DISABLED
Thu Jun 17 15:12:08 2021 us=616805 pkcs11_protected_authentication = DISABLED
Thu Jun 17 15:12:08 2021 us=616808 pkcs11_protected_authentication = DISABLED
Thu Jun 17 15:12:08 2021 us=616812 pkcs11_protected_authentication = DISABLED
Thu Jun 17 15:12:08 2021 us=616816 pkcs11_protected_authentication = DISABLED
Thu Jun 17 15:12:08 2021 us=616819 pkcs11_protected_authentication = DISABLED
Thu Jun 17 15:12:08 2021 us=616823 pkcs11_protected_authentication = DISABLED
Thu Jun 17 15:12:08 2021 us=616827 pkcs11_private_mode = 00000000
Thu Jun 17 15:12:08 2021 us=616831 pkcs11_private_mode = 00000000
Thu Jun 17 15:12:08 2021 us=616834 pkcs11_private_mode = 00000000
Thu Jun 17 15:12:08 2021 us=616838 pkcs11_private_mode = 00000000
Thu Jun 17 15:12:08 2021 us=616842 pkcs11_private_mode = 00000000
Thu Jun 17 15:12:08 2021 us=616846 pkcs11_private_mode = 00000000
Thu Jun 17 15:12:08 2021 us=616849 pkcs11_private_mode = 00000000
Thu Jun 17 15:12:08 2021 us=616853 pkcs11_private_mode = 00000000
Thu Jun 17 15:12:08 2021 us=616857 pkcs11_private_mode = 00000000
Thu Jun 17 15:12:08 2021 us=616860 pkcs11_private_mode = 00000000
Thu Jun 17 15:12:08 2021 us=616864 pkcs11_private_mode = 00000000
Thu Jun 17 15:12:08 2021 us=616867 pkcs11_private_mode = 00000000
Thu Jun 17 15:12:08 2021 us=616871 pkcs11_private_mode = 00000000
Thu Jun 17 15:12:08 2021 us=616875 pkcs11_private_mode = 00000000
Thu Jun 17 15:12:08 2021 us=616878 pkcs11_private_mode = 00000000
Thu Jun 17 15:12:08 2021 us=616882 pkcs11_private_mode = 00000000
Thu Jun 17 15:12:08 2021 us=616886 pkcs11_cert_private = DISABLED
Thu Jun 17 15:12:08 2021 us=616889 pkcs11_cert_private = DISABLED
Thu Jun 17 15:12:08 2021 us=616893 pkcs11_cert_private = DISABLED
Thu Jun 17 15:12:08 2021 us=616897 pkcs11_cert_private = DISABLED
Thu Jun 17 15:12:08 2021 us=616901 pkcs11_cert_private = DISABLED
Thu Jun 17 15:12:08 2021 us=616904 pkcs11_cert_private = DISABLED
Thu Jun 17 15:12:08 2021 us=616908 pkcs11_cert_private = DISABLED
Thu Jun 17 15:12:08 2021 us=616911 pkcs11_cert_private = DISABLED
Thu Jun 17 15:12:08 2021 us=616915 pkcs11_cert_private = DISABLED
Thu Jun 17 15:12:08 2021 us=616919 pkcs11_cert_private = DISABLED
Thu Jun 17 15:12:08 2021 us=616923 pkcs11_cert_private = DISABLED
Thu Jun 17 15:12:08 2021 us=616926 pkcs11_cert_private = DISABLED
Thu Jun 17 15:12:08 2021 us=616930 pkcs11_cert_private = DISABLED
Thu Jun 17 15:12:08 2021 us=616933 pkcs11_cert_private = DISABLED
Thu Jun 17 15:12:08 2021 us=616937 pkcs11_cert_private = DISABLED
Thu Jun 17 15:12:08 2021 us=616941 pkcs11_cert_private = DISABLED
Thu Jun 17 15:12:08 2021 us=616944 pkcs11_pin_cache_period = -1
Thu Jun 17 15:12:08 2021 us=616948 pkcs11_id = '[UNDEF]'
Thu Jun 17 15:12:08 2021 us=616952 pkcs11_id_management = DISABLED
Thu Jun 17 15:12:08 2021 us=616956 server_network = 0.0.0.0
Thu Jun 17 15:12:08 2021 us=616961 server_netmask = 0.0.0.0
Thu Jun 17 15:12:08 2021 us=616967 server_network_ipv6 = ::
Thu Jun 17 15:12:08 2021 us=616971 server_netbits_ipv6 = 0
Thu Jun 17 15:12:08 2021 us=616975 server_bridge_ip = 0.0.0.0
Thu Jun 17 15:12:08 2021 us=616980 server_bridge_netmask = 0.0.0.0
Thu Jun 17 15:12:08 2021 us=616984 server_bridge_pool_start = 0.0.0.0
Thu Jun 17 15:12:08 2021 us=616990 server_bridge_pool_end = 0.0.0.0
Thu Jun 17 15:12:08 2021 us=616994 ifconfig_pool_defined = DISABLED
Thu Jun 17 15:12:08 2021 us=616998 ifconfig_pool_start = 0.0.0.0
Thu Jun 17 15:12:08 2021 us=617002 ifconfig_pool_end = 0.0.0.0
Thu Jun 17 15:12:08 2021 us=617006 ifconfig_pool_netmask = 0.0.0.0
Thu Jun 17 15:12:08 2021 us=617010 ifconfig_pool_persist_filename = '[UNDEF]'
Thu Jun 17 15:12:08 2021 us=617014 ifconfig_pool_persist_refresh_freq = 600
Thu Jun 17 15:12:08 2021 us=617017 ifconfig_ipv6_pool_defined = DISABLED
Thu Jun 17 15:12:08 2021 us=617021 ifconfig_ipv6_pool_base = ::
Thu Jun 17 15:12:08 2021 us=617025 ifconfig_ipv6_pool_netbits = 0
Thu Jun 17 15:12:08 2021 us=617029 n_bcast_buf = 256
Thu Jun 17 15:12:08 2021 us=617033 tcp_queue_limit = 64
Thu Jun 17 15:12:08 2021 us=617037 real_hash_size = 256
Thu Jun 17 15:12:08 2021 us=617040 virtual_hash_size = 256
Thu Jun 17 15:12:08 2021 us=617044 client_connect_script = '[UNDEF]'
Thu Jun 17 15:12:08 2021 us=617048 learn_address_script = '[UNDEF]'
Thu Jun 17 15:12:08 2021 us=617052 client_disconnect_script = '[UNDEF]'
Thu Jun 17 15:12:08 2021 us=617055 client_config_dir = '[UNDEF]'
Thu Jun 17 15:12:08 2021 us=617059 ccd_exclusive = DISABLED
Thu Jun 17 15:12:08 2021 us=617063 tmp_dir = '/tmp'
Thu Jun 17 15:12:08 2021 us=617067 push_ifconfig_defined = DISABLED
Thu Jun 17 15:12:08 2021 us=617071 push_ifconfig_local = 0.0.0.0
Thu Jun 17 15:12:08 2021 us=617075 push_ifconfig_remote_netmask = 0.0.0.0
Thu Jun 17 15:12:08 2021 us=617079 push_ifconfig_ipv6_defined = DISABLED
Thu Jun 17 15:12:08 2021 us=617083 push_ifconfig_ipv6_local = ::/0
Thu Jun 17 15:12:08 2021 us=617087 push_ifconfig_ipv6_remote = ::
Thu Jun 17 15:12:08 2021 us=617091 enable_c2c = DISABLED
Thu Jun 17 15:12:08 2021 us=617095 duplicate_cn = DISABLED
Thu Jun 17 15:12:08 2021 us=617099 cf_max = 0
Thu Jun 17 15:12:08 2021 us=617102 cf_per = 0
Thu Jun 17 15:12:08 2021 us=617106 max_clients = 1024
Thu Jun 17 15:12:08 2021 us=617110 max_routes_per_client = 256
Thu Jun 17 15:12:08 2021 us=617113 auth_user_pass_verify_script = '[UNDEF]'
Thu Jun 17 15:12:08 2021 us=617117 auth_user_pass_verify_script_via_file = DISABLED
Thu Jun 17 15:12:08 2021 us=617121 auth_token_generate = DISABLED
Thu Jun 17 15:12:08 2021 us=617125 auth_token_lifetime = 0
Thu Jun 17 15:12:08 2021 us=617129 port_share_host = '[UNDEF]'
Thu Jun 17 15:12:08 2021 us=617132 port_share_port = '[UNDEF]'
Thu Jun 17 15:12:08 2021 us=617136 client = ENABLED
Thu Jun 17 15:12:08 2021 us=617140 pull = ENABLED
Thu Jun 17 15:12:08 2021 us=617144 auth_user_pass_file = '[UNDEF]'
Thu Jun 17 15:12:08 2021 us=617148 OpenVPN 2.4.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Apr 27 2021
Thu Jun 17 15:12:08 2021 us=617157 library versions: OpenSSL 1.1.1f 31 Mar 2020, LZO 2.10
Thu Jun 17 15:12:08 2021 us=617447 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Thu Jun 17 15:12:08 2021 us=617457 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Thu Jun 17 15:12:08 2021 us=617497 Control Channel MTU parms [ L:1621 D:1140 EF:110 EB:0 ET:0 EL:3 ]
Thu Jun 17 15:12:08 2021 us=617514 Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
Thu Jun 17 15:12:08 2021 us=617528 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1601,tun-mtu 1500,proto UDPv4,keydir 1,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-client'
Thu Jun 17 15:12:08 2021 us=617533 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1601,tun-mtu 1500,proto UDPv4,keydir 0,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-server'
Thu Jun 17 15:12:08 2021 us=617540 TCP/UDP: Preserving recently used remote address: [AF_INET]xxx:1194
Thu Jun 17 15:12:08 2021 us=617554 Socket Buffers: R=[212992->212992] S=[212992->212992]
Thu Jun 17 15:12:08 2021 us=617559 UDP link local: (not bound)
Thu Jun 17 15:12:08 2021 us=617563 UDP link remote: [AF_INET]xxx:1194
Thu Jun 17 15:12:08 2021 us=620961 TLS: Initial packet from [AF_INET]xxx:1194, sid=24ede69b 4a2fa0f4
Thu Jun 17 15:12:08 2021 us=620975 TLS Error: cannot locate HMAC in incoming packet from [AF_INET]xxx:1194
Thu Jun 17 15:12:10 2021 us=701228 TLS: Initial packet from [AF_INET]xxx:1194, sid=24ede69b 4a2fa0f4
Thu Jun 17 15:12:10 2021 us=701300 TLS Error: cannot locate HMAC in incoming packet from [AF_INET]xxx:1194
Thu Jun 17 15:12:14 2021 us=363139 TLS: Initial packet from [AF_INET]xxx:1194, sid=24ede69b 4a2fa0f4
Thu Jun 17 15:12:14 2021 us=363209 TLS Error: cannot locate HMAC in incoming packet from [AF_INET]xxx:1194