My specs.
My distro is Archlinux.
Code: Select all
uname -ar
Linux 5.14.8-arch1-1 #1 SMP PREEMPT Sun, 26 Sep 2021 19:36:15 +0000 x86_64 GNU/Linux
Code: Select all
openvpn --version
OpenVPN 2.1.3 x86_64-unknown-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] built on Oct 7 2021
Originally developed by James Yonan
Copyright (C) 2002-2010 OpenVPN Technologies, Inc. <sales@openvpn.net>
Code: Select all
setenv FORWARD_COMPATIBLE 1
client
server-poll-timeout 4
nobind
remote IP 1194 udp
remote IP 1194 udp
remote IP 443 tcp
remote IP 1194 udp
remote IP 1194 udp
remote IP 1194 udp
remote IP 1194 udp
remote IP 1194 udp
dev tun
dev-type tun
ns-cert-type server
#--remote-cert-tls server
setenv opt tls-version-min 1.0 or-highest
reneg-sec 604800
sndbuf 100000
rcvbuf 100000
auth-user-pass
static-challenge "Enter Google Authenticator Code" 1
comp-lzo no
verb 3
setenv PUSH_PEER_INFO
<ca>
-----BEGIN CERTIFICATE-----
CERT HERE
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
CERT HERE
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
KEY HERE
-----END PRIVATE KEY-----
</key>
key-direction 1
<tls-auth>
-----BEGIN OpenVPN Static key V1-----
KEY HERE
-----END OpenVPN Static key V1-----
</tls-auth>
Code: Select all
2021-10-07 11:31:55 WARNING: --ns-cert-type is DEPRECATED. Use --remote-cert-tls instead.
2021-10-07 11:31:55 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2021-10-07 11:31:55 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2021-10-07 11:31:55 TCP/UDP: Preserving recently used remote address: [AF_INET]IP:1194
2021-10-07 11:31:55 Socket Buffers: R=[212992->200000] S=[212992->200000]
2021-10-07 11:31:55 UDP link local: (not bound)
2021-10-07 11:31:55 UDP link remote: [AF_INET]IP:1194
2021-10-07 11:31:55 TLS: Initial packet from [AF_INET]IP:1194, sid=86272c6d 1ef37186
2021-10-07 11:31:55 net_route_v4_best_gw query: dst 0.0.0.0
2021-10-07 11:31:55 net_route_v4_best_gw result: via 192.168.0.1 dev enp0s31f6
2021-10-07 11:31:56 VERIFY OK: depth=1, CN=OpenVPN CA
2021-10-07 11:31:56 VERIFY OK: nsCertType=SERVER
2021-10-07 11:31:56 VERIFY OK: depth=0, CN=OpenVPN Server
2021-10-07 11:31:56 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, peer certificate: 2048 bit RSA, signature: RSA-SHA256
2021-10-07 11:31:56 [OpenVPN Server] Peer Connection Initiated with [AF_INET]IP:1194
2021-10-07 11:31:57 SENT CONTROL [OpenVPN Server]: 'PUSH_REQUEST' (status=1)
2021-10-07 11:31:58 AUTH: Received control message: AUTH_FAILED
2021-10-07 11:31:58 SIGUSR1[soft,auth-failure] received, process restarting
2021-10-07 11:31:58 Restart pause, 5 second(s)
Enter Auth Username: USERNAME
🔐 Enter Auth Password: (no echo)
CHALLENGE: Enter Google Authenticator Code
2021-10-07 11:33:08 WARNING: --ns-cert-type is DEPRECATED. Use --remote-cert-tls instead.
2021-10-07 11:33:08 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2021-10-07 11:33:08 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2021-10-07 11:33:08 TCP/UDP: Preserving recently used remote address: [AF_INET]IP:1194
2021-10-07 11:33:08 Socket Buffers: R=[212992->200000] S=[212992->200000]
2021-10-07 11:33:08 UDP link local: (not bound)
2021-10-07 11:33:08 UDP link remote: [AF_INET]IP:1194
2021-10-07 11:33:09 TLS: Initial packet from [AF_INET]IP:1194, sid=43c56412 aca5959a
2021-10-07 11:33:09 net_route_v4_best_gw query: dst 0.0.0.0
2021-10-07 11:33:09 net_route_v4_best_gw result: via 192.168.0.1 dev enp0s31f6
2021-10-07 11:33:09 VERIFY OK: depth=1, CN=OpenVPN CA
2021-10-07 11:33:09 VERIFY OK: nsCertType=SERVER
2021-10-07 11:33:09 VERIFY OK: depth=0, CN=OpenVPN Server
2021-10-07 11:33:10 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, peer certificate: 2048 bit RSA, signature: RSA-SHA256
2021-10-07 11:33:10 [OpenVPN Server] Peer Connection Initiated with [AF_INET]IP:1194
2021-10-07 11:33:11 SENT CONTROL [OpenVPN Server]: 'PUSH_REQUEST' (status=1)
2021-10-07 11:33:11 AUTH: Received control message: AUTH_FAILED
2021-10-07 11:33:11 SIGUSR1[soft,auth-failure] received, process restarting
2021-10-07 11:33:11 Restart pause, 5 second(s)
Is there a way to debug this to see what is failing ? or what can I try ?
Thanks in advance!.