The router is configured to forward port 1194 to the ip address of the pc (192.168.10.24).
This is the server configuration
Code: Select all
port 1194
proto udp
dev tun
ca "C:\\Program Files\\OpenVPN\\config\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\config\\PC001.crt"
key "C:\\Program Files\\OpenVPN\\config\\PC001.key"
dh "C:\\Program Files\\OpenVPN\\config\\dh2048.pem"
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
keepalive 10 120
tls-auth "C:\\Program Files\\OpenVPN\\config\\ta.key" 0
cipher AES-256-GCM
persist-key
persist-tun
status openvpn-status.log
verb 3
explicit-exit-notify 1
Code: Select all
client
dev tun
proto udp
remote 213.226.x.x 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca "C:\\Program Files\\OpenVPN\\config\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\config\\client.crt"
key "C:\\Program Files\\OpenVPN\\config\\client.key"
remote-cert-tls server
tls-auth "C:\\Program Files\\OpenVPN\\config\\ta.key" 1
cipher AES-256-CBC
verb 3
Code: Select all
2021-10-18 18:45:41 WARNING: --topology net30 support for server configs with IPv4 pools will be removed in a future release. Please migrate to --topology subnet as soon as possible.
2021-10-18 18:45:41 --pull-filter ignored for --mode server
2021-10-18 18:45:41 OpenVPN 2.5.3 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Jun 17 2021
2021-10-18 18:45:41 Windows version 10.0 (Windows 10 or greater) 64bit
2021-10-18 18:45:41 library versions: OpenSSL 1.1.1k 25 Mar 2021, LZO 2.10
Enter Management Password:
2021-10-18 18:45:41 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
2021-10-18 18:45:41 Need hold release from management interface, waiting...
2021-10-18 18:45:42 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
2021-10-18 18:45:42 MANAGEMENT: CMD 'state on'
2021-10-18 18:45:42 MANAGEMENT: CMD 'log all on'
2021-10-18 18:45:42 MANAGEMENT: CMD 'echo all on'
2021-10-18 18:45:42 MANAGEMENT: CMD 'bytecount 5'
2021-10-18 18:45:42 MANAGEMENT: CMD 'hold off'
2021-10-18 18:45:42 MANAGEMENT: CMD 'hold release'
2021-10-18 18:45:42 Note: cannot open openvpn-status.log for WRITE
2021-10-18 18:45:42 Note: cannot open ipp.txt for READ/WRITE
2021-10-18 18:45:42 Diffie-Hellman initialized with 2048 bit key
2021-10-18 18:45:42 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2021-10-18 18:45:42 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2021-10-18 18:45:42 interactive service msg_channel=652
2021-10-18 18:45:42 ROUTE_GATEWAY 192.168.10.1/255.255.255.0 I=8 HWADDR=d0:50:99:87:2d:87
2021-10-18 18:45:42 open_tun
2021-10-18 18:45:42 tap-windows6 device [ServerVPN] opened
2021-10-18 18:45:42 TAP-Windows Driver Version 9.24
2021-10-18 18:45:42 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.8.0.1/255.255.255.252 on interface {A8FCCE2D-BB77-4FC8-BC6E-310E79A86359} [DHCP-serv: 10.8.0.2, lease-time: 31536000]
2021-10-18 18:45:42 Sleeping for 10 seconds...
2021-10-18 18:45:52 Successful ARP Flush on interface [16] {A8FCCE2D-BB77-4FC8-BC6E-310E79A86359}
2021-10-18 18:45:52 MANAGEMENT: >STATE:1634575552,ASSIGN_IP,,10.8.0.1,,,,
2021-10-18 18:45:52 IPv4 MTU set to 1500 on interface 16 using service
2021-10-18 18:45:52 MANAGEMENT: >STATE:1634575552,ADD_ROUTES,,,,,,
2021-10-18 18:45:52 C:\WINDOWS\system32\route.exe ADD 10.8.0.0 MASK 255.255.255.0 10.8.0.2
2021-10-18 18:45:52 Route addition via service succeeded
2021-10-18 18:45:52 Could not determine IPv4/IPv6 protocol. Using AF_INET6
2021-10-18 18:45:52 Socket Buffers: R=[65536->65536] S=[65536->65536]
2021-10-18 18:45:52 setsockopt(IPV6_V6ONLY=0)
2021-10-18 18:45:52 UDPv6 link local (bound): [AF_INET6][undef]:1194
2021-10-18 18:45:52 UDPv6 link remote: [AF_UNSPEC]
2021-10-18 18:45:52 MULTI: multi_init called, r=256 v=256
2021-10-18 18:45:52 IFCONFIG POOL IPv4: base=10.8.0.4 size=62
2021-10-18 18:45:52 IFCONFIG POOL LIST
2021-10-18 18:45:52 Initialization Sequence Completed
2021-10-18 18:45:52 MANAGEMENT: >STATE:1634575552,CONNECTED,SUCCESS,10.8.0.1,,,,
2021-10-18 18:46:08 10.255.16.115:64475 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2021-10-18 18:46:08 10.255.16.115:64475 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2021-10-18 18:46:08 10.255.16.115:64475 TLS: Initial packet from [AF_INET6]::ffff:10.255.16.115:64475, sid=102fc802 1aa62673
2021-10-18 18:46:08 10.255.16.115:64475 VERIFY OK: depth=1, C=US, ST=CA, L=SanFrancisco, O=OpenVPN, OU=changeme, CN=changeme, name=changeme, emailAddress=mail@host.domain
2021-10-18 18:46:08 10.255.16.115:64475 VERIFY OK: depth=0, C=IT, ST=LI, L=FinaleLigure, O=Polisportiva, OU=Mauro, CN=M, name=M, emailAddress=mail@host.domain
2021-10-18 18:46:08 10.255.16.115:64475 peer info: IV_VER=2.5..4
2021-10-18 18:46:08 10.255.16.115:64475 peer info: IV_PLAT=win
2021-10-18 18:46:08 10.255.16.115:64475 peer info: IV_PROTO=6
2021-10-18 18:46:08 10.255.16.115:64475 peer info: IV_NCP=2
2021-10-18 18:46:08 10.255.16.115:64475 peer info: IV_CIPHERS=AES-256-GCM:AES-128-GCM:AES-256-CBC
2021-10-18 18:46:08 10.255.16.115:64475 peer info: IV_LZ4=1
2021-10-18 18:46:08 10.255.16.115:64475 peer info: IV_LZ4v2=1
2021-10-18 18:46:08 10.255.16.115:64475 peer info: IV_LZO=1
2021-10-18 18:46:08 10.255.16.115:64475 peer info: IV_COMP_STUB=1
2021-10-18 18:46:08 10.255.16.115:64475 peer info: IV_COMP_STUBv2=1
2021-10-18 18:46:08 10.255.16.115:64475 peer info: IV_TCPNL=1
2021-10-18 18:46:08 10.255.16.115:64475 peer info: IV_GUI_VER=OpenVPN_GUI_11
2021-10-18 18:46:08 10.255.16.115:64475 peer info: IV_SSO=openurl,crtext
2021-10-18 18:46:08 10.255.16.115:64475 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1549', remote='link-mtu 1557'
2021-10-18 18:46:08 10.255.16.115:64475 WARNING: 'auth' is used inconsistently, local='auth [null-digest]', remote='auth SHA1'
2021-10-18 18:46:08 10.255.16.115:64475 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 4096 bit RSA, signature: RSA-SHA256
2021-10-18 18:46:08 10.255.16.115:64475 [M] Peer Connection Initiated with [AF_INET6]::ffff:10.255.16.115:64475
2021-10-18 18:46:08 M/10.255.16.115:64475 MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=(Not enabled)
2021-10-18 18:46:08 M/10.255.16.115:64475 MULTI: Learn: 10.8.0.6 -> M/10.255.16.115:64475
2021-10-18 18:46:08 M/10.255.16.115:64475 MULTI: primary virtual IP for M/10.255.16.115:64475: 10.8.0.6
2021-10-18 18:46:08 M/10.255.16.115:64475 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2021-10-18 18:46:08 M/10.255.16.115:64475 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2021-10-18 18:46:08 M/10.255.16.115:64475 SENT CONTROL [M]: 'PUSH_REPLY,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5,peer-id 0,cipher AES-256-GCM' (status=1)
2021-10-18 18:46:08 AEAD Decrypt error: cipher final failed
2021-10-18 18:46:18 AEAD Decrypt error: cipher final failed
2021-10-18 18:46:28 AEAD Decrypt error: cipher final failed
2021-10-18 18:46:39 AEAD Decrypt error: cipher final failed
2021-10-18 18:46:49 AEAD Decrypt error: cipher final failed
2021-10-18 18:47:02 192.168.10.1:53091 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2021-10-18 18:47:02 192.168.10.1:53091 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2021-10-18 18:47:02 192.168.10.1:53091 TLS: Initial packet from [AF_INET6]::ffff:192.168.10.1:53091, sid=8a833d63 a2bc7f14
2021-10-18 18:47:02 192.168.10.1:53091 VERIFY OK: depth=1, C=US, ST=CA, L=SanFrancisco, O=OpenVPN, OU=changeme, CN=changeme, name=changeme, emailAddress=mail@host.domain
2021-10-18 18:47:02 192.168.10.1:53091 VERIFY OK: depth=0, C=IT, ST=LI, L=FinaleLigure, O=Polisportiva, OU=Mauro, CN=M, name=M, emailAddress=mail@host.domain
2021-10-18 18:47:02 192.168.10.1:53091 peer info: IV_VER=2.5.3
2021-10-18 18:47:02 192.168.10.1:53091 peer info: IV_PLAT=win
2021-10-18 18:47:02 192.168.10.1:53091 peer info: IV_PROTO=6
2021-10-18 18:47:02 192.168.10.1:53091 peer info: IV_NCP=2
2021-10-18 18:47:02 192.168.10.1:53091 peer info: IV_CIPHERS=AES-256-GCM:AES-128-GCM:AES-256-CBC
2021-10-18 18:47:02 192.168.10.1:53091 peer info: IV_LZ4=1
2021-10-18 18:47:02 192.168.10.1:53091 peer info: IV_LZ4v2=1
2021-10-18 18:47:02 192.168.10.1:53091 peer info: IV_LZO=1
2021-10-18 18:47:02 192.168.10.1:53091 peer info: IV_COMP_STUB=1
2021-10-18 18:47:02 192.168.10.1:53091 peer info: IV_COMP_STUBv2=1
2021-10-18 18:47:02 192.168.10.1:53091 peer info: IV_TCPNL=1
2021-10-18 18:47:02 192.168.10.1:53091 peer info: IV_GUI_VER=OpenVPN_GUI_11
2021-10-18 18:47:02 192.168.10.1:53091 peer info: IV_SSO=openurl,crtext
2021-10-18 18:47:02 192.168.10.1:53091 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1549', remote='link-mtu 1557'
2021-10-18 18:47:02 192.168.10.1:53091 WARNING: 'auth' is used inconsistently, local='auth [null-digest]', remote='auth SHA1'
2021-10-18 18:47:02 192.168.10.1:53091 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 4096 bit RSA, signature: RSA-SHA256
2021-10-18 18:47:02 192.168.10.1:53091 [M] Peer Connection Initiated with [AF_INET6]::ffff:192.168.10.1:53091
2021-10-18 18:47:02 MULTI: new connection by client 'M' will cause previous active sessions by this client to be dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
2021-10-18 18:47:02 MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=(Not enabled)
2021-10-18 18:47:02 MULTI: Learn: 10.8.0.6 -> M/192.168.10.1:53091
2021-10-18 18:47:02 MULTI: primary virtual IP for M/192.168.10.1:53091: 10.8.0.6
2021-10-18 18:47:02 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2021-10-18 18:47:02 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2021-10-18 18:47:02 SENT CONTROL [M]: 'PUSH_REPLY,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5,peer-id 1,cipher AES-256-GCM' (status=1)
Code: Select all
2021-10-18 18:38:41 VERIFY OK: depth=0, C=IT, ST=LI, L=FinaleLigure, O=Polisportiva, OU=changeme, CN=changeme, name=changeme, emailAddress=mail@host.domain
2021-10-18 18:38:41 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1557', remote='link-mtu 1549'
2021-10-18 18:38:41 WARNING: 'auth' is used inconsistently, local='auth SHA1', remote='auth [null-digest]'
2021-10-18 18:38:41 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 4096 bit RSA, signature: RSA-SHA256
2021-10-18 18:38:41 [changeme] Peer Connection Initiated with [AF_INET]213.x.x.x:1194
2021-10-18 18:38:41 PUSH: Received control message: 'PUSH_REPLY,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5,peer-id 1,cipher AES-256-GCM'
2021-10-18 18:38:41 OPTIONS IMPORT: timers and/or timeouts modified
2021-10-18 18:38:41 OPTIONS IMPORT: --ifconfig/up options modified
2021-10-18 18:38:41 OPTIONS IMPORT: route options modified
2021-10-18 18:38:41 OPTIONS IMPORT: peer-id set
2021-10-18 18:38:41 OPTIONS IMPORT: adjusting link_mtu to 1624
2021-10-18 18:38:41 OPTIONS IMPORT: data channel crypto options modified
2021-10-18 18:38:41 Data Channel: using negotiated cipher 'AES-256-GCM'
2021-10-18 18:38:41 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2021-10-18 18:38:41 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2021-10-18 18:38:41 interactive service msg_channel=564
2021-10-18 18:38:41 ROUTE_GATEWAY 10.255.16.1/255.255.240.0 I=37 HWADDR=84:3a:4b:35:a2:bc
2021-10-18 18:38:41 open_tun
2021-10-18 18:38:41 tap-windows6 device [OpenVPN TAP-Windows6] opened
2021-10-18 18:38:41 TAP-Windows Driver Version 9.24
2021-10-18 18:38:41 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.8.0.6/255.255.255.252 on interface {9E9B783D-D564-4B89-8C9A-9A50BB56DC4B} [DHCP-serv: 10.8.0.5, lease-time: 31536000]
2021-10-18 18:38:41 Successful ARP Flush on interface [28] {9E9B783D-D564-4B89-8C9A-9A50BB56DC4B}
2021-10-18 18:38:41 MANAGEMENT: >STATE:1634575121,ASSIGN_IP,,10.8.0.6,,,,
2021-10-18 18:38:41 IPv4 MTU set to 1500 on interface 28 using service
2021-10-18 18:38:46 TEST ROUTES: 1/1 succeeded len=1 ret=1 a=0 u/d=up
2021-10-18 18:38:46 MANAGEMENT: >STATE:1634575126,ADD_ROUTES,,,,,,
2021-10-18 18:38:46 C:\WINDOWS\system32\route.exe ADD 10.8.0.1 MASK 255.255.255.255 10.8.0.5
2021-10-18 18:38:46 Route addition via service succeeded
2021-10-18 18:38:46 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2021-10-18 18:38:46 Initialization Sequence Completed
2021-10-18 18:38:46 MANAGEMENT: >STATE:1634575126,CONNECTED,SUCCESS,10.8.0.6,213.x.x.x,1194,,