i just updated my pfSense and with it openVPN from 2.4.4. to 2.5.2.
I have one openVPN Client that can not connect to its watchgurad VPN server after the update. It stucks right after the initial tcp connection is established.
First the old working Client:
Code: Select all
openvpn --version
OpenVPN 2.4.4 amd64-portbld-freebsd11.1 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Mar 16 2018
library versions: OpenSSL 1.0.2m-freebsd 2 Nov 2017, LZO 2.10
Originally developed by James Yonan
Copyright (C) 2002-2017 OpenVPN Technologies, Inc. <sales@openvpn.net>
Compile time defines: enable_async_push=no enable_comp_stub=no enable_crypto=yes enable_crypto_ofb_cfb=yes enable_debug=yes enable_def_auth=yes enable_dlopen=unknown enable_dlopen_self=unknown enable_dlopen_self_static=unknown enable_fast_install=needless enable_fragment=yes enable_iproute2=no enable_libtool_lock=yes enable_lz4=yes enable_lzo=yes enable_management=yes enable_multihome=yes enable_pam_dlopen=no enable_pedantic=no enable_pf=yes enable_pkcs11=no enable_plugin_auth_pam=yes enable_plugin_down_root=yes enable_plugins=yes enable_port_share=yes enable_selinux=no enable_server=yes enable_shared=yes enable_shared_with_static_runtimes=no enable_silent_rules=no enable_small=no enable_static=yes enable_strict=yes enable_strict_options=no enable_systemd=no enable_werror=no enable_win32_dll=yes enable_x509_alt_username=no with_crypto_library=openssl with_gnu_ld=yes with_mem_check=no with_sysroot=no
Server Config
dev ovpnc1
verb 4
dev-type tun
dev-node /dev/tun1
writepid /var/run/openvpn_client1.pid
#user nobody
#group nobody
script-security 3
#daemon
keepalive 10 60
ping-timer-rem
persist-tun
persist-key
proto tcp4-client
cipher AES-256-CBC
auth SHA1
up /usr/local/sbin/ovpn-linkup
down /usr/local/sbin/ovpn-linkdown
local 192.168.x.x
tls-client
client
lport 0
management /var/etc/openvpn/client1.sock unix
remote x.x.x.x
route 10.0.0.0 255.255.255.0
ca /var/etc/openvpn/client1.ca
cert /var/etc/openvpn/client1.cert
key /var/etc/openvpn/client1.key
ncp-ciphers AES-256-GCM:AES-128-GCM
resolv-retry infinite
auth-user-pass /conf/endpoint/endpoint_login.conf
remote-cert-eku "TLS Web Server Authentication"
route-nopull
the log
Code: Select all
/usr/local/sbin/openvpn --config /var/etc/openvpn/client1.conf
Sat Jan 8 22:31:05 2022 us=193834 Current Parameter Settings:
Sat Jan 8 22:31:05 2022 us=193936 config = '/var/etc/openvpn/client1.conf'
Sat Jan 8 22:31:05 2022 us=193945 mode = 0
Sat Jan 8 22:31:05 2022 us=193953 show_ciphers = DISABLED
Sat Jan 8 22:31:05 2022 us=193961 show_digests = DISABLED
Sat Jan 8 22:31:05 2022 us=193969 show_engines = DISABLED
Sat Jan 8 22:31:05 2022 us=193977 genkey = DISABLED
Sat Jan 8 22:31:05 2022 us=193985 key_pass_file = '[UNDEF]'
Sat Jan 8 22:31:05 2022 us=193993 show_tls_ciphers = DISABLED
Sat Jan 8 22:31:05 2022 us=194001 connect_retry_max = 0
Sat Jan 8 22:31:05 2022 us=194009 Connection profiles [0]:
Sat Jan 8 22:31:05 2022 us=194017 proto = tcp4-client
Sat Jan 8 22:31:05 2022 us=194025 local = '192.168.x.x'
Sat Jan 8 22:31:05 2022 us=194033 local_port = '0'
Sat Jan 8 22:31:05 2022 us=194041 remote = 'x.x.x.x'
Sat Jan 8 22:31:05 2022 us=194049 remote_port = ''
Sat Jan 8 22:31:05 2022 us=194057 remote_float = DISABLED
Sat Jan 8 22:31:05 2022 us=194065 bind_defined = DISABLED
Sat Jan 8 22:31:05 2022 us=194073 bind_local = ENABLED
Sat Jan 8 22:31:05 2022 us=194081 bind_ipv6_only = DISABLED
Sat Jan 8 22:31:05 2022 us=194089 connect_retry_seconds = 5
Sat Jan 8 22:31:05 2022 us=194097 connect_timeout = 120
Sat Jan 8 22:31:05 2022 us=194106 socks_proxy_server = '[UNDEF]'
Sat Jan 8 22:31:05 2022 us=194114 socks_proxy_port = '[UNDEF]'
Sat Jan 8 22:31:05 2022 us=194122 tun_mtu = 1500
Sat Jan 8 22:31:05 2022 us=194130 tun_mtu_defined = ENABLED
Sat Jan 8 22:31:05 2022 us=194138 link_mtu = 1500
Sat Jan 8 22:31:05 2022 us=194146 link_mtu_defined = DISABLED
Sat Jan 8 22:31:05 2022 us=194154 tun_mtu_extra = 0
Sat Jan 8 22:31:05 2022 us=194163 tun_mtu_extra_defined = DISABLED
Sat Jan 8 22:31:05 2022 us=194171 mtu_discover_type = -1
Sat Jan 8 22:31:05 2022 us=194178 fragment = 0
Sat Jan 8 22:31:05 2022 us=194186 mssfix = 1450
Sat Jan 8 22:31:05 2022 us=194195 explicit_exit_notification = 0
Sat Jan 8 22:31:05 2022 us=194202 Connection profiles END
Sat Jan 8 22:31:05 2022 us=194210 remote_random = DISABLED
Sat Jan 8 22:31:05 2022 us=194218 ipchange = '[UNDEF]'
Sat Jan 8 22:31:05 2022 us=194226 dev = 'ovpnc1'
Sat Jan 8 22:31:05 2022 us=194234 dev_type = 'tun'
Sat Jan 8 22:31:05 2022 us=194242 dev_node = '/dev/tun1'
Sat Jan 8 22:31:05 2022 us=194250 lladdr = '[UNDEF]'
Sat Jan 8 22:31:05 2022 us=194258 topology = 1
Sat Jan 8 22:31:05 2022 us=194266 ifconfig_local = '[UNDEF]'
Sat Jan 8 22:31:05 2022 us=194274 ifconfig_remote_netmask = '[UNDEF]'
Sat Jan 8 22:31:05 2022 us=194282 ifconfig_noexec = DISABLED
Sat Jan 8 22:31:05 2022 us=194290 ifconfig_nowarn = DISABLED
Sat Jan 8 22:31:05 2022 us=194298 ifconfig_ipv6_local = '[UNDEF]'
Sat Jan 8 22:31:05 2022 us=194306 ifconfig_ipv6_netbits = 0
Sat Jan 8 22:31:05 2022 us=194314 ifconfig_ipv6_remote = '[UNDEF]'
Sat Jan 8 22:31:05 2022 us=194323 shaper = 0
Sat Jan 8 22:31:05 2022 us=194331 mtu_test = 0
Sat Jan 8 22:31:05 2022 us=194338 mlock = DISABLED
Sat Jan 8 22:31:05 2022 us=194346 keepalive_ping = 10
Sat Jan 8 22:31:05 2022 us=194354 keepalive_timeout = 60
Sat Jan 8 22:31:05 2022 us=194362 inactivity_timeout = 0
Sat Jan 8 22:31:05 2022 us=194370 ping_send_timeout = 10
Sat Jan 8 22:31:05 2022 us=194378 ping_rec_timeout = 60
Sat Jan 8 22:31:05 2022 us=194386 ping_rec_timeout_action = 2
Sat Jan 8 22:31:05 2022 us=194394 ping_timer_remote = ENABLED
Sat Jan 8 22:31:05 2022 us=194402 remap_sigusr1 = 0
Sat Jan 8 22:31:05 2022 us=194410 persist_tun = ENABLED
Sat Jan 8 22:31:05 2022 us=194418 persist_local_ip = DISABLED
Sat Jan 8 22:31:05 2022 us=194427 persist_remote_ip = DISABLED
Sat Jan 8 22:31:05 2022 us=194434 persist_key = ENABLED
Sat Jan 8 22:31:05 2022 us=194442 passtos = DISABLED
Sat Jan 8 22:31:05 2022 us=194450 resolve_retry_seconds = 1000000000
Sat Jan 8 22:31:05 2022 us=194458 resolve_in_advance = DISABLED
Sat Jan 8 22:31:05 2022 us=194466 username = '[UNDEF]'
Sat Jan 8 22:31:05 2022 us=194474 groupname = '[UNDEF]'
Sat Jan 8 22:31:05 2022 us=194482 chroot_dir = '[UNDEF]'
Sat Jan 8 22:31:05 2022 us=194490 cd_dir = '[UNDEF]'
Sat Jan 8 22:31:05 2022 us=194498 writepid = '/var/run/openvpn_client1.pid'
Sat Jan 8 22:31:05 2022 us=194506 up_script = '/usr/local/sbin/ovpn-linkup'
Sat Jan 8 22:31:05 2022 us=194514 down_script = '/usr/local/sbin/ovpn-linkdown'
Sat Jan 8 22:31:05 2022 us=194522 down_pre = DISABLED
Sat Jan 8 22:31:05 2022 us=194530 up_restart = DISABLED
Sat Jan 8 22:31:05 2022 us=194538 up_delay = DISABLED
Sat Jan 8 22:31:05 2022 us=194546 daemon = DISABLED
Sat Jan 8 22:31:05 2022 us=194554 inetd = 0
Sat Jan 8 22:31:05 2022 us=194562 log = DISABLED
Sat Jan 8 22:31:05 2022 us=194569 suppress_timestamps = DISABLED
Sat Jan 8 22:31:05 2022 us=194578 machine_readable_output = DISABLED
Sat Jan 8 22:31:05 2022 us=194586 nice = 0
Sat Jan 8 22:31:05 2022 us=194593 verbosity = 4
Sat Jan 8 22:31:05 2022 us=194601 mute = 0
Sat Jan 8 22:31:05 2022 us=194609 gremlin = 0
Sat Jan 8 22:31:05 2022 us=194617 status_file = '[UNDEF]'
Sat Jan 8 22:31:05 2022 us=194625 status_file_version = 1
Sat Jan 8 22:31:05 2022 us=194633 status_file_update_freq = 60
Sat Jan 8 22:31:05 2022 us=194641 occ = ENABLED
Sat Jan 8 22:31:05 2022 us=194649 rcvbuf = 0
Sat Jan 8 22:31:05 2022 us=194657 sndbuf = 0
Sat Jan 8 22:31:05 2022 us=194665 sockflags = 0
Sat Jan 8 22:31:05 2022 us=194673 fast_io = DISABLED
Sat Jan 8 22:31:05 2022 us=194681 comp.alg = 0
Sat Jan 8 22:31:05 2022 us=194689 comp.flags = 0
Sat Jan 8 22:31:05 2022 us=194697 route_script = '[UNDEF]'
Sat Jan 8 22:31:05 2022 us=194704 route_default_gateway = '[UNDEF]'
Sat Jan 8 22:31:05 2022 us=194712 route_default_metric = 0
Sat Jan 8 22:31:05 2022 us=194720 route_noexec = DISABLED
Sat Jan 8 22:31:05 2022 us=194728 route_delay = 0
Sat Jan 8 22:31:05 2022 us=194750 route_delay_window = 30
Sat Jan 8 22:31:05 2022 us=194759 route_delay_defined = DISABLED
Sat Jan 8 22:31:05 2022 us=194768 route_nopull = ENABLED
Sat Jan 8 22:31:05 2022 us=194776 route_gateway_via_dhcp = DISABLED
Sat Jan 8 22:31:05 2022 us=194784 allow_pull_fqdn = DISABLED
Sat Jan 8 22:31:05 2022 us=194793 route 10.0.0.0/255.255.255.0/default (not set)/default (not set)
Sat Jan 8 22:31:05 2022 us=194811 management_addr = '/var/etc/openvpn/client1.sock'
Sat Jan 8 22:31:05 2022 us=194819 management_port = 'unix'
Sat Jan 8 22:31:05 2022 us=194827 management_user_pass = '[UNDEF]'
Sat Jan 8 22:31:05 2022 us=194835 management_log_history_cache = 250
Sat Jan 8 22:31:05 2022 us=194843 management_echo_buffer_size = 100
Sat Jan 8 22:31:05 2022 us=194851 management_write_peer_info_file = '[UNDEF]'
Sat Jan 8 22:31:05 2022 us=194859 management_client_user = '[UNDEF]'
Sat Jan 8 22:31:05 2022 us=194867 management_client_group = '[UNDEF]'
Sat Jan 8 22:31:05 2022 us=194875 management_flags = 256
Sat Jan 8 22:31:05 2022 us=194883 shared_secret_file = '[UNDEF]'
Sat Jan 8 22:31:05 2022 us=194891 key_direction = 0
Sat Jan 8 22:31:05 2022 us=194899 ciphername = 'AES-256-CBC'
Sat Jan 8 22:31:05 2022 us=194907 ncp_enabled = ENABLED
Sat Jan 8 22:31:05 2022 us=194915 ncp_ciphers = 'AES-256-GCM:AES-128-GCM'
Sat Jan 8 22:31:05 2022 us=194923 authname = 'SHA1'
Sat Jan 8 22:31:05 2022 us=195136 prng_hash = 'SHA1'
Sat Jan 8 22:31:05 2022 us=195145 prng_nonce_secret_len = 16
Sat Jan 8 22:31:05 2022 us=195154 keysize = 0
Sat Jan 8 22:31:05 2022 us=195162 engine = DISABLED
Sat Jan 8 22:31:05 2022 us=195170 replay = ENABLED
Sat Jan 8 22:31:05 2022 us=195188 mute_replay_warnings = DISABLED
Sat Jan 8 22:31:05 2022 us=195225 replay_window = 64
Sat Jan 8 22:31:05 2022 us=195234 replay_time = 15
Sat Jan 8 22:31:05 2022 us=195292 packet_id_file = '[UNDEF]'
Sat Jan 8 22:31:05 2022 us=195372 use_iv = ENABLED
Sat Jan 8 22:31:05 2022 us=195382 test_crypto = DISABLED
Sat Jan 8 22:31:05 2022 us=195391 tls_server = DISABLED
Sat Jan 8 22:31:05 2022 us=195399 tls_client = ENABLED
Sat Jan 8 22:31:05 2022 us=195408 key_method = 2
Sat Jan 8 22:31:05 2022 us=195416 ca_file = '/var/etc/openvpn/client1.ca'
Sat Jan 8 22:31:05 2022 us=195424 ca_path = '[UNDEF]'
Sat Jan 8 22:31:05 2022 us=195433 dh_file = '[UNDEF]'
Sat Jan 8 22:31:05 2022 us=195441 cert_file = '/var/etc/openvpn/client1.cert'
Sat Jan 8 22:31:05 2022 us=195472 extra_certs_file = '[UNDEF]'
Sat Jan 8 22:31:05 2022 us=195480 priv_key_file = '/var/etc/openvpn/client1.key'
Sat Jan 8 22:31:05 2022 us=195489 pkcs12_file = '[UNDEF]'
Sat Jan 8 22:31:05 2022 us=195497 cipher_list = '[UNDEF]'
Sat Jan 8 22:31:05 2022 us=195505 tls_verify = '[UNDEF]'
Sat Jan 8 22:31:05 2022 us=195513 tls_export_cert = '[UNDEF]'
Sat Jan 8 22:31:05 2022 us=195522 verify_x509_type = 0
Sat Jan 8 22:31:05 2022 us=195530 verify_x509_name = '[UNDEF]'
Sat Jan 8 22:31:05 2022 us=195538 crl_file = '[UNDEF]'
Sat Jan 8 22:31:05 2022 us=195546 ns_cert_type = 0
Sat Jan 8 22:31:05 2022 us=195555 remote_cert_ku[i] = 0
Sat Jan 8 22:31:05 2022 us=195563 remote_cert_ku[i] = 0
Sat Jan 8 22:31:05 2022 us=195571 remote_cert_ku[i] = 0
Sat Jan 8 22:31:05 2022 us=195579 remote_cert_ku[i] = 0
Sat Jan 8 22:31:05 2022 us=195587 remote_cert_ku[i] = 0
Sat Jan 8 22:31:05 2022 us=195595 remote_cert_ku[i] = 0
Sat Jan 8 22:31:05 2022 us=195603 remote_cert_ku[i] = 0
Sat Jan 8 22:31:05 2022 us=195611 remote_cert_ku[i] = 0
Sat Jan 8 22:31:05 2022 us=195619 remote_cert_ku[i] = 0
Sat Jan 8 22:31:05 2022 us=195627 remote_cert_ku[i] = 0
Sat Jan 8 22:31:05 2022 us=195635 remote_cert_ku[i] = 0
Sat Jan 8 22:31:05 2022 us=195644 remote_cert_ku[i] = 0
Sat Jan 8 22:31:05 2022 us=195652 remote_cert_ku[i] = 0
Sat Jan 8 22:31:05 2022 us=195660 remote_cert_ku[i] = 0
Sat Jan 8 22:31:05 2022 us=195668 remote_cert_ku[i] = 0
Sat Jan 8 22:31:05 2022 us=195676 remote_cert_ku[i] = 0
Sat Jan 8 22:31:05 2022 us=195684 remote_cert_eku = 'TLS Web Server Authentication'
Sat Jan 8 22:31:05 2022 us=195692 ssl_flags = 0
Sat Jan 8 22:31:05 2022 us=195700 tls_timeout = 2
Sat Jan 8 22:31:05 2022 us=195709 renegotiate_bytes = -1
Sat Jan 8 22:31:05 2022 us=195717 renegotiate_packets = 0
Sat Jan 8 22:31:05 2022 us=195725 renegotiate_seconds = 3600
Sat Jan 8 22:31:05 2022 us=195733 handshake_window = 60
Sat Jan 8 22:31:05 2022 us=195745 transition_window = 3600
Sat Jan 8 22:31:05 2022 us=195757 single_session = DISABLED
Sat Jan 8 22:31:05 2022 us=195766 push_peer_info = DISABLED
Sat Jan 8 22:31:05 2022 us=195774 tls_exit = DISABLED
Sat Jan 8 22:31:05 2022 us=195782 tls_auth_file = '[UNDEF]'
Sat Jan 8 22:31:05 2022 us=195800 tls_crypt_file = '[UNDEF]'
Sat Jan 8 22:31:05 2022 us=195812 server_network = 0.0.0.0
Sat Jan 8 22:31:05 2022 us=195821 server_netmask = 0.0.0.0
Sat Jan 8 22:31:05 2022 us=195831 server_network_ipv6 = ::
Sat Jan 8 22:31:05 2022 us=195839 server_netbits_ipv6 = 0
Sat Jan 8 22:31:05 2022 us=195848 server_bridge_ip = 0.0.0.0
Sat Jan 8 22:31:05 2022 us=195857 server_bridge_netmask = 0.0.0.0
Sat Jan 8 22:31:05 2022 us=195866 server_bridge_pool_start = 0.0.0.0
Sat Jan 8 22:31:05 2022 us=195881 server_bridge_pool_end = 0.0.0.0
Sat Jan 8 22:31:05 2022 us=195889 ifconfig_pool_defined = DISABLED
Sat Jan 8 22:31:05 2022 us=195898 ifconfig_pool_start = 0.0.0.0
Sat Jan 8 22:31:05 2022 us=195907 ifconfig_pool_end = 0.0.0.0
Sat Jan 8 22:31:05 2022 us=195916 ifconfig_pool_netmask = 0.0.0.0
Sat Jan 8 22:31:05 2022 us=195924 ifconfig_pool_persist_filename = '[UNDEF]'
Sat Jan 8 22:31:05 2022 us=195932 ifconfig_pool_persist_refresh_freq = 600
Sat Jan 8 22:31:05 2022 us=195940 ifconfig_ipv6_pool_defined = DISABLED
Sat Jan 8 22:31:05 2022 us=195949 ifconfig_ipv6_pool_base = ::
Sat Jan 8 22:31:05 2022 us=195957 ifconfig_ipv6_pool_netbits = 0
Sat Jan 8 22:31:05 2022 us=195965 n_bcast_buf = 256
Sat Jan 8 22:31:05 2022 us=195973 tcp_queue_limit = 64
Sat Jan 8 22:31:05 2022 us=195981 real_hash_size = 256
Sat Jan 8 22:31:05 2022 us=195990 virtual_hash_size = 256
Sat Jan 8 22:31:05 2022 us=195998 client_connect_script = '[UNDEF]'
Sat Jan 8 22:31:05 2022 us=196006 learn_address_script = '[UNDEF]'
Sat Jan 8 22:31:05 2022 us=196014 client_disconnect_script = '[UNDEF]'
Sat Jan 8 22:31:05 2022 us=196023 client_config_dir = '[UNDEF]'
Sat Jan 8 22:31:05 2022 us=196031 ccd_exclusive = DISABLED
Sat Jan 8 22:31:05 2022 us=196039 tmp_dir = '/tmp'
Sat Jan 8 22:31:05 2022 us=196047 push_ifconfig_defined = DISABLED
Sat Jan 8 22:31:05 2022 us=196056 push_ifconfig_local = 0.0.0.0
Sat Jan 8 22:31:05 2022 us=196065 push_ifconfig_remote_netmask = 0.0.0.0
Sat Jan 8 22:31:05 2022 us=196073 push_ifconfig_ipv6_defined = DISABLED
Sat Jan 8 22:31:05 2022 us=196081 push_ifconfig_ipv6_local = ::/0
Sat Jan 8 22:31:05 2022 us=196090 push_ifconfig_ipv6_remote = ::
Sat Jan 8 22:31:05 2022 us=196098 enable_c2c = DISABLED
Sat Jan 8 22:31:05 2022 us=196110 duplicate_cn = DISABLED
Sat Jan 8 22:31:05 2022 us=196118 cf_max = 0
Sat Jan 8 22:31:05 2022 us=196127 cf_per = 0
Sat Jan 8 22:31:05 2022 us=196135 max_clients = 1024
Sat Jan 8 22:31:05 2022 us=196143 max_routes_per_client = 256
Sat Jan 8 22:31:05 2022 us=196151 auth_user_pass_verify_script = '[UNDEF]'
Sat Jan 8 22:31:05 2022 us=196159 auth_user_pass_verify_script_via_file = DISABLED
Sat Jan 8 22:31:05 2022 us=196167 auth_token_generate = DISABLED
Sat Jan 8 22:31:05 2022 us=196175 auth_token_lifetime = 0
Sat Jan 8 22:31:05 2022 us=196184 port_share_host = '[UNDEF]'
Sat Jan 8 22:31:05 2022 us=196192 port_share_port = '[UNDEF]'
Sat Jan 8 22:31:05 2022 us=196204 client = ENABLED
Sat Jan 8 22:31:05 2022 us=196212 pull = ENABLED
Sat Jan 8 22:31:05 2022 us=196221 auth_user_pass_file = '/conf/endpoint/endpoint_login.conf'
Sat Jan 8 22:31:05 2022 us=196230 OpenVPN 2.4.4 amd64-portbld-freebsd11.1 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Mar 16 2018
Sat Jan 8 22:31:05 2022 us=196247 library versions: OpenSSL 1.0.2m-freebsd 2 Nov 2017, LZO 2.10
Sat Jan 8 22:31:05 2022 us=196683 MANAGEMENT: unix domain socket listening on /var/etc/openvpn/client1.sock
Sat Jan 8 22:31:05 2022 us=196758 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Sat Jan 8 22:31:05 2022 us=197188 Control Channel MTU parms [ L:1623 D:1210 EF:40 EB:0 ET:0 EL:3 ]
Sat Jan 8 22:31:05 2022 us=197214 Data Channel MTU parms [ L:1623 D:1450 EF:123 EB:406 ET:0 EL:3 ]
Sat Jan 8 22:31:05 2022 us=197233 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1559,tun-mtu 1500,proto TCPv4_CLIENT,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-client'
Sat Jan 8 22:31:05 2022 us=197242 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1559,tun-mtu 1500,proto TCPv4_SERVER,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-server'
Sat Jan 8 22:31:05 2022 us=197257 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:
Sat Jan 8 22:31:05 2022 us=197274 Socket Buffers: R=[65228->65228] S=[65228->65228]
Sat Jan 8 22:31:05 2022 us=197289 Attempting to establish TCP connection with [AF_INET]x.x.x.x: [nonblock]
Sat Jan 8 22:31:06 2022 us=221106 TCP connection established with [AF_INET]x.x.x.x:
Sat Jan 8 22:31:06 2022 us=221266 TCPv4_CLIENT link local (bound): [AF_INET]192.168.x.x:0
Sat Jan 8 22:31:06 2022 us=221288 TCPv4_CLIENT link remote: [AF_INET]x.x.x.x:
Sat Jan 8 22:31:06 2022 us=533897 TLS: Initial packet from [AF_INET]x.x.x.x:, sid=97f7edc7 dce3573b
Sat Jan 8 22:31:06 2022 us=534056 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Sat Jan 8 22:31:06 2022 us=635584 VERIFY OK: depth=1, O=WatchGuard_Technologies, OU=Fireware, CN=Fireware SSLVPN (SN xxx 2017-06-26 09:50:59 UTC) CA
Sat Jan 8 22:31:06 2022 us=635731 Validating certificate extended key usage
Sat Jan 8 22:31:06 2022 us=635743 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Sat Jan 8 22:31:06 2022 us=635759 VERIFY EKU OK
Sat Jan 8 22:31:06 2022 us=635768 VERIFY OK: depth=0, O=WatchGuard_Technologies, OU=Fireware, CN=Fireware SSLVPN Server
Sat Jan 8 22:31:06 2022 us=761626 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1559', remote='link-mtu 1551'
Sat Jan 8 22:31:06 2022 us=761650 WARNING: 'cipher' is used inconsistently, local='cipher AES-256-CBC', remote='cipher AES-256-GCM'
Sat Jan 8 22:31:06 2022 us=761661 WARNING: 'auth' is used inconsistently, local='auth SHA1', remote='auth [null-digest]'
Sat Jan 8 22:31:06 2022 us=761763 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Sat Jan 8 22:31:06 2022 us=761781 [Fireware SSLVPN Server] Peer Connection Initiated with [AF_INET]x.x.x.x:
Sat Jan 8 22:31:07 2022 us=965947 SENT CONTROL [Fireware SSLVPN Server]: 'PUSH_REQUEST' (status=1)
Sat Jan 8 22:31:08 2022 us=10119 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,block-outside-dns,dhcp-option DOMAIN x.com,dhcp-option DNS x.x.x.x,dhcp-option DNS x.x.x.x,route-gateway 192.168.x.x,topology subnet,ping 10,ping-restart 60,ifconfig 192.168.x.x 255.255.255.0,peer-id 0'
Sat Jan 8 22:31:08 2022 us=10157 Options error: option 'redirect-gateway' cannot be used in this context ([PUSH-OPTIONS])
Sat Jan 8 22:31:08 2022 us=10174 Options error: Unrecognized option or missing or extra parameter(s) in [PUSH-OPTIONS]:2: block-outside-dns (2.4.4)
Sat Jan 8 22:31:08 2022 us=10185 Options error: option 'dhcp-option' cannot be used in this context ([PUSH-OPTIONS])
Sat Jan 8 22:31:08 2022 us=10195 Options error: option 'dhcp-option' cannot be used in this context ([PUSH-OPTIONS])
Sat Jan 8 22:31:08 2022 us=10205 Options error: option 'dhcp-option' cannot be used in this context ([PUSH-OPTIONS])
Sat Jan 8 22:31:08 2022 us=10238 OPTIONS IMPORT: timers and/or timeouts modified
Sat Jan 8 22:31:08 2022 us=10247 OPTIONS IMPORT: --ifconfig/up options modified
Sat Jan 8 22:31:08 2022 us=10256 OPTIONS IMPORT: route-related options modified
Sat Jan 8 22:31:08 2022 us=10266 OPTIONS IMPORT: peer-id set
Sat Jan 8 22:31:08 2022 us=10275 OPTIONS IMPORT: adjusting link_mtu to 1626
Sat Jan 8 22:31:08 2022 us=10285 Using peer cipher 'AES-256-GCM'
Sat Jan 8 22:31:08 2022 us=10294 Data Channel: using negotiated cipher 'AES-256-GCM'
Sat Jan 8 22:31:08 2022 us=10308 Data Channel MTU parms [ L:1554 D:1450 EF:54 EB:406 ET:0 EL:3 ]
Sat Jan 8 22:31:08 2022 us=10377 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Sat Jan 8 22:31:08 2022 us=10389 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Sat Jan 8 22:31:08 2022 us=10501 ROUTE_GATEWAY 192.168.x.x/255.255.255.0 IFACE=em0 HWADDR=00:0c:29:xx:xx:xx
Sat Jan 8 22:31:08 2022 us=10532 TUN/TAP device ovpnc1 exists previously, keep at program end
Sat Jan 8 22:31:08 2022 us=10576 TUN/TAP device /dev/tun1 opened
Sat Jan 8 22:31:08 2022 us=10589 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Sat Jan 8 22:31:08 2022 us=10608 /sbin/ifconfig ovpnc1 192.168.x.x 192.168.x.x mtu 1500 netmask 255.255.255.0 up
Sat Jan 8 22:31:08 2022 us=14014 /sbin/route add -net 192.168.x.x 192.168.x.x 255.255.255.0
add net 192.168.x.x : gateway 192.168.x.x
Sat Jan 8 22:31:08 2022 us=14869 /usr/local/sbin/ovpn-linkup ovpnc1 1500 1554 192.168.x.x 255.255.255.0 init
OK
Sat Jan 8 22:31:08 2022 us=17714 /sbin/route add -net 10.0.0.0 192.168.x.x 255.255.255.0
add net 10.0.0.0: gateway 192.168.x.x
Sat Jan 8 22:31:08 2022 us=18490 Initialization Sequence Completed
Now the new not working Client:
Code: Select all
openvpn --version
OpenVPN 2.5.2 amd64-portbld-freebsd12.2 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Jun 24 2021
library versions: OpenSSL 1.1.1k-freebsd 25 Mar 2021, LZO 2.10
Originally developed by James Yonan
Copyright (C) 2002-2018 OpenVPN Inc <sales@openvpn.net>
Compile time defines: enable_async_push=yes enable_comp_stub=no enable_crypto_ofb_cfb=yes enable_debug=yes enable_def_auth=yes enable_dlopen=unknown enable_dlopen_self=unknown enable_dlopen_self_static=unknown enable_fast_install=needless enable_fragment=yes enable_iproute2=no enable_libtool_lock=yes enable_lz4=yes enable_lzo=yes enable_management=yes enable_multihome=yes enable_pam_dlopen=no enable_pedantic=no enable_pf=yes enable_pkcs11=no enable_plugin_auth_pam=yes enable_plugin_down_root=yes enable_plugins=yes enable_port_share=yes enable_selinux=no enable_shared=yes enable_shared_with_static_runtimes=no enable_silent_rules=no enable_small=no enable_static=yes enable_strict=yes enable_strict_options=no enable_systemd=no enable_unit_tests=no enable_werror=no enable_win32_dll=yes enable_x509_alt_username=yes with_aix_soname=aix with_crypto_library=openssl with_gnu_ld=yes with_mem_check=no with_sysroot=no
Server Config
dev ovpnc1
verb 4
dev-type tun
dev-node /dev/tun1
writepid /var/run/openvpn_client1.pid
#user nobody
#group nobody
script-security 3
#daemon
keepalive 10 60
ping-timer-rem
persist-tun
persist-key
proto tcp4-client
auth SHA1
up /usr/local/sbin/ovpn-linkup
down /usr/local/sbin/ovpn-linkdown
local 192.168.x.x
tls-client
client
lport 0
management /var/etc/openvpn/client1/sock unix
remote xx.xx.xx.xx tcp4-client
route 10.0.0.0 255.255.255.0
capath /var/etc/openvpn/client1/ca
cert /var/etc/openvpn/client1/cert
key /var/etc/openvpn/client1/key
data-ciphers AES-256-GCM:AES-128-GCM:AES-256-CBC
data-ciphers-fallback AES-256-CBC
resolv-retry infinite
auth-user-pass /conf/endpoint/endpoint_login.conf
remote-cert-eku "TLS Web Server Authentication"
route-nopull
the log
Code: Select all
2022-01-08 22:45:16 us=34759 Current Parameter Settings:
2022-01-08 22:45:16 us=34851 config = '/var/etc/openvpn/client1/config.ovpn'
2022-01-08 22:45:16 us=34859 mode = 0
2022-01-08 22:45:16 us=34866 show_ciphers = DISABLED
2022-01-08 22:45:16 us=34873 show_digests = DISABLED
2022-01-08 22:45:16 us=34880 show_engines = DISABLED
2022-01-08 22:45:16 us=34887 genkey = DISABLED
2022-01-08 22:45:16 us=34894 genkey_filename = '[UNDEF]'
2022-01-08 22:45:16 us=34901 key_pass_file = '[UNDEF]'
2022-01-08 22:45:16 us=34909 show_tls_ciphers = DISABLED
2022-01-08 22:45:16 us=34915 connect_retry_max = 0
2022-01-08 22:45:16 us=34922 Connection profiles [0]:
2022-01-08 22:45:16 us=34929 proto = tcp4-client
2022-01-08 22:45:16 us=34936 local = '192.168.x.x'
2022-01-08 22:45:16 us=34943 local_port = '0'
2022-01-08 22:45:16 us=34951 remote = 'x.x.x.x'
2022-01-08 22:45:16 us=34958 remote_port = ''
2022-01-08 22:45:16 us=34965 remote_float = DISABLED
2022-01-08 22:45:16 us=34972 bind_defined = DISABLED
2022-01-08 22:45:16 us=34978 bind_local = ENABLED
2022-01-08 22:45:16 us=34985 bind_ipv6_only = DISABLED
2022-01-08 22:45:16 us=34992 connect_retry_seconds = 5
2022-01-08 22:45:16 us=34999 connect_timeout = 120
2022-01-08 22:45:16 us=35006 socks_proxy_server = '[UNDEF]'
2022-01-08 22:45:16 us=35013 socks_proxy_port = '[UNDEF]'
2022-01-08 22:45:16 us=35082 tun_mtu = 1500
2022-01-08 22:45:16 us=35101 tun_mtu_defined = ENABLED
2022-01-08 22:45:16 us=35109 link_mtu = 1500
2022-01-08 22:45:16 us=35116 link_mtu_defined = DISABLED
2022-01-08 22:45:16 us=35123 tun_mtu_extra = 0
2022-01-08 22:45:16 us=35130 tun_mtu_extra_defined = DISABLED
2022-01-08 22:45:16 us=35137 mtu_discover_type = -1
2022-01-08 22:45:16 us=35144 fragment = 0
2022-01-08 22:45:16 us=35151 mssfix = 1450
2022-01-08 22:45:16 us=35159 explicit_exit_notification = 0
2022-01-08 22:45:16 us=35166 tls_auth_file = '[UNDEF]'
2022-01-08 22:45:16 us=35173 key_direction = not set
2022-01-08 22:45:16 us=35180 tls_crypt_file = '[UNDEF]'
2022-01-08 22:45:16 us=35187 tls_crypt_v2_file = '[UNDEF]'
2022-01-08 22:45:16 us=35194 Connection profiles END
2022-01-08 22:45:16 us=35200 remote_random = DISABLED
2022-01-08 22:45:16 us=35207 ipchange = '[UNDEF]'
2022-01-08 22:45:16 us=35214 dev = 'ovpnc1'
2022-01-08 22:45:16 us=35221 dev_type = 'tun'
2022-01-08 22:45:16 us=35228 dev_node = '/dev/tun1'
2022-01-08 22:45:16 us=35235 lladdr = '[UNDEF]'
2022-01-08 22:45:16 us=35242 topology = 1
2022-01-08 22:45:16 us=35249 ifconfig_local = '[UNDEF]'
2022-01-08 22:45:16 us=35256 ifconfig_remote_netmask = '[UNDEF]'
2022-01-08 22:45:16 us=35263 ifconfig_noexec = DISABLED
2022-01-08 22:45:16 us=35270 ifconfig_nowarn = DISABLED
2022-01-08 22:45:16 us=35277 ifconfig_ipv6_local = '[UNDEF]'
2022-01-08 22:45:16 us=35283 ifconfig_ipv6_netbits = 0
2022-01-08 22:45:16 us=35290 ifconfig_ipv6_remote = '[UNDEF]'
2022-01-08 22:45:16 us=35297 shaper = 0
2022-01-08 22:45:16 us=35304 mtu_test = 0
2022-01-08 22:45:16 us=35311 mlock = DISABLED
2022-01-08 22:45:16 us=35318 keepalive_ping = 10
2022-01-08 22:45:16 us=35325 keepalive_timeout = 60
2022-01-08 22:45:16 us=35332 inactivity_timeout = 0
2022-01-08 22:45:16 us=35338 ping_send_timeout = 10
2022-01-08 22:45:16 us=35345 ping_rec_timeout = 60
2022-01-08 22:45:16 us=35352 ping_rec_timeout_action = 2
2022-01-08 22:45:16 us=35359 ping_timer_remote = ENABLED
2022-01-08 22:45:16 us=35366 remap_sigusr1 = 0
2022-01-08 22:45:16 us=35373 persist_tun = ENABLED
2022-01-08 22:45:16 us=35380 persist_local_ip = DISABLED
2022-01-08 22:45:16 us=35387 persist_remote_ip = DISABLED
2022-01-08 22:45:16 us=35394 persist_key = ENABLED
2022-01-08 22:45:16 us=35400 passtos = DISABLED
2022-01-08 22:45:16 us=35407 resolve_retry_seconds = 1000000000
2022-01-08 22:45:16 us=35414 resolve_in_advance = DISABLED
2022-01-08 22:45:16 us=35421 username = '[UNDEF]'
2022-01-08 22:45:16 us=35428 groupname = '[UNDEF]'
2022-01-08 22:45:16 us=35435 chroot_dir = '[UNDEF]'
2022-01-08 22:45:16 us=35442 cd_dir = '[UNDEF]'
2022-01-08 22:45:16 us=35449 writepid = '/var/run/openvpn_client1.pid'
2022-01-08 22:45:16 us=35456 up_script = '/usr/local/sbin/ovpn-linkup'
2022-01-08 22:45:16 us=35463 down_script = '/usr/local/sbin/ovpn-linkdown'
2022-01-08 22:45:16 us=35470 down_pre = DISABLED
2022-01-08 22:45:16 us=35477 up_restart = DISABLED
2022-01-08 22:45:16 us=35484 up_delay = DISABLED
2022-01-08 22:45:16 us=35491 daemon = DISABLED
2022-01-08 22:45:16 us=35497 inetd = 0
2022-01-08 22:45:16 us=35504 log = DISABLED
2022-01-08 22:45:16 us=35511 suppress_timestamps = DISABLED
2022-01-08 22:45:16 us=35518 machine_readable_output = DISABLED
2022-01-08 22:45:16 us=35525 nice = 0
2022-01-08 22:45:16 us=35532 verbosity = 4
2022-01-08 22:45:16 us=35539 mute = 0
2022-01-08 22:45:16 us=35546 gremlin = 0
2022-01-08 22:45:16 us=35553 status_file = '[UNDEF]'
2022-01-08 22:45:16 us=35559 status_file_version = 1
2022-01-08 22:45:16 us=35566 status_file_update_freq = 60
2022-01-08 22:45:16 us=35573 occ = ENABLED
2022-01-08 22:45:16 us=35580 rcvbuf = 0
2022-01-08 22:45:16 us=35587 sndbuf = 0
2022-01-08 22:45:16 us=35593 sockflags = 0
2022-01-08 22:45:16 us=35600 fast_io = DISABLED
2022-01-08 22:45:16 us=35607 comp.alg = 0
2022-01-08 22:45:16 us=35614 comp.flags = 0
2022-01-08 22:45:16 us=35621 route_script = '[UNDEF]'
2022-01-08 22:45:16 us=35628 route_default_gateway = '[UNDEF]'
2022-01-08 22:45:16 us=35635 route_default_metric = 0
2022-01-08 22:45:16 us=35642 route_noexec = DISABLED
2022-01-08 22:45:16 us=35649 route_delay = 0
2022-01-08 22:45:16 us=35656 route_delay_window = 30
2022-01-08 22:45:16 us=35662 route_delay_defined = DISABLED
2022-01-08 22:45:16 us=35669 route_nopull = ENABLED
2022-01-08 22:45:16 us=35676 route_gateway_via_dhcp = DISABLED
2022-01-08 22:45:16 us=35683 allow_pull_fqdn = DISABLED
2022-01-08 22:45:16 us=35691 route 10.0.0.0/255.255.255.0/default (not set)/default (not set)
2022-01-08 22:45:16 us=35705 management_addr = '/var/etc/openvpn/client1/sock'
2022-01-08 22:45:16 us=35712 management_port = 'unix'
2022-01-08 22:45:16 us=35719 management_user_pass = '[UNDEF]'
2022-01-08 22:45:16 us=35726 management_log_history_cache = 250
2022-01-08 22:45:16 us=35733 management_echo_buffer_size = 100
2022-01-08 22:45:16 us=35740 management_write_peer_info_file = '[UNDEF]'
2022-01-08 22:45:16 us=35747 management_client_user = '[UNDEF]'
2022-01-08 22:45:16 us=35754 management_client_group = '[UNDEF]'
2022-01-08 22:45:16 us=35761 management_flags = 256
2022-01-08 22:45:16 us=35768 shared_secret_file = '[UNDEF]'
2022-01-08 22:45:16 us=35775 key_direction = not set
2022-01-08 22:45:16 us=35782 ciphername = 'AES-256-CBC'
2022-01-08 22:45:16 us=35788 ncp_enabled = ENABLED
2022-01-08 22:45:16 us=35795 ncp_ciphers = 'AES-256-GCM:AES-128-GCM:AES-256-CBC'
2022-01-08 22:45:16 us=35802 authname = 'SHA1'
2022-01-08 22:45:16 us=35809 prng_hash = 'SHA1'
2022-01-08 22:45:16 us=35816 prng_nonce_secret_len = 16
2022-01-08 22:45:16 us=35823 keysize = 0
2022-01-08 22:45:16 us=35830 engine = DISABLED
2022-01-08 22:45:16 us=35837 replay = ENABLED
2022-01-08 22:45:16 us=35844 mute_replay_warnings = DISABLED
2022-01-08 22:45:16 us=35851 replay_window = 64
2022-01-08 22:45:16 us=35857 replay_time = 15
2022-01-08 22:45:16 us=36150 packet_id_file = '[UNDEF]'
2022-01-08 22:45:16 us=36161 test_crypto = DISABLED
2022-01-08 22:45:16 us=36168 tls_server = DISABLED
2022-01-08 22:45:16 us=36175 tls_client = ENABLED
2022-01-08 22:45:16 us=36182 ca_file = '[UNDEF]'
2022-01-08 22:45:16 us=36189 ca_path = '/var/etc/openvpn/client1/ca'
2022-01-08 22:45:16 us=36196 dh_file = '[UNDEF]'
2022-01-08 22:45:16 us=36203 cert_file = '/var/etc/openvpn/client1/cert'
2022-01-08 22:45:16 us=36210 extra_certs_file = '[UNDEF]'
2022-01-08 22:45:16 us=36217 priv_key_file = '/var/etc/openvpn/client1/key'
2022-01-08 22:45:16 us=36223 pkcs12_file = '[UNDEF]'
2022-01-08 22:45:16 us=36230 cipher_list = '[UNDEF]'
2022-01-08 22:45:16 us=36239 cipher_list_tls13 = '[UNDEF]'
2022-01-08 22:45:16 us=36246 tls_cert_profile = '[UNDEF]'
2022-01-08 22:45:16 us=36252 tls_verify = '[UNDEF]'
2022-01-08 22:45:16 us=36259 tls_export_cert = '[UNDEF]'
2022-01-08 22:45:16 us=36265 verify_x509_type = 0
2022-01-08 22:45:16 us=36272 verify_x509_name = '[UNDEF]'
2022-01-08 22:45:16 us=36279 crl_file = '[UNDEF]'
2022-01-08 22:45:16 us=36285 ns_cert_type = 0
2022-01-08 22:45:16 us=36292 remote_cert_ku[i] = 0
2022-01-08 22:45:16 us=36298 remote_cert_ku[i] = 0
2022-01-08 22:45:16 us=36305 remote_cert_ku[i] = 0
2022-01-08 22:45:16 us=36311 remote_cert_ku[i] = 0
2022-01-08 22:45:16 us=36318 remote_cert_ku[i] = 0
2022-01-08 22:45:16 us=36324 remote_cert_ku[i] = 0
2022-01-08 22:45:16 us=36331 remote_cert_ku[i] = 0
2022-01-08 22:45:16 us=36337 remote_cert_ku[i] = 0
2022-01-08 22:45:16 us=36344 remote_cert_ku[i] = 0
2022-01-08 22:45:16 us=36350 remote_cert_ku[i] = 0
2022-01-08 22:45:16 us=36357 remote_cert_ku[i] = 0
2022-01-08 22:45:16 us=36363 remote_cert_ku[i] = 0
2022-01-08 22:45:16 us=36370 remote_cert_ku[i] = 0
2022-01-08 22:45:16 us=36376 remote_cert_ku[i] = 0
2022-01-08 22:45:16 us=36383 remote_cert_ku[i] = 0
2022-01-08 22:45:16 us=36389 remote_cert_ku[i] = 0
2022-01-08 22:45:16 us=36396 remote_cert_eku = 'TLS Web Server Authentication'
2022-01-08 22:45:16 us=36402 ssl_flags = 0
2022-01-08 22:45:16 us=36409 tls_timeout = 2
2022-01-08 22:45:16 us=36416 renegotiate_bytes = -1
2022-01-08 22:45:16 us=36422 renegotiate_packets = 0
2022-01-08 22:45:16 us=36429 renegotiate_seconds = 3600
2022-01-08 22:45:16 us=36436 handshake_window = 60
2022-01-08 22:45:16 us=36442 transition_window = 3600
2022-01-08 22:45:16 us=36449 single_session = DISABLED
2022-01-08 22:45:16 us=36455 push_peer_info = DISABLED
2022-01-08 22:45:16 us=36462 tls_exit = DISABLED
2022-01-08 22:45:16 us=36469 tls_crypt_v2_metadata = '[UNDEF]'
2022-01-08 22:45:16 us=36480 server_network = 0.0.0.0
2022-01-08 22:45:16 us=36487 server_netmask = 0.0.0.0
2022-01-08 22:45:16 us=36495 server_network_ipv6 = ::
2022-01-08 22:45:16 us=36502 server_netbits_ipv6 = 0
2022-01-08 22:45:16 us=36509 server_bridge_ip = 0.0.0.0
2022-01-08 22:45:16 us=36516 server_bridge_netmask = 0.0.0.0
2022-01-08 22:45:16 us=36522 server_bridge_pool_start = 0.0.0.0
2022-01-08 22:45:16 us=36530 server_bridge_pool_end = 0.0.0.0
2022-01-08 22:45:16 us=36536 ifconfig_pool_defined = DISABLED
2022-01-08 22:45:16 us=36543 ifconfig_pool_start = 0.0.0.0
2022-01-08 22:45:16 us=36550 ifconfig_pool_end = 0.0.0.0
2022-01-08 22:45:16 us=36557 ifconfig_pool_netmask = 0.0.0.0
2022-01-08 22:45:16 us=36563 ifconfig_pool_persist_filename = '[UNDEF]'
2022-01-08 22:45:16 us=36570 ifconfig_pool_persist_refresh_freq = 600
2022-01-08 22:45:16 us=36577 ifconfig_ipv6_pool_defined = DISABLED
2022-01-08 22:45:16 us=36583 ifconfig_ipv6_pool_base = ::
2022-01-08 22:45:16 us=36590 ifconfig_ipv6_pool_netbits = 0
2022-01-08 22:45:16 us=36597 n_bcast_buf = 256
2022-01-08 22:45:16 us=36603 tcp_queue_limit = 64
2022-01-08 22:45:16 us=36610 real_hash_size = 256
2022-01-08 22:45:16 us=36617 virtual_hash_size = 256
2022-01-08 22:45:16 us=36623 client_connect_script = '[UNDEF]'
2022-01-08 22:45:16 us=36630 learn_address_script = '[UNDEF]'
2022-01-08 22:45:16 us=36636 client_disconnect_script = '[UNDEF]'
2022-01-08 22:45:16 us=36643 client_config_dir = '[UNDEF]'
2022-01-08 22:45:16 us=36650 ccd_exclusive = DISABLED
2022-01-08 22:45:16 us=36656 tmp_dir = '/tmp'
2022-01-08 22:45:16 us=36663 push_ifconfig_defined = DISABLED
2022-01-08 22:45:16 us=36670 push_ifconfig_local = 0.0.0.0
2022-01-08 22:45:16 us=36677 push_ifconfig_remote_netmask = 0.0.0.0
2022-01-08 22:45:16 us=36683 push_ifconfig_ipv6_defined = DISABLED
2022-01-08 22:45:16 us=36690 push_ifconfig_ipv6_local = ::/0
2022-01-08 22:45:16 us=36697 push_ifconfig_ipv6_remote = ::
2022-01-08 22:45:16 us=36704 enable_c2c = DISABLED
2022-01-08 22:45:16 us=36710 duplicate_cn = DISABLED
2022-01-08 22:45:16 us=36717 cf_max = 0
2022-01-08 22:45:16 us=36723 cf_per = 0
2022-01-08 22:45:16 us=36730 max_clients = 1024
2022-01-08 22:45:16 us=36736 max_routes_per_client = 256
2022-01-08 22:45:16 us=36743 auth_user_pass_verify_script = '[UNDEF]'
2022-01-08 22:45:16 us=36750 auth_user_pass_verify_script_via_file = DISABLED
2022-01-08 22:45:16 us=36756 auth_token_generate = DISABLED
2022-01-08 22:45:16 us=36763 auth_token_lifetime = 0
2022-01-08 22:45:16 us=36769 auth_token_secret_file = '[UNDEF]'
2022-01-08 22:45:16 us=36776 port_share_host = '[UNDEF]'
2022-01-08 22:45:16 us=36783 port_share_port = '[UNDEF]'
2022-01-08 22:45:16 us=36790 vlan_tagging = DISABLED
2022-01-08 22:45:16 us=36796 vlan_accept = all
2022-01-08 22:45:16 us=36803 vlan_pvid = 1
2022-01-08 22:45:16 us=36810 client = ENABLED
2022-01-08 22:45:16 us=36816 pull = ENABLED
2022-01-08 22:45:16 us=36823 auth_user_pass_file = '/conf/endpoint/endpoint_login.conf'
2022-01-08 22:45:16 us=36830 OpenVPN 2.5.2 amd64-portbld-freebsd12.2 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Jun 24 2021
2022-01-08 22:45:16 us=36840 library versions: OpenSSL 1.1.1k-freebsd 25 Mar 2021, LZO 2.10
2022-01-08 22:45:16 us=37108 MANAGEMENT: unix domain socket listening on /var/etc/openvpn/client1/sock
2022-01-08 22:45:16 us=37161 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2022-01-08 22:45:16 us=37955 WARNING: experimental option --capath /var/etc/openvpn/client1/ca
2022-01-08 22:45:16 us=38112 Control Channel MTU parms [ L:1623 D:1210 EF:40 EB:0 ET:0 EL:3 ]
2022-01-08 22:45:16 us=38137 Data Channel MTU parms [ L:1623 D:1450 EF:123 EB:406 ET:0 EL:3 ]
2022-01-08 22:45:16 us=38160 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1559,tun-mtu 1500,proto TCPv4_CLIENT,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-client'
2022-01-08 22:45:16 us=38168 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1559,tun-mtu 1500,proto TCPv4_SERVER,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-server'
2022-01-08 22:45:16 us=38181 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x
2022-01-08 22:45:16 us=38197 Socket Buffers: R=[65228->65228] S=[65228->65228]
2022-01-08 22:45:16 us=38212 Attempting to establish TCP connection with [AF_INET]x.x.x.x [nonblock]
2022-01-08 22:45:16 us=63463 TCP connection established with [AF_INET]x.x.x.x
2022-01-08 22:45:16 us=63484 TCPv4_CLIENT link local (bound): [AF_INET]192.168.x.x:0
2022-01-08 22:45:16 us=63493 TCPv4_CLIENT link remote: [AF_INET]x.x.x.x
2022-01-08 22:45:27 us=562254 MANAGEMENT: Client connected from /var/etc/openvpn/client1/sock
2022-01-08 22:45:27 us=562427 MANAGEMENT: CMD 'state 1'
2022-01-08 22:45:27 us=562528 MANAGEMENT: Client disconnected
2022-01-08 22:45:47 us=752020 MANAGEMENT: Client connected from /var/etc/openvpn/client1/sock
2022-01-08 22:45:47 us=752265 MANAGEMENT: CMD 'state 1'
2022-01-08 22:45:47 us=752400 MANAGEMENT: Client disconnected
2022-01-08 22:46:07 us=915511 MANAGEMENT: Client connected from /var/etc/openvpn/client1/sock
2022-01-08 22:46:07 us=915690 MANAGEMENT: CMD 'state 1'
2022-01-08 22:46:07 us=915785 MANAGEMENT: Client disconnected
2022-01-08 22:46:16 us=535889 [UNDEF] Inactivity timeout (--ping-restart), restarting
2022-01-08 22:46:16 us=535966 TCP/UDP: Closing socket
2022-01-08 22:46:16 us=536033 SIGUSR1[soft,ping-restart] received, process restarting
2022-01-08 22:46:16 us=536058 Restart pause, 5 second(s)
^C2022-01-08 22:46:18 us=164396 SIGINT[hard,init_instance] received, process exiting <-- i quit ctrl+c
Any Idea how i can get this woking?
BR
mode