Not able to access Lan after reboot Windows Server 2019

This forum is for admins who are looking to build or expand their OpenVPN setup.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
puachaikul
OpenVpn Newbie
Posts: 2
Joined: Wed Feb 23, 2022 5:45 pm

Not able to access Lan after reboot Windows Server 2019

Post by puachaikul » Wed Feb 23, 2022 10:07 pm

Hi,

We installed the OpenVPN Community Edition on our Windows Server 2019 and configured it to run as a service.
The server is behind a router/firewall and we configured the port forwarding to the Windows server.
We added Remote Access roles > DirectAccess and VPN (RAS) and Routing, then configured the lan routing on the network interfaces.
We enabled the Internet Connection Sharing and changed the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\ ScopeAddress to 10.3.0.1

From our Windows 10 client laptop, we are able to access all servers and devices on our 10.0.1.x lan.
Everything seems to be working fine.
The issue is if we reboot the Windows Server, we are still able to connect the VPN but we could only access the Windows Server and not other servers/devices on 10.0.1.x
(We can ping the Windows server IP and the 10.3.0.1 but not other servers.)
We have to manually disable the Internet Connection Sharing and reenable it. Then we can access the 10.0.1.x devices again.

How can we make it work after reboot and not having to manually change the ICS?

Here are our configurations and logs.
Server
server

port xxxxx
proto udp
dev tun
ca "C:\\Program Files\\OpenVPN\\config-auto\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\config-auto\\xxxxxx.crt"
key "C:\\Program Files\\OpenVPN\\config-auto\\xxxxxx.key" # This file should be kept secret
dh "C:\\Program Files\\OpenVPN\\config-auto\\dh.pem"
server 10.3.0.0 255.255.255.0
push "route 10.0.1.0 255.255.255.0"
push "dhcp-option DNS 10.3.0.1"
push "dhcp-option WINS 10.3.0.1"
push "dhcp-option DOMAIN xxxxxxxxxx.local"
keepalive 10 120
tls-auth ta.key 0 # This file is secret
cipher AES-256-GCM
persist-key
persist-tun
status openvpn-status.log
verb 4
explicit-exit-notify 1

Code: Select all

2022-02-23 11:56:08 us=656000 WARNING: --topology net30 support for server configs with IPv4 pools will be removed in a future release. Please migrate to --topology subnet as soon as possible.
2022-02-23 11:56:08 us=656000 Current Parameter Settings:
2022-02-23 11:56:08 us=656000   config = 'C:\Program Files\OpenVPN\config-auto\XXXXXX.ovpn'
2022-02-23 11:56:08 us=656000   mode = 1
2022-02-23 11:56:08 us=656000   show_ciphers = DISABLED
2022-02-23 11:56:08 us=656000   show_digests = DISABLED
2022-02-23 11:56:08 us=656000   show_engines = DISABLED
2022-02-23 11:56:08 us=656000   genkey = DISABLED
2022-02-23 11:56:08 us=656000   genkey_filename = '[UNDEF]'
2022-02-23 11:56:08 us=656000   key_pass_file = '[UNDEF]'
2022-02-23 11:56:08 us=656000   show_tls_ciphers = DISABLED
2022-02-23 11:56:08 us=656000   connect_retry_max = 0
2022-02-23 11:56:08 us=656000 Connection profiles [0]:
2022-02-23 11:56:08 us=656000   proto = udp
2022-02-23 11:56:08 us=656000   local = '[UNDEF]'
2022-02-23 11:56:08 us=656000   local_port = 'xxxxx'
2022-02-23 11:56:08 us=656000   remote = '[UNDEF]'
2022-02-23 11:56:08 us=656000   remote_port = 'xxxxx'
2022-02-23 11:56:08 us=656000   remote_float = DISABLED
2022-02-23 11:56:08 us=656000   bind_defined = DISABLED
2022-02-23 11:56:08 us=656000   bind_local = ENABLED
2022-02-23 11:56:08 us=656000   bind_ipv6_only = DISABLED
2022-02-23 11:56:08 us=656000   connect_retry_seconds = 5
2022-02-23 11:56:08 us=656000   connect_timeout = 120
2022-02-23 11:56:08 us=656000   socks_proxy_server = '[UNDEF]'
2022-02-23 11:56:08 us=656000   socks_proxy_port = '[UNDEF]'
2022-02-23 11:56:08 us=656000   tun_mtu = 1500
2022-02-23 11:56:08 us=656000   tun_mtu_defined = ENABLED
2022-02-23 11:56:08 us=656000   link_mtu = 1500
2022-02-23 11:56:08 us=656000   link_mtu_defined = DISABLED
2022-02-23 11:56:08 us=656000   tun_mtu_extra = 0
2022-02-23 11:56:08 us=656000   tun_mtu_extra_defined = DISABLED
2022-02-23 11:56:08 us=656000   mtu_discover_type = -1
2022-02-23 11:56:08 us=656000   fragment = 0
2022-02-23 11:56:08 us=656000   mssfix = 1450
2022-02-23 11:56:08 us=656000   explicit_exit_notification = 1
2022-02-23 11:56:08 us=656000   tls_auth_file = '[INLINE]'
2022-02-23 11:56:08 us=656000   key_direction = 0
2022-02-23 11:56:08 us=656000   tls_crypt_file = '[UNDEF]'
2022-02-23 11:56:08 us=656000   tls_crypt_v2_file = '[UNDEF]'
2022-02-23 11:56:08 us=656000 Connection profiles END
2022-02-23 11:56:08 us=656000   remote_random = DISABLED
2022-02-23 11:56:08 us=656000   ipchange = '[UNDEF]'
2022-02-23 11:56:08 us=656000   dev = 'tun'
2022-02-23 11:56:08 us=656000   dev_type = '[UNDEF]'
2022-02-23 11:56:08 us=656000   dev_node = '[UNDEF]'
2022-02-23 11:56:08 us=656000   lladdr = '[UNDEF]'
2022-02-23 11:56:08 us=656000   topology = 1
2022-02-23 11:56:08 us=656000   ifconfig_local = '10.3.0.1'
2022-02-23 11:56:08 us=656000   ifconfig_remote_netmask = '10.3.0.2'
2022-02-23 11:56:08 us=656000   ifconfig_noexec = DISABLED
2022-02-23 11:56:08 us=656000   ifconfig_nowarn = DISABLED
2022-02-23 11:56:08 us=656000   ifconfig_ipv6_local = '[UNDEF]'
2022-02-23 11:56:08 us=656000   ifconfig_ipv6_netbits = 0
2022-02-23 11:56:08 us=656000   ifconfig_ipv6_remote = '[UNDEF]'
2022-02-23 11:56:08 us=656000   shaper = 0
2022-02-23 11:56:08 us=656000   mtu_test = 0
2022-02-23 11:56:08 us=656000   mlock = DISABLED
2022-02-23 11:56:08 us=656000   keepalive_ping = 10
2022-02-23 11:56:08 us=656000   keepalive_timeout = 120
2022-02-23 11:56:08 us=656000   inactivity_timeout = 0
2022-02-23 11:56:08 us=656000   ping_send_timeout = 10
2022-02-23 11:56:08 us=656000   ping_rec_timeout = 240
2022-02-23 11:56:08 us=656000   ping_rec_timeout_action = 2
2022-02-23 11:56:08 us=656000   ping_timer_remote = DISABLED
2022-02-23 11:56:08 us=656000   remap_sigusr1 = 0
2022-02-23 11:56:08 us=656000   persist_tun = ENABLED
2022-02-23 11:56:08 us=656000   persist_local_ip = DISABLED
2022-02-23 11:56:08 us=656000   persist_remote_ip = DISABLED
2022-02-23 11:56:08 us=656000   persist_key = ENABLED
2022-02-23 11:56:08 us=656000   passtos = DISABLED
2022-02-23 11:56:08 us=656000   resolve_retry_seconds = 1000000000
2022-02-23 11:56:08 us=656000   resolve_in_advance = DISABLED
2022-02-23 11:56:08 us=656000   username = '[UNDEF]'
2022-02-23 11:56:08 us=656000   groupname = '[UNDEF]'
2022-02-23 11:56:08 us=656000   chroot_dir = '[UNDEF]'
2022-02-23 11:56:08 us=656000   cd_dir = '[UNDEF]'
2022-02-23 11:56:08 us=656000   writepid = '[UNDEF]'
2022-02-23 11:56:08 us=656000   up_script = '[UNDEF]'
2022-02-23 11:56:08 us=656000   down_script = '[UNDEF]'
2022-02-23 11:56:08 us=656000   down_pre = DISABLED
2022-02-23 11:56:08 us=656000   up_restart = DISABLED
2022-02-23 11:56:08 us=656000   up_delay = DISABLED
2022-02-23 11:56:08 us=656000   daemon = DISABLED
2022-02-23 11:56:08 us=656000   inetd = 0
2022-02-23 11:56:08 us=656000   log = DISABLED
2022-02-23 11:56:08 us=656000   suppress_timestamps = DISABLED
2022-02-23 11:56:08 us=656000   machine_readable_output = DISABLED
2022-02-23 11:56:08 us=656000   nice = 0
2022-02-23 11:56:08 us=656000   verbosity = 4
2022-02-23 11:56:08 us=656000   mute = 0
2022-02-23 11:56:08 us=656000   status_file = 'openvpn-status.log'
2022-02-23 11:56:08 us=656000   status_file_version = 1
2022-02-23 11:56:08 us=656000   status_file_update_freq = 60
2022-02-23 11:56:08 us=656000   occ = ENABLED
2022-02-23 11:56:08 us=656000   rcvbuf = 0
2022-02-23 11:56:08 us=656000   sndbuf = 0
2022-02-23 11:56:08 us=656000   sockflags = 0
2022-02-23 11:56:08 us=656000   fast_io = DISABLED
2022-02-23 11:56:08 us=656000   comp.alg = 0
2022-02-23 11:56:08 us=656000   comp.flags = 0
2022-02-23 11:56:08 us=656000   route_script = '[UNDEF]'
2022-02-23 11:56:08 us=656000   route_default_gateway = '[UNDEF]'
2022-02-23 11:56:08 us=656000   route_default_metric = 0
2022-02-23 11:56:08 us=656000   route_noexec = DISABLED
2022-02-23 11:56:08 us=656000   route_delay = 0
2022-02-23 11:56:08 us=656000   route_delay_window = 30
2022-02-23 11:56:08 us=656000   route_delay_defined = DISABLED
2022-02-23 11:56:08 us=656000   route_nopull = DISABLED
2022-02-23 11:56:08 us=656000   route_gateway_via_dhcp = DISABLED
2022-02-23 11:56:08 us=656000   allow_pull_fqdn = DISABLED
2022-02-23 11:56:08 us=656000   route 10.3.0.0/255.255.255.0/default (not set)/default (not set)
2022-02-23 11:56:08 us=656000   management_addr = '[UNDEF]'
2022-02-23 11:56:08 us=656000   management_port = '[UNDEF]'
2022-02-23 11:56:08 us=656000   management_user_pass = '[UNDEF]'
2022-02-23 11:56:08 us=656000   management_log_history_cache = 250
2022-02-23 11:56:08 us=656000   management_echo_buffer_size = 100
2022-02-23 11:56:08 us=656000   management_write_peer_info_file = '[UNDEF]'
2022-02-23 11:56:08 us=656000   management_client_user = '[UNDEF]'
2022-02-23 11:56:08 us=656000   management_client_group = '[UNDEF]'
2022-02-23 11:56:08 us=656000   management_flags = 0
2022-02-23 11:56:08 us=656000   shared_secret_file = '[UNDEF]'
2022-02-23 11:56:08 us=656000   key_direction = 0
2022-02-23 11:56:08 us=656000   ciphername = 'AES-256-GCM'
2022-02-23 11:56:08 us=656000   ncp_enabled = ENABLED
2022-02-23 11:56:08 us=656000   ncp_ciphers = 'AES-256-GCM:AES-128-GCM'
2022-02-23 11:56:08 us=656000   authname = 'SHA1'
2022-02-23 11:56:08 us=656000   prng_hash = 'SHA1'
2022-02-23 11:56:08 us=656000   prng_nonce_secret_len = 16
2022-02-23 11:56:08 us=656000   keysize = 0
2022-02-23 11:56:08 us=656000   engine = DISABLED
2022-02-23 11:56:08 us=656000   replay = ENABLED
2022-02-23 11:56:08 us=656000   mute_replay_warnings = DISABLED
2022-02-23 11:56:08 us=656000   replay_window = 64
2022-02-23 11:56:08 us=656000   replay_time = 15
2022-02-23 11:56:08 us=656000   packet_id_file = '[UNDEF]'
2022-02-23 11:56:08 us=656000   test_crypto = DISABLED
2022-02-23 11:56:08 us=656000   tls_server = ENABLED
2022-02-23 11:56:08 us=656000   tls_client = DISABLED
2022-02-23 11:56:08 us=656000   ca_file = 'C:\Program Files\OpenVPN\config-auto\ca.crt'
2022-02-23 11:56:08 us=656000   ca_path = '[UNDEF]'
2022-02-23 11:56:08 us=656000   dh_file = 'C:\Program Files\OpenVPN\config-auto\dh.pem'
2022-02-23 11:56:08 us=656000   cert_file = 'C:\Program Files\OpenVPN\config-auto\XXXXXX.crt'
2022-02-23 11:56:08 us=656000   extra_certs_file = '[UNDEF]'
2022-02-23 11:56:08 us=656000   priv_key_file = 'C:\Program Files\OpenVPN\config-auto\XXXXXX.key'
2022-02-23 11:56:08 us=656000   pkcs12_file = '[UNDEF]'
2022-02-23 11:56:08 us=656000   cryptoapi_cert = '[UNDEF]'
2022-02-23 11:56:08 us=656000   cipher_list = '[UNDEF]'
2022-02-23 11:56:08 us=656000   cipher_list_tls13 = '[UNDEF]'
2022-02-23 11:56:08 us=656000   tls_cert_profile = '[UNDEF]'
2022-02-23 11:56:08 us=656000   tls_verify = '[UNDEF]'
2022-02-23 11:56:08 us=656000   tls_export_cert = '[UNDEF]'
2022-02-23 11:56:08 us=656000   verify_x509_type = 0
2022-02-23 11:56:08 us=656000   verify_x509_name = '[UNDEF]'
2022-02-23 11:56:08 us=656000   crl_file = '[UNDEF]'
2022-02-23 11:56:08 us=656000   ns_cert_type = 0
2022-02-23 11:56:08 us=656000   remote_cert_ku[i] = 0
2022-02-23 11:56:08 us=656000   remote_cert_ku[i] = 0
2022-02-23 11:56:08 us=656000   remote_cert_ku[i] = 0
2022-02-23 11:56:08 us=656000   remote_cert_ku[i] = 0
2022-02-23 11:56:08 us=656000   remote_cert_ku[i] = 0
2022-02-23 11:56:08 us=656000   remote_cert_ku[i] = 0
2022-02-23 11:56:08 us=656000   remote_cert_ku[i] = 0
2022-02-23 11:56:08 us=656000   remote_cert_ku[i] = 0
2022-02-23 11:56:08 us=656000   remote_cert_ku[i] = 0
2022-02-23 11:56:08 us=656000   remote_cert_ku[i] = 0
2022-02-23 11:56:08 us=656000   remote_cert_ku[i] = 0
2022-02-23 11:56:08 us=656000   remote_cert_ku[i] = 0
2022-02-23 11:56:08 us=656000   remote_cert_ku[i] = 0
2022-02-23 11:56:08 us=656000   remote_cert_ku[i] = 0
2022-02-23 11:56:08 us=656000   remote_cert_ku[i] = 0
2022-02-23 11:56:08 us=656000   remote_cert_ku[i] = 0
2022-02-23 11:56:08 us=656000   remote_cert_eku = '[UNDEF]'
2022-02-23 11:56:08 us=656000   ssl_flags = 0
2022-02-23 11:56:08 us=656000   tls_timeout = 2
2022-02-23 11:56:08 us=656000   renegotiate_bytes = -1
2022-02-23 11:56:08 us=656000   renegotiate_packets = 0
2022-02-23 11:56:08 us=656000   renegotiate_seconds = 3600
2022-02-23 11:56:08 us=656000   handshake_window = 60
2022-02-23 11:56:08 us=656000   transition_window = 3600
2022-02-23 11:56:08 us=656000   single_session = DISABLED
2022-02-23 11:56:08 us=656000   push_peer_info = DISABLED
2022-02-23 11:56:08 us=656000   tls_exit = DISABLED
2022-02-23 11:56:08 us=656000   tls_crypt_v2_metadata = '[UNDEF]'
2022-02-23 11:56:08 us=656000   pkcs11_protected_authentication = DISABLED
2022-02-23 11:56:08 us=656000   pkcs11_protected_authentication = DISABLED
2022-02-23 11:56:08 us=656000   pkcs11_protected_authentication = DISABLED
2022-02-23 11:56:08 us=656000   pkcs11_protected_authentication = DISABLED
2022-02-23 11:56:08 us=656000   pkcs11_protected_authentication = DISABLED
2022-02-23 11:56:08 us=656000   pkcs11_protected_authentication = DISABLED
2022-02-23 11:56:08 us=656000   pkcs11_protected_authentication = DISABLED
2022-02-23 11:56:08 us=656000   pkcs11_protected_authentication = DISABLED
2022-02-23 11:56:08 us=656000   pkcs11_protected_authentication = DISABLED
2022-02-23 11:56:08 us=656000   pkcs11_protected_authentication = DISABLED
2022-02-23 11:56:08 us=656000   pkcs11_protected_authentication = DISABLED
2022-02-23 11:56:08 us=656000   pkcs11_protected_authentication = DISABLED
2022-02-23 11:56:08 us=656000   pkcs11_protected_authentication = DISABLED
2022-02-23 11:56:08 us=656000   pkcs11_protected_authentication = DISABLED
2022-02-23 11:56:08 us=656000   pkcs11_protected_authentication = DISABLED
2022-02-23 11:56:08 us=656000   pkcs11_protected_authentication = DISABLED
2022-02-23 11:56:08 us=656000   pkcs11_private_mode = 00000000
2022-02-23 11:56:08 us=656000   pkcs11_private_mode = 00000000
2022-02-23 11:56:08 us=656000   pkcs11_private_mode = 00000000
2022-02-23 11:56:08 us=656000   pkcs11_private_mode = 00000000
2022-02-23 11:56:08 us=656000   pkcs11_private_mode = 00000000
2022-02-23 11:56:08 us=656000   pkcs11_private_mode = 00000000
2022-02-23 11:56:08 us=656000   pkcs11_private_mode = 00000000
2022-02-23 11:56:08 us=656000   pkcs11_private_mode = 00000000
2022-02-23 11:56:08 us=656000   pkcs11_private_mode = 00000000
2022-02-23 11:56:08 us=656000   pkcs11_private_mode = 00000000
2022-02-23 11:56:08 us=656000   pkcs11_private_mode = 00000000
2022-02-23 11:56:08 us=656000   pkcs11_private_mode = 00000000
2022-02-23 11:56:08 us=656000   pkcs11_private_mode = 00000000
2022-02-23 11:56:08 us=656000   pkcs11_private_mode = 00000000
2022-02-23 11:56:08 us=656000   pkcs11_private_mode = 00000000
2022-02-23 11:56:08 us=656000   pkcs11_private_mode = 00000000
2022-02-23 11:56:08 us=656000   pkcs11_cert_private = DISABLED
2022-02-23 11:56:08 us=671000   pkcs11_cert_private = DISABLED
2022-02-23 11:56:08 us=671000   pkcs11_cert_private = DISABLED
2022-02-23 11:56:08 us=671000   pkcs11_cert_private = DISABLED
2022-02-23 11:56:08 us=671000   pkcs11_cert_private = DISABLED
2022-02-23 11:56:08 us=671000   pkcs11_cert_private = DISABLED
2022-02-23 11:56:08 us=671000   pkcs11_cert_private = DISABLED
2022-02-23 11:56:08 us=671000   pkcs11_cert_private = DISABLED
2022-02-23 11:56:08 us=671000   pkcs11_cert_private = DISABLED
2022-02-23 11:56:08 us=671000   pkcs11_cert_private = DISABLED
2022-02-23 11:56:08 us=671000   pkcs11_cert_private = DISABLED
2022-02-23 11:56:08 us=671000   pkcs11_cert_private = DISABLED
2022-02-23 11:56:08 us=671000   pkcs11_cert_private = DISABLED
2022-02-23 11:56:08 us=671000   pkcs11_cert_private = DISABLED
2022-02-23 11:56:08 us=671000   pkcs11_cert_private = DISABLED
2022-02-23 11:56:08 us=671000   pkcs11_cert_private = DISABLED
2022-02-23 11:56:08 us=671000   pkcs11_pin_cache_period = -1
2022-02-23 11:56:08 us=671000   pkcs11_id = '[UNDEF]'
2022-02-23 11:56:08 us=671000   pkcs11_id_management = DISABLED
2022-02-23 11:56:08 us=671000   server_network = 10.3.0.0
2022-02-23 11:56:08 us=671000   server_netmask = 255.255.255.0
2022-02-23 11:56:08 us=671000   server_network_ipv6 = ::
2022-02-23 11:56:08 us=671000   server_netbits_ipv6 = 0
2022-02-23 11:56:08 us=671000   server_bridge_ip = 0.0.0.0
2022-02-23 11:56:08 us=671000   server_bridge_netmask = 0.0.0.0
2022-02-23 11:56:08 us=671000   server_bridge_pool_start = 0.0.0.0
2022-02-23 11:56:08 us=671000   server_bridge_pool_end = 0.0.0.0
2022-02-23 11:56:08 us=671000   push_entry = 'route 10.0.1.0 255.255.255.0'
2022-02-23 11:56:08 us=671000   push_entry = 'dhcp-option DNS 10.3.0.1'
2022-02-23 11:56:08 us=671000   push_entry = 'dhcp-option WINS 10.3.0.1'
2022-02-23 11:56:08 us=671000   push_entry = 'dhcp-option DOMAIN xxxxxxxxxxx.local'
2022-02-23 11:56:08 us=671000   push_entry = 'route 10.3.0.1'
2022-02-23 11:56:08 us=671000   push_entry = 'topology net30'
2022-02-23 11:56:08 us=671000   push_entry = 'ping 10'
2022-02-23 11:56:08 us=671000   push_entry = 'ping-restart 120'
2022-02-23 11:56:08 us=671000   ifconfig_pool_defined = ENABLED
2022-02-23 11:56:08 us=671000   ifconfig_pool_start = 10.3.0.4
2022-02-23 11:56:08 us=671000   ifconfig_pool_end = 10.3.0.251
2022-02-23 11:56:08 us=671000   ifconfig_pool_netmask = 0.0.0.0
2022-02-23 11:56:08 us=671000   ifconfig_pool_persist_filename = '[UNDEF]'
2022-02-23 11:56:08 us=671000   ifconfig_pool_persist_refresh_freq = 600
2022-02-23 11:56:08 us=671000   ifconfig_ipv6_pool_defined = DISABLED
2022-02-23 11:56:08 us=671000   ifconfig_ipv6_pool_base = ::
2022-02-23 11:56:08 us=671000   ifconfig_ipv6_pool_netbits = 0
2022-02-23 11:56:08 us=671000   n_bcast_buf = 256
2022-02-23 11:56:08 us=671000   tcp_queue_limit = 64
2022-02-23 11:56:08 us=671000   real_hash_size = 256
2022-02-23 11:56:08 us=671000   virtual_hash_size = 256
2022-02-23 11:56:08 us=671000   client_connect_script = '[UNDEF]'
2022-02-23 11:56:08 us=671000   learn_address_script = '[UNDEF]'
2022-02-23 11:56:08 us=671000   client_disconnect_script = '[UNDEF]'
2022-02-23 11:56:08 us=671000   client_config_dir = '[UNDEF]'
2022-02-23 11:56:08 us=671000   ccd_exclusive = DISABLED
2022-02-23 11:56:08 us=671000   tmp_dir = 'C:\Windows\TEMP\'
2022-02-23 11:56:08 us=671000   push_ifconfig_defined = DISABLED
2022-02-23 11:56:08 us=671000   push_ifconfig_local = 0.0.0.0
2022-02-23 11:56:08 us=671000   push_ifconfig_remote_netmask = 0.0.0.0
2022-02-23 11:56:08 us=671000   push_ifconfig_ipv6_defined = DISABLED
2022-02-23 11:56:08 us=671000   push_ifconfig_ipv6_local = ::/0
2022-02-23 11:56:08 us=671000   push_ifconfig_ipv6_remote = ::
2022-02-23 11:56:08 us=671000   enable_c2c = DISABLED
2022-02-23 11:56:08 us=671000   duplicate_cn = DISABLED
2022-02-23 11:56:08 us=671000   cf_max = 0
2022-02-23 11:56:08 us=671000   cf_per = 0
2022-02-23 11:56:08 us=671000   max_clients = 1024
2022-02-23 11:56:08 us=671000   max_routes_per_client = 256
2022-02-23 11:56:08 us=671000   auth_user_pass_verify_script = '[UNDEF]'
2022-02-23 11:56:08 us=671000   auth_user_pass_verify_script_via_file = DISABLED
2022-02-23 11:56:08 us=671000   auth_token_generate = DISABLED
2022-02-23 11:56:08 us=671000   auth_token_lifetime = 0
2022-02-23 11:56:08 us=671000   auth_token_secret_file = '[UNDEF]'
2022-02-23 11:56:08 us=671000   vlan_tagging = DISABLED
2022-02-23 11:56:08 us=671000   vlan_accept = all
2022-02-23 11:56:08 us=671000   vlan_pvid = 1
2022-02-23 11:56:08 us=671000   client = DISABLED
2022-02-23 11:56:08 us=671000   pull = DISABLED
2022-02-23 11:56:08 us=671000   auth_user_pass_file = '[UNDEF]'
2022-02-23 11:56:08 us=671000   show_net_up = DISABLED
2022-02-23 11:56:08 us=671000   route_method = 0
2022-02-23 11:56:08 us=671000   block_outside_dns = DISABLED
2022-02-23 11:56:08 us=671000   ip_win32_defined = DISABLED
2022-02-23 11:56:08 us=671000   ip_win32_type = 3
2022-02-23 11:56:08 us=671000   dhcp_masq_offset = 0
2022-02-23 11:56:08 us=671000   dhcp_lease_time = 31536000
2022-02-23 11:56:08 us=671000   tap_sleep = 10
2022-02-23 11:56:08 us=671000   dhcp_options = DISABLED
2022-02-23 11:56:08 us=671000   dhcp_renew = DISABLED
2022-02-23 11:56:08 us=671000   dhcp_pre_release = DISABLED
2022-02-23 11:56:08 us=671000   domain = '[UNDEF]'
2022-02-23 11:56:08 us=671000   netbios_scope = '[UNDEF]'
2022-02-23 11:56:08 us=671000   netbios_node_type = 0
2022-02-23 11:56:08 us=671000   disable_nbt = DISABLED
2022-02-23 11:56:08 us=671000 OpenVPN 2.5.5 Windows-MSVC [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Dec 15 2021
2022-02-23 11:56:08 us=671000 Windows version 10.0 (Windows 10 or greater) 64bit
2022-02-23 11:56:08 us=671000 library versions: OpenSSL 1.1.1l  24 Aug 2021, LZO 2.10
2022-02-23 11:56:08 us=687000 Diffie-Hellman initialized with 2048 bit key
2022-02-23 11:56:08 us=703000 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2022-02-23 11:56:08 us=703000 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2022-02-23 11:56:08 us=703000 TLS-Auth MTU parms [ L:1621 D:1184 EF:66 EB:0 ET:0 EL:3 ]
2022-02-23 11:56:08 us=703000 interactive service msg_channel=0
2022-02-23 11:56:08 us=718000 open_tun
2022-02-23 11:56:08 us=718000 tap-windows6 device [OpenVPN TAP-Windows6] opened
2022-02-23 11:56:08 us=718000 TAP-Windows Driver Version 9.24 
2022-02-23 11:56:08 us=718000 TAP-Windows MTU=1500
2022-02-23 11:56:08 us=718000 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.3.0.1/255.255.255.252 on interface {B76BD71D-99EF-472F-96EF-1D6874DD6A79} [DHCP-serv: 10.3.0.2, lease-time: 31536000]
2022-02-23 11:56:08 us=718000 Sleeping for 10 seconds...
2022-02-23 11:56:18 us=734000 Successful ARP Flush on interface [15] {B76BD71D-99EF-472F-96EF-1D6874DD6A79}
2022-02-23 11:56:18 us=734000 do_ifconfig, ipv4=1, ipv6=0
2022-02-23 11:56:18 us=734000 IPv4 MTU set to 1500 on interface 15 using SetIpInterfaceEntry()
2022-02-23 11:56:18 us=734000 C:\Windows\system32\route.exe ADD 10.3.0.0 MASK 255.255.255.0 10.3.0.2
2022-02-23 11:56:18 us=734000 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=25 and dwForwardType=4
2022-02-23 11:56:18 us=734000 Route addition via IPAPI succeeded [adaptive]
2022-02-23 11:56:18 us=734000 Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
2022-02-23 11:56:18 us=734000 Could not determine IPv4/IPv6 protocol. Using AF_INET6
2022-02-23 11:56:18 us=734000 Socket Buffers: R=[131072->131072] S=[131072->131072]
2022-02-23 11:56:18 us=734000 setsockopt(IPV6_V6ONLY=0)
2022-02-23 11:56:18 us=734000 UDPv6 link local (bound): [AF_INET6][undef]:xxxxx
2022-02-23 11:56:18 us=734000 UDPv6 link remote: [AF_UNSPEC]
2022-02-23 11:56:18 us=734000 MULTI: multi_init called, r=256 v=256
2022-02-23 11:56:18 us=734000 IFCONFIG POOL IPv4: base=10.3.0.4 size=62
2022-02-23 11:56:18 us=734000 Initialization Sequence Completed
2022-02-23 11:57:47 MULTI: multi_create_instance called
2022-02-23 11:57:47 10.0.1.254:50229 Re-using SSL/TLS context
2022-02-23 11:57:47 10.0.1.254:50229 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2022-02-23 11:57:47 10.0.1.254:50229 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2022-02-23 11:57:47 us=15000 10.0.1.254:50229 Control Channel MTU parms [ L:1621 D:1184 EF:66 EB:0 ET:0 EL:3 ]
2022-02-23 11:57:47 us=15000 10.0.1.254:50229 Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
2022-02-23 11:57:47 us=15000 10.0.1.254:50229 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1549,tun-mtu 1500,proto UDPv4,keydir 0,cipher AES-256-GCM,auth [null-digest],keysize 256,tls-auth,key-method 2,tls-server'
2022-02-23 11:57:47 us=15000 10.0.1.254:50229 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1549,tun-mtu 1500,proto UDPv4,keydir 1,cipher AES-256-GCM,auth [null-digest],keysize 256,tls-auth,key-method 2,tls-client'
2022-02-23 11:57:47 us=15000 10.0.1.254:50229 TLS: Initial packet from [AF_INET6]::ffff:10.0.1.254:50229, sid=d7e42b31 545952db
2022-02-23 11:57:47 us=78000 10.0.1.254:50229 VERIFY OK: depth=1, CN=XXXXXX-CA
2022-02-23 11:57:47 us=78000 10.0.1.254:50229 VERIFY OK: depth=0, CN=testpc
2022-02-23 11:57:47 us=93000 10.0.1.254:50229 peer info: IV_VER=3.git::c2153df1
2022-02-23 11:57:47 us=93000 10.0.1.254:50229 peer info: IV_PLAT=win
2022-02-23 11:57:47 us=93000 10.0.1.254:50229 peer info: IV_NCP=2
2022-02-23 11:57:47 us=93000 10.0.1.254:50229 peer info: IV_TCPNL=1
2022-02-23 11:57:47 us=93000 10.0.1.254:50229 peer info: IV_PROTO=30
2022-02-23 11:57:47 us=93000 10.0.1.254:50229 peer info: IV_CIPHERS=AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305
2022-02-23 11:57:47 us=93000 10.0.1.254:50229 peer info: IV_AUTO_SESS=1
2022-02-23 11:57:47 us=93000 10.0.1.254:50229 peer info: IV_GUI_VER=OCWindows_3.3.2-2475
2022-02-23 11:57:47 us=93000 10.0.1.254:50229 peer info: IV_SSO=openurl,crtext
2022-02-23 11:57:47 us=93000 10.0.1.254:50229 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1549', remote='link-mtu 1521'
2022-02-23 11:57:47 us=109000 10.0.1.254:50229 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 2048 bit RSA, signature: RSA-SHA256
2022-02-23 11:57:47 us=109000 10.0.1.254:50229 [testpc] Peer Connection Initiated with [AF_INET6]::ffff:10.0.1.254:50229
2022-02-23 11:57:47 us=109000 testpc/10.0.1.254:50229 MULTI_sva: pool returned IPv4=10.3.0.6, IPv6=(Not enabled)
2022-02-23 11:57:47 us=109000 testpc/10.0.1.254:50229 MULTI: Learn: 10.3.0.6 -> testpc/10.0.1.254:50229
2022-02-23 11:57:47 us=109000 testpc/10.0.1.254:50229 MULTI: primary virtual IP for testpc/10.0.1.254:50229: 10.3.0.6
2022-02-23 11:57:47 us=109000 testpc/10.0.1.254:50229 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2022-02-23 11:57:47 us=109000 testpc/10.0.1.254:50229 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2022-02-23 11:57:47 us=109000 testpc/10.0.1.254:50229 SENT CONTROL [testpc]: 'PUSH_REPLY,route 10.0.1.0 255.255.255.0,dhcp-option DNS 10.3.0.1,dhcp-option WINS 10.3.0.1,dhcp-option DOMAIN xxxxxxxxxxx.local,route 10.3.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.3.0.6 10.3.0.5,peer-id 0,cipher AES-256-GCM' (status=1)
2022-02-23 11:57:47 us=109000 testpc/10.0.1.254:50229 PUSH: Received control message: 'PUSH_REQUEST'
2022-02-23 11:57:48 us=125000 testpc/10.0.1.254:50229 IP packet with unknown IP version=0 seen
2022-02-23 11:57:48 us=125000 testpc/10.0.1.254:50229 MULTI: bad source address from client [::], packet dropped
2022-02-23 12:00:53 us=875000 testpc/10.0.1.254:50229 SIGTERM[soft,remote-exit] received, client-instance exiting
2022-02-23 12:05:06 us=734000 MULTI: multi_create_instance called
2022-02-23 12:05:06 us=734000 10.0.1.254:64873 Re-using SSL/TLS context
2022-02-23 12:05:06 us=734000 10.0.1.254:64873 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2022-02-23 12:05:06 us=734000 10.0.1.254:64873 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2022-02-23 12:05:06 us=734000 10.0.1.254:64873 Control Channel MTU parms [ L:1621 D:1184 EF:66 EB:0 ET:0 EL:3 ]
2022-02-23 12:05:06 us=734000 10.0.1.254:64873 Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
2022-02-23 12:05:06 us=734000 10.0.1.254:64873 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1549,tun-mtu 1500,proto UDPv4,keydir 0,cipher AES-256-GCM,auth [null-digest],keysize 256,tls-auth,key-method 2,tls-server'
2022-02-23 12:05:06 us=734000 10.0.1.254:64873 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1549,tun-mtu 1500,proto UDPv4,keydir 1,cipher AES-256-GCM,auth [null-digest],keysize 256,tls-auth,key-method 2,tls-client'
2022-02-23 12:05:06 us=734000 10.0.1.254:64873 TLS: Initial packet from [AF_INET6]::ffff:10.0.1.254:64873, sid=c4cc7a79 ca0d28e6
2022-02-23 12:05:06 us=781000 10.0.1.254:64873 VERIFY OK: depth=1, CN=XXXXXX-CA
2022-02-23 12:05:06 us=781000 10.0.1.254:64873 VERIFY OK: depth=0, CN=testpc
2022-02-23 12:05:06 us=781000 10.0.1.254:64873 peer info: IV_VER=3.git::c2153df1
2022-02-23 12:05:06 us=781000 10.0.1.254:64873 peer info: IV_PLAT=win
2022-02-23 12:05:06 us=781000 10.0.1.254:64873 peer info: IV_NCP=2
2022-02-23 12:05:06 us=781000 10.0.1.254:64873 peer info: IV_TCPNL=1
2022-02-23 12:05:06 us=781000 10.0.1.254:64873 peer info: IV_PROTO=30
2022-02-23 12:05:06 us=781000 10.0.1.254:64873 peer info: IV_CIPHERS=AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305
2022-02-23 12:05:06 us=781000 10.0.1.254:64873 peer info: IV_AUTO_SESS=1
2022-02-23 12:05:06 us=781000 10.0.1.254:64873 peer info: IV_GUI_VER=OCWindows_3.3.2-2475
2022-02-23 12:05:06 us=781000 10.0.1.254:64873 peer info: IV_SSO=openurl,crtext
2022-02-23 12:05:06 us=781000 10.0.1.254:64873 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1549', remote='link-mtu 1521'
2022-02-23 12:05:06 us=796000 10.0.1.254:64873 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 2048 bit RSA, signature: RSA-SHA256
2022-02-23 12:05:06 us=796000 10.0.1.254:64873 [testpc] Peer Connection Initiated with [AF_INET6]::ffff:10.0.1.254:64873
2022-02-23 12:05:06 us=796000 testpc/10.0.1.254:64873 MULTI_sva: pool returned IPv4=10.3.0.6, IPv6=(Not enabled)
2022-02-23 12:05:06 us=796000 testpc/10.0.1.254:64873 MULTI: Learn: 10.3.0.6 -> testpc/10.0.1.254:64873
2022-02-23 12:05:06 us=796000 testpc/10.0.1.254:64873 MULTI: primary virtual IP for testpc/10.0.1.254:64873: 10.3.0.6
2022-02-23 12:05:06 us=796000 testpc/10.0.1.254:64873 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2022-02-23 12:05:06 us=796000 testpc/10.0.1.254:64873 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2022-02-23 12:05:06 us=796000 testpc/10.0.1.254:64873 SENT CONTROL [testpc]: 'PUSH_REPLY,route 10.0.1.0 255.255.255.0,dhcp-option DNS 10.3.0.1,dhcp-option WINS 10.3.0.1,dhcp-option DOMAIN xxxxxxxxxxx.local,route 10.3.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.3.0.6 10.3.0.5,peer-id 0,cipher AES-256-GCM' (status=1)
2022-02-23 12:05:06 us=796000 testpc/10.0.1.254:64873 PUSH: Received control message: 'PUSH_REQUEST'
2022-02-23 12:05:07 us=781000 testpc/10.0.1.254:64873 IP packet with unknown IP version=0 seen
2022-02-23 12:05:07 us=781000 testpc/10.0.1.254:64873 MULTI: bad source address from client [::], packet dropped
2022-02-23 12:05:41 us=15000 testpc/10.0.1.254:64873 SIGTERM[soft,remote-exit] received, client-instance exiting
Client
client

client
dev tun
proto udp
remote x.x.x.x xxxxx
resolv-retry infinite
nobind
persist-key
persist-tun
ca "ca.crt"
cert "testpc.crt"
key "testpc.key"
remote-cert-tls server
tls-auth ta.key 1
cipher AES-256-GCM
verb 4

Code: Select all

⏎[Feb 23, 2022, 11:57:47] OpenVPN core 3.git::c2153df1 win x86_64 64-bit built on Oct  6 2021 14:20:53
⏎[Feb 23, 2022, 11:57:47] Frame=512/2048/512 mssfix-ctrl=1250
⏎[Feb 23, 2022, 11:57:47] UNUSED OPTIONS
4 [resolv-retry] [infinite]
5 [nobind]
6 [persist-key]
7 [persist-tun]
15 [verb] [3]
⏎[Feb 23, 2022, 11:57:47] EVENT: RESOLVE ⏎[Feb 23, 2022, 11:57:47] Contacting xxx.xxx.xxx.xxx:xxxxx via UDP
⏎[Feb 23, 2022, 11:57:47] EVENT: WAIT ⏎[Feb 23, 2022, 11:57:47] WinCommandAgent: transmitting bypass route to xxx.xxx.xxx.xxx
{
	"host" : "xxx.xxx.xxx.xxx",
	"ipv6" : false
}

⏎[Feb 23, 2022, 11:57:47] Connecting to [xxx.xxx.xxx.xxx]:xxxxx (xxx.xxx.xxx.xxx) via UDPv4
⏎[Feb 23, 2022, 11:57:47] EVENT: CONNECTING ⏎[Feb 23, 2022, 11:57:47] Tunnel Options:V4,dev-type tun,link-mtu 1521,tun-mtu 1500,proto UDPv4,keydir 1,cipher AES-256-GCM,auth [null-digest],keysize 256,tls-auth,key-method 2,tls-client
⏎[Feb 23, 2022, 11:57:47] Creds: UsernameEmpty/PasswordEmpty
⏎[Feb 23, 2022, 11:57:47] Peer Info:
IV_VER=3.git::c2153df1
IV_PLAT=win
IV_NCP=2
IV_TCPNL=1
IV_PROTO=30
IV_CIPHERS=AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305
IV_AUTO_SESS=1
IV_GUI_VER=OCWindows_3.3.2-2475
IV_SSO=openurl,crtext

⏎[Feb 23, 2022, 11:57:47] SSL Handshake: peer certificate: CN=MPDC01, 2048 bit RSA, cipher: TLS_AES_256_GCM_SHA384  TLSv1.3 Kx=any      Au=any  Enc=AESGCM(256) Mac=AEAD

⏎[Feb 23, 2022, 11:57:47] Session is ACTIVE
⏎[Feb 23, 2022, 11:57:47] EVENT: GET_CONFIG ⏎[Feb 23, 2022, 11:57:47] Sending PUSH_REQUEST to server...
⏎[Feb 23, 2022, 11:57:47] OPTIONS:
0 [route] [10.0.1.0] [255.255.255.0]
1 [dhcp-option] [DNS] [10.3.0.1]
2 [dhcp-option] [WINS] [10.3.0.1]
3 [dhcp-option] [DOMAIN] [xxxxxxxxxxx.local]
4 [route] [10.3.0.1]
5 [topology] [net30]
6 [ping] [10]
7 [ping-restart] [120]
8 [ifconfig] [10.3.0.6] [10.3.0.5]
9 [peer-id] [0]
10 [cipher] [AES-256-GCM]

⏎[Feb 23, 2022, 11:57:47] PROTOCOL OPTIONS:
  cipher: AES-256-GCM
  digest: NONE
  key-derivation: OpenVPN PRF
  compress: NONE
  peer ID: 0
  control channel: tls-auth enabled
⏎[Feb 23, 2022, 11:57:47] EVENT: ASSIGN_IP ⏎[Feb 23, 2022, 11:57:47] CAPTURED OPTIONS:
Session Name: xxx.xxx.xxx.xxx
Layer: OSI_LAYER_3
Remote Address: xxx.xxx.xxx.xxx
Tunnel Addresses:
  10.3.0.6/30 -> 10.3.0.5 [net30]
Reroute Gateway: IPv4=0 IPv6=0 flags=[ IPv4 ]
Block IPv6: no
Add Routes:
  10.0.1.0/24
  10.3.0.1/32
Exclude Routes:
DNS Servers:
  10.3.0.1
Search Domains:
  xxxxxxxxxxx.local
WINS Servers:
  10.3.0.1

⏎[Feb 23, 2022, 11:57:48] SetupClient: transmitting tun setup list to \\.\pipe\agent_ovpnconnect
{
	"allow_local_dns_resolvers" : false,
	"confirm_event" : "f829000000000000",
	"destroy_event" : "d02a000000000000",
	"tun" : 
	{
		"adapter_domain_suffix" : "",
		"add_routes" : 
		[
			{
				"address" : "10.0.1.0",
				"gateway" : "",
				"ipv6" : false,
				"metric" : -1,
				"net30" : false,
				"prefix_length" : 24
			},
			{
				"address" : "10.3.0.1",
				"gateway" : "",
				"ipv6" : false,
				"metric" : -1,
				"net30" : false,
				"prefix_length" : 32
			}
		],
		"block_ipv6" : false,
		"dns_servers" : 
		[
			{
				"address" : "10.3.0.1",
				"ipv6" : false
			}
		],
		"layer" : 3,
		"mtu" : 0,
		"remote_address" : 
		{
			"address" : "xxx.xxx.xxx.xxx",
			"ipv6" : false
		},
		"reroute_gw" : 
		{
			"flags" : 256,
			"ipv4" : false,
			"ipv6" : false
		},
		"route_metric_default" : -1,
		"search_domains" : 
		[
			{
				"domain" : "xxxxxxxxxxx.local"
			}
		],
		"session_name" : "xxx.xxx.xxx.xxx",
		"tunnel_address_index_ipv4" : 0,
		"tunnel_address_index_ipv6" : -1,
		"tunnel_addresses" : 
		[
			{
				"address" : "10.3.0.6",
				"gateway" : "10.3.0.5",
				"ipv6" : false,
				"metric" : -1,
				"net30" : true,
				"prefix_length" : 30
			}
		],
		"wins_servers" : 
		[
			{
				"address" : "10.3.0.1"
			}
		]
	},
	"wintun" : false
}
POST np://[\\.\pipe\agent_ovpnconnect]/tun-setup : 200 OK
TAP ADAPTERS:
guid='{1E009FCB-5DE8-4225-BB78-D866E76763A8}' index=3 name='Local Area Connection'
Open TAP device "Local Area Connection" PATH="\\.\Global\{1E009FCB-5DE8-4225-BB78-D866E76763A8}.tap" SUCCEEDED
TAP-Windows Driver Version 9.24
ActionDeleteAllRoutesOnInterface iface_index=3
netsh interface ip set interface 3 metric=1
Ok.
netsh interface ip set address 3 static 10.3.0.6 255.255.255.252 gateway=10.3.0.5 store=active
IPHelper: add route 10.0.1.0/24 3 10.3.0.5 metric=-1
IPHelper: add route 10.3.0.1/32 3 10.3.0.5 metric=-1
NRPT::ActionCreate names=[.xxxxxxxxxxx.local] dns_servers=[10.3.0.1]
netsh interface ip set winsservers 3 static 10.3.0.1
ipconfig /flushdns
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
TAP: ARP flush succeeded
TAP handle: 902a000000000000
⏎[Feb 23, 2022, 11:57:48] Connected via TUN_WIN
⏎[Feb 23, 2022, 11:57:48] EVENT: CONNECTED xxx.xxx.xxx.xxx:xxxxx (xxx.xxx.xxx.xxx) via /UDPv4 on TUN_WIN/10.3.0.6/ gw=[10.3.0.5/]⏎[Feb 23, 2022, 12:00:54] SetupClient: signaling tun destroy event
⏎[Feb 23, 2022, 12:00:54] EVENT: DISCONNECTED ⏎[Feb 23, 2022, 12:05:07] OpenVPN core 3.git::c2153df1 win x86_64 64-bit built on Oct  6 2021 14:20:53
⏎[Feb 23, 2022, 12:05:07] Frame=512/2048/512 mssfix-ctrl=1250
⏎[Feb 23, 2022, 12:05:07] UNUSED OPTIONS
4 [resolv-retry] [infinite]
5 [nobind]
6 [persist-key]
7 [persist-tun]
15 [verb] [3]
⏎[Feb 23, 2022, 12:05:07] EVENT: RESOLVE ⏎[Feb 23, 2022, 12:05:07] Contacting xxx.xxx.xxx.xxx:xxxxx via UDP
⏎[Feb 23, 2022, 12:05:07] EVENT: WAIT ⏎[Feb 23, 2022, 12:05:07] WinCommandAgent: transmitting bypass route to xxx.xxx.xxx.xxx
{
	"host" : "xxx.xxx.xxx.xxx",
	"ipv6" : false
}

⏎[Feb 23, 2022, 12:05:07] Connecting to [xxx.xxx.xxx.xxx]:xxxxx (xxx.xxx.xxx.xxx) via UDPv4
⏎[Feb 23, 2022, 12:05:07] EVENT: CONNECTING ⏎[Feb 23, 2022, 12:05:07] Tunnel Options:V4,dev-type tun,link-mtu 1521,tun-mtu 1500,proto UDPv4,keydir 1,cipher AES-256-GCM,auth [null-digest],keysize 256,tls-auth,key-method 2,tls-client
⏎[Feb 23, 2022, 12:05:07] Creds: UsernameEmpty/PasswordEmpty
⏎[Feb 23, 2022, 12:05:07] Peer Info:
IV_VER=3.git::c2153df1
IV_PLAT=win
IV_NCP=2
IV_TCPNL=1
IV_PROTO=30
IV_CIPHERS=AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305
IV_AUTO_SESS=1
IV_GUI_VER=OCWindows_3.3.2-2475
IV_SSO=openurl,crtext

⏎[Feb 23, 2022, 12:05:07] SSL Handshake: peer certificate: CN=MPDC01, 2048 bit RSA, cipher: TLS_AES_256_GCM_SHA384  TLSv1.3 Kx=any      Au=any  Enc=AESGCM(256) Mac=AEAD

⏎[Feb 23, 2022, 12:05:07] Session is ACTIVE
⏎[Feb 23, 2022, 12:05:07] EVENT: GET_CONFIG ⏎[Feb 23, 2022, 12:05:07] Sending PUSH_REQUEST to server...
⏎[Feb 23, 2022, 12:05:07] OPTIONS:
0 [route] [10.0.1.0] [255.255.255.0]
1 [dhcp-option] [DNS] [10.3.0.1]
2 [dhcp-option] [WINS] [10.3.0.1]
3 [dhcp-option] [DOMAIN] [xxxxxxxxxxx.local]
4 [route] [10.3.0.1]
5 [topology] [net30]
6 [ping] [10]
7 [ping-restart] [120]
8 [ifconfig] [10.3.0.6] [10.3.0.5]
9 [peer-id] [0]
10 [cipher] [AES-256-GCM]

⏎[Feb 23, 2022, 12:05:07] PROTOCOL OPTIONS:
  cipher: AES-256-GCM
  digest: NONE
  key-derivation: OpenVPN PRF
  compress: NONE
  peer ID: 0
  control channel: tls-auth enabled
⏎[Feb 23, 2022, 12:05:07] EVENT: ASSIGN_IP ⏎[Feb 23, 2022, 12:05:07] CAPTURED OPTIONS:
Session Name: xxx.xxx.xxx.xxx
Layer: OSI_LAYER_3
Remote Address: xxx.xxx.xxx.xxx
Tunnel Addresses:
  10.3.0.6/30 -> 10.3.0.5 [net30]
Reroute Gateway: IPv4=0 IPv6=0 flags=[ IPv4 ]
Block IPv6: no
Add Routes:
  10.0.1.0/24
  10.3.0.1/32
Exclude Routes:
DNS Servers:
  10.3.0.1
Search Domains:
  xxxxxxxxxxx.local
WINS Servers:
  10.3.0.1

⏎[Feb 23, 2022, 12:05:08] SetupClient: transmitting tun setup list to \\.\pipe\agent_ovpnconnect
{
	"allow_local_dns_resolvers" : false,
	"confirm_event" : "9c29000000000000",
	"destroy_event" : "042b000000000000",
	"tun" : 
	{
		"adapter_domain_suffix" : "",
		"add_routes" : 
		[
			{
				"address" : "10.0.1.0",
				"gateway" : "",
				"ipv6" : false,
				"metric" : -1,
				"net30" : false,
				"prefix_length" : 24
			},
			{
				"address" : "10.3.0.1",
				"gateway" : "",
				"ipv6" : false,
				"metric" : -1,
				"net30" : false,
				"prefix_length" : 32
			}
		],
		"block_ipv6" : false,
		"dns_servers" : 
		[
			{
				"address" : "10.3.0.1",
				"ipv6" : false
			}
		],
		"layer" : 3,
		"mtu" : 0,
		"remote_address" : 
		{
			"address" : "xxx.xxx.xxx.xxx",
			"ipv6" : false
		},
		"reroute_gw" : 
		{
			"flags" : 256,
			"ipv4" : false,
			"ipv6" : false
		},
		"route_metric_default" : -1,
		"search_domains" : 
		[
			{
				"domain" : "xxxxxxxxxxx.local"
			}
		],
		"session_name" : "xxx.xxx.xxx.xxx",
		"tunnel_address_index_ipv4" : 0,
		"tunnel_address_index_ipv6" : -1,
		"tunnel_addresses" : 
		[
			{
				"address" : "10.3.0.6",
				"gateway" : "10.3.0.5",
				"ipv6" : false,
				"metric" : -1,
				"net30" : true,
				"prefix_length" : 30
			}
		],
		"wins_servers" : 
		[
			{
				"address" : "10.3.0.1"
			}
		]
	},
	"wintun" : false
}
POST np://[\\.\pipe\agent_ovpnconnect]/tun-setup : 200 OK
TAP ADAPTERS:
guid='{1E009FCB-5DE8-4225-BB78-D866E76763A8}' index=3 name='Local Area Connection'
Open TAP device "Local Area Connection" PATH="\\.\Global\{1E009FCB-5DE8-4225-BB78-D866E76763A8}.tap" SUCCEEDED
TAP-Windows Driver Version 9.24
ActionDeleteAllRoutesOnInterface iface_index=3
netsh interface ip set interface 3 metric=1
Ok.
netsh interface ip set address 3 static 10.3.0.6 255.255.255.252 gateway=10.3.0.5 store=active
IPHelper: add route 10.0.1.0/24 3 10.3.0.5 metric=-1
IPHelper: add route 10.3.0.1/32 3 10.3.0.5 metric=-1
NRPT::ActionCreate names=[.xxxxxxxxxxx.local] dns_servers=[10.3.0.1]
netsh interface ip set winsservers 3 static 10.3.0.1
ipconfig /flushdns
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
TAP: ARP flush succeeded
TAP handle: 582a000000000000
⏎[Feb 23, 2022, 12:05:08] Connected via TUN_WIN
⏎[Feb 23, 2022, 12:05:08] EVENT: CONNECTED xxx.xxx.xxx.xxx:xxxxx (xxx.xxx.xxx.xxx) via /UDPv4 on TUN_WIN/10.3.0.6/ gw=[10.3.0.5/]⏎[Feb 23, 2022, 12:05:41] SetupClient: signaling tun destroy event
⏎[Feb 23, 2022, 12:05:41] EVENT: DISCONNECTED ⏎
Thank you.
Top
User avatar
Pippin
Forum Team
Posts: 1201
Joined: Wed Jul 01, 2015 8:03 am
Location: irc://irc.libera.chat:6697/openvpn

Re: Not able to access Lan after reboot Windows Server 2019

Post by Pippin » Wed Feb 23, 2022 11:08 pm

Hi,

What is the Windows client LAN IP?
Looks like it resides on the same network ... or the LAN it resides on has the same subnet?
If so, please read here:
https://community.openvpn.net/openvpn/w ... gConflicts
.
I gloomily came to the ironic conclusion that if you take a highly intelligent person and give them the best possible, elite education, then you will most likely wind up with an academic who is completely impervious to reality.
Halton Arp
Top
puachaikul
OpenVpn Newbie
Posts: 2
Joined: Wed Feb 23, 2022 5:45 pm

Re: Not able to access Lan after reboot Windows Server 2019

Post by puachaikul » Thu Feb 24, 2022 12:28 am

Hi Pippin,

My current Windows client side subnet is 192.168.3.0/24
The server side subnet is 10.0.1.0/24
The tunnel subnet is 10.3.0.0/24

We are able to access the server subnet with the current configuration; however, it's only partially working when we reboot the Windows server. We can connect to the VPN but we can only ping the OpenVPN server and not other servers in the same subnet, 10.0.1.0/24
To get it to work after the Windows server rebooted, we need to manually disable the Internet Connection Sharing and reenable it.

Thank you.
Top
Post Reply

Return to “Server Administration”