Here is the problem:
Server is on LAN A, client on LAN B.
Client can ping server, including hosts on LAN A, but hosts on LAN B cant ping addresses from LAN A.
Tracoroute shows that ping from LAN B host to LAN A host, actually goes to gateway of client, instead to server. Both server and client are gateways to their LANs.
Client:
client
dev tun
proto udp
remote x.y.z.q 1194
resolv-retry infinite
nobind
user nobody
group nogroup
persist-key
persist-tun
ca /etc/openvpn/ca.crt
cert /etc/openvpn/client.crt
key /etc/openvpn/client.key
Server:
port 1194
proto udp
dev tun
ca /etc/openvpn/easy-rsa/2.0/keys/ca.crt
cert /etc/openvpn/easy-rsa/2.0/keys/server.crt
key /etc/openvpn/easy-rsa/2.0/keys/server.key
dh /etc/openvpn/easy-rsa/2.0/keys/dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "route 192.168.1.0 255.255.255.0"
client-config-dir ccd
route 192.168.2.0 255.255.255.0
keepalive 10 120
user nobody
group nogroup
persist-key
persist-tun
ccd/client:
iroute 192.168.2.0 255.255.255.0
Server routes:
10.8.0.2 dev tun0 proto kernel scope link src 10.8.0.1
10.8.0.0/24 via 10.8.0.2 dev tun0
192.168.2.0/24 via 10.8.0.2 dev tun0
x.y.z.0/24 dev eth0 proto kernel scope link src x.y.z.q
192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.1
default via x.y.z.1 dev eth0
Client routes:
10.8.0.5 dev tun0 proto kernel scope link src 10.8.0.6
10.8.0.0/24 via 10.8.0.5 dev tun0
192.168.2.0/24 dev eth1 proto kernel scope link src 192.168.2.1
a.b.c.d/24 dev eth0 proto kernel scope link src a.b.c.d.5
192.168.1.0/24 via 10.8.0.5 dev tun0
default via a.b.c.1 dev eth0 metric 100
When I traceroute 192.168.1.y (LAN A) address from 192.168.2.x (LAN B), the first hope is a.b.c.1 ?! How is that happened? IP forwarding is on.
eth0 is interface with public IP on the client, I did iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
Routing problem from client's LAN
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
-
boban
- OpenVpn Newbie
- Posts: 6
- Joined: Wed May 25, 2011 10:22 am
-
janjust
- Forum Team
- Posts: 2703
- Joined: Fri Aug 20, 2010 2:57 pm
- Location: Amsterdam
- Contact:
Re: Routing problem from client's LAN
can a host on LAN B ping the 192.168.2.x address of the VPN client on LAN A?
if you ping another host on LAN A, does that host have the proper return route for the networks 10.8.0.0/24 AND 192.168.1.0/24 ?
if you ping another host on LAN A, does that host have the proper return route for the networks 10.8.0.0/24 AND 192.168.1.0/24 ?
-
boban
- OpenVpn Newbie
- Posts: 6
- Joined: Wed May 25, 2011 10:22 am
Re: Routing problem from client's LAN
Host on LAN B can ping 192.168.2.1 (internal address of client) and a.b.c.d.5 (external address of client).
I can't ping any host on lan A from a host on lan B, but I can ping every host on lan A from a client.
I can't ping any host on lan A from a host on lan B, but I can ping every host on lan A from a client.
-
janjust
- Forum Team
- Posts: 2703
- Joined: Fri Aug 20, 2010 2:57 pm
- Location: Amsterdam
- Contact:
Re: Routing problem from client's LAN
that's a routing issue on the LAN A side ; run wireshark or tcpdump on a client in LAN A and see where the packets go...
-
maikcat
- Forum Team
- Posts: 4200
- Joined: Wed Jan 12, 2011 9:23 am
- Location: Athens,Greece
- Contact:
Re: Routing problem from client's LAN
hi there,
i dont think you need nat anyway..
can you post ifconfig output from both server/client?
is ip forwarding enabled in both server/client?
please post output of iptables -L on server side.
Michael.
i dont think you need nat anyway..
can you post ifconfig output from both server/client?
is ip forwarding enabled in both server/client?
please post output of iptables -L on server side.
Michael.
Amiga 500 , Zx +2 owner
Long live Dino Dini (Kick off 2 Creator)
Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)
"objects in mirror are losing"
Long live Dino Dini (Kick off 2 Creator)
Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)
"objects in mirror are losing"
-
boban
- OpenVpn Newbie
- Posts: 6
- Joined: Wed May 25, 2011 10:22 am
Re: Routing problem from client's LAN
Hi,
client ifconfig:
eth0 Link encap:Ethernet HWaddr 6a:0f:ed:91:bb:78
inet addr:a.b.c.d Bcast:a.b.c.255 Mask:255.255.255.0
inet6 addr: fe80::680f:edff:fe91:bb78/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:88569 errors:0 dropped:0 overruns:0 frame:0
TX packets:70820 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:6513598 (6.5 MB) TX bytes:4111136 (4.1 MB)
Interrupt:9
eth1 Link encap:Ethernet HWaddr 46:1f:35:7c:3e:79
inet addr:192.168.2.1 Bcast:192.168.2.255 Mask:255.255.255.0
inet6 addr: fe80::441f:35ff:fe7c:3e79/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:6279 errors:0 dropped:0 overruns:0 frame:0
TX packets:43 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:901350 (901.3 KB) TX bytes:3014 (3.0 KB)
Interrupt:10
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:36645 errors:0 dropped:0 overruns:0 frame:0
TX packets:36645 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:2570410 (2.5 MB) TX bytes:2570410 (2.5 MB)
tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.8.0.6 P-t-P:10.8.0.5 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:10 errors:0 dropped:0 overruns:0 frame:0
TX packets:10 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:1428 (1.4 KB) TX bytes:1428 (1.4 KB)
Server ifconfig:
eth0 Link encap:Ethernet HWaddr 2e:3f:d8:54:fc:f0
inet addr:x.y.z.q Bcast:x.y.z.q.255 Mask:255.255.255.0
inet6 addr: fe80::2c3f:d8ff:fe54:fcf0/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:24331 errors:0 dropped:0 overruns:0 frame:0
TX packets:8684 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1862791 (1.8 MB) TX bytes:1123537 (1.1 MB)
Interrupt:9
eth1 Link encap:Ethernet HWaddr ba:a0:30:c1:e5:f7
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::b8a0:30ff:fec1:e5f7/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:96978 errors:0 dropped:0 overruns:0 frame:0
TX packets:135518 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:7851015 (7.8 MB) TX bytes:119703927 (119.7 MB)
Interrupt:10
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:129 errors:0 dropped:0 overruns:0 frame:0
TX packets:129 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:13831 (13.8 KB) TX bytes:13831 (13.8 KB)
tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.8.0.1 P-t-P:10.8.0.2 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:10 errors:0 dropped:0 overruns:0 frame:0
TX packets:14 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:1428 (1.4 KB) TX bytes:1764 (1.7 KB)
IP forwarding is enabled on both clien and server. NAT is also enabled, so both LAN hosts ping 8.8.8.8
There is no IP filtering on server and client side. iptables -L :
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
client ifconfig:
eth0 Link encap:Ethernet HWaddr 6a:0f:ed:91:bb:78
inet addr:a.b.c.d Bcast:a.b.c.255 Mask:255.255.255.0
inet6 addr: fe80::680f:edff:fe91:bb78/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:88569 errors:0 dropped:0 overruns:0 frame:0
TX packets:70820 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:6513598 (6.5 MB) TX bytes:4111136 (4.1 MB)
Interrupt:9
eth1 Link encap:Ethernet HWaddr 46:1f:35:7c:3e:79
inet addr:192.168.2.1 Bcast:192.168.2.255 Mask:255.255.255.0
inet6 addr: fe80::441f:35ff:fe7c:3e79/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:6279 errors:0 dropped:0 overruns:0 frame:0
TX packets:43 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:901350 (901.3 KB) TX bytes:3014 (3.0 KB)
Interrupt:10
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:36645 errors:0 dropped:0 overruns:0 frame:0
TX packets:36645 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:2570410 (2.5 MB) TX bytes:2570410 (2.5 MB)
tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.8.0.6 P-t-P:10.8.0.5 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:10 errors:0 dropped:0 overruns:0 frame:0
TX packets:10 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:1428 (1.4 KB) TX bytes:1428 (1.4 KB)
Server ifconfig:
eth0 Link encap:Ethernet HWaddr 2e:3f:d8:54:fc:f0
inet addr:x.y.z.q Bcast:x.y.z.q.255 Mask:255.255.255.0
inet6 addr: fe80::2c3f:d8ff:fe54:fcf0/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:24331 errors:0 dropped:0 overruns:0 frame:0
TX packets:8684 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1862791 (1.8 MB) TX bytes:1123537 (1.1 MB)
Interrupt:9
eth1 Link encap:Ethernet HWaddr ba:a0:30:c1:e5:f7
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::b8a0:30ff:fec1:e5f7/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:96978 errors:0 dropped:0 overruns:0 frame:0
TX packets:135518 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:7851015 (7.8 MB) TX bytes:119703927 (119.7 MB)
Interrupt:10
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:129 errors:0 dropped:0 overruns:0 frame:0
TX packets:129 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:13831 (13.8 KB) TX bytes:13831 (13.8 KB)
tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.8.0.1 P-t-P:10.8.0.2 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:10 errors:0 dropped:0 overruns:0 frame:0
TX packets:14 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:1428 (1.4 KB) TX bytes:1764 (1.7 KB)
IP forwarding is enabled on both clien and server. NAT is also enabled, so both LAN hosts ping 8.8.8.8
There is no IP filtering on server and client side. iptables -L :
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
-
maikcat
- Forum Team
- Posts: 4200
- Joined: Wed Jan 12, 2011 9:23 am
- Location: Athens,Greece
- Contact:
Re: Routing problem from client's LAN
hi there,
just for testing try adding this to your ccd file
ifconfig-push 10.8.0.22 10.8.0.21
and reconnect your client...
if your client doesnt get 10.8.0.22 your ccd name is wrong..
Michael.
just for testing try adding this to your ccd file
ifconfig-push 10.8.0.22 10.8.0.21
and reconnect your client...
if your client doesnt get 10.8.0.22 your ccd name is wrong..
Michael.
Amiga 500 , Zx +2 owner
Long live Dino Dini (Kick off 2 Creator)
Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)
"objects in mirror are losing"
Long live Dino Dini (Kick off 2 Creator)
Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)
"objects in mirror are losing"
-
boban
- OpenVpn Newbie
- Posts: 6
- Joined: Wed May 25, 2011 10:22 am
Re: Routing problem from client's LAN
I've did what u told, and I guess u are right, the client is still 10.8.0.6.
So how can I fix this?
So how can I fix this?
-
janjust
- Forum Team
- Posts: 2703
- Joined: Fri Aug 20, 2010 2:57 pm
- Location: Amsterdam
- Contact:
Re: Routing problem from client's LAN
set the server verbosity to 5
restart the server, reconnect the client and post the (anonymized) server log file here.
Code: Select all
verb 5-
boban
- OpenVpn Newbie
- Posts: 6
- Joined: Wed May 25, 2011 10:22 am
Re: Routing problem from client's LAN
Fri May 27 12:18:35 2011 us=882719 Current Parameter Settings:
Fri May 27 12:18:35 2011 us=882836 config = '/etc/openvpn/openvpn.conf'
Fri May 27 12:18:35 2011 us=882853 mode = 1
Fri May 27 12:18:35 2011 us=882866 persist_config = DISABLED
Fri May 27 12:18:35 2011 us=882882 persist_mode = 1
Fri May 27 12:18:35 2011 us=882895 show_ciphers = DISABLED
Fri May 27 12:18:35 2011 us=882908 show_digests = DISABLED
Fri May 27 12:18:35 2011 us=882921 show_engines = DISABLED
Fri May 27 12:18:35 2011 us=882934 genkey = DISABLED
Fri May 27 12:18:35 2011 us=882947 key_pass_file = '[UNDEF]'
Fri May 27 12:18:35 2011 us=882960 show_tls_ciphers = DISABLED
Fri May 27 12:18:35 2011 us=882973 Connection profiles [default]:
Fri May 27 12:18:35 2011 us=882987 proto = udp
Fri May 27 12:18:35 2011 us=883000 local = '[UNDEF]'
Fri May 27 12:18:35 2011 us=883014 local_port = 1194
Fri May 27 12:18:35 2011 us=883026 remote = '[UNDEF]'
Fri May 27 12:18:35 2011 us=883040 remote_port = 1194
Fri May 27 12:18:35 2011 us=883052 remote_float = DISABLED
Fri May 27 12:18:35 2011 us=883065 bind_defined = DISABLED
Fri May 27 12:18:35 2011 us=883078 bind_local = ENABLED
Fri May 27 12:18:35 2011 us=883091 connect_retry_seconds = 5
Fri May 27 12:18:35 2011 us=883104 connect_timeout = 10
Fri May 27 12:18:35 2011 us=883117 connect_retry_max = 0
Fri May 27 12:18:35 2011 us=883130 socks_proxy_server = '[UNDEF]'
Fri May 27 12:18:35 2011 us=883143 socks_proxy_port = 0
Fri May 27 12:18:35 2011 us=883156 socks_proxy_retry = DISABLED
Fri May 27 12:18:35 2011 us=883179 Connection profiles END
Fri May 27 12:18:35 2011 us=883193 remote_random = DISABLED
Fri May 27 12:18:35 2011 us=883206 ipchange = '[UNDEF]'
Fri May 27 12:18:35 2011 us=883219 dev = 'tun'
Fri May 27 12:18:35 2011 us=883232 dev_type = '[UNDEF]'
Fri May 27 12:18:35 2011 us=883244 dev_node = '[UNDEF]'
Fri May 27 12:18:35 2011 us=883257 lladdr = '[UNDEF]'
Fri May 27 12:18:35 2011 us=883270 topology = 1
Fri May 27 12:18:35 2011 us=883283 tun_ipv6 = DISABLED
Fri May 27 12:18:35 2011 us=883296 ifconfig_local = '10.8.0.1'
Fri May 27 12:18:35 2011 us=883310 ifconfig_remote_netmask = '10.8.0.2'
Fri May 27 12:18:35 2011 us=883322 ifconfig_noexec = DISABLED
Fri May 27 12:18:35 2011 us=883335 ifconfig_nowarn = DISABLED
Fri May 27 12:18:35 2011 us=883348 shaper = 0
Fri May 27 12:18:35 2011 us=883361 tun_mtu = 1500
Fri May 27 12:18:35 2011 us=883374 tun_mtu_defined = ENABLED
Fri May 27 12:18:35 2011 us=883387 link_mtu = 1500
Fri May 27 12:18:35 2011 us=883399 link_mtu_defined = DISABLED
Fri May 27 12:18:35 2011 us=883412 tun_mtu_extra = 0
Fri May 27 12:18:35 2011 us=883425 tun_mtu_extra_defined = DISABLED
Fri May 27 12:18:35 2011 us=883438 fragment = 0
Fri May 27 12:18:35 2011 us=883451 mtu_discover_type = -1
Fri May 27 12:18:35 2011 us=883463 mtu_test = 0
Fri May 27 12:18:35 2011 us=883476 mlock = DISABLED
Fri May 27 12:18:35 2011 us=883492 keepalive_ping = 10
Fri May 27 12:18:35 2011 us=883504 keepalive_timeout = 120
Fri May 27 12:18:35 2011 us=883517 inactivity_timeout = 0
Fri May 27 12:18:35 2011 us=883530 ping_send_timeout = 10
Fri May 27 12:18:35 2011 us=883543 ping_rec_timeout = 240
Fri May 27 12:18:35 2011 us=883556 ping_rec_timeout_action = 2
Fri May 27 12:18:35 2011 us=883568 ping_timer_remote = DISABLED
Fri May 27 12:18:35 2011 us=883581 remap_sigusr1 = 0
Fri May 27 12:18:35 2011 us=883594 explicit_exit_notification = 0
Fri May 27 12:18:35 2011 us=883607 persist_tun = ENABLED
Fri May 27 12:18:35 2011 us=883620 persist_local_ip = DISABLED
Fri May 27 12:18:35 2011 us=883633 persist_remote_ip = DISABLED
Fri May 27 12:18:35 2011 us=883646 persist_key = ENABLED
Fri May 27 12:18:35 2011 us=883658 mssfix = 1450
Fri May 27 12:18:35 2011 us=883671 passtos = DISABLED
Fri May 27 12:18:35 2011 us=883684 resolve_retry_seconds = 1000000000
Fri May 27 12:18:35 2011 us=883697 username = 'nobody'
Fri May 27 12:18:35 2011 us=883710 groupname = 'nogroup'
Fri May 27 12:18:35 2011 us=883723 chroot_dir = '[UNDEF]'
Fri May 27 12:18:35 2011 us=883743 cd_dir = '[UNDEF]'
Fri May 27 12:18:35 2011 us=883757 writepid = '[UNDEF]'
Fri May 27 12:18:35 2011 us=883770 up_script = '[UNDEF]'
Fri May 27 12:18:35 2011 us=883782 down_script = '[UNDEF]'
Fri May 27 12:18:35 2011 us=883795 down_pre = DISABLED
Fri May 27 12:18:35 2011 us=883808 up_restart = DISABLED
Fri May 27 12:18:35 2011 us=883821 up_delay = DISABLED
Fri May 27 12:18:35 2011 us=883834 daemon = ENABLED
Fri May 27 12:18:35 2011 us=883847 inetd = 0
Fri May 27 12:18:35 2011 us=883860 log = ENABLED
Fri May 27 12:18:35 2011 us=883873 suppress_timestamps = DISABLED
Fri May 27 12:18:35 2011 us=883885 nice = 0
Fri May 27 12:18:35 2011 us=883898 verbosity = 5
Fri May 27 12:18:35 2011 us=883911 mute = 0
Fri May 27 12:18:35 2011 us=883924 gremlin = 0
Fri May 27 12:18:35 2011 us=883937 status_file = 'openvpn-status.log'
Fri May 27 12:18:35 2011 us=883950 status_file_version = 1
Fri May 27 12:18:35 2011 us=883963 status_file_update_freq = 60
Fri May 27 12:18:35 2011 us=883976 occ = ENABLED
Fri May 27 12:18:35 2011 us=883989 rcvbuf = 65536
Fri May 27 12:18:35 2011 us=884002 sndbuf = 65536
Fri May 27 12:18:35 2011 us=884015 sockflags = 0
Fri May 27 12:18:35 2011 us=884028 fast_io = DISABLED
Fri May 27 12:18:35 2011 us=884040 lzo = 0
Fri May 27 12:18:35 2011 us=884053 route_script = '[UNDEF]'
Fri May 27 12:18:35 2011 us=884066 route_default_gateway = '[UNDEF]'
Fri May 27 12:18:35 2011 us=884079 route_default_metric = 0
Fri May 27 12:18:35 2011 us=884092 route_noexec = DISABLED
Fri May 27 12:18:35 2011 us=884105 route_delay = 0
Fri May 27 12:18:35 2011 us=884118 route_delay_window = 30
Fri May 27 12:18:35 2011 us=884137 route_delay_defined = DISABLED
Fri May 27 12:18:35 2011 us=884151 route_nopull = DISABLED
Fri May 27 12:18:35 2011 us=884164 route_gateway_via_dhcp = DISABLED
Fri May 27 12:18:35 2011 us=884177 max_routes = 100
Fri May 27 12:18:35 2011 us=884190 allow_pull_fqdn = DISABLED
Fri May 27 12:18:35 2011 us=884209 route 192.168.2.0/255.255.255.0/nil/nil
Fri May 27 12:18:35 2011 us=884223 route 10.8.0.0/255.255.255.0/nil/nil
Fri May 27 12:18:35 2011 us=884236 management_addr = '[UNDEF]'
Fri May 27 12:18:35 2011 us=884249 management_port = 0
Fri May 27 12:18:35 2011 us=884262 management_user_pass = '[UNDEF]'
Fri May 27 12:18:35 2011 us=884275 management_log_history_cache = 250
Fri May 27 12:18:35 2011 us=884288 management_echo_buffer_size = 100
Fri May 27 12:18:35 2011 us=884301 management_write_peer_info_file = '[UNDEF]'
Fri May 27 12:18:35 2011 us=884314 management_client_user = '[UNDEF]'
Fri May 27 12:18:35 2011 us=884327 management_client_group = '[UNDEF]'
Fri May 27 12:18:35 2011 us=884340 management_flags = 0
Fri May 27 12:18:35 2011 us=884353 shared_secret_file = '[UNDEF]'
Fri May 27 12:18:35 2011 us=884367 key_direction = 0
Fri May 27 12:18:35 2011 us=884379 ciphername_defined = ENABLED
Fri May 27 12:18:35 2011 us=884392 ciphername = 'BF-CBC'
Fri May 27 12:18:35 2011 us=884406 authname_defined = ENABLED
Fri May 27 12:18:35 2011 us=884424 authname = 'SHA1'
Fri May 27 12:18:35 2011 us=884441 prng_hash = 'SHA1'
Fri May 27 12:18:35 2011 us=884454 prng_nonce_secret_len = 16
Fri May 27 12:18:35 2011 us=884467 keysize = 0
Fri May 27 12:18:35 2011 us=884480 engine = DISABLED
Fri May 27 12:18:35 2011 us=884493 replay = ENABLED
Fri May 27 12:18:35 2011 us=884506 mute_replay_warnings = DISABLED
Fri May 27 12:18:35 2011 us=884519 replay_window = 64
Fri May 27 12:18:35 2011 us=884534 replay_time = 15
Fri May 27 12:18:35 2011 us=884547 packet_id_file = '[UNDEF]'
Fri May 27 12:18:35 2011 us=884559 use_iv = ENABLED
Fri May 27 12:18:35 2011 us=884573 test_crypto = DISABLED
Fri May 27 12:18:35 2011 us=884586 tls_server = ENABLED
Fri May 27 12:18:35 2011 us=884599 tls_client = DISABLED
Fri May 27 12:18:35 2011 us=884612 key_method = 2
Fri May 27 12:18:35 2011 us=884625 ca_file = '/etc/openvpn/easy-rsa/2.0/keys/ca.crt'
Fri May 27 12:18:35 2011 us=884638 ca_path = '[UNDEF]'
Fri May 27 12:18:35 2011 us=884657 dh_file = '/etc/openvpn/easy-rsa/2.0/keys/dh1024.pem'
Fri May 27 12:18:35 2011 us=884671 cert_file = '/etc/openvpn/easy-rsa/2.0/keys/server.crt'
Fri May 27 12:18:35 2011 us=884685 priv_key_file = '/etc/openvpn/easy-rsa/2.0/keys/server.key'
Fri May 27 12:18:35 2011 us=884698 pkcs12_file = '[UNDEF]'
Fri May 27 12:18:35 2011 us=884711 cipher_list = '[UNDEF]'
Fri May 27 12:18:35 2011 us=884724 tls_verify = '[UNDEF]'
Fri May 27 12:18:35 2011 us=884737 tls_remote = '[UNDEF]'
Fri May 27 12:18:35 2011 us=884750 crl_file = '[UNDEF]'
Fri May 27 12:18:35 2011 us=884763 ns_cert_type = 0
Fri May 27 12:18:35 2011 us=884776 remote_cert_ku = 0
Fri May 27 12:18:35 2011 us=884788 remote_cert_ku = 0
Fri May 27 12:18:35 2011 us=884801 remote_cert_ku = 0
Fri May 27 12:18:35 2011 us=884814 remote_cert_ku = 0
Fri May 27 12:18:35 2011 us=884827 remote_cert_ku = 0
Fri May 27 12:18:35 2011 us=884840 remote_cert_ku = 0
Fri May 27 12:18:35 2011 us=884852 remote_cert_ku = 0
Fri May 27 12:18:35 2011 us=884865 remote_cert_ku = 0
Fri May 27 12:18:35 2011 us=884878 remote_cert_ku = 0
Fri May 27 12:18:35 2011 us=884897 remote_cert_ku = 0
Fri May 27 12:18:35 2011 us=884910 remote_cert_ku[i] = 0
Fri May 27 12:18:35 2011 us=884923 remote_cert_ku[i] = 0
Fri May 27 12:18:35 2011 us=884936 remote_cert_ku[i] = 0
Fri May 27 12:18:35 2011 us=884949 remote_cert_ku[i] = 0
Fri May 27 12:18:35 2011 us=884961 remote_cert_ku[i] = 0
Fri May 27 12:18:35 2011 us=884974 remote_cert_ku[i] = 0
Fri May 27 12:18:35 2011 us=884987 remote_cert_eku = '[UNDEF]'
Fri May 27 12:18:35 2011 us=885000 tls_timeout = 2
Fri May 27 12:18:35 2011 us=885013 renegotiate_bytes = 0
Fri May 27 12:18:35 2011 us=885026 renegotiate_packets = 0
Fri May 27 12:18:35 2011 us=885039 renegotiate_seconds = 3600
Fri May 27 12:18:35 2011 us=885051 handshake_window = 60
Fri May 27 12:18:35 2011 us=885064 transition_window = 3600
Fri May 27 12:18:35 2011 us=885077 single_session = DISABLED
Fri May 27 12:18:35 2011 us=885090 tls_exit = DISABLED
Fri May 27 12:18:35 2011 us=885103 tls_auth_file = '[UNDEF]'
Fri May 27 12:18:35 2011 us=885116 pkcs11_protected_authentication = DISABLED
Fri May 27 12:18:35 2011 us=885129 pkcs11_protected_authentication = DISABLED
Fri May 27 12:18:35 2011 us=885142 pkcs11_protected_authentication = DISABLED
Fri May 27 12:18:35 2011 us=885155 pkcs11_protected_authentication = DISABLED
Fri May 27 12:18:35 2011 us=885168 pkcs11_protected_authentication = DISABLED
Fri May 27 12:18:35 2011 us=885181 pkcs11_protected_authentication = DISABLED
Fri May 27 12:18:35 2011 us=885194 pkcs11_protected_authentication = DISABLED
Fri May 27 12:18:35 2011 us=885207 pkcs11_protected_authentication = DISABLED
Fri May 27 12:18:35 2011 us=885220 pkcs11_protected_authentication = DISABLED
Fri May 27 12:18:35 2011 us=885237 pkcs11_protected_authentication = DISABLED
Fri May 27 12:18:35 2011 us=885250 pkcs11_protected_authentication = DISABLED
Fri May 27 12:18:35 2011 us=885263 pkcs11_protected_authentication = DISABLED
Fri May 27 12:18:35 2011 us=885276 pkcs11_protected_authentication = DISABLED
Fri May 27 12:18:35 2011 us=885289 pkcs11_protected_authentication = DISABLED
Fri May 27 12:18:35 2011 us=885301 pkcs11_protected_authentication = DISABLED
Fri May 27 12:18:35 2011 us=885314 pkcs11_protected_authentication = DISABLED
Fri May 27 12:18:35 2011 us=885328 pkcs11_private_mode = 00000000
Fri May 27 12:18:35 2011 us=885341 pkcs11_private_mode = 00000000
Fri May 27 12:18:35 2011 us=885354 pkcs11_private_mode = 00000000
Fri May 27 12:18:35 2011 us=885367 pkcs11_private_mode = 00000000
Fri May 27 12:18:35 2011 us=885380 pkcs11_private_mode = 00000000
Fri May 27 12:18:35 2011 us=885393 pkcs11_private_mode = 00000000
Fri May 27 12:18:35 2011 us=885406 pkcs11_private_mode = 00000000
Fri May 27 12:18:35 2011 us=885419 pkcs11_private_mode = 00000000
Fri May 27 12:18:35 2011 us=885432 pkcs11_private_mode = 00000000
Fri May 27 12:18:35 2011 us=885445 pkcs11_private_mode = 00000000
Fri May 27 12:18:35 2011 us=885464 pkcs11_private_mode = 00000000
Fri May 27 12:18:35 2011 us=885477 pkcs11_private_mode = 00000000
Fri May 27 12:18:35 2011 us=885490 pkcs11_private_mode = 00000000
Fri May 27 12:18:35 2011 us=885503 pkcs11_private_mode = 00000000
Fri May 27 12:18:35 2011 us=885516 pkcs11_private_mode = 00000000
Fri May 27 12:18:35 2011 us=885529 pkcs11_private_mode = 00000000
Fri May 27 12:18:35 2011 us=885542 pkcs11_cert_private = DISABLED
Fri May 27 12:18:35 2011 us=885554 pkcs11_cert_private = DISABLED
Fri May 27 12:18:35 2011 us=885569 pkcs11_cert_private = DISABLED
Fri May 27 12:18:35 2011 us=885582 pkcs11_cert_private = DISABLED
Fri May 27 12:18:35 2011 us=885595 pkcs11_cert_private = DISABLED
Fri May 27 12:18:35 2011 us=885607 pkcs11_cert_private = DISABLED
Fri May 27 12:18:35 2011 us=885620 pkcs11_cert_private = DISABLED
Fri May 27 12:18:35 2011 us=885633 pkcs11_cert_private = DISABLED
Fri May 27 12:18:35 2011 us=885646 pkcs11_cert_private = DISABLED
Fri May 27 12:18:35 2011 us=885659 pkcs11_cert_private = DISABLED
Fri May 27 12:18:35 2011 us=885672 pkcs11_cert_private = DISABLED
Fri May 27 12:18:35 2011 us=885685 pkcs11_cert_private = DISABLED
Fri May 27 12:18:35 2011 us=885698 pkcs11_cert_private = DISABLED
Fri May 27 12:18:35 2011 us=885710 pkcs11_cert_private = DISABLED
Fri May 27 12:18:35 2011 us=885723 pkcs11_cert_private = DISABLED
Fri May 27 12:18:35 2011 us=885736 pkcs11_cert_private = DISABLED
Fri May 27 12:18:35 2011 us=885749 pkcs11_pin_cache_period = -1
Fri May 27 12:18:35 2011 us=885762 pkcs11_id = '[UNDEF]'
Fri May 27 12:18:35 2011 us=885775 pkcs11_id_management = DISABLED
Fri May 27 12:18:35 2011 us=885790 server_network = 10.8.0.0
Fri May 27 12:18:35 2011 us=885804 server_netmask = 255.255.255.0
Fri May 27 12:18:35 2011 us=885818 server_bridge_ip = 0.0.0.0
Fri May 27 12:18:35 2011 us=885831 server_bridge_netmask = 0.0.0.0
Fri May 27 12:18:35 2011 us=885845 server_bridge_pool_start = 0.0.0.0
Fri May 27 12:18:35 2011 us=885859 server_bridge_pool_end = 0.0.0.0
Fri May 27 12:18:35 2011 us=885872 push_entry = 'route 192.168.1.0 255.255.255.0'
Fri May 27 12:18:35 2011 us=885885 push_entry = 'route 10.8.0.0 255.255.255.0'
Fri May 27 12:18:35 2011 us=885898 push_entry = 'topology net30'
Fri May 27 12:18:35 2011 us=885911 push_entry = 'ping 10'
Fri May 27 12:18:35 2011 us=885924 push_entry = 'ping-restart 120'
Fri May 27 12:18:35 2011 us=885937 ifconfig_pool_defined = ENABLED
Fri May 27 12:18:35 2011 us=885951 ifconfig_pool_start = 10.8.0.4
Fri May 27 12:18:35 2011 us=885965 ifconfig_pool_end = 10.8.0.251
Fri May 27 12:18:35 2011 us=885979 ifconfig_pool_netmask = 0.0.0.0
Fri May 27 12:18:35 2011 us=885992 ifconfig_pool_persist_filename = 'ipp.txt'
Fri May 27 12:18:35 2011 us=886005 ifconfig_pool_persist_refresh_freq = 600
Fri May 27 12:18:35 2011 us=886018 n_bcast_buf = 256
Fri May 27 12:18:35 2011 us=886030 tcp_queue_limit = 64
Fri May 27 12:18:35 2011 us=886043 real_hash_size = 256
Fri May 27 12:18:35 2011 us=886056 virtual_hash_size = 256
Fri May 27 12:18:35 2011 us=886069 client_connect_script = '[UNDEF]'
Fri May 27 12:18:35 2011 us=886082 learn_address_script = '[UNDEF]'
Fri May 27 12:18:35 2011 us=886095 client_disconnect_script = '[UNDEF]'
Fri May 27 12:18:35 2011 us=886108 client_config_dir = 'ccd'
Fri May 27 12:18:35 2011 us=886121 ccd_exclusive = DISABLED
Fri May 27 12:18:35 2011 us=886134 tmp_dir = '[UNDEF]'
Fri May 27 12:18:35 2011 us=886147 push_ifconfig_defined = DISABLED
Fri May 27 12:18:35 2011 us=886161 push_ifconfig_local = 0.0.0.0
Fri May 27 12:18:35 2011 us=886175 push_ifconfig_remote_netmask = 0.0.0.0
Fri May 27 12:18:35 2011 us=886187 enable_c2c = ENABLED
Fri May 27 12:18:35 2011 us=886200 duplicate_cn = DISABLED
Fri May 27 12:18:35 2011 us=886214 cf_max = 0
Fri May 27 12:18:35 2011 us=886226 cf_per = 0
Fri May 27 12:18:35 2011 us=886240 max_clients = 1024
Fri May 27 12:18:35 2011 us=886253 max_routes_per_client = 256
Fri May 27 12:18:35 2011 us=886276 auth_user_pass_verify_script = '[UNDEF]'
Fri May 27 12:18:35 2011 us=886290 auth_user_pass_verify_script_via_file = DISABLED
Fri May 27 12:18:35 2011 us=886304 ssl_flags = 0
Fri May 27 12:18:35 2011 us=886316 port_share_host = '[UNDEF]'
Fri May 27 12:18:35 2011 us=886329 port_share_port = 0
Fri May 27 12:18:35 2011 us=886342 client = DISABLED
Fri May 27 12:18:35 2011 us=886355 pull = DISABLED
Fri May 27 12:18:35 2011 us=886368 auth_user_pass_file = '[UNDEF]'
Fri May 27 12:18:35 2011 us=886387 OpenVPN 2.1.0 x86_64-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [MH] [PF_INET6] [eurephia] built on Jul 12 2010
Fri May 27 12:18:35 2011 us=886737 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Fri May 27 12:18:35 2011 us=889212 Diffie-Hellman initialized with 1024 bit key
Fri May 27 12:18:35 2011 us=889847 /usr/bin/openssl-vulnkey -q -b 1024 -m <modulus omitted>
Fri May 27 12:18:35 2011 us=996181 TLS-Auth MTU parms [ L:1541 D:138 EF:38 EB:0 ET:0 EL:0 ]
Fri May 27 12:18:35 2011 us=996461 ROUTE default_gateway=10.100.0.1
Fri May 27 12:18:35 2011 us=998616 TUN/TAP device tun0 opened
Fri May 27 12:18:35 2011 us=998659 TUN/TAP TX queue length set to 100
Fri May 27 12:18:35 2011 us=998696 /sbin/ifconfig tun0 10.8.0.1 pointopoint 10.8.0.2 mtu 1500
Fri May 27 12:18:36 2011 us=2965 /sbin/route add -net 192.168.2.0 netmask 255.255.255.0 gw 10.8.0.2
Fri May 27 12:18:36 2011 us=7474 /sbin/route add -net 10.8.0.0 netmask 255.255.255.0 gw 10.8.0.2
Fri May 27 12:18:36 2011 us=9306 Data Channel MTU parms [ L:1541 D:1450 EF:41 EB:4 ET:0 EL:0 ]
Fri May 27 12:18:36 2011 us=11272 GID set to nogroup
Fri May 27 12:18:36 2011 us=11380 UID set to nobody
Fri May 27 12:18:36 2011 us=11429 Socket Buffers: R=[126976->131072] S=[126976->131072]
Fri May 27 12:18:36 2011 us=11459 UDPv4 link local (bound): [undef]
Fri May 27 12:18:36 2011 us=11473 UDPv4 link remote: [undef]
Fri May 27 12:18:36 2011 us=11501 MULTI: multi_init called, r=256 v=256
Fri May 27 12:18:36 2011 us=11632 IFCONFIG POOL: base=10.8.0.4 size=62
Fri May 27 12:18:36 2011 us=11693 IFCONFIG POOL LIST
Fri May 27 12:18:36 2011 us=11714 client,10.8.0.4
Fri May 27 12:18:36 2011 us=11760 Initialization Sequence Completed
Fri May 27 12:18:41 2011 us=784685 MULTI: multi_create_instance called
Fri May 27 12:18:41 2011 us=784740 a.b.c.d:49789 Re-using SSL/TLS context
Fri May 27 12:18:41 2011 us=785124 a.b.c.d:49789 Control Channel MTU parms [ L:1541 D:138 EF:38 EB:0 ET:0 EL:0 ]
Fri May 27 12:18:41 2011 us=785145 a.b.c.d:49789 Data Channel MTU parms [ L:1541 D:1450 EF:41 EB:4 ET:0 EL:0 ]
Fri May 27 12:18:41 2011 us=785217 a.b.c.d:49789 Local Options String: 'V4,dev-type tun,link-mtu 1541,tun-mtu 1500,proto UDPv4,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Fri May 27 12:18:41 2011 us=785237 a.b.c.d:49789 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1541,tun-mtu 1500,proto UDPv4,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Fri May 27 12:18:41 2011 us=785276 a.b.c.d:49789 Local Options hash (VER=V4): '239669a8'
Fri May 27 12:18:41 2011 us=785294 a.b.c.d:49789 Expected Remote Options hash (VER=V4): '3514370b'
RFri May 27 12:18:41 2011 us=785376 a.b.c.d:49789 TLS: Initial packet from [AF_INET]a.b.c.d:49789, sid=cac6d2bb 125b0766
WRRWWWWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRRRRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRFri May 27 12:18:41 2011 us=803853 a.b.c.d:49789 VERIFY OK: depth=1, /C=RS/ST=RS/L=Belgrade/O=org/OU=IT/CN=org_CA/emailAddress=boban.petrovic@org.rs
Fri May 27 12:18:41 2011 us=804001 10.100.0.5:49789 VERIFY OK: depth=0, /C=RS/ST=RS/L=Belgrade/O=org/OU=IT/CN=client/emailAddress=boban.petrovic@org.rs
WRWRWRWWWWRWRWRWRWRWRWRWRWRWRRRRWRWRWRFri May 27 12:18:41 2011 us=809441 a.b.c.d:49789 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Fri May 27 12:18:41 2011 us=809464 a.b.c.d:49789 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri May 27 12:18:41 2011 us=809535 a.b.c.d:49789 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Fri May 27 12:18:41 2011 us=809551 a.b.c.d:49789 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
WWWRRRFri May 27 12:18:41 2011 us=811194 a.b.c.d:49789 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Fri May 27 12:18:41 2011 us=811221 a.b.c.d:49789 [client] Peer Connection Initiated with [AF_INET]a.b.c.d:49789
Fri May 27 12:18:41 2011 us=811297 client/a.b.c.d:49789 MULTI: Learn: 10.8.0.6 -> client/a.b.c.d:49789
Fri May 27 12:18:41 2011 us=811315 client/a.b.c.d:49789 MULTI: primary virtual IP for client/a.b.c.d:49789: 10.8.0.6
RFri May 27 12:18:44 2011 us=175095 client/a.b.c.d:49789 PUSH: Received control message: 'PUSH_REQUEST'
Fri May 27 12:18:44 2011 us=175174 client/a.b.c.d:49789 SENT CONTROL [client]: 'PUSH_REPLY,route 192.168.1.0 255.255.255.0,route 10.8.0.0 255.255.255.0,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' (status=1)
Well, now I guess that I didn't make mistake with a ccd name.
Fri May 27 12:18:35 2011 us=882836 config = '/etc/openvpn/openvpn.conf'
Fri May 27 12:18:35 2011 us=882853 mode = 1
Fri May 27 12:18:35 2011 us=882866 persist_config = DISABLED
Fri May 27 12:18:35 2011 us=882882 persist_mode = 1
Fri May 27 12:18:35 2011 us=882895 show_ciphers = DISABLED
Fri May 27 12:18:35 2011 us=882908 show_digests = DISABLED
Fri May 27 12:18:35 2011 us=882921 show_engines = DISABLED
Fri May 27 12:18:35 2011 us=882934 genkey = DISABLED
Fri May 27 12:18:35 2011 us=882947 key_pass_file = '[UNDEF]'
Fri May 27 12:18:35 2011 us=882960 show_tls_ciphers = DISABLED
Fri May 27 12:18:35 2011 us=882973 Connection profiles [default]:
Fri May 27 12:18:35 2011 us=882987 proto = udp
Fri May 27 12:18:35 2011 us=883000 local = '[UNDEF]'
Fri May 27 12:18:35 2011 us=883014 local_port = 1194
Fri May 27 12:18:35 2011 us=883026 remote = '[UNDEF]'
Fri May 27 12:18:35 2011 us=883040 remote_port = 1194
Fri May 27 12:18:35 2011 us=883052 remote_float = DISABLED
Fri May 27 12:18:35 2011 us=883065 bind_defined = DISABLED
Fri May 27 12:18:35 2011 us=883078 bind_local = ENABLED
Fri May 27 12:18:35 2011 us=883091 connect_retry_seconds = 5
Fri May 27 12:18:35 2011 us=883104 connect_timeout = 10
Fri May 27 12:18:35 2011 us=883117 connect_retry_max = 0
Fri May 27 12:18:35 2011 us=883130 socks_proxy_server = '[UNDEF]'
Fri May 27 12:18:35 2011 us=883143 socks_proxy_port = 0
Fri May 27 12:18:35 2011 us=883156 socks_proxy_retry = DISABLED
Fri May 27 12:18:35 2011 us=883179 Connection profiles END
Fri May 27 12:18:35 2011 us=883193 remote_random = DISABLED
Fri May 27 12:18:35 2011 us=883206 ipchange = '[UNDEF]'
Fri May 27 12:18:35 2011 us=883219 dev = 'tun'
Fri May 27 12:18:35 2011 us=883232 dev_type = '[UNDEF]'
Fri May 27 12:18:35 2011 us=883244 dev_node = '[UNDEF]'
Fri May 27 12:18:35 2011 us=883257 lladdr = '[UNDEF]'
Fri May 27 12:18:35 2011 us=883270 topology = 1
Fri May 27 12:18:35 2011 us=883283 tun_ipv6 = DISABLED
Fri May 27 12:18:35 2011 us=883296 ifconfig_local = '10.8.0.1'
Fri May 27 12:18:35 2011 us=883310 ifconfig_remote_netmask = '10.8.0.2'
Fri May 27 12:18:35 2011 us=883322 ifconfig_noexec = DISABLED
Fri May 27 12:18:35 2011 us=883335 ifconfig_nowarn = DISABLED
Fri May 27 12:18:35 2011 us=883348 shaper = 0
Fri May 27 12:18:35 2011 us=883361 tun_mtu = 1500
Fri May 27 12:18:35 2011 us=883374 tun_mtu_defined = ENABLED
Fri May 27 12:18:35 2011 us=883387 link_mtu = 1500
Fri May 27 12:18:35 2011 us=883399 link_mtu_defined = DISABLED
Fri May 27 12:18:35 2011 us=883412 tun_mtu_extra = 0
Fri May 27 12:18:35 2011 us=883425 tun_mtu_extra_defined = DISABLED
Fri May 27 12:18:35 2011 us=883438 fragment = 0
Fri May 27 12:18:35 2011 us=883451 mtu_discover_type = -1
Fri May 27 12:18:35 2011 us=883463 mtu_test = 0
Fri May 27 12:18:35 2011 us=883476 mlock = DISABLED
Fri May 27 12:18:35 2011 us=883492 keepalive_ping = 10
Fri May 27 12:18:35 2011 us=883504 keepalive_timeout = 120
Fri May 27 12:18:35 2011 us=883517 inactivity_timeout = 0
Fri May 27 12:18:35 2011 us=883530 ping_send_timeout = 10
Fri May 27 12:18:35 2011 us=883543 ping_rec_timeout = 240
Fri May 27 12:18:35 2011 us=883556 ping_rec_timeout_action = 2
Fri May 27 12:18:35 2011 us=883568 ping_timer_remote = DISABLED
Fri May 27 12:18:35 2011 us=883581 remap_sigusr1 = 0
Fri May 27 12:18:35 2011 us=883594 explicit_exit_notification = 0
Fri May 27 12:18:35 2011 us=883607 persist_tun = ENABLED
Fri May 27 12:18:35 2011 us=883620 persist_local_ip = DISABLED
Fri May 27 12:18:35 2011 us=883633 persist_remote_ip = DISABLED
Fri May 27 12:18:35 2011 us=883646 persist_key = ENABLED
Fri May 27 12:18:35 2011 us=883658 mssfix = 1450
Fri May 27 12:18:35 2011 us=883671 passtos = DISABLED
Fri May 27 12:18:35 2011 us=883684 resolve_retry_seconds = 1000000000
Fri May 27 12:18:35 2011 us=883697 username = 'nobody'
Fri May 27 12:18:35 2011 us=883710 groupname = 'nogroup'
Fri May 27 12:18:35 2011 us=883723 chroot_dir = '[UNDEF]'
Fri May 27 12:18:35 2011 us=883743 cd_dir = '[UNDEF]'
Fri May 27 12:18:35 2011 us=883757 writepid = '[UNDEF]'
Fri May 27 12:18:35 2011 us=883770 up_script = '[UNDEF]'
Fri May 27 12:18:35 2011 us=883782 down_script = '[UNDEF]'
Fri May 27 12:18:35 2011 us=883795 down_pre = DISABLED
Fri May 27 12:18:35 2011 us=883808 up_restart = DISABLED
Fri May 27 12:18:35 2011 us=883821 up_delay = DISABLED
Fri May 27 12:18:35 2011 us=883834 daemon = ENABLED
Fri May 27 12:18:35 2011 us=883847 inetd = 0
Fri May 27 12:18:35 2011 us=883860 log = ENABLED
Fri May 27 12:18:35 2011 us=883873 suppress_timestamps = DISABLED
Fri May 27 12:18:35 2011 us=883885 nice = 0
Fri May 27 12:18:35 2011 us=883898 verbosity = 5
Fri May 27 12:18:35 2011 us=883911 mute = 0
Fri May 27 12:18:35 2011 us=883924 gremlin = 0
Fri May 27 12:18:35 2011 us=883937 status_file = 'openvpn-status.log'
Fri May 27 12:18:35 2011 us=883950 status_file_version = 1
Fri May 27 12:18:35 2011 us=883963 status_file_update_freq = 60
Fri May 27 12:18:35 2011 us=883976 occ = ENABLED
Fri May 27 12:18:35 2011 us=883989 rcvbuf = 65536
Fri May 27 12:18:35 2011 us=884002 sndbuf = 65536
Fri May 27 12:18:35 2011 us=884015 sockflags = 0
Fri May 27 12:18:35 2011 us=884028 fast_io = DISABLED
Fri May 27 12:18:35 2011 us=884040 lzo = 0
Fri May 27 12:18:35 2011 us=884053 route_script = '[UNDEF]'
Fri May 27 12:18:35 2011 us=884066 route_default_gateway = '[UNDEF]'
Fri May 27 12:18:35 2011 us=884079 route_default_metric = 0
Fri May 27 12:18:35 2011 us=884092 route_noexec = DISABLED
Fri May 27 12:18:35 2011 us=884105 route_delay = 0
Fri May 27 12:18:35 2011 us=884118 route_delay_window = 30
Fri May 27 12:18:35 2011 us=884137 route_delay_defined = DISABLED
Fri May 27 12:18:35 2011 us=884151 route_nopull = DISABLED
Fri May 27 12:18:35 2011 us=884164 route_gateway_via_dhcp = DISABLED
Fri May 27 12:18:35 2011 us=884177 max_routes = 100
Fri May 27 12:18:35 2011 us=884190 allow_pull_fqdn = DISABLED
Fri May 27 12:18:35 2011 us=884209 route 192.168.2.0/255.255.255.0/nil/nil
Fri May 27 12:18:35 2011 us=884223 route 10.8.0.0/255.255.255.0/nil/nil
Fri May 27 12:18:35 2011 us=884236 management_addr = '[UNDEF]'
Fri May 27 12:18:35 2011 us=884249 management_port = 0
Fri May 27 12:18:35 2011 us=884262 management_user_pass = '[UNDEF]'
Fri May 27 12:18:35 2011 us=884275 management_log_history_cache = 250
Fri May 27 12:18:35 2011 us=884288 management_echo_buffer_size = 100
Fri May 27 12:18:35 2011 us=884301 management_write_peer_info_file = '[UNDEF]'
Fri May 27 12:18:35 2011 us=884314 management_client_user = '[UNDEF]'
Fri May 27 12:18:35 2011 us=884327 management_client_group = '[UNDEF]'
Fri May 27 12:18:35 2011 us=884340 management_flags = 0
Fri May 27 12:18:35 2011 us=884353 shared_secret_file = '[UNDEF]'
Fri May 27 12:18:35 2011 us=884367 key_direction = 0
Fri May 27 12:18:35 2011 us=884379 ciphername_defined = ENABLED
Fri May 27 12:18:35 2011 us=884392 ciphername = 'BF-CBC'
Fri May 27 12:18:35 2011 us=884406 authname_defined = ENABLED
Fri May 27 12:18:35 2011 us=884424 authname = 'SHA1'
Fri May 27 12:18:35 2011 us=884441 prng_hash = 'SHA1'
Fri May 27 12:18:35 2011 us=884454 prng_nonce_secret_len = 16
Fri May 27 12:18:35 2011 us=884467 keysize = 0
Fri May 27 12:18:35 2011 us=884480 engine = DISABLED
Fri May 27 12:18:35 2011 us=884493 replay = ENABLED
Fri May 27 12:18:35 2011 us=884506 mute_replay_warnings = DISABLED
Fri May 27 12:18:35 2011 us=884519 replay_window = 64
Fri May 27 12:18:35 2011 us=884534 replay_time = 15
Fri May 27 12:18:35 2011 us=884547 packet_id_file = '[UNDEF]'
Fri May 27 12:18:35 2011 us=884559 use_iv = ENABLED
Fri May 27 12:18:35 2011 us=884573 test_crypto = DISABLED
Fri May 27 12:18:35 2011 us=884586 tls_server = ENABLED
Fri May 27 12:18:35 2011 us=884599 tls_client = DISABLED
Fri May 27 12:18:35 2011 us=884612 key_method = 2
Fri May 27 12:18:35 2011 us=884625 ca_file = '/etc/openvpn/easy-rsa/2.0/keys/ca.crt'
Fri May 27 12:18:35 2011 us=884638 ca_path = '[UNDEF]'
Fri May 27 12:18:35 2011 us=884657 dh_file = '/etc/openvpn/easy-rsa/2.0/keys/dh1024.pem'
Fri May 27 12:18:35 2011 us=884671 cert_file = '/etc/openvpn/easy-rsa/2.0/keys/server.crt'
Fri May 27 12:18:35 2011 us=884685 priv_key_file = '/etc/openvpn/easy-rsa/2.0/keys/server.key'
Fri May 27 12:18:35 2011 us=884698 pkcs12_file = '[UNDEF]'
Fri May 27 12:18:35 2011 us=884711 cipher_list = '[UNDEF]'
Fri May 27 12:18:35 2011 us=884724 tls_verify = '[UNDEF]'
Fri May 27 12:18:35 2011 us=884737 tls_remote = '[UNDEF]'
Fri May 27 12:18:35 2011 us=884750 crl_file = '[UNDEF]'
Fri May 27 12:18:35 2011 us=884763 ns_cert_type = 0
Fri May 27 12:18:35 2011 us=884776 remote_cert_ku = 0
Fri May 27 12:18:35 2011 us=884788 remote_cert_ku = 0
Fri May 27 12:18:35 2011 us=884801 remote_cert_ku = 0
Fri May 27 12:18:35 2011 us=884814 remote_cert_ku = 0
Fri May 27 12:18:35 2011 us=884827 remote_cert_ku = 0
Fri May 27 12:18:35 2011 us=884840 remote_cert_ku = 0
Fri May 27 12:18:35 2011 us=884852 remote_cert_ku = 0
Fri May 27 12:18:35 2011 us=884865 remote_cert_ku = 0
Fri May 27 12:18:35 2011 us=884878 remote_cert_ku = 0
Fri May 27 12:18:35 2011 us=884897 remote_cert_ku = 0
Fri May 27 12:18:35 2011 us=884910 remote_cert_ku[i] = 0
Fri May 27 12:18:35 2011 us=884923 remote_cert_ku[i] = 0
Fri May 27 12:18:35 2011 us=884936 remote_cert_ku[i] = 0
Fri May 27 12:18:35 2011 us=884949 remote_cert_ku[i] = 0
Fri May 27 12:18:35 2011 us=884961 remote_cert_ku[i] = 0
Fri May 27 12:18:35 2011 us=884974 remote_cert_ku[i] = 0
Fri May 27 12:18:35 2011 us=884987 remote_cert_eku = '[UNDEF]'
Fri May 27 12:18:35 2011 us=885000 tls_timeout = 2
Fri May 27 12:18:35 2011 us=885013 renegotiate_bytes = 0
Fri May 27 12:18:35 2011 us=885026 renegotiate_packets = 0
Fri May 27 12:18:35 2011 us=885039 renegotiate_seconds = 3600
Fri May 27 12:18:35 2011 us=885051 handshake_window = 60
Fri May 27 12:18:35 2011 us=885064 transition_window = 3600
Fri May 27 12:18:35 2011 us=885077 single_session = DISABLED
Fri May 27 12:18:35 2011 us=885090 tls_exit = DISABLED
Fri May 27 12:18:35 2011 us=885103 tls_auth_file = '[UNDEF]'
Fri May 27 12:18:35 2011 us=885116 pkcs11_protected_authentication = DISABLED
Fri May 27 12:18:35 2011 us=885129 pkcs11_protected_authentication = DISABLED
Fri May 27 12:18:35 2011 us=885142 pkcs11_protected_authentication = DISABLED
Fri May 27 12:18:35 2011 us=885155 pkcs11_protected_authentication = DISABLED
Fri May 27 12:18:35 2011 us=885168 pkcs11_protected_authentication = DISABLED
Fri May 27 12:18:35 2011 us=885181 pkcs11_protected_authentication = DISABLED
Fri May 27 12:18:35 2011 us=885194 pkcs11_protected_authentication = DISABLED
Fri May 27 12:18:35 2011 us=885207 pkcs11_protected_authentication = DISABLED
Fri May 27 12:18:35 2011 us=885220 pkcs11_protected_authentication = DISABLED
Fri May 27 12:18:35 2011 us=885237 pkcs11_protected_authentication = DISABLED
Fri May 27 12:18:35 2011 us=885250 pkcs11_protected_authentication = DISABLED
Fri May 27 12:18:35 2011 us=885263 pkcs11_protected_authentication = DISABLED
Fri May 27 12:18:35 2011 us=885276 pkcs11_protected_authentication = DISABLED
Fri May 27 12:18:35 2011 us=885289 pkcs11_protected_authentication = DISABLED
Fri May 27 12:18:35 2011 us=885301 pkcs11_protected_authentication = DISABLED
Fri May 27 12:18:35 2011 us=885314 pkcs11_protected_authentication = DISABLED
Fri May 27 12:18:35 2011 us=885328 pkcs11_private_mode = 00000000
Fri May 27 12:18:35 2011 us=885341 pkcs11_private_mode = 00000000
Fri May 27 12:18:35 2011 us=885354 pkcs11_private_mode = 00000000
Fri May 27 12:18:35 2011 us=885367 pkcs11_private_mode = 00000000
Fri May 27 12:18:35 2011 us=885380 pkcs11_private_mode = 00000000
Fri May 27 12:18:35 2011 us=885393 pkcs11_private_mode = 00000000
Fri May 27 12:18:35 2011 us=885406 pkcs11_private_mode = 00000000
Fri May 27 12:18:35 2011 us=885419 pkcs11_private_mode = 00000000
Fri May 27 12:18:35 2011 us=885432 pkcs11_private_mode = 00000000
Fri May 27 12:18:35 2011 us=885445 pkcs11_private_mode = 00000000
Fri May 27 12:18:35 2011 us=885464 pkcs11_private_mode = 00000000
Fri May 27 12:18:35 2011 us=885477 pkcs11_private_mode = 00000000
Fri May 27 12:18:35 2011 us=885490 pkcs11_private_mode = 00000000
Fri May 27 12:18:35 2011 us=885503 pkcs11_private_mode = 00000000
Fri May 27 12:18:35 2011 us=885516 pkcs11_private_mode = 00000000
Fri May 27 12:18:35 2011 us=885529 pkcs11_private_mode = 00000000
Fri May 27 12:18:35 2011 us=885542 pkcs11_cert_private = DISABLED
Fri May 27 12:18:35 2011 us=885554 pkcs11_cert_private = DISABLED
Fri May 27 12:18:35 2011 us=885569 pkcs11_cert_private = DISABLED
Fri May 27 12:18:35 2011 us=885582 pkcs11_cert_private = DISABLED
Fri May 27 12:18:35 2011 us=885595 pkcs11_cert_private = DISABLED
Fri May 27 12:18:35 2011 us=885607 pkcs11_cert_private = DISABLED
Fri May 27 12:18:35 2011 us=885620 pkcs11_cert_private = DISABLED
Fri May 27 12:18:35 2011 us=885633 pkcs11_cert_private = DISABLED
Fri May 27 12:18:35 2011 us=885646 pkcs11_cert_private = DISABLED
Fri May 27 12:18:35 2011 us=885659 pkcs11_cert_private = DISABLED
Fri May 27 12:18:35 2011 us=885672 pkcs11_cert_private = DISABLED
Fri May 27 12:18:35 2011 us=885685 pkcs11_cert_private = DISABLED
Fri May 27 12:18:35 2011 us=885698 pkcs11_cert_private = DISABLED
Fri May 27 12:18:35 2011 us=885710 pkcs11_cert_private = DISABLED
Fri May 27 12:18:35 2011 us=885723 pkcs11_cert_private = DISABLED
Fri May 27 12:18:35 2011 us=885736 pkcs11_cert_private = DISABLED
Fri May 27 12:18:35 2011 us=885749 pkcs11_pin_cache_period = -1
Fri May 27 12:18:35 2011 us=885762 pkcs11_id = '[UNDEF]'
Fri May 27 12:18:35 2011 us=885775 pkcs11_id_management = DISABLED
Fri May 27 12:18:35 2011 us=885790 server_network = 10.8.0.0
Fri May 27 12:18:35 2011 us=885804 server_netmask = 255.255.255.0
Fri May 27 12:18:35 2011 us=885818 server_bridge_ip = 0.0.0.0
Fri May 27 12:18:35 2011 us=885831 server_bridge_netmask = 0.0.0.0
Fri May 27 12:18:35 2011 us=885845 server_bridge_pool_start = 0.0.0.0
Fri May 27 12:18:35 2011 us=885859 server_bridge_pool_end = 0.0.0.0
Fri May 27 12:18:35 2011 us=885872 push_entry = 'route 192.168.1.0 255.255.255.0'
Fri May 27 12:18:35 2011 us=885885 push_entry = 'route 10.8.0.0 255.255.255.0'
Fri May 27 12:18:35 2011 us=885898 push_entry = 'topology net30'
Fri May 27 12:18:35 2011 us=885911 push_entry = 'ping 10'
Fri May 27 12:18:35 2011 us=885924 push_entry = 'ping-restart 120'
Fri May 27 12:18:35 2011 us=885937 ifconfig_pool_defined = ENABLED
Fri May 27 12:18:35 2011 us=885951 ifconfig_pool_start = 10.8.0.4
Fri May 27 12:18:35 2011 us=885965 ifconfig_pool_end = 10.8.0.251
Fri May 27 12:18:35 2011 us=885979 ifconfig_pool_netmask = 0.0.0.0
Fri May 27 12:18:35 2011 us=885992 ifconfig_pool_persist_filename = 'ipp.txt'
Fri May 27 12:18:35 2011 us=886005 ifconfig_pool_persist_refresh_freq = 600
Fri May 27 12:18:35 2011 us=886018 n_bcast_buf = 256
Fri May 27 12:18:35 2011 us=886030 tcp_queue_limit = 64
Fri May 27 12:18:35 2011 us=886043 real_hash_size = 256
Fri May 27 12:18:35 2011 us=886056 virtual_hash_size = 256
Fri May 27 12:18:35 2011 us=886069 client_connect_script = '[UNDEF]'
Fri May 27 12:18:35 2011 us=886082 learn_address_script = '[UNDEF]'
Fri May 27 12:18:35 2011 us=886095 client_disconnect_script = '[UNDEF]'
Fri May 27 12:18:35 2011 us=886108 client_config_dir = 'ccd'
Fri May 27 12:18:35 2011 us=886121 ccd_exclusive = DISABLED
Fri May 27 12:18:35 2011 us=886134 tmp_dir = '[UNDEF]'
Fri May 27 12:18:35 2011 us=886147 push_ifconfig_defined = DISABLED
Fri May 27 12:18:35 2011 us=886161 push_ifconfig_local = 0.0.0.0
Fri May 27 12:18:35 2011 us=886175 push_ifconfig_remote_netmask = 0.0.0.0
Fri May 27 12:18:35 2011 us=886187 enable_c2c = ENABLED
Fri May 27 12:18:35 2011 us=886200 duplicate_cn = DISABLED
Fri May 27 12:18:35 2011 us=886214 cf_max = 0
Fri May 27 12:18:35 2011 us=886226 cf_per = 0
Fri May 27 12:18:35 2011 us=886240 max_clients = 1024
Fri May 27 12:18:35 2011 us=886253 max_routes_per_client = 256
Fri May 27 12:18:35 2011 us=886276 auth_user_pass_verify_script = '[UNDEF]'
Fri May 27 12:18:35 2011 us=886290 auth_user_pass_verify_script_via_file = DISABLED
Fri May 27 12:18:35 2011 us=886304 ssl_flags = 0
Fri May 27 12:18:35 2011 us=886316 port_share_host = '[UNDEF]'
Fri May 27 12:18:35 2011 us=886329 port_share_port = 0
Fri May 27 12:18:35 2011 us=886342 client = DISABLED
Fri May 27 12:18:35 2011 us=886355 pull = DISABLED
Fri May 27 12:18:35 2011 us=886368 auth_user_pass_file = '[UNDEF]'
Fri May 27 12:18:35 2011 us=886387 OpenVPN 2.1.0 x86_64-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [MH] [PF_INET6] [eurephia] built on Jul 12 2010
Fri May 27 12:18:35 2011 us=886737 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Fri May 27 12:18:35 2011 us=889212 Diffie-Hellman initialized with 1024 bit key
Fri May 27 12:18:35 2011 us=889847 /usr/bin/openssl-vulnkey -q -b 1024 -m <modulus omitted>
Fri May 27 12:18:35 2011 us=996181 TLS-Auth MTU parms [ L:1541 D:138 EF:38 EB:0 ET:0 EL:0 ]
Fri May 27 12:18:35 2011 us=996461 ROUTE default_gateway=10.100.0.1
Fri May 27 12:18:35 2011 us=998616 TUN/TAP device tun0 opened
Fri May 27 12:18:35 2011 us=998659 TUN/TAP TX queue length set to 100
Fri May 27 12:18:35 2011 us=998696 /sbin/ifconfig tun0 10.8.0.1 pointopoint 10.8.0.2 mtu 1500
Fri May 27 12:18:36 2011 us=2965 /sbin/route add -net 192.168.2.0 netmask 255.255.255.0 gw 10.8.0.2
Fri May 27 12:18:36 2011 us=7474 /sbin/route add -net 10.8.0.0 netmask 255.255.255.0 gw 10.8.0.2
Fri May 27 12:18:36 2011 us=9306 Data Channel MTU parms [ L:1541 D:1450 EF:41 EB:4 ET:0 EL:0 ]
Fri May 27 12:18:36 2011 us=11272 GID set to nogroup
Fri May 27 12:18:36 2011 us=11380 UID set to nobody
Fri May 27 12:18:36 2011 us=11429 Socket Buffers: R=[126976->131072] S=[126976->131072]
Fri May 27 12:18:36 2011 us=11459 UDPv4 link local (bound): [undef]
Fri May 27 12:18:36 2011 us=11473 UDPv4 link remote: [undef]
Fri May 27 12:18:36 2011 us=11501 MULTI: multi_init called, r=256 v=256
Fri May 27 12:18:36 2011 us=11632 IFCONFIG POOL: base=10.8.0.4 size=62
Fri May 27 12:18:36 2011 us=11693 IFCONFIG POOL LIST
Fri May 27 12:18:36 2011 us=11714 client,10.8.0.4
Fri May 27 12:18:36 2011 us=11760 Initialization Sequence Completed
Fri May 27 12:18:41 2011 us=784685 MULTI: multi_create_instance called
Fri May 27 12:18:41 2011 us=784740 a.b.c.d:49789 Re-using SSL/TLS context
Fri May 27 12:18:41 2011 us=785124 a.b.c.d:49789 Control Channel MTU parms [ L:1541 D:138 EF:38 EB:0 ET:0 EL:0 ]
Fri May 27 12:18:41 2011 us=785145 a.b.c.d:49789 Data Channel MTU parms [ L:1541 D:1450 EF:41 EB:4 ET:0 EL:0 ]
Fri May 27 12:18:41 2011 us=785217 a.b.c.d:49789 Local Options String: 'V4,dev-type tun,link-mtu 1541,tun-mtu 1500,proto UDPv4,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Fri May 27 12:18:41 2011 us=785237 a.b.c.d:49789 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1541,tun-mtu 1500,proto UDPv4,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Fri May 27 12:18:41 2011 us=785276 a.b.c.d:49789 Local Options hash (VER=V4): '239669a8'
Fri May 27 12:18:41 2011 us=785294 a.b.c.d:49789 Expected Remote Options hash (VER=V4): '3514370b'
RFri May 27 12:18:41 2011 us=785376 a.b.c.d:49789 TLS: Initial packet from [AF_INET]a.b.c.d:49789, sid=cac6d2bb 125b0766
WRRWWWWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRRRRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRFri May 27 12:18:41 2011 us=803853 a.b.c.d:49789 VERIFY OK: depth=1, /C=RS/ST=RS/L=Belgrade/O=org/OU=IT/CN=org_CA/emailAddress=boban.petrovic@org.rs
Fri May 27 12:18:41 2011 us=804001 10.100.0.5:49789 VERIFY OK: depth=0, /C=RS/ST=RS/L=Belgrade/O=org/OU=IT/CN=client/emailAddress=boban.petrovic@org.rs
WRWRWRWWWWRWRWRWRWRWRWRWRWRWRRRRWRWRWRFri May 27 12:18:41 2011 us=809441 a.b.c.d:49789 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Fri May 27 12:18:41 2011 us=809464 a.b.c.d:49789 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri May 27 12:18:41 2011 us=809535 a.b.c.d:49789 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Fri May 27 12:18:41 2011 us=809551 a.b.c.d:49789 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
WWWRRRFri May 27 12:18:41 2011 us=811194 a.b.c.d:49789 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Fri May 27 12:18:41 2011 us=811221 a.b.c.d:49789 [client] Peer Connection Initiated with [AF_INET]a.b.c.d:49789
Fri May 27 12:18:41 2011 us=811297 client/a.b.c.d:49789 MULTI: Learn: 10.8.0.6 -> client/a.b.c.d:49789
Fri May 27 12:18:41 2011 us=811315 client/a.b.c.d:49789 MULTI: primary virtual IP for client/a.b.c.d:49789: 10.8.0.6
RFri May 27 12:18:44 2011 us=175095 client/a.b.c.d:49789 PUSH: Received control message: 'PUSH_REQUEST'
Fri May 27 12:18:44 2011 us=175174 client/a.b.c.d:49789 SENT CONTROL [client]: 'PUSH_REPLY,route 192.168.1.0 255.255.255.0,route 10.8.0.0 255.255.255.0,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' (status=1)
Well, now I guess that I didn't make mistake with a ccd name.
-
janjust
- Forum Team
- Posts: 2703
- Joined: Fri Aug 20, 2010 2:57 pm
- Location: Amsterdam
- Contact:
Re: Routing problem from client's LAN
the name of the CCD file is correct , but perhaps the server is not picking up the client-config-dir itself.
Try
* using an absolute path for the 'client-config-dir'
* increasing verbosity to 7 ; the server log will now show a test when it tries to read the ccd file
Try
* using an absolute path for the 'client-config-dir'
* increasing verbosity to 7 ; the server log will now show a test when it tries to read the ccd file
-
boban
- OpenVpn Newbie
- Posts: 6
- Joined: Wed May 25, 2011 10:22 am
Re: Routing problem from client's LAN
That's it! Thank you ver much for effort! 
So, for all, always use absolute paths in config files!
So, for all, always use absolute paths in config files!
-
maikcat
- Forum Team
- Posts: 4200
- Joined: Wed Jan 12, 2011 9:23 am
- Location: Athens,Greece
- Contact:
Re: Routing problem from client's LAN
hi there,
ok then
closing topic
Michael.
ok then
closing topic
Michael.
Amiga 500 , Zx +2 owner
Long live Dino Dini (Kick off 2 Creator)
Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)
"objects in mirror are losing"
Long live Dino Dini (Kick off 2 Creator)
Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)
"objects in mirror are losing"