Hello,
I have a problem with a client on windows 7.
My current vpn server is configured not to allow client-to-client and is a machine with Debian Linux. The access between clients are done using FORWARD rules in kernel.
My problem is fallowing:
From linux and windows XP clients I am able to access the other clients. From Windows 7 I am not able to access other clients only the server machine.
For example, Windows 7 is 10.0.0.2, a other client is 10.0.0.3. I am not able to ping 10.0.0.3, only 10.0.0.1 (witch is the server).
I made some packages investigation and I found that windows 7, when I try to ping 10.0.0.3 is send ARP packages requests (witch is wrong...because the client is not accessible using mac address). The strange think is in routing tables in windows 7:
On vpn route I have at gatway: "On-Link". On microsoft site I found that this mean that all traffic is done directly using mac address...and will not send packages to VPN gateway.
How to avoid this? I want that all my pings to be routed on gateway (10.200.0.1)
Thanks for help
P.S. I hope that I was clear...my english is not very good.
OpenVPN client on Windows 7
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
-
Mimiko
- Forum Team
- Posts: 1564
- Joined: Wed Sep 22, 2010 3:18 am
Re: OpenVPN client on Windows 7
On windows 7 you have to run OpenVPN with elevated privileges.
-
bolovan
- OpenVpn Newbie
- Posts: 4
- Joined: Sat Nov 26, 2011 8:46 pm
Re: OpenVPN client on Windows 7
Yes, I know this. And is run as administrator. It's able to add routes, but routes are wrong (in my case...).
I's relatively simple, I have two routes:
1) Network destination 10.0.0.0, Netmask 255.255.255.0, Gateway: 10.0.0.1
2) Network destination 10.0.0.0, Netmask 255.255.255.0, Gateway: "On-Link".
The problem is with second route. The second route means that access to any IP in range 10.0.0.0/24 is done directly...and the rest is done using 10.0.0.1.
I need to avoid adding on clients the second route. I need that the client to access 10.0.0.4 for example, using the gateway 10.0.0.1.
I's relatively simple, I have two routes:
1) Network destination 10.0.0.0, Netmask 255.255.255.0, Gateway: 10.0.0.1
2) Network destination 10.0.0.0, Netmask 255.255.255.0, Gateway: "On-Link".
The problem is with second route. The second route means that access to any IP in range 10.0.0.0/24 is done directly...and the rest is done using 10.0.0.1.
I need to avoid adding on clients the second route. I need that the client to access 10.0.0.4 for example, using the gateway 10.0.0.1.
-
Mimiko
- Forum Team
- Posts: 1564
- Joined: Wed Sep 22, 2010 3:18 am
Re: OpenVPN client on Windows 7
Show config files and logs.
-
bolovan
- OpenVpn Newbie
- Posts: 4
- Joined: Sat Nov 26, 2011 8:46 pm
Re: OpenVPN client on Windows 7
Sorry, I can't find how to attache the files... there are the config and log files.
Server config:
;local a.b.c.d
port 1194
proto udp
dev tap
;dev tun
;dev-node MyTap
ca ca.crt
cert server.crt
key server.key # This file should be kept secret
dh dh1024.pem
server 10.200.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
;server-bridge 10.8.0.4 255.255.255.0 10.8.0.50 10.8.0.100
;server-bridge
push "route 10.200.0.0 255.255.255.0"
;push "route 192.168.20.0 255.255.255.0"
client-config-dir /etc/openvpn/ccd
;route 192.168.40.128 255.255.255.248
;push "route 10.8.0.1 255.255.255.0"
;client-config-dir ccd
;route 10.9.0.0 255.255.255.252
;learn-address ./script
;push "redirect-gateway def1 bypass-dhcp"
;push "dhcp-option DNS 208.67.222.222"
;push "dhcp-option DNS 208.67.220.220"
;client-to-client
;duplicate-cn
keepalive 10 120
;tls-auth ta.key 0 # This file is secret
;cipher BF-CBC # Blowfish (default)
;cipher AES-128-CBC # AES
;cipher DES-EDE3-CBC # Triple-DES
#comp-lzo
;max-clients 100
;user nobody
;group nogroup
persist-key
persist-tun
status openvpn-status.log 5
status-version 2
;log openvpn.log
;log-append openvpn.log
verb 3
;mute 20
client config:
client
dev tap
;dev tun
;dev-node MyTap
;proto tcp-client
proto udp
remote my-server-2 1194
;remote my-server-2 1194
;remote-random
resolv-retry infinite
nobind
;user nobody
;group nogroup
persist-key
persist-tun
;http-proxy-retry # retry on connection failures
;http-proxy [proxy server] [proxy port #]
;mute-replay-warnings
ca ca.crt
cert client.crt
key client.key
ns-cert-type server
;tls-auth ta.key 1
;cipher x
;comp-lzo
verb 5
;mute 20
Client log:
Sun Nov 27 10:37:45 2011 us=78000 Current Parameter Settings:
Sun Nov 27 10:37:45 2011 us=78000 config = 'client.ovpn'
Sun Nov 27 10:37:45 2011 us=78000 mode = 0
Sun Nov 27 10:37:45 2011 us=78000 show_ciphers = DISABLED
Sun Nov 27 10:37:45 2011 us=78000 show_digests = DISABLED
Sun Nov 27 10:37:45 2011 us=78000 show_engines = DISABLED
Sun Nov 27 10:37:45 2011 us=78000 genkey = DISABLED
Sun Nov 27 10:37:45 2011 us=78000 key_pass_file = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=78000 show_tls_ciphers = DISABLED
Sun Nov 27 10:37:45 2011 us=78000 Connection profiles [default]:
Sun Nov 27 10:37:45 2011 us=78000 proto = udp
Sun Nov 27 10:37:45 2011 us=78000 local = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=78000 local_port = 0
Sun Nov 27 10:37:45 2011 us=78000 remote = '194.20.143.32'
Sun Nov 27 10:37:45 2011 us=78000 remote_port = 1194
Sun Nov 27 10:37:45 2011 us=78000 remote_float = DISABLED
Sun Nov 27 10:37:45 2011 us=78000 bind_defined = DISABLED
Sun Nov 27 10:37:45 2011 us=78000 bind_local = DISABLED
Sun Nov 27 10:37:45 2011 us=78000 connect_retry_seconds = 5
Sun Nov 27 10:37:45 2011 us=78000 connect_timeout = 10
Sun Nov 27 10:37:45 2011 us=78000 connect_retry_max = 0
Sun Nov 27 10:37:45 2011 us=78000 socks_proxy_server = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=78000 socks_proxy_port = 0
Sun Nov 27 10:37:45 2011 us=78000 socks_proxy_retry = DISABLED
Sun Nov 27 10:37:45 2011 us=78000 Connection profiles END
Sun Nov 27 10:37:45 2011 us=78000 remote_random = DISABLED
Sun Nov 27 10:37:45 2011 us=78000 ipchange = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=78000 dev = 'tap'
Sun Nov 27 10:37:45 2011 us=78000 dev_type = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=78000 dev_node = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=78000 lladdr = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=78000 topology = 1
Sun Nov 27 10:37:45 2011 us=78000 tun_ipv6 = DISABLED
Sun Nov 27 10:37:45 2011 us=78000 ifconfig_local = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=78000 ifconfig_remote_netmask = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=78000 ifconfig_noexec = DISABLED
Sun Nov 27 10:37:45 2011 us=78000 ifconfig_nowarn = DISABLED
Sun Nov 27 10:37:45 2011 us=78000 shaper = 0
Sun Nov 27 10:37:45 2011 us=78000 tun_mtu = 1500
Sun Nov 27 10:37:45 2011 us=78000 tun_mtu_defined = ENABLED
Sun Nov 27 10:37:45 2011 us=78000 link_mtu = 1500
Sun Nov 27 10:37:45 2011 us=78000 link_mtu_defined = DISABLED
Sun Nov 27 10:37:45 2011 us=78000 tun_mtu_extra = 32
Sun Nov 27 10:37:45 2011 us=78000 tun_mtu_extra_defined = ENABLED
Sun Nov 27 10:37:45 2011 us=78000 fragment = 0
Sun Nov 27 10:37:45 2011 us=78000 mtu_discover_type = -1
Sun Nov 27 10:37:45 2011 us=78000 mtu_test = 0
Sun Nov 27 10:37:45 2011 us=78000 mlock = DISABLED
Sun Nov 27 10:37:45 2011 us=78000 keepalive_ping = 0
Sun Nov 27 10:37:45 2011 us=78000 keepalive_timeout = 0
Sun Nov 27 10:37:45 2011 us=78000 inactivity_timeout = 0
Sun Nov 27 10:37:45 2011 us=78000 ping_send_timeout = 0
Sun Nov 27 10:37:45 2011 us=78000 ping_rec_timeout = 0
Sun Nov 27 10:37:45 2011 us=78000 ping_rec_timeout_action = 0
Sun Nov 27 10:37:45 2011 us=78000 ping_timer_remote = DISABLED
Sun Nov 27 10:37:45 2011 us=78000 remap_sigusr1 = 0
Sun Nov 27 10:37:45 2011 us=78000 explicit_exit_notification = 0
Sun Nov 27 10:37:45 2011 us=78000 persist_tun = ENABLED
Sun Nov 27 10:37:45 2011 us=78000 persist_local_ip = DISABLED
Sun Nov 27 10:37:45 2011 us=78000 persist_remote_ip = DISABLED
Sun Nov 27 10:37:45 2011 us=78000 persist_key = ENABLED
Sun Nov 27 10:37:45 2011 us=78000 mssfix = 1450
Sun Nov 27 10:37:45 2011 us=78000 resolve_retry_seconds = 1000000000
Sun Nov 27 10:37:45 2011 us=78000 username = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=78000 groupname = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=78000 chroot_dir = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=78000 cd_dir = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=78000 writepid = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=78000 up_script = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=78000 down_script = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=390000 down_pre = DISABLED
Sun Nov 27 10:37:45 2011 us=390000 up_restart = DISABLED
Sun Nov 27 10:37:45 2011 us=390000 up_delay = DISABLED
Sun Nov 27 10:37:45 2011 us=390000 daemon = DISABLED
Sun Nov 27 10:37:45 2011 us=390000 inetd = 0
Sun Nov 27 10:37:45 2011 us=390000 log = DISABLED
Sun Nov 27 10:37:45 2011 us=390000 suppress_timestamps = DISABLED
Sun Nov 27 10:37:45 2011 us=390000 nice = 0
Sun Nov 27 10:37:45 2011 us=390000 verbosity = 5
Sun Nov 27 10:37:45 2011 us=390000 mute = 0
Sun Nov 27 10:37:45 2011 us=390000 gremlin = 0
Sun Nov 27 10:37:45 2011 us=390000 status_file = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=390000 status_file_version = 1
Sun Nov 27 10:37:45 2011 us=390000 status_file_update_freq = 60
Sun Nov 27 10:37:45 2011 us=390000 occ = ENABLED
Sun Nov 27 10:37:45 2011 us=390000 rcvbuf = 0
Sun Nov 27 10:37:45 2011 us=390000 sndbuf = 0
Sun Nov 27 10:37:45 2011 us=390000 sockflags = 0
Sun Nov 27 10:37:45 2011 us=437000 fast_io = DISABLED
Sun Nov 27 10:37:45 2011 us=437000 lzo = 0
Sun Nov 27 10:37:45 2011 us=437000 route_script = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=437000 route_default_gateway = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=437000 route_default_metric = 0
Sun Nov 27 10:37:45 2011 us=437000 route_noexec = DISABLED
Sun Nov 27 10:37:45 2011 us=437000 route_delay = 5
Sun Nov 27 10:37:45 2011 us=437000 route_delay_window = 30
Sun Nov 27 10:37:45 2011 us=437000 route_delay_defined = ENABLED
Sun Nov 27 10:37:45 2011 us=437000 route_nopull = DISABLED
Sun Nov 27 10:37:45 2011 us=437000 route_gateway_via_dhcp = DISABLED
Sun Nov 27 10:37:45 2011 us=437000 max_routes = 100
Sun Nov 27 10:37:45 2011 us=437000 allow_pull_fqdn = DISABLED
Sun Nov 27 10:37:45 2011 us=437000 management_addr = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=437000 management_port = 0
Sun Nov 27 10:37:45 2011 us=437000 management_user_pass = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=515000 management_log_history_cache = 250
Sun Nov 27 10:37:45 2011 us=515000 management_echo_buffer_size = 100
Sun Nov 27 10:37:45 2011 us=515000 management_write_peer_info_file = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=515000 management_client_user = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=515000 management_client_group = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=515000 management_flags = 0
Sun Nov 27 10:37:45 2011 us=515000 shared_secret_file = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=515000 key_direction = 0
Sun Nov 27 10:37:45 2011 us=515000 ciphername_defined = ENABLED
Sun Nov 27 10:37:45 2011 us=515000 ciphername = 'BF-CBC'
Sun Nov 27 10:37:45 2011 us=515000 authname_defined = ENABLED
Sun Nov 27 10:37:45 2011 us=515000 authname = 'SHA1'
Sun Nov 27 10:37:45 2011 us=515000 prng_hash = 'SHA1'
Sun Nov 27 10:37:45 2011 us=515000 prng_nonce_secret_len = 16
Sun Nov 27 10:37:45 2011 us=515000 keysize = 0
Sun Nov 27 10:37:45 2011 us=515000 engine = DISABLED
Sun Nov 27 10:37:45 2011 us=625000 replay = ENABLED
Sun Nov 27 10:37:45 2011 us=625000 mute_replay_warnings = DISABLED
Sun Nov 27 10:37:45 2011 us=625000 replay_window = 64
Sun Nov 27 10:37:45 2011 us=625000 replay_time = 15
Sun Nov 27 10:37:45 2011 us=625000 packet_id_file = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=625000 use_iv = ENABLED
Sun Nov 27 10:37:45 2011 us=625000 test_crypto = DISABLED
Sun Nov 27 10:37:45 2011 us=625000 tls_server = DISABLED
Sun Nov 27 10:37:45 2011 us=625000 tls_client = ENABLED
Sun Nov 27 10:37:45 2011 us=625000 key_method = 2
Sun Nov 27 10:37:45 2011 us=625000 ca_file = 'ca.crt'
Sun Nov 27 10:37:45 2011 us=625000 ca_path = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=625000 dh_file = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=625000 cert_file = 'rusa.crt'
Sun Nov 27 10:37:45 2011 us=625000 priv_key_file = 'rusa.key'
Sun Nov 27 10:37:45 2011 us=625000 pkcs12_file = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=671000 cryptoapi_cert = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=671000 cipher_list = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=671000 tls_verify = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=671000 tls_export_cert = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=671000 tls_remote = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=671000 crl_file = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=671000 ns_cert_type = 64
Sun Nov 27 10:37:45 2011 us=671000 remote_cert_ku = 0
Sun Nov 27 10:37:45 2011 us=671000 remote_cert_ku = 0
Sun Nov 27 10:37:45 2011 us=671000 remote_cert_ku = 0
Sun Nov 27 10:37:45 2011 us=671000 remote_cert_ku = 0
Sun Nov 27 10:37:45 2011 us=671000 remote_cert_ku = 0
Sun Nov 27 10:37:45 2011 us=671000 remote_cert_ku = 0
Sun Nov 27 10:37:45 2011 us=671000 remote_cert_ku = 0
Sun Nov 27 10:37:45 2011 us=671000 remote_cert_ku = 0
Sun Nov 27 10:37:45 2011 us=671000 remote_cert_ku = 0
Sun Nov 27 10:37:45 2011 us=781000 remote_cert_ku = 0
Sun Nov 27 10:37:45 2011 us=781000 remote_cert_ku[i] = 0
Sun Nov 27 10:37:45 2011 us=781000 remote_cert_ku[i] = 0
Sun Nov 27 10:37:45 2011 us=781000 remote_cert_ku[i] = 0
Sun Nov 27 10:37:45 2011 us=781000 remote_cert_ku[i] = 0
Sun Nov 27 10:37:45 2011 us=781000 remote_cert_ku[i] = 0
Sun Nov 27 10:37:45 2011 us=781000 remote_cert_ku[i] = 0
Sun Nov 27 10:37:45 2011 us=781000 remote_cert_eku = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=781000 tls_timeout = 2
Sun Nov 27 10:37:45 2011 us=781000 renegotiate_bytes = 0
Sun Nov 27 10:37:45 2011 us=781000 renegotiate_packets = 0
Sun Nov 27 10:37:45 2011 us=781000 renegotiate_seconds = 3600
Sun Nov 27 10:37:45 2011 us=781000 handshake_window = 60
Sun Nov 27 10:37:45 2011 us=781000 transition_window = 3600
Sun Nov 27 10:37:45 2011 us=781000 single_session = DISABLED
Sun Nov 27 10:37:45 2011 us=781000 push_peer_info = DISABLED
Sun Nov 27 10:37:45 2011 us=781000 tls_exit = DISABLED
Sun Nov 27 10:37:45 2011 us=890000 tls_auth_file = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=890000 server_network = 0.0.0.0
Sun Nov 27 10:37:45 2011 us=890000 server_netmask = 0.0.0.0
Sun Nov 27 10:37:45 2011 us=890000 server_bridge_ip = 0.0.0.0
Sun Nov 27 10:37:45 2011 us=890000 server_bridge_netmask = 0.0.0.0
Sun Nov 27 10:37:45 2011 us=890000 server_bridge_pool_start = 0.0.0.0
Sun Nov 27 10:37:45 2011 us=890000 server_bridge_pool_end = 0.0.0.0
Sun Nov 27 10:37:45 2011 us=890000 ifconfig_pool_defined = DISABLED
Sun Nov 27 10:37:45 2011 us=890000 ifconfig_pool_start = 0.0.0.0
Sun Nov 27 10:37:45 2011 us=890000 ifconfig_pool_end = 0.0.0.0
Sun Nov 27 10:37:45 2011 us=890000 ifconfig_pool_netmask = 0.0.0.0
Sun Nov 27 10:37:45 2011 us=890000 ifconfig_pool_persist_filename = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=890000 ifconfig_pool_persist_refresh_freq = 600
Sun Nov 27 10:37:45 2011 us=890000 n_bcast_buf = 256
Sun Nov 27 10:37:45 2011 us=890000 tcp_queue_limit = 64
Sun Nov 27 10:37:45 2011 us=968000 real_hash_size = 256
Sun Nov 27 10:37:45 2011 us=968000 virtual_hash_size = 256
Sun Nov 27 10:37:45 2011 us=968000 client_connect_script = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=968000 learn_address_script = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=968000 client_disconnect_script = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=968000 client_config_dir = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=968000 ccd_exclusive = DISABLED
Sun Nov 27 10:37:45 2011 us=968000 tmp_dir = 'C:\Users\Ionica\AppData\Local\Temp\'
Sun Nov 27 10:37:45 2011 us=968000 push_ifconfig_defined = DISABLED
Sun Nov 27 10:37:45 2011 us=968000 push_ifconfig_local = 0.0.0.0
Sun Nov 27 10:37:45 2011 us=968000 push_ifconfig_remote_netmask = 0.0.0.0
Sun Nov 27 10:37:45 2011 us=968000 enable_c2c = DISABLED
Sun Nov 27 10:37:45 2011 us=968000 duplicate_cn = DISABLED
Sun Nov 27 10:37:45 2011 us=968000 cf_max = 0
Sun Nov 27 10:37:45 2011 us=968000 cf_per = 0
Sun Nov 27 10:37:46 2011 us=31000 max_clients = 1024
Sun Nov 27 10:37:46 2011 us=31000 max_routes_per_client = 256
Sun Nov 27 10:37:46 2011 us=31000 auth_user_pass_verify_script = '[UNDEF]'
Sun Nov 27 10:37:46 2011 us=31000 auth_user_pass_verify_script_via_file = DISABLED
Sun Nov 27 10:37:46 2011 us=31000 ssl_flags = 0
Sun Nov 27 10:37:46 2011 us=31000 client = ENABLED
Sun Nov 27 10:37:46 2011 us=31000 pull = ENABLED
Sun Nov 27 10:37:46 2011 us=31000 auth_user_pass_file = '[UNDEF]'
Sun Nov 27 10:37:46 2011 us=31000 show_net_up = DISABLED
Sun Nov 27 10:37:46 2011 us=31000 route_method = 0
Sun Nov 27 10:37:46 2011 us=31000 ip_win32_defined = DISABLED
Sun Nov 27 10:37:46 2011 us=31000 ip_win32_type = 3
Sun Nov 27 10:37:46 2011 us=31000 dhcp_masq_offset = 0
Sun Nov 27 10:37:46 2011 us=31000 dhcp_lease_time = 31536000
Sun Nov 27 10:37:46 2011 us=31000 tap_sleep = 0
Sun Nov 27 10:37:46 2011 us=31000 dhcp_options = DISABLED
Sun Nov 27 10:37:46 2011 us=93000 dhcp_renew = DISABLED
Sun Nov 27 10:37:46 2011 us=93000 dhcp_pre_release = DISABLED
Sun Nov 27 10:37:46 2011 us=93000 dhcp_release = DISABLED
Sun Nov 27 10:37:46 2011 us=93000 domain = '[UNDEF]'
Sun Nov 27 10:37:46 2011 us=93000 netbios_scope = '[UNDEF]'
Sun Nov 27 10:37:46 2011 us=93000 netbios_node_type = 0
Sun Nov 27 10:37:46 2011 us=93000 disable_nbt = DISABLED
Sun Nov 27 10:37:46 2011 us=93000 OpenVPN 2.2.1 Win32-MSVC++ [SSL] [LZO2] built on Jul 1 2011
Sun Nov 27 10:37:46 2011 us=93000 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Sun Nov 27 10:37:48 2011 us=609000 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Sun Nov 27 10:37:48 2011 us=609000 Control Channel MTU parms [ L:1573 D:138 EF:38 EB:0 ET:0 EL:0 ]
Sun Nov 27 10:37:48 2011 us=625000 Socket Buffers: R=[8192->8192] S=[8192->8192]
Sun Nov 27 10:37:48 2011 us=625000 Data Channel MTU parms [ L:1573 D:1450 EF:41 EB:4 ET:32 EL:0 ]
Sun Nov 27 10:37:48 2011 us=625000 Local Options String: 'V4,dev-type tap,link-mtu 1573,tun-mtu 1532,proto UDPv4,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Sun Nov 27 10:37:48 2011 us=625000 Expected Remote Options String: 'V4,dev-type tap,link-mtu 1573,tun-mtu 1532,proto UDPv4,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Sun Nov 27 10:37:48 2011 us=625000 Local Options hash (VER=V4): '2c50bd2c'
Sun Nov 27 10:37:48 2011 us=625000 Expected Remote Options hash (VER=V4): '0ddbb6e3'
Sun Nov 27 10:37:48 2011 us=625000 UDPv4 link local: [undef]
Sun Nov 27 10:37:48 2011 us=625000 UDPv4 link remote: 194.20.143.32:1194
Sun Nov 27 10:37:48 2011 us=718000 TLS: Initial packet from 194.20.143.32:1194, sid=ea07a30c 0684891e
Sun Nov 27 10:37:49 2011 us=156000 VERIFY OK: depth=1, /C=IT/ST=TV/L=Vittorio_Veneto/O=provider/CN=provider_CA/emailAddress=email@address.com
Sun Nov 27 10:37:49 2011 us=171000 VERIFY OK: nsCertType=SERVER
Sun Nov 27 10:37:49 2011 us=171000 VERIFY OK: depth=0, /C=IT/ST=TV/L=Vittorio_Veneto/O=provider/CN=teleservice/emailAddress=email@address.com
Sun Nov 27 10:37:50 2011 us=125000 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sun Nov 27 10:37:50 2011 us=125000 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sun Nov 27 10:37:50 2011 us=125000 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sun Nov 27 10:37:50 2011 us=125000 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sun Nov 27 10:37:50 2011 us=125000 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Sun Nov 27 10:37:50 2011 us=125000 [teleservice] Peer Connection Initiated with 207.46.232.182:1194
Sun Nov 27 10:37:52 2011 us=625000 SENT CONTROL [teleservice]: 'PUSH_REQUEST' (status=1)
Sun Nov 27 10:37:52 2011 us=703000 PUSH: Received control message: 'PUSH_REPLY,route 10.200.0.0 255.255.255.0,route-gateway 10.200.0.1,ping 10,ping-restart 120,ifconfig 10.200.0.3 255.255.255.0'
Sun Nov 27 10:37:52 2011 us=703000 OPTIONS IMPORT: timers and/or timeouts modified
Sun Nov 27 10:37:52 2011 us=703000 OPTIONS IMPORT: --ifconfig/up options modified
Sun Nov 27 10:37:52 2011 us=703000 OPTIONS IMPORT: route options modified
Sun Nov 27 10:37:52 2011 us=703000 OPTIONS IMPORT: route-related options modified
Sun Nov 27 10:37:52 2011 us=734000 ROUTE default_gateway=192.168.0.1
Sun Nov 27 10:37:52 2011 us=734000 TAP-WIN32 device [Local Area Connection 2] opened: \\.\Global\{0100F117-7C3D-4843-BF6B-E574D27EF91B}.tap
Sun Nov 27 10:37:52 2011 us=734000 TAP-Win32 Driver Version 9.8
Sun Nov 27 10:37:52 2011 us=734000 TAP-Win32 MTU=1500
Sun Nov 27 10:37:52 2011 us=734000 Notified TAP-Win32 driver to set a DHCP IP/netmask of 10.200.0.3/255.255.255.0 on interface {0100F117-7C3D-4843-BF6B-E574D27EF91B} [DHCP-serv: 10.200.0.0, lease-time: 31536000]
Sun Nov 27 10:37:52 2011 us=734000 Successful ARP Flush on interface [14] {0100F117-7C3D-4843-BF6B-E574D27EF91B}
Sun Nov 27 10:37:57 2011 us=125000 TEST ROUTES: 1/1 succeeded len=1 ret=1 a=0 u/d=up
Sun Nov 27 10:37:57 2011 us=140000 C:\WINDOWS\system32\route.exe ADD 10.200.0.0 MASK 255.255.255.0 10.200.0.1
Sun Nov 27 10:37:57 2011 us=140000 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4
Sun Nov 27 10:37:57 2011 us=156000 Route addition via IPAPI succeeded [adaptive]
Sun Nov 27 10:37:57 2011 us=156000 Initialization Sequence Completed
Sun Nov 27 10:38:08 2011 us=953000 TCP/UDP: Closing socket
Sun Nov 27 10:38:08 2011 us=953000 C:\WINDOWS\system32\route.exe DELETE 10.200.0.0 MASK 255.255.255.0 10.200.0.1
Sun Nov 27 10:38:08 2011 us=968000 Route deletion via IPAPI succeeded [adaptive]
Sun Nov 27 10:38:08 2011 us=968000 Closing TUN/TAP interface
Sun Nov 27 10:38:08 2011 us=968000 SIGTERM[hard,] received, process exiting
Server config:
;local a.b.c.d
port 1194
proto udp
dev tap
;dev tun
;dev-node MyTap
ca ca.crt
cert server.crt
key server.key # This file should be kept secret
dh dh1024.pem
server 10.200.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
;server-bridge 10.8.0.4 255.255.255.0 10.8.0.50 10.8.0.100
;server-bridge
push "route 10.200.0.0 255.255.255.0"
;push "route 192.168.20.0 255.255.255.0"
client-config-dir /etc/openvpn/ccd
;route 192.168.40.128 255.255.255.248
;push "route 10.8.0.1 255.255.255.0"
;client-config-dir ccd
;route 10.9.0.0 255.255.255.252
;learn-address ./script
;push "redirect-gateway def1 bypass-dhcp"
;push "dhcp-option DNS 208.67.222.222"
;push "dhcp-option DNS 208.67.220.220"
;client-to-client
;duplicate-cn
keepalive 10 120
;tls-auth ta.key 0 # This file is secret
;cipher BF-CBC # Blowfish (default)
;cipher AES-128-CBC # AES
;cipher DES-EDE3-CBC # Triple-DES
#comp-lzo
;max-clients 100
;user nobody
;group nogroup
persist-key
persist-tun
status openvpn-status.log 5
status-version 2
;log openvpn.log
;log-append openvpn.log
verb 3
;mute 20
client config:
client
dev tap
;dev tun
;dev-node MyTap
;proto tcp-client
proto udp
remote my-server-2 1194
;remote my-server-2 1194
;remote-random
resolv-retry infinite
nobind
;user nobody
;group nogroup
persist-key
persist-tun
;http-proxy-retry # retry on connection failures
;http-proxy [proxy server] [proxy port #]
;mute-replay-warnings
ca ca.crt
cert client.crt
key client.key
ns-cert-type server
;tls-auth ta.key 1
;cipher x
;comp-lzo
verb 5
;mute 20
Client log:
Sun Nov 27 10:37:45 2011 us=78000 Current Parameter Settings:
Sun Nov 27 10:37:45 2011 us=78000 config = 'client.ovpn'
Sun Nov 27 10:37:45 2011 us=78000 mode = 0
Sun Nov 27 10:37:45 2011 us=78000 show_ciphers = DISABLED
Sun Nov 27 10:37:45 2011 us=78000 show_digests = DISABLED
Sun Nov 27 10:37:45 2011 us=78000 show_engines = DISABLED
Sun Nov 27 10:37:45 2011 us=78000 genkey = DISABLED
Sun Nov 27 10:37:45 2011 us=78000 key_pass_file = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=78000 show_tls_ciphers = DISABLED
Sun Nov 27 10:37:45 2011 us=78000 Connection profiles [default]:
Sun Nov 27 10:37:45 2011 us=78000 proto = udp
Sun Nov 27 10:37:45 2011 us=78000 local = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=78000 local_port = 0
Sun Nov 27 10:37:45 2011 us=78000 remote = '194.20.143.32'
Sun Nov 27 10:37:45 2011 us=78000 remote_port = 1194
Sun Nov 27 10:37:45 2011 us=78000 remote_float = DISABLED
Sun Nov 27 10:37:45 2011 us=78000 bind_defined = DISABLED
Sun Nov 27 10:37:45 2011 us=78000 bind_local = DISABLED
Sun Nov 27 10:37:45 2011 us=78000 connect_retry_seconds = 5
Sun Nov 27 10:37:45 2011 us=78000 connect_timeout = 10
Sun Nov 27 10:37:45 2011 us=78000 connect_retry_max = 0
Sun Nov 27 10:37:45 2011 us=78000 socks_proxy_server = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=78000 socks_proxy_port = 0
Sun Nov 27 10:37:45 2011 us=78000 socks_proxy_retry = DISABLED
Sun Nov 27 10:37:45 2011 us=78000 Connection profiles END
Sun Nov 27 10:37:45 2011 us=78000 remote_random = DISABLED
Sun Nov 27 10:37:45 2011 us=78000 ipchange = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=78000 dev = 'tap'
Sun Nov 27 10:37:45 2011 us=78000 dev_type = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=78000 dev_node = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=78000 lladdr = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=78000 topology = 1
Sun Nov 27 10:37:45 2011 us=78000 tun_ipv6 = DISABLED
Sun Nov 27 10:37:45 2011 us=78000 ifconfig_local = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=78000 ifconfig_remote_netmask = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=78000 ifconfig_noexec = DISABLED
Sun Nov 27 10:37:45 2011 us=78000 ifconfig_nowarn = DISABLED
Sun Nov 27 10:37:45 2011 us=78000 shaper = 0
Sun Nov 27 10:37:45 2011 us=78000 tun_mtu = 1500
Sun Nov 27 10:37:45 2011 us=78000 tun_mtu_defined = ENABLED
Sun Nov 27 10:37:45 2011 us=78000 link_mtu = 1500
Sun Nov 27 10:37:45 2011 us=78000 link_mtu_defined = DISABLED
Sun Nov 27 10:37:45 2011 us=78000 tun_mtu_extra = 32
Sun Nov 27 10:37:45 2011 us=78000 tun_mtu_extra_defined = ENABLED
Sun Nov 27 10:37:45 2011 us=78000 fragment = 0
Sun Nov 27 10:37:45 2011 us=78000 mtu_discover_type = -1
Sun Nov 27 10:37:45 2011 us=78000 mtu_test = 0
Sun Nov 27 10:37:45 2011 us=78000 mlock = DISABLED
Sun Nov 27 10:37:45 2011 us=78000 keepalive_ping = 0
Sun Nov 27 10:37:45 2011 us=78000 keepalive_timeout = 0
Sun Nov 27 10:37:45 2011 us=78000 inactivity_timeout = 0
Sun Nov 27 10:37:45 2011 us=78000 ping_send_timeout = 0
Sun Nov 27 10:37:45 2011 us=78000 ping_rec_timeout = 0
Sun Nov 27 10:37:45 2011 us=78000 ping_rec_timeout_action = 0
Sun Nov 27 10:37:45 2011 us=78000 ping_timer_remote = DISABLED
Sun Nov 27 10:37:45 2011 us=78000 remap_sigusr1 = 0
Sun Nov 27 10:37:45 2011 us=78000 explicit_exit_notification = 0
Sun Nov 27 10:37:45 2011 us=78000 persist_tun = ENABLED
Sun Nov 27 10:37:45 2011 us=78000 persist_local_ip = DISABLED
Sun Nov 27 10:37:45 2011 us=78000 persist_remote_ip = DISABLED
Sun Nov 27 10:37:45 2011 us=78000 persist_key = ENABLED
Sun Nov 27 10:37:45 2011 us=78000 mssfix = 1450
Sun Nov 27 10:37:45 2011 us=78000 resolve_retry_seconds = 1000000000
Sun Nov 27 10:37:45 2011 us=78000 username = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=78000 groupname = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=78000 chroot_dir = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=78000 cd_dir = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=78000 writepid = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=78000 up_script = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=78000 down_script = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=390000 down_pre = DISABLED
Sun Nov 27 10:37:45 2011 us=390000 up_restart = DISABLED
Sun Nov 27 10:37:45 2011 us=390000 up_delay = DISABLED
Sun Nov 27 10:37:45 2011 us=390000 daemon = DISABLED
Sun Nov 27 10:37:45 2011 us=390000 inetd = 0
Sun Nov 27 10:37:45 2011 us=390000 log = DISABLED
Sun Nov 27 10:37:45 2011 us=390000 suppress_timestamps = DISABLED
Sun Nov 27 10:37:45 2011 us=390000 nice = 0
Sun Nov 27 10:37:45 2011 us=390000 verbosity = 5
Sun Nov 27 10:37:45 2011 us=390000 mute = 0
Sun Nov 27 10:37:45 2011 us=390000 gremlin = 0
Sun Nov 27 10:37:45 2011 us=390000 status_file = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=390000 status_file_version = 1
Sun Nov 27 10:37:45 2011 us=390000 status_file_update_freq = 60
Sun Nov 27 10:37:45 2011 us=390000 occ = ENABLED
Sun Nov 27 10:37:45 2011 us=390000 rcvbuf = 0
Sun Nov 27 10:37:45 2011 us=390000 sndbuf = 0
Sun Nov 27 10:37:45 2011 us=390000 sockflags = 0
Sun Nov 27 10:37:45 2011 us=437000 fast_io = DISABLED
Sun Nov 27 10:37:45 2011 us=437000 lzo = 0
Sun Nov 27 10:37:45 2011 us=437000 route_script = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=437000 route_default_gateway = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=437000 route_default_metric = 0
Sun Nov 27 10:37:45 2011 us=437000 route_noexec = DISABLED
Sun Nov 27 10:37:45 2011 us=437000 route_delay = 5
Sun Nov 27 10:37:45 2011 us=437000 route_delay_window = 30
Sun Nov 27 10:37:45 2011 us=437000 route_delay_defined = ENABLED
Sun Nov 27 10:37:45 2011 us=437000 route_nopull = DISABLED
Sun Nov 27 10:37:45 2011 us=437000 route_gateway_via_dhcp = DISABLED
Sun Nov 27 10:37:45 2011 us=437000 max_routes = 100
Sun Nov 27 10:37:45 2011 us=437000 allow_pull_fqdn = DISABLED
Sun Nov 27 10:37:45 2011 us=437000 management_addr = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=437000 management_port = 0
Sun Nov 27 10:37:45 2011 us=437000 management_user_pass = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=515000 management_log_history_cache = 250
Sun Nov 27 10:37:45 2011 us=515000 management_echo_buffer_size = 100
Sun Nov 27 10:37:45 2011 us=515000 management_write_peer_info_file = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=515000 management_client_user = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=515000 management_client_group = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=515000 management_flags = 0
Sun Nov 27 10:37:45 2011 us=515000 shared_secret_file = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=515000 key_direction = 0
Sun Nov 27 10:37:45 2011 us=515000 ciphername_defined = ENABLED
Sun Nov 27 10:37:45 2011 us=515000 ciphername = 'BF-CBC'
Sun Nov 27 10:37:45 2011 us=515000 authname_defined = ENABLED
Sun Nov 27 10:37:45 2011 us=515000 authname = 'SHA1'
Sun Nov 27 10:37:45 2011 us=515000 prng_hash = 'SHA1'
Sun Nov 27 10:37:45 2011 us=515000 prng_nonce_secret_len = 16
Sun Nov 27 10:37:45 2011 us=515000 keysize = 0
Sun Nov 27 10:37:45 2011 us=515000 engine = DISABLED
Sun Nov 27 10:37:45 2011 us=625000 replay = ENABLED
Sun Nov 27 10:37:45 2011 us=625000 mute_replay_warnings = DISABLED
Sun Nov 27 10:37:45 2011 us=625000 replay_window = 64
Sun Nov 27 10:37:45 2011 us=625000 replay_time = 15
Sun Nov 27 10:37:45 2011 us=625000 packet_id_file = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=625000 use_iv = ENABLED
Sun Nov 27 10:37:45 2011 us=625000 test_crypto = DISABLED
Sun Nov 27 10:37:45 2011 us=625000 tls_server = DISABLED
Sun Nov 27 10:37:45 2011 us=625000 tls_client = ENABLED
Sun Nov 27 10:37:45 2011 us=625000 key_method = 2
Sun Nov 27 10:37:45 2011 us=625000 ca_file = 'ca.crt'
Sun Nov 27 10:37:45 2011 us=625000 ca_path = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=625000 dh_file = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=625000 cert_file = 'rusa.crt'
Sun Nov 27 10:37:45 2011 us=625000 priv_key_file = 'rusa.key'
Sun Nov 27 10:37:45 2011 us=625000 pkcs12_file = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=671000 cryptoapi_cert = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=671000 cipher_list = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=671000 tls_verify = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=671000 tls_export_cert = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=671000 tls_remote = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=671000 crl_file = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=671000 ns_cert_type = 64
Sun Nov 27 10:37:45 2011 us=671000 remote_cert_ku = 0
Sun Nov 27 10:37:45 2011 us=671000 remote_cert_ku = 0
Sun Nov 27 10:37:45 2011 us=671000 remote_cert_ku = 0
Sun Nov 27 10:37:45 2011 us=671000 remote_cert_ku = 0
Sun Nov 27 10:37:45 2011 us=671000 remote_cert_ku = 0
Sun Nov 27 10:37:45 2011 us=671000 remote_cert_ku = 0
Sun Nov 27 10:37:45 2011 us=671000 remote_cert_ku = 0
Sun Nov 27 10:37:45 2011 us=671000 remote_cert_ku = 0
Sun Nov 27 10:37:45 2011 us=671000 remote_cert_ku = 0
Sun Nov 27 10:37:45 2011 us=781000 remote_cert_ku = 0
Sun Nov 27 10:37:45 2011 us=781000 remote_cert_ku[i] = 0
Sun Nov 27 10:37:45 2011 us=781000 remote_cert_ku[i] = 0
Sun Nov 27 10:37:45 2011 us=781000 remote_cert_ku[i] = 0
Sun Nov 27 10:37:45 2011 us=781000 remote_cert_ku[i] = 0
Sun Nov 27 10:37:45 2011 us=781000 remote_cert_ku[i] = 0
Sun Nov 27 10:37:45 2011 us=781000 remote_cert_ku[i] = 0
Sun Nov 27 10:37:45 2011 us=781000 remote_cert_eku = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=781000 tls_timeout = 2
Sun Nov 27 10:37:45 2011 us=781000 renegotiate_bytes = 0
Sun Nov 27 10:37:45 2011 us=781000 renegotiate_packets = 0
Sun Nov 27 10:37:45 2011 us=781000 renegotiate_seconds = 3600
Sun Nov 27 10:37:45 2011 us=781000 handshake_window = 60
Sun Nov 27 10:37:45 2011 us=781000 transition_window = 3600
Sun Nov 27 10:37:45 2011 us=781000 single_session = DISABLED
Sun Nov 27 10:37:45 2011 us=781000 push_peer_info = DISABLED
Sun Nov 27 10:37:45 2011 us=781000 tls_exit = DISABLED
Sun Nov 27 10:37:45 2011 us=890000 tls_auth_file = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=890000 server_network = 0.0.0.0
Sun Nov 27 10:37:45 2011 us=890000 server_netmask = 0.0.0.0
Sun Nov 27 10:37:45 2011 us=890000 server_bridge_ip = 0.0.0.0
Sun Nov 27 10:37:45 2011 us=890000 server_bridge_netmask = 0.0.0.0
Sun Nov 27 10:37:45 2011 us=890000 server_bridge_pool_start = 0.0.0.0
Sun Nov 27 10:37:45 2011 us=890000 server_bridge_pool_end = 0.0.0.0
Sun Nov 27 10:37:45 2011 us=890000 ifconfig_pool_defined = DISABLED
Sun Nov 27 10:37:45 2011 us=890000 ifconfig_pool_start = 0.0.0.0
Sun Nov 27 10:37:45 2011 us=890000 ifconfig_pool_end = 0.0.0.0
Sun Nov 27 10:37:45 2011 us=890000 ifconfig_pool_netmask = 0.0.0.0
Sun Nov 27 10:37:45 2011 us=890000 ifconfig_pool_persist_filename = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=890000 ifconfig_pool_persist_refresh_freq = 600
Sun Nov 27 10:37:45 2011 us=890000 n_bcast_buf = 256
Sun Nov 27 10:37:45 2011 us=890000 tcp_queue_limit = 64
Sun Nov 27 10:37:45 2011 us=968000 real_hash_size = 256
Sun Nov 27 10:37:45 2011 us=968000 virtual_hash_size = 256
Sun Nov 27 10:37:45 2011 us=968000 client_connect_script = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=968000 learn_address_script = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=968000 client_disconnect_script = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=968000 client_config_dir = '[UNDEF]'
Sun Nov 27 10:37:45 2011 us=968000 ccd_exclusive = DISABLED
Sun Nov 27 10:37:45 2011 us=968000 tmp_dir = 'C:\Users\Ionica\AppData\Local\Temp\'
Sun Nov 27 10:37:45 2011 us=968000 push_ifconfig_defined = DISABLED
Sun Nov 27 10:37:45 2011 us=968000 push_ifconfig_local = 0.0.0.0
Sun Nov 27 10:37:45 2011 us=968000 push_ifconfig_remote_netmask = 0.0.0.0
Sun Nov 27 10:37:45 2011 us=968000 enable_c2c = DISABLED
Sun Nov 27 10:37:45 2011 us=968000 duplicate_cn = DISABLED
Sun Nov 27 10:37:45 2011 us=968000 cf_max = 0
Sun Nov 27 10:37:45 2011 us=968000 cf_per = 0
Sun Nov 27 10:37:46 2011 us=31000 max_clients = 1024
Sun Nov 27 10:37:46 2011 us=31000 max_routes_per_client = 256
Sun Nov 27 10:37:46 2011 us=31000 auth_user_pass_verify_script = '[UNDEF]'
Sun Nov 27 10:37:46 2011 us=31000 auth_user_pass_verify_script_via_file = DISABLED
Sun Nov 27 10:37:46 2011 us=31000 ssl_flags = 0
Sun Nov 27 10:37:46 2011 us=31000 client = ENABLED
Sun Nov 27 10:37:46 2011 us=31000 pull = ENABLED
Sun Nov 27 10:37:46 2011 us=31000 auth_user_pass_file = '[UNDEF]'
Sun Nov 27 10:37:46 2011 us=31000 show_net_up = DISABLED
Sun Nov 27 10:37:46 2011 us=31000 route_method = 0
Sun Nov 27 10:37:46 2011 us=31000 ip_win32_defined = DISABLED
Sun Nov 27 10:37:46 2011 us=31000 ip_win32_type = 3
Sun Nov 27 10:37:46 2011 us=31000 dhcp_masq_offset = 0
Sun Nov 27 10:37:46 2011 us=31000 dhcp_lease_time = 31536000
Sun Nov 27 10:37:46 2011 us=31000 tap_sleep = 0
Sun Nov 27 10:37:46 2011 us=31000 dhcp_options = DISABLED
Sun Nov 27 10:37:46 2011 us=93000 dhcp_renew = DISABLED
Sun Nov 27 10:37:46 2011 us=93000 dhcp_pre_release = DISABLED
Sun Nov 27 10:37:46 2011 us=93000 dhcp_release = DISABLED
Sun Nov 27 10:37:46 2011 us=93000 domain = '[UNDEF]'
Sun Nov 27 10:37:46 2011 us=93000 netbios_scope = '[UNDEF]'
Sun Nov 27 10:37:46 2011 us=93000 netbios_node_type = 0
Sun Nov 27 10:37:46 2011 us=93000 disable_nbt = DISABLED
Sun Nov 27 10:37:46 2011 us=93000 OpenVPN 2.2.1 Win32-MSVC++ [SSL] [LZO2] built on Jul 1 2011
Sun Nov 27 10:37:46 2011 us=93000 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Sun Nov 27 10:37:48 2011 us=609000 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Sun Nov 27 10:37:48 2011 us=609000 Control Channel MTU parms [ L:1573 D:138 EF:38 EB:0 ET:0 EL:0 ]
Sun Nov 27 10:37:48 2011 us=625000 Socket Buffers: R=[8192->8192] S=[8192->8192]
Sun Nov 27 10:37:48 2011 us=625000 Data Channel MTU parms [ L:1573 D:1450 EF:41 EB:4 ET:32 EL:0 ]
Sun Nov 27 10:37:48 2011 us=625000 Local Options String: 'V4,dev-type tap,link-mtu 1573,tun-mtu 1532,proto UDPv4,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Sun Nov 27 10:37:48 2011 us=625000 Expected Remote Options String: 'V4,dev-type tap,link-mtu 1573,tun-mtu 1532,proto UDPv4,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Sun Nov 27 10:37:48 2011 us=625000 Local Options hash (VER=V4): '2c50bd2c'
Sun Nov 27 10:37:48 2011 us=625000 Expected Remote Options hash (VER=V4): '0ddbb6e3'
Sun Nov 27 10:37:48 2011 us=625000 UDPv4 link local: [undef]
Sun Nov 27 10:37:48 2011 us=625000 UDPv4 link remote: 194.20.143.32:1194
Sun Nov 27 10:37:48 2011 us=718000 TLS: Initial packet from 194.20.143.32:1194, sid=ea07a30c 0684891e
Sun Nov 27 10:37:49 2011 us=156000 VERIFY OK: depth=1, /C=IT/ST=TV/L=Vittorio_Veneto/O=provider/CN=provider_CA/emailAddress=email@address.com
Sun Nov 27 10:37:49 2011 us=171000 VERIFY OK: nsCertType=SERVER
Sun Nov 27 10:37:49 2011 us=171000 VERIFY OK: depth=0, /C=IT/ST=TV/L=Vittorio_Veneto/O=provider/CN=teleservice/emailAddress=email@address.com
Sun Nov 27 10:37:50 2011 us=125000 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sun Nov 27 10:37:50 2011 us=125000 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sun Nov 27 10:37:50 2011 us=125000 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sun Nov 27 10:37:50 2011 us=125000 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sun Nov 27 10:37:50 2011 us=125000 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Sun Nov 27 10:37:50 2011 us=125000 [teleservice] Peer Connection Initiated with 207.46.232.182:1194
Sun Nov 27 10:37:52 2011 us=625000 SENT CONTROL [teleservice]: 'PUSH_REQUEST' (status=1)
Sun Nov 27 10:37:52 2011 us=703000 PUSH: Received control message: 'PUSH_REPLY,route 10.200.0.0 255.255.255.0,route-gateway 10.200.0.1,ping 10,ping-restart 120,ifconfig 10.200.0.3 255.255.255.0'
Sun Nov 27 10:37:52 2011 us=703000 OPTIONS IMPORT: timers and/or timeouts modified
Sun Nov 27 10:37:52 2011 us=703000 OPTIONS IMPORT: --ifconfig/up options modified
Sun Nov 27 10:37:52 2011 us=703000 OPTIONS IMPORT: route options modified
Sun Nov 27 10:37:52 2011 us=703000 OPTIONS IMPORT: route-related options modified
Sun Nov 27 10:37:52 2011 us=734000 ROUTE default_gateway=192.168.0.1
Sun Nov 27 10:37:52 2011 us=734000 TAP-WIN32 device [Local Area Connection 2] opened: \\.\Global\{0100F117-7C3D-4843-BF6B-E574D27EF91B}.tap
Sun Nov 27 10:37:52 2011 us=734000 TAP-Win32 Driver Version 9.8
Sun Nov 27 10:37:52 2011 us=734000 TAP-Win32 MTU=1500
Sun Nov 27 10:37:52 2011 us=734000 Notified TAP-Win32 driver to set a DHCP IP/netmask of 10.200.0.3/255.255.255.0 on interface {0100F117-7C3D-4843-BF6B-E574D27EF91B} [DHCP-serv: 10.200.0.0, lease-time: 31536000]
Sun Nov 27 10:37:52 2011 us=734000 Successful ARP Flush on interface [14] {0100F117-7C3D-4843-BF6B-E574D27EF91B}
Sun Nov 27 10:37:57 2011 us=125000 TEST ROUTES: 1/1 succeeded len=1 ret=1 a=0 u/d=up
Sun Nov 27 10:37:57 2011 us=140000 C:\WINDOWS\system32\route.exe ADD 10.200.0.0 MASK 255.255.255.0 10.200.0.1
Sun Nov 27 10:37:57 2011 us=140000 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4
Sun Nov 27 10:37:57 2011 us=156000 Route addition via IPAPI succeeded [adaptive]
Sun Nov 27 10:37:57 2011 us=156000 Initialization Sequence Completed
Sun Nov 27 10:38:08 2011 us=953000 TCP/UDP: Closing socket
Sun Nov 27 10:38:08 2011 us=953000 C:\WINDOWS\system32\route.exe DELETE 10.200.0.0 MASK 255.255.255.0 10.200.0.1
Sun Nov 27 10:38:08 2011 us=968000 Route deletion via IPAPI succeeded [adaptive]
Sun Nov 27 10:38:08 2011 us=968000 Closing TUN/TAP interface
Sun Nov 27 10:38:08 2011 us=968000 SIGTERM[hard,] received, process exiting
-
Mimiko
- Forum Team
- Posts: 1564
- Joined: Wed Sep 22, 2010 3:18 am
Re: OpenVPN client on Windows 7
Remove this
from the server config.push "route 10.200.0.0 255.255.255.0"
-
bolovan
- OpenVpn Newbie
- Posts: 4
- Joined: Sat Nov 26, 2011 8:46 pm
Re: OpenVPN client on Windows 7
Mimiko
No effect. I have the same routes in windows 7
No effect. I have the same routes in windows 7
-
Mimiko
- Forum Team
- Posts: 1564
- Joined: Wed Sep 22, 2010 3:18 am
Re: OpenVPN client on Windows 7
and1) Network destination 10.0.0.0, Netmask 255.255.255.0, Gateway: 10.0.0.1
2) Network destination 10.0.0.0, Netmask 255.255.255.0, Gateway: "On-Link".
How you ended up putting different network? What you realy are using?push "route 10.200.0.0 255.255.255.0"
Is inconsistent of the configuration you showed. Are you using bridging?Sun Nov 27 10:37:52 2011 us=703000 PUSH: Received control message: 'PUSH_REPLY,route 10.200.0.0 255.255.255.0,route-gateway 10.200.0.1,ping 10,ping-restart 120,ifconfig 10.200.0.3 255.255.255.0'