local printers disabled when connected -- how to fix this?

[eteam]

What settings changes are needed to enable local printers to be used when connected in OpenVPN?
When connected, my local ethernet-connected printers are 'off-line' and have resisted all of my efforts to re-enable them. The only action which works, so far, is to dis-connect.

My local network is 192.168.1.xxx.

I am an experienced Windows user, but I am NOT at all experienced or knowledgeable in VPN details. I am a user, not a wizard.

Thanks, in advance, for your help.

-- Bob Elkind

[maikcat]

post your configs used,

Michael.

[eteam]

Here are my config settings:

Code: Select all

client
dev tun
proto tcp
remote pdx.opalkelly.com 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client-bobelkind.crt
key client-bobelkind.key
ns-cert-type server
cipher AES-128-CBC
comp-lzo
verb 4

[maikcat]

server config?

Michael.

[eteam]

I'm not sure I have access to the server config settings.
I installed the OpenVPN client, and I am networking to a remote site.
Are the server config settings stored or copied on my local system?

Thanks for your help...

-- Bob Elkind

[maikcat]

Are the server config settings stored or copied on my local system?

nope,

can you post your client logs?

Michael.

[eteam]

Client log attached or appended --

Code: Select all

Fri Nov 21 10:52:40 2014 us=402423 Current Parameter Settings:
Fri Nov 21 10:52:40 2014 us=403423   config = 'client-bobelkind.ovpn'
Fri Nov 21 10:52:40 2014 us=403423   mode = 0
Fri Nov 21 10:52:40 2014 us=403423   show_ciphers = DISABLED
Fri Nov 21 10:52:40 2014 us=403423   show_digests = DISABLED
Fri Nov 21 10:52:40 2014 us=403423   show_engines = DISABLED
Fri Nov 21 10:52:40 2014 us=403423   genkey = DISABLED
Fri Nov 21 10:52:40 2014 us=403423   key_pass_file = '[UNDEF]'
Fri Nov 21 10:52:40 2014 us=403423   show_tls_ciphers = DISABLED
Fri Nov 21 10:52:40 2014 us=403423 Connection profiles [default]:
Fri Nov 21 10:52:40 2014 us=403423   proto = tcp-client
Fri Nov 21 10:52:40 2014 us=403423   local = '[UNDEF]'
Fri Nov 21 10:52:40 2014 us=403423   local_port = 0
Fri Nov 21 10:52:40 2014 us=403423   remote = 'pdx.opalkelly.com'
Fri Nov 21 10:52:40 2014 us=403423   remote_port = 1194
Fri Nov 21 10:52:40 2014 us=403423   remote_float = DISABLED
Fri Nov 21 10:52:40 2014 us=403423   bind_defined = DISABLED
Fri Nov 21 10:52:40 2014 us=403423   bind_local = DISABLED
Fri Nov 21 10:52:40 2014 us=403423   connect_retry_seconds = 5
Fri Nov 21 10:52:40 2014 us=403423   connect_timeout = 10
Fri Nov 21 10:52:40 2014 us=403423   connect_retry_max = 0
Fri Nov 21 10:52:40 2014 us=403423   socks_proxy_server = '[UNDEF]'
Fri Nov 21 10:52:40 2014 us=403423   socks_proxy_port = 0
Fri Nov 21 10:52:40 2014 us=403423   socks_proxy_retry = DISABLED
Fri Nov 21 10:52:40 2014 us=403423   tun_mtu = 1500
Fri Nov 21 10:52:40 2014 us=403423   tun_mtu_defined = ENABLED
Fri Nov 21 10:52:40 2014 us=403423   link_mtu = 1500
Fri Nov 21 10:52:40 2014 us=403423   link_mtu_defined = DISABLED
Fri Nov 21 10:52:40 2014 us=403423   tun_mtu_extra = 0
Fri Nov 21 10:52:40 2014 us=403423   tun_mtu_extra_defined = DISABLED
Fri Nov 21 10:52:40 2014 us=403423   mtu_discover_type = -1
Fri Nov 21 10:52:40 2014 us=403423   fragment = 0
Fri Nov 21 10:52:40 2014 us=403423   mssfix = 1450
Fri Nov 21 10:52:40 2014 us=403423   explicit_exit_notification = 0
Fri Nov 21 10:52:40 2014 us=403423 Connection profiles END
Fri Nov 21 10:52:40 2014 us=403423   remote_random = DISABLED
Fri Nov 21 10:52:40 2014 us=403423   ipchange = '[UNDEF]'
Fri Nov 21 10:52:40 2014 us=403423   dev = 'tun'
Fri Nov 21 10:52:40 2014 us=403423   dev_type = '[UNDEF]'
Fri Nov 21 10:52:40 2014 us=403423   dev_node = '[UNDEF]'
Fri Nov 21 10:52:40 2014 us=403423   lladdr = '[UNDEF]'
Fri Nov 21 10:52:40 2014 us=403423   topology = 1
Fri Nov 21 10:52:40 2014 us=403423   tun_ipv6 = DISABLED
Fri Nov 21 10:52:40 2014 us=403423   ifconfig_local = '[UNDEF]'
Fri Nov 21 10:52:40 2014 us=403423   ifconfig_remote_netmask = '[UNDEF]'
Fri Nov 21 10:52:40 2014 us=403423   ifconfig_noexec = DISABLED
Fri Nov 21 10:52:40 2014 us=403423   ifconfig_nowarn = DISABLED
Fri Nov 21 10:52:40 2014 us=403423   ifconfig_ipv6_local = '[UNDEF]'
Fri Nov 21 10:52:40 2014 us=403423   ifconfig_ipv6_netbits = 0
Fri Nov 21 10:52:40 2014 us=403423   ifconfig_ipv6_remote = '[UNDEF]'
Fri Nov 21 10:52:40 2014 us=403423   shaper = 0
Fri Nov 21 10:52:40 2014 us=403423   mtu_test = 0
Fri Nov 21 10:52:40 2014 us=403423   mlock = DISABLED
Fri Nov 21 10:52:40 2014 us=403423   keepalive_ping = 0
Fri Nov 21 10:52:40 2014 us=403423   keepalive_timeout = 0
Fri Nov 21 10:52:40 2014 us=403423   inactivity_timeout = 0
Fri Nov 21 10:52:40 2014 us=403423   ping_send_timeout = 0
Fri Nov 21 10:52:40 2014 us=403423   ping_rec_timeout = 0
Fri Nov 21 10:52:40 2014 us=403423   ping_rec_timeout_action = 0
Fri Nov 21 10:52:40 2014 us=403423   ping_timer_remote = DISABLED
Fri Nov 21 10:52:40 2014 us=403423   remap_sigusr1 = 0
Fri Nov 21 10:52:40 2014 us=403423   persist_tun = ENABLED
Fri Nov 21 10:52:40 2014 us=403423   persist_local_ip = DISABLED
Fri Nov 21 10:52:40 2014 us=403423   persist_remote_ip = DISABLED
Fri Nov 21 10:52:40 2014 us=403423   persist_key = ENABLED
Fri Nov 21 10:52:40 2014 us=403423   passtos = DISABLED
Fri Nov 21 10:52:40 2014 us=403423   resolve_retry_seconds = 1000000000
Fri Nov 21 10:52:40 2014 us=403423   username = '[UNDEF]'
Fri Nov 21 10:52:40 2014 us=403423   groupname = '[UNDEF]'
Fri Nov 21 10:52:40 2014 us=403423   chroot_dir = '[UNDEF]'
Fri Nov 21 10:52:40 2014 us=403423   cd_dir = '[UNDEF]'
Fri Nov 21 10:52:40 2014 us=403423   writepid = '[UNDEF]'
Fri Nov 21 10:52:40 2014 us=403423   up_script = '[UNDEF]'
Fri Nov 21 10:52:40 2014 us=403423   down_script = '[UNDEF]'
Fri Nov 21 10:52:40 2014 us=403423   down_pre = DISABLED
Fri Nov 21 10:52:40 2014 us=403423   up_restart = DISABLED
Fri Nov 21 10:52:40 2014 us=403423   up_delay = DISABLED
Fri Nov 21 10:52:40 2014 us=403423   daemon = DISABLED
Fri Nov 21 10:52:40 2014 us=403423   inetd = 0
Fri Nov 21 10:52:40 2014 us=403423   log = ENABLED
Fri Nov 21 10:52:40 2014 us=403423   suppress_timestamps = DISABLED
Fri Nov 21 10:52:40 2014 us=403423   nice = 0
Fri Nov 21 10:52:40 2014 us=403423   verbosity = 4
Fri Nov 21 10:52:40 2014 us=403423   mute = 0
Fri Nov 21 10:52:40 2014 us=403423   status_file = '[UNDEF]'
Fri Nov 21 10:52:40 2014 us=403423   status_file_version = 1
Fri Nov 21 10:52:40 2014 us=403423   status_file_update_freq = 60
Fri Nov 21 10:52:40 2014 us=403423   occ = ENABLED
Fri Nov 21 10:52:40 2014 us=403423   rcvbuf = 0
Fri Nov 21 10:52:40 2014 us=403423   sndbuf = 0
Fri Nov 21 10:52:40 2014 us=403423   sockflags = 0
Fri Nov 21 10:52:40 2014 us=403423   fast_io = DISABLED
Fri Nov 21 10:52:40 2014 us=403423   lzo = 7
Fri Nov 21 10:52:40 2014 us=403423   route_script = '[UNDEF]'
Fri Nov 21 10:52:40 2014 us=403423   route_default_gateway = '[UNDEF]'
Fri Nov 21 10:52:40 2014 us=403423   route_default_metric = 0
Fri Nov 21 10:52:40 2014 us=403423   route_noexec = DISABLED
Fri Nov 21 10:52:40 2014 us=403423   route_delay = 5
Fri Nov 21 10:52:40 2014 us=403423   route_delay_window = 30
Fri Nov 21 10:52:40 2014 us=403423   route_delay_defined = ENABLED
Fri Nov 21 10:52:40 2014 us=403423   route_nopull = DISABLED
Fri Nov 21 10:52:40 2014 us=403423   route_gateway_via_dhcp = DISABLED
Fri Nov 21 10:52:40 2014 us=403423   max_routes = 100
Fri Nov 21 10:52:40 2014 us=403423   allow_pull_fqdn = DISABLED
Fri Nov 21 10:52:40 2014 us=403423   management_addr = '127.0.0.1'
Fri Nov 21 10:52:40 2014 us=403423   management_port = 25341
Fri Nov 21 10:52:40 2014 us=403423   management_user_pass = 'stdin'
Fri Nov 21 10:52:40 2014 us=403423   management_log_history_cache = 250
Fri Nov 21 10:52:40 2014 us=403423   management_echo_buffer_size = 100
Fri Nov 21 10:52:40 2014 us=403423   management_write_peer_info_file = '[UNDEF]'
Fri Nov 21 10:52:40 2014 us=403423   management_client_user = '[UNDEF]'
Fri Nov 21 10:52:40 2014 us=403423   management_client_group = '[UNDEF]'
Fri Nov 21 10:52:40 2014 us=403423   management_flags = 6
Fri Nov 21 10:52:40 2014 us=403423   shared_secret_file = '[UNDEF]'
Fri Nov 21 10:52:40 2014 us=403423   key_direction = 0
Fri Nov 21 10:52:40 2014 us=403423   ciphername_defined = ENABLED
Fri Nov 21 10:52:40 2014 us=403423   ciphername = 'AES-128-CBC'
Fri Nov 21 10:52:40 2014 us=403423   authname_defined = ENABLED
Fri Nov 21 10:52:40 2014 us=403423   authname = 'SHA1'
Fri Nov 21 10:52:40 2014 us=403423   prng_hash = 'SHA1'
Fri Nov 21 10:52:40 2014 us=403423   prng_nonce_secret_len = 16
Fri Nov 21 10:52:40 2014 us=403423   keysize = 0
Fri Nov 21 10:52:40 2014 us=403423   engine = DISABLED
Fri Nov 21 10:52:40 2014 us=403423   replay = ENABLED
Fri Nov 21 10:52:40 2014 us=403423   mute_replay_warnings = DISABLED
Fri Nov 21 10:52:40 2014 us=404423   replay_window = 64
Fri Nov 21 10:52:40 2014 us=404423   replay_time = 15
Fri Nov 21 10:52:40 2014 us=404423   packet_id_file = '[UNDEF]'
Fri Nov 21 10:52:40 2014 us=404423   use_iv = ENABLED
Fri Nov 21 10:52:40 2014 us=404423   test_crypto = DISABLED
Fri Nov 21 10:52:40 2014 us=404423   tls_server = DISABLED
Fri Nov 21 10:52:40 2014 us=404423   tls_client = ENABLED
Fri Nov 21 10:52:40 2014 us=404423   key_method = 2
Fri Nov 21 10:52:40 2014 us=404423   ca_file = 'ca.crt'
Fri Nov 21 10:52:40 2014 us=404423   ca_path = '[UNDEF]'
Fri Nov 21 10:52:40 2014 us=404423   dh_file = '[UNDEF]'
Fri Nov 21 10:52:40 2014 us=404423   cert_file = 'client-bobelkind.crt'
Fri Nov 21 10:52:40 2014 us=404423   priv_key_file = 'client-bobelkind.key'
Fri Nov 21 10:52:40 2014 us=404423   pkcs12_file = '[UNDEF]'
Fri Nov 21 10:52:40 2014 us=404423   cryptoapi_cert = '[UNDEF]'
Fri Nov 21 10:52:40 2014 us=404423   cipher_list = '[UNDEF]'
Fri Nov 21 10:52:40 2014 us=404423   tls_verify = '[UNDEF]'
Fri Nov 21 10:52:40 2014 us=404423   tls_export_cert = '[UNDEF]'
Fri Nov 21 10:52:40 2014 us=404423   verify_x509_type = 0
Fri Nov 21 10:52:40 2014 us=404423   verify_x509_name = '[UNDEF]'
Fri Nov 21 10:52:40 2014 us=404423   crl_file = '[UNDEF]'
Fri Nov 21 10:52:40 2014 us=404423   ns_cert_type = 1
Fri Nov 21 10:52:40 2014 us=404423   remote_cert_ku[i] = 0
Fri Nov 21 10:52:40 2014 us=404423   remote_cert_ku[i] = 0
Fri Nov 21 10:52:40 2014 us=404423   remote_cert_ku[i] = 0
Fri Nov 21 10:52:40 2014 us=404423   remote_cert_ku[i] = 0
Fri Nov 21 10:52:40 2014 us=404423   remote_cert_ku[i] = 0
Fri Nov 21 10:52:40 2014 us=404423   remote_cert_ku[i] = 0
Fri Nov 21 10:52:40 2014 us=404423   remote_cert_ku[i] = 0
Fri Nov 21 10:52:40 2014 us=404423   remote_cert_ku[i] = 0
Fri Nov 21 10:52:40 2014 us=404423   remote_cert_ku[i] = 0
Fri Nov 21 10:52:40 2014 us=404423   remote_cert_ku[i] = 0
Fri Nov 21 10:52:40 2014 us=404423   remote_cert_ku[i] = 0
Fri Nov 21 10:52:40 2014 us=404423   remote_cert_ku[i] = 0
Fri Nov 21 10:52:40 2014 us=404423   remote_cert_ku[i] = 0
Fri Nov 21 10:52:40 2014 us=404423   remote_cert_ku[i] = 0
Fri Nov 21 10:52:40 2014 us=404423   remote_cert_ku[i] = 0
Fri Nov 21 10:52:40 2014 us=404423   remote_cert_ku[i] = 0
Fri Nov 21 10:52:40 2014 us=404423   remote_cert_eku = '[UNDEF]'
Fri Nov 21 10:52:40 2014 us=404423   ssl_flags = 0
Fri Nov 21 10:52:40 2014 us=404423   tls_timeout = 2
Fri Nov 21 10:52:40 2014 us=404423   renegotiate_bytes = 0
Fri Nov 21 10:52:40 2014 us=404423   renegotiate_packets = 0
Fri Nov 21 10:52:40 2014 us=404423   renegotiate_seconds = 3600
Fri Nov 21 10:52:40 2014 us=404423   handshake_window = 60
Fri Nov 21 10:52:40 2014 us=404423   transition_window = 3600
Fri Nov 21 10:52:40 2014 us=404423   single_session = DISABLED
Fri Nov 21 10:52:40 2014 us=404423   push_peer_info = DISABLED
Fri Nov 21 10:52:40 2014 us=404423   tls_exit = DISABLED
Fri Nov 21 10:52:40 2014 us=404423   tls_auth_file = '[UNDEF]'
Fri Nov 21 10:52:40 2014 us=404423   pkcs11_protected_authentication = DISABLED
Fri Nov 21 10:52:40 2014 us=404423   pkcs11_protected_authentication = DISABLED
Fri Nov 21 10:52:40 2014 us=404423   pkcs11_protected_authentication = DISABLED
Fri Nov 21 10:52:40 2014 us=404423   pkcs11_protected_authentication = DISABLED
Fri Nov 21 10:52:40 2014 us=404423   pkcs11_protected_authentication = DISABLED
Fri Nov 21 10:52:40 2014 us=404423   pkcs11_protected_authentication = DISABLED
Fri Nov 21 10:52:40 2014 us=404423   pkcs11_protected_authentication = DISABLED
Fri Nov 21 10:52:40 2014 us=404423   pkcs11_protected_authentication = DISABLED
Fri Nov 21 10:52:40 2014 us=404423   pkcs11_protected_authentication = DISABLED
Fri Nov 21 10:52:40 2014 us=404423   pkcs11_protected_authentication = DISABLED
Fri Nov 21 10:52:40 2014 us=404423   pkcs11_protected_authentication = DISABLED
Fri Nov 21 10:52:40 2014 us=404423   pkcs11_protected_authentication = DISABLED
Fri Nov 21 10:52:40 2014 us=404423   pkcs11_protected_authentication = DISABLED
Fri Nov 21 10:52:40 2014 us=404423   pkcs11_protected_authentication = DISABLED
Fri Nov 21 10:52:40 2014 us=404423   pkcs11_protected_authentication = DISABLED
Fri Nov 21 10:52:40 2014 us=404423   pkcs11_protected_authentication = DISABLED
Fri Nov 21 10:52:40 2014 us=404423   pkcs11_private_mode = 00000000
Fri Nov 21 10:52:40 2014 us=404423   pkcs11_private_mode = 00000000
Fri Nov 21 10:52:40 2014 us=404423   pkcs11_private_mode = 00000000
Fri Nov 21 10:52:40 2014 us=404423   pkcs11_private_mode = 00000000
Fri Nov 21 10:52:40 2014 us=404423   pkcs11_private_mode = 00000000
Fri Nov 21 10:52:40 2014 us=404423   pkcs11_private_mode = 00000000
Fri Nov 21 10:52:40 2014 us=404423   pkcs11_private_mode = 00000000
Fri Nov 21 10:52:40 2014 us=404423   pkcs11_private_mode = 00000000
Fri Nov 21 10:52:40 2014 us=404423   pkcs11_private_mode = 00000000
Fri Nov 21 10:52:40 2014 us=404423   pkcs11_private_mode = 00000000
Fri Nov 21 10:52:40 2014 us=404423   pkcs11_private_mode = 00000000
Fri Nov 21 10:52:40 2014 us=404423   pkcs11_private_mode = 00000000
Fri Nov 21 10:52:40 2014 us=404423   pkcs11_private_mode = 00000000
Fri Nov 21 10:52:40 2014 us=404423   pkcs11_private_mode = 00000000
Fri Nov 21 10:52:40 2014 us=404423   pkcs11_private_mode = 00000000
Fri Nov 21 10:52:40 2014 us=404423   pkcs11_private_mode = 00000000
Fri Nov 21 10:52:40 2014 us=404423   pkcs11_cert_private = DISABLED
Fri Nov 21 10:52:40 2014 us=404423   pkcs11_cert_private = DISABLED
Fri Nov 21 10:52:40 2014 us=404423   pkcs11_cert_private = DISABLED
Fri Nov 21 10:52:40 2014 us=404423   pkcs11_cert_private = DISABLED
Fri Nov 21 10:52:40 2014 us=404423   pkcs11_cert_private = DISABLED
Fri Nov 21 10:52:40 2014 us=404423   pkcs11_cert_private = DISABLED
Fri Nov 21 10:52:40 2014 us=404423   pkcs11_cert_private = DISABLED
Fri Nov 21 10:52:40 2014 us=404423   pkcs11_cert_private = DISABLED
Fri Nov 21 10:52:40 2014 us=404423   pkcs11_cert_private = DISABLED
Fri Nov 21 10:52:40 2014 us=404423   pkcs11_cert_private = DISABLED
Fri Nov 21 10:52:40 2014 us=404423   pkcs11_cert_private = DISABLED
Fri Nov 21 10:52:40 2014 us=404423   pkcs11_cert_private = DISABLED
Fri Nov 21 10:52:40 2014 us=404423   pkcs11_cert_private = DISABLED
Fri Nov 21 10:52:40 2014 us=404423   pkcs11_cert_private = DISABLED
Fri Nov 21 10:52:40 2014 us=404423   pkcs11_cert_private = DISABLED
Fri Nov 21 10:52:40 2014 us=404423   pkcs11_cert_private = DISABLED
Fri Nov 21 10:52:40 2014 us=404423   pkcs11_pin_cache_period = -1
Fri Nov 21 10:52:40 2014 us=404423   pkcs11_id = '[UNDEF]'
Fri Nov 21 10:52:40 2014 us=404423   pkcs11_id_management = DISABLED
Fri Nov 21 10:52:40 2014 us=404423   server_network = 0.0.0.0
Fri Nov 21 10:52:40 2014 us=404423   server_netmask = 0.0.0.0
Fri Nov 21 10:52:40 2014 us=405423   server_network_ipv6 = ::
Fri Nov 21 10:52:40 2014 us=405423   server_netbits_ipv6 = 0
Fri Nov 21 10:52:40 2014 us=405423   server_bridge_ip = 0.0.0.0
Fri Nov 21 10:52:40 2014 us=405423   server_bridge_netmask = 0.0.0.0
Fri Nov 21 10:52:40 2014 us=405423   server_bridge_pool_start = 0.0.0.0
Fri Nov 21 10:52:40 2014 us=405423   server_bridge_pool_end = 0.0.0.0
Fri Nov 21 10:52:40 2014 us=405423   ifconfig_pool_defined = DISABLED
Fri Nov 21 10:52:40 2014 us=405423   ifconfig_pool_start = 0.0.0.0
Fri Nov 21 10:52:40 2014 us=405423   ifconfig_pool_end = 0.0.0.0
Fri Nov 21 10:52:40 2014 us=405423   ifconfig_pool_netmask = 0.0.0.0
Fri Nov 21 10:52:40 2014 us=405423   ifconfig_pool_persist_filename = '[UNDEF]'
Fri Nov 21 10:52:40 2014 us=405423   ifconfig_pool_persist_refresh_freq = 600
Fri Nov 21 10:52:40 2014 us=405423   ifconfig_ipv6_pool_defined = DISABLED
Fri Nov 21 10:52:40 2014 us=405423   ifconfig_ipv6_pool_base = ::
Fri Nov 21 10:52:40 2014 us=405423   ifconfig_ipv6_pool_netbits = 0
Fri Nov 21 10:52:40 2014 us=405423   n_bcast_buf = 256
Fri Nov 21 10:52:40 2014 us=405423   tcp_queue_limit = 64
Fri Nov 21 10:52:40 2014 us=405423   real_hash_size = 256
Fri Nov 21 10:52:40 2014 us=405423   virtual_hash_size = 256
Fri Nov 21 10:52:40 2014 us=405423   client_connect_script = '[UNDEF]'
Fri Nov 21 10:52:40 2014 us=405423   learn_address_script = '[UNDEF]'
Fri Nov 21 10:52:40 2014 us=405423   client_disconnect_script = '[UNDEF]'
Fri Nov 21 10:52:40 2014 us=405423   client_config_dir = '[UNDEF]'
Fri Nov 21 10:52:40 2014 us=405423   ccd_exclusive = DISABLED
Fri Nov 21 10:52:40 2014 us=405423   tmp_dir = 'C:\Users\Dad\AppData\Local\Temp\'
Fri Nov 21 10:52:40 2014 us=405423   push_ifconfig_defined = DISABLED
Fri Nov 21 10:52:40 2014 us=405423   push_ifconfig_local = 0.0.0.0
Fri Nov 21 10:52:40 2014 us=405423   push_ifconfig_remote_netmask = 0.0.0.0
Fri Nov 21 10:52:40 2014 us=405423   push_ifconfig_ipv6_defined = DISABLED
Fri Nov 21 10:52:40 2014 us=405423   push_ifconfig_ipv6_local = ::/0
Fri Nov 21 10:52:40 2014 us=405423   push_ifconfig_ipv6_remote = ::
Fri Nov 21 10:52:40 2014 us=405423   enable_c2c = DISABLED
Fri Nov 21 10:52:40 2014 us=405423   duplicate_cn = DISABLED
Fri Nov 21 10:52:40 2014 us=405423   cf_max = 0
Fri Nov 21 10:52:40 2014 us=405423   cf_per = 0
Fri Nov 21 10:52:40 2014 us=405423   max_clients = 1024
Fri Nov 21 10:52:40 2014 us=405423   max_routes_per_client = 256
Fri Nov 21 10:52:40 2014 us=405423   auth_user_pass_verify_script = '[UNDEF]'
Fri Nov 21 10:52:40 2014 us=405423   auth_user_pass_verify_script_via_file = DISABLED
Fri Nov 21 10:52:40 2014 us=405423   client = ENABLED
Fri Nov 21 10:52:40 2014 us=405423   pull = ENABLED
Fri Nov 21 10:52:40 2014 us=405423   auth_user_pass_file = '[UNDEF]'
Fri Nov 21 10:52:40 2014 us=405423   show_net_up = DISABLED
Fri Nov 21 10:52:40 2014 us=405423   route_method = 0
Fri Nov 21 10:52:40 2014 us=405423   ip_win32_defined = DISABLED
Fri Nov 21 10:52:40 2014 us=405423   ip_win32_type = 3
Fri Nov 21 10:52:40 2014 us=405423   dhcp_masq_offset = 0
Fri Nov 21 10:52:40 2014 us=405423   dhcp_lease_time = 31536000
Fri Nov 21 10:52:40 2014 us=405423   tap_sleep = 0
Fri Nov 21 10:52:40 2014 us=405423   dhcp_options = DISABLED
Fri Nov 21 10:52:40 2014 us=405423   dhcp_renew = DISABLED
Fri Nov 21 10:52:40 2014 us=405423   dhcp_pre_release = DISABLED
Fri Nov 21 10:52:40 2014 us=405423   dhcp_release = DISABLED
Fri Nov 21 10:52:40 2014 us=405423   domain = '[UNDEF]'
Fri Nov 21 10:52:40 2014 us=406423   netbios_scope = '[UNDEF]'
Fri Nov 21 10:52:40 2014 us=406423   netbios_node_type = 0
Fri Nov 21 10:52:40 2014 us=406423   disable_nbt = DISABLED
Fri Nov 21 10:52:40 2014 us=406423 OpenVPN 2.3.5 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on Nov  7 2014
Fri Nov 21 10:52:40 2014 us=406423 library versions: OpenSSL 1.0.1j 15 Oct 2014, LZO 2.05
Enter Management Password:
Fri Nov 21 10:52:40 2014 us=407423 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25341
Fri Nov 21 10:52:40 2014 us=407423 Need hold release from management interface, waiting...
Fri Nov 21 10:52:40 2014 us=892451 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25341
Fri Nov 21 10:52:40 2014 us=993457 MANAGEMENT: CMD 'state on'
Fri Nov 21 10:52:40 2014 us=993457 MANAGEMENT: CMD 'log all on'
Fri Nov 21 10:52:41 2014 us=110464 MANAGEMENT: CMD 'hold off'
Fri Nov 21 10:52:41 2014 us=110464 MANAGEMENT: CMD 'hold release'
Fri Nov 21 10:52:41 2014 us=195468 LZO compression initialized
Fri Nov 21 10:52:41 2014 us=195468 Control Channel MTU parms [ L:1560 D:140 EF:40 EB:0 ET:0 EL:0 ]
Fri Nov 21 10:52:41 2014 us=195468 Socket Buffers: R=[8192->8192] S=[8192->8192]
Fri Nov 21 10:52:41 2014 us=195468 MANAGEMENT: >STATE:1416595961,RESOLVE,,,
Fri Nov 21 10:52:41 2014 us=370478 Data Channel MTU parms [ L:1560 D:1450 EF:60 EB:135 ET:0 EL:0 AF:3/1 ]
Fri Nov 21 10:52:41 2014 us=371479 Local Options String: 'V4,dev-type tun,link-mtu 1560,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Fri Nov 21 10:52:41 2014 us=371479 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1560,tun-mtu 1500,proto TCPv4_SERVER,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Fri Nov 21 10:52:41 2014 us=371479 Local Options hash (VER=V4): 'bc07730e'
Fri Nov 21 10:52:41 2014 us=371479 Expected Remote Options hash (VER=V4): 'b695cb4a'
Fri Nov 21 10:52:41 2014 us=371479 Attempting to establish TCP connection with [AF_INET]24.21.109.123:1194 [nonblock]
Fri Nov 21 10:52:41 2014 us=371479 MANAGEMENT: >STATE:1416595961,TCP_CONNECT,,,
Fri Nov 21 10:52:42 2014 us=372536 TCP connection established with [AF_INET]24.21.109.123:1194
Fri Nov 21 10:52:42 2014 us=372536 TCPv4_CLIENT link local: [undef]
Fri Nov 21 10:52:42 2014 us=372536 TCPv4_CLIENT link remote: [AF_INET]24.21.109.123:1194
Fri Nov 21 10:52:42 2014 us=372536 MANAGEMENT: >STATE:1416595962,WAIT,,,
Fri Nov 21 10:52:42 2014 us=392537 MANAGEMENT: >STATE:1416595962,AUTH,,,
Fri Nov 21 10:52:42 2014 us=392537 TLS: Initial packet from [AF_INET]24.21.109.123:1194, sid=2a2e31e0 56a3c92f
Fri Nov 21 10:52:42 2014 us=956569 VERIFY OK: depth=1, C=US, ST=OR, L=Portland, O=OpalKelly, OU=main, CN=OpalKellyHQ, name=Jake Janovetz, emailAddress=jake@opalkelly.com
Fri Nov 21 10:52:42 2014 us=956569 VERIFY OK: nsCertType=SERVER
Fri Nov 21 10:52:42 2014 us=956569 VERIFY OK: depth=0, C=US, ST=OR, L=Portland, O=OpalKelly, OU=headquarters, CN=OpalKellyHQ-Server, name=Opal Kelly, emailAddress=jake@opalkelly.com
Fri Nov 21 10:52:43 2014 us=888623 NOTE: Options consistency check may be skewed by version differences
Fri Nov 21 10:52:43 2014 us=888623 WARNING: 'version' is used inconsistently, local='version V4', remote='version V0 UNDEF'
Fri Nov 21 10:52:43 2014 us=888623 WARNING: 'dev-type' is present in local config but missing in remote config, local='dev-type tun'
Fri Nov 21 10:52:43 2014 us=888623 WARNING: 'link-mtu' is present in local config but missing in remote config, local='link-mtu 1560'
Fri Nov 21 10:52:43 2014 us=888623 WARNING: 'tun-mtu' is present in local config but missing in remote config, local='tun-mtu 1500'
Fri Nov 21 10:52:43 2014 us=888623 WARNING: 'comp-lzo' is present in local config but missing in remote config, local='comp-lzo'
Fri Nov 21 10:52:43 2014 us=888623 WARNING: 'cipher' is present in local config but missing in remote config, local='cipher AES-128-CBC'
Fri Nov 21 10:52:43 2014 us=888623 WARNING: 'auth' is present in local config but missing in remote config, local='auth SHA1'
Fri Nov 21 10:52:43 2014 us=888623 WARNING: 'keysize' is present in local config but missing in remote config, local='keysize 128'
Fri Nov 21 10:52:43 2014 us=888623 WARNING: 'key-method' is present in local config but missing in remote config, local='key-method 2'
Fri Nov 21 10:52:43 2014 us=888623 WARNING: 'tls-server' is present in local config but missing in remote config, local='tls-server'
Fri Nov 21 10:52:43 2014 us=889623 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Fri Nov 21 10:52:43 2014 us=889623 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Nov 21 10:52:43 2014 us=889623 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Fri Nov 21 10:52:43 2014 us=889623 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Nov 21 10:52:43 2014 us=889623 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Fri Nov 21 10:52:43 2014 us=889623 [OpalKellyHQ-Server] Peer Connection Initiated with [AF_INET]24.21.109.123:1194
Fri Nov 21 10:52:45 2014 us=110692 MANAGEMENT: >STATE:1416595965,GET_CONFIG,,,
Fri Nov 21 10:52:46 2014 us=331762 SENT CONTROL [OpalKellyHQ-Server]: 'PUSH_REQUEST' (status=1)
Fri Nov 21 10:52:46 2014 us=566776 PUSH: Received control message: 'PUSH_REPLY,route 192.168.23.0 255.255.255.0,route 192.168.1.0 255.255.255.0,dhcp-option DNS 192.168.23.1,route 10.10.10.0 255.255.255.0,topology net30,ping 15,ping-restart 60,ifconfig 10.10.10.18 10.10.10.17'
Fri Nov 21 10:52:46 2014 us=566776 OPTIONS IMPORT: timers and/or timeouts modified
Fri Nov 21 10:52:46 2014 us=566776 OPTIONS IMPORT: --ifconfig/up options modified
Fri Nov 21 10:52:46 2014 us=566776 OPTIONS IMPORT: route options modified
Fri Nov 21 10:52:46 2014 us=566776 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Fri Nov 21 10:52:46 2014 us=570776 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Fri Nov 21 10:52:46 2014 us=570776 MANAGEMENT: >STATE:1416595966,ASSIGN_IP,,10.10.10.18,
Fri Nov 21 10:52:46 2014 us=570776 open_tun, tt->ipv6=0
Fri Nov 21 10:52:46 2014 us=571776 TAP-WIN32 device [Local Area Connection 2] opened: \\.\Global\{DE66D607-8092-4A9F-AFA1-16ED9C420505}.tap
Fri Nov 21 10:52:46 2014 us=571776 TAP-Windows Driver Version 9.21 
Fri Nov 21 10:52:46 2014 us=571776 TAP-Windows MTU=1500
Fri Nov 21 10:52:46 2014 us=573776 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.10.10.18/255.255.255.252 on interface {DE66D607-8092-4A9F-AFA1-16ED9C420505} [DHCP-serv: 10.10.10.17, lease-time: 31536000]
Fri Nov 21 10:52:46 2014 us=573776 DHCP option string: 0604c0a8 1701
Fri Nov 21 10:52:46 2014 us=573776 Successful ARP Flush on interface [23] {DE66D607-8092-4A9F-AFA1-16ED9C420505}
Fri Nov 21 10:52:51 2014 us=47032 TEST ROUTES: 3/3 succeeded len=3 ret=1 a=0 u/d=up
Fri Nov 21 10:52:51 2014 us=47032 MANAGEMENT: >STATE:1416595971,ADD_ROUTES,,,
Fri Nov 21 10:52:51 2014 us=48032 C:\Windows\system32\route.exe ADD 192.168.23.0 MASK 255.255.255.0 10.10.10.17
Fri Nov 21 10:52:51 2014 us=49032 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=20 and dwForwardType=4
Fri Nov 21 10:52:51 2014 us=49032 Route addition via IPAPI succeeded [adaptive]
Fri Nov 21 10:52:51 2014 us=49032 C:\Windows\system32\route.exe ADD 192.168.1.0 MASK 255.255.255.0 10.10.10.17
Fri Nov 21 10:52:51 2014 us=50032 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=20 and dwForwardType=4
Fri Nov 21 10:52:51 2014 us=50032 Route addition via IPAPI succeeded [adaptive]
Fri Nov 21 10:52:51 2014 us=50032 C:\Windows\system32\route.exe ADD 10.10.10.0 MASK 255.255.255.0 10.10.10.17
Fri Nov 21 10:52:51 2014 us=52032 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=20 and dwForwardType=4
Fri Nov 21 10:52:51 2014 us=52032 Route addition via IPAPI succeeded [adaptive]
Fri Nov 21 10:52:51 2014 us=52032 Initialization Sequence Completed
Fri Nov 21 10:52:51 2014 us=52032 MANAGEMENT: >STATE:1416595971,CONNECTED,SUCCESS,10.10.10.18,24.21.109.123
Fri Nov 21 10:53:58 2014 us=35864 TCP/UDP: Closing socket
Fri Nov 21 10:53:58 2014 us=35864 C:\Windows\system32\route.exe DELETE 10.10.10.0 MASK 255.255.255.0 10.10.10.17
Fri Nov 21 10:53:58 2014 us=37864 Route deletion via IPAPI succeeded [adaptive]
Fri Nov 21 10:53:58 2014 us=37864 C:\Windows\system32\route.exe DELETE 192.168.1.0 MASK 255.255.255.0 10.10.10.17
Fri Nov 21 10:53:58 2014 us=38864 Route deletion via IPAPI succeeded [adaptive]
Fri Nov 21 10:53:58 2014 us=38864 C:\Windows\system32\route.exe DELETE 192.168.23.0 MASK 255.255.255.0 10.10.10.17
Fri Nov 21 10:53:58 2014 us=40864 Route deletion via IPAPI succeeded [adaptive]
Fri Nov 21 10:53:58 2014 us=40864 Closing TUN/TAP interface
Fri Nov 21 10:53:58 2014 us=46864 SIGTERM[hard,] received, process exiting
Fri Nov 21 10:53:58 2014 us=46864 MANAGEMENT: >STATE:1416596038,EXITING,SIGTERM,,

[maikcat]

My local network is 192.168.1.xxx.

ok , then i saw this

Code: Select all

Fri Nov 21 10:52:51 2014 us=49032 C:\Windows\system32\route.exe ADD 192.168.1.0 MASK 255.255.255.0 10.10.10.17

there is network conflict,change your local lan,
other solution is to NOT accept routes from your server and build them manually locally.

Michael.

[eteam]

Michael,

Are there any unintended consequences if I change ALL of the devices on my local LAN to 10.10.10.xxx ?
Is there any means of bridging between 192.168.1.xxx and 10.10.10.xxx ?

Thank you for your help, it is much appreciated...

-- Bob

[Traffic]

Are there any unintended consequences if I change ALL of the devices on my local LAN to 10.10.10.xxx ?

Yes .. you will then have a network conflict with your VPN ...

Is there any means of bridging between 192.168.1.xxx and 10.10.10.xxx ?

You do not require a bridge of any sort to link these networks.

What you need is a server side LAN which is unique: ie. 192.168.121.0/24 .. that is all. (no need to change the VPN)

[eteam]

What you need is a server side LAN which is unique: ie. 192.168.121.0/24 .. that is all. (no need to change the VPN)

What is the effect of such a server side LAN address change? Will my client system still be re-assigned a 10.10.10.x address? Or will my VPN address be in the range of 192.168.121.x ?

Will 192.168.128.x VPN LAN address allow both 192.168.128.x and (my local LAN) 192.168.1.x to 'see' each other?

Thank you...

-- Bob

[Traffic]

In order to setup a routed VPN tunnel each of your network segments requires a unique subnet:

• Example:
  • Server LAN: 192.168.121.0/24
    Server LAN IP: 192.168.121.11
    
    VPN Subnet: 10.8.0.0/24
    Server VPN IP: 10.8.0.1
    Client VPN IPs: 10.8.0.2-254 (depending on --topology)
    
    Client LAN: 192.168.131.0/24
    Client LAN IP: 192.168.131.21
  This will work ...

On the other hand .. this will not:

• Example:
  • Server LAN: 192.168.0.0/24
    Server IP: 192.168.0.11
    
    VPN Subnet: 10.8.0.0/24
    Server IP: 10.8.0.1
    Client IPs: 10.8.0.2-254 (depending on --topology)
    
    Client LAN: 192.168.0.0/24 (* Conflicting network subnet with server LAN)
    Client LAN IP: 192.168.0.21

If you want to setup a Bridged network you are still required to use unique Server LAN,
otherwise you will still have a routing conflict:

• Example:
  • Server LAN: 192.168.121.0/24
    Server LAN IP: 192.168.121.11
    
    VPN Subnet: 192.168.121.0/24
    Server VPN IP: 192.168.121.11
    Client VPN IPs: 192.168.121.201-254 (depending on --server-bridge)
    
    Client LAN: 192.168.131.0/24
    Client LAN IP: 192.168.131.21
  This will work ...

On the other hand .. this will not:

• Example:
  • Server LAN: 192.168.0.0/24
    Server LAN IP: 192.168.0.11
    
    VPN Subnet: 192.168.0.0/24
    Server VPN IP: 192.168.0.11
    Client VPN IPs: 192.168.0.2-254 (depending on --server-bridge)
    
    Client LAN: 192.168.0.0/24 (* Conflicting network subnet with server LAN)
    Client LAN IP: 192.168.0.21

The very best place to learn this is HOWTO: For OpenVPN Community Edition.

Follow the example setups for either routed or bridged depending on your specific requirements.