Lollipop Android client can't ping vpn

[pkfox]

Hi there , I have an Openvpn server setup on a Raspberry Pi, I could connect to it using Windows , Linux and Android clients until now, since upgrading my Android tablet to lollipop - Openvpn Connect shows it has a connection but I have no access to the Internet nor can I ping my VPN server . If I revert back to Jellybean ( who thinks up these names ?) all is fine again. Any ideas peeps ?

[pkfox]

Just to be clear I can still connect using Windows and Linux clients.

[pkfox]

Just to be clear I can still connect using Windows and Linux clients.

Here are the routing tables for Lollipop and KitKat

Using ip route in Android terminal

Routes with ConnectVPN running on Lollipop(Not working)

default via 10.10.1.1 dev wlan0 metric 306

10.8.0.4/30 dev tun0 proto kernel scope link src 10.8.0.6

10.10.1.0/24 dev wlan0 proto kernel scope link src 10.10.1.5 metric 306


Using ip route in Android terminal

Routes with ConnectVPN running on KitKat(Working)

default via 10.10.1.1 dev wlan0
default via 10.10.1.1 dev wlan0 metric 306

10.8.0.4/30 dev tun0 proto kernel scope link src 10.8.0.6

10.10.1.0/24 dev wlan0 proto kernel scope link
10.10.1.0/24 dev wlan0 proto kernel scope link src 10.10.1.5 metric 306

10.10.1.1 dev wlan0 scope link

HTH

[Traffic]

Have you read this:
topic17851.html

Perhaps you have the same problem, .. "route rejected ..."

Post server config and log and client config and log please.

[pkfox]

Hi there, the log (client) says connected ok and it can receive data but I just can't ping the server or access the internet - will post logs when I get home

[pkfox]

Have you read this:
topic17851.html

Perhaps you have the same problem, .. "route rejected ..."

Post server config and log and client config and log please.

Here's the cut down Openvpn.log

Code: Select all

NS 194.168.4.100,redirect-gateway def1,route 10.8.0.0 255.255.255.0,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' (status=1)
Mon Jul 13 09:27:19 2015 pjk/86.16.49.235:43075 SIGTERM[soft,remote-exit] received, client-instance exiting
Mon Jul 13 10:31:08 2015 MULTI: multi_create_instance called
Mon Jul 13 10:31:08 2015 86.16.49.235:59292 Re-using SSL/TLS context
Mon Jul 13 10:31:08 2015 86.16.49.235:59292 LZO compression initialized
Mon Jul 13 10:31:08 2015 86.16.49.235:59292 Control Channel MTU parms [ L:1558 D:166 EF:66 EB:0 ET:0 EL:0 ]
Mon Jul 13 10:31:08 2015 86.16.49.235:59292 Data Channel MTU parms [ L:1558 D:1450 EF:58 EB:135 ET:0 EL:0 AF:3/1 ]
Mon Jul 13 10:31:08 2015 86.16.49.235:59292 Local Options hash (VER=V4): 'a2e63101'
Mon Jul 13 10:31:08 2015 86.16.49.235:59292 Expected Remote Options hash (VER=V4): '272f1b58'
Mon Jul 13 10:31:08 2015 86.16.49.235:59292 TLS: Initial packet from [AF_INET]86.16.49.235:59292, sid=92ad83f9 ae85f1e6
Mon Jul 13 10:31:08 2015 86.16.49.235:59292 VERIFY OK: depth=1, /C=UK/ST=Surrey/L=Addlestone/O=PJK_Solutions/OU=IT_Dept/CN=pi1/name=Pete_Kane/emailAddress=pete@pjksolutions.com
Mon Jul 13 10:31:08 2015 86.16.49.235:59292 VERIFY OK: depth=0, /C=GB/ST=Surrey/L=Addlestone/O=PJK_Solutions/OU=IT_Dept/CN=pjk/name=Pete_Kane/emailAddress=pete@pjksolutions.com
Mon Jul 13 10:31:08 2015 86.16.49.235:59292 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Mon Jul 13 10:31:08 2015 86.16.49.235:59292 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Jul 13 10:31:08 2015 86.16.49.235:59292 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Mon Jul 13 10:31:08 2015 86.16.49.235:59292 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Jul 13 10:31:08 2015 86.16.49.235:59292 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Mon Jul 13 10:31:08 2015 86.16.49.235:59292 [pjk] Peer Connection Initiated with [AF_INET]86.16.49.235:59292
Mon Jul 13 10:31:08 2015 pjk/86.16.49.235:59292 MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=4867:b0be:803e:edb6:346b:f2b6:bce7:a6b8
Mon Jul 13 10:31:08 2015 pjk/86.16.49.235:59292 MULTI: Learn: 10.8.0.6 -> pjk/86.16.49.235:59292
Mon Jul 13 10:31:08 2015 pjk/86.16.49.235:59292 MULTI: primary virtual IP for pjk/86.16.49.235:59292: 10.8.0.6
Mon Jul 13 10:31:08 2015 pjk/86.16.49.235:59292 PUSH: Received control message: 'PUSH_REQUEST'
Mon Jul 13 10:31:08 2015 pjk/86.16.49.235:59292 send_push_reply(): safe_cap=960
Mon Jul 13 10:31:08 2015 pjk/86.16.49.235:59292 SENT CONTROL [pjk]: 'PUSH_REPLY,route 10.8.0.1 255.255.255.255,route 10.8.0.0 255.255.255.0,route 10.10.1.0 255.255.255.0,dhcp-option DNS 194.168.4.100,redirect-gateway def1,route 10.8.0.0 255.255.255.0,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' (status=1)
Mon Jul 13 10:33:47 2015 read UDPv4 [EHOSTUNREACH]: No route to host (code=113)
Mon Jul 13 10:33:57 2015 read UDPv4 [EHOSTUNREACH]: No route to host (code=113)
Mon Jul 13 10:34:07 2015 read UDPv4 [EHOSTUNREACH]: No route to host (code=113)
Mon Jul 13 10:34:17 2015 read UDPv4 [EHOSTUNREACH]: No route to host (code=113)
Mon Jul 13 10:34:27 2015 read UDPv4 [EHOSTUNREACH]: No route to host (code=113)
Mon Jul 13 10:34:37 2015 read UDPv4 [EHOSTUNREACH]: No route to host (code=113)
Mon Jul 13 10:34:47 2015 read UDPv4 [EHOSTUNREACH]: No route to host (code=113)
Mon Jul 13 10:34:57 2015 read UDPv4 [EHOSTUNREACH]: No route to host (code=113)
Mon Jul 13 10:35:06 2015 read UDPv4 [EHOSTUNREACH]: No route to host (code=113)
Mon Jul 13 10:35:15 2015 read UDPv4 [EHOSTUNREACH]: No route to host (code=113)
Mon Jul 13 10:35:25 2015 read UDPv4 [EHOSTUNREACH]: No route to host (code=113)
Mon Jul 13 10:35:37 2015 read UDPv4 [EHOSTUNREACH]: No route to host (code=113)
Mon Jul 13 10:35:48 2015 read UDPv4 [EHOSTUNREACH]: No route to host (code=113)
Mon Jul 13 10:35:58 2015 read UDPv4 [EHOSTUNREACH]: No route to host (code=113)
Mon Jul 13 10:36:08 2015 read UDPv4 [EHOSTUNREACH]: No route to host (code=113)
Mon Jul 13 10:36:18 2015 read UDPv4 [EHOSTUNREACH]: No route to host (code=113)
Mon Jul 13 10:36:28 2015 read UDPv4 [EHOSTUNREACH]: No route to host (code=113)
Mon Jul 13 10:36:38 2015 read UDPv4 [EHOSTUNREACH]: No route to host (code=113)
Mon Jul 13 10:36:48 2015 read UDPv4 [EHOSTUNREACH]: No route to host (code=113)
Mon Jul 13 10:36:58 2015 read UDPv4 [EHOSTUNREACH]: No route to host (code=113)
Mon Jul 13 10:37:08 2015 read UDPv4 [EHOSTUNREACH]: No route to host (code=113)
Mon Jul 13 10:37:18 2015 read UDPv4 [EHOSTUNREACH]: No route to host (code=113)
Mon Jul 13 10:37:21 2015 pjk/86.16.49.235:59292 [pjk] Inactivity timeout (--ping-restart), restarting
Mon Jul 13 10:37:21 2015 pjk/86.16.49.235:59292 SIGUSR1[soft,ping-restart] received, client-instance restarting
Mon Jul 13 10:51:23 2015 MULTI: multi_create_instance called
Mon Jul 13 10:51:23 2015 86.16.49.235:48771 Re-using SSL/TLS context
Mon Jul 13 10:51:23 2015 86.16.49.235:48771 LZO compression initialized
Mon Jul 13 10:51:23 2015 86.16.49.235:48771 Control Channel MTU parms [ L:1558 D:166 EF:66 EB:0 ET:0 EL:0 ]
Mon Jul 13 10:51:23 2015 86.16.49.235:48771 Data Channel MTU parms [ L:1558 D:1450 EF:58 EB:135 ET:0 EL:0 AF:3/1 ]
Mon Jul 13 10:51:23 2015 86.16.49.235:48771 Local Options hash (VER=V4): 'a2e63101'
Mon Jul 13 10:51:23 2015 86.16.49.235:48771 Expected Remote Options hash (VER=V4): '272f1b58'
Mon Jul 13 10:51:23 2015 86.16.49.235:48771 TLS: Initial packet from [AF_INET]86.16.49.235:48771, sid=cdb7a19f fc1ce3da
Mon Jul 13 10:51:23 2015 86.16.49.235:48771 VERIFY OK: depth=1, /C=UK/ST=Surrey/L=Addlestone/O=PJK_Solutions/OU=IT_Dept/CN=pi1/name=Pete_Kane/emailAddress=pete@pjksolutions.com
Mon Jul 13 10:51:23 2015 86.16.49.235:48771 VERIFY OK: depth=0, /C=GB/ST=Surrey/L=Addlestone/O=PJK_Solutions/OU=IT_Dept/CN=pjk/name=Pete_Kane/emailAddress=pete@pjksolutions.com
Mon Jul 13 10:51:23 2015 86.16.49.235:48771 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Mon Jul 13 10:51:23 2015 86.16.49.235:48771 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Jul 13 10:51:23 2015 86.16.49.235:48771 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Mon Jul 13 10:51:23 2015 86.16.49.235:48771 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Jul 13 10:51:23 2015 86.16.49.235:48771 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Mon Jul 13 10:51:23 2015 86.16.49.235:48771 [pjk] Peer Connection Initiated with [AF_INET]86.16.49.235:48771
Mon Jul 13 10:51:23 2015 pjk/86.16.49.235:48771 MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=4867:b0be:803e:edb6:346b:f2b6:bce7:a6b8
Mon Jul 13 10:51:23 2015 pjk/86.16.49.235:48771 MULTI: Learn: 10.8.0.6 -> pjk/86.16.49.235:48771
Mon Jul 13 10:51:23 2015 pjk/86.16.49.235:48771 MULTI: primary virtual IP for pjk/86.16.49.235:48771: 10.8.0.6
Mon Jul 13 10:51:23 2015 pjk/86.16.49.235:48771 PUSH: Received control message: 'PUSH_REQUEST'
Mon Jul 13 10:51:23 2015 pjk/86.16.49.235:48771 send_push_reply(): safe_cap=960
Mon Jul 13 10:51:23 2015 pjk/86.16.49.235:48771 SENT CONTROL [pjk]: 'PUSH_REPLY,route 10.8.0.1 255.255.255.255,route 10.8.0.0 255.255.255.0,route 10.10.1.0 255.255.255.0,dhcp-option DNS 194.168.4.100,redirect-gateway def1,route 10.8.0.0 255.255.255.0,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' (status=1)
Mon Jul 13 11:00:49 2015 read UDPv4 [EHOSTUNREACH]: No route to host (code=113)
Mon Jul 13 11:04:19 2015 pjk/86.16.49.235:48771 SIGTERM[soft,remote-exit] received, client-instance exiting
Mon Jul 13 11:40:08 2015 MULTI: multi_create_instance called
Mon Jul 13 11:40:08 2015 86.16.49.235:59782 Re-using SSL/TLS context
Mon Jul 13 11:40:08 2015 86.16.49.235:59782 LZO compression initialized
Mon Jul 13 11:40:08 2015 86.16.49.235:59782 Control Channel MTU parms [ L:1558 D:166 EF:66 EB:0 ET:0 EL:0 ]
Mon Jul 13 11:40:08 2015 86.16.49.235:59782 Data Channel MTU parms [ L:1558 D:1450 EF:58 EB:135 ET:0 EL:0 AF:3/1 ]
Mon Jul 13 11:40:08 2015 86.16.49.235:59782 Local Options hash (VER=V4): 'a2e63101'
Mon Jul 13 11:40:08 2015 86.16.49.235:59782 Expected Remote Options hash (VER=V4): '272f1b58'
Mon Jul 13 11:40:08 2015 86.16.49.235:59782 TLS: Initial packet from [AF_INET]86.16.49.235:59782, sid=2603f009 ab7d5b3b
Mon Jul 13 11:40:08 2015 86.16.49.235:59782 VERIFY OK: depth=1, /C=UK/ST=Surrey/L=Addlestone/O=PJK_Solutions/OU=IT_Dept/CN=pi1/name=Pete_Kane/emailAddress=pete@pjksolutions.com
Mon Jul 13 11:40:08 2015 86.16.49.235:59782 VERIFY OK: depth=0, /C=GB/ST=Surrey/L=Addlestone/O=PJK_Solutions/OU=IT_Dept/CN=pjk/name=Pete_Kane/emailAddress=pete@pjksolutions.com
Mon Jul 13 11:40:08 2015 86.16.49.235:59782 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Mon Jul 13 11:40:08 2015 86.16.49.235:59782 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Jul 13 11:40:08 2015 86.16.49.235:59782 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Mon Jul 13 11:40:08 2015 86.16.49.235:59782 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Jul 13 11:40:08 2015 86.16.49.235:59782 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Mon Jul 13 11:40:08 2015 86.16.49.235:59782 [pjk] Peer Connection Initiated with [AF_INET]86.16.49.235:59782
Mon Jul 13 11:40:08 2015 pjk/86.16.49.235:59782 MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=4867:b0be:803e:edb6:346b:f2b6:bce7:a6b8
Mon Jul 13 11:40:08 2015 pjk/86.16.49.235:59782 MULTI: Learn: 10.8.0.6 -> pjk/86.16.49.235:59782
Mon Jul 13 11:40:08 2015 pjk/86.16.49.235:59782 MULTI: primary virtual IP for pjk/86.16.49.235:59782: 10.8.0.6
Mon Jul 13 11:40:08 2015 pjk/86.16.49.235:59782 PUSH: Received control message: 'PUSH_REQUEST'
Mon Jul 13 11:40:08 2015 pjk/86.16.49.235:59782 send_push_reply(): safe_cap=960
Mon Jul 13 11:40:08 2015 pjk/86.16.49.235:59782 SENT CONTROL [pjk]: 'PUSH_REPLY,route 10.8.0.1 255.255.255.255,route 10.8.0.0 255.255.255.0,route 10.10.1.0 255.255.255.0,dhcp-option DNS 194.168.4.100,redirect-gateway def1,route 10.8.0.0 255.255.255.0,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' (status=1)
Mon Jul 13 12:11:51 2015 read UDPv4 [EHOSTUNREACH]: No route to host (code=113)
Mon Jul 13 12:12:01 2015 read UDPv4 [EHOSTUNREACH]: No route to host (code=113)
Mon Jul 13 12:12:11 2015 read UDPv4 [EHOSTUNREACH]: No route to host (code=113)
Mon Jul 13 12:12:21 2015 read UDPv4 [EHOSTUNREACH]: No route to host (code=113)
Mon Jul 13 12:12:31 2015 read UDPv4 [EHOSTUNREACH]: No route to host (code=113)
Mon Jul 13 12:12:41 2015 read UDPv4 [EHOSTUNREACH]: No route to host (code=113)
Mon Jul 13 12:12:51 2015 read UDPv4 [EHOSTUNREACH]: No route to host (code=113)
Mon Jul 13 12:13:01 2015 read UDPv4 [EHOSTUNREACH]: No route to host (code=113)
Mon Jul 13 12:13:11 2015 read UDPv4 [EHOSTUNREACH]: No route to host (code=113)
Mon Jul 13 12:13:21 2015 read UDPv4 [EHOSTUNREACH]: No route to host (code=113)
Mon Jul 13 12:13:31 2015 read UDPv4 [EHOSTUNREACH]: No route to host (code=113)
Mon Jul 13 12:13:41 2015 read UDPv4 [EHOSTUNREACH]: No route to host (code=113)
Mon Jul 13 12:13:51 2015 read UDPv4 [EHOSTUNREACH]: No route to host (code=113)
Mon Jul 13 12:14:01 2015 read UDPv4 [EHOSTUNREACH]: No route to host (code=113)
Mon Jul 13 12:14:12 2015 read UDPv4 [EHOSTUNREACH]: No route to host (code=113)
Mon Jul 13 12:14:22 2015 read UDPv4 [EHOSTUNREACH]: No route to host (code=113)
Mon Jul 13 12:14:32 2015 read UDPv4 [EHOSTUNREACH]: No route to host (code=113)
Mon Jul 13 12:14:42 2015 read UDPv4 [EHOSTUNREACH]: No route to host (code=113)
Mon Jul 13 12:14:52 2015 read UDPv4 [EHOSTUNREACH]: No route to host (code=113)
Mon Jul 13 12:15:02 2015 read UDPv4 [EHOSTUNREACH]: No route to host (code=113)
Mon Jul 13 12:15:12 2015 read UDPv4 [EHOSTUNREACH]: No route to host (code=113)
Mon Jul 13 12:15:23 2015 read UDPv4 [EHOSTUNREACH]: No route to host (code=113)
Mon Jul 13 12:15:28 2015 pjk/86.16.49.235:59782 [pjk] Inactivity timeout (--ping-restart), restarting
Mon Jul 13 12:15:28 2015 pjk/86.16.49.235:59782 SIGUSR1[soft,ping-restart] received, client-instance restarting
Mon Jul 13 12:35:28 2015 MULTI: multi_create_instance called

Server.conf

Code: Select all

dev tun 
proto udp #Some people prefer to use tcp. Don't change it if you don't know
port 1194 
ca /etc/openvpn/easy-rsa/keys/ca.crt 
cert /etc/openvpn/easy-rsa/keys/pi1.crt # SWAP WITH YOUR CRT NAME
key /etc/openvpn/easy-rsa/keys/pi1.key # SWAP WITH YOUR KEY NAME
dh /etc/openvpn/easy-rsa/keys/dh1024.pem # If you changed to 2048, change that here!
server 10.8.0.0 255.255.255.0 
# server and remote endpoints 
ifconfig 10.8.0.1 10.8.0.2 
# Add route to Client routing table for the OpenVPN Server 
push "route 10.8.0.1 255.255.255.255" 
# Add route to Client routing table for the OpenVPN Subnet 
push "route 10.8.0.0 255.255.255.0" 
# your local subnet 
push "route 10.10.1.0 255.255.255.0" # SWAP THE IP NUMBER WITH YOUR RASPBERRY PI IP ADDRESS
# Set primary domain name server address to the SOHO Router 
# If your router does not do DNS, you can use Google DNS 8.8.8.8 
push "dhcp-option DNS 194.168.4.100" # This should already match your router address and not need to be changed.
# Override the Client default gateway by using 0.0.0.0/1 and 
# 128.0.0.0/1 rather than 0.0.0.0/0. This has the benefit of 
# overriding but not wiping out the original default gateway. 
push "redirect-gateway def1" 
client-to-client 
duplicate-cn 
keepalive 10 120 
tls-auth /etc/openvpn/easy-rsa/keys/ta.key 0 
cipher AES-128-CBC 
comp-lzo 
user nobody 
group nogroup 
persist-key 
persist-tun 
status /var/log/openvpn-status.log 20 
log /var/log/openvpn.log 
verb 3

I couldn't find a way of getting the client log as it is only shown from within the Openvpn app but here is the .ovpn profile

Code: Select all

client 
dev tun 
proto udp 
remote pete-kane.com 1194 
resolv-retry infinite 
nobind 
persist-key 
persist-tun 
mute-replay-warnings 
ns-cert-type server 
key-direction 1 
cipher AES-128-CBC 
comp-lzo 
verb 1 
mute 20 

[Traffic]

Server.conf
Code:

server 10.8.0.0 255.255.255.0

# server and remote endpoints
ifconfig 10.8.0.1 10.8.0.2 ### Remove this
# Add route to Client routing table for the OpenVPN Server
push "route 10.8.0.1 255.255.255.255" ### Remove this
# Add route to Client routing table for the OpenVPN Subnet
push "route 10.8.0.0 255.255.255.0" ### Remove this

### For Testing remove these four items
user nobody
group nogroup
persist-key
persist-tun

### set verb 4
verb 3

Code:
client

### For Testing remove these two items
persist-key
persist-tun

### Do you get a lot of replay warnings ?
mute-replay-warnings

### set verb 4
verb 1

### For Testing remove this items
mute 20

Please check your client log for errors .. compare to this report:
topic17851.html

Look for "route rejected .. " errors

If possible post your client log.

[pkfox]

Server.conf
Code:

server 10.8.0.0 255.255.255.0

# server and remote endpoints
ifconfig 10.8.0.1 10.8.0.2 ### Remove this
# Add route to Client routing table for the OpenVPN Server
push "route 10.8.0.1 255.255.255.255" ### Remove this
# Add route to Client routing table for the OpenVPN Subnet
push "route 10.8.0.0 255.255.255.0" ### Remove this

### For Testing remove these four items
user nobody
group nogroup
persist-key
persist-tun

### set verb 4
verb 3

Code:
client

### For Testing remove these two items
persist-key
persist-tun

### Do you get a lot of replay warnings ?
mute-replay-warnings

### set verb 4
verb 1

### For Testing remove this items
mute 20

Please check your client log for errors .. compare to this report:
topic17851.html

Look for "route rejected .. " errors

If possible post your client log.

Hi there, sorry for slow response but life got in the way, tried your suggestions but no change here is my log

Code: Select all

Thu Jul 16 07:11:14 2015 us=750366 Current Parameter Settings:
Thu Jul 16 07:11:14 2015 us=751164   config = '/etc/openvpn/server.conf'
Thu Jul 16 07:11:14 2015 us=751372   mode = 1
Thu Jul 16 07:11:14 2015 us=751542   persist_config = DISABLED
Thu Jul 16 07:11:14 2015 us=751713   persist_mode = 1
Thu Jul 16 07:11:14 2015 us=751881   show_ciphers = DISABLED
Thu Jul 16 07:11:14 2015 us=752046   show_digests = DISABLED
Thu Jul 16 07:11:14 2015 us=752211   show_engines = DISABLED
Thu Jul 16 07:11:14 2015 us=752374   genkey = DISABLED
Thu Jul 16 07:11:14 2015 us=752537   key_pass_file = '[UNDEF]'
Thu Jul 16 07:11:14 2015 us=752705   show_tls_ciphers = DISABLED
Thu Jul 16 07:11:14 2015 us=752870 Connection profiles [default]:
Thu Jul 16 07:11:14 2015 us=753036   proto = udp
Thu Jul 16 07:11:14 2015 us=753202   local = '10.10.1.8'
Thu Jul 16 07:11:14 2015 us=753368   local_port = 1194
Thu Jul 16 07:11:14 2015 us=753527   remote = '[UNDEF]'
Thu Jul 16 07:11:14 2015 us=753691   remote_port = 1194
Thu Jul 16 07:11:14 2015 us=753852   remote_float = DISABLED
Thu Jul 16 07:11:14 2015 us=754205   bind_defined = DISABLED
Thu Jul 16 07:11:14 2015 us=754432   bind_local = ENABLED
Thu Jul 16 07:11:14 2015 us=754606   connect_retry_seconds = 5
Thu Jul 16 07:11:14 2015 us=754776   connect_timeout = 10
Thu Jul 16 07:11:14 2015 us=754945   connect_retry_max = 0
Thu Jul 16 07:11:14 2015 us=755110   socks_proxy_server = '[UNDEF]'
Thu Jul 16 07:11:14 2015 us=755275   socks_proxy_port = 0
Thu Jul 16 07:11:14 2015 us=755441   socks_proxy_retry = DISABLED
Thu Jul 16 07:11:14 2015 us=755603 Connection profiles END
Thu Jul 16 07:11:14 2015 us=755767   remote_random = DISABLED
Thu Jul 16 07:11:14 2015 us=755935   ipchange = '[UNDEF]'
Thu Jul 16 07:11:14 2015 us=756094   dev = 'tun'
Thu Jul 16 07:11:14 2015 us=756253   dev_type = '[UNDEF]'
Thu Jul 16 07:11:14 2015 us=756415   dev_node = '[UNDEF]'
Thu Jul 16 07:11:14 2015 us=756579   lladdr = '[UNDEF]'
Thu Jul 16 07:11:14 2015 us=756743   topology = 1
Thu Jul 16 07:11:14 2015 us=756907   tun_ipv6 = DISABLED
Thu Jul 16 07:11:14 2015 us=757071   ifconfig_local = '10.8.0.1'
Thu Jul 16 07:11:14 2015 us=757235   ifconfig_remote_netmask = '10.8.0.2'
Thu Jul 16 07:11:14 2015 us=757397   ifconfig_noexec = DISABLED
Thu Jul 16 07:11:14 2015 us=757566   ifconfig_nowarn = DISABLED
Thu Jul 16 07:11:14 2015 us=757733   ifconfig_ipv6_local = '[UNDEF]'
Thu Jul 16 07:11:14 2015 us=757901   ifconfig_ipv6_netbits = 0
Thu Jul 16 07:11:14 2015 us=758067   ifconfig_ipv6_remote = '[UNDEF]'
Thu Jul 16 07:11:14 2015 us=758232   shaper = 0
Thu Jul 16 07:11:14 2015 us=758394   tun_mtu = 1500
Thu Jul 16 07:11:14 2015 us=758606   tun_mtu_defined = ENABLED
Thu Jul 16 07:11:14 2015 us=758833   link_mtu = 1500
Thu Jul 16 07:11:14 2015 us=759004   link_mtu_defined = DISABLED
Thu Jul 16 07:11:14 2015 us=759172   tun_mtu_extra = 0
Thu Jul 16 07:11:14 2015 us=759337   tun_mtu_extra_defined = DISABLED
Thu Jul 16 07:11:14 2015 us=759503   fragment = 0
Thu Jul 16 07:11:14 2015 us=759667   mtu_discover_type = -1
Thu Jul 16 07:11:14 2015 us=759832   mtu_test = 0
Thu Jul 16 07:11:14 2015 us=759994   mlock = DISABLED
Thu Jul 16 07:11:14 2015 us=760158   keepalive_ping = 10
Thu Jul 16 07:11:14 2015 us=760326   keepalive_timeout = 120
Thu Jul 16 07:11:14 2015 us=760493   inactivity_timeout = 0
Thu Jul 16 07:11:14 2015 us=760659   ping_send_timeout = 10
Thu Jul 16 07:11:14 2015 us=760827   ping_rec_timeout = 240
Thu Jul 16 07:11:14 2015 us=760993   ping_rec_timeout_action = 2
Thu Jul 16 07:11:14 2015 us=761156   ping_timer_remote = DISABLED
Thu Jul 16 07:11:14 2015 us=761326   remap_sigusr1 = 0
Thu Jul 16 07:11:14 2015 us=761491   explicit_exit_notification = 0
Thu Jul 16 07:11:14 2015 us=761654   persist_tun = DISABLED
Thu Jul 16 07:11:14 2015 us=761820   persist_local_ip = DISABLED
Thu Jul 16 07:11:14 2015 us=761986   persist_remote_ip = DISABLED
Thu Jul 16 07:11:14 2015 us=762151   persist_key = DISABLED
Thu Jul 16 07:11:14 2015 us=762318   mssfix = 1450
Thu Jul 16 07:11:14 2015 us=762479   passtos = DISABLED
Thu Jul 16 07:11:14 2015 us=762646   resolve_retry_seconds = 1000000000
Thu Jul 16 07:11:14 2015 us=762921   username = '[UNDEF]'
Thu Jul 16 07:11:14 2015 us=763105   groupname = '[UNDEF]'
Thu Jul 16 07:11:14 2015 us=763272   chroot_dir = '[UNDEF]'
Thu Jul 16 07:11:14 2015 us=763440   cd_dir = '/etc/openvpn'
Thu Jul 16 07:11:14 2015 us=763606   writepid = '/var/run/openvpn.server.pid'
Thu Jul 16 07:11:14 2015 us=763771   up_script = '[UNDEF]'
Thu Jul 16 07:11:14 2015 us=763942   down_script = '[UNDEF]'
Thu Jul 16 07:11:14 2015 us=764352   down_pre = DISABLED
Thu Jul 16 07:11:14 2015 us=764548   up_restart = DISABLED
Thu Jul 16 07:11:14 2015 us=764721   up_delay = DISABLED
Thu Jul 16 07:11:14 2015 us=764886   daemon = ENABLED
Thu Jul 16 07:11:14 2015 us=765054   inetd = 0
Thu Jul 16 07:11:14 2015 us=765219   log = ENABLED
Thu Jul 16 07:11:14 2015 us=765385   suppress_timestamps = DISABLED
Thu Jul 16 07:11:14 2015 us=765551   nice = 0
Thu Jul 16 07:11:14 2015 us=765718   verbosity = 4
Thu Jul 16 07:11:14 2015 us=765883   mute = 0
Thu Jul 16 07:11:14 2015 us=766050   gremlin = 0
Thu Jul 16 07:11:14 2015 us=766222   status_file = '/var/log/openvpn-status.log'
Thu Jul 16 07:11:14 2015 us=766389   status_file_version = 1
Thu Jul 16 07:11:14 2015 us=766555   status_file_update_freq = 20
Thu Jul 16 07:11:14 2015 us=766837   occ = ENABLED
Thu Jul 16 07:11:14 2015 us=767012   rcvbuf = 65536
Thu Jul 16 07:11:14 2015 us=767184   sndbuf = 65536
Thu Jul 16 07:11:14 2015 us=767351   sockflags = 0
Thu Jul 16 07:11:14 2015 us=767517   fast_io = DISABLED
Thu Jul 16 07:11:14 2015 us=767691   lzo = 7
Thu Jul 16 07:11:14 2015 us=767854   route_script = '[UNDEF]'
Thu Jul 16 07:11:14 2015 us=768018   route_default_gateway = '[UNDEF]'
Thu Jul 16 07:11:14 2015 us=768190   route_default_metric = 0
Thu Jul 16 07:11:14 2015 us=768355   route_noexec = DISABLED
Thu Jul 16 07:11:14 2015 us=768527   route_delay = 0
Thu Jul 16 07:11:14 2015 us=768702   route_delay_window = 30
Thu Jul 16 07:11:14 2015 us=768872   route_delay_defined = DISABLED
Thu Jul 16 07:11:14 2015 us=769040   route_nopull = DISABLED
Thu Jul 16 07:11:14 2015 us=769211   route_gateway_via_dhcp = DISABLED
Thu Jul 16 07:11:14 2015 us=769382   max_routes = 100
Thu Jul 16 07:11:14 2015 us=769554   allow_pull_fqdn = DISABLED
Thu Jul 16 07:11:14 2015 us=769733   route 10.8.0.0/255.255.255.0/nil/nil
Thu Jul 16 07:11:14 2015 us=769906   management_addr = '[UNDEF]'
Thu Jul 16 07:11:14 2015 us=770081   management_port = 0
Thu Jul 16 07:11:14 2015 us=770248   management_user_pass = '[UNDEF]'
Thu Jul 16 07:11:14 2015 us=770419   management_log_history_cache = 250
Thu Jul 16 07:11:14 2015 us=770591   management_echo_buffer_size = 100
Thu Jul 16 07:11:14 2015 us=770760   management_write_peer_info_file = '[UNDEF]'
Thu Jul 16 07:11:14 2015 us=770931   management_client_user = '[UNDEF]'
Thu Jul 16 07:11:14 2015 us=771104   management_client_group = '[UNDEF]'
Thu Jul 16 07:11:14 2015 us=771276   management_flags = 0
Thu Jul 16 07:11:14 2015 us=771446   shared_secret_file = '[UNDEF]'
Thu Jul 16 07:11:14 2015 us=771615   key_direction = 1
Thu Jul 16 07:11:14 2015 us=771787   ciphername_defined = ENABLED
Thu Jul 16 07:11:14 2015 us=771961   ciphername = 'AES-128-CBC'
Thu Jul 16 07:11:14 2015 us=772133   authname_defined = ENABLED
Thu Jul 16 07:11:14 2015 us=772301   authname = 'SHA1'
Thu Jul 16 07:11:14 2015 us=772469   prng_hash = 'SHA1'
Thu Jul 16 07:11:14 2015 us=772642   prng_nonce_secret_len = 16
Thu Jul 16 07:11:14 2015 us=772816   keysize = 0
Thu Jul 16 07:11:14 2015 us=772983   engine = DISABLED
Thu Jul 16 07:11:14 2015 us=773148   replay = ENABLED
Thu Jul 16 07:11:14 2015 us=773318   mute_replay_warnings = DISABLED
Thu Jul 16 07:11:14 2015 us=773490   replay_window = 64
Thu Jul 16 07:11:14 2015 us=773659   replay_time = 15
Thu Jul 16 07:11:14 2015 us=773830   packet_id_file = '[UNDEF]'
Thu Jul 16 07:11:14 2015 us=774162   use_iv = ENABLED
Thu Jul 16 07:11:14 2015 us=774396   test_crypto = DISABLED
Thu Jul 16 07:11:14 2015 us=774622   tls_server = ENABLED
Thu Jul 16 07:11:14 2015 us=774854   tls_client = DISABLED
Thu Jul 16 07:11:14 2015 us=775031   key_method = 2
Thu Jul 16 07:11:14 2015 us=775318   ca_file = '/etc/openvpn/easy-rsa/keys/ca.crt'
Thu Jul 16 07:11:14 2015 us=775508   ca_path = '[UNDEF]'
Thu Jul 16 07:11:14 2015 us=775686   dh_file = '/etc/openvpn/easy-rsa/keys/dh1024.pem'
Thu Jul 16 07:11:14 2015 us=775860   cert_file = '/etc/openvpn/easy-rsa/keys/pi1.crt'
Thu Jul 16 07:11:14 2015 us=776032   priv_key_file = '/etc/openvpn/easy-rsa/keys/pi1.key'
Thu Jul 16 07:11:14 2015 us=776206   pkcs12_file = '[UNDEF]'
Thu Jul 16 07:11:14 2015 us=776373   cipher_list = '[UNDEF]'
Thu Jul 16 07:11:14 2015 us=776541   tls_verify = '[UNDEF]'
Thu Jul 16 07:11:14 2015 us=776710   tls_export_cert = '[UNDEF]'
Thu Jul 16 07:11:14 2015 us=776879   tls_remote = '[UNDEF]'
Thu Jul 16 07:11:14 2015 us=777049   crl_file = '[UNDEF]'
Thu Jul 16 07:11:14 2015 us=777221   ns_cert_type = 0
Thu Jul 16 07:11:14 2015 us=777392   remote_cert_ku[i] = 0
Thu Jul 16 07:11:14 2015 us=777567   remote_cert_ku[i] = 0
Thu Jul 16 07:11:14 2015 us=777735   remote_cert_ku[i] = 0
Thu Jul 16 07:11:14 2015 us=777903   remote_cert_ku[i] = 0
Thu Jul 16 07:11:14 2015 us=778076   remote_cert_ku[i] = 0
Thu Jul 16 07:11:14 2015 us=778246   remote_cert_ku[i] = 0
Thu Jul 16 07:11:14 2015 us=778415   remote_cert_ku[i] = 0
Thu Jul 16 07:11:14 2015 us=778584   remote_cert_ku[i] = 0
Thu Jul 16 07:11:14 2015 us=778752   remote_cert_ku[i] = 0
Thu Jul 16 07:11:14 2015 us=778922   remote_cert_ku[i] = 0
Thu Jul 16 07:11:14 2015 us=779095   remote_cert_ku[i] = 0
Thu Jul 16 07:11:14 2015 us=779264   remote_cert_ku[i] = 0
Thu Jul 16 07:11:14 2015 us=779436   remote_cert_ku[i] = 0
Thu Jul 16 07:11:14 2015 us=779603   remote_cert_ku[i] = 0
Thu Jul 16 07:11:14 2015 us=779773   remote_cert_ku[i] = 0
Thu Jul 16 07:11:14 2015 us=779946   remote_cert_ku[i] = 0
Thu Jul 16 07:11:14 2015 us=780113   remote_cert_eku = '[UNDEF]'
Thu Jul 16 07:11:14 2015 us=780280   tls_timeout = 2
Thu Jul 16 07:11:14 2015 us=780451   renegotiate_bytes = 0
Thu Jul 16 07:11:14 2015 us=780619   renegotiate_packets = 0
Thu Jul 16 07:11:14 2015 us=780786   renegotiate_seconds = 3600
Thu Jul 16 07:11:14 2015 us=780960   handshake_window = 60
Thu Jul 16 07:11:14 2015 us=781128   transition_window = 3600
Thu Jul 16 07:11:14 2015 us=781293   single_session = DISABLED
Thu Jul 16 07:11:14 2015 us=781464   push_peer_info = DISABLED
Thu Jul 16 07:11:14 2015 us=781630   tls_exit = DISABLED
Thu Jul 16 07:11:14 2015 us=781800   tls_auth_file = '/etc/openvpn/easy-rsa/keys/ta.key'
Thu Jul 16 07:11:14 2015 us=781975   pkcs11_protected_authentication = DISABLED
Thu Jul 16 07:11:14 2015 us=782147   pkcs11_protected_authentication = DISABLED
Thu Jul 16 07:11:14 2015 us=782319   pkcs11_protected_authentication = DISABLED
Thu Jul 16 07:11:14 2015 us=782487   pkcs11_protected_authentication = DISABLED
Thu Jul 16 07:11:14 2015 us=782754   pkcs11_protected_authentication = DISABLED
Thu Jul 16 07:11:14 2015 us=782945   pkcs11_protected_authentication = DISABLED
Thu Jul 16 07:11:14 2015 us=783119   pkcs11_protected_authentication = DISABLED
Thu Jul 16 07:11:14 2015 us=783291   pkcs11_protected_authentication = DISABLED
Thu Jul 16 07:11:14 2015 us=783466   pkcs11_protected_authentication = DISABLED
Thu Jul 16 07:11:14 2015 us=783637   pkcs11_protected_authentication = DISABLED
Thu Jul 16 07:11:14 2015 us=783807   pkcs11_protected_authentication = DISABLED
Thu Jul 16 07:11:14 2015 us=783981   pkcs11_protected_authentication = DISABLED
Thu Jul 16 07:11:14 2015 us=784267   pkcs11_protected_authentication = DISABLED
Thu Jul 16 07:11:14 2015 us=784444   pkcs11_protected_authentication = DISABLED
Thu Jul 16 07:11:14 2015 us=784616   pkcs11_protected_authentication = DISABLED
Thu Jul 16 07:11:14 2015 us=784788   pkcs11_protected_authentication = DISABLED
Thu Jul 16 07:11:14 2015 us=784970   pkcs11_private_mode = 00000000
Thu Jul 16 07:11:14 2015 us=785145   pkcs11_private_mode = 00000000
Thu Jul 16 07:11:14 2015 us=785320   pkcs11_private_mode = 00000000
Thu Jul 16 07:11:14 2015 us=785493   pkcs11_private_mode = 00000000
Thu Jul 16 07:11:14 2015 us=785666   pkcs11_private_mode = 00000000
Thu Jul 16 07:11:14 2015 us=785950   pkcs11_private_mode = 00000000
Thu Jul 16 07:11:14 2015 us=786142   pkcs11_private_mode = 00000000
Thu Jul 16 07:11:14 2015 us=786323   pkcs11_private_mode = 00000000
Thu Jul 16 07:11:14 2015 us=786495   pkcs11_private_mode = 00000000
Thu Jul 16 07:11:14 2015 us=786668   pkcs11_private_mode = 00000000
Thu Jul 16 07:11:14 2015 us=786852   pkcs11_private_mode = 00000000
Thu Jul 16 07:11:14 2015 us=787031   pkcs11_private_mode = 00000000
Thu Jul 16 07:11:14 2015 us=787206   pkcs11_private_mode = 00000000
Thu Jul 16 07:11:14 2015 us=787379   pkcs11_private_mode = 00000000
Thu Jul 16 07:11:14 2015 us=787555   pkcs11_private_mode = 00000000
Thu Jul 16 07:11:14 2015 us=787732   pkcs11_private_mode = 00000000
Thu Jul 16 07:11:14 2015 us=787898   pkcs11_cert_private = DISABLED
Thu Jul 16 07:11:14 2015 us=788069   pkcs11_cert_private = DISABLED
Thu Jul 16 07:11:14 2015 us=788236   pkcs11_cert_private = DISABLED
Thu Jul 16 07:11:14 2015 us=788405   pkcs11_cert_private = DISABLED
Thu Jul 16 07:11:14 2015 us=788572   pkcs11_cert_private = DISABLED
Thu Jul 16 07:11:14 2015 us=788741   pkcs11_cert_private = DISABLED
Thu Jul 16 07:11:14 2015 us=788910   pkcs11_cert_private = DISABLED
Thu Jul 16 07:11:14 2015 us=789086   pkcs11_cert_private = DISABLED
Thu Jul 16 07:11:14 2015 us=789255   pkcs11_cert_private = DISABLED
Thu Jul 16 07:11:14 2015 us=789423   pkcs11_cert_private = DISABLED
Thu Jul 16 07:11:14 2015 us=789594   pkcs11_cert_private = DISABLED
Thu Jul 16 07:11:14 2015 us=789761   pkcs11_cert_private = DISABLED
Thu Jul 16 07:11:14 2015 us=789928   pkcs11_cert_private = DISABLED
Thu Jul 16 07:11:14 2015 us=790097   pkcs11_cert_private = DISABLED
Thu Jul 16 07:11:14 2015 us=790268   pkcs11_cert_private = DISABLED
Thu Jul 16 07:11:14 2015 us=790442   pkcs11_cert_private = DISABLED
Thu Jul 16 07:11:14 2015 us=790662   pkcs11_pin_cache_period = -1
Thu Jul 16 07:11:14 2015 us=790883   pkcs11_id = '[UNDEF]'
Thu Jul 16 07:11:14 2015 us=791058   pkcs11_id_management = DISABLED
Thu Jul 16 07:11:14 2015 us=791285   server_network = 10.8.0.0
Thu Jul 16 07:11:14 2015 us=791486   server_netmask = 255.255.255.0
Thu Jul 16 07:11:14 2015 us=791669   server_network_ipv6 = ::
Thu Jul 16 07:11:14 2015 us=791846   server_netbits_ipv6 = 0
Thu Jul 16 07:11:14 2015 us=792035   server_bridge_ip = 0.0.0.0
Thu Jul 16 07:11:14 2015 us=792224   server_bridge_netmask = 0.0.0.0
Thu Jul 16 07:11:14 2015 us=792408   server_bridge_pool_start = 0.0.0.0
Thu Jul 16 07:11:14 2015 us=792596   server_bridge_pool_end = 0.0.0.0
Thu Jul 16 07:11:14 2015 us=792765   push_entry = 'route 10.8.0.1 255.255.255.255'
Thu Jul 16 07:11:14 2015 us=792941   push_entry = 'route 10.8.0.0 255.255.255.0'
Thu Jul 16 07:11:14 2015 us=793115   push_entry = 'route 10.10.1.0 255.255.255.0'
Thu Jul 16 07:11:14 2015 us=793286   push_entry = 'dhcp-option DNS 194.168.4.100'
Thu Jul 16 07:11:14 2015 us=793459   push_entry = 'redirect-gateway def1'
Thu Jul 16 07:11:14 2015 us=793629   push_entry = 'route 10.8.0.0 255.255.255.0'
Thu Jul 16 07:11:14 2015 us=793798   push_entry = 'topology net30'
Thu Jul 16 07:11:14 2015 us=793971   push_entry = 'ping 10'
Thu Jul 16 07:11:14 2015 us=794260   push_entry = 'ping-restart 120'
Thu Jul 16 07:11:14 2015 us=794443   ifconfig_pool_defined = ENABLED
Thu Jul 16 07:11:14 2015 us=794633   ifconfig_pool_start = 10.8.0.4
Thu Jul 16 07:11:14 2015 us=794821   ifconfig_pool_end = 10.8.0.251
Thu Jul 16 07:11:14 2015 us=795005   ifconfig_pool_netmask = 0.0.0.0
Thu Jul 16 07:11:14 2015 us=795174   ifconfig_pool_persist_filename = '[UNDEF]'
Thu Jul 16 07:11:14 2015 us=795350   ifconfig_pool_persist_refresh_freq = 600
Thu Jul 16 07:11:14 2015 us=795519   ifconfig_ipv6_pool_defined = DISABLED
Thu Jul 16 07:11:14 2015 us=795707   ifconfig_ipv6_pool_base = ::
Thu Jul 16 07:11:14 2015 us=795884   ifconfig_ipv6_pool_netbits = 0
Thu Jul 16 07:11:14 2015 us=796054   n_bcast_buf = 256
Thu Jul 16 07:11:14 2015 us=796227   tcp_queue_limit = 64
Thu Jul 16 07:11:14 2015 us=796393   real_hash_size = 256
Thu Jul 16 07:11:14 2015 us=796560   virtual_hash_size = 256
Thu Jul 16 07:11:14 2015 us=796839   client_connect_script = '[UNDEF]'
Thu Jul 16 07:11:14 2015 us=797025   learn_address_script = '[UNDEF]'
Thu Jul 16 07:11:14 2015 us=797205   client_disconnect_script = '[UNDEF]'
Thu Jul 16 07:11:14 2015 us=797374   client_config_dir = '[UNDEF]'
Thu Jul 16 07:11:14 2015 us=797538   ccd_exclusive = DISABLED
Thu Jul 16 07:11:14 2015 us=797705   tmp_dir = '/tmp'
Thu Jul 16 07:11:14 2015 us=797872   push_ifconfig_defined = DISABLED
Thu Jul 16 07:11:14 2015 us=798057   push_ifconfig_local = 0.0.0.0
Thu Jul 16 07:11:14 2015 us=798245   push_ifconfig_remote_netmask = 0.0.0.0
Thu Jul 16 07:11:14 2015 us=798414   push_ifconfig_ipv6_defined = DISABLED
Thu Jul 16 07:11:14 2015 us=798657   push_ifconfig_ipv6_local = ::/0
Thu Jul 16 07:11:14 2015 us=798893   push_ifconfig_ipv6_remote = ::
Thu Jul 16 07:11:14 2015 us=799073   enable_c2c = ENABLED
Thu Jul 16 07:11:14 2015 us=799245   duplicate_cn = ENABLED
Thu Jul 16 07:11:14 2015 us=799413   cf_max = 0
Thu Jul 16 07:11:14 2015 us=799581   cf_per = 0
Thu Jul 16 07:11:14 2015 us=799745   max_clients = 1024
Thu Jul 16 07:11:14 2015 us=799915   max_routes_per_client = 256
Thu Jul 16 07:11:14 2015 us=800086   auth_user_pass_verify_script = '[UNDEF]'
Thu Jul 16 07:11:14 2015 us=800254   auth_user_pass_verify_script_via_file = DISABLED
Thu Jul 16 07:11:14 2015 us=800424   ssl_flags = 0
Thu Jul 16 07:11:14 2015 us=800597   port_share_host = '[UNDEF]'
Thu Jul 16 07:11:14 2015 us=800767   port_share_port = 0
Thu Jul 16 07:11:14 2015 us=800935   client = DISABLED
Thu Jul 16 07:11:14 2015 us=801105   pull = DISABLED
Thu Jul 16 07:11:14 2015 us=801274   auth_user_pass_file = '[UNDEF]'
Thu Jul 16 07:11:14 2015 us=801462 OpenVPN 2.2.1 arm-linux-gnueabihf [SSL] [LZO2] [EPOLL] [PKCS11] [eurephia] [MH] [PF_INET6] [IPv6 payload 20110424-2 (2.2RC2)] built on Dec  1 2014
Thu Jul 16 07:11:14 2015 us=803139 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Thu Jul 16 07:11:14 2015 us=847196 Diffie-Hellman initialized with 1024 bit key
Thu Jul 16 07:11:14 2015 us=864980 Control Channel Authentication: using '/etc/openvpn/easy-rsa/keys/ta.key' as a OpenVPN static key file
Thu Jul 16 07:11:14 2015 us=865358 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Jul 16 07:11:14 2015 us=865592 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Jul 16 07:11:14 2015 us=865825 TLS-Auth MTU parms [ L:1558 D:166 EF:66 EB:0 ET:0 EL:0 ]
Thu Jul 16 07:11:14 2015 us=866089 Socket Buffers: R=[163840->131072] S=[163840->131072]
Thu Jul 16 07:11:14 2015 us=867689 ROUTE default_gateway=10.10.1.1
Thu Jul 16 07:11:14 2015 us=874952 TUN/TAP device tun0 opened
Thu Jul 16 07:11:14 2015 us=875332 TUN/TAP TX queue length set to 100
Thu Jul 16 07:11:14 2015 us=875597 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Thu Jul 16 07:11:14 2015 us=875919 /sbin/ifconfig tun0 10.8.0.1 pointopoint 10.8.0.2 mtu 1500
Thu Jul 16 07:11:14 2015 us=905530 /sbin/route add -net 10.8.0.0 netmask 255.255.255.0 gw 10.8.0.2
Thu Jul 16 07:11:14 2015 us=926256 Data Channel MTU parms [ L:1558 D:1450 EF:58 EB:135 ET:0 EL:0 AF:3/1 ]
Thu Jul 16 07:11:14 2015 us=958426 UDPv4 link local (bound): [AF_INET]10.10.1.8:1194
Thu Jul 16 07:11:14 2015 us=958865 UDPv4 link remote: [undef]
Thu Jul 16 07:11:14 2015 us=959083 MULTI: multi_init called, r=256 v=256
Thu Jul 16 07:11:14 2015 us=959880 IFCONFIG POOL: base=10.8.0.4 size=62, ipv6=0
Thu Jul 16 07:11:14 2015 us=960306 Initialization Sequence Completed
Thu Jul 16 07:11:30 2015 us=992410 MULTI: multi_create_instance called
Thu Jul 16 07:11:30 2015 us=993062 86.16.49.235:37691 Re-using SSL/TLS context
Thu Jul 16 07:11:30 2015 us=993489 86.16.49.235:37691 LZO compression initialized
Thu Jul 16 07:11:30 2015 us=995829 86.16.49.235:37691 Control Channel MTU parms [ L:1558 D:166 EF:66 EB:0 ET:0 EL:0 ]
Thu Jul 16 07:11:30 2015 us=996144 86.16.49.235:37691 Data Channel MTU parms [ L:1558 D:1450 EF:58 EB:135 ET:0 EL:0 AF:3/1 ]
Thu Jul 16 07:11:30 2015 us=996719 86.16.49.235:37691 Local Options String: 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 0,cipher AES-128-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-server'
Thu Jul 16 07:11:30 2015 us=996915 86.16.49.235:37691 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher AES-128-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-client'
Thu Jul 16 07:11:30 2015 us=997239 86.16.49.235:37691 Local Options hash (VER=V4): 'a2e63101'
Thu Jul 16 07:11:30 2015 us=997504 86.16.49.235:37691 Expected Remote Options hash (VER=V4): '272f1b58'
Thu Jul 16 07:11:30 2015 us=997952 86.16.49.235:37691 TLS: Initial packet from [AF_INET]86.16.49.235:37691, sid=a7a9d72f a015ed82
Thu Jul 16 07:11:31 2015 us=181354 86.16.49.235:37691 VERIFY OK: depth=1, /C=UK/ST=Surrey/L=Addlestone/O=PJK_Solutions/OU=IT_Dept/CN=pi1/name=Pete_Kane/emailAddress=pete@pjksolutions.com
Thu Jul 16 07:11:31 2015 us=183564 86.16.49.235:37691 VERIFY OK: depth=0, /C=GB/ST=Surrey/L=Addlestone/O=PJK_Solutions/OU=IT_Dept/CN=pjk/name=Pete_Kane/emailAddress=pete@pjksolutions.com
Thu Jul 16 07:11:31 2015 us=231136 86.16.49.235:37691 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Thu Jul 16 07:11:31 2015 us=231484 86.16.49.235:37691 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Jul 16 07:11:31 2015 us=231688 86.16.49.235:37691 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Thu Jul 16 07:11:31 2015 us=231902 86.16.49.235:37691 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Jul 16 07:11:31 2015 us=242108 86.16.49.235:37691 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Thu Jul 16 07:11:31 2015 us=242536 86.16.49.235:37691 [pjk] Peer Connection Initiated with [AF_INET]86.16.49.235:37691
Thu Jul 16 07:11:31 2015 us=242955 pjk/86.16.49.235:37691 MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=48c7:c2be:80ce:f2b6:34fb:f7b6:e42d:a7b7
Thu Jul 16 07:11:31 2015 us=243545 pjk/86.16.49.235:37691 MULTI: Learn: 10.8.0.6 -> pjk/86.16.49.235:37691
Thu Jul 16 07:11:31 2015 us=243771 pjk/86.16.49.235:37691 MULTI: primary virtual IP for pjk/86.16.49.235:37691: 10.8.0.6
Thu Jul 16 07:11:31 2015 us=246111 pjk/86.16.49.235:37691 PUSH: Received control message: 'PUSH_REQUEST'
Thu Jul 16 07:11:31 2015 us=246393 pjk/86.16.49.235:37691 send_push_reply(): safe_cap=960
Thu Jul 16 07:11:31 2015 us=246931 pjk/86.16.49.235:37691 SENT CONTROL [pjk]: 'PUSH_REPLY,route 10.8.0.1 255.255.255.255,route 10.8.0.0 255.255.255.0,route 10.10.1.0 255.255.255.0,dhcp-option DNS 194.168.4.100,redirect-gateway def1,route 10.8.0.0 255.255.255.0,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' (status=1)
Thu Jul 16 07:17:32 2015 us=361850 pjk/86.16.49.235:37691 SIGTERM[soft,remote-exit] received, client-instance exiting
Thu Jul 16 07:18:18 2015 us=806609 MULTI: multi_create_instance called
Thu Jul 16 07:18:18 2015 us=807167 86.16.49.235:47336 Re-using SSL/TLS context
Thu Jul 16 07:18:18 2015 us=807461 86.16.49.235:47336 LZO compression initialized
Thu Jul 16 07:18:18 2015 us=808227 86.16.49.235:47336 Control Channel MTU parms [ L:1558 D:166 EF:66 EB:0 ET:0 EL:0 ]
Thu Jul 16 07:18:18 2015 us=808499 86.16.49.235:47336 Data Channel MTU parms [ L:1558 D:1450 EF:58 EB:135 ET:0 EL:0 AF:3/1 ]
Thu Jul 16 07:18:18 2015 us=808953 86.16.49.235:47336 Local Options String: 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 0,cipher AES-128-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-server'
Thu Jul 16 07:18:18 2015 us=809142 86.16.49.235:47336 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher AES-128-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-client'
Thu Jul 16 07:18:18 2015 us=809421 86.16.49.235:47336 Local Options hash (VER=V4): 'a2e63101'
Thu Jul 16 07:18:18 2015 us=809686 86.16.49.235:47336 Expected Remote Options hash (VER=V4): '272f1b58'
Thu Jul 16 07:18:18 2015 us=810200 86.16.49.235:47336 TLS: Initial packet from [AF_INET]86.16.49.235:47336, sid=3f88810a 0dffac8d
Thu Jul 16 07:18:18 2015 us=973701 86.16.49.235:47336 VERIFY OK: depth=1, /C=UK/ST=Surrey/L=Addlestone/O=PJK_Solutions/OU=IT_Dept/CN=pi1/name=Pete_Kane/emailAddress=pete@pjksolutions.com
Thu Jul 16 07:18:18 2015 us=976151 86.16.49.235:47336 VERIFY OK: depth=0, /C=GB/ST=Surrey/L=Addlestone/O=PJK_Solutions/OU=IT_Dept/CN=pjk/name=Pete_Kane/emailAddress=pete@pjksolutions.com
Thu Jul 16 07:18:19 2015 us=22618 86.16.49.235:47336 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Thu Jul 16 07:18:19 2015 us=22962 86.16.49.235:47336 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Jul 16 07:18:19 2015 us=23162 86.16.49.235:47336 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Thu Jul 16 07:18:19 2015 us=23376 86.16.49.235:47336 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Jul 16 07:18:19 2015 us=28581 86.16.49.235:47336 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Thu Jul 16 07:18:19 2015 us=29027 86.16.49.235:47336 [pjk] Peer Connection Initiated with [AF_INET]86.16.49.235:47336
Thu Jul 16 07:18:19 2015 us=29461 pjk/86.16.49.235:47336 MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=48c7:c2be:80ce:f2b6:34fb:f7b6:b4c2:a5b7
Thu Jul 16 07:18:19 2015 us=30053 pjk/86.16.49.235:47336 MULTI: Learn: 10.8.0.6 -> pjk/86.16.49.235:47336
Thu Jul 16 07:18:19 2015 us=30277 pjk/86.16.49.235:47336 MULTI: primary virtual IP for pjk/86.16.49.235:47336: 10.8.0.6
Thu Jul 16 07:18:19 2015 us=31004 pjk/86.16.49.235:47336 PUSH: Received control message: 'PUSH_REQUEST'
Thu Jul 16 07:18:19 2015 us=31254 pjk/86.16.49.235:47336 send_push_reply(): safe_cap=960
Thu Jul 16 07:18:19 2015 us=31782 pjk/86.16.49.235:47336 SENT CONTROL [pjk]: 'PUSH_REPLY,route 10.8.0.1 255.255.255.255,route 10.8.0.0 255.255.255.0,route 10.10.1.0 255.255.255.0,dhcp-option DNS 194.168.4.100,redirect-gateway def1,route 10.8.0.0 255.255.255.0,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' (status=1)

[Traffic]

Thu Jul 16 07:18:18 2015 us=976151 86.16.49.235:47336 VERIFY OK: depth=0, /C=GB/ST=Surrey/L=Addlestone/O=PJK_Solutions/OU=IT_Dept/CN=pjk/name=Pete_Kane

If this is accurate I could pay you a visit

Thu Jul 16 07:11:14 2015 us=801462 OpenVPN 2.2.1 arm-linux-gnueabihf [SSL] [LZO2] [EPOLL] [PKCS11] [eurephia] [MH] [PF_INET6] [IPv6 payload 20110424-2 (2.2RC2)] built on Dec 1 2014

Is this the most up to date version available for your distro ?

Also, O=PJK_Solutions/OU=IT_Dept would suggest you are capable of finding and posting the client log.

[pkfox]

Thu Jul 16 07:18:18 2015 us=976151 86.16.49.235:47336 VERIFY OK: depth=0, /C=GB/ST=Surrey/L=Addlestone/O=PJK_Solutions/OU=IT_Dept/CN=pjk/name=Pete_Kane

If this is accurate I could pay you a visit

Thu Jul 16 07:11:14 2015 us=801462 OpenVPN 2.2.1 arm-linux-gnueabihf [SSL] [LZO2] [EPOLL] [PKCS11] [eurephia] [MH] [PF_INET6] [IPv6 payload 20110424-2 (2.2RC2)] built on Dec 1 2014

Is this the most up to date version available for your distro ?

I believe it is the latest version for Debian Wheezey

Also, O=PJK_Solutions/OU=IT_Dept would suggest you are capable of finding and posting the client log.

I've scoured the tablet for a log file and can't find one - you can read information from the app but you can't cut and paste it which is annoying but there are no error messages anyway - it's definitely a routing problem - Lollipop must handle them differently as I even tried it on Kitkat and it works.

[wbmiller3]

Did you ever get this to work? I have the same problem and have not conquered it.