DDNS and OVPN

How to customize and extend your OpenVPN installation.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Post Reply
mizio66
OpenVpn Newbie
Posts: 1
Joined: Sun Aug 09, 2015 10:39 am

DDNS and OVPN

Post by mizio66 » Sun Aug 09, 2015 10:56 am

Hi. I'm quite new to OpenVPN, so sorry if my question maybe doesn't make a lot of sense to all. I have a home setup like this:
Asus AC68U, linked to a dyndns DDNS account, address 192.168.1.1
synology DS213J, linked to a synology.me DDNS account address 192.168.1.198
OpenVPN on the router, linke to a perfect-privacy (P-P from now)account.

I added some script to the Asus vpn start so that only the syno goes through it while all others are not. it works.

What is not working is reaching the NAS via WAN through dyndns (remember, linked to the router): other ports are working, if not belonging to the NAS...
If i use synology.me, it works, but i have to configure a port in perfect-privacy, that i would like to avoid.
Also, Synology emule is giving lowID, even if in this case i configured the ports in perfect-privacy (and they are working if the VPN tunnel to p-p is done in the Synology instead that in Asus).

So, what i woudl like to know is if it is possible through the VPN configuration or Asus script to have the WAN traffic directed to the NAS (specific ports if possible) can be correctly directed without having to configure a PF in p-p.

To add more info: LAN Access to NAS works. ipchicken reports ISP address from wifi mobiles or desk and P-P IP from NAS, so OVPN config + script works. Torrents from NAS works via P-P IP, checked.

My OVPN config:

Code: Select all

script-security 2
ns-cert-type server
tun-mtu 1500
fragment 1300
mssfix
float
reneg-sec 86400
resolv-retry 60
persist-key
persist-tun
persist-remote-ip
route-method exe
route-delay 2
hand-window 120
tls-cipher DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-CAMELLIA256-SHA:DHE-RSA-AES256-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-RSA-AES128-SHA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA
auth SHA512
verb 4
inactive 604800
ping 5
ping-restart 120
replay-window 512 60
mute-replay-warnings
ping-timer-rem
plus the asus script:

Code: Select all

!/bin/sh

 Sleep 2

for i in /proc/sys/net/ipv4/conf/*/rp_filter ; do
  echo 0 > $i
done

ip route flush table 100
ip route del default table 100
ip rule del fwmark 1 table 100
ip route flush cache
iptables -t mangle -F PREROUTING

ip route show table main | grep -Ev ^default | grep -Ev tun11\
  | while read ROUTE ; do
      ip route add table 100 $ROUTE
done

ip route add default table 100 via $(nvram get wan_gateway)
ip rule add fwmark 1 table 100
ip route flush cache

iptables -t mangle -A PREROUTING -i br0 -j MARK --set-mark 1

    iptables -t mangle -A PREROUTING -i br0 -m iprange --src-range 192.168.1.198 -j MARK --set-mark 0
    
exit 1
Can someone help? I hope i posted all information. Here is a partially masked log from Asus:

Code: Select all

Aug  9 12:50:25 rc_service: httpd 551:notify_rc start_vpnclient1
Aug  9 12:50:25 kernel: tun: Universal TUN/TAP device driver, 1.6
Aug  9 12:50:25 kernel: tun: (C) 1999-2004 Max Krasnyansky <maxk@qualcomm.com>
Aug  9 12:50:25 openvpn[12436]: Current Parameter Settings:
Aug  9 12:50:25 openvpn[12436]:   config = 'config.ovpn'
Aug  9 12:50:25 openvpn[12436]:   mode = 0
Aug  9 12:50:25 openvpn[12436]:   persist_config = DISABLED
Aug  9 12:50:25 openvpn[12436]:   persist_mode = 1
Aug  9 12:50:25 openvpn[12436]:   show_ciphers = DISABLED
Aug  9 12:50:25 openvpn[12436]:   show_digests = DISABLED
Aug  9 12:50:25 openvpn[12436]:   show_engines = DISABLED
Aug  9 12:50:25 openvpn[12436]:   genkey = DISABLED
Aug  9 12:50:25 openvpn[12436]:   key_pass_file = '[UNDEF]'
Aug  9 12:50:25 openvpn[12436]:   show_tls_ciphers = DISABLED
Aug  9 12:50:25 openvpn[12436]: Connection profiles [default]:
Aug  9 12:50:25 openvpn[12436]:   proto = udp
Aug  9 12:50:25 openvpn[12436]:   local = '[UNDEF]'
Aug  9 12:50:25 openvpn[12436]:   local_port = 0
Aug  9 12:50:25 openvpn[12436]:   remote = 'masked'
Aug  9 12:50:25 openvpn[12436]:   remote_port = 1149
Aug  9 12:50:25 openvpn[12436]:   remote_float = ENABLED
Aug  9 12:50:25 openvpn[12436]:   bind_defined = DISABLED
Aug  9 12:50:25 openvpn[12436]:   bind_local = DISABLED
Aug  9 12:50:25 openvpn[12436]:   connect_retry_seconds = 5
Aug  9 12:50:25 openvpn[12436]:   connect_timeout = 10
Aug  9 12:50:25 openvpn[12436]:   connect_retry_max = 0
Aug  9 12:50:25 openvpn[12436]:   tun_mtu = 1500
Aug  9 12:50:25 openvpn[12436]:   tun_mtu_defined = ENABLED
Aug  9 12:50:25 openvpn[12436]:   link_mtu = 1500
Aug  9 12:50:25 openvpn[12436]:   link_mtu_defined = DISABLED
Aug  9 12:50:25 openvpn[12436]:   tun_mtu_extra = 0
Aug  9 12:50:25 openvpn[12436]:   tun_mtu_extra_defined = DISABLED
Aug  9 12:50:25 openvpn[12436]:   mtu_discover_type = -1
Aug  9 12:50:25 openvpn[12436]:   fragment = 1300
Aug  9 12:50:25 openvpn[12436]:   mssfix = 1300
Aug  9 12:50:25 openvpn[12436]:   explicit_exit_notification = 0
Aug  9 12:50:25 openvpn[12436]: Connection profiles END
Aug  9 12:50:25 openvpn[12436]:   remote_random = DISABLED
Aug  9 12:50:25 openvpn[12436]:   ipchange = '[UNDEF]'
Aug  9 12:50:25 openvpn[12436]:   dev = 'tun11'
Aug  9 12:50:25 openvpn[12436]:   dev_type = '[UNDEF]'
Aug  9 12:50:25 openvpn[12436]:   dev_node = '[UNDEF]'
Aug  9 12:50:25 openvpn[12436]:   lladdr = '[UNDEF]'
Aug  9 12:50:25 openvpn[12436]:   topology = 1
Aug  9 12:50:25 openvpn[12436]:   tun_ipv6 = DISABLED
Aug  9 12:50:25 openvpn[12436]:   ifconfig_local = '[UNDEF]'
Aug  9 12:50:25 openvpn[12436]:   ifconfig_remote_netmask = '[UNDEF]'
Aug  9 12:50:25 openvpn[12436]:   ifconfig_noexec = DISABLED
Aug  9 12:50:25 openvpn[12436]:   ifconfig_nowarn = DISABLED
Aug  9 12:50:25 openvpn[12436]:   ifconfig_ipv6_local = '[UNDEF]'
Aug  9 12:50:25 openvpn[12436]:   ifconfig_ipv6_netbits = 0
Aug  9 12:50:25 openvpn[12436]:   ifconfig_ipv6_remote = '[UNDEF]'
Aug  9 12:50:25 openvpn[12436]:   shaper = 0
Aug  9 12:50:25 openvpn[12436]:   mtu_test = 0
Aug  9 12:50:25 openvpn[12436]:   mlock = DISABLED
Aug  9 12:50:25 openvpn[12436]:   keepalive_ping = 0
Aug  9 12:50:25 openvpn[12436]:   keepalive_timeout = 0
Aug  9 12:50:25 openvpn[12436]:   inactivity_timeout = 604800
Aug  9 12:50:25 openvpn[12436]:   ping_send_timeout = 5
Aug  9 12:50:25 openvpn[12436]:   ping_rec_timeout = 120
Aug  9 12:50:25 openvpn[12436]:   ping_rec_timeout_action = 2
Aug  9 12:50:25 openvpn[12436]:   ping_timer_remote = ENABLED
Aug  9 12:50:25 openvpn[12436]:   remap_sigusr1 = 0
Aug  9 12:50:25 openvpn[12436]:   persist_tun = ENABLED
Aug  9 12:50:25 openvpn[12436]:   persist_local_ip = DISABLED
Aug  9 12:50:25 openvpn[12436]:   persist_remote_ip = ENABLED
Aug  9 12:50:25 openvpn[12436]:   persist_key = ENABLED
Aug  9 12:50:25 openvpn[12436]:   passtos = DISABLED
Aug  9 12:50:25 openvpn[12436]:   resolve_retry_seconds = 60
Aug  9 12:50:25 openvpn[12436]:   username = '[UNDEF]'
Aug  9 12:50:25 openvpn[12436]:   groupname = '[UNDEF]'
Aug  9 12:50:25 openvpn[12436]:   chroot_dir = '[UNDEF]'
Aug  9 12:50:25 openvpn[12436]:   cd_dir = '/etc/openvpn/client1'
Aug  9 12:50:25 openvpn[12436]:   writepid = '[UNDEF]'
Aug  9 12:50:25 openvpn[12436]:   up_script = 'updown.sh'
Aug  9 12:50:25 openvpn[12436]:   down_script = 'updown.sh'
Aug  9 12:50:25 openvpn[12436]:   down_pre = DISABLED
Aug  9 12:50:25 openvpn[12436]:   up_restart = DISABLED
Aug  9 12:50:25 openvpn[12436]:   up_delay = DISABLED
Aug  9 12:50:25 openvpn[12436]:   daemon = ENABLED
Aug  9 12:50:25 openvpn[12436]:   inetd = 0
Aug  9 12:50:25 openvpn[12436]:   log = DISABLED
Aug  9 12:50:25 openvpn[12436]:   suppress_timestamps = DISABLED
Aug  9 12:50:25 openvpn[12436]:   nice = 0
Aug  9 12:50:25 openvpn[12436]:   verbosity = 4
Aug  9 12:50:25 openvpn[12436]:   mute = 0
Aug  9 12:50:25 openvpn[12436]:   status_file = 'status'
Aug  9 12:50:25 openvpn[12436]:   status_file_version = 2
Aug  9 12:50:25 openvpn[12436]:   status_file_update_freq = 60
Aug  9 12:50:25 openvpn[12436]:   occ = ENABLED
Aug  9 12:50:25 openvpn[12436]:   rcvbuf = 65536
Aug  9 12:50:25 openvpn[12436]:   sndbuf = 65536
Aug  9 12:50:25 openvpn[12436]:   mark = 0
Aug  9 12:50:25 openvpn[12436]:   sockflags = 0
Aug  9 12:50:25 openvpn[12436]:   fast_io = DISABLED
Aug  9 12:50:25 openvpn[12436]:   lzo = 7
Aug  9 12:50:25 openvpn[12436]:   route_script = 'vpnrouting.sh'
Aug  9 12:50:25 openvpn[12436]:   route_default_gateway = '[UNDEF]'
Aug  9 12:50:25 openvpn[12436]:   route_default_metric = 0
Aug  9 12:50:25 openvpn[12436]:   route_noexec = DISABLED
Aug  9 12:50:25 openvpn[12436]:   route_delay = 2
Aug  9 12:50:25 openvpn[12436]:   route_delay_window = 30
Aug  9 12:50:25 openvpn[12436]:   route_delay_defined = ENABLED
Aug  9 12:50:25 openvpn[12436]:   route_nopull = DISABLED
Aug  9 12:50:25 openvpn[12436]:   route_gateway_via_dhcp = DISABLED
Aug  9 12:50:25 openvpn[12436]:   max_routes = 100
Aug  9 12:50:25 openvpn[12436]:   allow_pull_fqdn = DISABLED
Aug  9 12:50:25 openvpn[12436]:   management_addr = '[UNDEF]'
Aug  9 12:50:25 openvpn[12436]:   management_port = 0
Aug  9 12:50:25 openvpn[12436]:   management_user_pass = '[UNDEF]'
Aug  9 12:50:25 openvpn[12436]:   management_log_history_cache = 250
Aug  9 12:50:25 openvpn[12436]:   management_echo_buffer_size = 100
Aug  9 12:50:25 openvpn[12436]:   management_write_peer_info_file = '[UNDEF]'
Aug  9 12:50:25 openvpn[12436]:   management_client_user = '[UNDEF]'
Aug  9 12:50:25 openvpn[12436]:   management_client_group = '[UNDEF]'
Aug  9 12:50:25 openvpn[12436]:   management_flags = 0
Aug  9 12:50:25 openvpn[12436]:   shared_secret_file = '[UNDEF]'
Aug  9 12:50:25 openvpn[12436]:   key_direction = 2
Aug  9 12:50:25 openvpn[12436]:   ciphername_defined = ENABLED
Aug  9 12:50:25 openvpn[12436]:   ciphername = 'AES-256-CBC'
Aug  9 12:50:25 openvpn[12436]:   authname_defined = ENABLED
Aug  9 12:50:25 openvpn[12436]:   authname = 'SHA512'
Aug  9 12:50:25 openvpn[12436]:   prng_hash = 'SHA1'
Aug  9 12:50:25 openvpn[12436]:   prng_nonce_secret_len = 16
Aug  9 12:50:25 openvpn[12436]:   keysize = 0
Aug  9 12:50:25 openvpn[12436]:   engine = DISABLED
Aug  9 12:50:25 openvpn[12436]:   replay = ENABLED
Aug  9 12:50:25 openvpn[12436]:   mute_replay_warnings = ENABLED
Aug  9 12:50:25 openvpn[12436]:   replay_window = 512
Aug  9 12:50:25 openvpn[12436]:   replay_time = 60
Aug  9 12:50:25 openvpn[12436]:   packet_id_file = '[UNDEF]'
Aug  9 12:50:25 openvpn[12436]:   use_iv = ENABLED
Aug  9 12:50:25 openvpn[12436]:   test_crypto = DISABLED
Aug  9 12:50:25 openvpn[12436]:   tls_server = DISABLED
Aug  9 12:50:25 openvpn[12436]:   tls_client = ENABLED
Aug  9 12:50:25 openvpn[12436]:   key_method = 2
Aug  9 12:50:25 openvpn[12436]:   ca_file = 'ca.crt'
Aug  9 12:50:25 openvpn[12436]:   ca_path = '[UNDEF]'
Aug  9 12:50:25 openvpn[12436]:   dh_file = '[UNDEF]'
Aug  9 12:50:25 openvpn[12436]:   cert_file = 'client.crt'
Aug  9 12:50:25 openvpn[12436]:   priv_key_file = 'client.key'
Aug  9 12:50:25 openvpn[12436]:   pkcs12_file = '[UNDEF]'
Aug  9 12:50:25 openvpn[12436]:   cipher_list = 'DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-CAMELLIA256-SHA:DHE-RSA-AES256-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-RSA-AES128-SHA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA'
Aug  9 12:50:25 openvpn[12436]:   tls_verify = '[UNDEF]'
Aug  9 12:50:25 openvpn[12436]:   tls_export_cert = '[UNDEF]'
Aug  9 12:50:25 openvpn[12436]:   verify_x509_type = 0
Aug  9 12:50:25 openvpn[12436]:   verify_x509_name = '[UNDEF]'
Aug  9 12:50:25 openvpn[12436]:   crl_file = '[UNDEF]'
Aug  9 12:50:25 openvpn[12436]:   ns_cert_type = 1
Aug  9 12:50:25 openvpn[12436]:   remote_cert_ku[i] = 0
Aug  9 12:50:25 openvpn[12436]:   remote_cert_ku[i] = 0
Aug  9 12:50:25 openvpn[12436]:   remote_cert_ku[i] = 0
Aug  9 12:50:25 openvpn[12436]:   remote_cert_ku[i] = 0
Aug  9 12:50:25 openvpn[12436]:   remote_cert_ku[i] = 0
Aug  9 12:50:25 openvpn[12436]:   remote_cert_ku[i] = 0
Aug  9 12:50:25 openvpn[12436]:   remote_cert_ku[i] = 0
Aug  9 12:50:25 openvpn[12436]:   remote_cert_ku[i] = 0
Aug  9 12:50:25 openvpn[12436]:   remote_cert_ku[i] = 0
Aug  9 12:50:25 openvpn[12436]:   remote_cert_ku[i] = 0
Aug  9 12:50:25 openvpn[12436]:   remote_cert_ku[i] = 0
Aug  9 12:50:25 openvpn[12436]:   remote_cert_ku[i] = 0
Aug  9 12:50:25 openvpn[12436]:   remote_cert_ku[i] = 0
Aug  9 12:50:25 openvpn[12436]:   remote_cert_ku[i] = 0
Aug  9 12:50:25 openvpn[12436]:   remote_cert_ku[i] = 0
Aug  9 12:50:25 openvpn[12436]:   remote_cert_ku[i] = 0
Aug  9 12:50:25 openvpn[12436]:   remote_cert_eku = '[UNDEF]'
Aug  9 12:50:25 openvpn[12436]:   ssl_flags = 0
Aug  9 12:50:25 openvpn[12436]:   tls_timeout = 2
Aug  9 12:50:25 openvpn[12436]:   renegotiate_bytes = 0
Aug  9 12:50:25 openvpn[12436]:   renegotiate_packets = 0
Aug  9 12:50:25 openvpn[12436]:   renegotiate_seconds = 86400
Aug  9 12:50:25 openvpn[12436]:   handshake_window = 120
Aug  9 12:50:25 openvpn[12436]:   transition_window = 3600
Aug  9 12:50:25 openvpn[12436]:   single_session = DISABLED
Aug  9 12:50:25 openvpn[12436]:   push_peer_info = DISABLED
Aug  9 12:50:25 openvpn[12436]:   tls_exit = DISABLED
Aug  9 12:50:25 openvpn[12436]:   tls_auth_file = 'static.key'
Aug  9 12:50:25 openvpn[12436]:   server_network = 0.0.0.0
Aug  9 12:50:25 openvpn[12436]:   server_netmask = 0.0.0.0
Aug  9 12:50:25 openvpn[12436]:   server_network_ipv6 = ::
Aug  9 12:50:25 openvpn[12436]:   server_netbits_ipv6 = 0
Aug  9 12:50:25 openvpn[12436]:   server_bridge_ip = 0.0.0.0
Aug  9 12:50:25 openvpn[12436]:   server_bridge_netmask = 0.0.0.0
Aug  9 12:50:25 openvpn[12436]:   server_bridge_pool_start = 0.0.0.0
Aug  9 12:50:25 openvpn[12436]:   server_bridge_pool_end = 0.0.0.0
Aug  9 12:50:25 openvpn[12436]:   ifconfig_pool_defined = DISABLED
Aug  9 12:50:25 openvpn[12436]:   ifconfig_pool_start = 0.0.0.0
Aug  9 12:50:25 openvpn[12436]:   ifconfig_pool_end = 0.0.0.0
Aug  9 12:50:25 openvpn[12436]:   ifconfig_pool_netmask = 0.0.0.0
Aug  9 12:50:25 openvpn[12436]:   ifconfig_pool_persist_filename = '[UNDEF]'
Aug  9 12:50:25 openvpn[12436]:   ifconfig_pool_persist_refresh_freq = 600
Aug  9 12:50:25 openvpn[12436]:   ifconfig_ipv6_pool_defined = DISABLED
Aug  9 12:50:25 openvpn[12436]:   ifconfig_ipv6_pool_base = ::
Aug  9 12:50:25 openvpn[12436]:   ifconfig_ipv6_pool_netbits = 0
Aug  9 12:50:25 openvpn[12436]:   n_bcast_buf = 256
Aug  9 12:50:25 openvpn[12436]:   tcp_queue_limit = 64
Aug  9 12:50:25 openvpn[12436]:   real_hash_size = 256
Aug  9 12:50:25 openvpn[12436]:   virtual_hash_size = 256
Aug  9 12:50:25 openvpn[12436]:   client_connect_script = '[UNDEF]'
Aug  9 12:50:25 openvpn[12436]:   learn_address_script = '[UNDEF]'
Aug  9 12:50:25 openvpn[12436]:   client_disconnect_script = '[UNDEF]'
Aug  9 12:50:25 openvpn[12436]:   client_config_dir = '[UNDEF]'
Aug  9 12:50:25 openvpn[12436]:   ccd_exclusive = DISABLED
Aug  9 12:50:25 openvpn[12436]:   tmp_dir = '/tmp'
Aug  9 12:50:25 openvpn[12436]:   push_ifconfig_defined = DISABLED
Aug  9 12:50:25 openvpn[12436]:   push_ifconfig_local = 0.0.0.0
Aug  9 12:50:25 openvpn[12436]:   push_ifconfig_remote_netmask = 0.0.0.0
Aug  9 12:50:25 openvpn[12436]:   push_ifconfig_ipv6_defined = DISABLED
Aug  9 12:50:25 openvpn[12436]:   push_ifconfig_ipv6_local = ::/0
Aug  9 12:50:25 openvpn[12436]:   push_ifconfig_ipv6_remote = ::
Aug  9 12:50:25 openvpn[12436]:   enable_c2c = DISABLED
Aug  9 12:50:25 openvpn[12436]:   duplicate_cn = DISABLED
Aug  9 12:50:25 openvpn[12436]:   cf_max = 0
Aug  9 12:50:25 openvpn[12436]:   cf_per = 0
Aug  9 12:50:25 openvpn[12436]:   max_clients = 1024
Aug  9 12:50:25 openvpn[12436]:   max_routes_per_client = 256
Aug  9 12:50:25 openvpn[12436]:   auth_user_pass_verify_script = '[UNDEF]'
Aug  9 12:50:25 openvpn[12436]:   auth_user_pass_verify_script_via_file = DISABLED
Aug  9 12:50:25 openvpn[12436]:   port_share_host = '[UNDEF]'
Aug  9 12:50:25 openvpn[12436]:   port_share_port = 0
Aug  9 12:50:25 openvpn[12436]:   client = ENABLED
Aug  9 12:50:25 openvpn[12436]:   pull = ENABLED
Aug  9 12:50:25 openvpn[12436]:   auth_user_pass_file = 'up'
Aug  9 12:50:25 openvpn[12436]: OpenVPN 2.3.7 arm-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Jul 16 2015
Aug  9 12:50:25 openvpn[12436]: library versions: OpenSSL 1.0.2d 9 Jul 2015, LZO 2.08
Aug  9 12:50:25 openvpn[12437]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Aug  9 12:50:25 openvpn[12437]: Deprecated TLS cipher name 'DHE-RSA-AES256-GCM-SHA384', please use IANA name 'TLS-DHE-RSA-WITH-AES-256-GCM-SHA384'
Aug  9 12:50:25 openvpn[12437]: Deprecated TLS cipher name 'DHE-RSA-AES256-SHA256', please use IANA name 'TLS-DHE-RSA-WITH-AES-256-CBC-SHA256'
Aug  9 12:50:25 openvpn[12437]: Deprecated TLS cipher name 'DHE-RSA-AES128-GCM-SHA256', please use IANA name 'TLS-DHE-RSA-WITH-AES-128-GCM-SHA256'
Aug  9 12:50:25 openvpn[12437]: Deprecated TLS cipher name 'DHE-RSA-AES128-SHA256', please use IANA name 'TLS-DHE-RSA-WITH-AES-128-CBC-SHA256'
Aug  9 12:50:25 openvpn[12437]: Deprecated TLS cipher name 'DHE-RSA-CAMELLIA256-SHA', please use IANA name 'TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA'
Aug  9 12:50:25 openvpn[12437]: Deprecated TLS cipher name 'DHE-RSA-AES256-SHA', please use IANA name 'TLS-DHE-RSA-WITH-AES-256-CBC-SHA'
Aug  9 12:50:25 openvpn[12437]: Deprecated TLS cipher name 'DHE-RSA-CAMELLIA128-SHA', please use IANA name 'TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA'
Aug  9 12:50:25 openvpn[12437]: Deprecated TLS cipher name 'DHE-RSA-AES128-SHA', please use IANA name 'TLS-DHE-RSA-WITH-AES-128-CBC-SHA'
Aug  9 12:50:25 openvpn[12437]: Deprecated TLS cipher name 'CAMELLIA256-SHA', please use IANA name 'TLS-RSA-WITH-CAMELLIA-256-CBC-SHA'
Aug  9 12:50:25 openvpn[12437]: Deprecated TLS cipher name 'AES256-SHA', please use IANA name 'TLS-RSA-WITH-AES-256-CBC-SHA'
Aug  9 12:50:25 openvpn[12437]: Deprecated TLS cipher name 'CAMELLIA128-SHA', please use IANA name 'TLS-RSA-WITH-CAMELLIA-128-CBC-SHA'
Aug  9 12:50:25 openvpn[12437]: Deprecated TLS cipher name 'AES128-SHA', please use IANA name 'TLS-RSA-WITH-AES-128-CBC-SHA'
Aug  9 12:50:25 openvpn[12437]: Control Channel Authentication: using 'static.key' as a OpenVPN static key file
Aug  9 12:50:25 openvpn[12437]: Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Aug  9 12:50:25 openvpn[12437]: Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Aug  9 12:50:25 openvpn[12437]: LZO compression initialized
Aug  9 12:50:25 openvpn[12437]: Control Channel MTU parms [ L:1606 D:210 EF:110 EB:0 ET:0 EL:3 ]
Aug  9 12:50:25 openvpn[12437]: Socket Buffers: R=[122880->131072] S=[122880->131072]
Aug  9 12:50:25 openvpn[12437]: Data Channel MTU parms [ L:1606 D:1300 EF:106 EB:143 ET:0 EL:3 AF:3/1 ]
Aug  9 12:50:25 openvpn[12437]: Fragmentation MTU parms [ L:1606 D:1300 EF:105 EB:143 ET:1 EL:3 AF:3/1 ]
Aug  9 12:50:25 openvpn[12437]: Local Options String: 'V4,dev-type tun,link-mtu 1606,tun-mtu 1500,proto UDPv4,comp-lzo,mtu-dynamic,keydir 1,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-client'
Aug  9 12:50:25 openvpn[12437]: Expected Remote Options String: 'V4,dev-type tun,link-mtu 1606,tun-mtu 1500,proto UDPv4,comp-lzo,mtu-dynamic,keydir 0,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-server'
Aug  9 12:50:25 openvpn[12437]: Local Options hash (VER=V4): '73c06b87'
Aug  9 12:50:25 openvpn[12437]: Expected Remote Options hash (VER=V4): 'ad1c1209'
Aug  9 12:50:25 openvpn[12437]: UDPv4 link local: [undef]
Aug  9 12:50:25 openvpn[12437]: UDPv4 link remote: [AF_INET]94.242.243.162:1149
Aug  9 12:50:25 openvpn[12437]: TLS: Initial packet from [AF_INET]94.242.243.162:1149, sid=7e895bae 06b9290f
Aug  9 12:50:25 openvpn[12437]: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Aug  9 12:50:25 openvpn[12437]: VERIFY OK: depth=1, C=NZ, ST=Wellington, L=Johnsonville, O=perfect-privacy, CN=perfect-privacy, emailAddress=admin@perfect-privacy.com
Aug  9 12:50:25 openvpn[12437]: VERIFY OK: nsCertType=SERVER
Aug  9 12:50:25 openvpn[12437]: VERIFY OK: depth=0, C=NZ, ST=Wellington, O=perfect-privacy, CN=server, emailAddress=admin@perfect-privacy.com
Aug  9 12:50:29 openvpn[12437]: Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Aug  9 12:50:29 openvpn[12437]: Data Channel Encrypt: Using 512 bit message hash 'SHA512' for HMAC authentication
Aug  9 12:50:29 openvpn[12437]: Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Aug  9 12:50:29 openvpn[12437]: Data Channel Decrypt: Using 512 bit message hash 'SHA512' for HMAC authentication
Aug  9 12:50:29 openvpn[12437]: Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-CAMELLIA256-SHA, 4096 bit RSA
Aug  9 12:50:29 openvpn[12437]: [server] Peer Connection Initiated with [AF_INET]94.242.243.162:1149
Aug  9 12:50:31 openvpn[12437]: SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Aug  9 12:50:31 openvpn[12437]: PUSH: Received control message: 'PUSH_REPLY,dhcp-option DNS xxx.xxx.194.30,dhcp-option DNS xx.xxx.180.33,redirect-gateway def1,sndbuf 131072,rcvbuf 131072,route-gateway xx.xx.11.1,topology subnet,ping 10,ping-restart 120,ifconfig xx.xx.11.6 255.255.255.128'
Aug  9 12:50:31 openvpn[12437]: OPTIONS IMPORT: timers and/or timeouts modified
Aug  9 12:50:31 openvpn[12437]: OPTIONS IMPORT: --sndbuf/--rcvbuf options modified
Aug  9 12:50:31 openvpn[12437]: Socket Buffers: R=[131072->245760] S=[131072->245760]
Aug  9 12:50:31 openvpn[12437]: OPTIONS IMPORT: --ifconfig/up options modified
Aug  9 12:50:31 openvpn[12437]: OPTIONS IMPORT: route options modified
Aug  9 12:50:31 openvpn[12437]: OPTIONS IMPORT: route-related options modified
Aug  9 12:50:31 openvpn[12437]: OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Aug  9 12:50:31 openvpn[12437]: TUN/TAP device tun11 opened
Aug  9 12:50:31 openvpn[12437]: TUN/TAP TX queue length set to 100
Aug  9 12:50:31 openvpn[12437]: do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Aug  9 12:50:31 openvpn[12437]: /usr/sbin/ip link set dev tun11 up mtu 1500
Aug  9 12:50:31 openvpn[12437]: /usr/sbin/ip addr add dev tun11 xx.xx.11.6/25 broadcast xx.xx.11.127
Aug  9 12:50:31 openvpn[12437]: updown.sh tun11 1500 1606 xx.xx.11.6 255.255.255.128 init
Aug  9 12:50:31 rc_service: service 12481:notify_rc updateresolv
Aug  9 12:50:31 dnsmasq[12395]: exiting on receipt of SIGTERM
Aug  9 12:50:31 custom script: Running /jffs/scripts/openvpn-event (args: tun11 1500 1606 xx.xx.11.6 255.255.255.128 init)
Aug  9 12:50:31 dnsmasq[12489]: started, version 2.73rc9 cachesize 1500
Aug  9 12:50:31 dnsmasq[12489]: warning: interface ppp1* does not currently exist
Aug  9 12:50:31 dnsmasq[12489]: asynchronous logging enabled, queue limit is 5 messages
Aug  9 12:50:31 dnsmasq-dhcp[12489]: DHCP, IP range 192.168.1.240 -- 192.168.1.253, lease time 4m
Aug  9 12:50:31 dnsmasq[12489]: read /etc/hosts - 5 addresses
Aug  9 12:50:31 dnsmasq[12489]: read /etc/hosts.dnsmasq - 47 addresses
Aug  9 12:50:31 dnsmasq-dhcp[12489]: ignoring /etc/ethers line 47, duplicate name or IP address
Aug  9 12:50:31 dnsmasq-dhcp[12489]: read /etc/ethers - 46 addresses
Aug  9 12:50:31 dnsmasq[12489]: using nameserver xx.xx.169.95#53 for domain local
Aug  9 12:50:31 dnsmasq[12489]: using nameserver xx.xx.169.94#53 for domain local
Aug  9 12:50:31 dnsmasq[12489]: using nameserver 8.8.4.4#53 for domain local
Aug  9 12:50:31 dnsmasq[12489]: using nameserver 8.8.8.8#53 for domain local
Aug  9 12:50:31 dnsmasq[12489]: using nameserver xxx.xxx.194.30#53
Aug  9 12:50:31 dnsmasq[12489]: using nameserver xxx.xxx.180.33#53
Aug  9 12:50:31 dnsmasq[12489]: using nameserver 8.8.8.8#53
Aug  9 12:50:31 dnsmasq[12489]: using nameserver 8.8.4.4#53
Aug  9 12:50:31 dnsmasq[12489]: using nameserver xx.xx.169.94#53
Aug  9 12:50:31 dnsmasq[12489]: using nameserver xx.xx.169.95#53
Aug  9 12:50:33 openvpn[12437]: /usr/sbin/ip route add xx.xx.243.162/32 via 192.168.100.1
Aug  9 12:50:33 openvpn[12437]: /usr/sbin/ip route add 0.0.0.0/1 via xx.xx.11.1
Aug  9 12:50:33 openvpn[12437]: /usr/sbin/ip route add 128.0.0.0/1 via xx.xx.11.1
Aug  9 12:50:33 openvpn-routing: Skipping, client 1 not in routing policy mode
Aug  9 12:50:33 custom script: Running /jffs/scripts/openvpn-event (args: )
Aug  9 12:50:33 openvpn[12437]: Initialization Sequence Completed
Thanks

maurizio
Top
Post Reply

Return to “Scripting and Customizations”