TLS Error: Unroutable control packet received

This forum is for admins who are looking to build or expand their OpenVPN setup.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
dredghawl
OpenVpn Newbie
Posts: 11
Joined: Wed Oct 11, 2017 2:09 pm

TLS Error: Unroutable control packet received

Post by dredghawl » Mon Nov 06, 2017 5:12 pm

Hi,

few months ago I set up my own VPN server on my VPS using OpenVPN. So far it worked quite well. Right now I'm not at home for few weeks and I'm using the Wifi of the institution I'm currently living in. There were no issues connecting to my VPN on my laptop, until the daylight saving change 1 week ago (clocks were set back by 1 hour). Since the change I can't connect to my VPN through the institution's Wifi (it works if I turn my phone into a hotspot and connect my laptop to it).

Yesterday I forgot to cancel the connection attempt and it seems it somehow connected to the VPN at some point (I just noticed today that I was connected to the VPN since 10pm yesterday). But now I can't connect again.

This is what I get on client side when trying to connect:

Code: Select all

Mon Nov 06 18:43:04 2017 NOTE: --user option is not implemented on Windows
Mon Nov 06 18:43:04 2017 NOTE: --group option is not implemented on Windows
Mon Nov 06 18:43:04 2017 OpenVPN 2.4.4 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Sep 26 2017
Mon Nov 06 18:43:04 2017 Windows version 6.2 (Windows 8 or greater) 64bit
Mon Nov 06 18:43:04 2017 library versions: OpenSSL 1.0.2l  25 May 2017, LZO 2.10
Mon Nov 06 18:43:04 2017 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Mon Nov 06 18:43:04 2017 Need hold release from management interface, waiting...
Mon Nov 06 18:43:05 2017 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Mon Nov 06 18:43:05 2017 MANAGEMENT: CMD 'state on'
Mon Nov 06 18:43:05 2017 MANAGEMENT: CMD 'log all on'
Mon Nov 06 18:43:05 2017 MANAGEMENT: CMD 'echo all on'
Mon Nov 06 18:43:05 2017 MANAGEMENT: CMD 'hold off'
Mon Nov 06 18:43:05 2017 MANAGEMENT: CMD 'hold release'
Mon Nov 06 18:43:09 2017 MANAGEMENT: CMD 'password [...]'
Mon Nov 06 18:43:09 2017 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Mon Nov 06 18:43:09 2017 Outgoing Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Mon Nov 06 18:43:09 2017 Incoming Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Mon Nov 06 18:43:09 2017 TCP/UDP: Preserving recently used remote address: [AF_INET]xxx.xxx.xx.xxx:1194
Mon Nov 06 18:43:09 2017 Socket Buffers: R=[65536->65536] S=[65536->65536]
Mon Nov 06 18:43:09 2017 UDP link local: (not bound)
Mon Nov 06 18:43:09 2017 UDP link remote: [AF_INET]xxx.xxx.xx.xxx:1194
Mon Nov 06 18:43:09 2017 MANAGEMENT: >STATE:1509986589,WAIT,,,,,,
Mon Nov 06 18:43:23 2017 TLS Error: Unroutable control packet received from [AF_INET]xxx.xxx.xx.xxx:1194 (si=3 op=P_ACK_V1)
Mon Nov 06 18:43:40 2017 TLS Error: Unroutable control packet received from [AF_INET]xxx.xxx.xx.xxx:1194 (si=3 op=P_ACK_V1)
Mon Nov 06 18:44:09 2017 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Mon Nov 06 18:44:09 2017 TLS Error: TLS handshake failed
Mon Nov 06 18:44:09 2017 SIGUSR1[soft,tls-error] received, process restarting
Mon Nov 06 18:44:09 2017 MANAGEMENT: >STATE:1509986649,RECONNECTING,tls-error,,,,,
Mon Nov 06 18:44:09 2017 Restart pause, 5 second(s)
Mon Nov 06 18:44:14 2017 TCP/UDP: Preserving recently used remote address: [AF_INET]xxx.xxx.xx.xxx:1194
Mon Nov 06 18:44:14 2017 Socket Buffers: R=[65536->65536] S=[65536->65536]
Mon Nov 06 18:44:14 2017 UDP link local: (not bound)
Mon Nov 06 18:44:14 2017 UDP link remote: [AF_INET]xxx.xxx.xx.xxx:1194
Mon Nov 06 18:44:14 2017 MANAGEMENT: >STATE:1509986654,WAIT,,,,,,
Mon Nov 06 18:44:16 2017 TLS Error: Unroutable control packet received from [AF_INET]xxx.xxx.xx.xxx:1194 (si=3 op=P_ACK_V1)
Mon Nov 06 18:44:20 2017 TLS Error: Unroutable control packet received from [AF_INET]xxx.xxx.xx.xxx:1194 (si=3 op=P_ACK_V1)
Mon Nov 06 18:44:28 2017 TLS Error: Unroutable control packet received from [AF_INET]xxx.xxx.xx.xxx:1194 (si=3 op=P_ACK_V1)
Mon Nov 06 18:44:44 2017 TLS Error: Unroutable control packet received from [AF_INET]xxx.xxx.xx.xxx:1194 (si=3 op=P_ACK_V1)
Mon Nov 06 18:45:14 2017 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Mon Nov 06 18:45:14 2017 TLS Error: TLS handshake failed
Mon Nov 06 18:45:14 2017 SIGUSR1[soft,tls-error] received, process restarting
Mon Nov 06 18:45:14 2017 MANAGEMENT: >STATE:1509986714,RECONNECTING,tls-error,,,,,
Mon Nov 06 18:45:14 2017 Restart pause, 5 second(s)
And it repeats over and over. On the server side the log looks like this:

Code: Select all

Nov  6 19:44:13 vps436657 ovpn-server[12334]: yy.yyy.yyy.yy:53509 TLS: Initial packet from [AF_INET]yy.yyy.yyy.yy:53509, sid=ae6eed70 114cc4b6
Nov  6 19:45:13 vps436657 ovpn-server[12334]: yy.yyy.yyy.yy:53509 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Nov  6 19:45:13 vps436657 ovpn-server[12334]: yy.yyy.yyy.yy:53509 TLS Error: TLS handshake failed
My server configuration:
Server Config
#################################################
# Sample OpenVPN 2.0 config file for #
# multi-client server. #
# #
# This file is for the server side #
# of a many-clients <-> one-server #
# OpenVPN configuration. #
# #
# OpenVPN also supports #
# single-machine <-> single-machine #
# configurations (See the Examples page #
# on the web site for more info). #
# #
# This config should work on Windows #
# or Linux/BSD systems. Remember on #
# Windows to quote pathnames and use #
# double backslashes, e.g.: #
# "C:\\Program Files\\OpenVPN\\config\\foo.key" #
# #
# Comments are preceded with '#' or ';' #
#################################################

# Which local IP address should OpenVPN
# listen on? (optional)
;local a.b.c.d

# Which TCP/UDP port should OpenVPN listen on?
# If you want to run multiple OpenVPN instances
# on the same machine, use a different port
# number for each one. You will need to
# open up this port on your firewall.
port 1194

# TCP or UDP server?
;proto tcp
proto udp

# "dev tun" will create a routed IP tunnel,
# "dev tap" will create an ethernet tunnel.
# Use "dev tap0" if you are ethernet bridging
# and have precreated a tap0 virtual interface
# and bridged it with your ethernet interface.
# If you want to control access policies
# over the VPN, you must create firewall
# rules for the the TUN/TAP interface.
# On non-Windows systems, you can give
# an explicit unit number, such as tun0.
# On Windows, use "dev-node" for this.
# On most systems, the VPN will not function
# unless you partially or fully disable
# the firewall for the TUN/TAP interface.
;dev tap
dev tun

# Windows needs the TAP-Win32 adapter name
# from the Network Connections panel if you
# have more than one. On XP SP2 or higher,
# you may need to selectively disable the
# Windows firewall for the TAP adapter.
# Non-Windows systems usually don't need this.
;dev-node MyTap

# SSL/TLS root certificate (ca), certificate
# (cert), and private key (key). Each client
# and the server must have their own cert and
# key file. The server and all clients will
# use the same ca file.
#
# See the "easy-rsa" directory for a series
# of scripts for generating RSA certificates
# and private keys. Remember to use
# a unique Common Name for the server
# and each of the client certificates.
#
# Any X509 key management system can be used.
# OpenVPN can also use a PKCS #12 formatted key file
# (see "pkcs12" directive in man page).
ca ca.crt
cert server.crt
key server.key # This file should be kept secret

# Diffie hellman parameters.
# Generate your own with:
# openssl dhparam -out dh2048.pem 2048
dh dh2048.pem

# Network topology
# Should be subnet (addressing via IP)
# unless Windows clients v2.0.9 and lower have to
# be supported (then net30, i.e. a /30 per client)
# Defaults to net30 (not recommended)
;topology subnet

# Configure server mode and supply a VPN subnet
# for OpenVPN to draw client addresses from.
# The server will take 10.8.0.1 for itself,
# the rest will be made available to clients.
# Each client will be able to reach the server
# on 10.8.0.1. Comment this line out if you are
# ethernet bridging. See the man page for more info.
server 10.8.0.0 255.255.255.0

# Maintain a record of client <-> virtual IP address
# associations in this file. If OpenVPN goes down or
# is restarted, reconnecting clients can be assigned
# the same virtual IP address from the pool that was
# previously assigned.
ifconfig-pool-persist ipp.txt

# Configure server mode for ethernet bridging.
# You must first use your OS's bridging capability
# to bridge the TAP interface with the ethernet
# NIC interface. Then you must manually set the
# IP/netmask on the bridge interface, here we
# assume 10.8.0.4/255.255.255.0. Finally we
# must set aside an IP range in this subnet
# (start=10.8.0.50 end=10.8.0.100) to allocate
# to connecting clients. Leave this line commented
# out unless you are ethernet bridging.
;server-bridge 10.8.0.4 255.255.255.0 10.8.0.50 10.8.0.100

# Configure server mode for ethernet bridging
# using a DHCP-proxy, where clients talk
# to the OpenVPN server-side DHCP server
# to receive their IP address allocation
# and DNS server addresses. You must first use
# your OS's bridging capability to bridge the TAP
# interface with the ethernet NIC interface.
# Note: this mode only works on clients (such as
# Windows), where the client-side TAP adapter is
# bound to a DHCP client.
;server-bridge

# Push routes to the client to allow it
# to reach other private subnets behind
# the server. Remember that these
# private subnets will also need
# to know to route the OpenVPN client
# address pool (10.8.0.0/255.255.255.0)
# back to the OpenVPN server.
;push "route 192.168.10.0 255.255.255.0"
;push "route 192.168.20.0 255.255.255.0"

# To assign specific IP addresses to specific
# clients or if a connecting client has a private
# subnet behind it that should also have VPN access,
# use the subdirectory "ccd" for client-specific
# configuration files (see man page for more info).

# EXAMPLE: Suppose the client
# having the certificate common name "Thelonious"
# also has a small subnet behind his connecting
# machine, such as 192.168.40.128/255.255.255.248.
# First, uncomment out these lines:
;client-config-dir ccd
;route 192.168.40.128 255.255.255.248
# Then create a file ccd/Thelonious with this line:
# iroute 192.168.40.128 255.255.255.248
# This will allow Thelonious' private subnet to
# access the VPN. This example will only work
# if you are routing, not bridging, i.e. you are
# using "dev tun" and "server" directives.

# EXAMPLE: Suppose you want to give
# Thelonious a fixed VPN IP address of 10.9.0.1.
# First uncomment out these lines:
;client-config-dir ccd
;route 10.9.0.0 255.255.255.252
# Then add this line to ccd/Thelonious:
# ifconfig-push 10.9.0.1 10.9.0.2

# Suppose that you want to enable different
# firewall access policies for different groups
# of clients. There are two methods:
# (1) Run multiple OpenVPN daemons, one for each
# group, and firewall the TUN/TAP interface
# for each group/daemon appropriately.
# (2) (Advanced) Create a script to dynamically
# modify the firewall in response to access
# from different clients. See man
# page for more info on learn-address script.
;learn-address ./script

# If enabled, this directive will configure
# all clients to redirect their default
# network gateway through the VPN, causing
# all IP traffic such as web browsing and
# and DNS lookups to go through the VPN
# (The OpenVPN server machine may need to NAT
# or bridge the TUN/TAP interface to the internet
# in order for this to work properly).
push "redirect-gateway def1 bypass-dhcp"

# Certain Windows-specific network settings
# can be pushed to clients, such as DNS
# or WINS server addresses. CAVEAT:
# http://openvpn.net/faq.html#dhcpcaveats
# The addresses below refer to the public
# DNS servers provided by opendns.com.
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"
push "block-outside-dns"

# Uncomment this directive to allow different
# clients to be able to "see" each other.
# By default, clients will only see the server.
# To force clients to only see the server, you
# will also need to appropriately firewall the
# server's TUN/TAP interface.
;client-to-client

# Uncomment this directive if multiple clients
# might connect with the same certificate/key
# files or common names. This is recommended
# only for testing purposes. For production use,
# each client should have its own certificate/key
# pair.
#
# IF YOU HAVE NOT GENERATED INDIVIDUAL
# CERTIFICATE/KEY PAIRS FOR EACH CLIENT,
# EACH HAVING ITS OWN UNIQUE "COMMON NAME",
# UNCOMMENT THIS LINE OUT.
;duplicate-cn

# The keepalive directive causes ping-like
# messages to be sent back and forth over
# the link so that each side knows when
# the other side has gone down.
# Ping every 10 seconds, assume that remote
# peer is down if no ping received during
# a 120 second time period.
keepalive 10 120

# For extra security beyond that provided
# by SSL/TLS, create an "HMAC firewall"
# to help block DoS attacks and UDP port flooding.
#
# Generate with:
# openvpn --genkey --secret ta.key
#
# The server and each client must have
# a copy of this key.
# The second parameter should be '0'
# on the server and '1' on the clients.
tls-auth ta.key 0 # This file is secret
key-direction 0

# Select a cryptographic cipher.
# This config item must be copied to
# the client config file as well.
;cipher BF-CBC # Blowfish (default)
cipher AES-128-CBC # AES
auth SHA256
;cipher DES-EDE3-CBC # Triple-DES

# Enable compression on the VPN link.
# If you enable it here, you must also
# enable it in the client config file.
comp-lzo

# The maximum number of concurrently connected
# clients we want to allow.
;max-clients 100

# It's a good idea to reduce the OpenVPN
# daemon's privileges after initialization.
#
# You can uncomment this out on
# non-Windows systems.
user nobody
group nogroup

# The persist options will try to avoid
# accessing certain resources on restart
# that may no longer be accessible because
# of the privilege downgrade.
persist-key
persist-tun

# Output a short status file showing
# current connections, truncated
# and rewritten every minute.
status openvpn-status.log

# By default, log messages will go to the syslog (or
# on Windows, if running as a service, they will go to
# the "\Program Files\OpenVPN\log" directory).
# Use log or log-append to override this default.
# "log" will truncate the log file on OpenVPN startup,
# while "log-append" will append to it. Use one
# or the other (but not both).
;log openvpn.log
;log-append openvpn.log

# Set the appropriate level of log
# file verbosity.
#
# 0 is silent, except for fatal errors
# 4 is reasonable for general usage
# 5 and 6 can help to debug connection problems
# 9 is extremely verbose
verb 3

# Silence repeating messages. At most 20
# sequential messages of the same message
# category will be output to the log.
;mute 20


And client configuration:
Client Config
##############################################
# Sample client-side OpenVPN 2.0 config file #
# for connecting to multi-client server. #
# #
# This configuration can be used by multiple #
# clients, however each client should have #
# its own cert and key files. #
# #
# On Windows, you might want to rename this #
# file so it has a .ovpn extension #
##############################################

# Specify that we are a client and that we
# will be pulling certain config file directives
# from the server.
client

# Use the same setting as you are using on
# the server.
# On most systems, the VPN will not function
# unless you partially or fully disable
# the firewall for the TUN/TAP interface.
;dev tap
dev tun

# Windows needs the TAP-Win32 adapter name
# from the Network Connections panel
# if you have more than one. On XP SP2,
# you may need to disable the firewall
# for the TAP adapter.
;dev-node MyTap

# Are we connecting to a TCP or
# UDP server? Use the same setting as
# on the server.
;proto tcp
proto udp

# The hostname/IP and port of the server.
# You can have multiple remote entries
# to load balance between the servers.
remote xxx.xxx.xx.xxx 1194
;remote my-server-2 1194

# Choose a random host from the remote
# list for load-balancing. Otherwise
# try hosts in the order specified.
;remote-random

# Keep trying indefinitely to resolve the
# host name of the OpenVPN server. Very useful
# on machines which are not permanently connected
# to the internet such as laptops.
resolv-retry infinite

# Most clients don't need to bind to
# a specific local port number.
nobind

# Downgrade privileges after initialization (non-Windows only)
user nobody
group nogroup

# Try to preserve some state across restarts.
persist-key
persist-tun

# If you are connecting through an
# HTTP proxy to reach the actual OpenVPN
# server, put the proxy server/IP and
# port number here. See the man page
# if your proxy server requires
# authentication.
;http-proxy-retry # retry on connection failures
;http-proxy [proxy server] [proxy port #]

# Wireless networks often produce a lot
# of duplicate packets. Set this flag
# to silence duplicate packet warnings.
;mute-replay-warnings

# SSL/TLS parms.
# See the server config file for more
# description. It's best to use
# a separate .crt/.key file pair
# for each client. A single ca
# file can be used for all clients.
#ca ca.crt
#cert client.crt
#key client.key

# Verify server certificate by checking that the
# certicate has the correct key usage set.
# This is an important precaution to protect against
# a potential attack discussed here:
# http://openvpn.net/howto.html#mitm
#
# To use this feature, you will need to generate
# your server certificates with the keyUsage set to
# digitalSignature, keyEncipherment
# and the extendedKeyUsage to
# serverAuth
# EasyRSA can do this for you.
remote-cert-tls server

# If a tls-auth key is used on the server
# then every client must also have the key.
;tls-auth ta.key 1

# Select a cryptographic cipher.
# If the cipher option is used on the server
# then you must also specify it here.
cipher AES-128-CBC
auth SHA256

# Enable compression on the VPN link.
# Don't enable this unless it is also
# enabled in the server config file.
comp-lzo

# Set log file verbosity.
verb 3

# Silence repeating messages
;mute 20

key-direction 1

# script-security 2
# up /etc/openvpn/update-resolv-conf
# down /etc/openvpn/update-resolv-conf

block-outside-dns

<ca>
-----BEGIN CERTIFICATE-----
*** CUT ***
-----END CERTIFICATE-----
</ca>
<cert>
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
[...]
Validity
Not Before: Jul 28 00:56:21 2017 GMT
Not After : Jul 26 00:56:21 2027 GMT
[...]
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
[.....]
-----BEGIN CERTIFICATE-----
*** CUT ***
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN ENCRYPTED PRIVATE KEY-----
*** CUT ***
-----END ENCRYPTED PRIVATE KEY-----
</key>
<tls-auth>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
*** CUT ***
-----END OpenVPN Static key V1-----
</tls-auth>

dredghawl
OpenVpn Newbie
Posts: 11
Joined: Wed Oct 11, 2017 2:09 pm

Re: TLS Error: Unroutable control packet received

Post by dredghawl » Mon Nov 06, 2017 6:03 pm

Quick addition: I googled the issue and the first result was suggesting that the clock/date of client and/or server are out of sync. But both are pretty much in sync. My local clock is set to fetch the date automatically and the server's (it's Ubuntu running on the server) is set by using

Code: Select all

sudo dpkg-reconfigure tzdata
I even tried to set the server to my local timezone, tried changing my local clock to +1 (so reverted the daylight saving change), tried setting the server's clock to my local time with and without daylight saving change by using

Code: Select all

date 102904582017.00
But all to no avail.

dredghawl
OpenVpn Newbie
Posts: 11
Joined: Wed Oct 11, 2017 2:09 pm

Re: TLS Error: Unroutable control packet received

Post by dredghawl » Wed Nov 08, 2017 8:28 am

Does nobody have an idea what the problem could be?

User avatar
Pippin
Forum Team
Posts: 1201
Joined: Wed Jul 01, 2015 8:03 am
Location: irc://irc.libera.chat:6697/openvpn

Re: TLS Error: Unroutable control packet received

Post by Pippin » Wed Nov 08, 2017 10:40 am

What you posted, server and client log, there is a difference of one hour...

dredghawl
OpenVpn Newbie
Posts: 11
Joined: Wed Oct 11, 2017 2:09 pm

Re: TLS Error: Unroutable control packet received

Post by dredghawl » Wed Nov 08, 2017 12:39 pm

Because the server is in Warsaw, so set to Warsaw timezone.

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: TLS Error: Unroutable control packet received

Post by TinCanTech » Wed Nov 08, 2017 1:18 pm

dredghawl wrote:
Mon Nov 06, 2017 6:03 pm
TLS Error: Unroutable control packet received
It is difficult to say but .. this is what the source has:

Code: Select all

                /*
                 * Packet must belong to an existing session.
                 */
                if (i != TM_ACTIVE && i != TM_UNTRUSTED)
                {
                    msg(D_TLS_ERRORS,
                        "TLS Error: Unroutable control packet received from %s (si=%d op=%s)",
                        print_link_socket_actual(from, &gc),
                        i,
                        packet_opcode_name(op));
                    goto error;
                }
So it would seem that the packet does not belong to an existing session .. try removing these from the client config:

Code: Select all

persist-key
persist-tun
Also, set --verb 4 in your configs and post the new logs (if you still get the error).

dredghawl
OpenVpn Newbie
Posts: 11
Joined: Wed Oct 11, 2017 2:09 pm

Re: TLS Error: Unroutable control packet received

Post by dredghawl » Wed Nov 08, 2017 6:37 pm

Done that and also changed the time zone of the VPS to my local one. Same result:

Client log:

Code: Select all

Wed Nov 08 20:23:57 2017   pkcs11_protected_authentication = DISABLED
Wed Nov 08 20:23:57 2017   pkcs11_private_mode = 00000000
Wed Nov 08 20:23:57 2017   pkcs11_private_mode = 00000000
Wed Nov 08 20:23:57 2017   pkcs11_private_mode = 00000000
Wed Nov 08 20:23:57 2017   pkcs11_private_mode = 00000000
Wed Nov 08 20:23:57 2017   pkcs11_private_mode = 00000000
Wed Nov 08 20:23:57 2017   pkcs11_private_mode = 00000000
Wed Nov 08 20:23:57 2017   pkcs11_private_mode = 00000000
Wed Nov 08 20:23:57 2017   pkcs11_private_mode = 00000000
Wed Nov 08 20:23:57 2017   pkcs11_private_mode = 00000000
Wed Nov 08 20:23:57 2017   pkcs11_private_mode = 00000000
Wed Nov 08 20:23:57 2017   pkcs11_private_mode = 00000000
Wed Nov 08 20:23:57 2017   pkcs11_private_mode = 00000000
Wed Nov 08 20:23:57 2017   pkcs11_private_mode = 00000000
Wed Nov 08 20:23:57 2017   pkcs11_private_mode = 00000000
Wed Nov 08 20:23:57 2017   pkcs11_private_mode = 00000000
Wed Nov 08 20:23:57 2017   pkcs11_private_mode = 00000000
Wed Nov 08 20:23:57 2017   pkcs11_cert_private = DISABLED
Wed Nov 08 20:23:57 2017   pkcs11_cert_private = DISABLED
Wed Nov 08 20:23:57 2017   pkcs11_cert_private = DISABLED
Wed Nov 08 20:23:57 2017   pkcs11_cert_private = DISABLED
Wed Nov 08 20:23:57 2017   pkcs11_cert_private = DISABLED
Wed Nov 08 20:23:57 2017   pkcs11_cert_private = DISABLED
Wed Nov 08 20:23:57 2017   pkcs11_cert_private = DISABLED
Wed Nov 08 20:23:57 2017   pkcs11_cert_private = DISABLED
Wed Nov 08 20:23:57 2017   pkcs11_cert_private = DISABLED
Wed Nov 08 20:23:57 2017   pkcs11_cert_private = DISABLED
Wed Nov 08 20:23:57 2017   pkcs11_cert_private = DISABLED
Wed Nov 08 20:23:57 2017   pkcs11_cert_private = DISABLED
Wed Nov 08 20:23:57 2017   pkcs11_cert_private = DISABLED
Wed Nov 08 20:23:57 2017   pkcs11_cert_private = DISABLED
Wed Nov 08 20:23:57 2017   pkcs11_cert_private = DISABLED
Wed Nov 08 20:23:57 2017   pkcs11_cert_private = DISABLED
Wed Nov 08 20:23:57 2017   pkcs11_pin_cache_period = -1
Wed Nov 08 20:23:57 2017   pkcs11_id = '[UNDEF]'
Wed Nov 08 20:23:57 2017   pkcs11_id_management = DISABLED
Wed Nov 08 20:23:57 2017   server_network = 0.0.0.0
Wed Nov 08 20:23:57 2017   server_netmask = 0.0.0.0
Wed Nov 08 20:23:57 2017   server_network_ipv6 = ::
Wed Nov 08 20:23:57 2017   server_netbits_ipv6 = 0
Wed Nov 08 20:23:57 2017   server_bridge_ip = 0.0.0.0
Wed Nov 08 20:23:57 2017   server_bridge_netmask = 0.0.0.0
Wed Nov 08 20:23:57 2017   server_bridge_pool_start = 0.0.0.0
Wed Nov 08 20:23:57 2017   server_bridge_pool_end = 0.0.0.0
Wed Nov 08 20:23:57 2017   ifconfig_pool_defined = DISABLED
Wed Nov 08 20:23:57 2017   ifconfig_pool_start = 0.0.0.0
Wed Nov 08 20:23:57 2017   ifconfig_pool_end = 0.0.0.0
Wed Nov 08 20:23:57 2017   ifconfig_pool_netmask = 0.0.0.0
Wed Nov 08 20:23:57 2017   ifconfig_pool_persist_filename = '[UNDEF]'
Wed Nov 08 20:23:57 2017   ifconfig_pool_persist_refresh_freq = 600
Wed Nov 08 20:23:57 2017   ifconfig_ipv6_pool_defined = DISABLED
Wed Nov 08 20:23:57 2017   ifconfig_ipv6_pool_base = ::
Wed Nov 08 20:23:57 2017   ifconfig_ipv6_pool_netbits = 0
Wed Nov 08 20:23:57 2017   n_bcast_buf = 256
Wed Nov 08 20:23:57 2017   tcp_queue_limit = 64
Wed Nov 08 20:23:57 2017   real_hash_size = 256
Wed Nov 08 20:23:57 2017   virtual_hash_size = 256
Wed Nov 08 20:23:57 2017   client_connect_script = '[UNDEF]'
Wed Nov 08 20:23:57 2017   learn_address_script = '[UNDEF]'
Wed Nov 08 20:23:57 2017   client_disconnect_script = '[UNDEF]'
Wed Nov 08 20:23:57 2017   client_config_dir = '[UNDEF]'
Wed Nov 08 20:23:57 2017   ccd_exclusive = DISABLED
Wed Nov 08 20:23:57 2017   tmp_dir = 'C:\Users\PHN0MNN\AppData\Local\Temp\'
Wed Nov 08 20:23:57 2017   push_ifconfig_defined = DISABLED
Wed Nov 08 20:23:57 2017   push_ifconfig_local = 0.0.0.0
Wed Nov 08 20:23:57 2017   push_ifconfig_remote_netmask = 0.0.0.0
Wed Nov 08 20:23:57 2017   push_ifconfig_ipv6_defined = DISABLED
Wed Nov 08 20:23:57 2017   push_ifconfig_ipv6_local = ::/0
Wed Nov 08 20:23:57 2017   push_ifconfig_ipv6_remote = ::
Wed Nov 08 20:23:57 2017   enable_c2c = DISABLED
Wed Nov 08 20:23:57 2017   duplicate_cn = DISABLED
Wed Nov 08 20:23:57 2017   cf_max = 0
Wed Nov 08 20:23:57 2017   cf_per = 0
Wed Nov 08 20:23:57 2017   max_clients = 1024
Wed Nov 08 20:23:57 2017   max_routes_per_client = 256
Wed Nov 08 20:23:57 2017   auth_user_pass_verify_script = '[UNDEF]'
Wed Nov 08 20:23:57 2017   auth_user_pass_verify_script_via_file = DISABLED
Wed Nov 08 20:23:57 2017   auth_token_generate = DISABLED
Wed Nov 08 20:23:57 2017   auth_token_lifetime = 0
Wed Nov 08 20:23:57 2017   client = ENABLED
Wed Nov 08 20:23:57 2017   pull = ENABLED
Wed Nov 08 20:23:57 2017   auth_user_pass_file = '[UNDEF]'
Wed Nov 08 20:23:57 2017   show_net_up = DISABLED
Wed Nov 08 20:23:57 2017   route_method = 0
Wed Nov 08 20:23:57 2017   block_outside_dns = ENABLED
Wed Nov 08 20:23:57 2017   ip_win32_defined = DISABLED
Wed Nov 08 20:23:57 2017   ip_win32_type = 3
Wed Nov 08 20:23:57 2017   dhcp_masq_offset = 0
Wed Nov 08 20:23:57 2017   dhcp_lease_time = 31536000
Wed Nov 08 20:23:57 2017   tap_sleep = 0
Wed Nov 08 20:23:57 2017   dhcp_options = DISABLED
Wed Nov 08 20:23:57 2017   dhcp_renew = DISABLED
Wed Nov 08 20:23:57 2017   dhcp_pre_release = DISABLED
Wed Nov 08 20:23:57 2017   domain = '[UNDEF]'
Wed Nov 08 20:23:57 2017   netbios_scope = '[UNDEF]'
Wed Nov 08 20:23:57 2017   netbios_node_type = 0
Wed Nov 08 20:23:57 2017   disable_nbt = DISABLED
Wed Nov 08 20:23:57 2017 OpenVPN 2.4.4 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Sep 26 2017
Wed Nov 08 20:23:57 2017 Windows version 6.2 (Windows 8 or greater) 64bit
Wed Nov 08 20:23:57 2017 library versions: OpenSSL 1.0.2l  25 May 2017, LZO 2.10
Wed Nov 08 20:23:57 2017 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Wed Nov 08 20:23:57 2017 Need hold release from management interface, waiting...
Wed Nov 08 20:23:58 2017 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Wed Nov 08 20:23:58 2017 MANAGEMENT: CMD 'state on'
Wed Nov 08 20:23:58 2017 MANAGEMENT: CMD 'log all on'
Wed Nov 08 20:23:58 2017 MANAGEMENT: CMD 'echo all on'
Wed Nov 08 20:23:58 2017 MANAGEMENT: CMD 'hold off'
Wed Nov 08 20:23:58 2017 MANAGEMENT: CMD 'hold release'
Wed Nov 08 20:24:06 2017 MANAGEMENT: CMD 'password [...]'
Wed Nov 08 20:24:06 2017 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Wed Nov 08 20:24:06 2017 Outgoing Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Wed Nov 08 20:24:06 2017 Incoming Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Wed Nov 08 20:24:06 2017 LZO compression initializing
Wed Nov 08 20:24:06 2017 Control Channel MTU parms [ L:1622 D:1172 EF:78 EB:0 ET:0 EL:3 ]
Wed Nov 08 20:24:06 2017 Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
Wed Nov 08 20:24:06 2017 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1570,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher AES-128-CBC,auth SHA256,keysize 128,tls-auth,key-method 2,tls-client'
Wed Nov 08 20:24:06 2017 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1570,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 0,cipher AES-128-CBC,auth SHA256,keysize 128,tls-auth,key-method 2,tls-server'
Wed Nov 08 20:24:06 2017 TCP/UDP: Preserving recently used remote address: [AF_INET]xxx.xxx.xx.xxx:1194
Wed Nov 08 20:24:06 2017 Socket Buffers: R=[65536->65536] S=[65536->65536]
Wed Nov 08 20:24:06 2017 UDP link local: (not bound)
Wed Nov 08 20:24:06 2017 UDP link remote: [AF_INET]xxx.xxx.xx.xxx:1194
Wed Nov 08 20:24:06 2017 MANAGEMENT: >STATE:1510165446,WAIT,,,,,,
Wed Nov 08 20:24:08 2017 TLS Error: Unroutable control packet received from [AF_INET]xxx.xxx.xx.xxx:1194 (si=3 op=P_ACK_V1)
Wed Nov 08 20:24:21 2017 TLS Error: Unroutable control packet received from [AF_INET]xxx.xxx.xx.xxx:1194 (si=3 op=P_ACK_V1)
Wed Nov 08 20:25:06 2017 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Wed Nov 08 20:25:06 2017 TLS Error: TLS handshake failed
Wed Nov 08 20:25:06 2017 TCP/UDP: Closing socket
Wed Nov 08 20:25:06 2017 SIGUSR1[soft,tls-error] received, process restarting
Wed Nov 08 20:25:06 2017 MANAGEMENT: >STATE:1510165506,RECONNECTING,tls-error,,,,,
Wed Nov 08 20:25:06 2017 Restart pause, 5 second(s)
Server log:

Code: Select all

Nov  8 20:21:05 vps436657 ovpn-server[1412]: Current Parameter Settings:
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   config = '/etc/openvpn/server.conf'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   mode = 1
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   persist_config = DISABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   persist_mode = 1
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   show_ciphers = DISABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   show_digests = DISABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   show_engines = DISABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   genkey = DISABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   key_pass_file = '[UNDEF]'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   show_tls_ciphers = DISABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]: Connection profiles [default]:
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   proto = udp
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   local = '[UNDEF]'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   local_port = 1194
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   remote = '[UNDEF]'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   remote_port = 1194
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   remote_float = DISABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   bind_defined = DISABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   bind_local = ENABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   connect_retry_seconds = 5
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   connect_timeout = 10
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   connect_retry_max = 0
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   socks_proxy_server = '[UNDEF]'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   socks_proxy_port = 0
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   socks_proxy_retry = DISABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   tun_mtu = 1500
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   tun_mtu_defined = ENABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   link_mtu = 1500
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   link_mtu_defined = DISABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   tun_mtu_extra = 0
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   tun_mtu_extra_defined = DISABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   mtu_discover_type = -1
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   fragment = 0
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   mssfix = 1450
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   explicit_exit_notification = 0
Nov  8 20:21:05 vps436657 ovpn-server[1412]: Connection profiles END
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   remote_random = DISABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   ipchange = '[UNDEF]'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   dev = 'tun'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   dev_type = '[UNDEF]'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   dev_node = '[UNDEF]'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   lladdr = '[UNDEF]'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   topology = 1
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   tun_ipv6 = DISABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   ifconfig_local = '10.8.0.1'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   ifconfig_remote_netmask = '10.8.0.2'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   ifconfig_noexec = DISABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   ifconfig_nowarn = DISABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   ifconfig_ipv6_local = '[UNDEF]'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   ifconfig_ipv6_netbits = 0
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   ifconfig_ipv6_remote = '[UNDEF]'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   shaper = 0
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   mtu_test = 0
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   mlock = DISABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   keepalive_ping = 10
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   keepalive_timeout = 120
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   inactivity_timeout = 0
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   ping_send_timeout = 10
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   ping_rec_timeout = 240
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   ping_rec_timeout_action = 2
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   ping_timer_remote = DISABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   remap_sigusr1 = 0
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   persist_tun = ENABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   persist_local_ip = DISABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   persist_remote_ip = DISABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   persist_key = ENABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   passtos = DISABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   resolve_retry_seconds = 1000000000
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   username = 'nobody'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   groupname = 'nogroup'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   chroot_dir = '[UNDEF]'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   cd_dir = '/etc/openvpn'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   writepid = '/run/openvpn/server.pid'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   up_script = '[UNDEF]'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   down_script = '[UNDEF]'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   down_pre = DISABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   up_restart = DISABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   up_delay = DISABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   daemon = ENABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   inetd = 0
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   log = DISABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   suppress_timestamps = DISABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   nice = 0
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   verbosity = 6
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   mute = 0
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   gremlin = 0
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   status_file = 'openvpn-status.log'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   status_file_version = 1
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   status_file_update_freq = 10
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   occ = ENABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   rcvbuf = 0
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   sndbuf = 0
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   mark = 0
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   sockflags = 0
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   fast_io = DISABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   lzo = 7
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   route_script = '[UNDEF]'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   route_default_gateway = '[UNDEF]'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   route_default_metric = 0
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   route_noexec = DISABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   route_delay = 0
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   route_delay_window = 30
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   route_delay_defined = DISABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   route_nopull = DISABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   route_gateway_via_dhcp = DISABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   max_routes = 100
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   allow_pull_fqdn = DISABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   route 10.8.0.0/255.255.255.0/nil/nil
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   management_addr = '[UNDEF]'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   management_port = 0
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   management_user_pass = '[UNDEF]'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   management_log_history_cache = 250
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   management_echo_buffer_size = 100
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   management_write_peer_info_file = '[UNDEF]'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   management_client_user = '[UNDEF]'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   management_client_group = '[UNDEF]'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   management_flags = 0
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   shared_secret_file = '[UNDEF]'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   key_direction = 1
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   ciphername_defined = ENABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   ciphername = 'AES-128-CBC'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   authname_defined = ENABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   authname = 'SHA256'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   prng_hash = 'SHA1'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   prng_nonce_secret_len = 16
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   keysize = 0
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   engine = DISABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   replay = ENABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   mute_replay_warnings = DISABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   replay_window = 64
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   replay_time = 15
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   packet_id_file = '[UNDEF]'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   use_iv = ENABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   test_crypto = DISABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   tls_server = ENABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   tls_client = DISABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   key_method = 2
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   ca_file = 'ca.crt'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   ca_path = '[UNDEF]'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   dh_file = 'dh2048.pem'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   cert_file = 'server.crt'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   extra_certs_file = '[UNDEF]'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   priv_key_file = 'server.key'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   pkcs12_file = '[UNDEF]'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   cipher_list = '[UNDEF]'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   tls_verify = '[UNDEF]'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   tls_export_cert = '[UNDEF]'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   verify_x509_type = 0
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   verify_x509_name = '[UNDEF]'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   crl_file = '[UNDEF]'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   ns_cert_type = 0
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   remote_cert_ku[i] = 0
Nov  8 20:21:05 vps436657 ovpn-server[1412]: message repeated 15 times: [   remote_cert_ku[i] = 0]
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   remote_cert_eku = '[UNDEF]'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   ssl_flags = 0
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   tls_timeout = 2
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   renegotiate_bytes = 0
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   renegotiate_packets = 0
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   renegotiate_seconds = 3600
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   handshake_window = 60
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   transition_window = 3600
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   single_session = DISABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   push_peer_info = DISABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   tls_exit = DISABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   tls_auth_file = 'ta.key'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   pkcs11_protected_authentication = DISABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]: message repeated 15 times: [   pkcs11_protected_authentication = DISABLED]
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   pkcs11_private_mode = 00000000
Nov  8 20:21:05 vps436657 ovpn-server[1412]: message repeated 15 times: [   pkcs11_private_mode = 00000000]
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   pkcs11_cert_private = DISABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]: message repeated 15 times: [   pkcs11_cert_private = DISABLED]
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   pkcs11_pin_cache_period = -1
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   pkcs11_id = '[UNDEF]'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   pkcs11_id_management = DISABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   server_network = 10.8.0.0
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   server_netmask = 255.255.255.0
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   server_network_ipv6 = ::
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   server_netbits_ipv6 = 0
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   server_bridge_ip = 0.0.0.0
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   server_bridge_netmask = 0.0.0.0
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   server_bridge_pool_start = 0.0.0.0
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   server_bridge_pool_end = 0.0.0.0
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   push_entry = 'redirect-gateway def1 bypass-dhcp'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   push_entry = 'dhcp-option DNS 208.67.222.222'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   push_entry = 'dhcp-option DNS 208.67.220.220'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   push_entry = 'block-outside-dns'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   push_entry = 'route 10.8.0.1'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   push_entry = 'topology net30'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   push_entry = 'ping 10'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   push_entry = 'ping-restart 120'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   ifconfig_pool_defined = ENABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   ifconfig_pool_start = 10.8.0.4
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   ifconfig_pool_end = 10.8.0.251
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   ifconfig_pool_netmask = 0.0.0.0
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   ifconfig_pool_persist_filename = 'ipp.txt'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   ifconfig_pool_persist_refresh_freq = 600
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   ifconfig_ipv6_pool_defined = DISABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   ifconfig_ipv6_pool_base = ::
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   ifconfig_ipv6_pool_netbits = 0
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   n_bcast_buf = 256
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   tcp_queue_limit = 64
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   real_hash_size = 256
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   virtual_hash_size = 256
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   client_connect_script = '[UNDEF]'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   learn_address_script = '[UNDEF]'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   client_disconnect_script = '[UNDEF]'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   client_config_dir = '[UNDEF]'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   ccd_exclusive = DISABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   tmp_dir = '/tmp'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   push_ifconfig_defined = DISABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   push_ifconfig_local = 0.0.0.0
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   push_ifconfig_remote_netmask = 0.0.0.0
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   push_ifconfig_ipv6_defined = DISABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   push_ifconfig_ipv6_local = ::/0
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   push_ifconfig_ipv6_remote = ::
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   enable_c2c = DISABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   duplicate_cn = DISABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   cf_max = 0
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   cf_per = 0
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   max_clients = 1024
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   max_routes_per_client = 256
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   auth_user_pass_verify_script = '[UNDEF]'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   auth_user_pass_verify_script_via_file = DISABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   port_share_host = '[UNDEF]'
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   port_share_port = 0
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   client = DISABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   pull = DISABLED
Nov  8 20:21:05 vps436657 ovpn-server[1412]:   auth_user_pass_file = '[UNDEF]'
Nov  8 20:21:05 vps436657 ovpn-server[1412]: OpenVPN 2.3.10 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jun 22 2017
Nov  8 20:21:05 vps436657 ovpn-server[1412]: library versions: OpenSSL 1.0.2g  1 Mar 2016, LZO 2.08
Nov  8 20:21:05 vps436657 ovpn-server[1458]: Diffie-Hellman initialized with 2048 bit key
Nov  8 20:21:05 vps436657 ovpn-server[1458]: Control Channel Authentication: using 'ta.key' as a OpenVPN static key file
Nov  8 20:21:05 vps436657 ovpn-server[1458]: Outgoing Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Nov  8 20:21:05 vps436657 ovpn-server[1458]: Incoming Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Nov  8 20:21:05 vps436657 ovpn-server[1458]: TLS-Auth MTU parms [ L:1570 D:1172 EF:78 EB:0 ET:0 EL:3 ]
Nov  8 20:21:05 vps436657 ovpn-server[1458]: Socket Buffers: R=[212992->212992] S=[212992->212992]
Nov  8 20:21:05 vps436657 ovpn-server[1458]: ROUTE_GATEWAY 145.239.80.1
Nov  8 20:21:05 vps436657 ovpn-server[1458]: TUN/TAP device tun0 opened
Nov  8 20:21:05 vps436657 ovpn-server[1458]: TUN/TAP TX queue length set to 100
Nov  8 20:21:05 vps436657 ovpn-server[1458]: do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Nov  8 20:21:05 vps436657 ovpn-server[1458]: /sbin/ip link set dev tun0 up mtu 1500
Nov  8 20:21:05 vps436657 ovpn-server[1458]: /sbin/ip addr add dev tun0 local 10.8.0.1 peer 10.8.0.2
Nov  8 20:21:05 vps436657 ovpn-server[1458]: /sbin/ip route add 10.8.0.0/24 via 10.8.0.2
Nov  8 20:21:05 vps436657 ovpn-server[1458]: Data Channel MTU parms [ L:1570 D:1450 EF:70 EB:143 ET:0 EL:3 AF:3/1 ]
Nov  8 20:21:05 vps436657 ovpn-server[1458]: GID set to nogroup
Nov  8 20:21:05 vps436657 ovpn-server[1458]: UID set to nobody
Nov  8 20:21:05 vps436657 ovpn-server[1458]: UDPv4 link local (bound): [undef]
Nov  8 20:21:05 vps436657 ovpn-server[1458]: UDPv4 link remote: [undef]
Nov  8 20:21:05 vps436657 ovpn-server[1458]: MULTI: multi_init called, r=256 v=256
Nov  8 20:21:05 vps436657 ovpn-server[1458]: IFCONFIG POOL: base=10.8.0.4 size=62, ipv6=0
Nov  8 20:21:05 vps436657 ovpn-server[1458]: ifconfig_pool_read(), in='phn0mnn,10.8.0.4', TODO: IPv6
Nov  8 20:21:05 vps436657 ovpn-server[1458]: succeeded -> ifconfig_pool_set()
Nov  8 20:21:05 vps436657 ovpn-server[1458]: ifconfig_pool_read(), in='phn0mnn,10.8.0.8', TODO: IPv6
Nov  8 20:21:05 vps436657 ovpn-server[1458]: succeeded -> ifconfig_pool_set()
Nov  8 20:21:05 vps436657 ovpn-server[1458]: IFCONFIG POOL LIST
Nov  8 20:21:05 vps436657 ovpn-server[1458]: phn0mnn,10.8.0.4
Nov  8 20:21:05 vps436657 ovpn-server[1458]: phn0mnn,10.8.0.8
Nov  8 20:21:05 vps436657 ovpn-server[1458]: Initialization Sequence Completed
Nov  8 20:24:06 vps436657 ovpn-server[1458]: MULTI: multi_create_instance called
Nov  8 20:24:06 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:52673 Re-using SSL/TLS context
Nov  8 20:24:06 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:52673 LZO compression initialized
Nov  8 20:24:06 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:52673 Control Channel MTU parms [ L:1570 D:1172 EF:78 EB:0 ET:0 EL:3 ]
Nov  8 20:24:06 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:52673 Data Channel MTU parms [ L:1570 D:1450 EF:70 EB:143 ET:0 EL:3 AF:3/1 ]
Nov  8 20:24:06 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:52673 Local Options String: 'V4,dev-type tun,link-mtu 1570,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 0,cipher AES-128-CBC,auth SHA256,keysize 128,tls-auth,key-method 2,tls-server'
Nov  8 20:24:06 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:52673 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1570,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher AES-128-CBC,auth SHA256,keysize 128,tls-auth,key-method 2,tls-client'
Nov  8 20:24:06 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:52673 Local Options hash (VER=V4): '1089825c'
Nov  8 20:24:06 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:52673 Expected Remote Options hash (VER=V4): '6907942a'
Nov  8 20:24:06 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:52673 UDPv4 READ [54] from [AF_INET]yyy.yyy.yyy.yy:52673: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 pid=[ #1 ] [ ] pid=0 DATA len=0
Nov  8 20:24:06 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:52673 TLS: Initial packet from [AF_INET]yyy.yyy.yyy.yy:52673, sid=4bc13bf9 993638ee
Nov  8 20:24:06 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:52673 UDPv4 WRITE [66] to [AF_INET]yyy.yyy.yyy.yy:52673: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 pid=[ #1 ] [ 0 ] pid=0 DATA len=0
Nov  8 20:24:08 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:52673 UDPv4 WRITE [54] to [AF_INET]yyy.yyy.yyy.yy:52673: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 pid=[ #2 ] [ ] pid=0 DATA len=0
Nov  8 20:24:08 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:52673 UDPv4 READ [54] from [AF_INET]yyy.yyy.yyy.yy:52673: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 pid=[ #2 ] [ ] pid=0 DATA len=0
Nov  8 20:24:08 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:52673 UDPv4 WRITE [62] to [AF_INET]yyy.yyy.yyy.yy:52673: P_ACK_V1 kid=0 pid=[ #3 ] [ 0 ]
Nov  8 20:24:12 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:52673 UDPv4 READ [54] from [AF_INET]yyy.yyy.yyy.yy:52673: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 pid=[ #3 ] [ ] pid=0 DATA len=0
Nov  8 20:24:12 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:52673 UDPv4 WRITE [66] to [AF_INET]yyy.yyy.yyy.yy:52673: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 pid=[ #4 ] [ 0 ] pid=0 DATA len=0
Nov  8 20:24:20 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:52673 UDPv4 WRITE [54] to [AF_INET]yyy.yyy.yyy.yy:52673: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 pid=[ #5 ] [ ] pid=0 DATA len=0
Nov  8 20:24:21 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:52673 UDPv4 READ [54] from [AF_INET]yyy.yyy.yyy.yy:52673: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 pid=[ #4 ] [ ] pid=0 DATA len=0
Nov  8 20:24:21 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:52673 UDPv4 WRITE [62] to [AF_INET]yyy.yyy.yyy.yy:52673: P_ACK_V1 kid=0 pid=[ #6 ] [ 0 ]
Nov  8 20:24:36 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:52673 UDPv4 WRITE [54] to [AF_INET]yyy.yyy.yyy.yy:52673: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 pid=[ #7 ] [ ] pid=0 DATA len=0
Nov  8 20:24:37 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:52673 UDPv4 READ [54] from [AF_INET]yyy.yyy.yyy.yy:52673: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 pid=[ #5 ] [ ] pid=0 DATA len=0
Nov  8 20:24:37 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:52673 UDPv4 WRITE [62] to [AF_INET]yyy.yyy.yyy.yy:52673: P_ACK_V1 kid=0 pid=[ #8 ] [ 0 ]
Nov  8 20:25:06 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:52673 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Nov  8 20:25:06 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:52673 TLS Error: TLS handshake failed
Nov  8 20:25:06 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:52673 SIGUSR1[soft,tls-error] received, client-instance restarting
Nov  8 20:25:11 vps436657 ovpn-server[1458]: MULTI: multi_create_instance called
Nov  8 20:25:11 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:55951 Re-using SSL/TLS context
Nov  8 20:25:11 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:55951 LZO compression initialized
Nov  8 20:25:11 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:55951 Control Channel MTU parms [ L:1570 D:1172 EF:78 EB:0 ET:0 EL:3 ]
Nov  8 20:25:11 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:55951 Data Channel MTU parms [ L:1570 D:1450 EF:70 EB:143 ET:0 EL:3 AF:3/1 ]
Nov  8 20:25:11 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:55951 Local Options String: 'V4,dev-type tun,link-mtu 1570,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 0,cipher AES-128-CBC,auth SHA256,keysize 128,tls-auth,key-method 2,tls-server'
Nov  8 20:25:11 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:55951 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1570,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher AES-128-CBC,auth SHA256,keysize 128,tls-auth,key-method 2,tls-client'
Nov  8 20:25:11 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:55951 Local Options hash (VER=V4): '1089825c'
Nov  8 20:25:11 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:55951 Expected Remote Options hash (VER=V4): '6907942a'
Nov  8 20:25:11 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:55951 UDPv4 READ [54] from [AF_INET]yyy.yyy.yyy.yy:55951: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 pid=[ #1 ] [ ] pid=0 DATA len=0
Nov  8 20:25:11 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:55951 TLS: Initial packet from [AF_INET]yyy.yyy.yyy.yy:55951, sid=4ec2460e f2316749
Nov  8 20:25:11 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:55951 UDPv4 WRITE [66] to [AF_INET]yyy.yyy.yyy.yy:55951: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 pid=[ #1 ] [ 0 ] pid=0 DATA len=0
Nov  8 20:25:13 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:55951 UDPv4 WRITE [54] to [AF_INET]yyy.yyy.yyy.yy:55951: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 pid=[ #2 ] [ ] pid=0 DATA len=0
Nov  8 20:25:13 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:55951 UDPv4 READ [54] from [AF_INET]yyy.yyy.yyy.yy:55951: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 pid=[ #2 ] [ ] pid=0 DATA len=0
Nov  8 20:25:13 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:55951 UDPv4 WRITE [62] to [AF_INET]yyy.yyy.yyy.yy:55951: P_ACK_V1 kid=0 pid=[ #3 ] [ 0 ]
Nov  8 20:25:17 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:55951 UDPv4 WRITE [54] to [AF_INET]yyy.yyy.yyy.yy:55951: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 pid=[ #4 ] [ ] pid=0 DATA len=0
Nov  8 20:25:17 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:55951 UDPv4 READ [54] from [AF_INET]yyy.yyy.yyy.yy:55951: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 pid=[ #3 ] [ ] pid=0 DATA len=0
Nov  8 20:25:17 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:55951 UDPv4 WRITE [62] to [AF_INET]yyy.yyy.yyy.yy:55951: P_ACK_V1 kid=0 pid=[ #5 ] [ 0 ]
Nov  8 20:25:25 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:55951 UDPv4 READ [54] from [AF_INET]yyy.yyy.yyy.yy:55951: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 pid=[ #4 ] [ ] pid=0 DATA len=0
Nov  8 20:25:25 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:55951 UDPv4 WRITE [66] to [AF_INET]yyy.yyy.yyy.yy:55951: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 pid=[ #6 ] [ 0 ] pid=0 DATA len=0
Nov  8 20:25:41 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:55951 UDPv4 WRITE [54] to [AF_INET]yyy.yyy.yyy.yy:55951: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 pid=[ #7 ] [ ] pid=0 DATA len=0
Nov  8 20:25:41 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:55951 UDPv4 READ [54] from [AF_INET]yyy.yyy.yyy.yy:55951: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 pid=[ #5 ] [ ] pid=0 DATA len=0
Nov  8 20:25:41 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:55951 UDPv4 WRITE [62] to [AF_INET]yyy.yyy.yyy.yy:55951: P_ACK_V1 kid=0 pid=[ #8 ] [ 0 ]
Nov  8 20:25:53 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:55951 UDPv4 READ [66] from [AF_INET]yyy.yyy.yyy.yy:55951: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 pid=[ #6 ] [ 0 ] pid=0 DATA len=0
Nov  8 20:25:53 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:55951 UDPv4 WRITE [62] to [AF_INET]yyy.yyy.yyy.yy:55951: P_ACK_V1 kid=0 pid=[ #9 ] [ 0 ]
Nov  8 20:25:53 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:55951 UDPv4 READ [227] from [AF_INET]yyy.yyy.yyy.yy:55951: P_CONTROL_V1 kid=0 pid=[ #7 ] [ ] pid=1 DATA len=173
Nov  8 20:25:53 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:55951 UDPv4 WRITE [1160] to [AF_INET]yyy.yyy.yyy.yy:55951: P_CONTROL_V1 kid=0 pid=[ #10 ] [ 1 ] pid=1 DATA len=1094
Nov  8 20:25:53 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:55951 UDPv4 WRITE [1148] to [AF_INET]yyy.yyy.yyy.yy:55951: P_CONTROL_V1 kid=0 pid=[ #11 ] [ ] pid=2 DATA len=1094
Nov  8 20:25:53 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:55951 UDPv4 WRITE [1148] to [AF_INET]yyy.yyy.yyy.yy:55951: P_CONTROL_V1 kid=0 pid=[ #12 ] [ ] pid=3 DATA len=1094
Nov  8 20:25:53 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:55951 UDPv4 WRITE [461] to [AF_INET]yyy.yyy.yyy.yy:55951: P_CONTROL_V1 kid=0 pid=[ #13 ] [ ] pid=4 DATA len=407
Nov  8 20:25:53 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:55951 UDPv4 READ [62] from [AF_INET]yyy.yyy.yyy.yy:55951: P_ACK_V1 kid=0 pid=[ #8 ] [ 1 ]
Nov  8 20:25:53 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:55951 UDPv4 READ [62] from [AF_INET]yyy.yyy.yyy.yy:55951: P_ACK_V1 kid=0 pid=[ #9 ] [ 2 ]
Nov  8 20:25:53 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:55951 UDPv4 READ [62] from [AF_INET]yyy.yyy.yyy.yy:55951: P_ACK_V1 kid=0 pid=[ #10 ] [ 4 ]
Nov  8 20:25:57 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:55951 UDPv4 WRITE [1148] to [AF_INET]yyy.yyy.yyy.yy:55951: P_CONTROL_V1 kid=0 pid=[ #14 ] [ ] pid=3 DATA len=1094
Nov  8 20:25:57 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:55951 UDPv4 READ [1160] from [AF_INET]yyy.yyy.yyy.yy:55951: P_CONTROL_V1 kid=0 pid=[ #11 ] [ 3 ] pid=2 DATA len=1094
Nov  8 20:25:57 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:55951 UDPv4 WRITE [62] to [AF_INET]yyy.yyy.yyy.yy:55951: P_ACK_V1 kid=0 pid=[ #15 ] [ 2 ]
Nov  8 20:25:57 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:55951 UDPv4 READ [1148] from [AF_INET]yyy.yyy.yyy.yy:55951: P_CONTROL_V1 kid=0 pid=[ #12 ] [ ] pid=3 DATA len=1094
Nov  8 20:25:57 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:55951 UDPv4 WRITE [62] to [AF_INET]yyy.yyy.yyy.yy:55951: P_ACK_V1 kid=0 pid=[ #16 ] [ 3 ]
Nov  8 20:25:57 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:55951 UDPv4 READ [1049] from [AF_INET]yyy.yyy.yyy.yy:55951: P_CONTROL_V1 kid=0 pid=[ #13 ] [ ] pid=4 DATA len=995
Nov  8 20:25:57 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:55951 VERIFY OK: depth=1, C=US, ST=NY, L=New York City, O=UMADBRO Inc., OU=Comm, CN=UMADBRO Inc. CA, name=server, emailAddress=admin@umadbro.eu
Nov  8 20:25:57 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:55951 VERIFY OK: depth=0, C=US, ST=NY, L=New York City, O=UMADBRO Inc., OU=Comm, CN=phn0mnn, name=server, emailAddress=admin@umadbro.eu
Nov  8 20:25:57 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:55951 UDPv4 WRITE [117] to [AF_INET]yyy.yyy.yyy.yy:55951: P_CONTROL_V1 kid=0 pid=[ #17 ] [ 4 ] pid=5 DATA len=51
Nov  8 20:25:57 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:55951 UDPv4 READ [513] from [AF_INET]yyy.yyy.yyy.yy:55951: P_CONTROL_V1 kid=0 pid=[ #14 ] [ 5 ] pid=5 DATA len=447
Nov  8 20:25:57 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:55951 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Nov  8 20:25:57 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:55951 Data Channel Encrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
Nov  8 20:25:57 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:55951 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Nov  8 20:25:57 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:55951 Data Channel Decrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
Nov  8 20:25:57 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:55951 UDPv4 WRITE [321] to [AF_INET]yyy.yyy.yyy.yy:55951: P_CONTROL_V1 kid=0 pid=[ #18 ] [ 5 ] pid=6 DATA len=255
Nov  8 20:25:59 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:55951 UDPv4 WRITE [309] to [AF_INET]yyy.yyy.yyy.yy:55951: P_CONTROL_V1 kid=0 pid=[ #19 ] [ ] pid=6 DATA len=255
Nov  8 20:25:59 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:55951 UDPv4 READ [513] from [AF_INET]yyy.yyy.yyy.yy:55951: P_CONTROL_V1 kid=0 pid=[ #15 ] [ 6 ] pid=5 DATA len=447
Nov  8 20:25:59 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:55951 UDPv4 WRITE [62] to [AF_INET]yyy.yyy.yyy.yy:55951: P_ACK_V1 kid=0 pid=[ #20 ] [ 5 ]
Nov  8 20:25:59 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:55951 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Nov  8 20:25:59 vps436657 ovpn-server[1458]: yyy.yyy.yyy.yy:55951 [phn0mnn] Peer Connection Initiated with [AF_INET]yyy.yyy.yyy.yy:55951
Nov  8 20:25:59 vps436657 ovpn-server[1458]: phn0mnn/yyy.yyy.yyy.yy:55951 MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=(Not enabled)
Nov  8 20:25:59 vps436657 ovpn-server[1458]: phn0mnn/yyy.yyy.yyy.yy:55951 MULTI: Learn: 10.8.0.6 -> phn0mnn/yyy.yyy.yyy.yy:55951
Nov  8 20:25:59 vps436657 ovpn-server[1458]: phn0mnn/yyy.yyy.yyy.yy:55951 MULTI: primary virtual IP for phn0mnn/yyy.yyy.yyy.yy:55951: 10.8.0.6
Nov  8 20:26:00 vps436657 ovpn-server[1458]: phn0mnn/yyy.yyy.yyy.yy:55951 UDPv4 READ [96] from [AF_INET]yyy.yyy.yyy.yy:55951: P_CONTROL_V1 kid=0 pid=[ #16 ] [ ] pid=6 DATA len=42
Nov  8 20:26:00 vps436657 ovpn-server[1458]: phn0mnn/yyy.yyy.yyy.yy:55951 PUSH: Received control message: 'PUSH_REQUEST'
Nov  8 20:26:00 vps436657 ovpn-server[1458]: phn0mnn/yyy.yyy.yyy.yy:55951 send_push_reply(): safe_cap=940
Nov  8 20:26:00 vps436657 ovpn-server[1458]: phn0mnn/yyy.yyy.yyy.yy:55951 SENT CONTROL [phn0mnn]: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 208.67.222.222,dhcp-option DNS 208.67.220.220,block-outside-dns,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' (status=1)
Nov  8 20:26:00 vps436657 ovpn-server[1458]: phn0mnn/yyy.yyy.yyy.yy:55951 UDPv4 WRITE [62] to [AF_INET]yyy.yyy.yyy.yy:55951: P_ACK_V1 kid=0 pid=[ #21 ] [ 6 ]
Nov  8 20:26:00 vps436657 ovpn-server[1458]: phn0mnn/yyy.yyy.yyy.yy:55951 UDPv4 WRITE [290] to [AF_INET]yyy.yyy.yyy.yy:55951: P_CONTROL_V1 kid=0 pid=[ #22 ] [ ] pid=7 DATA len=236
Nov  8 20:26:02 vps436657 ovpn-server[1458]: phn0mnn/yyy.yyy.yyy.yy:55951 UDPv4 WRITE [290] to [AF_INET]yyy.yyy.yyy.yy:55951: P_CONTROL_V1 kid=0 pid=[ #23 ] [ ] pid=7 DATA len=236
Nov  8 20:26:06 vps436657 ovpn-server[1458]: phn0mnn/yyy.yyy.yyy.yy:55951 UDPv4 WRITE [290] to [AF_INET]yyy.yyy.yyy.yy:55951: P_CONTROL_V1 kid=0 pid=[ #24 ] [ ] pid=7 DATA len=236
Nov  8 20:26:14 vps436657 ovpn-server[1458]: phn0mnn/yyy.yyy.yyy.yy:55951 UDPv4 WRITE [290] to [AF_INET]yyy.yyy.yyy.yy:55951: P_CONTROL_V1 kid=0 pid=[ #25 ] [ ] pid=7 DATA len=236
Nov  8 20:26:24 vps436657 ovpn-server[1458]: phn0mnn/yyy.yyy.yyy.yy:55951 UDPv4 WRITE [81] to [AF_INET]yyy.yyy.yyy.yy:55951: P_DATA_V1 kid=0 DATA len=80
Nov  8 20:26:30 vps436657 ovpn-server[1458]: phn0mnn/yyy.yyy.yyy.yy:55951 UDPv4 WRITE [290] to [AF_INET]yyy.yyy.yyy.yy:55951: P_CONTROL_V1 kid=0 pid=[ #26 ] [ ] pid=7 DATA len=236
Nov  8 20:26:41 vps436657 ovpn-server[1458]: phn0mnn/yyy.yyy.yyy.yy:55951 UDPv4 WRITE [81] to [AF_INET]yyy.yyy.yyy.yy:55951: P_DATA_V1 kid=0 DATA len=80
Nov  8 20:27:01 vps436657 ovpn-server[1458]: message repeated 2 times: [ phn0mnn/yyy.yyy.yyy.yy:55951 UDPv4 WRITE [81] to [AF_INET]yyy.yyy.yyy.yy:55951: P_DATA_V1 kid=0 DATA len=80]
Nov  8 20:27:02 vps436657 ovpn-server[1458]: phn0mnn/yyy.yyy.yyy.yy:55951 UDPv4 WRITE [290] to [AF_INET]yyy.yyy.yyy.yy:55951: P_CONTROL_V1 kid=0 pid=[ #27 ] [ ] pid=7 DATA len=236
Then, while I was copying the logs just now, it actually managed to establish a connection but failed due to a fatal error (first time this happens):

Code: Select all

Wed Nov 08 20:25:06 2017 us=414016 Restart pause, 5 second(s)
Wed Nov 08 20:25:11 2017 us=430602 Outgoing Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Wed Nov 08 20:25:11 2017 us=430602 Incoming Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Wed Nov 08 20:25:11 2017 us=430602 LZO compression initializing
Wed Nov 08 20:25:11 2017 us=431104 Control Channel MTU parms [ L:1622 D:1172 EF:78 EB:0 ET:0 EL:3 ]
Wed Nov 08 20:25:11 2017 us=431604 Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
Wed Nov 08 20:25:11 2017 us=431604 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1570,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher AES-128-CBC,auth SHA256,keysize 128,tls-auth,key-method 2,tls-client'
Wed Nov 08 20:25:11 2017 us=431604 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1570,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 0,cipher AES-128-CBC,auth SHA256,keysize 128,tls-auth,key-method 2,tls-server'
Wed Nov 08 20:25:11 2017 us=431604 TCP/UDP: Preserving recently used remote address: [AF_INET]xxx.xxx.xx.xxx:1194
Wed Nov 08 20:25:11 2017 us=431604 Socket Buffers: R=[65536->65536] S=[65536->65536]
Wed Nov 08 20:25:11 2017 us=431604 UDP link local: (not bound)
Wed Nov 08 20:25:11 2017 us=431604 UDP link remote: [AF_INET]xxx.xxx.xx.xxx:1194
Wed Nov 08 20:25:11 2017 us=431604 MANAGEMENT: >STATE:1510165511,WAIT,,,,,,
Wed Nov 08 20:25:13 2017 us=773186 TLS Error: Unroutable control packet received from [AF_INET]xxx.xxx.xx.xxx:1194 (si=3 op=P_ACK_V1)
Wed Nov 08 20:25:17 2017 us=206710 TLS Error: Unroutable control packet received from [AF_INET]xxx.xxx.xx.xxx:1194 (si=3 op=P_ACK_V1)
Wed Nov 08 20:25:53 2017 us=7511 MANAGEMENT: >STATE:1510165553,AUTH,,,,,,
Wed Nov 08 20:25:53 2017 us=7511 TLS: Initial packet from [AF_INET]xxx.xxx.xx.xxx:1194, sid=b7008307 ff7e1b18
Wed Nov 08 20:25:57 2017 us=679774 VERIFY OK: depth=1, C=US, ST=NY, L=New York City, O=UMADBRO Inc., OU=Comm, CN=UMADBRO Inc. CA, name=server, emailAddress=admin@umadbro.eu
Wed Nov 08 20:25:57 2017 us=682773 VERIFY KU OK
Wed Nov 08 20:25:57 2017 us=682773 Validating certificate extended key usage
Wed Nov 08 20:25:57 2017 us=682773 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Wed Nov 08 20:25:57 2017 us=682773 VERIFY EKU OK
Wed Nov 08 20:25:57 2017 us=682773 VERIFY OK: depth=0, C=US, ST=NY, L=New York City, O=UMADBRO Inc., OU=Comm, CN=server, name=server, emailAddress=admin@umadbro.eu
Wed Nov 08 20:25:59 2017 us=95388 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Wed Nov 08 20:25:59 2017 us=95388 [server] Peer Connection Initiated with [AF_INET]xxx.xxx.xx.xxx:1194
Wed Nov 08 20:26:00 2017 us=349970 MANAGEMENT: >STATE:1510165560,GET_CONFIG,,,,,,
Wed Nov 08 20:26:00 2017 us=362148 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Wed Nov 08 20:26:00 2017 us=450983 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 208.67.222.222,dhcp-option DNS 208.67.220.220,block-outside-dns,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5'
Wed Nov 08 20:26:00 2017 us=451981 OPTIONS IMPORT: timers and/or timeouts modified
Wed Nov 08 20:26:00 2017 us=451981 OPTIONS IMPORT: --ifconfig/up options modified
Wed Nov 08 20:26:00 2017 us=451981 OPTIONS IMPORT: route options modified
Wed Nov 08 20:26:00 2017 us=451981 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Wed Nov 08 20:26:00 2017 us=451981 Data Channel MTU parms [ L:1570 D:1450 EF:70 EB:406 ET:0 EL:3 ]
Wed Nov 08 20:26:00 2017 us=452985 Outgoing Data Channel: Cipher 'AES-128-CBC' initialized with 128 bit key
Wed Nov 08 20:26:00 2017 us=452985 Outgoing Data Channel: Using 256 bit message hash 'SHA256' for HMAC authentication
Wed Nov 08 20:26:00 2017 us=452985 Incoming Data Channel: Cipher 'AES-128-CBC' initialized with 128 bit key
Wed Nov 08 20:26:00 2017 us=452985 Incoming Data Channel: Using 256 bit message hash 'SHA256' for HMAC authentication
Wed Nov 08 20:26:00 2017 us=453980 interactive service msg_channel=0
Wed Nov 08 20:26:00 2017 us=465988 ROUTE_GATEWAY 192.168.2.253/255.255.255.0 I=8 HWADDR=30:52:cb:65:ee:ff
Wed Nov 08 20:26:00 2017 us=484004 open_tun
Wed Nov 08 20:26:00 2017 us=487003 MANAGEMENT: Client disconnected
Wed Nov 08 20:26:00 2017 us=487003 There are no TAP-Windows adapters on this system.  You should be able to create a TAP-Windows adapter by going to Start -> All Programs -> TAP-Windows -> Utilities -> Add a new TAP-Windows virtual ethernet adapter.
Wed Nov 08 20:26:00 2017 us=487003 Exiting due to fatal error
EDIT: I didn't have Tap-windows installed so done that, but the unroutable control packet error has nothing to do with it. I'm almost sure it is a network problem I'm facing. Could me requesting a static IP from the admin here solve the problem?

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: TLS Error: Unroutable control packet received

Post by TinCanTech » Wed Nov 08, 2017 7:49 pm

Unfortunately, you truncated your client log so we cannot verify it properly.

Set --verb 4 in your configs, server and client and try again with a TAP adapter installed for your client.

Then post the complete logs (edit for privacy, eg. public IPs and personal certificate data, as you see fit)

However, you are using:
  • Server:
    OpenVPN 2.3.10 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jun 22 2017
  • Client:
    OpenVPN 2.4.4 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Sep 26 2017
If you just want a quick fix update your server version.
https://community.openvpn.net/openvpn/w ... twareRepos

And let us know what happens ..
dredghawl wrote:
Wed Nov 08, 2017 6:37 pm
I'm almost sure it is a network problem I'm facing.
It could be but I would get the server upto date with openvpn and everything else first.
dredghawl wrote:
Wed Nov 08, 2017 6:37 pm
Could me requesting a static IP from the admin here solve the problem?
This does not make sense .. Your are the admin of your server, Openvpn.net don't have IP's for anybody.

dredghawl
OpenVpn Newbie
Posts: 11
Joined: Wed Oct 11, 2017 2:09 pm

Re: TLS Error: Unroutable control packet received

Post by dredghawl » Wed Nov 08, 2017 8:50 pm

TinCanTech wrote:
Wed Nov 08, 2017 7:49 pm
This does not make sense .. Your are the admin of your server, Openvpn.net don't have IP's for anybody.
Oh sorry for the poor wording, with "here" I meant the institution I'm currently at and I meant requesting a static IP in the wireless network I connect to.

Anyway I updated the server version and here are the logs. Also keep in mind that I can connect to the VPN when using my mobile connection on the phone via OpenVPN Connect or when using my phone's mobile connection through a hotspot on my laptop, and also I can connect to it from my PC at home via TeamViewer.

Client:

Code: Select all

Wed Nov 08 22:43:12 2017 NOTE: --user option is not implemented on Windows
Wed Nov 08 22:43:12 2017 NOTE: --group option is not implemented on Windows
Wed Nov 08 22:43:12 2017 us=992383 Current Parameter Settings:
Wed Nov 08 22:43:12 2017 us=992383   config = 'phn0mnn.ovpn'
Wed Nov 08 22:43:12 2017 us=992383   mode = 0
Wed Nov 08 22:43:12 2017 us=992383   show_ciphers = DISABLED
Wed Nov 08 22:43:12 2017 us=992383   show_digests = DISABLED
Wed Nov 08 22:43:12 2017 us=992383   show_engines = DISABLED
Wed Nov 08 22:43:12 2017 us=992383   genkey = DISABLED
Wed Nov 08 22:43:12 2017 us=992383   key_pass_file = '[UNDEF]'
Wed Nov 08 22:43:12 2017 us=992383   show_tls_ciphers = DISABLED
Wed Nov 08 22:43:12 2017 us=992383   connect_retry_max = 0
Wed Nov 08 22:43:12 2017 us=992383 Connection profiles [0]:
Wed Nov 08 22:43:12 2017 us=992383   proto = udp
Wed Nov 08 22:43:12 2017 us=992383   local = '[UNDEF]'
Wed Nov 08 22:43:12 2017 us=992383   local_port = '[UNDEF]'
Wed Nov 08 22:43:12 2017 us=992383   remote = 'xxx.xxx.xx.xxx'
Wed Nov 08 22:43:12 2017 us=992383   remote_port = '1194'
Wed Nov 08 22:43:12 2017 us=992383   remote_float = DISABLED
Wed Nov 08 22:43:12 2017 us=992383   bind_defined = DISABLED
Wed Nov 08 22:43:12 2017 us=992383   bind_local = DISABLED
Wed Nov 08 22:43:12 2017 us=992383   bind_ipv6_only = DISABLED
Wed Nov 08 22:43:12 2017 us=992383   connect_retry_seconds = 5
Wed Nov 08 22:43:12 2017 us=992383   connect_timeout = 120
Wed Nov 08 22:43:12 2017 us=992383   socks_proxy_server = '[UNDEF]'
Wed Nov 08 22:43:12 2017 us=992383   socks_proxy_port = '[UNDEF]'
Wed Nov 08 22:43:12 2017 us=992383   tun_mtu = 1500
Wed Nov 08 22:43:12 2017 us=992383   tun_mtu_defined = ENABLED
Wed Nov 08 22:43:12 2017 us=992383   link_mtu = 1500
Wed Nov 08 22:43:12 2017 us=992383   link_mtu_defined = DISABLED
Wed Nov 08 22:43:12 2017 us=992383   tun_mtu_extra = 0
Wed Nov 08 22:43:12 2017 us=992383   tun_mtu_extra_defined = DISABLED
Wed Nov 08 22:43:12 2017 us=992383   mtu_discover_type = -1
Wed Nov 08 22:43:12 2017 us=992383   fragment = 0
Wed Nov 08 22:43:12 2017 us=993379   mssfix = 1450
Wed Nov 08 22:43:12 2017 us=993379   explicit_exit_notification = 0
Wed Nov 08 22:43:12 2017 us=993379 Connection profiles END
Wed Nov 08 22:43:12 2017 us=993379   remote_random = DISABLED
Wed Nov 08 22:43:12 2017 us=993379   ipchange = '[UNDEF]'
Wed Nov 08 22:43:12 2017 us=993379   dev = 'tun'
Wed Nov 08 22:43:12 2017 us=993379   dev_type = '[UNDEF]'
Wed Nov 08 22:43:12 2017 us=993379   dev_node = '[UNDEF]'
Wed Nov 08 22:43:12 2017 us=993379   lladdr = '[UNDEF]'
Wed Nov 08 22:43:12 2017 us=993379   topology = 1
Wed Nov 08 22:43:12 2017 us=993379   ifconfig_local = '[UNDEF]'
Wed Nov 08 22:43:12 2017 us=993379   ifconfig_remote_netmask = '[UNDEF]'
Wed Nov 08 22:43:12 2017 us=993379   ifconfig_noexec = DISABLED
Wed Nov 08 22:43:12 2017 us=993379   ifconfig_nowarn = DISABLED
Wed Nov 08 22:43:12 2017 us=993379   ifconfig_ipv6_local = '[UNDEF]'
Wed Nov 08 22:43:12 2017 us=993379   ifconfig_ipv6_netbits = 0
Wed Nov 08 22:43:12 2017 us=993379   ifconfig_ipv6_remote = '[UNDEF]'
Wed Nov 08 22:43:12 2017 us=993379   shaper = 0
Wed Nov 08 22:43:12 2017 us=993379   mtu_test = 0
Wed Nov 08 22:43:12 2017 us=993379   mlock = DISABLED
Wed Nov 08 22:43:12 2017 us=993379   keepalive_ping = 0
Wed Nov 08 22:43:12 2017 us=993379   keepalive_timeout = 0
Wed Nov 08 22:43:12 2017 us=993379   inactivity_timeout = 0
Wed Nov 08 22:43:12 2017 us=993379   ping_send_timeout = 0
Wed Nov 08 22:43:12 2017 us=993379   ping_rec_timeout = 0
Wed Nov 08 22:43:12 2017 us=993379   ping_rec_timeout_action = 0
Wed Nov 08 22:43:12 2017 us=993379   ping_timer_remote = DISABLED
Wed Nov 08 22:43:12 2017 us=993379   remap_sigusr1 = 0
Wed Nov 08 22:43:12 2017 us=993379   persist_tun = DISABLED
Wed Nov 08 22:43:12 2017 us=993379   persist_local_ip = DISABLED
Wed Nov 08 22:43:12 2017 us=993379   persist_remote_ip = DISABLED
Wed Nov 08 22:43:12 2017 us=993379   persist_key = DISABLED
Wed Nov 08 22:43:12 2017 us=993379   passtos = DISABLED
Wed Nov 08 22:43:12 2017 us=993379   resolve_retry_seconds = 1000000000
Wed Nov 08 22:43:12 2017 us=993379   resolve_in_advance = DISABLED
Wed Nov 08 22:43:12 2017 us=993379   username = '[UNDEF]'
Wed Nov 08 22:43:12 2017 us=993379   groupname = '[UNDEF]'
Wed Nov 08 22:43:12 2017 us=993379   chroot_dir = '[UNDEF]'
Wed Nov 08 22:43:12 2017 us=993379   cd_dir = '[UNDEF]'
Wed Nov 08 22:43:12 2017 us=993379   writepid = '[UNDEF]'
Wed Nov 08 22:43:12 2017 us=993379   up_script = '[UNDEF]'
Wed Nov 08 22:43:12 2017 us=993379   down_script = '[UNDEF]'
Wed Nov 08 22:43:12 2017 us=993379   down_pre = DISABLED
Wed Nov 08 22:43:12 2017 us=993379   up_restart = DISABLED
Wed Nov 08 22:43:12 2017 us=993379   up_delay = DISABLED
Wed Nov 08 22:43:12 2017 us=993379   daemon = DISABLED
Wed Nov 08 22:43:12 2017 us=993379   inetd = 0
Wed Nov 08 22:43:12 2017 us=993379   log = ENABLED
Wed Nov 08 22:43:12 2017 us=993379   suppress_timestamps = DISABLED
Wed Nov 08 22:43:12 2017 us=993379   machine_readable_output = DISABLED
Wed Nov 08 22:43:12 2017 us=993379   nice = 0
Wed Nov 08 22:43:12 2017 us=993379   verbosity = 4
Wed Nov 08 22:43:12 2017 us=993379   mute = 0
Wed Nov 08 22:43:12 2017 us=993379   gremlin = 0
Wed Nov 08 22:43:12 2017 us=993379   status_file = '[UNDEF]'
Wed Nov 08 22:43:12 2017 us=993379   status_file_version = 1
Wed Nov 08 22:43:12 2017 us=993379   status_file_update_freq = 60
Wed Nov 08 22:43:12 2017 us=993379   occ = ENABLED
Wed Nov 08 22:43:12 2017 us=993379   rcvbuf = 0
Wed Nov 08 22:43:12 2017 us=993379   sndbuf = 0
Wed Nov 08 22:43:12 2017 us=993379   sockflags = 0
Wed Nov 08 22:43:12 2017 us=993379   fast_io = DISABLED
Wed Nov 08 22:43:12 2017 us=993379   comp.alg = 2
Wed Nov 08 22:43:12 2017 us=993379   comp.flags = 1
Wed Nov 08 22:43:12 2017 us=993379   route_script = '[UNDEF]'
Wed Nov 08 22:43:12 2017 us=993379   route_default_gateway = '[UNDEF]'
Wed Nov 08 22:43:12 2017 us=993379   route_default_metric = 0
Wed Nov 08 22:43:12 2017 us=993379   route_noexec = DISABLED
Wed Nov 08 22:43:12 2017 us=993379   route_delay = 5
Wed Nov 08 22:43:12 2017 us=993379   route_delay_window = 30
Wed Nov 08 22:43:12 2017 us=994385   route_delay_defined = ENABLED
Wed Nov 08 22:43:12 2017 us=994385   route_nopull = DISABLED
Wed Nov 08 22:43:12 2017 us=994385   route_gateway_via_dhcp = DISABLED
Wed Nov 08 22:43:12 2017 us=994385   allow_pull_fqdn = DISABLED
Wed Nov 08 22:43:12 2017 us=994385   management_addr = '127.0.0.1'
Wed Nov 08 22:43:12 2017 us=994385   management_port = '25340'
Wed Nov 08 22:43:12 2017 us=994385   management_user_pass = 'stdin'
Wed Nov 08 22:43:12 2017 us=994385   management_log_history_cache = 250
Wed Nov 08 22:43:12 2017 us=994385   management_echo_buffer_size = 100
Wed Nov 08 22:43:12 2017 us=994385   management_write_peer_info_file = '[UNDEF]'
Wed Nov 08 22:43:12 2017 us=994385   management_client_user = '[UNDEF]'
Wed Nov 08 22:43:12 2017 us=994385   management_client_group = '[UNDEF]'
Wed Nov 08 22:43:12 2017 us=994385   management_flags = 6
Wed Nov 08 22:43:12 2017 us=994385   shared_secret_file = '[UNDEF]'
Wed Nov 08 22:43:12 2017 us=994385   key_direction = 2
Wed Nov 08 22:43:12 2017 us=994385   ciphername = 'AES-128-CBC'
Wed Nov 08 22:43:12 2017 us=994385   ncp_enabled = ENABLED
Wed Nov 08 22:43:12 2017 us=994385   ncp_ciphers = 'AES-256-GCM:AES-128-GCM'
Wed Nov 08 22:43:12 2017 us=994385   authname = 'SHA256'
Wed Nov 08 22:43:12 2017 us=994385   prng_hash = 'SHA1'
Wed Nov 08 22:43:12 2017 us=994385   prng_nonce_secret_len = 16
Wed Nov 08 22:43:12 2017 us=994385   keysize = 0
Wed Nov 08 22:43:12 2017 us=994385   engine = DISABLED
Wed Nov 08 22:43:12 2017 us=994385   replay = ENABLED
Wed Nov 08 22:43:12 2017 us=994385   mute_replay_warnings = DISABLED
Wed Nov 08 22:43:12 2017 us=994385   replay_window = 64
Wed Nov 08 22:43:12 2017 us=994385   replay_time = 15
Wed Nov 08 22:43:12 2017 us=994385   packet_id_file = '[UNDEF]'
Wed Nov 08 22:43:12 2017 us=994385   use_iv = ENABLED
Wed Nov 08 22:43:12 2017 us=994385   test_crypto = DISABLED
Wed Nov 08 22:43:12 2017 us=994385   tls_server = DISABLED
Wed Nov 08 22:43:12 2017 us=994385   tls_client = ENABLED
Wed Nov 08 22:43:12 2017 us=994385   key_method = 2
Wed Nov 08 22:43:12 2017 us=994385   ca_file = '[[INLINE]]'
Wed Nov 08 22:43:12 2017 us=994385   ca_path = '[UNDEF]'
Wed Nov 08 22:43:12 2017 us=994385   dh_file = '[UNDEF]'
Wed Nov 08 22:43:12 2017 us=994385   cert_file = '[[INLINE]]'
Wed Nov 08 22:43:12 2017 us=994385   extra_certs_file = '[UNDEF]'
Wed Nov 08 22:43:12 2017 us=994385   priv_key_file = '[[INLINE]]'
Wed Nov 08 22:43:12 2017 us=994385   pkcs12_file = '[UNDEF]'
Wed Nov 08 22:43:12 2017 us=994385   cryptoapi_cert = '[UNDEF]'
Wed Nov 08 22:43:12 2017 us=994385   cipher_list = '[UNDEF]'
Wed Nov 08 22:43:12 2017 us=994385   tls_verify = '[UNDEF]'
Wed Nov 08 22:43:12 2017 us=994385   tls_export_cert = '[UNDEF]'
Wed Nov 08 22:43:12 2017 us=994385   verify_x509_type = 0
Wed Nov 08 22:43:12 2017 us=994385   verify_x509_name = '[UNDEF]'
Wed Nov 08 22:43:12 2017 us=994385   crl_file = '[UNDEF]'
Wed Nov 08 22:43:12 2017 us=994385   ns_cert_type = 0
Wed Nov 08 22:43:12 2017 us=994385   remote_cert_ku[i] = 65535
Wed Nov 08 22:43:12 2017 us=994385   remote_cert_ku[i] = 0
Wed Nov 08 22:43:12 2017 us=994385   remote_cert_ku[i] = 0
Wed Nov 08 22:43:12 2017 us=994385   remote_cert_ku[i] = 0
Wed Nov 08 22:43:12 2017 us=994385   remote_cert_ku[i] = 0
Wed Nov 08 22:43:12 2017 us=994385   remote_cert_ku[i] = 0
Wed Nov 08 22:43:12 2017 us=994385   remote_cert_ku[i] = 0
Wed Nov 08 22:43:12 2017 us=994385   remote_cert_ku[i] = 0
Wed Nov 08 22:43:12 2017 us=994385   remote_cert_ku[i] = 0
Wed Nov 08 22:43:12 2017 us=994385   remote_cert_ku[i] = 0
Wed Nov 08 22:43:12 2017 us=994385   remote_cert_ku[i] = 0
Wed Nov 08 22:43:12 2017 us=994385   remote_cert_ku[i] = 0
Wed Nov 08 22:43:12 2017 us=994385   remote_cert_ku[i] = 0
Wed Nov 08 22:43:12 2017 us=994385   remote_cert_ku[i] = 0
Wed Nov 08 22:43:12 2017 us=994385   remote_cert_ku[i] = 0
Wed Nov 08 22:43:12 2017 us=994385   remote_cert_ku[i] = 0
Wed Nov 08 22:43:12 2017 us=994385   remote_cert_eku = 'TLS Web Server Authentication'
Wed Nov 08 22:43:12 2017 us=994385   ssl_flags = 0
Wed Nov 08 22:43:12 2017 us=994385   tls_timeout = 2
Wed Nov 08 22:43:12 2017 us=994385   renegotiate_bytes = -1
Wed Nov 08 22:43:12 2017 us=994385   renegotiate_packets = 0
Wed Nov 08 22:43:12 2017 us=994385   renegotiate_seconds = 3600
Wed Nov 08 22:43:12 2017 us=994385   handshake_window = 60
Wed Nov 08 22:43:12 2017 us=994385   transition_window = 3600
Wed Nov 08 22:43:12 2017 us=994385   single_session = DISABLED
Wed Nov 08 22:43:12 2017 us=994385   push_peer_info = DISABLED
Wed Nov 08 22:43:12 2017 us=994385   tls_exit = DISABLED
Wed Nov 08 22:43:12 2017 us=994385   tls_auth_file = '[[INLINE]]'
Wed Nov 08 22:43:12 2017 us=994385   tls_crypt_file = '[UNDEF]'
Wed Nov 08 22:43:12 2017 us=994385   pkcs11_protected_authentication = DISABLED
Wed Nov 08 22:43:12 2017 us=995381   pkcs11_protected_authentication = DISABLED
Wed Nov 08 22:43:12 2017 us=995381   pkcs11_protected_authentication = DISABLED
Wed Nov 08 22:43:12 2017 us=995381   pkcs11_protected_authentication = DISABLED
Wed Nov 08 22:43:12 2017 us=995381   pkcs11_protected_authentication = DISABLED
Wed Nov 08 22:43:12 2017 us=995381   pkcs11_protected_authentication = DISABLED
Wed Nov 08 22:43:12 2017 us=995381   pkcs11_protected_authentication = DISABLED
Wed Nov 08 22:43:12 2017 us=995381   pkcs11_protected_authentication = DISABLED
Wed Nov 08 22:43:12 2017 us=995381   pkcs11_protected_authentication = DISABLED
Wed Nov 08 22:43:12 2017 us=995381   pkcs11_protected_authentication = DISABLED
Wed Nov 08 22:43:12 2017 us=995381   pkcs11_protected_authentication = DISABLED
Wed Nov 08 22:43:12 2017 us=995381   pkcs11_protected_authentication = DISABLED
Wed Nov 08 22:43:12 2017 us=995381   pkcs11_protected_authentication = DISABLED
Wed Nov 08 22:43:12 2017 us=995381   pkcs11_protected_authentication = DISABLED
Wed Nov 08 22:43:12 2017 us=995381   pkcs11_protected_authentication = DISABLED
Wed Nov 08 22:43:12 2017 us=995381   pkcs11_protected_authentication = DISABLED
Wed Nov 08 22:43:12 2017 us=995381   pkcs11_private_mode = 00000000
Wed Nov 08 22:43:12 2017 us=995381   pkcs11_private_mode = 00000000
Wed Nov 08 22:43:12 2017 us=995381   pkcs11_private_mode = 00000000
Wed Nov 08 22:43:12 2017 us=995381   pkcs11_private_mode = 00000000
Wed Nov 08 22:43:12 2017 us=995381   pkcs11_private_mode = 00000000
Wed Nov 08 22:43:12 2017 us=995381   pkcs11_private_mode = 00000000
Wed Nov 08 22:43:12 2017 us=995381   pkcs11_private_mode = 00000000
Wed Nov 08 22:43:12 2017 us=995381   pkcs11_private_mode = 00000000
Wed Nov 08 22:43:12 2017 us=995381   pkcs11_private_mode = 00000000
Wed Nov 08 22:43:12 2017 us=995381   pkcs11_private_mode = 00000000
Wed Nov 08 22:43:12 2017 us=995381   pkcs11_private_mode = 00000000
Wed Nov 08 22:43:12 2017 us=995381   pkcs11_private_mode = 00000000
Wed Nov 08 22:43:12 2017 us=995381   pkcs11_private_mode = 00000000
Wed Nov 08 22:43:12 2017 us=995381   pkcs11_private_mode = 00000000
Wed Nov 08 22:43:12 2017 us=995381   pkcs11_private_mode = 00000000
Wed Nov 08 22:43:12 2017 us=995381   pkcs11_private_mode = 00000000
Wed Nov 08 22:43:12 2017 us=995381   pkcs11_cert_private = DISABLED
Wed Nov 08 22:43:12 2017 us=995381   pkcs11_cert_private = DISABLED
Wed Nov 08 22:43:12 2017 us=995381   pkcs11_cert_private = DISABLED
Wed Nov 08 22:43:12 2017 us=995381   pkcs11_cert_private = DISABLED
Wed Nov 08 22:43:12 2017 us=995381   pkcs11_cert_private = DISABLED
Wed Nov 08 22:43:12 2017 us=995381   pkcs11_cert_private = DISABLED
Wed Nov 08 22:43:12 2017 us=995381   pkcs11_cert_private = DISABLED
Wed Nov 08 22:43:12 2017 us=995381   pkcs11_cert_private = DISABLED
Wed Nov 08 22:43:12 2017 us=995381   pkcs11_cert_private = DISABLED
Wed Nov 08 22:43:12 2017 us=995381   pkcs11_cert_private = DISABLED
Wed Nov 08 22:43:12 2017 us=995381   pkcs11_cert_private = DISABLED
Wed Nov 08 22:43:12 2017 us=995381   pkcs11_cert_private = DISABLED
Wed Nov 08 22:43:12 2017 us=995381   pkcs11_cert_private = DISABLED
Wed Nov 08 22:43:12 2017 us=995381   pkcs11_cert_private = DISABLED
Wed Nov 08 22:43:12 2017 us=995381   pkcs11_cert_private = DISABLED
Wed Nov 08 22:43:12 2017 us=995381   pkcs11_cert_private = DISABLED
Wed Nov 08 22:43:12 2017 us=995381   pkcs11_pin_cache_period = -1
Wed Nov 08 22:43:12 2017 us=995381   pkcs11_id = '[UNDEF]'
Wed Nov 08 22:43:12 2017 us=995381   pkcs11_id_management = DISABLED
Wed Nov 08 22:43:12 2017 us=995381   server_network = 0.0.0.0
Wed Nov 08 22:43:12 2017 us=995381   server_netmask = 0.0.0.0
Wed Nov 08 22:43:12 2017 us=995381   server_network_ipv6 = ::
Wed Nov 08 22:43:12 2017 us=995381   server_netbits_ipv6 = 0
Wed Nov 08 22:43:12 2017 us=995381   server_bridge_ip = 0.0.0.0
Wed Nov 08 22:43:12 2017 us=995381   server_bridge_netmask = 0.0.0.0
Wed Nov 08 22:43:12 2017 us=995381   server_bridge_pool_start = 0.0.0.0
Wed Nov 08 22:43:12 2017 us=995381   server_bridge_pool_end = 0.0.0.0
Wed Nov 08 22:43:12 2017 us=995381   ifconfig_pool_defined = DISABLED
Wed Nov 08 22:43:12 2017 us=995381   ifconfig_pool_start = 0.0.0.0
Wed Nov 08 22:43:12 2017 us=995381   ifconfig_pool_end = 0.0.0.0
Wed Nov 08 22:43:12 2017 us=995381   ifconfig_pool_netmask = 0.0.0.0
Wed Nov 08 22:43:12 2017 us=995381   ifconfig_pool_persist_filename = '[UNDEF]'
Wed Nov 08 22:43:12 2017 us=995381   ifconfig_pool_persist_refresh_freq = 600
Wed Nov 08 22:43:12 2017 us=995381   ifconfig_ipv6_pool_defined = DISABLED
Wed Nov 08 22:43:12 2017 us=995381   ifconfig_ipv6_pool_base = ::
Wed Nov 08 22:43:12 2017 us=995381   ifconfig_ipv6_pool_netbits = 0
Wed Nov 08 22:43:12 2017 us=995381   n_bcast_buf = 256
Wed Nov 08 22:43:12 2017 us=996384   tcp_queue_limit = 64
Wed Nov 08 22:43:12 2017 us=996384   real_hash_size = 256
Wed Nov 08 22:43:12 2017 us=996384   virtual_hash_size = 256
Wed Nov 08 22:43:12 2017 us=996384   client_connect_script = '[UNDEF]'
Wed Nov 08 22:43:12 2017 us=996384   learn_address_script = '[UNDEF]'
Wed Nov 08 22:43:12 2017 us=996384   client_disconnect_script = '[UNDEF]'
Wed Nov 08 22:43:12 2017 us=996384   client_config_dir = '[UNDEF]'
Wed Nov 08 22:43:12 2017 us=996384   ccd_exclusive = DISABLED
Wed Nov 08 22:43:12 2017 us=996384   tmp_dir = 'C:\Users\PHN0MNN\AppData\Local\Temp\'
Wed Nov 08 22:43:12 2017 us=996384   push_ifconfig_defined = DISABLED
Wed Nov 08 22:43:12 2017 us=996384   push_ifconfig_local = 0.0.0.0
Wed Nov 08 22:43:12 2017 us=996384   push_ifconfig_remote_netmask = 0.0.0.0
Wed Nov 08 22:43:12 2017 us=996384   push_ifconfig_ipv6_defined = DISABLED
Wed Nov 08 22:43:12 2017 us=996384   push_ifconfig_ipv6_local = ::/0
Wed Nov 08 22:43:12 2017 us=996384   push_ifconfig_ipv6_remote = ::
Wed Nov 08 22:43:12 2017 us=996384   enable_c2c = DISABLED
Wed Nov 08 22:43:12 2017 us=996384   duplicate_cn = DISABLED
Wed Nov 08 22:43:12 2017 us=996384   cf_max = 0
Wed Nov 08 22:43:12 2017 us=996384   cf_per = 0
Wed Nov 08 22:43:12 2017 us=996384   max_clients = 1024
Wed Nov 08 22:43:12 2017 us=996384   max_routes_per_client = 256
Wed Nov 08 22:43:12 2017 us=996384   auth_user_pass_verify_script = '[UNDEF]'
Wed Nov 08 22:43:12 2017 us=996384   auth_user_pass_verify_script_via_file = DISABLED
Wed Nov 08 22:43:12 2017 us=996384   auth_token_generate = DISABLED
Wed Nov 08 22:43:12 2017 us=996384   auth_token_lifetime = 0
Wed Nov 08 22:43:12 2017 us=996384   client = ENABLED
Wed Nov 08 22:43:12 2017 us=996384   pull = ENABLED
Wed Nov 08 22:43:12 2017 us=996384   auth_user_pass_file = '[UNDEF]'
Wed Nov 08 22:43:12 2017 us=996384   show_net_up = DISABLED
Wed Nov 08 22:43:12 2017 us=996384   route_method = 0
Wed Nov 08 22:43:12 2017 us=996384   block_outside_dns = ENABLED
Wed Nov 08 22:43:12 2017 us=996384   ip_win32_defined = DISABLED
Wed Nov 08 22:43:12 2017 us=996384   ip_win32_type = 3
Wed Nov 08 22:43:12 2017 us=996384   dhcp_masq_offset = 0
Wed Nov 08 22:43:12 2017 us=996384   dhcp_lease_time = 31536000
Wed Nov 08 22:43:12 2017 us=996384   tap_sleep = 0
Wed Nov 08 22:43:12 2017 us=996384   dhcp_options = DISABLED
Wed Nov 08 22:43:12 2017 us=996384   dhcp_renew = DISABLED
Wed Nov 08 22:43:12 2017 us=996384   dhcp_pre_release = DISABLED
Wed Nov 08 22:43:12 2017 us=996384   domain = '[UNDEF]'
Wed Nov 08 22:43:12 2017 us=996384   netbios_scope = '[UNDEF]'
Wed Nov 08 22:43:12 2017 us=996384   netbios_node_type = 0
Wed Nov 08 22:43:12 2017 us=996384   disable_nbt = DISABLED
Wed Nov 08 22:43:12 2017 us=996384 OpenVPN 2.4.4 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Sep 26 2017
Wed Nov 08 22:43:12 2017 us=996384 Windows version 6.2 (Windows 8 or greater) 64bit
Wed Nov 08 22:43:12 2017 us=996384 library versions: OpenSSL 1.0.2l  25 May 2017, LZO 2.10
Enter Management Password:
Wed Nov 08 22:43:12 2017 us=998394 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Wed Nov 08 22:43:12 2017 us=998394 Need hold release from management interface, waiting...
Wed Nov 08 22:43:13 2017 us=454454 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Wed Nov 08 22:43:13 2017 us=555689 MANAGEMENT: CMD 'state on'
Wed Nov 08 22:43:13 2017 us=556645 MANAGEMENT: CMD 'log all on'
Wed Nov 08 22:43:13 2017 us=766862 MANAGEMENT: CMD 'echo all on'
Wed Nov 08 22:43:13 2017 us=768864 MANAGEMENT: CMD 'hold off'
Wed Nov 08 22:43:13 2017 us=770863 MANAGEMENT: CMD 'hold release'
Wed Nov 08 22:43:13 2017 us=913506 MANAGEMENT: CMD 'password [...]'
Wed Nov 08 22:43:13 2017 us=913991 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Wed Nov 08 22:43:13 2017 us=920495 Outgoing Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Wed Nov 08 22:43:13 2017 us=920495 Incoming Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Wed Nov 08 22:43:13 2017 us=920495 LZO compression initializing
Wed Nov 08 22:43:13 2017 us=920995 Control Channel MTU parms [ L:1622 D:1172 EF:78 EB:0 ET:0 EL:3 ]
Wed Nov 08 22:43:13 2017 us=920995 Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
Wed Nov 08 22:43:13 2017 us=920995 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1570,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher AES-128-CBC,auth SHA256,keysize 128,tls-auth,key-method 2,tls-client'
Wed Nov 08 22:43:13 2017 us=920995 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1570,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 0,cipher AES-128-CBC,auth SHA256,keysize 128,tls-auth,key-method 2,tls-server'
Wed Nov 08 22:43:13 2017 us=920995 TCP/UDP: Preserving recently used remote address: [AF_INET]xxx.xxx.xx.xxx:1194
Wed Nov 08 22:43:13 2017 us=920995 Socket Buffers: R=[65536->65536] S=[65536->65536]
Wed Nov 08 22:43:13 2017 us=920995 UDP link local: (not bound)
Wed Nov 08 22:43:13 2017 us=920995 UDP link remote: [AF_INET]xxx.xxx.xx.xxx:1194
Wed Nov 08 22:43:13 2017 us=920995 MANAGEMENT: >STATE:1510173793,WAIT,,,,,,
Wed Nov 08 22:43:15 2017 us=97043 TLS Error: Unroutable control packet received from [AF_INET]xxx.xxx.xx.xxx:1194 (si=3 op=P_ACK_V1)
Wed Nov 08 22:43:19 2017 us=562186 TLS Error: Unroutable control packet received from [AF_INET]xxx.xxx.xx.xxx:1194 (si=3 op=P_ACK_V1)
Wed Nov 08 22:43:27 2017 us=171284 TLS Error: Unroutable control packet received from [AF_INET]xxx.xxx.xx.xxx:1194 (si=3 op=P_ACK_V1)
Wed Nov 08 22:43:43 2017 us=625263 TLS Error: Unroutable control packet received from [AF_INET]xxx.xxx.xx.xxx:1194 (si=3 op=P_ACK_V1)
Wed Nov 08 22:44:13 2017 us=12246 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Wed Nov 08 22:44:13 2017 us=12246 TLS Error: TLS handshake failed
Wed Nov 08 22:44:13 2017 us=13246 TCP/UDP: Closing socket
Wed Nov 08 22:44:13 2017 us=13246 SIGUSR1[soft,tls-error] received, process restarting
Wed Nov 08 22:44:13 2017 us=13246 MANAGEMENT: >STATE:1510173853,RECONNECTING,tls-error,,,,,
Wed Nov 08 22:44:13 2017 us=13246 Restart pause, 5 second(s)
Wed Nov 08 22:44:18 2017 us=14702 SIGTERM[hard,init_instance] received, process exiting
Wed Nov 08 22:44:18 2017 us=14702 MANAGEMENT: >STATE:1510173858,EXITING,init_instance,,,,,
And server:

Code: Select all

Nov  8 22:43:06 vps436657 ovpn-server[5567]: Current Parameter Settings:
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   config = '/etc/openvpn/server.conf'
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   mode = 1
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   persist_config = DISABLED
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   persist_mode = 1
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   show_ciphers = DISABLED
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   show_digests = DISABLED
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   show_engines = DISABLED
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   genkey = DISABLED
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   key_pass_file = '[UNDEF]'
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   show_tls_ciphers = DISABLED
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   connect_retry_max = 0
Nov  8 22:43:06 vps436657 ovpn-server[5567]: Connection profiles [0]:
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   proto = udp
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   local = '[UNDEF]'
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   local_port = '1194'
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   remote = '[UNDEF]'
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   remote_port = '1194'
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   remote_float = DISABLED
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   bind_defined = DISABLED
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   bind_local = ENABLED
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   bind_ipv6_only = DISABLED
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   connect_retry_seconds = 5
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   connect_timeout = 120
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   socks_proxy_server = '[UNDEF]'
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   socks_proxy_port = '[UNDEF]'
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   tun_mtu = 1500
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   tun_mtu_defined = ENABLED
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   link_mtu = 1500
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   link_mtu_defined = DISABLED
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   tun_mtu_extra = 0
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   tun_mtu_extra_defined = DISABLED
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   mtu_discover_type = -1
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   fragment = 0
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   mssfix = 1450
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   explicit_exit_notification = 0
Nov  8 22:43:06 vps436657 ovpn-server[5567]: Connection profiles END
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   remote_random = DISABLED
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   ipchange = '[UNDEF]'
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   dev = 'tun'
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   dev_type = '[UNDEF]'
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   dev_node = '[UNDEF]'
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   lladdr = '[UNDEF]'
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   topology = 1
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   ifconfig_local = '10.8.0.1'
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   ifconfig_remote_netmask = '10.8.0.2'
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   ifconfig_noexec = DISABLED
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   ifconfig_nowarn = DISABLED
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   ifconfig_ipv6_local = '[UNDEF]'
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   ifconfig_ipv6_netbits = 0
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   ifconfig_ipv6_remote = '[UNDEF]'
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   shaper = 0
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   mtu_test = 0
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   mlock = DISABLED
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   keepalive_ping = 10
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   keepalive_timeout = 120
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   inactivity_timeout = 0
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   ping_send_timeout = 10
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   ping_rec_timeout = 240
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   ping_rec_timeout_action = 2
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   ping_timer_remote = DISABLED
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   remap_sigusr1 = 0
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   persist_tun = ENABLED
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   persist_local_ip = DISABLED
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   persist_remote_ip = DISABLED
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   persist_key = ENABLED
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   passtos = DISABLED
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   resolve_retry_seconds = 1000000000
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   resolve_in_advance = DISABLED
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   username = 'nobody'
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   groupname = 'nogroup'
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   chroot_dir = '[UNDEF]'
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   cd_dir = '/etc/openvpn'
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   writepid = '/run/openvpn/server.pid'
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   up_script = '[UNDEF]'
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   down_script = '[UNDEF]'
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   down_pre = DISABLED
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   up_restart = DISABLED
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   up_delay = DISABLED
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   daemon = ENABLED
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   inetd = 0
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   log = DISABLED
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   suppress_timestamps = DISABLED
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   machine_readable_output = DISABLED
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   nice = 0
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   verbosity = 4
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   mute = 0
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   gremlin = 0
Nov  8 22:43:06 vps436657 ovpn-server[5567]:   status_file = 'openvpn-status.log'
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   status_file_version = 1
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   status_file_update_freq = 10
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   occ = ENABLED
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   rcvbuf = 0
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   sndbuf = 0
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   mark = 0
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   sockflags = 0
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   fast_io = DISABLED
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   comp.alg = 2
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   comp.flags = 1
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   route_script = '[UNDEF]'
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   route_default_gateway = '[UNDEF]'
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   route_default_metric = 0
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   route_noexec = DISABLED
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   route_delay = 0
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   route_delay_window = 30
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   route_delay_defined = DISABLED
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   route_nopull = DISABLED
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   route_gateway_via_dhcp = DISABLED
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   allow_pull_fqdn = DISABLED
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   route 10.8.0.0/255.255.255.0/default (not set)/default (not set)
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   management_addr = '[UNDEF]'
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   management_port = '[UNDEF]'
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   management_user_pass = '[UNDEF]'
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   management_log_history_cache = 250
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   management_echo_buffer_size = 100
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   management_write_peer_info_file = '[UNDEF]'
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   management_client_user = '[UNDEF]'
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   management_client_group = '[UNDEF]'
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   management_flags = 0
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   shared_secret_file = '[UNDEF]'
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   key_direction = 1
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   ciphername = 'AES-128-CBC'
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   ncp_enabled = ENABLED
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   ncp_ciphers = 'AES-256-GCM:AES-128-GCM'
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   authname = 'SHA256'
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   prng_hash = 'SHA1'
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   prng_nonce_secret_len = 16
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   keysize = 0
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   engine = DISABLED
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   replay = ENABLED
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   mute_replay_warnings = DISABLED
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   replay_window = 64
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   replay_time = 15
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   packet_id_file = '[UNDEF]'
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   use_iv = ENABLED
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   test_crypto = DISABLED
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   tls_server = ENABLED
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   tls_client = DISABLED
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   key_method = 2
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   ca_file = 'ca.crt'
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   ca_path = '[UNDEF]'
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   dh_file = 'dh2048.pem'
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   cert_file = 'server.crt'
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   extra_certs_file = '[UNDEF]'
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   priv_key_file = 'server.key'
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   pkcs12_file = '[UNDEF]'
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   cipher_list = '[UNDEF]'
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   tls_verify = '[UNDEF]'
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   tls_export_cert = '[UNDEF]'
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   verify_x509_type = 0
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   verify_x509_name = '[UNDEF]'
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   crl_file = '[UNDEF]'
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   ns_cert_type = 0
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   remote_cert_ku[i] = 0
Nov  8 22:43:07 vps436657 ovpn-server[5567]: message repeated 15 times: [   remote_cert_ku[i] = 0]
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   remote_cert_eku = '[UNDEF]'
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   ssl_flags = 0
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   tls_timeout = 2
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   renegotiate_bytes = -1
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   renegotiate_packets = 0
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   renegotiate_seconds = 3600
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   handshake_window = 60
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   transition_window = 3600
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   single_session = DISABLED
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   push_peer_info = DISABLED
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   tls_exit = DISABLED
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   tls_auth_file = 'ta.key'
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   tls_crypt_file = '[UNDEF]'
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   pkcs11_protected_authentication = DISABLED
Nov  8 22:43:07 vps436657 ovpn-server[5567]: message repeated 4 times: [   pkcs11_protected_authentication = DISABLED]
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   pkcs11_protected_authentication = DISABLED
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   pkcs11_protected_authentication = DISABLED
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   pkcs11_protected_authentication = DISABLED
Nov  8 22:43:07 vps436657 ovpn-server[5567]: message repeated 8 times: [   pkcs11_protected_authentication = DISABLED]
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   pkcs11_private_mode = 00000000
Nov  8 22:43:07 vps436657 ovpn-server[5567]: message repeated 15 times: [   pkcs11_private_mode = 00000000]
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   pkcs11_cert_private = DISABLED
Nov  8 22:43:07 vps436657 ovpn-server[5567]: message repeated 15 times: [   pkcs11_cert_private = DISABLED]
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   pkcs11_pin_cache_period = -1
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   pkcs11_id = '[UNDEF]'
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   pkcs11_id_management = DISABLED
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   server_network = 10.8.0.0
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   server_netmask = 255.255.255.0
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   server_network_ipv6 = ::
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   server_netbits_ipv6 = 0
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   server_bridge_ip = 0.0.0.0
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   server_bridge_netmask = 0.0.0.0
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   server_bridge_pool_start = 0.0.0.0
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   server_bridge_pool_end = 0.0.0.0
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   push_entry = 'redirect-gateway def1 bypass-dhcp'
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   push_entry = 'dhcp-option DNS 208.67.222.222'
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   push_entry = 'dhcp-option DNS 208.67.220.220'
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   push_entry = 'block-outside-dns'
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   push_entry = 'route 10.8.0.1'
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   push_entry = 'topology net30'
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   push_entry = 'ping 10'
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   push_entry = 'ping-restart 120'
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   ifconfig_pool_defined = ENABLED
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   ifconfig_pool_start = 10.8.0.4
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   ifconfig_pool_end = 10.8.0.251
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   ifconfig_pool_netmask = 0.0.0.0
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   ifconfig_pool_persist_filename = 'ipp.txt'
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   ifconfig_pool_persist_refresh_freq = 600
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   ifconfig_ipv6_pool_defined = DISABLED
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   ifconfig_ipv6_pool_base = ::
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   ifconfig_ipv6_pool_netbits = 0
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   n_bcast_buf = 256
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   tcp_queue_limit = 64
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   real_hash_size = 256
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   virtual_hash_size = 256
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   client_connect_script = '[UNDEF]'
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   learn_address_script = '[UNDEF]'
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   client_disconnect_script = '[UNDEF]'
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   client_config_dir = '[UNDEF]'
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   ccd_exclusive = DISABLED
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   tmp_dir = '/tmp'
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   push_ifconfig_defined = DISABLED
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   push_ifconfig_local = 0.0.0.0
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   push_ifconfig_remote_netmask = 0.0.0.0
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   push_ifconfig_ipv6_defined = DISABLED
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   push_ifconfig_ipv6_local = ::/0
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   push_ifconfig_ipv6_remote = ::
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   enable_c2c = DISABLED
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   duplicate_cn = DISABLED
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   cf_max = 0
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   cf_per = 0
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   max_clients = 1024
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   max_routes_per_client = 256
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   auth_user_pass_verify_script = '[UNDEF]'
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   auth_user_pass_verify_script_via_file = DISABLED
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   auth_token_generate = DISABLED
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   auth_token_lifetime = 0
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   port_share_host = '[UNDEF]'
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   port_share_port = '[UNDEF]'
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   client = DISABLED
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   pull = DISABLED
Nov  8 22:43:07 vps436657 ovpn-server[5567]:   auth_user_pass_file = '[UNDEF]'
Nov  8 22:43:07 vps436657 ovpn-server[5567]: OpenVPN 2.4.4 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Sep 26 2017
Nov  8 22:43:07 vps436657 ovpn-server[5567]: library versions: OpenSSL 1.0.2g  1 Mar 2016, LZO 2.08
Nov  8 22:43:07 vps436657 ovpn-server[5570]: Diffie-Hellman initialized with 2048 bit key
Nov  8 22:43:07 vps436657 ovpn-server[5570]: Outgoing Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Nov  8 22:43:07 vps436657 ovpn-server[5570]: Incoming Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Nov  8 22:43:07 vps436657 ovpn-server[5570]: TLS-Auth MTU parms [ L:1622 D:1172 EF:78 EB:0 ET:0 EL:3 ]
Nov  8 22:43:07 vps436657 ovpn-server[5570]: ROUTE_GATEWAY 145.239.80.1
Nov  8 22:43:07 vps436657 ovpn-server[5570]: TUN/TAP device tun1 opened
Nov  8 22:43:07 vps436657 ovpn-server[5570]: TUN/TAP TX queue length set to 100
Nov  8 22:43:07 vps436657 ovpn-server[5570]: do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Nov  8 22:43:07 vps436657 ovpn-server[5570]: /sbin/ip link set dev tun1 up mtu 1500
Nov  8 22:43:07 vps436657 ovpn-server[5570]: /sbin/ip addr add dev tun1 local 10.8.0.1 peer 10.8.0.2
Nov  8 22:43:07 vps436657 ovpn-server[5570]: /sbin/ip route add 10.8.0.0/24 via 10.8.0.2
Nov  8 22:43:07 vps436657 ovpn-server[5570]: ERROR: Linux route add command failed: external program exited with error status: 2
Nov  8 22:43:07 vps436657 ovpn-server[5570]: Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
Nov  8 22:43:07 vps436657 ovpn-server[5570]: Could not determine IPv4/IPv6 protocol. Using AF_INET
Nov  8 22:43:07 vps436657 ovpn-server[5570]: Socket Buffers: R=[212992->212992] S=[212992->212992]
Nov  8 22:43:07 vps436657 ovpn-server[5570]: TCP/UDP: Socket bind failed on local address [AF_INET][undef]:1194: Address already in use (errno=98)
Nov  8 22:43:07 vps436657 ovpn-server[5570]: Exiting due to fatal error
Nov  8 22:43:07 vps436657 ovpn-server[5570]: Closing TUN/TAP interface
Nov  8 22:43:07 vps436657 ovpn-server[5570]: /sbin/ip addr del dev tun1 local 10.8.0.1 peer 10.8.0.2
Nov  8 22:43:14 vps436657 ovpn-server[5081]: MULTI: multi_create_instance called
Nov  8 22:43:14 vps436657 ovpn-server[5081]: yyy.yyy.yyy.yy:59100 Re-using SSL/TLS context
Nov  8 22:43:14 vps436657 ovpn-server[5081]: yyy.yyy.yyy.yy:59100 LZO compression initializing
Nov  8 22:43:14 vps436657 ovpn-server[5081]: yyy.yyy.yyy.yy:59100 Control Channel MTU parms [ L:1622 D:1172 EF:78 EB:0 ET:0 EL:3 ]
Nov  8 22:43:14 vps436657 ovpn-server[5081]: yyy.yyy.yyy.yy:59100 Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
Nov  8 22:43:14 vps436657 ovpn-server[5081]: yyy.yyy.yyy.yy:59100 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1570,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 0,cipher AES-128-CBC,auth SHA256,keysize 128,tls-auth,key-method 2,tls-server'
Nov  8 22:43:14 vps436657 ovpn-server[5081]: yyy.yyy.yyy.yy:59100 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1570,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher AES-128-CBC,auth SHA256,keysize 128,tls-auth,key-method 2,tls-client'
Nov  8 22:43:14 vps436657 ovpn-server[5081]: yyy.yyy.yyy.yy:59100 UDPv4 READ [54] from [AF_INET]yyy.yyy.yyy.yy:59100: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 pid=[ #1 ] [ ] pid=0 DATA len=0
Nov  8 22:43:14 vps436657 ovpn-server[5081]: yyy.yyy.yyy.yy:59100 TLS: Initial packet from [AF_INET]yyy.yyy.yyy.yy:59100, sid=f16f2573 371c56da
Nov  8 22:43:14 vps436657 ovpn-server[5081]: yyy.yyy.yyy.yy:59100 UDPv4 WRITE [66] to [AF_INET]yyy.yyy.yyy.yy:59100: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 pid=[ #1 ] [ 0 ] pid=0 DATA len=0
Nov  8 22:43:15 vps436657 ovpn-server[5081]: yyy.yyy.yyy.yy:59100 UDPv4 READ [54] from [AF_INET]yyy.yyy.yyy.yy:59100: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 pid=[ #2 ] [ ] pid=0 DATA len=0
Nov  8 22:43:15 vps436657 ovpn-server[5081]: yyy.yyy.yyy.yy:59100 UDPv4 WRITE [62] to [AF_INET]yyy.yyy.yyy.yy:59100: P_ACK_V1 kid=0 pid=[ #2 ] [ 0 ]
Nov  8 22:43:16 vps436657 ovpn-server[5081]: yyy.yyy.yyy.yy:59100 UDPv4 WRITE [54] to [AF_INET]yyy.yyy.yyy.yy:59100: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 pid=[ #3 ] [ ] pid=0 DATA len=0
Nov  8 22:43:19 vps436657 ovpn-server[5081]: yyy.yyy.yyy.yy:59100 UDPv4 READ [54] from [AF_INET]yyy.yyy.yyy.yy:59100: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 pid=[ #3 ] [ ] pid=0 DATA len=0
Nov  8 22:43:19 vps436657 ovpn-server[5081]: yyy.yyy.yyy.yy:59100 UDPv4 WRITE [62] to [AF_INET]yyy.yyy.yyy.yy:59100: P_ACK_V1 kid=0 pid=[ #4 ] [ 0 ]
Nov  8 22:43:20 vps436657 ovpn-server[5081]: yyy.yyy.yyy.yy:59100 UDPv4 WRITE [54] to [AF_INET]yyy.yyy.yyy.yy:59100: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 pid=[ #5 ] [ ] pid=0 DATA len=0
Nov  8 22:43:27 vps436657 ovpn-server[5081]: yyy.yyy.yyy.yy:59100 UDPv4 READ [54] from [AF_INET]yyy.yyy.yyy.yy:59100: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 pid=[ #4 ] [ ] pid=0 DATA len=0
Nov  8 22:43:27 vps436657 ovpn-server[5081]: yyy.yyy.yyy.yy:59100 UDPv4 WRITE [62] to [AF_INET]yyy.yyy.yyy.yy:59100: P_ACK_V1 kid=0 pid=[ #6 ] [ 0 ]
Nov  8 22:43:28 vps436657 ovpn-server[5081]: yyy.yyy.yyy.yy:59100 UDPv4 WRITE [54] to [AF_INET]yyy.yyy.yyy.yy:59100: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 pid=[ #7 ] [ ] pid=0 DATA len=0
Nov  8 22:43:35 vps436657 ovpn-server[5081]: yyy.yyy.yyy.yy:64225 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Nov  8 22:43:35 vps436657 ovpn-server[5081]: yyy.yyy.yyy.yy:64225 TLS Error: TLS handshake failed
Nov  8 22:43:35 vps436657 ovpn-server[5081]: yyy.yyy.yyy.yy:64225 SIGUSR1[soft,tls-error] received, client-instance restarting
Nov  8 22:43:43 vps436657 ovpn-server[5081]: yyy.yyy.yyy.yy:59100 UDPv4 READ [54] from [AF_INET]yyy.yyy.yyy.yy:59100: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 pid=[ #5 ] [ ] pid=0 DATA len=0
Nov  8 22:43:43 vps436657 ovpn-server[5081]: yyy.yyy.yyy.yy:59100 UDPv4 WRITE [62] to [AF_INET]yyy.yyy.yyy.yy:59100: P_ACK_V1 kid=0 pid=[ #8 ] [ 0 ]
Nov  8 22:43:44 vps436657 ovpn-server[5081]: yyy.yyy.yyy.yy:59100 UDPv4 WRITE [54] to [AF_INET]yyy.yyy.yyy.yy:59100: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 pid=[ #9 ] [ ] pid=0 DATA len=0
Nov  8 22:44:14 vps436657 ovpn-server[5081]: yyy.yyy.yyy.yy:59100 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Nov  8 22:44:14 vps436657 ovpn-server[5081]: yyy.yyy.yyy.yy:59100 TLS Error: TLS handshake failed
Nov  8 22:44:14 vps436657 ovpn-server[5081]: yyy.yyy.yyy.yy:59100 SIGUSR1[soft,tls-error] received, client-instance restarting

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: TLS Error: Unroutable control packet received

Post by TinCanTech » Wed Nov 08, 2017 9:40 pm

dredghawl wrote:
Wed Nov 08, 2017 8:50 pm
Oh sorry for the poor wording, with "here" I meant the institution I'm currently at and I meant requesting a static IP in the wireless network I connect to.
It should not be a problem unless the wireless is functioning badly/incorrectly .. maybe worth looking into.

However, now that you have posted your server log I am a bit stumped .. see this:
dredghawl wrote:
Wed Nov 08, 2017 8:50 pm
Nov 8 22:43:07 vps436657 ovpn-server[5567]: OpenVPN 2.4.4 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Sep 26 2017
Nov 8 22:43:07 vps436657 ovpn-server[5567]: library versions: OpenSSL 1.0.2g 1 Mar 2016, LZO 2.08
Nov 8 22:43:07 vps436657 ovpn-server[5570]: Diffie-Hellman initialized with 2048 bit key
Nov 8 22:43:07 vps436657 ovpn-server[5570]: Outgoing Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Nov 8 22:43:07 vps436657 ovpn-server[5570]: Incoming Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Nov 8 22:43:07 vps436657 ovpn-server[5570]: TLS-Auth MTU parms [ L:1622 D:1172 EF:78 EB:0 ET:0 EL:3 ]
Nov 8 22:43:07 vps436657 ovpn-server[5570]: ROUTE_GATEWAY 145.239.80.1
Nov 8 22:43:07 vps436657 ovpn-server[5570]: TUN/TAP device tun1 opened
Nov 8 22:43:07 vps436657 ovpn-server[5570]: TUN/TAP TX queue length set to 100
Nov 8 22:43:07 vps436657 ovpn-server[5570]: do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Nov 8 22:43:07 vps436657 ovpn-server[5570]: /sbin/ip link set dev tun1 up mtu 1500
Nov 8 22:43:07 vps436657 ovpn-server[5570]: /sbin/ip addr add dev tun1 local 10.8.0.1 peer 10.8.0.2
Nov 8 22:43:07 vps436657 ovpn-server[5570]: /sbin/ip route add 10.8.0.0/24 via 10.8.0.2
Nov 8 22:43:07 vps436657 ovpn-server[5570]: ERROR: Linux route add command failed: external program exited with error status: 2
Nov 8 22:43:07 vps436657 ovpn-server[5570]: Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
Nov 8 22:43:07 vps436657 ovpn-server[5570]: Could not determine IPv4/IPv6 protocol. Using AF_INET
Nov 8 22:43:07 vps436657 ovpn-server[5570]: Socket Buffers: R=[212992->212992] S=[212992->212992]
Nov 8 22:43:07 vps436657 ovpn-server[5570]: TCP/UDP: Socket bind failed on local address [AF_INET][undef]:1194: Address already in use (errno=98)
Nov 8 22:43:07 vps436657 ovpn-server[5570]: Exiting due to fatal error
Nov 8 22:43:07 vps436657 ovpn-server[5570]: Closing TUN/TAP interface
Nov 8 22:43:07 vps436657 ovpn-server[5570]: /sbin/ip addr del dev tun1 local 10.8.0.1 peer 10.8.0.2

What happened during these 7 seconds is a mystery

Nov 8 22:43:14 vps436657 ovpn-server[5081]: MULTI: multi_create_instance called
Nov 8 22:43:14 vps436657 ovpn-server[5081]: yyy.yyy.yyy.yy:59100 Re-using SSL/TLS context
Nov 8 22:43:14 vps436657 ovpn-server[5081]: yyy.yyy.yyy.yy:59100 LZO compression initializing

Nov 8 22:43:14 vps436657 ovpn-server[5081]: yyy.yyy.yyy.yy:59100 Control Channel MTU parms [ L:1622 D:1172 EF:78 EB:0 ET:0 EL:3 ]
Nov 8 22:43:14 vps436657 ovpn-server[5081]: yyy.yyy.yyy.yy:59100 Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
Nov 8 22:43:14 vps436657 ovpn-server[5081]: yyy.yyy.yyy.yy:59100 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1570,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 0,cipher AES-128-CBC,auth SHA256,keysize 128,tls-auth,key-method 2,tls-server'
Nov 8 22:43:14 vps436657 ovpn-server[5081]: yyy.yyy.yyy.yy:59100 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1570,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher AES-128-CBC,auth SHA256,keysize 128,tls-auth,key-method 2,tls-client'
Nov 8 22:43:14 vps436657 ovpn-server[5081]: yyy.yyy.yyy.yy:59100 UDPv4 READ [54] from [AF_INET]yyy.yyy.yyy.yy:59100: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 pid=[ #1 ] [ ] pid=0 DATA len=0
Nov 8 22:43:14 vps436657 ovpn-server[5081]: yyy.yyy.yyy.yy:59100 TLS: Initial packet from [AF_INET]yyy.yyy.yyy.yy:59100, sid=f16f2573 371c56da
Nov 8 22:43:14 vps436657 ovpn-server[5081]: yyy.yyy.yyy.yy:59100 UDPv4 WRITE [66] to [AF_INET]yyy.yyy.yyy.yy:59100: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 pid=[ #1 ] [ 0 ] pid=0 DATA len=0
I will ask the devs to have a look at this because as far as I know, that cannot happen !

Where is the server located and who is the server admin ?

Can you please post ifconfig for the server.
Last edited by TinCanTech on Wed Nov 08, 2017 9:44 pm, edited 1 time in total.

dredghawl
OpenVpn Newbie
Posts: 11
Joined: Wed Oct 11, 2017 2:09 pm

Re: TLS Error: Unroutable control packet received

Post by dredghawl » Wed Nov 08, 2017 9:43 pm

If you mean the server where the OpenVPN is running on, it's my VPS and I'm the admin. It's located in Warsaw, Poland.

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: TLS Error: Unroutable control packet received

Post by TinCanTech » Wed Nov 08, 2017 9:46 pm

TinCanTech wrote:
Wed Nov 08, 2017 9:40 pm
Can you please post ifconfig for the server.
just in case you missed that :)

and also, iptables-save output.

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: TLS Error: Unroutable control packet received

Post by TinCanTech » Wed Nov 08, 2017 10:06 pm

OK .. we have a hunch that your server is mis-behaving .. in your log it goes:
Nov 8 22:43:07 vps436657 ovpn-server[5570]: TCP/UDP: Socket bind failed on local address [AF_INET][undef]:1194: Address already in use (errno=98)
Nov 8 22:43:07 vps436657 ovpn-server[5570]: Exiting due to fatal error
Nov 8 22:43:07 vps436657 ovpn-server[5570]: Closing TUN/TAP interface
Nov 8 22:43:07 vps436657 ovpn-server[5570]: /sbin/ip addr del dev tun1 local 10.8.0.1 peer 10.8.0.2

What happened during these 7 seconds is a mystery

Nov 8 22:43:14 vps436657 ovpn-server[5081]: MULTI: multi_create_instance called
That is PID of the server process .. so the server has been restarted.

Also, this:
Nov 8 22:43:07 vps436657 ovpn-server[5570]: TCP/UDP: Socket bind failed on local address [AF_INET][undef]:1194: Address already in use (errno=98)
Strongly suggests that you are running the same server config twice, or a conflicting server config.

I am sure you will be able to determine which and we would be interested to find out. :mrgreen:

dredghawl
OpenVpn Newbie
Posts: 11
Joined: Wed Oct 11, 2017 2:09 pm

Re: TLS Error: Unroutable control packet received

Post by dredghawl » Wed Nov 08, 2017 10:09 pm

Here are the outputs of ifconfig and iptables-save:

Code: Select all

ens3      Link encap:Ethernet  HWaddr fa:16:3e:73:91:12
          inet addr:xxx.xxx.xx.xxx  Bcast:xxx.xxx.xx.xxx  Mask:255.255.255.255
          inet6 addr: xxxx::xxxx:xxxx:xxxx:xxxx/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:29055 errors:0 dropped:0 overruns:0 frame:0
          TX packets:25931 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:18067847 (18.0 MB)  TX bytes:13601520 (13.6 MB)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:15807 errors:0 dropped:0 overruns:0 frame:0
          TX packets:15807 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1
          RX bytes:305665234 (305.6 MB)  TX bytes:305665234 (305.6 MB)

tun0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
          inet addr:10.8.0.1  P-t-P:10.8.0.2  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:674 errors:0 dropped:0 overruns:0 frame:0
          TX packets:479 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:243578 (243.5 KB)  TX bytes:139905 (139.9 KB)

Code: Select all

# Generated by iptables-save v1.6.0 on Thu Nov  9 00:04:59 2017
*nat
:PREROUTING ACCEPT [2153:77762]
:INPUT ACCEPT [1968:66308]
:OUTPUT ACCEPT [144:10508]
:POSTROUTING ACCEPT [144:10508]
-A POSTROUTING -s 10.0.0.0/8 -o ens3 -j MASQUERADE
COMMIT
# Completed on Thu Nov  9 00:04:59 2017
# Generated by iptables-save v1.6.0 on Thu Nov  9 00:04:59 2017
*filter
:INPUT DROP [171:9391]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:f2b-sshd - [0:0]
:ufw-after-forward - [0:0]
:ufw-after-input - [0:0]
:ufw-after-logging-forward - [0:0]
:ufw-after-logging-input - [0:0]
:ufw-after-logging-output - [0:0]
:ufw-after-output - [0:0]
:ufw-before-forward - [0:0]
:ufw-before-input - [0:0]
:ufw-before-logging-forward - [0:0]
:ufw-before-logging-input - [0:0]
:ufw-before-logging-output - [0:0]
:ufw-before-output - [0:0]
:ufw-logging-allow - [0:0]
:ufw-logging-deny - [0:0]
:ufw-not-local - [0:0]
:ufw-reject-forward - [0:0]
:ufw-reject-input - [0:0]
:ufw-reject-output - [0:0]
:ufw-skip-to-policy-forward - [0:0]
:ufw-skip-to-policy-input - [0:0]
:ufw-skip-to-policy-output - [0:0]
:ufw-track-forward - [0:0]
:ufw-track-input - [0:0]
:ufw-track-output - [0:0]
:ufw-user-forward - [0:0]
:ufw-user-input - [0:0]
:ufw-user-limit - [0:0]
:ufw-user-limit-accept - [0:0]
:ufw-user-logging-forward - [0:0]
:ufw-user-logging-input - [0:0]
:ufw-user-logging-output - [0:0]
:ufw-user-output - [0:0]
-A INPUT -p tcp -m multiport --dports 22 -j f2b-sshd
-A INPUT -j ufw-before-logging-input
-A INPUT -j ufw-before-input
-A INPUT -j ufw-after-input
-A INPUT -j ufw-after-logging-input
-A INPUT -j ufw-reject-input
-A INPUT -j ufw-track-input
-A FORWARD -j ufw-before-logging-forward
-A FORWARD -j ufw-before-forward
-A FORWARD -j ufw-after-forward
-A FORWARD -j ufw-after-logging-forward
-A FORWARD -j ufw-reject-forward
-A FORWARD -j ufw-track-forward
-A OUTPUT -j ufw-before-logging-output
-A OUTPUT -j ufw-before-output
-A OUTPUT -j ufw-after-output
-A OUTPUT -j ufw-after-logging-output
-A OUTPUT -j ufw-reject-output
-A OUTPUT -j ufw-track-output
-A f2b-sshd -j RETURN
-A ufw-after-input -p udp -m udp --dport 137 -j ufw-skip-to-policy-input
-A ufw-after-input -p udp -m udp --dport 138 -j ufw-skip-to-policy-input
-A ufw-after-input -p tcp -m tcp --dport 139 -j ufw-skip-to-policy-input
-A ufw-after-input -p tcp -m tcp --dport 445 -j ufw-skip-to-policy-input
-A ufw-after-input -p udp -m udp --dport 67 -j ufw-skip-to-policy-input
-A ufw-after-input -p udp -m udp --dport 68 -j ufw-skip-to-policy-input
-A ufw-after-input -m addrtype --dst-type BROADCAST -j ufw-skip-to-policy-input
-A ufw-after-logging-input -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
-A ufw-before-forward -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A ufw-before-forward -p icmp -m icmp --icmp-type 3 -j ACCEPT
-A ufw-before-forward -p icmp -m icmp --icmp-type 4 -j ACCEPT
-A ufw-before-forward -p icmp -m icmp --icmp-type 11 -j ACCEPT
-A ufw-before-forward -p icmp -m icmp --icmp-type 12 -j ACCEPT
-A ufw-before-forward -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A ufw-before-forward -j ufw-user-forward
-A ufw-before-input -i lo -j ACCEPT
-A ufw-before-input -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A ufw-before-input -m conntrack --ctstate INVALID -j ufw-logging-deny
-A ufw-before-input -m conntrack --ctstate INVALID -j DROP
-A ufw-before-input -p icmp -m icmp --icmp-type 3 -j ACCEPT
-A ufw-before-input -p icmp -m icmp --icmp-type 4 -j ACCEPT
-A ufw-before-input -p icmp -m icmp --icmp-type 11 -j ACCEPT
-A ufw-before-input -p icmp -m icmp --icmp-type 12 -j ACCEPT
-A ufw-before-input -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A ufw-before-input -p udp -m udp --sport 67 --dport 68 -j ACCEPT
-A ufw-before-input -j ufw-not-local
-A ufw-before-input -d 224.0.0.251/32 -p udp -m udp --dport 5353 -j ACCEPT
-A ufw-before-input -d 239.255.255.250/32 -p udp -m udp --dport 1900 -j ACCEPT
-A ufw-before-input -j ufw-user-input
-A ufw-before-output -o lo -j ACCEPT
-A ufw-before-output -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A ufw-before-output -j ufw-user-output
-A ufw-logging-allow -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
-A ufw-logging-deny -m conntrack --ctstate INVALID -m limit --limit 3/min --limit-burst 10 -j RETURN
-A ufw-logging-deny -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
-A ufw-not-local -m addrtype --dst-type LOCAL -j RETURN
-A ufw-not-local -m addrtype --dst-type MULTICAST -j RETURN
-A ufw-not-local -m addrtype --dst-type BROADCAST -j RETURN
-A ufw-not-local -m limit --limit 3/min --limit-burst 10 -j ufw-logging-deny
-A ufw-not-local -j DROP
-A ufw-skip-to-policy-forward -j ACCEPT
-A ufw-skip-to-policy-input -j DROP
-A ufw-skip-to-policy-output -j ACCEPT
-A ufw-track-forward -p tcp -m conntrack --ctstate NEW -j ACCEPT
-A ufw-track-forward -p udp -m conntrack --ctstate NEW -j ACCEPT
-A ufw-track-output -p tcp -m conntrack --ctstate NEW -j ACCEPT
-A ufw-track-output -p udp -m conntrack --ctstate NEW -j ACCEPT
-A ufw-user-input -p tcp -m tcp --dport 41111 -j ACCEPT
-A ufw-user-input -p udp -m udp --dport 1194 -j ACCEPT
-A ufw-user-input -p udp -m udp --dport 443 -j ACCEPT
-A ufw-user-input -p tcp -m tcp --dport 443 -j ACCEPT
-A ufw-user-limit -m limit --limit 3/min -j LOG --log-prefix "[UFW LIMIT BLOCK] "
-A ufw-user-limit -j REJECT --reject-with icmp-port-unreachable
-A ufw-user-limit-accept -j ACCEPT
COMMIT
# Completed on Thu Nov  9 00:04:59 2017
I am sure you will be able to determine which and we would be interested to find out. :mrgreen:
I will have a look and see if I'm able to nail it down. If you have any hints in the meantime I'd appreciate any help since I'm also quite new to linux.

Btw now that you say it, something I noticed also: I set the server config file to log into a different file than syslog, but somehow only the starting process of OpenVPN was logged into that file, while the connection attempts were still logged into syslog. So there's definitely something wrong.

dredghawl
OpenVpn Newbie
Posts: 11
Joined: Wed Oct 11, 2017 2:09 pm

Re: TLS Error: Unroutable control packet received

Post by dredghawl » Wed Nov 08, 2017 10:26 pm

Ok I rebooted the system and the weird stuff in the logs fixed itself. I set the server.conf to log to a separate log file and it's logging everything into that and nothing into syslog anymore. But the initial problem still exists.

Server log:

Code: Select all

Thu Nov  9 00:18:07 2017 us=1792 Current Parameter Settings:
Thu Nov  9 00:18:07 2017 us=1855   config = '/etc/openvpn/server.conf'
Thu Nov  9 00:18:07 2017 us=1867   mode = 1
Thu Nov  9 00:18:07 2017 us=1875   persist_config = DISABLED
Thu Nov  9 00:18:07 2017 us=1882   persist_mode = 1
Thu Nov  9 00:18:07 2017 us=1889   show_ciphers = DISABLED
Thu Nov  9 00:18:07 2017 us=1895   show_digests = DISABLED
Thu Nov  9 00:18:07 2017 us=1902   show_engines = DISABLED
Thu Nov  9 00:18:07 2017 us=1909   genkey = DISABLED
Thu Nov  9 00:18:07 2017 us=1916   key_pass_file = '[UNDEF]'
Thu Nov  9 00:18:07 2017 us=1923   show_tls_ciphers = DISABLED
Thu Nov  9 00:18:07 2017 us=1930   connect_retry_max = 0
Thu Nov  9 00:18:07 2017 us=1936 Connection profiles [0]:
Thu Nov  9 00:18:07 2017 us=1941   proto = udp
Thu Nov  9 00:18:07 2017 us=1945   local = '[UNDEF]'
Thu Nov  9 00:18:07 2017 us=1949   local_port = '1194'
Thu Nov  9 00:18:07 2017 us=1953   remote = '[UNDEF]'
Thu Nov  9 00:18:07 2017 us=1957   remote_port = '1194'
Thu Nov  9 00:18:07 2017 us=1961   remote_float = DISABLED
Thu Nov  9 00:18:07 2017 us=1965   bind_defined = DISABLED
Thu Nov  9 00:18:07 2017 us=1969   bind_local = ENABLED
Thu Nov  9 00:18:07 2017 us=1973   bind_ipv6_only = DISABLED
Thu Nov  9 00:18:07 2017 us=1977   connect_retry_seconds = 5
Thu Nov  9 00:18:07 2017 us=1981   connect_timeout = 120
Thu Nov  9 00:18:07 2017 us=1985   socks_proxy_server = '[UNDEF]'
Thu Nov  9 00:18:07 2017 us=1989   socks_proxy_port = '[UNDEF]'
Thu Nov  9 00:18:07 2017 us=1993   tun_mtu = 1500
Thu Nov  9 00:18:07 2017 us=1997   tun_mtu_defined = ENABLED
Thu Nov  9 00:18:07 2017 us=2001   link_mtu = 1500
Thu Nov  9 00:18:07 2017 us=2006   link_mtu_defined = DISABLED
Thu Nov  9 00:18:07 2017 us=2010   tun_mtu_extra = 0
Thu Nov  9 00:18:07 2017 us=2014   tun_mtu_extra_defined = DISABLED
Thu Nov  9 00:18:07 2017 us=2018   mtu_discover_type = -1
Thu Nov  9 00:18:07 2017 us=2022   fragment = 0
Thu Nov  9 00:18:07 2017 us=2026   mssfix = 1450
Thu Nov  9 00:18:07 2017 us=2030   explicit_exit_notification = 0
Thu Nov  9 00:18:07 2017 us=2034 Connection profiles END
Thu Nov  9 00:18:07 2017 us=2038   remote_random = DISABLED
Thu Nov  9 00:18:07 2017 us=2042   ipchange = '[UNDEF]'
Thu Nov  9 00:18:07 2017 us=2046   dev = 'tun'
Thu Nov  9 00:18:07 2017 us=2050   dev_type = '[UNDEF]'
Thu Nov  9 00:18:07 2017 us=2054   dev_node = '[UNDEF]'
Thu Nov  9 00:18:07 2017 us=2058   lladdr = '[UNDEF]'
Thu Nov  9 00:18:07 2017 us=2062   topology = 1
Thu Nov  9 00:18:07 2017 us=2066   ifconfig_local = '10.8.0.1'
Thu Nov  9 00:18:07 2017 us=2070   ifconfig_remote_netmask = '10.8.0.2'
Thu Nov  9 00:18:07 2017 us=2074   ifconfig_noexec = DISABLED
Thu Nov  9 00:18:07 2017 us=2078   ifconfig_nowarn = DISABLED
Thu Nov  9 00:18:07 2017 us=2081   ifconfig_ipv6_local = '[UNDEF]'
Thu Nov  9 00:18:07 2017 us=2085   ifconfig_ipv6_netbits = 0
Thu Nov  9 00:18:07 2017 us=2089   ifconfig_ipv6_remote = '[UNDEF]'
Thu Nov  9 00:18:07 2017 us=2093   shaper = 0
Thu Nov  9 00:18:07 2017 us=2097   mtu_test = 0
Thu Nov  9 00:18:07 2017 us=2101   mlock = DISABLED
Thu Nov  9 00:18:07 2017 us=2105   keepalive_ping = 10
Thu Nov  9 00:18:07 2017 us=2109   keepalive_timeout = 120
Thu Nov  9 00:18:07 2017 us=2113   inactivity_timeout = 0
Thu Nov  9 00:18:07 2017 us=2117   ping_send_timeout = 10
Thu Nov  9 00:18:07 2017 us=2120   ping_rec_timeout = 240
Thu Nov  9 00:18:07 2017 us=2124   ping_rec_timeout_action = 2
Thu Nov  9 00:18:07 2017 us=2128   ping_timer_remote = DISABLED
Thu Nov  9 00:18:07 2017 us=2132   remap_sigusr1 = 0
Thu Nov  9 00:18:07 2017 us=2136   persist_tun = ENABLED
Thu Nov  9 00:18:07 2017 us=2140   persist_local_ip = DISABLED
Thu Nov  9 00:18:07 2017 us=2144   persist_remote_ip = DISABLED
Thu Nov  9 00:18:07 2017 us=2148   persist_key = ENABLED
Thu Nov  9 00:18:07 2017 us=2152   passtos = DISABLED
Thu Nov  9 00:18:07 2017 us=2156   resolve_retry_seconds = 1000000000
Thu Nov  9 00:18:07 2017 us=2160   resolve_in_advance = DISABLED
Thu Nov  9 00:18:07 2017 us=2164   username = 'nobody'
Thu Nov  9 00:18:07 2017 us=2168   groupname = 'nogroup'
Thu Nov  9 00:18:07 2017 us=2176   chroot_dir = '[UNDEF]'
Thu Nov  9 00:18:07 2017 us=2189   cd_dir = '/etc/openvpn'
Thu Nov  9 00:18:07 2017 us=2194   writepid = '/run/openvpn/server.pid'
Thu Nov  9 00:18:07 2017 us=2198   up_script = '[UNDEF]'
Thu Nov  9 00:18:07 2017 us=2202   down_script = '[UNDEF]'
Thu Nov  9 00:18:07 2017 us=2206   down_pre = DISABLED
Thu Nov  9 00:18:07 2017 us=2210   up_restart = DISABLED
Thu Nov  9 00:18:07 2017 us=2214   up_delay = DISABLED
Thu Nov  9 00:18:07 2017 us=2218   daemon = ENABLED
Thu Nov  9 00:18:07 2017 us=2222   inetd = 0
Thu Nov  9 00:18:07 2017 us=2226   log = ENABLED
Thu Nov  9 00:18:07 2017 us=2229   suppress_timestamps = DISABLED
Thu Nov  9 00:18:07 2017 us=2233   machine_readable_output = DISABLED
Thu Nov  9 00:18:07 2017 us=2237   nice = 0
Thu Nov  9 00:18:07 2017 us=2241   verbosity = 4
Thu Nov  9 00:18:07 2017 us=2245   mute = 0
Thu Nov  9 00:18:07 2017 us=2249   gremlin = 0
Thu Nov  9 00:18:07 2017 us=2253   status_file = 'openvpn-status.log'
Thu Nov  9 00:18:07 2017 us=2257   status_file_version = 1
Thu Nov  9 00:18:07 2017 us=2265   status_file_update_freq = 10
Thu Nov  9 00:18:07 2017 us=2270   occ = ENABLED
Thu Nov  9 00:18:07 2017 us=2274   rcvbuf = 0
Thu Nov  9 00:18:07 2017 us=2277   sndbuf = 0
Thu Nov  9 00:18:07 2017 us=2281   mark = 0
Thu Nov  9 00:18:07 2017 us=2285   sockflags = 0
Thu Nov  9 00:18:07 2017 us=2289   fast_io = DISABLED
Thu Nov  9 00:18:07 2017 us=2293   comp.alg = 2
Thu Nov  9 00:18:07 2017 us=2297   comp.flags = 1
Thu Nov  9 00:18:07 2017 us=2301   route_script = '[UNDEF]'
Thu Nov  9 00:18:07 2017 us=2305   route_default_gateway = '[UNDEF]'
Thu Nov  9 00:18:07 2017 us=2309   route_default_metric = 0
Thu Nov  9 00:18:07 2017 us=2313   route_noexec = DISABLED
Thu Nov  9 00:18:07 2017 us=2317   route_delay = 0
Thu Nov  9 00:18:07 2017 us=2321   route_delay_window = 30
Thu Nov  9 00:18:07 2017 us=2325   route_delay_defined = DISABLED
Thu Nov  9 00:18:07 2017 us=2329   route_nopull = DISABLED
Thu Nov  9 00:18:07 2017 us=2333   route_gateway_via_dhcp = DISABLED
Thu Nov  9 00:18:07 2017 us=2337   allow_pull_fqdn = DISABLED
Thu Nov  9 00:18:07 2017 us=2342   route 10.8.0.0/255.255.255.0/default (not set)/default (not set)
Thu Nov  9 00:18:07 2017 us=2346   management_addr = '[UNDEF]'
Thu Nov  9 00:18:07 2017 us=2351   management_port = '[UNDEF]'
Thu Nov  9 00:18:07 2017 us=2355   management_user_pass = '[UNDEF]'
Thu Nov  9 00:18:07 2017 us=2359   management_log_history_cache = 250
Thu Nov  9 00:18:07 2017 us=2363   management_echo_buffer_size = 100
Thu Nov  9 00:18:07 2017 us=2367   management_write_peer_info_file = '[UNDEF]'
Thu Nov  9 00:18:07 2017 us=2371   management_client_user = '[UNDEF]'
Thu Nov  9 00:18:07 2017 us=2375   management_client_group = '[UNDEF]'
Thu Nov  9 00:18:07 2017 us=2379   management_flags = 0
Thu Nov  9 00:18:07 2017 us=2383   shared_secret_file = '[UNDEF]'
Thu Nov  9 00:18:07 2017 us=2387   key_direction = 1
Thu Nov  9 00:18:07 2017 us=2391   ciphername = 'AES-128-CBC'
Thu Nov  9 00:18:07 2017 us=2395   ncp_enabled = ENABLED
Thu Nov  9 00:18:07 2017 us=2400   ncp_ciphers = 'AES-256-GCM:AES-128-GCM'
Thu Nov  9 00:18:07 2017 us=2404   authname = 'SHA256'
Thu Nov  9 00:18:07 2017 us=2408   prng_hash = 'SHA1'
Thu Nov  9 00:18:07 2017 us=2412   prng_nonce_secret_len = 16
Thu Nov  9 00:18:07 2017 us=2416   keysize = 0
Thu Nov  9 00:18:07 2017 us=2420   engine = DISABLED
Thu Nov  9 00:18:07 2017 us=2424   replay = ENABLED
Thu Nov  9 00:18:07 2017 us=2428   mute_replay_warnings = DISABLED
Thu Nov  9 00:18:07 2017 us=2432   replay_window = 64
Thu Nov  9 00:18:07 2017 us=2437   replay_time = 15
Thu Nov  9 00:18:07 2017 us=2440   packet_id_file = '[UNDEF]'
Thu Nov  9 00:18:07 2017 us=2444   use_iv = ENABLED
Thu Nov  9 00:18:07 2017 us=2448   test_crypto = DISABLED
Thu Nov  9 00:18:07 2017 us=2452   tls_server = ENABLED
Thu Nov  9 00:18:07 2017 us=2456   tls_client = DISABLED
Thu Nov  9 00:18:07 2017 us=2460   key_method = 2
Thu Nov  9 00:18:07 2017 us=2464   ca_file = 'ca.crt'
Thu Nov  9 00:18:07 2017 us=2468   ca_path = '[UNDEF]'
Thu Nov  9 00:18:07 2017 us=2475   dh_file = 'dh2048.pem'
Thu Nov  9 00:18:07 2017 us=2556   cert_file = 'server.crt'
Thu Nov  9 00:18:07 2017 us=2561   extra_certs_file = '[UNDEF]'
Thu Nov  9 00:18:07 2017 us=2565   priv_key_file = 'server.key'
Thu Nov  9 00:18:07 2017 us=2569   pkcs12_file = '[UNDEF]'
Thu Nov  9 00:18:07 2017 us=2573   cipher_list = '[UNDEF]'
Thu Nov  9 00:18:07 2017 us=2577   tls_verify = '[UNDEF]'
Thu Nov  9 00:18:07 2017 us=2581   tls_export_cert = '[UNDEF]'
Thu Nov  9 00:18:07 2017 us=2585   verify_x509_type = 0
Thu Nov  9 00:18:07 2017 us=2589   verify_x509_name = '[UNDEF]'
Thu Nov  9 00:18:07 2017 us=2593   crl_file = '[UNDEF]'
Thu Nov  9 00:18:07 2017 us=2597   ns_cert_type = 0
Thu Nov  9 00:18:07 2017 us=2601   remote_cert_ku[i] = 0
Thu Nov  9 00:18:07 2017 us=2605   remote_cert_ku[i] = 0
Thu Nov  9 00:18:07 2017 us=2609   remote_cert_ku[i] = 0
Thu Nov  9 00:18:07 2017 us=2613   remote_cert_ku[i] = 0
Thu Nov  9 00:18:07 2017 us=2617   remote_cert_ku[i] = 0
Thu Nov  9 00:18:07 2017 us=2621   remote_cert_ku[i] = 0
Thu Nov  9 00:18:07 2017 us=2624   remote_cert_ku[i] = 0
Thu Nov  9 00:18:07 2017 us=2628   remote_cert_ku[i] = 0
Thu Nov  9 00:18:07 2017 us=2632   remote_cert_ku[i] = 0
Thu Nov  9 00:18:07 2017 us=2636   remote_cert_ku[i] = 0
Thu Nov  9 00:18:07 2017 us=2640   remote_cert_ku[i] = 0
Thu Nov  9 00:18:07 2017 us=2644   remote_cert_ku[i] = 0
Thu Nov  9 00:18:07 2017 us=2647   remote_cert_ku[i] = 0
Thu Nov  9 00:18:07 2017 us=2651   remote_cert_ku[i] = 0
Thu Nov  9 00:18:07 2017 us=2655   remote_cert_ku[i] = 0
Thu Nov  9 00:18:07 2017 us=2659   remote_cert_ku[i] = 0
Thu Nov  9 00:18:07 2017 us=2663   remote_cert_eku = '[UNDEF]'
Thu Nov  9 00:18:07 2017 us=2667   ssl_flags = 0
Thu Nov  9 00:18:07 2017 us=2671   tls_timeout = 2
Thu Nov  9 00:18:07 2017 us=2675   renegotiate_bytes = -1
Thu Nov  9 00:18:07 2017 us=2679   renegotiate_packets = 0
Thu Nov  9 00:18:07 2017 us=2683   renegotiate_seconds = 3600
Thu Nov  9 00:18:07 2017 us=2687   handshake_window = 60
Thu Nov  9 00:18:07 2017 us=2693   transition_window = 3600
Thu Nov  9 00:18:07 2017 us=2700   single_session = DISABLED
Thu Nov  9 00:18:07 2017 us=2708   push_peer_info = DISABLED
Thu Nov  9 00:18:07 2017 us=2715   tls_exit = DISABLED
Thu Nov  9 00:18:07 2017 us=2723   tls_auth_file = 'ta.key'
Thu Nov  9 00:18:07 2017 us=2727   tls_crypt_file = '[UNDEF]'
Thu Nov  9 00:18:07 2017 us=2732   pkcs11_protected_authentication = DISABLED
Thu Nov  9 00:18:07 2017 us=2736   pkcs11_protected_authentication = DISABLED
Thu Nov  9 00:18:07 2017 us=2740   pkcs11_protected_authentication = DISABLED
Thu Nov  9 00:18:07 2017 us=2744   pkcs11_protected_authentication = DISABLED
Thu Nov  9 00:18:07 2017 us=2748   pkcs11_protected_authentication = DISABLED
Thu Nov  9 00:18:07 2017 us=2752   pkcs11_protected_authentication = DISABLED
Thu Nov  9 00:18:07 2017 us=2755   pkcs11_protected_authentication = DISABLED
Thu Nov  9 00:18:07 2017 us=2759   pkcs11_protected_authentication = DISABLED
Thu Nov  9 00:18:07 2017 us=2763   pkcs11_protected_authentication = DISABLED
Thu Nov  9 00:18:07 2017 us=2767   pkcs11_protected_authentication = DISABLED
Thu Nov  9 00:18:07 2017 us=2771   pkcs11_protected_authentication = DISABLED
Thu Nov  9 00:18:07 2017 us=2775   pkcs11_protected_authentication = DISABLED
Thu Nov  9 00:18:07 2017 us=2779   pkcs11_protected_authentication = DISABLED
Thu Nov  9 00:18:07 2017 us=2783   pkcs11_protected_authentication = DISABLED
Thu Nov  9 00:18:07 2017 us=2787   pkcs11_protected_authentication = DISABLED
Thu Nov  9 00:18:07 2017 us=2791   pkcs11_protected_authentication = DISABLED
Thu Nov  9 00:18:07 2017 us=2795   pkcs11_private_mode = 00000000
Thu Nov  9 00:18:07 2017 us=2799   pkcs11_private_mode = 00000000
Thu Nov  9 00:18:07 2017 us=2803   pkcs11_private_mode = 00000000
Thu Nov  9 00:18:07 2017 us=2807   pkcs11_private_mode = 00000000
Thu Nov  9 00:18:07 2017 us=2811   pkcs11_private_mode = 00000000
Thu Nov  9 00:18:07 2017 us=2815   pkcs11_private_mode = 00000000
Thu Nov  9 00:18:07 2017 us=2819   pkcs11_private_mode = 00000000
Thu Nov  9 00:18:07 2017 us=2828   pkcs11_private_mode = 00000000
Thu Nov  9 00:18:07 2017 us=2832   pkcs11_private_mode = 00000000
Thu Nov  9 00:18:07 2017 us=2836   pkcs11_private_mode = 00000000
Thu Nov  9 00:18:07 2017 us=2840   pkcs11_private_mode = 00000000
Thu Nov  9 00:18:07 2017 us=2844   pkcs11_private_mode = 00000000
Thu Nov  9 00:18:07 2017 us=2848   pkcs11_private_mode = 00000000
Thu Nov  9 00:18:07 2017 us=2852   pkcs11_private_mode = 00000000
Thu Nov  9 00:18:07 2017 us=2856   pkcs11_private_mode = 00000000
Thu Nov  9 00:18:07 2017 us=2860   pkcs11_private_mode = 00000000
Thu Nov  9 00:18:07 2017 us=2864   pkcs11_cert_private = DISABLED
Thu Nov  9 00:18:07 2017 us=2868   pkcs11_cert_private = DISABLED
Thu Nov  9 00:18:07 2017 us=2872   pkcs11_cert_private = DISABLED
Thu Nov  9 00:18:07 2017 us=2876   pkcs11_cert_private = DISABLED
Thu Nov  9 00:18:07 2017 us=2880   pkcs11_cert_private = DISABLED
Thu Nov  9 00:18:07 2017 us=2884   pkcs11_cert_private = DISABLED
Thu Nov  9 00:18:07 2017 us=2888   pkcs11_cert_private = DISABLED
Thu Nov  9 00:18:07 2017 us=2892   pkcs11_cert_private = DISABLED
Thu Nov  9 00:18:07 2017 us=2896   pkcs11_cert_private = DISABLED
Thu Nov  9 00:18:07 2017 us=2900   pkcs11_cert_private = DISABLED
Thu Nov  9 00:18:07 2017 us=2903   pkcs11_cert_private = DISABLED
Thu Nov  9 00:18:07 2017 us=2907   pkcs11_cert_private = DISABLED
Thu Nov  9 00:18:07 2017 us=2911   pkcs11_cert_private = DISABLED
Thu Nov  9 00:18:07 2017 us=2915   pkcs11_cert_private = DISABLED
Thu Nov  9 00:18:07 2017 us=2919   pkcs11_cert_private = DISABLED
Thu Nov  9 00:18:07 2017 us=2923   pkcs11_cert_private = DISABLED
Thu Nov  9 00:18:07 2017 us=2927   pkcs11_pin_cache_period = -1
Thu Nov  9 00:18:07 2017 us=2931   pkcs11_id = '[UNDEF]'
Thu Nov  9 00:18:07 2017 us=2935   pkcs11_id_management = DISABLED
Thu Nov  9 00:18:07 2017 us=2943   server_network = 10.8.0.0
Thu Nov  9 00:18:07 2017 us=2948   server_netmask = 255.255.255.0
Thu Nov  9 00:18:07 2017 us=2955   server_network_ipv6 = ::
Thu Nov  9 00:18:07 2017 us=2959   server_netbits_ipv6 = 0
Thu Nov  9 00:18:07 2017 us=2964   server_bridge_ip = 0.0.0.0
Thu Nov  9 00:18:07 2017 us=2969   server_bridge_netmask = 0.0.0.0
Thu Nov  9 00:18:07 2017 us=2974   server_bridge_pool_start = 0.0.0.0
Thu Nov  9 00:18:07 2017 us=2978   server_bridge_pool_end = 0.0.0.0
Thu Nov  9 00:18:07 2017 us=2982   push_entry = 'redirect-gateway def1 bypass-dhcp'
Thu Nov  9 00:18:07 2017 us=2987   push_entry = 'dhcp-option DNS 208.67.222.222'
Thu Nov  9 00:18:07 2017 us=2991   push_entry = 'dhcp-option DNS 208.67.220.220'
Thu Nov  9 00:18:07 2017 us=2995   push_entry = 'block-outside-dns'
Thu Nov  9 00:18:07 2017 us=2999   push_entry = 'route 10.8.0.1'
Thu Nov  9 00:18:07 2017 us=3003   push_entry = 'topology net30'
Thu Nov  9 00:18:07 2017 us=3007   push_entry = 'ping 10'
Thu Nov  9 00:18:07 2017 us=3011   push_entry = 'ping-restart 120'
Thu Nov  9 00:18:07 2017 us=3015   ifconfig_pool_defined = ENABLED
Thu Nov  9 00:18:07 2017 us=3019   ifconfig_pool_start = 10.8.0.4
Thu Nov  9 00:18:07 2017 us=3024   ifconfig_pool_end = 10.8.0.251
Thu Nov  9 00:18:07 2017 us=3028   ifconfig_pool_netmask = 0.0.0.0
Thu Nov  9 00:18:07 2017 us=3033   ifconfig_pool_persist_filename = 'ipp.txt'
Thu Nov  9 00:18:07 2017 us=3037   ifconfig_pool_persist_refresh_freq = 600
Thu Nov  9 00:18:07 2017 us=3041   ifconfig_ipv6_pool_defined = DISABLED
Thu Nov  9 00:18:07 2017 us=3045   ifconfig_ipv6_pool_base = ::
Thu Nov  9 00:18:07 2017 us=3049   ifconfig_ipv6_pool_netbits = 0
Thu Nov  9 00:18:07 2017 us=3053   n_bcast_buf = 256
Thu Nov  9 00:18:07 2017 us=3057   tcp_queue_limit = 64
Thu Nov  9 00:18:07 2017 us=3061   real_hash_size = 256
Thu Nov  9 00:18:07 2017 us=3065   virtual_hash_size = 256
Thu Nov  9 00:18:07 2017 us=3070   client_connect_script = '[UNDEF]'
Thu Nov  9 00:18:07 2017 us=3074   learn_address_script = '[UNDEF]'
Thu Nov  9 00:18:07 2017 us=3078   client_disconnect_script = '[UNDEF]'
Thu Nov  9 00:18:07 2017 us=3082   client_config_dir = '[UNDEF]'
Thu Nov  9 00:18:07 2017 us=3086   ccd_exclusive = DISABLED
Thu Nov  9 00:18:07 2017 us=3092   tmp_dir = '/tmp'
Thu Nov  9 00:18:07 2017 us=3096   push_ifconfig_defined = DISABLED
Thu Nov  9 00:18:07 2017 us=3101   push_ifconfig_local = 0.0.0.0
Thu Nov  9 00:18:07 2017 us=3106   push_ifconfig_remote_netmask = 0.0.0.0
Thu Nov  9 00:18:07 2017 us=3110   push_ifconfig_ipv6_defined = DISABLED
Thu Nov  9 00:18:07 2017 us=3114   push_ifconfig_ipv6_local = ::/0
Thu Nov  9 00:18:07 2017 us=3119   push_ifconfig_ipv6_remote = ::
Thu Nov  9 00:18:07 2017 us=3123   enable_c2c = DISABLED
Thu Nov  9 00:18:07 2017 us=3127   duplicate_cn = DISABLED
Thu Nov  9 00:18:07 2017 us=3132   cf_max = 0
Thu Nov  9 00:18:07 2017 us=3138   cf_per = 0
Thu Nov  9 00:18:07 2017 us=3145   max_clients = 1024
Thu Nov  9 00:18:07 2017 us=3151   max_routes_per_client = 256
Thu Nov  9 00:18:07 2017 us=3158   auth_user_pass_verify_script = '[UNDEF]'
Thu Nov  9 00:18:07 2017 us=3164   auth_user_pass_verify_script_via_file = DISABLED
Thu Nov  9 00:18:07 2017 us=3170   auth_token_generate = DISABLED
Thu Nov  9 00:18:07 2017 us=3177   auth_token_lifetime = 0
Thu Nov  9 00:18:07 2017 us=3183   port_share_host = '[UNDEF]'
Thu Nov  9 00:18:07 2017 us=3189   port_share_port = '[UNDEF]'
Thu Nov  9 00:18:07 2017 us=3195   client = DISABLED
Thu Nov  9 00:18:07 2017 us=3202   pull = DISABLED
Thu Nov  9 00:18:07 2017 us=3208   auth_user_pass_file = '[UNDEF]'
Thu Nov  9 00:18:07 2017 us=3217 OpenVPN 2.4.4 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Sep 26 2017
Thu Nov  9 00:18:07 2017 us=3232 library versions: OpenSSL 1.0.2g  1 Mar 2016, LZO 2.08
Thu Nov  9 00:18:07 2017 us=9409 Diffie-Hellman initialized with 2048 bit key
Thu Nov  9 00:18:07 2017 us=60665 Outgoing Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Thu Nov  9 00:18:07 2017 us=60708 Incoming Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Thu Nov  9 00:18:07 2017 us=60729 TLS-Auth MTU parms [ L:1622 D:1172 EF:78 EB:0 ET:0 EL:3 ]
Thu Nov  9 00:18:07 2017 us=61045 ROUTE_GATEWAY 145.239.80.1
Thu Nov  9 00:18:07 2017 us=62999 TUN/TAP device tun0 opened
Thu Nov  9 00:18:07 2017 us=63034 TUN/TAP TX queue length set to 100
Thu Nov  9 00:18:07 2017 us=63056 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Thu Nov  9 00:18:07 2017 us=63075 /sbin/ip link set dev tun0 up mtu 1500
Thu Nov  9 00:18:07 2017 us=64965 /sbin/ip addr add dev tun0 local 10.8.0.1 peer 10.8.0.2
Thu Nov  9 00:18:07 2017 us=67950 /sbin/ip route add 10.8.0.0/24 via 10.8.0.2
Thu Nov  9 00:18:07 2017 us=69084 Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
Thu Nov  9 00:18:07 2017 us=69602 Could not determine IPv4/IPv6 protocol. Using AF_INET
Thu Nov  9 00:18:07 2017 us=69632 Socket Buffers: R=[212992->212992] S=[212992->212992]
Thu Nov  9 00:18:07 2017 us=69654 UDPv4 link local (bound): [AF_INET][undef]:1194
Thu Nov  9 00:18:07 2017 us=69665 UDPv4 link remote: [AF_UNSPEC]
Thu Nov  9 00:18:07 2017 us=69680 GID set to nogroup
Thu Nov  9 00:18:07 2017 us=69694 UID set to nobody
Thu Nov  9 00:18:07 2017 us=69713 MULTI: multi_init called, r=256 v=256
Thu Nov  9 00:18:07 2017 us=69746 IFCONFIG POOL: base=10.8.0.4 size=62, ipv6=0
Thu Nov  9 00:18:07 2017 us=81099 ifconfig_pool_read(), in='phn0mnn,10.8.0.4', TODO: IPv6
Thu Nov  9 00:18:07 2017 us=81130 succeeded -> ifconfig_pool_set()
Thu Nov  9 00:18:07 2017 us=81137 ifconfig_pool_read(), in='phn0mnn,10.8.0.8', TODO: IPv6
Thu Nov  9 00:18:07 2017 us=81142 succeeded -> ifconfig_pool_set()
Thu Nov  9 00:18:07 2017 us=81148 IFCONFIG POOL LIST
Thu Nov  9 00:18:07 2017 us=81155 phn0mnn,10.8.0.4
Thu Nov  9 00:18:07 2017 us=81160 phn0mnn,10.8.0.8
Thu Nov  9 00:18:07 2017 us=81206 Initialization Sequence Completed
Thu Nov  9 00:19:45 2017 us=770846 MULTI: multi_create_instance called
Thu Nov  9 00:19:45 2017 us=771150 yyy.yyy.yyy.yy:51712 Re-using SSL/TLS context
Thu Nov  9 00:19:45 2017 us=771189 yyy.yyy.yyy.yy:51712 LZO compression initializing
Thu Nov  9 00:19:45 2017 us=771677 yyy.yyy.yyy.yy:51712 Control Channel MTU parms [ L:1622 D:1172 EF:78 EB:0 ET:0 EL:3 ]
Thu Nov  9 00:19:45 2017 us=771721 yyy.yyy.yyy.yy:51712 Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
Thu Nov  9 00:19:45 2017 us=771852 yyy.yyy.yyy.yy:51712 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1570,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 0,cipher AES-128-CBC,auth SHA256,keysize 128,tls-auth,key-method 2,tls-server'
Thu Nov  9 00:19:45 2017 us=771868 yyy.yyy.yyy.yy:51712 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1570,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher AES-128-CBC,auth SHA256,keysize 128,tls-auth,key-method 2,tls-client'
Thu Nov  9 00:19:45 2017 us=771984 yyy.yyy.yyy.yy:51712 TLS: Initial packet from [AF_INET]yyy.yyy.yyy.yy:51712, sid=72321aae 5bfaeffb
Thu Nov  9 00:20:45 2017 us=993542 yyy.yyy.yyy.yy:51712 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Thu Nov  9 00:20:45 2017 us=993655 yyy.yyy.yyy.yy:51712 TLS Error: TLS handshake failed
Thu Nov  9 00:20:45 2017 us=993857 yyy.yyy.yyy.yy:51712 SIGUSR1[soft,tls-error] received, client-instance restarting
Thu Nov  9 00:20:50 2017 us=445600 MULTI: multi_create_instance called
Thu Nov  9 00:20:50 2017 us=445652 yyy.yyy.yyy.yy:50991 Re-using SSL/TLS context
Thu Nov  9 00:20:50 2017 us=445665 yyy.yyy.yyy.yy:50991 LZO compression initializing
Thu Nov  9 00:20:50 2017 us=445780 yyy.yyy.yyy.yy:50991 Control Channel MTU parms [ L:1622 D:1172 EF:78 EB:0 ET:0 EL:3 ]
Thu Nov  9 00:20:50 2017 us=445806 yyy.yyy.yyy.yy:50991 Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
Thu Nov  9 00:20:50 2017 us=445859 yyy.yyy.yyy.yy:50991 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1570,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 0,cipher AES-128-CBC,auth SHA256,keysize 128,tls-auth,key-method 2,tls-server'
Thu Nov  9 00:20:50 2017 us=445877 yyy.yyy.yyy.yy:50991 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1570,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher AES-128-CBC,auth SHA256,keysize 128,tls-auth,key-method 2,tls-client'
Thu Nov  9 00:20:50 2017 us=445924 yyy.yyy.yyy.yy:50991 TLS: Initial packet from [AF_INET]yyy.yyy.yyy.yy:50991, sid=8b92a490 5a277f0d
Thu Nov  9 00:21:50 2017 us=506145 yyy.yyy.yyy.yy:50991 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Thu Nov  9 00:21:50 2017 us=506176 yyy.yyy.yyy.yy:50991 TLS Error: TLS handshake failed
Thu Nov  9 00:21:50 2017 us=506361 yyy.yyy.yyy.yy:50991 SIGUSR1[soft,tls-error] received, client-instance restarting
Client log:

Code: Select all

Thu Nov 09 00:19:44 2017 NOTE: --user option is not implemented on Windows
Thu Nov 09 00:19:44 2017 NOTE: --group option is not implemented on Windows
Thu Nov 09 00:19:44 2017 us=750049 Current Parameter Settings:
Thu Nov 09 00:19:44 2017 us=750049   config = 'phn0mnn.ovpn'
Thu Nov 09 00:19:44 2017 us=750049   mode = 0
Thu Nov 09 00:19:44 2017 us=750049   show_ciphers = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   show_digests = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   show_engines = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   genkey = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   key_pass_file = '[UNDEF]'
Thu Nov 09 00:19:44 2017 us=750049   show_tls_ciphers = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   connect_retry_max = 0
Thu Nov 09 00:19:44 2017 us=750049 Connection profiles [0]:
Thu Nov 09 00:19:44 2017 us=750049   proto = udp
Thu Nov 09 00:19:44 2017 us=750049   local = '[UNDEF]'
Thu Nov 09 00:19:44 2017 us=750049   local_port = '[UNDEF]'
Thu Nov 09 00:19:44 2017 us=750049   remote = 'xxx.xxx.xx.xxx'
Thu Nov 09 00:19:44 2017 us=750049   remote_port = '1194'
Thu Nov 09 00:19:44 2017 us=750049   remote_float = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   bind_defined = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   bind_local = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   bind_ipv6_only = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   connect_retry_seconds = 5
Thu Nov 09 00:19:44 2017 us=750049   connect_timeout = 120
Thu Nov 09 00:19:44 2017 us=750049   socks_proxy_server = '[UNDEF]'
Thu Nov 09 00:19:44 2017 us=750049   socks_proxy_port = '[UNDEF]'
Thu Nov 09 00:19:44 2017 us=750049   tun_mtu = 1500
Thu Nov 09 00:19:44 2017 us=750049   tun_mtu_defined = ENABLED
Thu Nov 09 00:19:44 2017 us=750049   link_mtu = 1500
Thu Nov 09 00:19:44 2017 us=750049   link_mtu_defined = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   tun_mtu_extra = 0
Thu Nov 09 00:19:44 2017 us=750049   tun_mtu_extra_defined = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   mtu_discover_type = -1
Thu Nov 09 00:19:44 2017 us=750049   fragment = 0
Thu Nov 09 00:19:44 2017 us=750049   mssfix = 1450
Thu Nov 09 00:19:44 2017 us=750049   explicit_exit_notification = 0
Thu Nov 09 00:19:44 2017 us=750049 Connection profiles END
Thu Nov 09 00:19:44 2017 us=750049   remote_random = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   ipchange = '[UNDEF]'
Thu Nov 09 00:19:44 2017 us=750049   dev = 'tun'
Thu Nov 09 00:19:44 2017 us=750049   dev_type = '[UNDEF]'
Thu Nov 09 00:19:44 2017 us=750049   dev_node = '[UNDEF]'
Thu Nov 09 00:19:44 2017 us=750049   lladdr = '[UNDEF]'
Thu Nov 09 00:19:44 2017 us=750049   topology = 1
Thu Nov 09 00:19:44 2017 us=750049   ifconfig_local = '[UNDEF]'
Thu Nov 09 00:19:44 2017 us=750049   ifconfig_remote_netmask = '[UNDEF]'
Thu Nov 09 00:19:44 2017 us=750049   ifconfig_noexec = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   ifconfig_nowarn = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   ifconfig_ipv6_local = '[UNDEF]'
Thu Nov 09 00:19:44 2017 us=750049   ifconfig_ipv6_netbits = 0
Thu Nov 09 00:19:44 2017 us=750049   ifconfig_ipv6_remote = '[UNDEF]'
Thu Nov 09 00:19:44 2017 us=750049   shaper = 0
Thu Nov 09 00:19:44 2017 us=750049   mtu_test = 0
Thu Nov 09 00:19:44 2017 us=750049   mlock = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   keepalive_ping = 0
Thu Nov 09 00:19:44 2017 us=750049   keepalive_timeout = 0
Thu Nov 09 00:19:44 2017 us=750049   inactivity_timeout = 0
Thu Nov 09 00:19:44 2017 us=750049   ping_send_timeout = 0
Thu Nov 09 00:19:44 2017 us=750049   ping_rec_timeout = 0
Thu Nov 09 00:19:44 2017 us=750049   ping_rec_timeout_action = 0
Thu Nov 09 00:19:44 2017 us=750049   ping_timer_remote = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   remap_sigusr1 = 0
Thu Nov 09 00:19:44 2017 us=750049   persist_tun = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   persist_local_ip = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   persist_remote_ip = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   persist_key = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   passtos = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   resolve_retry_seconds = 1000000000
Thu Nov 09 00:19:44 2017 us=750049   resolve_in_advance = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   username = '[UNDEF]'
Thu Nov 09 00:19:44 2017 us=750049   groupname = '[UNDEF]'
Thu Nov 09 00:19:44 2017 us=750049   chroot_dir = '[UNDEF]'
Thu Nov 09 00:19:44 2017 us=750049   cd_dir = '[UNDEF]'
Thu Nov 09 00:19:44 2017 us=750049   writepid = '[UNDEF]'
Thu Nov 09 00:19:44 2017 us=750049   up_script = '[UNDEF]'
Thu Nov 09 00:19:44 2017 us=750049   down_script = '[UNDEF]'
Thu Nov 09 00:19:44 2017 us=750049   down_pre = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   up_restart = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   up_delay = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   daemon = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   inetd = 0
Thu Nov 09 00:19:44 2017 us=750049   log = ENABLED
Thu Nov 09 00:19:44 2017 us=750049   suppress_timestamps = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   machine_readable_output = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   nice = 0
Thu Nov 09 00:19:44 2017 us=750049   verbosity = 4
Thu Nov 09 00:19:44 2017 us=750049   mute = 0
Thu Nov 09 00:19:44 2017 us=750049   gremlin = 0
Thu Nov 09 00:19:44 2017 us=750049   status_file = '[UNDEF]'
Thu Nov 09 00:19:44 2017 us=750049   status_file_version = 1
Thu Nov 09 00:19:44 2017 us=750049   status_file_update_freq = 60
Thu Nov 09 00:19:44 2017 us=750049   occ = ENABLED
Thu Nov 09 00:19:44 2017 us=750049   rcvbuf = 0
Thu Nov 09 00:19:44 2017 us=750049   sndbuf = 0
Thu Nov 09 00:19:44 2017 us=750049   sockflags = 0
Thu Nov 09 00:19:44 2017 us=750049   fast_io = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   comp.alg = 2
Thu Nov 09 00:19:44 2017 us=750049   comp.flags = 1
Thu Nov 09 00:19:44 2017 us=750049   route_script = '[UNDEF]'
Thu Nov 09 00:19:44 2017 us=750049   route_default_gateway = '[UNDEF]'
Thu Nov 09 00:19:44 2017 us=750049   route_default_metric = 0
Thu Nov 09 00:19:44 2017 us=750049   route_noexec = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   route_delay = 5
Thu Nov 09 00:19:44 2017 us=750049   route_delay_window = 30
Thu Nov 09 00:19:44 2017 us=750049   route_delay_defined = ENABLED
Thu Nov 09 00:19:44 2017 us=750049   route_nopull = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   route_gateway_via_dhcp = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   allow_pull_fqdn = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   management_addr = '127.0.0.1'
Thu Nov 09 00:19:44 2017 us=750049   management_port = '25340'
Thu Nov 09 00:19:44 2017 us=750049   management_user_pass = 'stdin'
Thu Nov 09 00:19:44 2017 us=750049   management_log_history_cache = 250
Thu Nov 09 00:19:44 2017 us=750049   management_echo_buffer_size = 100
Thu Nov 09 00:19:44 2017 us=750049   management_write_peer_info_file = '[UNDEF]'
Thu Nov 09 00:19:44 2017 us=750049   management_client_user = '[UNDEF]'
Thu Nov 09 00:19:44 2017 us=750049   management_client_group = '[UNDEF]'
Thu Nov 09 00:19:44 2017 us=750049   management_flags = 6
Thu Nov 09 00:19:44 2017 us=750049   shared_secret_file = '[UNDEF]'
Thu Nov 09 00:19:44 2017 us=750049   key_direction = 2
Thu Nov 09 00:19:44 2017 us=750049   ciphername = 'AES-128-CBC'
Thu Nov 09 00:19:44 2017 us=750049   ncp_enabled = ENABLED
Thu Nov 09 00:19:44 2017 us=750049   ncp_ciphers = 'AES-256-GCM:AES-128-GCM'
Thu Nov 09 00:19:44 2017 us=750049   authname = 'SHA256'
Thu Nov 09 00:19:44 2017 us=750049   prng_hash = 'SHA1'
Thu Nov 09 00:19:44 2017 us=750049   prng_nonce_secret_len = 16
Thu Nov 09 00:19:44 2017 us=750049   keysize = 0
Thu Nov 09 00:19:44 2017 us=750049   engine = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   replay = ENABLED
Thu Nov 09 00:19:44 2017 us=750049   mute_replay_warnings = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   replay_window = 64
Thu Nov 09 00:19:44 2017 us=750049   replay_time = 15
Thu Nov 09 00:19:44 2017 us=750049   packet_id_file = '[UNDEF]'
Thu Nov 09 00:19:44 2017 us=750049   use_iv = ENABLED
Thu Nov 09 00:19:44 2017 us=750049   test_crypto = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   tls_server = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   tls_client = ENABLED
Thu Nov 09 00:19:44 2017 us=750049   key_method = 2
Thu Nov 09 00:19:44 2017 us=750049   ca_file = '[[INLINE]]'
Thu Nov 09 00:19:44 2017 us=750049   ca_path = '[UNDEF]'
Thu Nov 09 00:19:44 2017 us=750049   dh_file = '[UNDEF]'
Thu Nov 09 00:19:44 2017 us=750049   cert_file = '[[INLINE]]'
Thu Nov 09 00:19:44 2017 us=750049   extra_certs_file = '[UNDEF]'
Thu Nov 09 00:19:44 2017 us=750049   priv_key_file = '[[INLINE]]'
Thu Nov 09 00:19:44 2017 us=750049   pkcs12_file = '[UNDEF]'
Thu Nov 09 00:19:44 2017 us=750049   cryptoapi_cert = '[UNDEF]'
Thu Nov 09 00:19:44 2017 us=750049   cipher_list = '[UNDEF]'
Thu Nov 09 00:19:44 2017 us=750049   tls_verify = '[UNDEF]'
Thu Nov 09 00:19:44 2017 us=750049   tls_export_cert = '[UNDEF]'
Thu Nov 09 00:19:44 2017 us=750049   verify_x509_type = 0
Thu Nov 09 00:19:44 2017 us=750049   verify_x509_name = '[UNDEF]'
Thu Nov 09 00:19:44 2017 us=750049   crl_file = '[UNDEF]'
Thu Nov 09 00:19:44 2017 us=750049   ns_cert_type = 0
Thu Nov 09 00:19:44 2017 us=750049   remote_cert_ku[i] = 65535
Thu Nov 09 00:19:44 2017 us=750049   remote_cert_ku[i] = 0
Thu Nov 09 00:19:44 2017 us=750049   remote_cert_ku[i] = 0
Thu Nov 09 00:19:44 2017 us=750049   remote_cert_ku[i] = 0
Thu Nov 09 00:19:44 2017 us=750049   remote_cert_ku[i] = 0
Thu Nov 09 00:19:44 2017 us=750049   remote_cert_ku[i] = 0
Thu Nov 09 00:19:44 2017 us=750049   remote_cert_ku[i] = 0
Thu Nov 09 00:19:44 2017 us=750049   remote_cert_ku[i] = 0
Thu Nov 09 00:19:44 2017 us=750049   remote_cert_ku[i] = 0
Thu Nov 09 00:19:44 2017 us=750049   remote_cert_ku[i] = 0
Thu Nov 09 00:19:44 2017 us=750049   remote_cert_ku[i] = 0
Thu Nov 09 00:19:44 2017 us=750049   remote_cert_ku[i] = 0
Thu Nov 09 00:19:44 2017 us=750049   remote_cert_ku[i] = 0
Thu Nov 09 00:19:44 2017 us=750049   remote_cert_ku[i] = 0
Thu Nov 09 00:19:44 2017 us=750049   remote_cert_ku[i] = 0
Thu Nov 09 00:19:44 2017 us=750049   remote_cert_ku[i] = 0
Thu Nov 09 00:19:44 2017 us=750049   remote_cert_eku = 'TLS Web Server Authentication'
Thu Nov 09 00:19:44 2017 us=750049   ssl_flags = 0
Thu Nov 09 00:19:44 2017 us=750049   tls_timeout = 2
Thu Nov 09 00:19:44 2017 us=750049   renegotiate_bytes = -1
Thu Nov 09 00:19:44 2017 us=750049   renegotiate_packets = 0
Thu Nov 09 00:19:44 2017 us=750049   renegotiate_seconds = 3600
Thu Nov 09 00:19:44 2017 us=750049   handshake_window = 60
Thu Nov 09 00:19:44 2017 us=750049   transition_window = 3600
Thu Nov 09 00:19:44 2017 us=750049   single_session = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   push_peer_info = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   tls_exit = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   tls_auth_file = '[[INLINE]]'
Thu Nov 09 00:19:44 2017 us=750049   tls_crypt_file = '[UNDEF]'
Thu Nov 09 00:19:44 2017 us=750049   pkcs11_protected_authentication = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   pkcs11_protected_authentication = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   pkcs11_protected_authentication = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   pkcs11_protected_authentication = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   pkcs11_protected_authentication = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   pkcs11_protected_authentication = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   pkcs11_protected_authentication = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   pkcs11_protected_authentication = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   pkcs11_protected_authentication = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   pkcs11_protected_authentication = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   pkcs11_protected_authentication = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   pkcs11_protected_authentication = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   pkcs11_protected_authentication = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   pkcs11_protected_authentication = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   pkcs11_protected_authentication = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   pkcs11_protected_authentication = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   pkcs11_private_mode = 00000000
Thu Nov 09 00:19:44 2017 us=750049   pkcs11_private_mode = 00000000
Thu Nov 09 00:19:44 2017 us=750049   pkcs11_private_mode = 00000000
Thu Nov 09 00:19:44 2017 us=750049   pkcs11_private_mode = 00000000
Thu Nov 09 00:19:44 2017 us=750049   pkcs11_private_mode = 00000000
Thu Nov 09 00:19:44 2017 us=750049   pkcs11_private_mode = 00000000
Thu Nov 09 00:19:44 2017 us=750049   pkcs11_private_mode = 00000000
Thu Nov 09 00:19:44 2017 us=750049   pkcs11_private_mode = 00000000
Thu Nov 09 00:19:44 2017 us=750049   pkcs11_private_mode = 00000000
Thu Nov 09 00:19:44 2017 us=750049   pkcs11_private_mode = 00000000
Thu Nov 09 00:19:44 2017 us=750049   pkcs11_private_mode = 00000000
Thu Nov 09 00:19:44 2017 us=750049   pkcs11_private_mode = 00000000
Thu Nov 09 00:19:44 2017 us=750049   pkcs11_private_mode = 00000000
Thu Nov 09 00:19:44 2017 us=750049   pkcs11_private_mode = 00000000
Thu Nov 09 00:19:44 2017 us=750049   pkcs11_private_mode = 00000000
Thu Nov 09 00:19:44 2017 us=750049   pkcs11_private_mode = 00000000
Thu Nov 09 00:19:44 2017 us=750049   pkcs11_cert_private = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   pkcs11_cert_private = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   pkcs11_cert_private = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   pkcs11_cert_private = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   pkcs11_cert_private = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   pkcs11_cert_private = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   pkcs11_cert_private = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   pkcs11_cert_private = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   pkcs11_cert_private = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   pkcs11_cert_private = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   pkcs11_cert_private = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   pkcs11_cert_private = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   pkcs11_cert_private = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   pkcs11_cert_private = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   pkcs11_cert_private = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   pkcs11_cert_private = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   pkcs11_pin_cache_period = -1
Thu Nov 09 00:19:44 2017 us=750049   pkcs11_id = '[UNDEF]'
Thu Nov 09 00:19:44 2017 us=750049   pkcs11_id_management = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   server_network = 0.0.0.0
Thu Nov 09 00:19:44 2017 us=750049   server_netmask = 0.0.0.0
Thu Nov 09 00:19:44 2017 us=750049   server_network_ipv6 = ::
Thu Nov 09 00:19:44 2017 us=750049   server_netbits_ipv6 = 0
Thu Nov 09 00:19:44 2017 us=750049   server_bridge_ip = 0.0.0.0
Thu Nov 09 00:19:44 2017 us=750049   server_bridge_netmask = 0.0.0.0
Thu Nov 09 00:19:44 2017 us=750049   server_bridge_pool_start = 0.0.0.0
Thu Nov 09 00:19:44 2017 us=750049   server_bridge_pool_end = 0.0.0.0
Thu Nov 09 00:19:44 2017 us=750049   ifconfig_pool_defined = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   ifconfig_pool_start = 0.0.0.0
Thu Nov 09 00:19:44 2017 us=750049   ifconfig_pool_end = 0.0.0.0
Thu Nov 09 00:19:44 2017 us=750049   ifconfig_pool_netmask = 0.0.0.0
Thu Nov 09 00:19:44 2017 us=750049   ifconfig_pool_persist_filename = '[UNDEF]'
Thu Nov 09 00:19:44 2017 us=750049   ifconfig_pool_persist_refresh_freq = 600
Thu Nov 09 00:19:44 2017 us=750049   ifconfig_ipv6_pool_defined = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   ifconfig_ipv6_pool_base = ::
Thu Nov 09 00:19:44 2017 us=750049   ifconfig_ipv6_pool_netbits = 0
Thu Nov 09 00:19:44 2017 us=750049   n_bcast_buf = 256
Thu Nov 09 00:19:44 2017 us=750049   tcp_queue_limit = 64
Thu Nov 09 00:19:44 2017 us=750049   real_hash_size = 256
Thu Nov 09 00:19:44 2017 us=750049   virtual_hash_size = 256
Thu Nov 09 00:19:44 2017 us=750049   client_connect_script = '[UNDEF]'
Thu Nov 09 00:19:44 2017 us=750049   learn_address_script = '[UNDEF]'
Thu Nov 09 00:19:44 2017 us=750049   client_disconnect_script = '[UNDEF]'
Thu Nov 09 00:19:44 2017 us=750049   client_config_dir = '[UNDEF]'
Thu Nov 09 00:19:44 2017 us=750049   ccd_exclusive = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   tmp_dir = 'C:\Users\PHN0MNN\AppData\Local\Temp\'
Thu Nov 09 00:19:44 2017 us=750049   push_ifconfig_defined = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   push_ifconfig_local = 0.0.0.0
Thu Nov 09 00:19:44 2017 us=750049   push_ifconfig_remote_netmask = 0.0.0.0
Thu Nov 09 00:19:44 2017 us=750049   push_ifconfig_ipv6_defined = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   push_ifconfig_ipv6_local = ::/0
Thu Nov 09 00:19:44 2017 us=750049   push_ifconfig_ipv6_remote = ::
Thu Nov 09 00:19:44 2017 us=750049   enable_c2c = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   duplicate_cn = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   cf_max = 0
Thu Nov 09 00:19:44 2017 us=750049   cf_per = 0
Thu Nov 09 00:19:44 2017 us=750049   max_clients = 1024
Thu Nov 09 00:19:44 2017 us=750049   max_routes_per_client = 256
Thu Nov 09 00:19:44 2017 us=750049   auth_user_pass_verify_script = '[UNDEF]'
Thu Nov 09 00:19:44 2017 us=750049   auth_user_pass_verify_script_via_file = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   auth_token_generate = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   auth_token_lifetime = 0
Thu Nov 09 00:19:44 2017 us=750049   client = ENABLED
Thu Nov 09 00:19:44 2017 us=750049   pull = ENABLED
Thu Nov 09 00:19:44 2017 us=750049   auth_user_pass_file = '[UNDEF]'
Thu Nov 09 00:19:44 2017 us=750049   show_net_up = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   route_method = 0
Thu Nov 09 00:19:44 2017 us=750049   block_outside_dns = ENABLED
Thu Nov 09 00:19:44 2017 us=750049   ip_win32_defined = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   ip_win32_type = 3
Thu Nov 09 00:19:44 2017 us=750049   dhcp_masq_offset = 0
Thu Nov 09 00:19:44 2017 us=750049   dhcp_lease_time = 31536000
Thu Nov 09 00:19:44 2017 us=750049   tap_sleep = 0
Thu Nov 09 00:19:44 2017 us=750049   dhcp_options = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   dhcp_renew = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   dhcp_pre_release = DISABLED
Thu Nov 09 00:19:44 2017 us=750049   domain = '[UNDEF]'
Thu Nov 09 00:19:44 2017 us=750049   netbios_scope = '[UNDEF]'
Thu Nov 09 00:19:44 2017 us=750049   netbios_node_type = 0
Thu Nov 09 00:19:44 2017 us=750049   disable_nbt = DISABLED
Thu Nov 09 00:19:44 2017 us=750049 OpenVPN 2.4.4 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Sep 26 2017
Thu Nov 09 00:19:44 2017 us=750049 Windows version 6.2 (Windows 8 or greater) 64bit
Thu Nov 09 00:19:44 2017 us=750049 library versions: OpenSSL 1.0.2l  25 May 2017, LZO 2.10
Enter Management Password:
Thu Nov 09 00:19:44 2017 us=750049 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Thu Nov 09 00:19:44 2017 us=750049 Need hold release from management interface, waiting...
Thu Nov 09 00:19:45 2017 us=235294 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Thu Nov 09 00:19:45 2017 us=348752 MANAGEMENT: CMD 'state on'
Thu Nov 09 00:19:45 2017 us=348752 MANAGEMENT: CMD 'log all on'
Thu Nov 09 00:19:45 2017 us=544977 MANAGEMENT: CMD 'echo all on'
Thu Nov 09 00:19:45 2017 us=546976 MANAGEMENT: CMD 'hold off'
Thu Nov 09 00:19:45 2017 us=549783 MANAGEMENT: CMD 'hold release'
Thu Nov 09 00:19:45 2017 us=698121 MANAGEMENT: CMD 'password [...]'
Thu Nov 09 00:19:45 2017 us=698121 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Thu Nov 09 00:19:45 2017 us=706138 Outgoing Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Thu Nov 09 00:19:45 2017 us=706138 Incoming Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Thu Nov 09 00:19:45 2017 us=706138 LZO compression initializing
Thu Nov 09 00:19:45 2017 us=706138 Control Channel MTU parms [ L:1622 D:1172 EF:78 EB:0 ET:0 EL:3 ]
Thu Nov 09 00:19:45 2017 us=706138 Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
Thu Nov 09 00:19:45 2017 us=706138 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1570,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher AES-128-CBC,auth SHA256,keysize 128,tls-auth,key-method 2,tls-client'
Thu Nov 09 00:19:45 2017 us=706138 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1570,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 0,cipher AES-128-CBC,auth SHA256,keysize 128,tls-auth,key-method 2,tls-server'
Thu Nov 09 00:19:45 2017 us=706138 TCP/UDP: Preserving recently used remote address: [AF_INET]xxx.xxx.xx.xxx:1194
Thu Nov 09 00:19:45 2017 us=706138 Socket Buffers: R=[65536->65536] S=[65536->65536]
Thu Nov 09 00:19:45 2017 us=706138 UDP link local: (not bound)
Thu Nov 09 00:19:45 2017 us=706138 UDP link remote: [AF_INET]xxx.xxx.xx.xxx:1194
Thu Nov 09 00:19:45 2017 us=706138 MANAGEMENT: >STATE:1510179585,WAIT,,,,,,
Thu Nov 09 00:19:48 2017 us=100657 TLS Error: Unroutable control packet received from [AF_INET]xxx.xxx.xx.xxx:1194 (si=3 op=P_ACK_V1)
Thu Nov 09 00:19:52 2017 us=765763 TLS Error: Unroutable control packet received from [AF_INET]xxx.xxx.xx.xxx:1194 (si=3 op=P_ACK_V1)
Thu Nov 09 00:20:45 2017 us=340386 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Thu Nov 09 00:20:45 2017 us=340386 TLS Error: TLS handshake failed
Thu Nov 09 00:20:45 2017 us=340386 TCP/UDP: Closing socket
Thu Nov 09 00:20:45 2017 us=352488 SIGUSR1[soft,tls-error] received, process restarting
Thu Nov 09 00:20:45 2017 us=352488 MANAGEMENT: >STATE:1510179645,RECONNECTING,tls-error,,,,,
Thu Nov 09 00:20:45 2017 us=352488 Restart pause, 5 second(s)
Thu Nov 09 00:20:50 2017 us=379153 Outgoing Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Thu Nov 09 00:20:50 2017 us=380128 Incoming Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Thu Nov 09 00:20:50 2017 us=380128 LZO compression initializing
Thu Nov 09 00:20:50 2017 us=380128 Control Channel MTU parms [ L:1622 D:1172 EF:78 EB:0 ET:0 EL:3 ]
Thu Nov 09 00:20:50 2017 us=380128 Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
Thu Nov 09 00:20:50 2017 us=380128 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1570,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher AES-128-CBC,auth SHA256,keysize 128,tls-auth,key-method 2,tls-client'
Thu Nov 09 00:20:50 2017 us=381134 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1570,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 0,cipher AES-128-CBC,auth SHA256,keysize 128,tls-auth,key-method 2,tls-server'
Thu Nov 09 00:20:50 2017 us=381134 TCP/UDP: Preserving recently used remote address: [AF_INET]xxx.xxx.xx.xxx:1194
Thu Nov 09 00:20:50 2017 us=381134 Socket Buffers: R=[65536->65536] S=[65536->65536]
Thu Nov 09 00:20:50 2017 us=381134 UDP link local: (not bound)
Thu Nov 09 00:20:50 2017 us=381134 UDP link remote: [AF_INET]xxx.xxx.xx.xxx:1194
Thu Nov 09 00:20:50 2017 us=381134 MANAGEMENT: >STATE:1510179650,WAIT,,,,,,
Thu Nov 09 00:20:57 2017 us=19814 TLS Error: Unroutable control packet received from [AF_INET]xxx.xxx.xx.xxx:1194 (si=3 op=P_ACK_V1)
Thu Nov 09 00:21:20 2017 us=694562 TLS Error: Unroutable control packet received from [AF_INET]xxx.xxx.xx.xxx:1194 (si=3 op=P_ACK_V1)
Thu Nov 09 00:21:23 2017 us=375583 TCP/UDP: Closing socket
Thu Nov 09 00:21:23 2017 us=375583 SIGTERM[hard,] received, process exiting
Thu Nov 09 00:21:23 2017 us=375583 MANAGEMENT: >STATE:1510179683,EXITING,SIGTERM,,,,,
Thu Nov 09 00:21:23 2017 us=375583 TCP/UDP: Closing socket is me manually cancelling the connection attempt btw.

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: TLS Error: Unroutable control packet received

Post by TinCanTech » Wed Nov 08, 2017 11:13 pm

There is only one condition within OpenVPN which throws this error and that is that the control packet is sent to or from an invalid session .. so something (most likely your server as we saw from your previous logs) has gone wrong with the process. Your previous logs made it clear that the server process ID had changed. Take a really close look at which configs your server is actually starting. It may also be worth backing up your firewall rules and then deleting them all for testing.

bilkusg
OpenVpn Newbie
Posts: 1
Joined: Wed Aug 29, 2018 6:15 pm

Re: TLS Error: Unroutable control packet received

Post by bilkusg » Wed Aug 29, 2018 6:15 pm

It may be worth mentioning that this error can also occur if you accidentally use a client certificate on the server side of a connection.
At least, that's what I did!

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: TLS Error: Unroutable control packet received

Post by TinCanTech » Wed Aug 29, 2018 6:40 pm

If you setup your VPN and PKI correctly, you should not be able to connect at all to a server using a client certificate.

Post Reply