Can't connect from Windows client, but Android works fine
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
-
- OpenVpn Newbie
- Posts: 7
- Joined: Wed Jan 10, 2018 8:53 am
Can't connect from Windows client, but Android works fine
Hello,
I installed OpenVPN server on a DigitalOcean droplet following the exact instructions here: https://www.digitalocean.com/community/ ... figuration
I installed an OpenVPN client on my Android phone and on 2 Windows PCs. The Android phone connects to the VPN properly, but both Windows PCs fail, displaying the following log (replacing my server's IP with SERVER_IP):
Wed Jan 10 10:58:20 2018 OpenVPN 2.4.4 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Sep 26 2017
Wed Jan 10 10:58:20 2018 Windows version 6.2 (Windows 8 or greater) 64bit
Wed Jan 10 10:58:20 2018 library versions: OpenSSL 1.0.2l 25 May 2017, LZO 2.10
Wed Jan 10 10:58:20 2018 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Wed Jan 10 10:58:20 2018 Need hold release from management interface, waiting...
Wed Jan 10 10:58:20 2018 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Wed Jan 10 10:58:20 2018 MANAGEMENT: CMD 'state on'
Wed Jan 10 10:58:20 2018 MANAGEMENT: CMD 'log all on'
Wed Jan 10 10:58:20 2018 MANAGEMENT: CMD 'echo all on'
Wed Jan 10 10:58:20 2018 MANAGEMENT: CMD 'hold off'
Wed Jan 10 10:58:20 2018 MANAGEMENT: CMD 'hold release'
Wed Jan 10 10:58:20 2018 Outgoing Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Wed Jan 10 10:58:20 2018 Incoming Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Wed Jan 10 10:58:20 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]SERVER_IP:443
Wed Jan 10 10:58:20 2018 Socket Buffers: R=[65536->65536] S=[65536->65536]
Wed Jan 10 10:58:20 2018 Attempting to establish TCP connection with [AF_INET]SERVER_IP:443 [nonblock]
Wed Jan 10 10:58:20 2018 MANAGEMENT: >STATE:1515574700,TCP_CONNECT,,,,,,
Wed Jan 10 10:58:21 2018 TCP connection established with [AF_INET]SERVER_IP:443
Wed Jan 10 10:58:21 2018 TCP_CLIENT link local: (not bound)
Wed Jan 10 10:58:21 2018 TCP_CLIENT link remote: [AF_INET]SERVER_IP:443
Wed Jan 10 10:58:21 2018 MANAGEMENT: >STATE:1515574701,WAIT,,,,,,
Wed Jan 10 10:58:21 2018 MANAGEMENT: >STATE:1515574701,AUTH,,,,,,
Wed Jan 10 10:58:21 2018 TLS: Initial packet from [AF_INET]SERVER_IP:443, sid=c0ea25bc f29f5b1d
Wed Jan 10 10:58:41 2018 read TCP_CLIENT: Unknown error (code=10060)
Wed Jan 10 10:58:41 2018 Connection reset, restarting [-1]
Wed Jan 10 10:58:41 2018 SIGUSR1[soft,connection-reset] received, process restarting
Wed Jan 10 10:58:41 2018 MANAGEMENT: >STATE:1515574721,RECONNECTING,connection-reset,,,,,
Wed Jan 10 10:58:41 2018 Restart pause, 5 second(s)
Wed Jan 10 10:58:46 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]SERVER_IP:443
Wed Jan 10 10:58:46 2018 Socket Buffers: R=[65536->65536] S=[65536->65536]
Wed Jan 10 10:58:46 2018 Attempting to establish TCP connection with [AF_INET]SERVER_IP:443 [nonblock]
Wed Jan 10 10:58:46 2018 MANAGEMENT: >STATE:1515574726,TCP_CONNECT,,,,,,
Wed Jan 10 10:58:47 2018 TCP connection established with [AF_INET]SERVER_IP:443
Wed Jan 10 10:58:47 2018 TCP_CLIENT link local: (not bound)
Wed Jan 10 10:58:47 2018 TCP_CLIENT link remote: [AF_INET]SERVER_IP:443
Wed Jan 10 10:58:47 2018 MANAGEMENT: >STATE:1515574727,WAIT,,,,,,
Wed Jan 10 10:58:47 2018 MANAGEMENT: >STATE:1515574727,AUTH,,,,,,
Wed Jan 10 10:58:47 2018 TLS: Initial packet from [AF_INET]SERVER_IP:443, sid=6f9b193e 1030653f
Many thanks
I installed OpenVPN server on a DigitalOcean droplet following the exact instructions here: https://www.digitalocean.com/community/ ... figuration
I installed an OpenVPN client on my Android phone and on 2 Windows PCs. The Android phone connects to the VPN properly, but both Windows PCs fail, displaying the following log (replacing my server's IP with SERVER_IP):
Wed Jan 10 10:58:20 2018 OpenVPN 2.4.4 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Sep 26 2017
Wed Jan 10 10:58:20 2018 Windows version 6.2 (Windows 8 or greater) 64bit
Wed Jan 10 10:58:20 2018 library versions: OpenSSL 1.0.2l 25 May 2017, LZO 2.10
Wed Jan 10 10:58:20 2018 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Wed Jan 10 10:58:20 2018 Need hold release from management interface, waiting...
Wed Jan 10 10:58:20 2018 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Wed Jan 10 10:58:20 2018 MANAGEMENT: CMD 'state on'
Wed Jan 10 10:58:20 2018 MANAGEMENT: CMD 'log all on'
Wed Jan 10 10:58:20 2018 MANAGEMENT: CMD 'echo all on'
Wed Jan 10 10:58:20 2018 MANAGEMENT: CMD 'hold off'
Wed Jan 10 10:58:20 2018 MANAGEMENT: CMD 'hold release'
Wed Jan 10 10:58:20 2018 Outgoing Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Wed Jan 10 10:58:20 2018 Incoming Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Wed Jan 10 10:58:20 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]SERVER_IP:443
Wed Jan 10 10:58:20 2018 Socket Buffers: R=[65536->65536] S=[65536->65536]
Wed Jan 10 10:58:20 2018 Attempting to establish TCP connection with [AF_INET]SERVER_IP:443 [nonblock]
Wed Jan 10 10:58:20 2018 MANAGEMENT: >STATE:1515574700,TCP_CONNECT,,,,,,
Wed Jan 10 10:58:21 2018 TCP connection established with [AF_INET]SERVER_IP:443
Wed Jan 10 10:58:21 2018 TCP_CLIENT link local: (not bound)
Wed Jan 10 10:58:21 2018 TCP_CLIENT link remote: [AF_INET]SERVER_IP:443
Wed Jan 10 10:58:21 2018 MANAGEMENT: >STATE:1515574701,WAIT,,,,,,
Wed Jan 10 10:58:21 2018 MANAGEMENT: >STATE:1515574701,AUTH,,,,,,
Wed Jan 10 10:58:21 2018 TLS: Initial packet from [AF_INET]SERVER_IP:443, sid=c0ea25bc f29f5b1d
Wed Jan 10 10:58:41 2018 read TCP_CLIENT: Unknown error (code=10060)
Wed Jan 10 10:58:41 2018 Connection reset, restarting [-1]
Wed Jan 10 10:58:41 2018 SIGUSR1[soft,connection-reset] received, process restarting
Wed Jan 10 10:58:41 2018 MANAGEMENT: >STATE:1515574721,RECONNECTING,connection-reset,,,,,
Wed Jan 10 10:58:41 2018 Restart pause, 5 second(s)
Wed Jan 10 10:58:46 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]SERVER_IP:443
Wed Jan 10 10:58:46 2018 Socket Buffers: R=[65536->65536] S=[65536->65536]
Wed Jan 10 10:58:46 2018 Attempting to establish TCP connection with [AF_INET]SERVER_IP:443 [nonblock]
Wed Jan 10 10:58:46 2018 MANAGEMENT: >STATE:1515574726,TCP_CONNECT,,,,,,
Wed Jan 10 10:58:47 2018 TCP connection established with [AF_INET]SERVER_IP:443
Wed Jan 10 10:58:47 2018 TCP_CLIENT link local: (not bound)
Wed Jan 10 10:58:47 2018 TCP_CLIENT link remote: [AF_INET]SERVER_IP:443
Wed Jan 10 10:58:47 2018 MANAGEMENT: >STATE:1515574727,WAIT,,,,,,
Wed Jan 10 10:58:47 2018 MANAGEMENT: >STATE:1515574727,AUTH,,,,,,
Wed Jan 10 10:58:47 2018 TLS: Initial packet from [AF_INET]SERVER_IP:443, sid=6f9b193e 1030653f
Many thanks
Last edited by therealyoussef on Thu Jan 11, 2018 12:47 am, edited 1 time in total.
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: Can't connect from Windows client, but Android works fine
Check your server log for errors when the Windows client connects.
-
- OpenVpn Newbie
- Posts: 7
- Joined: Wed Jan 10, 2018 8:53 am
Re: Can't connect from Windows client, but Android works fine
Jan 10 15:18:29 ShadowSocks-London ovpn-server[5974]: CLIENT_IP:14770 SIGUSR1[soft,tls-error] received, client-instance restartingTinCanTech wrote: ↑Wed Jan 10, 2018 12:59 pmCheck your server log for errors when the Windows client connects.
Jan 10 15:18:40 ShadowSocks-London kernel: [418831.694987] [UFW BLOCK] IN=eth0 OUT= MAC=ca:81:35:17:d0:52:5c:45:27:79:03:30:08:00 SRC=125.212.217.215 DST=SERVER_IP LEN=40 TOS=0x00 PREC=0x00 TTL=109 ID=54601 PROTO=TCP SPT=46640 DPT=55443 WINDOW=54313 RES=0x00 SYN URGP=0
Jan 10 15:18:54 ShadowSocks-London ovpn-server[5974]: CLIENT_IP:14799 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Jan 10 15:18:54 ShadowSocks-London ovpn-server[5974]: CLIENT_IP:14799 TLS Error: TLS handshake failed
Jan 10 15:18:54 ShadowSocks-London ovpn-server[5974]: CLIENT_IP:14799 Fatal TLS error (check_tls_errors_co), restarting
Jan 10 15:18:54 ShadowSocks-London ovpn-server[5974]: CLIENT_IP:14799 SIGUSR1[soft,tls-error] received, client-instance restarting
This TLS Error happens with both the Windows and Ubuntu clients, but the Android client works fine. I don't think the UFW block has anything to do with the problem because it is always showing in the logs without me trying to even connect and with weird source IP addresses.
I am using the same .opvn file for all the clients (with a minor change in the Ubuntu one).
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: Can't connect from Windows client, but Android works fine
For an example of what we need to see Please see:
HOWTO: Request Help ! {2}
Note: Your openvpn logs as per the --log directive .. not this log below ..
HOWTO: Request Help ! {2}
Note: Your openvpn logs as per the --log directive .. not this log below ..
In this case you are probably correct, your server is on port 443 not 55443 ? right ..therealyoussef wrote: ↑Wed Jan 10, 2018 3:31 pmJan 10 15:18:40 ShadowSocks-London kernel: [418831.694987] [UFW BLOCK] IN=eth0 OUT= MAC=ca:81:35:17:d0:52:5c:45:27:79:03:30:08:00 SRC=125.212.217.215 DST=SERVER_IP LEN=40 TOS=0x00 PREC=0x00 TTL=109 ID=54601 PROTO=TCP SPT=46640 DPT=55443 WINDOW=54313 RES=0x00 SYN URGP=0
I don't think the UFW block has anything to do with the problem because it is always showing in the logs without me trying to even connect and with weird source IP addresses
-
- OpenVpn Newbie
- Posts: 7
- Joined: Wed Jan 10, 2018 8:53 am
Re: Can't connect from Windows client, but Android works fine
*Server*TinCanTech wrote: ↑Wed Jan 10, 2018 6:15 pmFor an example of what we need to see Please see:
HOWTO: Request Help ! {2}
Note: Your openvpn logs as per the --log directive .. not this log below ..
Operating system:
Code: Select all
$ uname -a
Linux ShadowSocks-London 4.4.0-104-generic #127-Ubuntu SMP Mon Dec 11 12:16:42 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
Code: Select all
$ ifconfig
eth0 Link encap:Ethernet HWaddr ca:81:35:17:d0:52
inet addr:SERVER_IP Bcast:46.101.63.255 Mask:255.255.192.0
inet6 addr: SERVER_IP/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:7117105 errors:0 dropped:0 overruns:0 frame:0
TX packets:6644815 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:11287935907 (11.2 GB) TX bytes:11088470600 (11.0 GB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:160 errors:0 dropped:0 overruns:0 frame:0
TX packets:160 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:11840 (11.8 KB) TX bytes:11840 (11.8 KB)
tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.8.0.1 P-t-P:10.8.0.2 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:1686 errors:0 dropped:0 overruns:0 frame:0
TX packets:1888 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:180825 (180.8 KB) TX bytes:1621736 (1.6 MB)
server.conf
port 443
proto tcp
dev tun
ca ca.crt
cert server.crt
key server.key # This file should be kept secret
dh dh2048.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"
keepalive 10 120
tls-auth ta.key 0 # This file is secret
key-direction 0
cipher AES-128-CBC # AES
auth SHA256
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
log openvpn.log
verb 6
Server log (at --verb 6 and client IP address changed after the log)
Code: Select all
Wed Jan 10 18:56:24 2018 us=850088 MULTI: multi_create_instance called
Wed Jan 10 18:56:24 2018 us=850696 Re-using SSL/TLS context
Wed Jan 10 18:56:24 2018 us=850866 LZO compression initialized
Wed Jan 10 18:56:24 2018 us=851190 Control Channel MTU parms [ L:1572 D:1170 EF:80 EB:0 ET:0 EL:3 ]
Wed Jan 10 18:56:24 2018 us=851343 Data Channel MTU parms [ L:1572 D:1450 EF:72 EB:143 ET:0 EL:3 AF:3/1 ]
Wed Jan 10 18:56:24 2018 us=851487 Local Options String: 'V4,dev-type tun,link-mtu 1572,tun-mtu 1500,proto TCPv4_SERVER,comp-lzo,keydir 0,cipher AES-128-CBC,auth SHA256,keysize 128,tls-auth,key-method 2,tls-server'
Wed Jan 10 18:56:24 2018 us=851574 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1572,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,keydir 1,cipher AES-128-CBC,auth SHA256,keysize 128,tls-auth,key-method 2,tls-client'
Wed Jan 10 18:56:24 2018 us=851680 Local Options hash (VER=V4): 'f9a2c6a1'
Wed Jan 10 18:56:24 2018 us=851765 Expected Remote Options hash (VER=V4): 'a0dade22'
Wed Jan 10 18:56:24 2018 us=851883 TCP connection established with [AF_INET]156.222.70.239:16327
Wed Jan 10 18:56:24 2018 us=851964 TCPv4_SERVER link local: [undef]
Wed Jan 10 18:56:24 2018 us=852024 TCPv4_SERVER link remote: [AF_INET]156.222.70.239:16327
Wed Jan 10 18:56:25 2018 us=779412 156.222.70.239:16327 TCPv4_SERVER READ [54] from [AF_INET]156.222.70.239:16327: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 pid=[ #1 ] [ ] pid=0 DATA len=0
Wed Jan 10 18:56:25 2018 us=779800 156.222.70.239:16327 TLS: Initial packet from [AF_INET]156.222.70.239:16327, sid=47ebfae4 98e59d7b
Wed Jan 10 18:56:25 2018 us=780149 156.222.70.239:16327 TCPv4_SERVER WRITE [66] to [AF_INET]156.222.70.239:16327: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 pid=[ #1 ] [ 0 ] pid=0 DATA len=0
Wed Jan 10 18:56:27 2018 us=933263 156.222.70.239:16327 TCPv4_SERVER WRITE [54] to [AF_INET]156.222.70.239:16327: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 pid=[ #2 ] [ ] pid=0 DATA len=0
Wed Jan 10 18:56:31 2018 us=162595 156.222.70.239:16327 TCPv4_SERVER WRITE [54] to [AF_INET]156.222.70.239:16327: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 pid=[ #3 ] [ ] pid=0 DATA len=0
Wed Jan 10 18:56:39 2018 us=828168 156.222.70.239:16327 TCPv4_SERVER WRITE [54] to [AF_INET]156.222.70.239:16327: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 pid=[ #4 ] [ ] pid=0 DATA len=0
Wed Jan 10 18:56:50 2018 us=169718 MULTI: multi_create_instance called
Wed Jan 10 18:56:50 2018 us=171190 Re-using SSL/TLS context
Wed Jan 10 18:56:50 2018 us=171519 LZO compression initialized
Wed Jan 10 18:56:50 2018 us=172179 Control Channel MTU parms [ L:1572 D:1170 EF:80 EB:0 ET:0 EL:3 ]
Wed Jan 10 18:56:50 2018 us=172401 Data Channel MTU parms [ L:1572 D:1450 EF:72 EB:143 ET:0 EL:3 AF:3/1 ]
Wed Jan 10 18:56:50 2018 us=172674 Local Options String: 'V4,dev-type tun,link-mtu 1572,tun-mtu 1500,proto TCPv4_SERVER,comp-lzo,keydir 0,cipher AES-128-CBC,auth SHA256,keysize 128,tls-auth,key-method 2,tls-server'
Wed Jan 10 18:56:50 2018 us=172914 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1572,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,keydir 1,cipher AES-128-CBC,auth SHA256,keysize 128,tls-auth,key-method 2,tls-client'
Wed Jan 10 18:56:50 2018 us=173188 Local Options hash (VER=V4): 'f9a2c6a1'
Wed Jan 10 18:56:50 2018 us=173450 Expected Remote Options hash (VER=V4): 'a0dade22'
Wed Jan 10 18:56:50 2018 us=173735 TCP connection established with [AF_INET]156.222.70.239:16338
Wed Jan 10 18:56:50 2018 us=173959 TCPv4_SERVER link local: [undef]
Wed Jan 10 18:56:50 2018 us=174158 TCPv4_SERVER link remote: [AF_INET]156.222.70.239:16338
Wed Jan 10 18:56:51 2018 us=108794 156.222.70.239:16338 TCPv4_SERVER READ [54] from [AF_INET]156.222.70.239:16338: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 pid=[ #1 ] [ ] pid=0 DATA len=0
Wed Jan 10 18:56:51 2018 us=109154 156.222.70.239:16338 TLS: Initial packet from [AF_INET]156.222.70.239:16338, sid=dd207e15 a91a2ba6
Wed Jan 10 18:56:51 2018 us=109435 156.222.70.239:16338 TCPv4_SERVER WRITE [66] to [AF_INET]156.222.70.239:16338: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 pid=[ #1 ] [ 0 ] pid=0 DATA len=0
Wed Jan 10 18:56:53 2018 us=455649 156.222.70.239:16338 TCPv4_SERVER WRITE [54] to [AF_INET]156.222.70.239:16338: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 pid=[ #2 ] [ ] pid=0 DATA len=0
Wed Jan 10 18:56:55 2018 us=870903 156.222.70.239:16327 TCPv4_SERVER WRITE [54] to [AF_INET]156.222.70.239:16327: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 pid=[ #5 ] [ ] pid=0 DATA len=0
Wed Jan 10 18:56:57 2018 us=206394 156.222.70.239:16338 TCPv4_SERVER WRITE [54] to [AF_INET]156.222.70.239:16338: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 pid=[ #3 ] [ ] pid=0 DATA len=0
Wed Jan 10 18:57:05 2018 us=847962 156.222.70.239:16338 TCPv4_SERVER WRITE [54] to [AF_INET]156.222.70.239:16338: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 pid=[ #4 ] [ ] pid=0 DATA len=0
Wed Jan 10 18:57:15 2018 us=501627 MULTI: multi_create_instance called
Wed Jan 10 18:57:15 2018 us=502764 Re-using SSL/TLS context
Wed Jan 10 18:57:15 2018 us=503221 LZO compression initialized
Wed Jan 10 18:57:15 2018 us=504269 Control Channel MTU parms [ L:1572 D:1170 EF:80 EB:0 ET:0 EL:3 ]
Wed Jan 10 18:57:15 2018 us=504635 Data Channel MTU parms [ L:1572 D:1450 EF:72 EB:143 ET:0 EL:3 AF:3/1 ]
Wed Jan 10 18:57:15 2018 us=505012 Local Options String: 'V4,dev-type tun,link-mtu 1572,tun-mtu 1500,proto TCPv4_SERVER,comp-lzo,keydir 0,cipher AES-128-CBC,auth SHA256,keysize 128,tls-auth,key-method 2,tls-server'
Wed Jan 10 18:57:15 2018 us=505245 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1572,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,keydir 1,cipher AES-128-CBC,auth SHA256,keysize 128,tls-auth,key-method 2,tls-client'
Wed Jan 10 18:57:15 2018 us=505544 Local Options hash (VER=V4): 'f9a2c6a1'
Wed Jan 10 18:57:15 2018 us=505739 Expected Remote Options hash (VER=V4): 'a0dade22'
Wed Jan 10 18:57:15 2018 us=506042 TCP connection established with [AF_INET]156.222.70.239:16353
Wed Jan 10 18:57:15 2018 us=506201 TCPv4_SERVER link local: [undef]
Wed Jan 10 18:57:15 2018 us=506405 TCPv4_SERVER link remote: [AF_INET]156.222.70.239:16353
Wed Jan 10 18:57:16 2018 us=441615 156.222.70.239:16353 TCPv4_SERVER READ [54] from [AF_INET]156.222.70.239:16353: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 pid=[ #1 ] [ ] pid=0 DATA len=0
Wed Jan 10 18:57:16 2018 us=441824 156.222.70.239:16353 TLS: Initial packet from [AF_INET]156.222.70.239:16353, sid=51686cc8 eb797c0b
Wed Jan 10 18:57:16 2018 us=442023 156.222.70.239:16353 TCPv4_SERVER WRITE [66] to [AF_INET]156.222.70.239:16353: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 pid=[ #1 ] [ 0 ] pid=0 DATA len=0
Wed Jan 10 18:57:18 2018 us=773494 156.222.70.239:16353 TCPv4_SERVER WRITE [54] to [AF_INET]156.222.70.239:16353: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 pid=[ #2 ] [ ] pid=0 DATA len=0
Wed Jan 10 18:57:21 2018 us=387142 156.222.70.239:16338 TCPv4_SERVER WRITE [54] to [AF_INET]156.222.70.239:16338: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 pid=[ #5 ] [ ] pid=0 DATA len=0
Wed Jan 10 18:57:22 2018 us=605145 156.222.70.239:16353 TCPv4_SERVER WRITE [54] to [AF_INET]156.222.70.239:16353: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 pid=[ #3 ] [ ] pid=0 DATA len=0
Wed Jan 10 18:57:24 2018 us=26760 156.222.70.239:16327 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Wed Jan 10 18:57:24 2018 us=27238 156.222.70.239:16327 TLS Error: TLS handshake failed
Wed Jan 10 18:57:24 2018 us=27836 156.222.70.239:16327 Fatal TLS error (check_tls_errors_co), restarting
Wed Jan 10 18:57:24 2018 us=28101 156.222.70.239:16327 SIGUSR1[soft,tls-error] received, client-instance restarting
Wed Jan 10 18:57:24 2018 us=28473 TCP/UDP: Closing socket
Wed Jan 10 18:57:30 2018 us=298430 156.222.70.239:16353 TCPv4_SERVER WRITE [54] to [AF_INET]156.222.70.239:16353: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 pid=[ #4 ] [ ] pid=0 DATA len=0
Wed Jan 10 18:57:40 2018 us=827874 MULTI: multi_create_instance called
Wed Jan 10 18:57:40 2018 us=828366 Re-using SSL/TLS context
Wed Jan 10 18:57:40 2018 us=828580 LZO compression initialized
Wed Jan 10 18:57:40 2018 us=828865 Control Channel MTU parms [ L:1572 D:1170 EF:80 EB:0 ET:0 EL:3 ]
Wed Jan 10 18:57:40 2018 us=829079 Data Channel MTU parms [ L:1572 D:1450 EF:72 EB:143 ET:0 EL:3 AF:3/1 ]
Wed Jan 10 18:57:40 2018 us=829324 Local Options String: 'V4,dev-type tun,link-mtu 1572,tun-mtu 1500,proto TCPv4_SERVER,comp-lzo,keydir 0,cipher AES-128-CBC,auth SHA256,keysize 128,tls-auth,key-method 2,tls-server'
Wed Jan 10 18:57:40 2018 us=829506 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1572,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,keydir 1,cipher AES-128-CBC,auth SHA256,keysize 128,tls-auth,key-method 2,tls-client'
Wed Jan 10 18:57:40 2018 us=829658 Local Options hash (VER=V4): 'f9a2c6a1'
Wed Jan 10 18:57:40 2018 us=829786 Expected Remote Options hash (VER=V4): 'a0dade22'
Wed Jan 10 18:57:40 2018 us=829949 TCP connection established with [AF_INET]156.222.70.239:16379
Wed Jan 10 18:57:40 2018 us=830063 TCPv4_SERVER link local: [undef]
Wed Jan 10 18:57:40 2018 us=830171 TCPv4_SERVER link remote: [AF_INET]156.222.70.239:16379
Wed Jan 10 18:57:41 2018 us=768381 156.222.70.239:16379 TCPv4_SERVER READ [54] from [AF_INET]156.222.70.239:16379: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 pid=[ #1 ] [ ] pid=0 DATA len=0
Wed Jan 10 18:57:41 2018 us=769680 156.222.70.239:16379 TLS: Initial packet from [AF_INET]156.222.70.239:16379, sid=8309941a 841cc77d
Wed Jan 10 18:57:41 2018 us=770003 156.222.70.239:16379 TCPv4_SERVER WRITE [66] to [AF_INET]156.222.70.239:16379: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 pid=[ #1 ] [ 0 ] pid=0 DATA len=0
Wed Jan 10 18:57:43 2018 us=625163 156.222.70.239:16379 TCPv4_SERVER WRITE [54] to [AF_INET]156.222.70.239:16379: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 pid=[ #2 ] [ ] pid=0 DATA len=0
Code: Select all
Wed Jan 10 18:57:24 2018 us=26760 156.222.70.239:16327 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Wed Jan 10 18:57:24 2018 us=27238 156.222.70.239:16327 TLS Error: TLS handshake failed
Wed Jan 10 18:57:24 2018 us=27836 156.222.70.239:16327 Fatal TLS error (check_tls_errors_co), restarting
Operating system:
Code: Select all
C:\Users\Youssef>ver
Microsoft Windows [Version 10.0.14393]
Code: Select all
C:\Users\Youssef>ipconfig
Windows IP Configuration
Ethernet adapter Ethernet:
Connection-specific DNS Suffix . :
Link-local IPv6 Address . . . . . : fe80::5403:5700:ddb0:9b60%11
IPv4 Address. . . . . . . . . . . : 192.168.1.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
Ethernet adapter Ethernet 5:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Ethernet adapter Ethernet 6:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Connection-specific DNS Suffix . :
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6abd:24da:d0b7:6321:b910
Link-local IPv6 Address . . . . . : fe80::24da:d0b7:6321:b910%6
Default Gateway . . . . . . . . . : ::
Tunnel adapter isatap.{B5B76EBA-EC46-436A-BD21-B296DE826FCB}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
client1.ovpn
client
dev tun
proto tcp
remote SERVER_IP 443
resolv-retry infinite
nobind
user nobody
group nogroup
persist-key
persist-tun
remote-cert-tls server
key-direction 1
cipher AES-128-CBC
auth SHA256
comp-lzo
verb 6
<ca>
...
</ca>
<cert>
...
</cert>
<key>
...
</key>
<tls-auth>
...
</tls-auth>
Client log (at --verb 6 and server name and IP address removed)
Code: Select all
Wed Jan 10 21:23:18 2018 NOTE: --user option is not implemented on Windows
Wed Jan 10 21:23:18 2018 NOTE: --group option is not implemented on Windows
Wed Jan 10 21:23:18 2018 us=320031 Current Parameter Settings:
Wed Jan 10 21:23:18 2018 us=320031 config = 'client1.ovpn'
Wed Jan 10 21:23:18 2018 us=320031 mode = 0
Wed Jan 10 21:23:18 2018 us=320031 show_ciphers = DISABLED
Wed Jan 10 21:23:18 2018 us=320031 show_digests = DISABLED
Wed Jan 10 21:23:18 2018 us=320031 show_engines = DISABLED
Wed Jan 10 21:23:18 2018 us=320031 genkey = DISABLED
Wed Jan 10 21:23:18 2018 us=320031 key_pass_file = '[UNDEF]'
Wed Jan 10 21:23:18 2018 us=320031 show_tls_ciphers = DISABLED
Wed Jan 10 21:23:18 2018 us=320031 connect_retry_max = 0
Wed Jan 10 21:23:18 2018 us=320031 Connection profiles [0]:
Wed Jan 10 21:23:18 2018 us=320031 proto = tcp-client
Wed Jan 10 21:23:18 2018 us=320031 local = '[UNDEF]'
Wed Jan 10 21:23:18 2018 us=320031 local_port = '[UNDEF]'
Wed Jan 10 21:23:18 2018 us=320031 remote = 'SERVER_IP'
Wed Jan 10 21:23:18 2018 us=320031 remote_port = '443'
Wed Jan 10 21:23:18 2018 us=320031 remote_float = DISABLED
Wed Jan 10 21:23:18 2018 us=320031 bind_defined = DISABLED
Wed Jan 10 21:23:18 2018 us=320031 bind_local = DISABLED
Wed Jan 10 21:23:18 2018 us=320031 bind_ipv6_only = DISABLED
Wed Jan 10 21:23:18 2018 us=320031 connect_retry_seconds = 5
Wed Jan 10 21:23:18 2018 us=320031 connect_timeout = 120
Wed Jan 10 21:23:18 2018 us=320031 socks_proxy_server = '[UNDEF]'
Wed Jan 10 21:23:18 2018 us=320031 socks_proxy_port = '[UNDEF]'
Wed Jan 10 21:23:18 2018 us=320031 tun_mtu = 1500
Wed Jan 10 21:23:18 2018 us=320031 tun_mtu_defined = ENABLED
Wed Jan 10 21:23:18 2018 us=320031 link_mtu = 1500
Wed Jan 10 21:23:18 2018 us=320031 link_mtu_defined = DISABLED
Wed Jan 10 21:23:18 2018 us=320031 tun_mtu_extra = 0
Wed Jan 10 21:23:18 2018 us=320031 tun_mtu_extra_defined = DISABLED
Wed Jan 10 21:23:18 2018 us=320031 mtu_discover_type = -1
Wed Jan 10 21:23:18 2018 us=320031 fragment = 0
Wed Jan 10 21:23:18 2018 us=320031 mssfix = 1450
Wed Jan 10 21:23:18 2018 us=320031 explicit_exit_notification = 0
Wed Jan 10 21:23:18 2018 us=320031 Connection profiles END
Wed Jan 10 21:23:18 2018 us=320031 remote_random = DISABLED
Wed Jan 10 21:23:18 2018 us=320031 ipchange = '[UNDEF]'
Wed Jan 10 21:23:18 2018 us=320031 dev = 'tun'
Wed Jan 10 21:23:18 2018 us=320031 dev_type = '[UNDEF]'
Wed Jan 10 21:23:18 2018 us=320031 dev_node = '[UNDEF]'
Wed Jan 10 21:23:18 2018 us=320031 lladdr = '[UNDEF]'
Wed Jan 10 21:23:18 2018 us=320031 topology = 1
Wed Jan 10 21:23:18 2018 us=320031 ifconfig_local = '[UNDEF]'
Wed Jan 10 21:23:18 2018 us=320031 ifconfig_remote_netmask = '[UNDEF]'
Wed Jan 10 21:23:18 2018 us=320031 ifconfig_noexec = DISABLED
Wed Jan 10 21:23:18 2018 us=320031 ifconfig_nowarn = DISABLED
Wed Jan 10 21:23:18 2018 us=320031 ifconfig_ipv6_local = '[UNDEF]'
Wed Jan 10 21:23:18 2018 us=320031 ifconfig_ipv6_netbits = 0
Wed Jan 10 21:23:18 2018 us=320031 ifconfig_ipv6_remote = '[UNDEF]'
Wed Jan 10 21:23:18 2018 us=320031 shaper = 0
Wed Jan 10 21:23:18 2018 us=320031 mtu_test = 0
Wed Jan 10 21:23:18 2018 us=320031 mlock = DISABLED
Wed Jan 10 21:23:18 2018 us=320031 keepalive_ping = 0
Wed Jan 10 21:23:18 2018 us=320031 keepalive_timeout = 0
Wed Jan 10 21:23:18 2018 us=320031 inactivity_timeout = 0
Wed Jan 10 21:23:18 2018 us=320031 ping_send_timeout = 0
Wed Jan 10 21:23:18 2018 us=320031 ping_rec_timeout = 0
Wed Jan 10 21:23:18 2018 us=320031 ping_rec_timeout_action = 0
Wed Jan 10 21:23:18 2018 us=320031 ping_timer_remote = DISABLED
Wed Jan 10 21:23:18 2018 us=320031 remap_sigusr1 = 0
Wed Jan 10 21:23:18 2018 us=320031 persist_tun = ENABLED
Wed Jan 10 21:23:18 2018 us=320031 persist_local_ip = DISABLED
Wed Jan 10 21:23:18 2018 us=320031 persist_remote_ip = DISABLED
Wed Jan 10 21:23:18 2018 us=320031 persist_key = ENABLED
Wed Jan 10 21:23:18 2018 us=320031 passtos = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 resolve_retry_seconds = 1000000000
Wed Jan 10 21:23:18 2018 us=335680 resolve_in_advance = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 username = '[UNDEF]'
Wed Jan 10 21:23:18 2018 us=335680 groupname = '[UNDEF]'
Wed Jan 10 21:23:18 2018 us=335680 chroot_dir = '[UNDEF]'
Wed Jan 10 21:23:18 2018 us=335680 cd_dir = '[UNDEF]'
Wed Jan 10 21:23:18 2018 us=335680 writepid = '[UNDEF]'
Wed Jan 10 21:23:18 2018 us=335680 up_script = '[UNDEF]'
Wed Jan 10 21:23:18 2018 us=335680 down_script = '[UNDEF]'
Wed Jan 10 21:23:18 2018 us=335680 down_pre = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 up_restart = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 up_delay = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 daemon = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 inetd = 0
Wed Jan 10 21:23:18 2018 us=335680 log = ENABLED
Wed Jan 10 21:23:18 2018 us=335680 suppress_timestamps = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 machine_readable_output = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 nice = 0
Wed Jan 10 21:23:18 2018 us=335680 verbosity = 6
Wed Jan 10 21:23:18 2018 us=335680 mute = 0
Wed Jan 10 21:23:18 2018 us=335680 gremlin = 0
Wed Jan 10 21:23:18 2018 us=335680 status_file = '[UNDEF]'
Wed Jan 10 21:23:18 2018 us=335680 status_file_version = 1
Wed Jan 10 21:23:18 2018 us=335680 status_file_update_freq = 60
Wed Jan 10 21:23:18 2018 us=335680 occ = ENABLED
Wed Jan 10 21:23:18 2018 us=335680 rcvbuf = 0
Wed Jan 10 21:23:18 2018 us=335680 sndbuf = 0
Wed Jan 10 21:23:18 2018 us=335680 sockflags = 0
Wed Jan 10 21:23:18 2018 us=335680 fast_io = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 comp.alg = 2
Wed Jan 10 21:23:18 2018 us=335680 comp.flags = 1
Wed Jan 10 21:23:18 2018 us=335680 route_script = '[UNDEF]'
Wed Jan 10 21:23:18 2018 us=335680 route_default_gateway = '[UNDEF]'
Wed Jan 10 21:23:18 2018 us=335680 route_default_metric = 0
Wed Jan 10 21:23:18 2018 us=335680 route_noexec = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 route_delay = 5
Wed Jan 10 21:23:18 2018 us=335680 route_delay_window = 30
Wed Jan 10 21:23:18 2018 us=335680 route_delay_defined = ENABLED
Wed Jan 10 21:23:18 2018 us=335680 route_nopull = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 route_gateway_via_dhcp = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 allow_pull_fqdn = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 management_addr = '127.0.0.1'
Wed Jan 10 21:23:18 2018 us=335680 management_port = '25340'
Wed Jan 10 21:23:18 2018 us=335680 management_user_pass = 'stdin'
Wed Jan 10 21:23:18 2018 us=335680 management_log_history_cache = 250
Wed Jan 10 21:23:18 2018 us=335680 management_echo_buffer_size = 100
Wed Jan 10 21:23:18 2018 us=335680 management_write_peer_info_file = '[UNDEF]'
Wed Jan 10 21:23:18 2018 us=335680 management_client_user = '[UNDEF]'
Wed Jan 10 21:23:18 2018 us=335680 management_client_group = '[UNDEF]'
Wed Jan 10 21:23:18 2018 us=335680 management_flags = 6
Wed Jan 10 21:23:18 2018 us=335680 shared_secret_file = '[UNDEF]'
Wed Jan 10 21:23:18 2018 us=335680 key_direction = 2
Wed Jan 10 21:23:18 2018 us=335680 ciphername = 'AES-128-CBC'
Wed Jan 10 21:23:18 2018 us=335680 ncp_enabled = ENABLED
Wed Jan 10 21:23:18 2018 us=335680 ncp_ciphers = 'AES-256-GCM:AES-128-GCM'
Wed Jan 10 21:23:18 2018 us=335680 authname = 'SHA256'
Wed Jan 10 21:23:18 2018 us=335680 prng_hash = 'SHA1'
Wed Jan 10 21:23:18 2018 us=335680 prng_nonce_secret_len = 16
Wed Jan 10 21:23:18 2018 us=335680 keysize = 0
Wed Jan 10 21:23:18 2018 us=335680 engine = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 replay = ENABLED
Wed Jan 10 21:23:18 2018 us=335680 mute_replay_warnings = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 replay_window = 64
Wed Jan 10 21:23:18 2018 us=335680 replay_time = 15
Wed Jan 10 21:23:18 2018 us=335680 packet_id_file = '[UNDEF]'
Wed Jan 10 21:23:18 2018 us=335680 use_iv = ENABLED
Wed Jan 10 21:23:18 2018 us=335680 test_crypto = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 tls_server = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 tls_client = ENABLED
Wed Jan 10 21:23:18 2018 us=335680 key_method = 2
Wed Jan 10 21:23:18 2018 us=335680 ca_file = '[[INLINE]]'
Wed Jan 10 21:23:18 2018 us=335680 ca_path = '[UNDEF]'
Wed Jan 10 21:23:18 2018 us=335680 dh_file = '[UNDEF]'
Wed Jan 10 21:23:18 2018 us=335680 cert_file = '[[INLINE]]'
Wed Jan 10 21:23:18 2018 us=335680 extra_certs_file = '[UNDEF]'
Wed Jan 10 21:23:18 2018 us=335680 priv_key_file = '[[INLINE]]'
Wed Jan 10 21:23:18 2018 us=335680 pkcs12_file = '[UNDEF]'
Wed Jan 10 21:23:18 2018 us=335680 cryptoapi_cert = '[UNDEF]'
Wed Jan 10 21:23:18 2018 us=335680 cipher_list = '[UNDEF]'
Wed Jan 10 21:23:18 2018 us=335680 tls_verify = '[UNDEF]'
Wed Jan 10 21:23:18 2018 us=335680 tls_export_cert = '[UNDEF]'
Wed Jan 10 21:23:18 2018 us=335680 verify_x509_type = 0
Wed Jan 10 21:23:18 2018 us=335680 verify_x509_name = '[UNDEF]'
Wed Jan 10 21:23:18 2018 us=335680 crl_file = '[UNDEF]'
Wed Jan 10 21:23:18 2018 us=335680 ns_cert_type = 0
Wed Jan 10 21:23:18 2018 us=335680 remote_cert_ku[i] = 65535
Wed Jan 10 21:23:18 2018 us=335680 remote_cert_ku[i] = 0
Wed Jan 10 21:23:18 2018 us=335680 remote_cert_ku[i] = 0
Wed Jan 10 21:23:18 2018 us=335680 remote_cert_ku[i] = 0
Wed Jan 10 21:23:18 2018 us=335680 remote_cert_ku[i] = 0
Wed Jan 10 21:23:18 2018 us=335680 remote_cert_ku[i] = 0
Wed Jan 10 21:23:18 2018 us=335680 remote_cert_ku[i] = 0
Wed Jan 10 21:23:18 2018 us=335680 remote_cert_ku[i] = 0
Wed Jan 10 21:23:18 2018 us=335680 remote_cert_ku[i] = 0
Wed Jan 10 21:23:18 2018 us=335680 remote_cert_ku[i] = 0
Wed Jan 10 21:23:18 2018 us=335680 remote_cert_ku[i] = 0
Wed Jan 10 21:23:18 2018 us=335680 remote_cert_ku[i] = 0
Wed Jan 10 21:23:18 2018 us=335680 remote_cert_ku[i] = 0
Wed Jan 10 21:23:18 2018 us=335680 remote_cert_ku[i] = 0
Wed Jan 10 21:23:18 2018 us=335680 remote_cert_ku[i] = 0
Wed Jan 10 21:23:18 2018 us=335680 remote_cert_ku[i] = 0
Wed Jan 10 21:23:18 2018 us=335680 remote_cert_eku = 'TLS Web Server Authentication'
Wed Jan 10 21:23:18 2018 us=335680 ssl_flags = 0
Wed Jan 10 21:23:18 2018 us=335680 tls_timeout = 2
Wed Jan 10 21:23:18 2018 us=335680 renegotiate_bytes = -1
Wed Jan 10 21:23:18 2018 us=335680 renegotiate_packets = 0
Wed Jan 10 21:23:18 2018 us=335680 renegotiate_seconds = 3600
Wed Jan 10 21:23:18 2018 us=335680 handshake_window = 60
Wed Jan 10 21:23:18 2018 us=335680 transition_window = 3600
Wed Jan 10 21:23:18 2018 us=335680 single_session = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 push_peer_info = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 tls_exit = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 tls_auth_file = '[[INLINE]]'
Wed Jan 10 21:23:18 2018 us=335680 tls_crypt_file = '[UNDEF]'
Wed Jan 10 21:23:18 2018 us=335680 pkcs11_protected_authentication = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 pkcs11_protected_authentication = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 pkcs11_protected_authentication = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 pkcs11_protected_authentication = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 pkcs11_protected_authentication = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 pkcs11_protected_authentication = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 pkcs11_protected_authentication = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 pkcs11_protected_authentication = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 pkcs11_protected_authentication = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 pkcs11_protected_authentication = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 pkcs11_protected_authentication = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 pkcs11_protected_authentication = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 pkcs11_protected_authentication = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 pkcs11_protected_authentication = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 pkcs11_protected_authentication = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 pkcs11_protected_authentication = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 pkcs11_private_mode = 00000000
Wed Jan 10 21:23:18 2018 us=335680 pkcs11_private_mode = 00000000
Wed Jan 10 21:23:18 2018 us=335680 pkcs11_private_mode = 00000000
Wed Jan 10 21:23:18 2018 us=335680 pkcs11_private_mode = 00000000
Wed Jan 10 21:23:18 2018 us=335680 pkcs11_private_mode = 00000000
Wed Jan 10 21:23:18 2018 us=335680 pkcs11_private_mode = 00000000
Wed Jan 10 21:23:18 2018 us=335680 pkcs11_private_mode = 00000000
Wed Jan 10 21:23:18 2018 us=335680 pkcs11_private_mode = 00000000
Wed Jan 10 21:23:18 2018 us=335680 pkcs11_private_mode = 00000000
Wed Jan 10 21:23:18 2018 us=335680 pkcs11_private_mode = 00000000
Wed Jan 10 21:23:18 2018 us=335680 pkcs11_private_mode = 00000000
Wed Jan 10 21:23:18 2018 us=335680 pkcs11_private_mode = 00000000
Wed Jan 10 21:23:18 2018 us=335680 pkcs11_private_mode = 00000000
Wed Jan 10 21:23:18 2018 us=335680 pkcs11_private_mode = 00000000
Wed Jan 10 21:23:18 2018 us=335680 pkcs11_private_mode = 00000000
Wed Jan 10 21:23:18 2018 us=335680 pkcs11_private_mode = 00000000
Wed Jan 10 21:23:18 2018 us=335680 pkcs11_cert_private = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 pkcs11_cert_private = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 pkcs11_cert_private = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 pkcs11_cert_private = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 pkcs11_cert_private = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 pkcs11_cert_private = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 pkcs11_cert_private = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 pkcs11_cert_private = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 pkcs11_cert_private = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 pkcs11_cert_private = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 pkcs11_cert_private = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 pkcs11_cert_private = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 pkcs11_cert_private = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 pkcs11_cert_private = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 pkcs11_cert_private = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 pkcs11_cert_private = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 pkcs11_pin_cache_period = -1
Wed Jan 10 21:23:18 2018 us=335680 pkcs11_id = '[UNDEF]'
Wed Jan 10 21:23:18 2018 us=335680 pkcs11_id_management = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 server_network = 0.0.0.0
Wed Jan 10 21:23:18 2018 us=335680 server_netmask = 0.0.0.0
Wed Jan 10 21:23:18 2018 us=335680 server_network_ipv6 = ::
Wed Jan 10 21:23:18 2018 us=335680 server_netbits_ipv6 = 0
Wed Jan 10 21:23:18 2018 us=335680 server_bridge_ip = 0.0.0.0
Wed Jan 10 21:23:18 2018 us=335680 server_bridge_netmask = 0.0.0.0
Wed Jan 10 21:23:18 2018 us=335680 server_bridge_pool_start = 0.0.0.0
Wed Jan 10 21:23:18 2018 us=335680 server_bridge_pool_end = 0.0.0.0
Wed Jan 10 21:23:18 2018 us=335680 ifconfig_pool_defined = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 ifconfig_pool_start = 0.0.0.0
Wed Jan 10 21:23:18 2018 us=335680 ifconfig_pool_end = 0.0.0.0
Wed Jan 10 21:23:18 2018 us=335680 ifconfig_pool_netmask = 0.0.0.0
Wed Jan 10 21:23:18 2018 us=335680 ifconfig_pool_persist_filename = '[UNDEF]'
Wed Jan 10 21:23:18 2018 us=335680 ifconfig_pool_persist_refresh_freq = 600
Wed Jan 10 21:23:18 2018 us=335680 ifconfig_ipv6_pool_defined = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 ifconfig_ipv6_pool_base = ::
Wed Jan 10 21:23:18 2018 us=335680 ifconfig_ipv6_pool_netbits = 0
Wed Jan 10 21:23:18 2018 us=335680 n_bcast_buf = 256
Wed Jan 10 21:23:18 2018 us=335680 tcp_queue_limit = 64
Wed Jan 10 21:23:18 2018 us=335680 real_hash_size = 256
Wed Jan 10 21:23:18 2018 us=335680 virtual_hash_size = 256
Wed Jan 10 21:23:18 2018 us=335680 client_connect_script = '[UNDEF]'
Wed Jan 10 21:23:18 2018 us=335680 learn_address_script = '[UNDEF]'
Wed Jan 10 21:23:18 2018 us=335680 client_disconnect_script = '[UNDEF]'
Wed Jan 10 21:23:18 2018 us=335680 client_config_dir = '[UNDEF]'
Wed Jan 10 21:23:18 2018 us=335680 ccd_exclusive = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 tmp_dir = 'C:\Users\Youssef\AppData\Local\Temp\'
Wed Jan 10 21:23:18 2018 us=335680 push_ifconfig_defined = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 push_ifconfig_local = 0.0.0.0
Wed Jan 10 21:23:18 2018 us=335680 push_ifconfig_remote_netmask = 0.0.0.0
Wed Jan 10 21:23:18 2018 us=335680 push_ifconfig_ipv6_defined = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 push_ifconfig_ipv6_local = ::/0
Wed Jan 10 21:23:18 2018 us=335680 push_ifconfig_ipv6_remote = ::
Wed Jan 10 21:23:18 2018 us=335680 enable_c2c = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 duplicate_cn = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 cf_max = 0
Wed Jan 10 21:23:18 2018 us=335680 cf_per = 0
Wed Jan 10 21:23:18 2018 us=335680 max_clients = 1024
Wed Jan 10 21:23:18 2018 us=335680 max_routes_per_client = 256
Wed Jan 10 21:23:18 2018 us=335680 auth_user_pass_verify_script = '[UNDEF]'
Wed Jan 10 21:23:18 2018 us=335680 auth_user_pass_verify_script_via_file = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 auth_token_generate = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 auth_token_lifetime = 0
Wed Jan 10 21:23:18 2018 us=335680 client = ENABLED
Wed Jan 10 21:23:18 2018 us=335680 pull = ENABLED
Wed Jan 10 21:23:18 2018 us=335680 auth_user_pass_file = '[UNDEF]'
Wed Jan 10 21:23:18 2018 us=335680 show_net_up = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 route_method = 0
Wed Jan 10 21:23:18 2018 us=335680 block_outside_dns = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 ip_win32_defined = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 ip_win32_type = 3
Wed Jan 10 21:23:18 2018 us=335680 dhcp_masq_offset = 0
Wed Jan 10 21:23:18 2018 us=335680 dhcp_lease_time = 31536000
Wed Jan 10 21:23:18 2018 us=335680 tap_sleep = 0
Wed Jan 10 21:23:18 2018 us=335680 dhcp_options = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 dhcp_renew = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 dhcp_pre_release = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 domain = '[UNDEF]'
Wed Jan 10 21:23:18 2018 us=335680 netbios_scope = '[UNDEF]'
Wed Jan 10 21:23:18 2018 us=335680 netbios_node_type = 0
Wed Jan 10 21:23:18 2018 us=335680 disable_nbt = DISABLED
Wed Jan 10 21:23:18 2018 us=335680 OpenVPN 2.4.4 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Sep 26 2017
Wed Jan 10 21:23:18 2018 us=335680 Windows version 6.2 (Windows 8 or greater) 64bit
Wed Jan 10 21:23:18 2018 us=335680 library versions: OpenSSL 1.0.2l 25 May 2017, LZO 2.10
Enter Management Password:
Wed Jan 10 21:23:18 2018 us=335680 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Wed Jan 10 21:23:18 2018 us=335680 Need hold release from management interface, waiting...
Wed Jan 10 21:23:18 2018 us=821409 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Wed Jan 10 21:23:18 2018 us=930785 MANAGEMENT: CMD 'state on'
Wed Jan 10 21:23:18 2018 us=930785 MANAGEMENT: CMD 'log all on'
Wed Jan 10 21:23:19 2018 us=8897 MANAGEMENT: CMD 'echo all on'
Wed Jan 10 21:23:19 2018 us=8897 MANAGEMENT: CMD 'hold off'
Wed Jan 10 21:23:19 2018 us=8897 MANAGEMENT: CMD 'hold release'
Wed Jan 10 21:23:19 2018 us=87033 Outgoing Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Wed Jan 10 21:23:19 2018 us=87033 Incoming Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Wed Jan 10 21:23:19 2018 us=87033 LZO compression initializing
Wed Jan 10 21:23:19 2018 us=87033 Control Channel MTU parms [ L:1624 D:1170 EF:80 EB:0 ET:0 EL:3 ]
Wed Jan 10 21:23:19 2018 us=87033 Data Channel MTU parms [ L:1624 D:1450 EF:124 EB:406 ET:0 EL:3 ]
Wed Jan 10 21:23:19 2018 us=87033 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1572,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,keydir 1,cipher AES-128-CBC,auth SHA256,keysize 128,tls-auth,key-method 2,tls-client'
Wed Jan 10 21:23:19 2018 us=87033 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1572,tun-mtu 1500,proto TCPv4_SERVER,comp-lzo,keydir 0,cipher AES-128-CBC,auth SHA256,keysize 128,tls-auth,key-method 2,tls-server'
Wed Jan 10 21:23:19 2018 us=87033 TCP/UDP: Preserving recently used remote address: [AF_INET]SERVER_IP:443
Wed Jan 10 21:23:19 2018 us=87033 Socket Buffers: R=[65536->65536] S=[65536->65536]
Wed Jan 10 21:23:19 2018 us=87033 Attempting to establish TCP connection with [AF_INET]SERVER_IP:443 [nonblock]
Wed Jan 10 21:23:19 2018 us=87033 MANAGEMENT: >STATE:1515612199,TCP_CONNECT,,,,,,
Wed Jan 10 21:23:20 2018 us=95176 TCP connection established with [AF_INET]SERVER_IP:443
Wed Jan 10 21:23:20 2018 us=95176 TCP_CLIENT link local: (not bound)
Wed Jan 10 21:23:20 2018 us=95176 TCP_CLIENT link remote: [AF_INET]SERVER_IP:443
Wed Jan 10 21:23:20 2018 us=95176 MANAGEMENT: >STATE:1515612200,WAIT,,,,,,
Wed Jan 10 21:23:20 2018 us=95176 TCP_CLIENT WRITE [54] to [AF_INET]SERVER_IP:443: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 pid=[ #1 ] [ ] pid=0 DATA len=0
Wed Jan 10 21:23:20 2018 us=150449 TCP_CLIENT READ [66] from [AF_INET]SERVER_IP:443: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 pid=[ #1 ] [ 0 ] pid=0 DATA len=0
Wed Jan 10 21:23:20 2018 us=150449 MANAGEMENT: >STATE:1515612200,AUTH,,,,,,
Wed Jan 10 21:23:20 2018 us=150449 TLS: Initial packet from [AF_INET]SERVER_IP:443, sid=dcfc3496 e15cb971
Wed Jan 10 21:23:20 2018 us=150449 TCP_CLIENT WRITE [62] to [AF_INET]SERVER_IP:443: P_ACK_V1 kid=0 pid=[ #2 ] [ 0 ]
Wed Jan 10 21:23:20 2018 us=150449 TCP_CLIENT WRITE [227] to [AF_INET]SERVER_IP:443: P_CONTROL_V1 kid=0 pid=[ #3 ] [ ] pid=1 DATA len=173
Wed Jan 10 21:23:22 2018 us=555976 TCP_CLIENT WRITE [227] to [AF_INET]SERVER_IP:443: P_CONTROL_V1 kid=0 pid=[ #4 ] [ ] pid=1 DATA len=173
Wed Jan 10 21:23:26 2018 us=129987 TCP_CLIENT WRITE [227] to [AF_INET]SERVER_IP:443: P_CONTROL_V1 kid=0 pid=[ #5 ] [ ] pid=1 DATA len=173
Wed Jan 10 21:23:34 2018 us=379851 TCP_CLIENT WRITE [227] to [AF_INET]SERVER_IP:443: P_CONTROL_V1 kid=0 pid=[ #6 ] [ ] pid=1 DATA len=173
Wed Jan 10 21:23:39 2018 us=382709 read TCP_CLIENT: Unknown error (code=10060)
Wed Jan 10 21:23:39 2018 us=382709 TCP_CLIENT READ [0] from [AF_INET]SERVER_IP:443: DATA UNDEF len=-1
Wed Jan 10 21:23:39 2018 us=382709 Connection reset, restarting [-1]
Wed Jan 10 21:23:39 2018 us=382709 TCP/UDP: Closing socket
Wed Jan 10 21:23:39 2018 us=382709 SIGUSR1[soft,connection-reset] received, process restarting
Wed Jan 10 21:23:39 2018 us=382709 MANAGEMENT: >STATE:1515612219,RECONNECTING,connection-reset,,,,,
Wed Jan 10 21:23:39 2018 us=382709 Restart pause, 5 second(s)
Wed Jan 10 21:23:44 2018 us=425680 Re-using SSL/TLS context
Wed Jan 10 21:23:44 2018 us=425680 LZO compression initializing
Wed Jan 10 21:23:44 2018 us=425680 Control Channel MTU parms [ L:1624 D:1170 EF:80 EB:0 ET:0 EL:3 ]
Wed Jan 10 21:23:44 2018 us=425680 Data Channel MTU parms [ L:1624 D:1450 EF:124 EB:406 ET:0 EL:3 ]
Wed Jan 10 21:23:44 2018 us=425680 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1572,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,keydir 1,cipher AES-128-CBC,auth SHA256,keysize 128,tls-auth,key-method 2,tls-client'
Wed Jan 10 21:23:44 2018 us=425680 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1572,tun-mtu 1500,proto TCPv4_SERVER,comp-lzo,keydir 0,cipher AES-128-CBC,auth SHA256,keysize 128,tls-auth,key-method 2,tls-server'
Wed Jan 10 21:23:44 2018 us=425680 TCP/UDP: Preserving recently used remote address: [AF_INET]SERVER_IP:443
Wed Jan 10 21:23:44 2018 us=425680 Socket Buffers: R=[65536->65536] S=[65536->65536]
Wed Jan 10 21:23:44 2018 us=425680 Attempting to establish TCP connection with [AF_INET]SERVER_IP:443 [nonblock]
Wed Jan 10 21:23:44 2018 us=425680 MANAGEMENT: >STATE:1515612224,TCP_CONNECT,,,,,,
Wed Jan 10 21:23:45 2018 us=432251 TCP connection established with [AF_INET]SERVER_IP:443
Wed Jan 10 21:23:45 2018 us=432251 TCP_CLIENT link local: (not bound)
Wed Jan 10 21:23:45 2018 us=432251 TCP_CLIENT link remote: [AF_INET]SERVER_IP:443
Wed Jan 10 21:23:45 2018 us=432251 MANAGEMENT: >STATE:1515612225,WAIT,,,,,,
Wed Jan 10 21:23:45 2018 us=432251 TCP_CLIENT WRITE [54] to [AF_INET]SERVER_IP:443: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 pid=[ #1 ] [ ] pid=0 DATA len=0
Wed Jan 10 21:23:45 2018 us=494751 TCP_CLIENT READ [66] from [AF_INET]SERVER_IP:443: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 pid=[ #1 ] [ 0 ] pid=0 DATA len=0
Wed Jan 10 21:23:45 2018 us=494751 MANAGEMENT: >STATE:1515612225,AUTH,,,,,,
Wed Jan 10 21:23:45 2018 us=494751 TLS: Initial packet from [AF_INET]SERVER_IP:443, sid=376da437 684f6fdb
Wed Jan 10 21:23:45 2018 us=494751 TCP_CLIENT WRITE [62] to [AF_INET]SERVER_IP:443: P_ACK_V1 kid=0 pid=[ #2 ] [ 0 ]
Wed Jan 10 21:23:45 2018 us=494751 TCP_CLIENT WRITE [227] to [AF_INET]SERVER_IP:443: P_CONTROL_V1 kid=0 pid=[ #3 ] [ ] pid=1 DATA len=173
Wed Jan 10 21:23:47 2018 us=880617 TCP_CLIENT WRITE [227] to [AF_INET]SERVER_IP:443: P_CONTROL_V1 kid=0 pid=[ #4 ] [ ] pid=1 DATA len=173
Wed Jan 10 21:23:51 2018 us=446628 TCP_CLIENT WRITE [227] to [AF_INET]SERVER_IP:443: P_CONTROL_V1 kid=0 pid=[ #5 ] [ ] pid=1 DATA len=173
Wed Jan 10 21:23:59 2018 us=88368 TCP_CLIENT WRITE [227] to [AF_INET]SERVER_IP:443: P_CONTROL_V1 kid=0 pid=[ #6 ] [ ] pid=1 DATA len=173
Wed Jan 10 21:24:04 2018 us=758483 read TCP_CLIENT: Unknown error (code=10060)
Wed Jan 10 21:24:04 2018 us=758483 TCP_CLIENT READ [0] from [AF_INET]SERVER_IP:443: DATA UNDEF len=-1
Wed Jan 10 21:24:04 2018 us=758483 Connection reset, restarting [-1]
Wed Jan 10 21:24:04 2018 us=758483 TCP/UDP: Closing socket
Wed Jan 10 21:24:04 2018 us=758483 SIGUSR1[soft,connection-reset] received, process restarting
Wed Jan 10 21:24:04 2018 us=758483 MANAGEMENT: >STATE:1515612244,RECONNECTING,connection-reset,,,,,
Wed Jan 10 21:24:04 2018 us=758483 Restart pause, 5 second(s)
Wed Jan 10 21:24:09 2018 us=793506 Re-using SSL/TLS context
Wed Jan 10 21:24:09 2018 us=793506 LZO compression initializing
Wed Jan 10 21:24:09 2018 us=793506 Control Channel MTU parms [ L:1624 D:1170 EF:80 EB:0 ET:0 EL:3 ]
Wed Jan 10 21:24:09 2018 us=793506 Data Channel MTU parms [ L:1624 D:1450 EF:124 EB:406 ET:0 EL:3 ]
Wed Jan 10 21:24:09 2018 us=793506 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1572,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,keydir 1,cipher AES-128-CBC,auth SHA256,keysize 128,tls-auth,key-method 2,tls-client'
Wed Jan 10 21:24:09 2018 us=793506 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1572,tun-mtu 1500,proto TCPv4_SERVER,comp-lzo,keydir 0,cipher AES-128-CBC,auth SHA256,keysize 128,tls-auth,key-method 2,tls-server'
Wed Jan 10 21:24:09 2018 us=793506 TCP/UDP: Preserving recently used remote address: [AF_INET]SERVER_IP:443
Wed Jan 10 21:24:09 2018 us=793506 Socket Buffers: R=[65536->65536] S=[65536->65536]
Wed Jan 10 21:24:09 2018 us=793506 Attempting to establish TCP connection with [AF_INET]SERVER_IP:443 [nonblock]
Wed Jan 10 21:24:09 2018 us=793506 MANAGEMENT: >STATE:1515612249,TCP_CONNECT,,,,,,
Wed Jan 10 21:24:10 2018 us=802973 TCP connection established with [AF_INET]SERVER_IP:443
Wed Jan 10 21:24:10 2018 us=802973 TCP_CLIENT link local: (not bound)
Wed Jan 10 21:24:10 2018 us=802973 TCP_CLIENT link remote: [AF_INET]SERVER_IP:443
Wed Jan 10 21:24:10 2018 us=802973 MANAGEMENT: >STATE:1515612250,WAIT,,,,,,
Wed Jan 10 21:24:10 2018 us=802973 TCP_CLIENT WRITE [54] to [AF_INET]SERVER_IP:443: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 pid=[ #1 ] [ ] pid=0 DATA len=0
Wed Jan 10 21:24:10 2018 us=849849 TCP_CLIENT READ [66] from [AF_INET]SERVER_IP:443: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 pid=[ #1 ] [ 0 ] pid=0 DATA len=0
Wed Jan 10 21:24:10 2018 us=849849 MANAGEMENT: >STATE:1515612250,AUTH,,,,,,
Wed Jan 10 21:24:10 2018 us=849849 TLS: Initial packet from [AF_INET]SERVER_IP:443, sid=f3eb756d 218162a2
Wed Jan 10 21:24:10 2018 us=849849 TCP_CLIENT WRITE [62] to [AF_INET]SERVER_IP:443: P_ACK_V1 kid=0 pid=[ #2 ] [ 0 ]
Wed Jan 10 21:24:10 2018 us=865460 TCP_CLIENT WRITE [227] to [AF_INET]SERVER_IP:443: P_CONTROL_V1 kid=0 pid=[ #3 ] [ ] pid=1 DATA len=173
Wed Jan 10 21:24:12 2018 us=54000 TCP_CLIENT WRITE [227] to [AF_INET]SERVER_IP:443: P_CONTROL_V1 kid=0 pid=[ #4 ] [ ] pid=1 DATA len=173
Wed Jan 10 21:24:12 2018 us=873546 TCP/UDP: Closing socket
Wed Jan 10 21:24:12 2018 us=873546 SIGTERM[hard,] received, process exiting
Wed Jan 10 21:24:12 2018 us=873546 MANAGEMENT: >STATE:1515612252,EXITING,SIGTERM,,,,,
Code: Select all
Wed Jan 10 21:23:39 2018 us=382709 read TCP_CLIENT: Unknown error (code=10060)
Wed Jan 10 21:23:39 2018 us=382709 TCP_CLIENT READ [0] from [AF_INET]SERVER_IP:443: DATA UNDEF len=-1
Wed Jan 10 21:23:39 2018 us=382709 Connection reset, restarting [-1]
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: Can't connect from Windows client, but Android works fine
I cannot see anything wrong with openvpn but I wonder about ShadowSocks ..
Maybe it is something wrong with that ..
Maybe it is something wrong with that ..
-
- OpenVpn Newbie
- Posts: 7
- Joined: Wed Jan 10, 2018 8:53 am
Re: Can't connect from Windows client, but Android works fine
ShadowSocks is working fine on all clients. On the server it is running on port 8000 so it shouldn't interfere.TinCanTech wrote: ↑Wed Jan 10, 2018 10:32 pmI cannot see anything wrong with openvpn but I wonder about ShadowSocks ..
Maybe it is something wrong with that ..
What's really annoying is that the Android and iOS clients connect just fine to OpenVPN, but the Linux and Windows clients fail in the same way (TLS key negotiation failing).
- dazo
- OpenVPN Inc.
- Posts: 155
- Joined: Mon Jan 11, 2010 10:14 am
- Location: dazo :: #openvpn-devel @ libera.chat
Re: Can't connect from Windows client, but Android works fine
Are you using OpenVPN Connect on Android? (on iOS there are no other alternatives) ... this does smell like some cipher disagreements, perhaps related to certificates. Or it could be some odd firewalling, only allowing the first packet to flow through the firewall.
Have you tried using UDP? At least for testing.
Have you tried using UDP? At least for testing.
-
- OpenVpn Newbie
- Posts: 7
- Joined: Wed Jan 10, 2018 8:53 am
Re: Can't connect from Windows client, but Android works fine
Yes, I tried OpenVPN Connect on both Android and iOS (there is an OpenVPN Connect app there as well), and both connect successfully.dazo wrote: ↑Thu Jan 11, 2018 12:57 amAre you using OpenVPN Connect on Android? (on iOS there are no other alternatives) ... this does smell like some cipher disagreements, perhaps related to certificates. Or it could be some odd firewalling, only allowing the first packet to flow through the firewall.
I tried UDP, and as I expected, the connection doesn't even reach the server from any client. That is because my country unfortunately drops any OpenVPN packets. Only TCP port 443 packets reach the server (https://www.addictivetips.com/vpn/bypas ... envpn-ban/). That is however beside the point.
- dazo
- OpenVPN Inc.
- Posts: 155
- Joined: Mon Jan 11, 2010 10:14 am
- Location: dazo :: #openvpn-devel @ libera.chat
Re: Can't connect from Windows client, but Android works fine
Ahh! This actually might explain things a bit. And to confirm it, can you try "OpenVPN for Android"?
OpenVPN Connect apps is based on the OpenVPN 3 Core library. That is a different implementation of the OpenVPN wire protocol than the OpenVPN Windows (and OpenVPN for Android), which both uses the OpenVPN 2 code base.
My hypotheses is that there is a slight difference in the wire traffic, which makes it possible for the OpenVPN 3 based clients (OpenVPN Connect) to sneak through the "great" firewall.
OpenVPN Connect apps is based on the OpenVPN 3 Core library. That is a different implementation of the OpenVPN wire protocol than the OpenVPN Windows (and OpenVPN for Android), which both uses the OpenVPN 2 code base.
My hypotheses is that there is a slight difference in the wire traffic, which makes it possible for the OpenVPN 3 based clients (OpenVPN Connect) to sneak through the "great" firewall.
-
- OpenVpn Newbie
- Posts: 7
- Joined: Wed Jan 10, 2018 8:53 am
Re: Can't connect from Windows client, but Android works fine
I think you are right. OpenVPN for Android also fails with the same error. Is there a Windows client based on the OpenVPN 3 Core library?dazo wrote: ↑Thu Jan 11, 2018 2:39 amAhh! This actually might explain things a bit. And to confirm it, can you try "OpenVPN for Android"?
OpenVPN Connect apps is based on the OpenVPN 3 Core library. That is a different implementation of the OpenVPN wire protocol than the OpenVPN Windows (and OpenVPN for Android), which both uses the OpenVPN 2 code base.
My hypotheses is that there is a slight difference in the wire traffic, which makes it possible for the OpenVPN 3 based clients (OpenVPN Connect) to sneak through the "great" firewall.
Many thanks!
- dazo
- OpenVPN Inc.
- Posts: 155
- Joined: Mon Jan 11, 2010 10:14 am
- Location: dazo :: #openvpn-devel @ libera.chat
Re: Can't connect from Windows client, but Android works fine
Not quite yet. We have some plans to release both a small scale open source client based on the OpenVPN 3 Core library and a brand new OpenVPN Connect client for Windows. We are also targetting a client to be released in the Windows Store as well. But we have many months of development and testing/QA ahead of us before we're ready to release anything.therealyoussef wrote: ↑Thu Jan 11, 2018 3:06 amI think you are right. OpenVPN for Android also fails with the same error. Is there a Windows client based on the OpenVPN 3 Core library?
Now, this is of course unfortunate. We do have a PrivateTunnel client for Windows, which is build on the OpenVPN 3 Core library. But that client does not allow you to provide your own configuration profiles. However, one important feature of this client is an obfuscation layer, to evade and escape such filtering firewalls. More information can be found here: https://www.privatetunnel.com/
Otherwise the alternative is probably to use obfsproxy or Tor and tunnel your VPN connection via that. We have some community documentation on this topic, but it is ageing. But the configuration concept is essentially the same: https://community.openvpn.net/openvpn/w ... bfuscation ... The advantage of using Tor instead of obfsproxy directly is that the remote server does not need to be modified. But performance might be somewhat lower or at least much more variable.
-
- OpenVpn Newbie
- Posts: 7
- Joined: Wed Jan 10, 2018 8:53 am
Re: Can't connect from Windows client, but Android works fine
I see. Thank you very much, you have been very helpfuldazo wrote: ↑Thu Jan 11, 2018 10:22 amNot quite yet. We have some plans to release both a small scale open source client based on the OpenVPN 3 Core library and a brand new OpenVPN Connect client for Windows. We are also targetting a client to be released in the Windows Store as well. But we have many months of development and testing/QA ahead of us before we're ready to release anything.therealyoussef wrote: ↑Thu Jan 11, 2018 3:06 amI think you are right. OpenVPN for Android also fails with the same error. Is there a Windows client based on the OpenVPN 3 Core library?
Now, this is of course unfortunate. We do have a PrivateTunnel client for Windows, which is build on the OpenVPN 3 Core library. But that client does not allow you to provide your own configuration profiles. However, one important feature of this client is an obfuscation layer, to evade and escape such filtering firewalls. More information can be found here: https://www.privatetunnel.com/
Otherwise the alternative is probably to use obfsproxy or Tor and tunnel your VPN connection via that. We have some community documentation on this topic, but it is ageing. But the configuration concept is essentially the same: https://community.openvpn.net/openvpn/w ... bfuscation ... The advantage of using Tor instead of obfsproxy directly is that the remote server does not need to be modified. But performance might be somewhat lower or at least much more variable.