Accessing local LAN through OpenVPN.

slakr007 · Post by **slakr007** » Sun Feb 25, 2018 11:32 pm

I know, this has be discussed at length and solved for some people. But, I am admitting defeat on this. I've been searching through this forum and other sites for three days now, seeing the same suggestions over and over, and I just cannot seem to setup the server such that VPN clients can connect to services hosted by my server (DNS, JIRA, Confluence, etc.).

Windows Server 2016.
OpenVPN 2.4.4.
Windows 10, macOS 10.13 and iOS 11 clients.
Connection successful through router firewall and Windows firewall to server (tested over LTE with iOS).
IPEnableRouter set to 1 for Tcpip, server has been rebooted (many times).
Attempted with RRAS both installed/running, and not installed.
Local subnet is 192.168.10.0/24, server is 192.168.10.10
Netgear router running OpenWRT is the gateway at 192.168.10.1
Router is configured with a static route from 10.8.0.0/24 to 192.168.10.10.
Router is configured to allow all traffic from 10.8.0.0/24 to 192.168.10.0/24 and vice versa.

VPN clients CANNOT connect to anything in 192.168.10.xxx, nor can they ping 10.8.0.xxx.
LAN clients cannot ping VPN clients (not a concern unless this is part of the problem).

SERVER

port 1194
proto udp
dev tun
ca ...
cert ...
key ...
dh ...

server 10.8.0.0 255.255.255.0

ifconfig-pool-persist ipp.txt

push "route 192.168.10.0 255.255.255.0"
push "dhcp-option DNS 192.168.10.10"
push "dhcp-option DOMAIN ..."
push "dhcp-option SEARCH ..."

client-to-client

keepalive 60 120
cipher AES-256-CBC
comp-lzo
max-clients 5
persist-key
persist-tun
status openvpn-status.log
verb 3
explicit-exit-notify 1

CLIENT

client
dev tun
proto udp
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
cipher AES-256-CBC
comp-lzo
verb 3

Server Log File:

Code: Select all

Sun Feb 25 15:04:35 2018 166.176.187.48 TLS: Initial packet from [AF_INET6]::..., sid=...
Sun Feb 25 15:04:35 2018 166.176.187.48 VERIFY OK: depth=1, ...
Sun Feb 25 15:04:35 2018 166.176.187.48 VERIFY OK: depth=0, ...
Sun Feb 25 15:04:35 2018 166.176.187.48 peer info: IV_GUI_VER=net.openvpn.connect.ios_1.2.8-1
Sun Feb 25 15:04:35 2018 166.176.187.48 peer info: IV_VER=3.1.2
Sun Feb 25 15:04:35 2018 166.176.187.48 peer info: IV_PLAT=ios
Sun Feb 25 15:04:35 2018 166.176.187.48 peer info: IV_NCP=2
Sun Feb 25 15:04:35 2018 166.176.187.48 peer info: IV_TCPNL=1
Sun Feb 25 15:04:35 2018 166.176.187.48 peer info: IV_PROTO=2
Sun Feb 25 15:04:35 2018 166.176.187.48 peer info: IV_LZO=1
Sun Feb 25 15:04:35 2018 166.176.187.48 peer info: IV_AUTO_SESS=1
Sun Feb 25 15:04:35 2018 166.176.187.48 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
Sun Feb 25 15:04:35 2018 166.176.187.48 [...] Peer Connection Initiated with [AF_INET6]::...
Sun Feb 25 15:04:35 2018 .../166.176.187.48 MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=(Not enabled)
Sun Feb 25 15:04:35 2018 .../166.176.187.48 MULTI: Learn: 10.8.0.6 -> .../166.176.187.48
Sun Feb 25 15:04:35 2018 .../166.176.187.48 MULTI: primary virtual IP for .../166.176.187.48: 10.8.0.6
Sun Feb 25 15:04:35 2018 .../166.176.187.48 PUSH: Received control message: 'PUSH_REQUEST'
Sun Feb 25 15:04:35 2018 .../166.176.187.48 SENT CONTROL [...]: 'PUSH_REPLY,route 192.168.10.0 255.255.255.0,dhcp-option DNS 192.168.10.10,dhcp-option DOMAIN ...,dhcp-option SEARCH ...,route 10.8.0.0 255.255.255.0,topology net30,ping 60,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5,peer-id 0,cipher AES-256-GCM' (status=1)
Sun Feb 25 15:04:35 2018 .../166.176.187.48 Data Channel: using negotiated cipher 'AES-256-GCM'
Sun Feb 25 15:04:35 2018 .../166.176.187.48 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Sun Feb 25 15:04:35 2018 .../166.176.187.48 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Sun Feb 25 15:06:14 2018 .../166.176.187.48 SIGTERM[soft,remote-exit] received, client-instance exiting

Client Log File:

Code: Select all

2018-02-25 15:04:35 VERIFY OK : depth=0
cert. version    : 3
serial number    : 01
issuer name      : ...
subject name      : ...
issued  on        : 2018-02-23 00:45:44
expires on        : 2028-02-21 00:45:44
signed using      : RSA with SHA1
RSA key size      : 4096 bits
basic constraints : CA=false
cert. type        : SSL Server
key usage        : Digital Signature, Key Encipherment
ext key usage    : TLS Web Server Authentication

2018-02-25 15:04:35 SSL Handshake: TLSv1.2/TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384
2018-02-25 15:04:35 Session is ACTIVE
2018-02-25 15:04:35 EVENT: GET_CONFIG
2018-02-25 15:04:35 Sending PUSH_REQUEST to server...
2018-02-25 15:04:35 OPTIONS:
0 [route] [192.168.10.0] [255.255.255.0] 
1 [dhcp-option] [DNS] [192.168.10.10] 
2 [dhcp-option] [DOMAIN] [...] 
3 [dhcp-option] [SEARCH] [...] 
4 [route] [10.8.0.0] [255.255.255.0] 
5 [topology] [net30] 
6 [ping] [60] 
7 [ping-restart] [120] 
8 [ifconfig] [10.8.0.6] [10.8.0.5] 
9 [peer-id] [0] 
10 [cipher] [AES-256-GCM] 

2018-02-25 15:04:35 PROTOCOL OPTIONS:
 cipher: AES-256-GCM
 digest: SHA1
 compress: LZO
 peer ID: 0
2018-02-25 15:04:35 EVENT: ASSIGN_IP
2018-02-25 15:04:35 NIP: preparing TUN network settings
2018-02-25 15:04:35 NIP: init TUN network settings with endpoint: ...
2018-02-25 15:04:35 NIP: adding IPv4 address to network settings 10.8.0.6/255.255.255.252
2018-02-25 15:04:35 NIP: adding (included) IPv4 route 10.8.0.4/30
2018-02-25 15:04:35 NIP: adding (included) IPv4 route 192.168.10.0/24
2018-02-25 15:04:35 NIP: adding (included) IPv4 route 10.8.0.0/24
2018-02-25 15:04:35 NIP: adding DNS 192.168.10.10
2018-02-25 15:04:35 NIP: adding match domain ...
2018-02-25 15:04:35 NIP: adding DNS specific routes:
2018-02-25 15:04:35 NIP: adding (included) IPv4 route 192.168.10.10/32
2018-02-25 15:04:35 Connected via NetworkExtensionTUN
2018-02-25 15:04:35 LZO-ASYM init swap=0 asym=0
2018-02-25 15:04:35 EVENT: CONNECTED ... via /UDPv4 on NetworkExtensionTUN/10.8.0.6/ gw=[/]

Any help would be SERIOUSLY appreciated.

jabarel · Post by **jabarel** » Mon Feb 26, 2018 7:46 pm

My clients can connect to vpn server and ping the vpn server.....but no internet i don`t know what push commands to use....i open a thread no one tell me

slakr007 · Post by **slakr007** » Fri Mar 23, 2018 6:22 pm

Bump.

Really not sure where to go with this. Yes, I have read HOWTO: Expanding the scope of the VPN to include additional machines.

The only thing I can figure is that it is something wrong with the static route / traffic rule on the router. If anyone has any experience with running OpenWRT as the gateway and OpenVPN server on a Windows Server, help would be appreciated.

TinCanTech · Post by **TinCanTech** » Fri Mar 23, 2018 6:58 pm

slakr007 wrote: ↑
Sun Feb 25, 2018 11:32 pm
VPN clients CANNOT connect to anything in 192.168.10.xxx, nor can they ping 10.8.0.xxx

Are you sure about that ..

slakr007 · Post by **slakr007** » Fri Mar 23, 2018 7:14 pm

As sure as I can be. Using a machine on the LAN, I connected to OpenVPN. OpenVPN reports it is connected as 10.8.0.6. Pinging 10.8.0.1 - .6 just results in timeouts.

TinCanTech · Post by **TinCanTech** » Fri Mar 23, 2018 7:22 pm

Then make sure your firewall is not blocking ICMP.

slakr007 · Post by **slakr007** » Fri Mar 23, 2018 7:27 pm

Firewall is off on both the server and the client.

TinCanTech · Post by **TinCanTech** » Fri Mar 23, 2018 8:05 pm

So you are saying that your client at 10.8.0.6 cannot ping your server at 10.8.0.1 ?

slakr007 · Post by **slakr007** » Fri Mar 23, 2018 8:44 pm

Correct. To make the test more real, I started a hotspot on my phone for my laptop, then used my laptop to connect to OpenVPN. Connection succeeds, however pinging 10.8.0.1 times out. Again, firewall off on server and client.

TinCanTech · Post by **TinCanTech** » Fri Mar 23, 2018 10:10 pm

Please post your complete server and client logs .. at verb 4

thanks

slakr007 · Post by **slakr007** » Fri Mar 23, 2018 10:34 pm

Hey, thanks for taking the time to help, by the way. The logs below are sanitized a bit, but shouldn't hide anything critical.

Server Log:

Code: Select all

Fri Mar 23 13:25:48 2018 us=579848 Current Parameter Settings:
Fri Mar 23 13:25:48 2018 us=579848   config = 'C:\Program Files\OpenVPN\config\server.ovpn'
Fri Mar 23 13:25:48 2018 us=579848   mode = 1
Fri Mar 23 13:25:48 2018 us=579848   show_ciphers = DISABLED
Fri Mar 23 13:25:48 2018 us=579848   show_digests = DISABLED
Fri Mar 23 13:25:48 2018 us=579848   show_engines = DISABLED
Fri Mar 23 13:25:48 2018 us=579848   genkey = DISABLED
Fri Mar 23 13:25:48 2018 us=579848   key_pass_file = '[UNDEF]'
Fri Mar 23 13:25:48 2018 us=579848   show_tls_ciphers = DISABLED
Fri Mar 23 13:25:48 2018 us=579848   connect_retry_max = 0
Fri Mar 23 13:25:48 2018 us=579848 Connection profiles [0]:
Fri Mar 23 13:25:48 2018 us=579848   proto = udp
Fri Mar 23 13:25:48 2018 us=579848   local = '[UNDEF]'
Fri Mar 23 13:25:48 2018 us=579848   local_port = '<port>'
Fri Mar 23 13:25:48 2018 us=579848   remote = '[UNDEF]'
Fri Mar 23 13:25:48 2018 us=579848   remote_port = '<port>'
Fri Mar 23 13:25:48 2018 us=579848   remote_float = DISABLED
Fri Mar 23 13:25:48 2018 us=579848   bind_defined = DISABLED
Fri Mar 23 13:25:48 2018 us=579848   bind_local = ENABLED
Fri Mar 23 13:25:48 2018 us=579848   bind_ipv6_only = DISABLED
Fri Mar 23 13:25:48 2018 us=579848   connect_retry_seconds = 5
Fri Mar 23 13:25:48 2018 us=579848   connect_timeout = 120
Fri Mar 23 13:25:48 2018 us=579848   socks_proxy_server = '[UNDEF]'
Fri Mar 23 13:25:48 2018 us=579848   socks_proxy_port = '[UNDEF]'
Fri Mar 23 13:25:48 2018 us=579848   tun_mtu = 1500
Fri Mar 23 13:25:48 2018 us=579848   tun_mtu_defined = ENABLED
Fri Mar 23 13:25:48 2018 us=579848   link_mtu = 1500
Fri Mar 23 13:25:48 2018 us=579848   link_mtu_defined = DISABLED
Fri Mar 23 13:25:48 2018 us=579848   tun_mtu_extra = 0
Fri Mar 23 13:25:48 2018 us=579848   tun_mtu_extra_defined = DISABLED
Fri Mar 23 13:25:48 2018 us=579848   mtu_discover_type = -1
Fri Mar 23 13:25:48 2018 us=579848   fragment = 0
Fri Mar 23 13:25:48 2018 us=579848   mssfix = 1450
Fri Mar 23 13:25:48 2018 us=579848   explicit_exit_notification = 1
Fri Mar 23 13:25:48 2018 us=579848 Connection profiles END
Fri Mar 23 13:25:48 2018 us=579848   remote_random = DISABLED
Fri Mar 23 13:25:48 2018 us=579848   ipchange = '[UNDEF]'
Fri Mar 23 13:25:48 2018 us=579848   dev = 'tun'
Fri Mar 23 13:25:48 2018 us=579848   dev_type = '[UNDEF]'
Fri Mar 23 13:25:48 2018 us=579848   dev_node = '[UNDEF]'
Fri Mar 23 13:25:48 2018 us=579848   lladdr = '[UNDEF]'
Fri Mar 23 13:25:48 2018 us=579848   topology = 1
Fri Mar 23 13:25:48 2018 us=579848   ifconfig_local = '10.8.0.1'
Fri Mar 23 13:25:48 2018 us=579848   ifconfig_remote_netmask = '10.8.0.2'
Fri Mar 23 13:25:48 2018 us=579848   ifconfig_noexec = DISABLED
Fri Mar 23 13:25:48 2018 us=579848   ifconfig_nowarn = DISABLED
Fri Mar 23 13:25:48 2018 us=579848   ifconfig_ipv6_local = '[UNDEF]'
Fri Mar 23 13:25:48 2018 us=579848   ifconfig_ipv6_netbits = 0
Fri Mar 23 13:25:48 2018 us=579848   ifconfig_ipv6_remote = '[UNDEF]'
Fri Mar 23 13:25:48 2018 us=579848   shaper = 0
Fri Mar 23 13:25:48 2018 us=579848   mtu_test = 0
Fri Mar 23 13:25:48 2018 us=579848   mlock = DISABLED
Fri Mar 23 13:25:48 2018 us=579848   keepalive_ping = 60
Fri Mar 23 13:25:48 2018 us=579848   keepalive_timeout = 120
Fri Mar 23 13:25:48 2018 us=579848   inactivity_timeout = 0
Fri Mar 23 13:25:48 2018 us=579848   ping_send_timeout = 60
Fri Mar 23 13:25:48 2018 us=579848   ping_rec_timeout = 240
Fri Mar 23 13:25:48 2018 us=579848   ping_rec_timeout_action = 2
Fri Mar 23 13:25:48 2018 us=579848   ping_timer_remote = DISABLED
Fri Mar 23 13:25:48 2018 us=579848   remap_sigusr1 = 0
Fri Mar 23 13:25:48 2018 us=579848   persist_tun = ENABLED
Fri Mar 23 13:25:48 2018 us=579848   persist_local_ip = DISABLED
Fri Mar 23 13:25:48 2018 us=579848   persist_remote_ip = DISABLED
Fri Mar 23 13:25:48 2018 us=579848   persist_key = ENABLED
Fri Mar 23 13:25:48 2018 us=579848   passtos = DISABLED
Fri Mar 23 13:25:48 2018 us=579848   resolve_retry_seconds = 1000000000
Fri Mar 23 13:25:48 2018 us=579848   resolve_in_advance = DISABLED
Fri Mar 23 13:25:48 2018 us=579848   username = '[UNDEF]'
Fri Mar 23 13:25:48 2018 us=595476   groupname = '[UNDEF]'
Fri Mar 23 13:25:48 2018 us=595476   chroot_dir = '[UNDEF]'
Fri Mar 23 13:25:48 2018 us=595476   cd_dir = '[UNDEF]'
Fri Mar 23 13:25:48 2018 us=595476   writepid = '[UNDEF]'
Fri Mar 23 13:25:48 2018 us=595476   up_script = '[UNDEF]'
Fri Mar 23 13:25:48 2018 us=595476   down_script = '[UNDEF]'
Fri Mar 23 13:25:48 2018 us=595476   down_pre = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   up_restart = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   up_delay = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   daemon = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   inetd = 0
Fri Mar 23 13:25:48 2018 us=595476   log = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   suppress_timestamps = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   machine_readable_output = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   nice = 0
Fri Mar 23 13:25:48 2018 us=595476   verbosity = 5
Fri Mar 23 13:25:48 2018 us=595476   mute = 0
Fri Mar 23 13:25:48 2018 us=595476   gremlin = 0
Fri Mar 23 13:25:48 2018 us=595476   status_file = 'openvpn-status.log'
Fri Mar 23 13:25:48 2018 us=595476   status_file_version = 1
Fri Mar 23 13:25:48 2018 us=595476   status_file_update_freq = 60
Fri Mar 23 13:25:48 2018 us=595476   occ = ENABLED
Fri Mar 23 13:25:48 2018 us=595476   rcvbuf = 0
Fri Mar 23 13:25:48 2018 us=595476   sndbuf = 0
Fri Mar 23 13:25:48 2018 us=595476   sockflags = 0
Fri Mar 23 13:25:48 2018 us=595476   fast_io = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   comp.alg = 2
Fri Mar 23 13:25:48 2018 us=595476   comp.flags = 1
Fri Mar 23 13:25:48 2018 us=595476   route_script = '[UNDEF]'
Fri Mar 23 13:25:48 2018 us=595476   route_default_gateway = '[UNDEF]'
Fri Mar 23 13:25:48 2018 us=595476   route_default_metric = 0
Fri Mar 23 13:25:48 2018 us=595476   route_noexec = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   route_delay = 0
Fri Mar 23 13:25:48 2018 us=595476   route_delay_window = 30
Fri Mar 23 13:25:48 2018 us=595476   route_delay_defined = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   route_nopull = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   route_gateway_via_dhcp = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   allow_pull_fqdn = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   route 10.8.0.0/255.255.255.0/default (not set)/default (not set)
Fri Mar 23 13:25:48 2018 us=595476   management_addr = '[UNDEF]'
Fri Mar 23 13:25:48 2018 us=595476   management_port = '[UNDEF]'
Fri Mar 23 13:25:48 2018 us=595476   management_user_pass = '[UNDEF]'
Fri Mar 23 13:25:48 2018 us=595476   management_log_history_cache = 250
Fri Mar 23 13:25:48 2018 us=595476   management_echo_buffer_size = 100
Fri Mar 23 13:25:48 2018 us=595476   management_write_peer_info_file = '[UNDEF]'
Fri Mar 23 13:25:48 2018 us=595476   management_client_user = '[UNDEF]'
Fri Mar 23 13:25:48 2018 us=595476   management_client_group = '[UNDEF]'
Fri Mar 23 13:25:48 2018 us=595476   management_flags = 0
Fri Mar 23 13:25:48 2018 us=595476   shared_secret_file = '[UNDEF]'
Fri Mar 23 13:25:48 2018 us=595476   key_direction = not set
Fri Mar 23 13:25:48 2018 us=595476   ciphername = 'AES-256-CBC'
Fri Mar 23 13:25:48 2018 us=595476   ncp_enabled = ENABLED
Fri Mar 23 13:25:48 2018 us=595476   ncp_ciphers = 'AES-256-GCM:AES-128-GCM'
Fri Mar 23 13:25:48 2018 us=595476   authname = 'SHA1'
Fri Mar 23 13:25:48 2018 us=595476   prng_hash = 'SHA1'
Fri Mar 23 13:25:48 2018 us=595476   prng_nonce_secret_len = 16
Fri Mar 23 13:25:48 2018 us=595476   keysize = 0
Fri Mar 23 13:25:48 2018 us=595476   engine = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   replay = ENABLED
Fri Mar 23 13:25:48 2018 us=595476   mute_replay_warnings = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   replay_window = 64
Fri Mar 23 13:25:48 2018 us=595476   replay_time = 15
Fri Mar 23 13:25:48 2018 us=595476   packet_id_file = '[UNDEF]'
Fri Mar 23 13:25:48 2018 us=595476   use_iv = ENABLED
Fri Mar 23 13:25:48 2018 us=595476   test_crypto = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   tls_server = ENABLED
Fri Mar 23 13:25:48 2018 us=595476   tls_client = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   key_method = 2
Fri Mar 23 13:25:48 2018 us=595476   ca_file = 'C:\Program Files\OpenVPN\config\ca.crt'
Fri Mar 23 13:25:48 2018 us=595476   ca_path = '[UNDEF]'
Fri Mar 23 13:25:48 2018 us=595476   dh_file = 'C:\Program Files\OpenVPN\config\dh4096.pem'
Fri Mar 23 13:25:48 2018 us=595476   cert_file = 'C:\Program Files\OpenVPN\config\<server>.crt'
Fri Mar 23 13:25:48 2018 us=595476   extra_certs_file = '[UNDEF]'
Fri Mar 23 13:25:48 2018 us=595476   priv_key_file = 'C:\Program Files\OpenVPN\config\<server>.key'
Fri Mar 23 13:25:48 2018 us=595476   pkcs12_file = '[UNDEF]'
Fri Mar 23 13:25:48 2018 us=595476   cryptoapi_cert = '[UNDEF]'
Fri Mar 23 13:25:48 2018 us=595476   cipher_list = '[UNDEF]'
Fri Mar 23 13:25:48 2018 us=595476   tls_cert_profile = '[UNDEF]'
Fri Mar 23 13:25:48 2018 us=595476   tls_verify = '[UNDEF]'
Fri Mar 23 13:25:48 2018 us=595476   tls_export_cert = '[UNDEF]'
Fri Mar 23 13:25:48 2018 us=595476   verify_x509_type = 0
Fri Mar 23 13:25:48 2018 us=595476   verify_x509_name = '[UNDEF]'
Fri Mar 23 13:25:48 2018 us=595476   crl_file = '[UNDEF]'
Fri Mar 23 13:25:48 2018 us=595476   ns_cert_type = 0
Fri Mar 23 13:25:48 2018 us=595476   remote_cert_ku[i] = 0
Fri Mar 23 13:25:48 2018 us=595476   remote_cert_ku[i] = 0
Fri Mar 23 13:25:48 2018 us=595476   remote_cert_ku[i] = 0
Fri Mar 23 13:25:48 2018 us=595476   remote_cert_ku[i] = 0
Fri Mar 23 13:25:48 2018 us=595476   remote_cert_ku[i] = 0
Fri Mar 23 13:25:48 2018 us=595476   remote_cert_ku[i] = 0
Fri Mar 23 13:25:48 2018 us=595476   remote_cert_ku[i] = 0
Fri Mar 23 13:25:48 2018 us=595476   remote_cert_ku[i] = 0
Fri Mar 23 13:25:48 2018 us=595476   remote_cert_ku[i] = 0
Fri Mar 23 13:25:48 2018 us=595476   remote_cert_ku[i] = 0
Fri Mar 23 13:25:48 2018 us=595476   remote_cert_ku[i] = 0
Fri Mar 23 13:25:48 2018 us=595476   remote_cert_ku[i] = 0
Fri Mar 23 13:25:48 2018 us=595476   remote_cert_ku[i] = 0
Fri Mar 23 13:25:48 2018 us=595476   remote_cert_ku[i] = 0
Fri Mar 23 13:25:48 2018 us=595476   remote_cert_ku[i] = 0
Fri Mar 23 13:25:48 2018 us=595476   remote_cert_ku[i] = 0
Fri Mar 23 13:25:48 2018 us=595476   remote_cert_eku = '[UNDEF]'
Fri Mar 23 13:25:48 2018 us=595476   ssl_flags = 0
Fri Mar 23 13:25:48 2018 us=595476   tls_timeout = 2
Fri Mar 23 13:25:48 2018 us=595476   renegotiate_bytes = -1
Fri Mar 23 13:25:48 2018 us=595476   renegotiate_packets = 0
Fri Mar 23 13:25:48 2018 us=595476   renegotiate_seconds = 3600
Fri Mar 23 13:25:48 2018 us=595476   handshake_window = 60
Fri Mar 23 13:25:48 2018 us=595476   transition_window = 3600
Fri Mar 23 13:25:48 2018 us=595476   single_session = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   push_peer_info = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   tls_exit = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   tls_auth_file = 'C:\Program Files\OpenVPN\config\ta.key'
Fri Mar 23 13:25:48 2018 us=595476   tls_crypt_file = '[UNDEF]'
Fri Mar 23 13:25:48 2018 us=595476   pkcs11_protected_authentication = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   pkcs11_protected_authentication = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   pkcs11_protected_authentication = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   pkcs11_protected_authentication = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   pkcs11_protected_authentication = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   pkcs11_protected_authentication = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   pkcs11_protected_authentication = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   pkcs11_protected_authentication = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   pkcs11_protected_authentication = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   pkcs11_protected_authentication = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   pkcs11_protected_authentication = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   pkcs11_protected_authentication = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   pkcs11_protected_authentication = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   pkcs11_protected_authentication = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   pkcs11_protected_authentication = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   pkcs11_protected_authentication = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   pkcs11_private_mode = 00000000
Fri Mar 23 13:25:48 2018 us=595476   pkcs11_private_mode = 00000000
Fri Mar 23 13:25:48 2018 us=595476   pkcs11_private_mode = 00000000
Fri Mar 23 13:25:48 2018 us=595476   pkcs11_private_mode = 00000000
Fri Mar 23 13:25:48 2018 us=595476   pkcs11_private_mode = 00000000
Fri Mar 23 13:25:48 2018 us=595476   pkcs11_private_mode = 00000000
Fri Mar 23 13:25:48 2018 us=595476   pkcs11_private_mode = 00000000
Fri Mar 23 13:25:48 2018 us=595476   pkcs11_private_mode = 00000000
Fri Mar 23 13:25:48 2018 us=595476   pkcs11_private_mode = 00000000
Fri Mar 23 13:25:48 2018 us=595476   pkcs11_private_mode = 00000000
Fri Mar 23 13:25:48 2018 us=595476   pkcs11_private_mode = 00000000
Fri Mar 23 13:25:48 2018 us=595476   pkcs11_private_mode = 00000000
Fri Mar 23 13:25:48 2018 us=595476   pkcs11_private_mode = 00000000
Fri Mar 23 13:25:48 2018 us=595476   pkcs11_private_mode = 00000000
Fri Mar 23 13:25:48 2018 us=595476   pkcs11_private_mode = 00000000
Fri Mar 23 13:25:48 2018 us=595476   pkcs11_private_mode = 00000000
Fri Mar 23 13:25:48 2018 us=595476   pkcs11_cert_private = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   pkcs11_cert_private = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   pkcs11_cert_private = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   pkcs11_cert_private = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   pkcs11_cert_private = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   pkcs11_cert_private = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   pkcs11_cert_private = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   pkcs11_cert_private = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   pkcs11_cert_private = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   pkcs11_cert_private = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   pkcs11_cert_private = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   pkcs11_cert_private = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   pkcs11_cert_private = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   pkcs11_cert_private = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   pkcs11_cert_private = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   pkcs11_cert_private = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   pkcs11_pin_cache_period = -1
Fri Mar 23 13:25:48 2018 us=595476   pkcs11_id = '[UNDEF]'
Fri Mar 23 13:25:48 2018 us=595476   pkcs11_id_management = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   server_network = 10.8.0.0
Fri Mar 23 13:25:48 2018 us=595476   server_netmask = 255.255.255.0
Fri Mar 23 13:25:48 2018 us=595476   server_network_ipv6 = ::
Fri Mar 23 13:25:48 2018 us=595476   server_netbits_ipv6 = 0
Fri Mar 23 13:25:48 2018 us=595476   server_bridge_ip = 0.0.0.0
Fri Mar 23 13:25:48 2018 us=595476   server_bridge_netmask = 0.0.0.0
Fri Mar 23 13:25:48 2018 us=595476   server_bridge_pool_start = 0.0.0.0
Fri Mar 23 13:25:48 2018 us=595476   server_bridge_pool_end = 0.0.0.0
Fri Mar 23 13:25:48 2018 us=595476   push_entry = 'route 192.168.10.0 255.255.255.0'
Fri Mar 23 13:25:48 2018 us=595476   push_entry = 'dhcp-option DNS 192.168.10.10'
Fri Mar 23 13:25:48 2018 us=595476   push_entry = 'dhcp-option DOMAIN <domain>'
Fri Mar 23 13:25:48 2018 us=595476   push_entry = 'dhcp-option SEARCH <domain>'
Fri Mar 23 13:25:48 2018 us=595476   push_entry = 'route 10.8.0.1'
Fri Mar 23 13:25:48 2018 us=595476   push_entry = 'topology net30'
Fri Mar 23 13:25:48 2018 us=595476   push_entry = 'ping 60'
Fri Mar 23 13:25:48 2018 us=595476   push_entry = 'ping-restart 120'
Fri Mar 23 13:25:48 2018 us=595476   ifconfig_pool_defined = ENABLED
Fri Mar 23 13:25:48 2018 us=595476   ifconfig_pool_start = 10.8.0.4
Fri Mar 23 13:25:48 2018 us=595476   ifconfig_pool_end = 10.8.0.251
Fri Mar 23 13:25:48 2018 us=595476   ifconfig_pool_netmask = 0.0.0.0
Fri Mar 23 13:25:48 2018 us=595476   ifconfig_pool_persist_filename = 'ipp.txt'
Fri Mar 23 13:25:48 2018 us=595476   ifconfig_pool_persist_refresh_freq = 600
Fri Mar 23 13:25:48 2018 us=595476   ifconfig_ipv6_pool_defined = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   ifconfig_ipv6_pool_base = ::
Fri Mar 23 13:25:48 2018 us=595476   ifconfig_ipv6_pool_netbits = 0
Fri Mar 23 13:25:48 2018 us=595476   n_bcast_buf = 256
Fri Mar 23 13:25:48 2018 us=595476   tcp_queue_limit = 64
Fri Mar 23 13:25:48 2018 us=595476   real_hash_size = 256
Fri Mar 23 13:25:48 2018 us=595476   virtual_hash_size = 256
Fri Mar 23 13:25:48 2018 us=595476   client_connect_script = '[UNDEF]'
Fri Mar 23 13:25:48 2018 us=595476   learn_address_script = '[UNDEF]'
Fri Mar 23 13:25:48 2018 us=595476   client_disconnect_script = '[UNDEF]'
Fri Mar 23 13:25:48 2018 us=595476   client_config_dir = '[UNDEF]'
Fri Mar 23 13:25:48 2018 us=595476   ccd_exclusive = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   tmp_dir = 'C:\WINDOWS\TEMP\'
Fri Mar 23 13:25:48 2018 us=595476   push_ifconfig_defined = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   push_ifconfig_local = 0.0.0.0
Fri Mar 23 13:25:48 2018 us=595476   push_ifconfig_remote_netmask = 0.0.0.0
Fri Mar 23 13:25:48 2018 us=595476   push_ifconfig_ipv6_defined = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   push_ifconfig_ipv6_local = ::/0
Fri Mar 23 13:25:48 2018 us=595476   push_ifconfig_ipv6_remote = ::
Fri Mar 23 13:25:48 2018 us=595476   enable_c2c = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   duplicate_cn = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   cf_max = 0
Fri Mar 23 13:25:48 2018 us=595476   cf_per = 0
Fri Mar 23 13:25:48 2018 us=595476   max_clients = 5
Fri Mar 23 13:25:48 2018 us=595476   max_routes_per_client = 256
Fri Mar 23 13:25:48 2018 us=595476   auth_user_pass_verify_script = '[UNDEF]'
Fri Mar 23 13:25:48 2018 us=595476   auth_user_pass_verify_script_via_file = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   auth_token_generate = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   auth_token_lifetime = 0
Fri Mar 23 13:25:48 2018 us=595476   client = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   pull = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   auth_user_pass_file = '[UNDEF]'
Fri Mar 23 13:25:48 2018 us=595476   show_net_up = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   route_method = 0
Fri Mar 23 13:25:48 2018 us=595476   block_outside_dns = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   ip_win32_defined = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   ip_win32_type = 3
Fri Mar 23 13:25:48 2018 us=595476   dhcp_masq_offset = 0
Fri Mar 23 13:25:48 2018 us=595476   dhcp_lease_time = 31536000
Fri Mar 23 13:25:48 2018 us=595476   tap_sleep = 10
Fri Mar 23 13:25:48 2018 us=595476   dhcp_options = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   dhcp_renew = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   dhcp_pre_release = DISABLED
Fri Mar 23 13:25:48 2018 us=595476   domain = '[UNDEF]'
Fri Mar 23 13:25:48 2018 us=595476   netbios_scope = '[UNDEF]'
Fri Mar 23 13:25:48 2018 us=595476   netbios_node_type = 0
Fri Mar 23 13:25:48 2018 us=595476   disable_nbt = DISABLED
Fri Mar 23 13:25:48 2018 us=595476 OpenVPN 2.4.5 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Mar  1 2018
Fri Mar 23 13:25:48 2018 us=595476 Windows version 6.2 (Windows 8 or greater) 64bit
Fri Mar 23 13:25:48 2018 us=595476 library versions: OpenSSL 1.1.0f  25 May 2017, LZO 2.10
Fri Mar 23 13:25:48 2018 us=689224 Diffie-Hellman initialized with 4096 bit key
Fri Mar 23 13:25:48 2018 us=767343 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Mar 23 13:25:48 2018 us=767343 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Mar 23 13:25:48 2018 us=767343 TLS-Auth MTU parms [ L:1622 D:1184 EF:66 EB:0 ET:0 EL:3 ]
Fri Mar 23 13:25:48 2018 us=767343 interactive service msg_channel=0
Fri Mar 23 13:25:48 2018 us=767343 ROUTE_GATEWAY 192.168.10.1/255.255.255.0 I=8 HWADDR=1c:6f:65:c2:10:7b
Fri Mar 23 13:25:48 2018 us=767343 open_tun
Fri Mar 23 13:25:48 2018 us=767343 TAP-WIN32 device [Ethernet 4] opened: \\.\Global\{C5D19432-0258-480E-ACE3-8F754220B3A7}.tap
Fri Mar 23 13:25:48 2018 us=767343 TAP-Windows Driver Version 9.21 
Fri Mar 23 13:25:48 2018 us=767343 TAP-Windows MTU=1500
Fri Mar 23 13:25:48 2018 us=767343 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.8.0.1/255.255.255.252 on interface {C5D19432-0258-480E-ACE3-8F754220B3A7} [DHCP-serv: 10.8.0.2, lease-time: 31536000]
Fri Mar 23 13:25:48 2018 us=767343 Sleeping for 10 seconds...
Fri Mar 23 13:25:58 2018 us=782951 Successful ARP Flush on interface [18] {C5D19432-0258-480E-ACE3-8F754220B3A7}
Fri Mar 23 13:25:58 2018 us=782951 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Fri Mar 23 13:25:58 2018 us=782951 C:\WINDOWS\system32\route.exe ADD 10.8.0.0 MASK 255.255.255.0 10.8.0.2
Fri Mar 23 13:25:58 2018 us=782951 Warning: route gateway is not reachable on any active network adapters: 10.8.0.2
Fri Mar 23 13:25:58 2018 us=782951 Route addition via IPAPI failed [adaptive]
Fri Mar 23 13:25:58 2018 us=782951 Route addition fallback to route.exe
Fri Mar 23 13:25:58 2018 us=782951 env_block: add PATH=C:\WINDOWS\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
Fri Mar 23 13:25:58 2018 us=939209 Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
Fri Mar 23 13:25:58 2018 us=939209 Could not determine IPv4/IPv6 protocol. Using AF_INET6
Fri Mar 23 13:25:58 2018 us=939209 Socket Buffers: R=[65536->65536] S=[65536->65536]
Fri Mar 23 13:25:58 2018 us=939209 setsockopt(IPV6_V6ONLY=0)
Fri Mar 23 13:25:58 2018 us=939209 UDPv6 link local (bound): [AF_INET6][undef]:<port>
Fri Mar 23 13:25:58 2018 us=939209 UDPv6 link remote: [AF_UNSPEC]
Fri Mar 23 13:25:58 2018 us=939209 MULTI: multi_init called, r=256 v=256
Fri Mar 23 13:25:58 2018 us=939209 IFCONFIG POOL: base=10.8.0.4 size=62, ipv6=0
Fri Mar 23 13:25:58 2018 us=939209 ifconfig_pool_read(), in='*,10.8.0.4', TODO: IPv6
Fri Mar 23 13:25:58 2018 us=939209 succeeded -> ifconfig_pool_set()
Fri Mar 23 13:25:58 2018 us=939209 IFCONFIG POOL LIST
Fri Mar 23 13:25:58 2018 us=939209 <domain>,10.8.0.4
Fri Mar 23 13:25:58 2018 us=939209 Initialization Sequence Completed
Fri Mar 23 13:26:21 2018 us=954785 MULTI: multi_create_instance called
Fri Mar 23 13:26:21 2018 us=954785 166.176.187.226 Re-using SSL/TLS context
Fri Mar 23 13:26:21 2018 us=954785 166.176.187.226 LZO compression initializing
Fri Mar 23 13:26:21 2018 us=954785 166.176.187.226 Control Channel MTU parms [ L:1622 D:1184 EF:66 EB:0 ET:0 EL:3 ]
Fri Mar 23 13:26:21 2018 us=954785 166.176.187.226 Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
Fri Mar 23 13:26:21 2018 us=954785 166.176.187.226 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-server'
Fri Mar 23 13:26:21 2018 us=954785 166.176.187.226 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-client'
Fri Mar 23 13:26:21 2018 us=954785 166.176.187.226 TLS: Initial packet from [AF_INET6]::ffff:166.176.187.226:25529, sid=d7b344b2 dced2bae
Fri Mar 23 13:26:22 2018 us=626653 166.176.187.226 VERIFY OK: depth=1, C=US, ST=OR, L=<city>, O=<domain>, OU=Home, CN=<server>, name=<server>, emailAddress=<email>
Fri Mar 23 13:26:22 2018 us=626653 166.176.187.226 VERIFY OK: depth=0, C=US, ST=OR, L=<city>, O=<domain>, OU=Home, CN=*, name=<name>, emailAddress=<email>
Fri Mar 23 13:26:22 2018 us=767278 166.176.187.226 peer info: IV_GUI_VER=net.openvpn.connect.ios_1.2.9-0
Fri Mar 23 13:26:22 2018 us=767278 166.176.187.226 peer info: IV_VER=3.2
Fri Mar 23 13:26:22 2018 us=767278 166.176.187.226 peer info: IV_PLAT=ios
Fri Mar 23 13:26:22 2018 us=767278 166.176.187.226 peer info: IV_NCP=2
Fri Mar 23 13:26:22 2018 us=767278 166.176.187.226 peer info: IV_TCPNL=1
Fri Mar 23 13:26:22 2018 us=767278 166.176.187.226 peer info: IV_PROTO=2
Fri Mar 23 13:26:22 2018 us=767278 166.176.187.226 peer info: IV_LZO=1
Fri Mar 23 13:26:22 2018 us=767278 166.176.187.226 peer info: IV_AUTO_SESS=1
Fri Mar 23 13:26:22 2018 us=814155 166.176.187.226 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
Fri Mar 23 13:26:22 2018 us=814155 166.176.187.226 [*] Peer Connection Initiated with [AF_INET6]::ffff:166.176.187.226:25529
Fri Mar 23 13:26:22 2018 us=814155 */166.176.187.226 MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=(Not enabled)
Fri Mar 23 13:26:22 2018 us=814155 */166.176.187.226 MULTI: Learn: 10.8.0.6 -> */166.176.187.226
Fri Mar 23 13:26:22 2018 us=814155 */166.176.187.226 MULTI: primary virtual IP for */166.176.187.226: 10.8.0.6
Fri Mar 23 13:26:22 2018 us=829779 */166.176.187.226 PUSH: Received control message: 'PUSH_REQUEST'
Fri Mar 23 13:26:22 2018 us=829779 */166.176.187.226 SENT CONTROL [*]: 'PUSH_REPLY,route 192.168.10.0 255.255.255.0,dhcp-option DNS 192.168.10.10,dhcp-option DOMAIN <domain>,dhcp-option SEARCH <domain>,route 10.8.0.1,topology net30,ping 60,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5,peer-id 0,cipher AES-256-GCM' (status=1)
Fri Mar 23 13:26:22 2018 us=829779 */166.176.187.226 Data Channel: using negotiated cipher 'AES-256-GCM'
Fri Mar 23 13:26:22 2018 us=829779 */166.176.187.226 Data Channel MTU parms [ L:1550 D:1450 EF:50 EB:406 ET:0 EL:3 ]
Fri Mar 23 13:26:22 2018 us=829779 */166.176.187.226 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Fri Mar 23 13:26:22 2018 us=829779 */166.176.187.226 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Fri Mar 23 13:26:24 2018 us=251652 */166.176.187.226 SIGTERM[soft,remote-exit] received, client-instance exiting
Fri Mar 23 13:27:36 2018 us=130739 MULTI: multi_create_instance called
Fri Mar 23 13:27:36 2018 us=130739 166.176.186.148 Re-using SSL/TLS context
Fri Mar 23 13:27:36 2018 us=130739 166.176.186.148 LZO compression initializing
Fri Mar 23 13:27:36 2018 us=130739 166.176.186.148 Control Channel MTU parms [ L:1622 D:1184 EF:66 EB:0 ET:0 EL:3 ]
Fri Mar 23 13:27:36 2018 us=130739 166.176.186.148 Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
Fri Mar 23 13:27:36 2018 us=130739 166.176.186.148 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-server'
Fri Mar 23 13:27:36 2018 us=130739 166.176.186.148 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-client'
Fri Mar 23 13:27:36 2018 us=130739 166.176.186.148 TLS: Initial packet from [AF_INET6]::ffff:166.176.186.148:33456, sid=86f02928 18c4483b
Fri Mar 23 13:27:36 2018 us=396374 166.176.186.148 VERIFY OK: depth=1, C=US, ST=OR, L=<city>, O=<domain>, OU=Home, CN=<server>, name=<server>, emailAddress=<email>
Fri Mar 23 13:27:36 2018 us=396374 166.176.186.148 VERIFY OK: depth=0, C=US, ST=OR, L=<city>, O=<domain>, OU=Home, CN=*, name=<name>, emailAddress=<email>
Fri Mar 23 13:27:36 2018 us=537005 166.176.186.148 peer info: IV_VER=2.4.4
Fri Mar 23 13:27:36 2018 us=537005 166.176.186.148 peer info: IV_PLAT=mac
Fri Mar 23 13:27:36 2018 us=537005 166.176.186.148 peer info: IV_PROTO=2
Fri Mar 23 13:27:36 2018 us=537005 166.176.186.148 peer info: IV_NCP=2
Fri Mar 23 13:27:36 2018 us=537005 166.176.186.148 peer info: IV_LZ4=1
Fri Mar 23 13:27:36 2018 us=537005 166.176.186.148 peer info: IV_LZ4v2=1
Fri Mar 23 13:27:36 2018 us=537005 166.176.186.148 peer info: IV_LZO=1
Fri Mar 23 13:27:36 2018 us=537005 166.176.186.148 peer info: IV_COMP_STUB=1
Fri Mar 23 13:27:36 2018 us=537005 166.176.186.148 peer info: IV_COMP_STUBv2=1
Fri Mar 23 13:27:36 2018 us=537005 166.176.186.148 peer info: IV_TCPNL=1
Fri Mar 23 13:27:36 2018 us=630758 166.176.186.148 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
Fri Mar 23 13:27:36 2018 us=630758 166.176.186.148 [*] Peer Connection Initiated with [AF_INET6]::ffff:166.176.186.148:33456
Fri Mar 23 13:27:36 2018 us=630758 */166.176.186.148 MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=(Not enabled)
Fri Mar 23 13:27:36 2018 us=630758 */166.176.186.148 MULTI: Learn: 10.8.0.6 -> */166.176.186.148
Fri Mar 23 13:27:36 2018 us=630758 */166.176.186.148 MULTI: primary virtual IP for */166.176.186.148: 10.8.0.6
Fri Mar 23 13:27:37 2018 us=896434 */166.176.186.148 PUSH: Received control message: 'PUSH_REQUEST'
Fri Mar 23 13:27:37 2018 us=896434 */166.176.186.148 SENT CONTROL [*]: 'PUSH_REPLY,route 192.168.10.0 255.255.255.0,dhcp-option DNS 192.168.10.10,dhcp-option DOMAIN <domain>,dhcp-option SEARCH <domain>,route 10.8.0.1,topology net30,ping 60,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5,peer-id 0,cipher AES-256-GCM' (status=1)
Fri Mar 23 13:27:37 2018 us=896434 */166.176.186.148 Data Channel: using negotiated cipher 'AES-256-GCM'
Fri Mar 23 13:27:37 2018 us=896434 */166.176.186.148 Data Channel MTU parms [ L:1550 D:1450 EF:50 EB:406 ET:0 EL:3 ]
Fri Mar 23 13:27:37 2018 us=896434 */166.176.186.148 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Fri Mar 23 13:27:37 2018 us=896434 */166.176.186.148 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Fri Mar 23 13:32:47 2018 us=850926 */166.176.186.148 [*] Inactivity timeout (--ping-restart), restarting
Fri Mar 23 13:32:47 2018 us=850926 */166.176.186.148 SIGUSR1[soft,ping-restart] received, client-instance restarting
Fri Mar 23 13:34:12 2018 us=883135 MULTI: multi_create_instance called
Fri Mar 23 13:34:12 2018 us=883135 166.176.186.89 Re-using SSL/TLS context
Fri Mar 23 13:34:12 2018 us=883135 166.176.186.89 LZO compression initializing
Fri Mar 23 13:34:12 2018 us=883135 166.176.186.89 Control Channel MTU parms [ L:1622 D:1184 EF:66 EB:0 ET:0 EL:3 ]
Fri Mar 23 13:34:12 2018 us=883135 166.176.186.89 Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
Fri Mar 23 13:34:12 2018 us=883135 166.176.186.89 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-server'
Fri Mar 23 13:34:12 2018 us=883135 166.176.186.89 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-client'
Fri Mar 23 13:34:12 2018 us=883135 166.176.186.89 TLS: Initial packet from [AF_INET6]::ffff:166.176.186.89:11607, sid=7aff113e 05b23c84
Fri Mar 23 13:34:13 2018 us=258136 166.176.186.89 VERIFY OK: depth=1, C=US, ST=OR, L=<city>, O=<domain>, OU=Home, CN=<server>, name=<server>, emailAddress=<email>
Fri Mar 23 13:34:13 2018 us=258136 166.176.186.89 VERIFY OK: depth=0, C=US, ST=OR, L=<city>, O=<domain>, OU=Home, CN=*, name=<name>, emailAddress=<email>
Fri Mar 23 13:34:13 2018 us=351887 166.176.186.89 peer info: IV_VER=2.4.4
Fri Mar 23 13:34:13 2018 us=351887 166.176.186.89 peer info: IV_PLAT=mac
Fri Mar 23 13:34:13 2018 us=351887 166.176.186.89 peer info: IV_PROTO=2
Fri Mar 23 13:34:13 2018 us=351887 166.176.186.89 peer info: IV_NCP=2
Fri Mar 23 13:34:13 2018 us=351887 166.176.186.89 peer info: IV_LZ4=1
Fri Mar 23 13:34:13 2018 us=351887 166.176.186.89 peer info: IV_LZ4v2=1
Fri Mar 23 13:34:13 2018 us=351887 166.176.186.89 peer info: IV_LZO=1
Fri Mar 23 13:34:13 2018 us=351887 166.176.186.89 peer info: IV_COMP_STUB=1
Fri Mar 23 13:34:13 2018 us=351887 166.176.186.89 peer info: IV_COMP_STUBv2=1
Fri Mar 23 13:34:13 2018 us=351887 166.176.186.89 peer info: IV_TCPNL=1
Fri Mar 23 13:34:13 2018 us=398762 166.176.186.89 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
Fri Mar 23 13:34:13 2018 us=398762 166.176.186.89 [*] Peer Connection Initiated with [AF_INET6]::ffff:166.176.186.89:11607
Fri Mar 23 13:34:13 2018 us=398762 */166.176.186.89 MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=(Not enabled)
Fri Mar 23 13:34:13 2018 us=398762 */166.176.186.89 MULTI: Learn: 10.8.0.6 -> */166.176.186.89
Fri Mar 23 13:34:13 2018 us=398762 */166.176.186.89 MULTI: primary virtual IP for */166.176.186.89: 10.8.0.6
Fri Mar 23 13:34:14 2018 us=633147 */166.176.186.89 PUSH: Received control message: 'PUSH_REQUEST'
Fri Mar 23 13:34:14 2018 us=633147 */166.176.186.89 SENT CONTROL [*]: 'PUSH_REPLY,route 192.168.10.0 255.255.255.0,dhcp-option DNS 192.168.10.10,dhcp-option DOMAIN <domain>,dhcp-option SEARCH <domain>,route 10.8.0.1,topology net30,ping 60,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5,peer-id 0,cipher AES-256-GCM' (status=1)
Fri Mar 23 13:34:14 2018 us=633147 */166.176.186.89 Data Channel: using negotiated cipher 'AES-256-GCM'
Fri Mar 23 13:34:14 2018 us=633147 */166.176.186.89 Data Channel MTU parms [ L:1550 D:1450 EF:50 EB:406 ET:0 EL:3 ]
Fri Mar 23 13:34:14 2018 us=633147 */166.176.186.89 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Fri Mar 23 13:34:14 2018 us=633147 */166.176.186.89 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Fri Mar 23 13:38:31 2018 us=86678 */166.176.186.89 [*] Inactivity timeout (--ping-restart), restarting
Fri Mar 23 13:38:31 2018 us=86678 */166.176.186.89 SIGUSR1[soft,ping-restart] received, client-instance restarting
Fri Mar 23 14:00:02 2018 us=330583 MULTI: multi_create_instance called
Fri Mar 23 14:00:02 2018 us=330583 192.168.10.61 Re-using SSL/TLS context
Fri Mar 23 14:00:02 2018 us=330583 192.168.10.61 LZO compression initializing
Fri Mar 23 14:00:02 2018 us=330583 192.168.10.61 Control Channel MTU parms [ L:1622 D:1184 EF:66 EB:0 ET:0 EL:3 ]
Fri Mar 23 14:00:02 2018 us=330583 192.168.10.61 Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
Fri Mar 23 14:00:02 2018 us=330583 192.168.10.61 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-server'
Fri Mar 23 14:00:02 2018 us=330583 192.168.10.61 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-client'
Fri Mar 23 14:00:02 2018 us=330583 192.168.10.61 TLS: Initial packet from [AF_INET6]::ffff:192.168.10.61:58060, sid=7b93e0e7 3d504a4e
Fri Mar 23 14:00:02 2018 us=502460 192.168.10.61 VERIFY OK: depth=1, C=US, ST=OR, L=<city>, O=<domain>, OU=Home, CN=<server>, name=<server>, emailAddress=<email>
Fri Mar 23 14:00:02 2018 us=502460 192.168.10.61 VERIFY OK: depth=0, C=US, ST=OR, L=<city>, O=<domain>, OU=Home, CN=*, name=<name>, emailAddress=<email>
Fri Mar 23 14:00:02 2018 us=502460 192.168.10.61 peer info: IV_GUI_VER=net.openvpn.connect.ios_1.2.9-0
Fri Mar 23 14:00:02 2018 us=502460 192.168.10.61 peer info: IV_VER=3.2
Fri Mar 23 14:00:02 2018 us=502460 192.168.10.61 peer info: IV_PLAT=ios
Fri Mar 23 14:00:02 2018 us=502460 192.168.10.61 peer info: IV_NCP=2
Fri Mar 23 14:00:02 2018 us=502460 192.168.10.61 peer info: IV_TCPNL=1
Fri Mar 23 14:00:02 2018 us=502460 192.168.10.61 peer info: IV_PROTO=2
Fri Mar 23 14:00:02 2018 us=502460 192.168.10.61 peer info: IV_LZO=1
Fri Mar 23 14:00:02 2018 us=502460 192.168.10.61 peer info: IV_AUTO_SESS=1
Fri Mar 23 14:00:02 2018 us=518085 192.168.10.61 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
Fri Mar 23 14:00:02 2018 us=518085 192.168.10.61 [*] Peer Connection Initiated with [AF_INET6]::ffff:192.168.10.61:58060
Fri Mar 23 14:00:02 2018 us=518085 */192.168.10.61 MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=(Not enabled)
Fri Mar 23 14:00:02 2018 us=518085 */192.168.10.61 MULTI: Learn: 10.8.0.6 -> */192.168.10.61
Fri Mar 23 14:00:02 2018 us=518085 */192.168.10.61 MULTI: primary virtual IP for */192.168.10.61: 10.8.0.6
Fri Mar 23 14:00:02 2018 us=518085 */192.168.10.61 PUSH: Received control message: 'PUSH_REQUEST'
Fri Mar 23 14:00:02 2018 us=518085 */192.168.10.61 SENT CONTROL [*]: 'PUSH_REPLY,route 192.168.10.0 255.255.255.0,dhcp-option DNS 192.168.10.10,dhcp-option DOMAIN <domain>,dhcp-option SEARCH <domain>,route 10.8.0.1,topology net30,ping 60,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5,peer-id 0,cipher AES-256-GCM' (status=1)
Fri Mar 23 14:00:02 2018 us=518085 */192.168.10.61 Data Channel: using negotiated cipher 'AES-256-GCM'
Fri Mar 23 14:00:02 2018 us=518085 */192.168.10.61 Data Channel MTU parms [ L:1550 D:1450 EF:50 EB:406 ET:0 EL:3 ]
Fri Mar 23 14:00:02 2018 us=518085 */192.168.10.61 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Fri Mar 23 14:00:02 2018 us=518085 */192.168.10.61 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Fri Mar 23 14:00:04 2018 us=455609 */192.168.10.61 SIGTERM[soft,remote-exit] received, client-instance exiting
Fri Mar 23 14:00:42 2018 us=924861 MULTI: multi_create_instance called
Fri Mar 23 14:00:42 2018 us=924861 166.176.187.226 Re-using SSL/TLS context
Fri Mar 23 14:00:42 2018 us=924861 166.176.187.226 LZO compression initializing
Fri Mar 23 14:00:42 2018 us=924861 166.176.187.226 Control Channel MTU parms [ L:1622 D:1184 EF:66 EB:0 ET:0 EL:3 ]
Fri Mar 23 14:00:42 2018 us=924861 166.176.187.226 Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
Fri Mar 23 14:00:42 2018 us=924861 166.176.187.226 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-server'
Fri Mar 23 14:00:42 2018 us=924861 166.176.187.226 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-client'
Fri Mar 23 14:00:42 2018 us=924861 166.176.187.226 TLS: Initial packet from [AF_INET6]::ffff:166.176.187.226:52961, sid=5113380f 769e244e
Fri Mar 23 14:00:43 2018 us=331114 166.176.187.226 VERIFY OK: depth=1, C=US, ST=OR, L=<city>, O=<domain>, OU=Home, CN=<server>, name=<server>, emailAddress=<email>
Fri Mar 23 14:00:43 2018 us=331114 166.176.187.226 VERIFY OK: depth=0, C=US, ST=OR, L=<city>, O=<domain>, OU=Home, CN=*, name=<name>, emailAddress=<email>
Fri Mar 23 14:00:43 2018 us=424866 166.176.187.226 peer info: IV_GUI_VER=net.openvpn.connect.ios_1.2.9-0
Fri Mar 23 14:00:43 2018 us=424866 166.176.187.226 peer info: IV_VER=3.2
Fri Mar 23 14:00:43 2018 us=424866 166.176.187.226 peer info: IV_PLAT=ios
Fri Mar 23 14:00:43 2018 us=424866 166.176.187.226 peer info: IV_NCP=2
Fri Mar 23 14:00:43 2018 us=424866 166.176.187.226 peer info: IV_TCPNL=1
Fri Mar 23 14:00:43 2018 us=424866 166.176.187.226 peer info: IV_PROTO=2
Fri Mar 23 14:00:43 2018 us=424866 166.176.187.226 peer info: IV_LZO=1
Fri Mar 23 14:00:43 2018 us=424866 166.176.187.226 peer info: IV_AUTO_SESS=1
Fri Mar 23 14:00:43 2018 us=487366 166.176.187.226 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
Fri Mar 23 14:00:43 2018 us=487366 166.176.187.226 [*] Peer Connection Initiated with [AF_INET6]::ffff:166.176.187.226:52961
Fri Mar 23 14:00:43 2018 us=487366 */166.176.187.226 MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=(Not enabled)
Fri Mar 23 14:00:43 2018 us=487366 */166.176.187.226 MULTI: Learn: 10.8.0.6 -> */166.176.187.226
Fri Mar 23 14:00:43 2018 us=487366 */166.176.187.226 MULTI: primary virtual IP for */166.176.187.226: 10.8.0.6
Fri Mar 23 14:00:43 2018 us=502994 */166.176.187.226 PUSH: Received control message: 'PUSH_REQUEST'
Fri Mar 23 14:00:43 2018 us=502994 */166.176.187.226 SENT CONTROL [*]: 'PUSH_REPLY,route 192.168.10.0 255.255.255.0,dhcp-option DNS 192.168.10.10,dhcp-option DOMAIN <domain>,dhcp-option SEARCH <domain>,route 10.8.0.1,topology net30,ping 60,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5,peer-id 0,cipher AES-256-GCM' (status=1)
Fri Mar 23 14:00:43 2018 us=502994 */166.176.187.226 Data Channel: using negotiated cipher 'AES-256-GCM'
Fri Mar 23 14:00:43 2018 us=502994 */166.176.187.226 Data Channel MTU parms [ L:1550 D:1450 EF:50 EB:406 ET:0 EL:3 ]
Fri Mar 23 14:00:43 2018 us=502994 */166.176.187.226 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Fri Mar 23 14:00:43 2018 us=502994 */166.176.187.226 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Fri Mar 23 14:00:45 2018 us=534268 */166.176.187.226 SIGTERM[soft,remote-exit] received, client-instance exiting
Fri Mar 23 14:02:47 2018 us=285343 MULTI: multi_create_instance called
Fri Mar 23 14:02:47 2018 us=285343 166.176.187.226 Re-using SSL/TLS context
Fri Mar 23 14:02:47 2018 us=285343 166.176.187.226 LZO compression initializing
Fri Mar 23 14:02:47 2018 us=285343 166.176.187.226 Control Channel MTU parms [ L:1622 D:1184 EF:66 EB:0 ET:0 EL:3 ]
Fri Mar 23 14:02:47 2018 us=285343 166.176.187.226 Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
Fri Mar 23 14:02:47 2018 us=285343 166.176.187.226 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-server'
Fri Mar 23 14:02:47 2018 us=285343 166.176.187.226 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-client'
Fri Mar 23 14:02:47 2018 us=285343 166.176.187.226 TLS: Initial packet from [AF_INET6]::ffff:166.176.187.226:31463, sid=058d5f58 1a1fafe3
Fri Mar 23 14:02:47 2018 us=722843 166.176.187.226 VERIFY OK: depth=1, C=US, ST=OR, L=<city>, O=<domain>, OU=Home, CN=<server>, name=<server>, emailAddress=<email>
Fri Mar 23 14:02:47 2018 us=722843 166.176.187.226 VERIFY OK: depth=0, C=US, ST=OR, L=<city>, O=<domain>, OU=Home, CN=*, name=<name>, emailAddress=<email>
Fri Mar 23 14:02:47 2018 us=800970 166.176.187.226 peer info: IV_GUI_VER=net.openvpn.connect.ios_1.2.9-0
Fri Mar 23 14:02:47 2018 us=800970 166.176.187.226 peer info: IV_VER=3.2
Fri Mar 23 14:02:47 2018 us=800970 166.176.187.226 peer info: IV_PLAT=ios
Fri Mar 23 14:02:47 2018 us=800970 166.176.187.226 peer info: IV_NCP=2
Fri Mar 23 14:02:47 2018 us=800970 166.176.187.226 peer info: IV_TCPNL=1
Fri Mar 23 14:02:47 2018 us=800970 166.176.187.226 peer info: IV_PROTO=2
Fri Mar 23 14:02:47 2018 us=800970 166.176.187.226 peer info: IV_LZO=1
Fri Mar 23 14:02:47 2018 us=800970 166.176.187.226 peer info: IV_AUTO_SESS=1
Fri Mar 23 14:02:47 2018 us=879094 166.176.187.226 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
Fri Mar 23 14:02:47 2018 us=879094 166.176.187.226 [*] Peer Connection Initiated with [AF_INET6]::ffff:166.176.187.226:31463
Fri Mar 23 14:02:47 2018 us=879094 */166.176.187.226 MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=(Not enabled)
Fri Mar 23 14:02:47 2018 us=879094 */166.176.187.226 MULTI: Learn: 10.8.0.6 -> */166.176.187.226
Fri Mar 23 14:02:47 2018 us=879094 */166.176.187.226 MULTI: primary virtual IP for */166.176.187.226: 10.8.0.6
Fri Mar 23 14:02:47 2018 us=894719 */166.176.187.226 PUSH: Received control message: 'PUSH_REQUEST'
Fri Mar 23 14:02:47 2018 us=894719 */166.176.187.226 SENT CONTROL [*]: 'PUSH_REPLY,route 192.168.10.0 255.255.255.0,dhcp-option DNS 192.168.10.10,dhcp-option DOMAIN <domain>,dhcp-option SEARCH <domain>,route 10.8.0.1,topology net30,ping 60,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5,peer-id 0,cipher AES-256-GCM' (status=1)
Fri Mar 23 14:02:47 2018 us=894719 */166.176.187.226 Data Channel: using negotiated cipher 'AES-256-GCM'
Fri Mar 23 14:02:47 2018 us=894719 */166.176.187.226 Data Channel MTU parms [ L:1550 D:1450 EF:50 EB:406 ET:0 EL:3 ]
Fri Mar 23 14:02:47 2018 us=894719 */166.176.187.226 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Fri Mar 23 14:02:47 2018 us=894719 */166.176.187.226 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Fri Mar 23 14:04:49 2018 us=238950 */166.176.187.226 SIGTERM[soft,remote-exit] received, client-instance exiting
Fri Mar 23 14:05:37 2018 us=379678 MULTI: multi_create_instance called
Fri Mar 23 14:05:37 2018 us=379678 166.176.187.226 Re-using SSL/TLS context
Fri Mar 23 14:05:37 2018 us=379678 166.176.187.226 LZO compression initializing
Fri Mar 23 14:05:37 2018 us=395300 166.176.187.226 Control Channel MTU parms [ L:1622 D:1184 EF:66 EB:0 ET:0 EL:3 ]
Fri Mar 23 14:05:37 2018 us=395300 166.176.187.226 Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
Fri Mar 23 14:05:37 2018 us=395300 166.176.187.226 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-server'
Fri Mar 23 14:05:37 2018 us=395300 166.176.187.226 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-client'
Fri Mar 23 14:05:37 2018 us=395300 166.176.187.226 TLS: Initial packet from [AF_INET6]::ffff:166.176.187.226:33724, sid=84679226 d7c27a47
Fri Mar 23 14:05:37 2018 us=942175 166.176.187.226 VERIFY OK: depth=1, C=US, ST=OR, L=<city>, O=<domain>, OU=Home, CN=<server>, name=<server>, emailAddress=<email>
Fri Mar 23 14:05:37 2018 us=942175 166.176.187.226 VERIFY OK: depth=0, C=US, ST=OR, L=<city>, O=<domain>, OU=Home, CN=*, name=<name>, emailAddress=<email>
Fri Mar 23 14:05:38 2018 us=35927 166.176.187.226 peer info: IV_GUI_VER=net.openvpn.connect.ios_1.2.9-0
Fri Mar 23 14:05:38 2018 us=35927 166.176.187.226 peer info: IV_VER=3.2
Fri Mar 23 14:05:38 2018 us=35927 166.176.187.226 peer info: IV_PLAT=ios
Fri Mar 23 14:05:38 2018 us=35927 166.176.187.226 peer info: IV_NCP=2
Fri Mar 23 14:05:38 2018 us=35927 166.176.187.226 peer info: IV_TCPNL=1
Fri Mar 23 14:05:38 2018 us=35927 166.176.187.226 peer info: IV_PROTO=2
Fri Mar 23 14:05:38 2018 us=35927 166.176.187.226 peer info: IV_LZO=1
Fri Mar 23 14:05:38 2018 us=35927 166.176.187.226 peer info: IV_AUTO_SESS=1
Fri Mar 23 14:05:38 2018 us=114057 166.176.187.226 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
Fri Mar 23 14:05:38 2018 us=114057 166.176.187.226 [*] Peer Connection Initiated with [AF_INET6]::ffff:166.176.187.226:33724
Fri Mar 23 14:05:38 2018 us=114057 */166.176.187.226 MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=(Not enabled)
Fri Mar 23 14:05:38 2018 us=114057 */166.176.187.226 MULTI: Learn: 10.8.0.6 -> */166.176.187.226
Fri Mar 23 14:05:38 2018 us=114057 */166.176.187.226 MULTI: primary virtual IP for */166.176.187.226: 10.8.0.6
Fri Mar 23 14:05:38 2018 us=114057 */166.176.187.226 PUSH: Received control message: 'PUSH_REQUEST'
Fri Mar 23 14:05:38 2018 us=114057 */166.176.187.226 SENT CONTROL [*]: 'PUSH_REPLY,route 192.168.10.0 255.255.255.0,dhcp-option DNS 192.168.10.10,dhcp-option DOMAIN <domain>,dhcp-option SEARCH <domain>,route 10.8.0.1,topology net30,ping 60,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5,peer-id 0,cipher AES-256-GCM' (status=1)
Fri Mar 23 14:05:38 2018 us=114057 */166.176.187.226 Data Channel: using negotiated cipher 'AES-256-GCM'
Fri Mar 23 14:05:38 2018 us=114057 */166.176.187.226 Data Channel MTU parms [ L:1550 D:1450 EF:50 EB:406 ET:0 EL:3 ]
Fri Mar 23 14:05:38 2018 us=114057 */166.176.187.226 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Fri Mar 23 14:05:38 2018 us=114057 */166.176.187.226 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Fri Mar 23 14:07:40 2018 us=692177 */166.176.187.226 SIGTERM[soft,remote-exit] received, client-instance exiting
Fri Mar 23 14:07:43 2018 us=910928 MULTI: multi_create_instance called
Fri Mar 23 14:07:43 2018 us=910928 166.176.187.226 Re-using SSL/TLS context
Fri Mar 23 14:07:43 2018 us=910928 166.176.187.226 LZO compression initializing
Fri Mar 23 14:07:43 2018 us=910928 166.176.187.226 Control Channel MTU parms [ L:1622 D:1184 EF:66 EB:0 ET:0 EL:3 ]
Fri Mar 23 14:07:43 2018 us=910928 166.176.187.226 Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
Fri Mar 23 14:07:43 2018 us=910928 166.176.187.226 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-server'
Fri Mar 23 14:07:43 2018 us=910928 166.176.187.226 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-client'
Fri Mar 23 14:07:43 2018 us=910928 166.176.187.226 TLS: Initial packet from [AF_INET6]::ffff:166.176.187.226:29460, sid=3e602008 2cbabedc
Fri Mar 23 14:07:44 2018 us=426550 166.176.187.226 VERIFY OK: depth=1, C=US, ST=OR, L=<city>, O=<domain>, OU=Home, CN=<server>, name=<server>, emailAddress=<email>
Fri Mar 23 14:07:44 2018 us=426550 166.176.187.226 VERIFY OK: depth=0, C=US, ST=OR, L=<city>, O=<domain>, OU=Home, CN=*, name=<name>, emailAddress=<email>
Fri Mar 23 14:07:44 2018 us=504676 166.176.187.226 peer info: IV_GUI_VER=net.openvpn.connect.ios_1.2.9-0
Fri Mar 23 14:07:44 2018 us=504676 166.176.187.226 peer info: IV_VER=3.2
Fri Mar 23 14:07:44 2018 us=504676 166.176.187.226 peer info: IV_PLAT=ios
Fri Mar 23 14:07:44 2018 us=504676 166.176.187.226 peer info: IV_NCP=2
Fri Mar 23 14:07:44 2018 us=504676 166.176.187.226 peer info: IV_TCPNL=1
Fri Mar 23 14:07:44 2018 us=504676 166.176.187.226 peer info: IV_PROTO=2
Fri Mar 23 14:07:44 2018 us=504676 166.176.187.226 peer info: IV_LZO=1
Fri Mar 23 14:07:44 2018 us=504676 166.176.187.226 peer info: IV_AUTO_SESS=1
Fri Mar 23 14:07:44 2018 us=567175 166.176.187.226 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
Fri Mar 23 14:07:44 2018 us=567175 166.176.187.226 [*] Peer Connection Initiated with [AF_INET6]::ffff:166.176.187.226:29460
Fri Mar 23 14:07:44 2018 us=567175 */166.176.187.226 MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=(Not enabled)
Fri Mar 23 14:07:44 2018 us=567175 */166.176.187.226 MULTI: Learn: 10.8.0.6 -> */166.176.187.226
Fri Mar 23 14:07:44 2018 us=567175 */166.176.187.226 MULTI: primary virtual IP for */166.176.187.226: 10.8.0.6
Fri Mar 23 14:07:44 2018 us=567175 */166.176.187.226 PUSH: Received control message: 'PUSH_REQUEST'
Fri Mar 23 14:07:44 2018 us=567175 */166.176.187.226 SENT CONTROL [*]: 'PUSH_REPLY,route 192.168.10.0 255.255.255.0,dhcp-option DNS 192.168.10.10,dhcp-option DOMAIN <domain>,dhcp-option SEARCH <domain>,route 10.8.0.1,topology net30,ping 60,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5,peer-id 0,cipher AES-256-GCM' (status=1)
Fri Mar 23 14:07:44 2018 us=567175 */166.176.187.226 Data Channel: using negotiated cipher 'AES-256-GCM'
Fri Mar 23 14:07:44 2018 us=567175 */166.176.187.226 Data Channel MTU parms [ L:1550 D:1450 EF:50 EB:406 ET:0 EL:3 ]
Fri Mar 23 14:07:44 2018 us=567175 */166.176.187.226 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Fri Mar 23 14:07:44 2018 us=567175 */166.176.187.226 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Fri Mar 23 14:08:04 2018 us=332882 */166.176.187.226 SIGTERM[soft,remote-exit] received, client-instance exiting

Client Log:

Code: Select all

2018-03-23 14:07:44 VERIFY OK : depth=0
cert. version    : 3
serial number    : 01
issuer name      : C=US, ST=OR, L=<city>, O=<domain>, OU=Home, CN=<server>, ??=<server>, emailAddress=<email>
subject name      : C=US, ST=OR, L=<city>, O=<domain>, OU=Home, CN=<server>, ??=<server>, emailAddress=<email>
issued  on        : 2018-02-23 00:45:44
expires on        : 2028-02-21 00:45:44
signed using      : RSA with SHA1
RSA key size      : 4096 bits
basic constraints : CA=false
cert. type        : SSL Server
key usage        : Digital Signature, Key Encipherment
ext key usage    : TLS Web Server Authentication

2018-03-23 14:07:44 SSL Handshake: TLSv1.2/TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384
2018-03-23 14:07:44 Session is ACTIVE
2018-03-23 14:07:44 EVENT: GET_CONFIG
2018-03-23 14:07:44 Sending PUSH_REQUEST to server...
2018-03-23 14:07:44 OPTIONS:
0 [route] [192.168.10.0] [255.255.255.0] 
1 [dhcp-option] [DNS] [192.168.10.10] 
2 [dhcp-option] [DOMAIN] [<domain>] 
3 [dhcp-option] [SEARCH] [<domain>] 
4 [route] [10.8.0.1] 
5 [topology] [net30] 
6 [ping] [60] 
7 [ping-restart] [120] 
8 [ifconfig] [10.8.0.6] [10.8.0.5] 
9 [peer-id] [0] 
10 [cipher] [AES-256-GCM] 

2018-03-23 14:07:44 PROTOCOL OPTIONS:
 cipher: AES-256-GCM
 digest: SHA1
 compress: LZO
 peer ID: 0
2018-03-23 14:07:44 EVENT: ASSIGN_IP
2018-03-23 14:07:44 NIP: preparing TUN network settings
2018-03-23 14:07:44 NIP: init TUN network settings with endpoint: <ip>
2018-03-23 14:07:44 NIP: adding IPv4 address to network settings 10.8.0.6/255.255.255.252
2018-03-23 14:07:44 NIP: adding (included) IPv4 route 10.8.0.4/30
2018-03-23 14:07:44 NIP: adding (included) IPv4 route 192.168.10.0/24
2018-03-23 14:07:44 NIP: adding (included) IPv4 route 10.8.0.1/32
2018-03-23 14:07:44 NIP: adding DNS 192.168.10.10
2018-03-23 14:07:44 NIP: adding match domain <domain>
2018-03-23 14:07:44 NIP: adding DNS specific routes:
2018-03-23 14:07:44 NIP: adding (included) IPv4 route 192.168.10.10/32
2018-03-23 14:07:44 Connected via NetworkExtensionTUN
2018-03-23 14:07:44 LZO-ASYM init swap=0 asym=0
2018-03-23 14:07:44 EVENT: CONNECTED @<domain>:<port> (<ip>) via /UDPv4 on NetworkExtensionTUN/10.8.0.6/ gw=[/]
2018-03-23 14:08:04 EVENT: DISCONNECTED
2018-03-23 14:08:04 Raw stats on disconnect:
 BYTES_IN : 17338
 BYTES_OUT : 13979
 PACKETS_IN : 41
 PACKETS_OUT : 70
 TUN_BYTES_IN : 1742
 TUN_PACKETS_IN : 26
 N_PAUSE : 3
 N_RECONNECT : 3
2018-03-23 14:08:04 Performance stats on disconnect:
 CPU usage (microseconds): 800208
 Tunnel compression ratio (downlink): inf
 Network bytes per CPU second: 39136
 Tunnel bytes per CPU second: 2176

TinCanTech · Post by **TinCanTech** » Fri Mar 23, 2018 10:41 pm

What happens if you push --explicit-exit-notify 3 to the client ?

also .. check that ping the server works ..

Post by **Pippin** » Fri Mar 23, 2018 11:56 pm

Wireshark on the server...

TinCanTech · Post by **TinCanTech** » Sat Mar 24, 2018 12:07 am

I am more curious to find out if openvpn is not working ..

slakr007 · Post by **slakr007** » Sat Mar 24, 2018 12:12 am

Maybe I didn't do it right, but I replaced "explicit-exit-notify 1" with "push explicit-exit-notify 3" in the server config and nothing seemed to change after a server restart.

slakr007 · Post by **slakr007** » Sat Mar 24, 2018 12:17 am

I feel like too many variables are in play here. Maybe it would be better to start with a spare router and computer I have lying around and try to build up from there. It'll be easier to disable everything a slowly add things back in.

slakr007 · Post by **slakr007** » Sat Mar 24, 2018 1:14 am

Well, setting up a dumb router and Windows 7 machine behind it running OpenVPN server with the same configuration files (minor modifications for the subnet) seems to allow a client to ping 10.8.0.1 when connected if the firewall is disabled for the tap adapter (I tried this on my real server to no avail). Still unable to talk to the subnet, though.

In this prototype, the router is 192.168.10.240 on my real LAN, and it runs the 192.168.1.0/24 subnet where the OpenVPN server is 192.168.1.100. I modified the server config with: push "route 192.168.1.0 255.255.255.0" and added a static route to the dumb router for 10.8.0.0/24 > 192.168.1.100. I have the firewalls disabled completely for both the dumb router and the Windows 7 machine.

TinCanTech · Post by **TinCanTech** » Sat Mar 24, 2018 2:20 am

Apparently, Pigs can also fly .. but you really have to fkn kick 'em hard.

Odds on .. it's the firewall ..

If you prefer The Truth and not More Bollox .. please add a +1 here.

slakr007 · Post by **slakr007** » Sat Mar 24, 2018 2:49 am

Yeah, I'm not sure about that if the dumber router and Windows 7 machine have their firewalls disabled. Since I can ping 10.8.0.1 in that prototype setup, it seems like it would be a routing issue. The HOWTO just says to push route in the server config and add a static route from 10.8.0.0/24 to the OpenVPN server. Pretty sure I did that.

As far as the actual implementation goes, I'll buy that a firewall is blocking the ping. Except, I just went nuclear...I did a full-on `firewall stop` on OpenWRT and shutdown the Windows firewall on the server. I can connect, but still can't ping 10.8.0.1. In the prototype setup, I just had to either shutoff the Windows firewall or disable blocking on the tun interface. The router firewall didn't seem to have any effect.

TinCanTech · Post by **TinCanTech** » Sat Mar 24, 2018 3:29 am

I am gonna go easy on you ..

slakr007 wrote: ↑
Sat Mar 24, 2018 2:49 am
As far as the actual implementation goes, I'll buy that a firewall is blocking the ping. Except, I just went nuclear...I did a full-on `firewall stop` on OpenWRT and shutdown the Windows firewall on the server. I can connect, but still can't ping 10.8.0.1. In the prototype setup, I

Bump your log to --verb to 7 and you ought to see ping's

Otherwise, your network is so foobar'd it is not worth saving ..

Unless you can prove otherwise .....

OpenVPN Support Forum

Accessing local LAN through OpenVPN.

Accessing local LAN through OpenVPN.

Re: Accessing local LAN through OpenVPN.

Re: Accessing local LAN through OpenVPN.

Re: Accessing local LAN through OpenVPN.

Re: Accessing local LAN through OpenVPN.

Re: Accessing local LAN through OpenVPN.

Re: Accessing local LAN through OpenVPN.

Re: Accessing local LAN through OpenVPN.

Re: Accessing local LAN through OpenVPN.

Re: Accessing local LAN through OpenVPN.

Re: Accessing local LAN through OpenVPN.

Re: Accessing local LAN through OpenVPN.

Re: Accessing local LAN through OpenVPN.

Re: Accessing local LAN through OpenVPN.

Re: Accessing local LAN through OpenVPN.

Re: Accessing local LAN through OpenVPN.

Re: Accessing local LAN through OpenVPN.

Re: Accessing local LAN through OpenVPN.

Re: Accessing local LAN through OpenVPN.

Re: Accessing local LAN through OpenVPN.