vpn connects but no traffic

This forum is for admins who are looking to build or expand their OpenVPN setup.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
mattlev2
OpenVpn Newbie
Posts: 12
Joined: Fri Dec 28, 2018 12:11 pm

vpn connects but no traffic

Post by mattlev2 » Fri Dec 28, 2018 5:31 pm

Hi i have just set up a openvpn client in a freenas 9.10u6 jail

The service is running and its listening on port 10011
When i put my .opvn file onto my phone it connects and shows upstream traffic but i get nothing downstream
i am unable to access the internet or devices on the network

See below for configs and outputs from shell(SSH)

[oconf=root@openvpn:# ps aux]
USER PID %CPU %MEM VSZ RSS TT STAT STARTED TIME COMMAND
root 23286 0.0 0.0 14656 1904 - IsJ 3:10AM 0:00.00 dhclient: epair2b [priv] (dhclient)
_dhcp 23351 0.0 0.0 14656 2020 - IsJ 3:10AM 0:00.00 dhclient: epair2b (dhclient)
root 23783 0.0 0.0 14528 1812 - IsJ 3:10AM 0:00.00 /usr/sbin/syslogd -s
nobody 23817 0.0 0.0 23948 4732 - SsJ 3:10AM 0:00.02 /usr/local/sbin/openvpn --cd /mnt/keys --daemon openvpn --config /usr/local/share/easy-rsa/openvpn.conf --wr
root 23849 0.0 0.0 16624 1988 - SsJ 3:10AM 0:00.00 /usr/sbin/cron -s
root 25576 0.0 0.0 23600 2932 0 SJ 3:15AM 0:00.01 /bin/csh -i
root 25581 0.0 0.0 18768 1788 0 R+J 3:16AM 0:00.00 ps aux
[/oconf]

[oconf=root@openvpn: # sockstat]USER COMMAND PID FD PROTO LOCAL ADDRESS FOREIGN ADDRESS
root cron 23849 4 dgram -> /var/run/logpriv
nobody openvpn 23817 4 dgram -> /var/run/logpriv
nobody openvpn 23817 7 udp4 6 *:10011 *:*
root syslogd 23783 4 dgram /var/run/log
root syslogd 23783 5 dgram /var/run/logpriv
root syslogd 23783 6 udp6 *:514 *:*
root syslogd 23783 7 udp4 *:514 *:*[/oconf]

ovpn

client
dev tun
proto udp
remote myddns 10011
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert mycert.crt
key mykey.key
remote-cert-tls server
cipher AES-256-CBC
auth SHA256
tls-auth ta.key 1
dhcp-option DNS 192.168.1.1
redirect-gateway def1
comp-lzo
verb 3


openvpn conf
port 10011
proto udp
dev tun
ca /usr/local/share/easy-rsa/pki/ca.crt
cert /usr/local/share/easy-rsa/pki/issued/openvpn-server.crt
key /usr/local/share/easy-rsa/pki/private/openvpn-server.key
dh /usr/local/share/easy-rsa/pki/dh.pem
server 172.16.8.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "route 10.8.0.0 255.255.255.0"
tls-auth /usr/local/share/easy-rsa/pki/ta.key 0
#crl-verify crl.pem
keepalive 10 120
cipher AES-256-CBC
auth SHA256
group nobody
user nobody
comp-lzo
persist-key
persist-tun
verb 3




[oconf=root@openvpn:/usr/local/share/easy-rsa/pki # openvpn --config /usr/local/share/easy-rsa/openvpn.conf]Fri Dec 28 03:24:18 2018 OpenVPN 2.4.6 amd64-portbld-freebsd10.4 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Sep 29 2018
Fri Dec 28 03:24:18 2018 library versions: OpenSSL 1.0.1s-freebsd 1 Mar 2016, LZO 2.10
Fri Dec 28 03:24:18 2018 NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x. Be aware that this might create routing conflicts if you connect to the VPN server from public locations such as internet cafes that use the same subnet.
Fri Dec 28 03:24:18 2018 Diffie-Hellman initialized with 2048 bit key
Fri Dec 28 03:24:18 2018 Failed to extract curve from certificate (UNDEF), using secp384r1 instead.
Fri Dec 28 03:24:18 2018 ECDH curve secp384r1 added
Fri Dec 28 03:24:18 2018 Outgoing Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Fri Dec 28 03:24:18 2018 Incoming Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Fri Dec 28 03:24:18 2018 ROUTE_GATEWAY 192.168.1.1/255.255.255.0 IFACE=epair2b HWADDR=ba:07:c6:7f:65:e9
Fri Dec 28 03:24:18 2018 TUN/TAP device /dev/tun0 opened
Fri Dec 28 03:24:18 2018 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Fri Dec 28 03:24:18 2018 /sbin/ifconfig tun0 172.16.8.1 172.16.8.2 mtu 1500 netmask 255.255.255.255 up
Fri Dec 28 03:24:18 2018 /sbin/route add -net 172.16.8.0 172.16.8.2 255.255.255.0 add net 172.16.8.0: gateway 172.16.8.2
Fri Dec 28 03:24:18 2018 Could not determine IPv4/IPv6 protocol. Using AF_INET6
Fri Dec 28 03:24:18 2018 Socket Buffers: R=[42080->42080] S=[9216->9216]
Fri Dec 28 03:24:18 2018 setsockopt(IPV6_V6ONLY=0)
Fri Dec 28 03:24:18 2018 UDPv6 link local (bound): [AF_INET6][undef]:10011
Fri Dec 28 03:24:18 2018 UDPv6 link remote: [AF_UNSPEC]
Fri Dec 28 03:24:18 2018 GID set to nobody
Fri Dec 28 03:24:18 2018 UID set to nobody
Fri Dec 28 03:24:18 2018 MULTI: multi_init called, r=256 v=256
Fri Dec 28 03:24:18 2018 IFCONFIG POOL: base=172.16.8.4 size=62, ipv6=0
Fri Dec 28 03:24:18 2018 ifconfig_pool_read(), in='nas ca,172.16.8.4', TODO: IPv6
Fri Dec 28 03:24:18 2018 succeeded -> ifconfig_pool_set()
Fri Dec 28 03:24:18 2018 IFCONFIG POOL LIST
Fri Dec 28 03:24:18 2018 nas ca,172.16.8.4
Fri Dec 28 03:24:18 2018 Initialization Sequence Completed
[/oconf]

My LAN uses a 192.168.x.x address, don't know if this is important

If there is any commands you need me to post results of or files to help diagnose let me know

mattlev2
OpenVpn Newbie
Posts: 12
Joined: Fri Dec 28, 2018 12:11 pm

Re: vpn connects but no traffic

Post by mattlev2 » Mon Dec 31, 2018 4:57 pm

Bump bump bump bump

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: vpn connects but no traffic

Post by TinCanTech » Mon Dec 31, 2018 5:16 pm

I don't know how your device does it but you probably need NAT on the server end.
(Although, that is probably done automatically if you setup the device properly)

So, check your server firewall ..

atclaus
OpenVpn Newbie
Posts: 9
Joined: Mon Dec 31, 2018 5:44 pm

Re: vpn connects but no traffic

Post by atclaus » Mon Dec 31, 2018 6:10 pm

What firewall are you using? Have you modified it to push traffic to the right internet device?

mattlev2
OpenVpn Newbie
Posts: 12
Joined: Fri Dec 28, 2018 12:11 pm

Re: vpn connects but no traffic

Post by mattlev2 » Tue Jan 01, 2019 10:24 am

TinCanTech wrote:
Mon Dec 31, 2018 5:16 pm
I don't know how your device does it but you probably need NAT on the server end.
(Although, that is probably done automatically if you setup the device properly)

So, check your server firewall ..
atclaus wrote:
Mon Dec 31, 2018 6:10 pm
What firewall are you using? Have you modified it to push traffic to the right internet device?
my network runs as line in -> virgin superhub -> TPlink AC1200 -> Dell Optiplex t310 running Freenas 9.10 U6
when connected to the VPN i get a 'keepalive' packet back from the jail every 10 seconds as in the openvpn.conf but no traffic gets through either to the internet and back or to my LAN devices so now i think about it its gonna be a firewall/routing issue, i just cant seem to get where the problem lies within that
i just realised i am missing the firewall rules from the above post

ipfw.rules


#!/bin/sh

EPAIR=$(/sbin/ifconfig -l | tr " " "\n" | /usr/bin/grep epair)
ipfw -q -f flush
ipfw -q nat 1 config if ${EPAIR}
ipfw -q add nat 1 all from 172.16.8.0/24 to any out via ${EPAIR}
ipfw -q add nat 1 all from any to any in via ${EPAIR}

TUN=$(/sbin/ifconfig -l | tr " " "\n" | /usr/bin/grep tun)
ifconfig ${TUN} name tun0


[oconf=root@openvpn:/ # ipfw list]
00100 nat 1 ip from 172.16.8.0/24 to any out via epair2b
00200 nat 1 ip from any to any in via epair2b
65535 allow ip from any to any
[/oconf]

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: vpn connects but no traffic

Post by TinCanTech » Wed Jan 02, 2019 3:12 am

FreeNAS are quite capable of supporting you ..

mattlev2
OpenVpn Newbie
Posts: 12
Joined: Fri Dec 28, 2018 12:11 pm

Re: vpn connects but no traffic

Post by mattlev2 » Wed Jan 02, 2019 7:37 pm

TinCanTech wrote:
Wed Jan 02, 2019 3:12 am
FreeNAS are quite capable of supporting you ..
No ideas then?

Doesn't seem like their forums are very active I posted there and no response

I figured if anyone would know openvpn it's be the openvpn forums

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: vpn connects but no traffic

Post by TinCanTech » Wed Jan 02, 2019 8:20 pm

mattlev2 wrote:
Wed Jan 02, 2019 7:37 pm
No ideas then?
Need more details:
viewtopic.php?f=30&t=22603

mattlev2
OpenVpn Newbie
Posts: 12
Joined: Fri Dec 28, 2018 12:11 pm

Re: vpn connects but no traffic

Post by mattlev2 » Wed Jan 02, 2019 10:24 pm

TinCanTech wrote:
Wed Jan 02, 2019 8:20 pm
mattlev2 wrote:
Wed Jan 02, 2019 7:37 pm
No ideas then?
Need more details:
viewtopic.php?f=30&t=22603
i was unable to get a log from the client side, not sure if thats a restriction of android?

openvpn log verb 4 - loaded and after connection

Wed Jan 2 14:20:28 2019 us=718062 Current Parameter Settings:
Wed Jan 2 14:20:28 2019 us=718337 config = '/usr/local/share/easy-rsa/openvpn.conf'
Wed Jan 2 14:20:28 2019 us=718358 mode = 1
Wed Jan 2 14:20:28 2019 us=718376 show_ciphers = DISABLED
Wed Jan 2 14:20:28 2019 us=718393 show_digests = DISABLED
Wed Jan 2 14:20:28 2019 us=718410 show_engines = DISABLED
Wed Jan 2 14:20:28 2019 us=718430 genkey = DISABLED
Wed Jan 2 14:20:28 2019 us=718448 key_pass_file = '[UNDEF]'
Wed Jan 2 14:20:28 2019 us=718465 show_tls_ciphers = DISABLED
Wed Jan 2 14:20:28 2019 us=718482 connect_retry_max = 0
Wed Jan 2 14:20:28 2019 us=718498 Connection profiles [0]:
Wed Jan 2 14:20:28 2019 us=718515 proto = udp
Wed Jan 2 14:20:28 2019 us=718532 local = '[UNDEF]'
Wed Jan 2 14:20:28 2019 us=718549 local_port = '10011'
Wed Jan 2 14:20:28 2019 us=718566 remote = '[UNDEF]'
Wed Jan 2 14:20:28 2019 us=718582 remote_port = '10011'
Wed Jan 2 14:20:28 2019 us=718599 remote_float = DISABLED
Wed Jan 2 14:20:28 2019 us=718616 bind_defined = DISABLED
Wed Jan 2 14:20:28 2019 us=718632 bind_local = ENABLED
Wed Jan 2 14:20:28 2019 us=718648 bind_ipv6_only = DISABLED
Wed Jan 2 14:20:28 2019 us=718664 connect_retry_seconds = 5
Wed Jan 2 14:20:28 2019 us=718680 connect_timeout = 120
Wed Jan 2 14:20:28 2019 us=718696 socks_proxy_server = '[UNDEF]'
Wed Jan 2 14:20:28 2019 us=718712 socks_proxy_port = '[UNDEF]'
Wed Jan 2 14:20:28 2019 us=718728 tun_mtu = 1500
Wed Jan 2 14:20:28 2019 us=718745 tun_mtu_defined = ENABLED
Wed Jan 2 14:20:28 2019 us=718761 link_mtu = 1500
Wed Jan 2 14:20:28 2019 us=718777 link_mtu_defined = DISABLED
Wed Jan 2 14:20:28 2019 us=718793 tun_mtu_extra = 0
Wed Jan 2 14:20:28 2019 us=718809 tun_mtu_extra_defined = DISABLED
Wed Jan 2 14:20:28 2019 us=718825 mtu_discover_type = -1
Wed Jan 2 14:20:28 2019 us=718841 fragment = 0
Wed Jan 2 14:20:28 2019 us=718857 mssfix = 1450
Wed Jan 2 14:20:28 2019 us=718873 explicit_exit_notification = 0
Wed Jan 2 14:20:28 2019 us=718889 Connection profiles END
Wed Jan 2 14:20:28 2019 us=718905 remote_random = DISABLED
Wed Jan 2 14:20:28 2019 us=718921 ipchange = '[UNDEF]'
Wed Jan 2 14:20:28 2019 us=718937 dev = 'tun'
Wed Jan 2 14:20:28 2019 us=718954 dev_type = '[UNDEF]'
Wed Jan 2 14:20:28 2019 us=718970 dev_node = '[UNDEF]'
Wed Jan 2 14:20:28 2019 us=718986 lladdr = '[UNDEF]'
Wed Jan 2 14:20:28 2019 us=719002 topology = 1
Wed Jan 2 14:20:28 2019 us=719018 ifconfig_local = '172.16.8.1'
Wed Jan 2 14:20:28 2019 us=719034 ifconfig_remote_netmask = '172.16.8.2'
Wed Jan 2 14:20:28 2019 us=719054 ifconfig_noexec = DISABLED
Wed Jan 2 14:20:28 2019 us=719071 ifconfig_nowarn = DISABLED
Wed Jan 2 14:20:28 2019 us=719087 ifconfig_ipv6_local = '[UNDEF]'
Wed Jan 2 14:20:28 2019 us=719104 ifconfig_ipv6_netbits = 0
Wed Jan 2 14:20:28 2019 us=719120 ifconfig_ipv6_remote = '[UNDEF]'
Wed Jan 2 14:20:28 2019 us=719136 shaper = 0
Wed Jan 2 14:20:28 2019 us=719152 mtu_test = 0
Wed Jan 2 14:20:28 2019 us=719168 mlock = DISABLED
Wed Jan 2 14:20:28 2019 us=719184 keepalive_ping = 10
Wed Jan 2 14:20:28 2019 us=719200 keepalive_timeout = 120
Wed Jan 2 14:20:28 2019 us=719216 inactivity_timeout = 0
Wed Jan 2 14:20:28 2019 us=719232 ping_send_timeout = 10
Wed Jan 2 14:20:28 2019 us=719248 ping_rec_timeout = 240
Wed Jan 2 14:20:28 2019 us=719264 ping_rec_timeout_action = 2
Wed Jan 2 14:20:28 2019 us=719280 ping_timer_remote = DISABLED
Wed Jan 2 14:20:28 2019 us=719296 remap_sigusr1 = 0
Wed Jan 2 14:20:28 2019 us=719312 persist_tun = ENABLED
Wed Jan 2 14:20:28 2019 us=719329 persist_local_ip = DISABLED
Wed Jan 2 14:20:28 2019 us=719345 persist_remote_ip = DISABLED
Wed Jan 2 14:20:28 2019 us=719361 persist_key = ENABLED
Wed Jan 2 14:20:28 2019 us=719377 passtos = DISABLED
Wed Jan 2 14:20:28 2019 us=719393 resolve_retry_seconds = 1000000000
Wed Jan 2 14:20:28 2019 us=719409 resolve_in_advance = DISABLED
Wed Jan 2 14:20:28 2019 us=719425 username = 'nobody'
Wed Jan 2 14:20:28 2019 us=719441 groupname = 'nobody'
Wed Jan 2 14:20:28 2019 us=719457 chroot_dir = '[UNDEF]'
Wed Jan 2 14:20:28 2019 us=719474 cd_dir = '/mnt/keys'
Wed Jan 2 14:20:28 2019 us=719490 writepid = '/var/run/openvpn.pid'
Wed Jan 2 14:20:28 2019 us=719506 up_script = '[UNDEF]'
Wed Jan 2 14:20:28 2019 us=719522 down_script = '[UNDEF]'
Wed Jan 2 14:20:28 2019 us=719538 down_pre = DISABLED
Wed Jan 2 14:20:28 2019 us=719555 up_restart = DISABLED
Wed Jan 2 14:20:28 2019 us=719571 up_delay = DISABLED
Wed Jan 2 14:20:28 2019 us=719587 daemon = ENABLED
Wed Jan 2 14:20:28 2019 us=719603 inetd = 0
Wed Jan 2 14:20:28 2019 us=719619 log = ENABLED
Wed Jan 2 14:20:28 2019 us=719635 suppress_timestamps = DISABLED
Wed Jan 2 14:20:28 2019 us=719651 machine_readable_output = DISABLED
Wed Jan 2 14:20:28 2019 us=719667 nice = 0
Wed Jan 2 14:20:28 2019 us=719683 verbosity = 4
Wed Jan 2 14:20:28 2019 us=719700 mute = 0
Wed Jan 2 14:20:28 2019 us=719716 gremlin = 0
Wed Jan 2 14:20:28 2019 us=719732 status_file = '[UNDEF]'
Wed Jan 2 14:20:28 2019 us=719748 status_file_version = 1
Wed Jan 2 14:20:28 2019 us=719764 status_file_update_freq = 60
Wed Jan 2 14:20:28 2019 us=719780 occ = ENABLED
Wed Jan 2 14:20:28 2019 us=719796 rcvbuf = 0
Wed Jan 2 14:20:28 2019 us=719812 sndbuf = 0
Wed Jan 2 14:20:28 2019 us=719828 sockflags = 0
Wed Jan 2 14:20:28 2019 us=719844 fast_io = DISABLED
Wed Jan 2 14:20:28 2019 us=719861 comp.alg = 2
Wed Jan 2 14:20:28 2019 us=719877 comp.flags = 1
Wed Jan 2 14:20:28 2019 us=719893 route_script = '[UNDEF]'
Wed Jan 2 14:20:28 2019 us=719909 route_default_gateway = '[UNDEF]'
Wed Jan 2 14:20:28 2019 us=719925 route_default_metric = 0
Wed Jan 2 14:20:28 2019 us=719941 route_noexec = DISABLED
Wed Jan 2 14:20:28 2019 us=719958 route_delay = 0
Wed Jan 2 14:20:28 2019 us=719974 route_delay_window = 30
Wed Jan 2 14:20:28 2019 us=719990 route_delay_defined = DISABLED
Wed Jan 2 14:20:28 2019 us=720006 route_nopull = DISABLED
Wed Jan 2 14:20:28 2019 us=720023 route_gateway_via_dhcp = DISABLED
Wed Jan 2 14:20:28 2019 us=720039 allow_pull_fqdn = DISABLED
Wed Jan 2 14:20:28 2019 us=720060 route 172.16.8.0/255.255.255.0/default (not set)/default (not set)
Wed Jan 2 14:20:28 2019 us=720077 management_addr = '[UNDEF]'
Wed Jan 2 14:20:28 2019 us=720094 management_port = '[UNDEF]'
Wed Jan 2 14:20:28 2019 us=720110 management_user_pass = '[UNDEF]'
Wed Jan 2 14:20:28 2019 us=720126 management_log_history_cache = 250
Wed Jan 2 14:20:28 2019 us=720143 management_echo_buffer_size = 100
Wed Jan 2 14:20:28 2019 us=720159 management_write_peer_info_file = '[UNDEF]'
Wed Jan 2 14:20:28 2019 us=720175 management_client_user = '[UNDEF]'
Wed Jan 2 14:20:28 2019 us=720191 management_client_group = '[UNDEF]'
Wed Jan 2 14:20:28 2019 us=720208 management_flags = 0
Wed Jan 2 14:20:28 2019 us=720224 shared_secret_file = '[UNDEF]'
Wed Jan 2 14:20:28 2019 us=720240 key_direction = 0
Wed Jan 2 14:20:28 2019 us=720257 ciphername = 'AES-256-CBC'
Wed Jan 2 14:20:28 2019 us=720273 ncp_enabled = ENABLED
Wed Jan 2 14:20:28 2019 us=720289 ncp_ciphers = 'AES-256-GCM:AES-128-GCM'
Wed Jan 2 14:20:28 2019 us=720305 authname = 'SHA256'
Wed Jan 2 14:20:28 2019 us=720322 prng_hash = 'SHA1'
Wed Jan 2 14:20:28 2019 us=720338 prng_nonce_secret_len = 16
Wed Jan 2 14:20:28 2019 us=720354 keysize = 0
Wed Jan 2 14:20:28 2019 us=720370 engine = DISABLED
Wed Jan 2 14:20:28 2019 us=720387 replay = ENABLED
Wed Jan 2 14:20:28 2019 us=720403 mute_replay_warnings = DISABLED
Wed Jan 2 14:20:28 2019 us=720419 replay_window = 64
Wed Jan 2 14:20:28 2019 us=720435 replay_time = 15
Wed Jan 2 14:20:28 2019 us=720452 packet_id_file = '[UNDEF]'
Wed Jan 2 14:20:28 2019 us=720468 use_iv = ENABLED
Wed Jan 2 14:20:28 2019 us=720484 test_crypto = DISABLED
Wed Jan 2 14:20:28 2019 us=720500 tls_server = ENABLED
Wed Jan 2 14:20:28 2019 us=720517 tls_client = DISABLED
Wed Jan 2 14:20:28 2019 us=720533 key_method = 2
Wed Jan 2 14:20:28 2019 us=720549 ca_file = '/usr/local/share/easy-rsa/pki/ca.crt'
Wed Jan 2 14:20:28 2019 us=720566 ca_path = '[UNDEF]'
Wed Jan 2 14:20:28 2019 us=720582 dh_file = '/usr/local/share/easy-rsa/pki/dh.pem'
Wed Jan 2 14:20:28 2019 us=720598 cert_file = '/usr/local/share/easy-rsa/pki/issued/openvpn-server.crt'
Wed Jan 2 14:20:28 2019 us=720614 extra_certs_file = '[UNDEF]'
Wed Jan 2 14:20:28 2019 us=720631 priv_key_file = '/usr/local/share/easy-rsa/pki/private/openvpn-server.key'
Wed Jan 2 14:20:28 2019 us=720647 pkcs12_file = '[UNDEF]'
Wed Jan 2 14:20:28 2019 us=720663 cipher_list = '[UNDEF]'
Wed Jan 2 14:20:28 2019 us=720679 tls_cert_profile = '[UNDEF]'
Wed Jan 2 14:20:28 2019 us=720696 tls_verify = '[UNDEF]'
Wed Jan 2 14:20:28 2019 us=720712 tls_export_cert = '[UNDEF]'
Wed Jan 2 14:20:28 2019 us=720728 verify_x509_type = 0
Wed Jan 2 14:20:28 2019 us=720745 verify_x509_name = '[UNDEF]'
Wed Jan 2 14:20:28 2019 us=720761 crl_file = '[UNDEF]'
Wed Jan 2 14:20:28 2019 us=720777 ns_cert_type = 0
Wed Jan 2 14:20:28 2019 us=720793 remote_cert_ku = 0
Wed Jan 2 14:20:28 2019 us=720810 remote_cert_ku = 0
Wed Jan 2 14:20:28 2019 us=720826 remote_cert_ku = 0
Wed Jan 2 14:20:28 2019 us=720842 remote_cert_ku = 0
Wed Jan 2 14:20:28 2019 us=720858 remote_cert_ku = 0
Wed Jan 2 14:20:28 2019 us=720874 remote_cert_ku = 0
Wed Jan 2 14:20:28 2019 us=720890 remote_cert_ku = 0
Wed Jan 2 14:20:28 2019 us=720907 remote_cert_ku = 0
Wed Jan 2 14:20:28 2019 us=720923 remote_cert_ku = 0
Wed Jan 2 14:20:28 2019 us=720939 remote_cert_ku = 0
Wed Jan 2 14:20:28 2019 us=720955 remote_cert_ku[i] = 0
Wed Jan 2 14:20:28 2019 us=720971 remote_cert_ku[i] = 0
Wed Jan 2 14:20:28 2019 us=720987 remote_cert_ku[i] = 0
Wed Jan 2 14:20:28 2019 us=721004 remote_cert_ku[i] = 0
Wed Jan 2 14:20:28 2019 us=721020 remote_cert_ku[i] = 0
Wed Jan 2 14:20:28 2019 us=721036 remote_cert_ku[i] = 0
Wed Jan 2 14:20:28 2019 us=721056 remote_cert_eku = '[UNDEF]'
Wed Jan 2 14:20:28 2019 us=721072 ssl_flags = 0
Wed Jan 2 14:20:28 2019 us=721089 tls_timeout = 2
Wed Jan 2 14:20:28 2019 us=721105 renegotiate_bytes = -1
Wed Jan 2 14:20:28 2019 us=721121 renegotiate_packets = 0
Wed Jan 2 14:20:28 2019 us=721137 renegotiate_seconds = 3600
Wed Jan 2 14:20:28 2019 us=721154 handshake_window = 60
Wed Jan 2 14:20:28 2019 us=721170 transition_window = 3600
Wed Jan 2 14:20:28 2019 us=721186 single_session = DISABLED
Wed Jan 2 14:20:28 2019 us=721202 push_peer_info = DISABLED
Wed Jan 2 14:20:28 2019 us=721219 tls_exit = DISABLED
Wed Jan 2 14:20:28 2019 us=721235 tls_auth_file = '/usr/local/share/easy-rsa/pki/ta.key'
Wed Jan 2 14:20:28 2019 us=721251 tls_crypt_file = '[UNDEF]'
Wed Jan 2 14:20:28 2019 us=721269 server_network = 172.16.8.0
Wed Jan 2 14:20:28 2019 us=721287 server_netmask = 255.255.255.0
Wed Jan 2 14:20:28 2019 us=721306 server_network_ipv6 = ::
Wed Jan 2 14:20:28 2019 us=721323 server_netbits_ipv6 = 0
Wed Jan 2 14:20:28 2019 us=721340 server_bridge_ip = 0.0.0.0
Wed Jan 2 14:20:28 2019 us=721358 server_bridge_netmask = 0.0.0.0
Wed Jan 2 14:20:28 2019 us=721375 server_bridge_pool_start = 0.0.0.0
Wed Jan 2 14:20:28 2019 us=721393 server_bridge_pool_end = 0.0.0.0
Wed Jan 2 14:20:28 2019 us=721409 push_entry = 'route 10.8.0.0 255.255.255.0'
Wed Jan 2 14:20:28 2019 us=721426 push_entry = 'route 172.16.8.1'
Wed Jan 2 14:20:28 2019 us=721445 push_entry = 'topology net30'
Wed Jan 2 14:20:28 2019 us=721462 push_entry = 'ping 10'
Wed Jan 2 14:20:28 2019 us=721478 push_entry = 'ping-restart 120'
Wed Jan 2 14:20:28 2019 us=721494 ifconfig_pool_defined = ENABLED
Wed Jan 2 14:20:28 2019 us=721512 ifconfig_pool_start = 172.16.8.4
Wed Jan 2 14:20:28 2019 us=721529 ifconfig_pool_end = 172.16.8.251
Wed Jan 2 14:20:28 2019 us=721546 ifconfig_pool_netmask = 0.0.0.0
Wed Jan 2 14:20:28 2019 us=721563 ifconfig_pool_persist_filename = 'ipp.txt'
Wed Jan 2 14:20:28 2019 us=721579 ifconfig_pool_persist_refresh_freq = 600
Wed Jan 2 14:20:28 2019 us=721595 ifconfig_ipv6_pool_defined = DISABLED
Wed Jan 2 14:20:28 2019 us=721612 ifconfig_ipv6_pool_base = ::
Wed Jan 2 14:20:28 2019 us=721628 ifconfig_ipv6_pool_netbits = 0
Wed Jan 2 14:20:28 2019 us=721644 n_bcast_buf = 256
Wed Jan 2 14:20:28 2019 us=721660 tcp_queue_limit = 64
Wed Jan 2 14:20:28 2019 us=721677 real_hash_size = 256
Wed Jan 2 14:20:28 2019 us=721693 virtual_hash_size = 256
Wed Jan 2 14:20:28 2019 us=721709 client_connect_script = '[UNDEF]'
Wed Jan 2 14:20:28 2019 us=721725 learn_address_script = '[UNDEF]'
Wed Jan 2 14:20:28 2019 us=721742 client_disconnect_script = '[UNDEF]'
Wed Jan 2 14:20:28 2019 us=721758 client_config_dir = '[UNDEF]'
Wed Jan 2 14:20:28 2019 us=721774 ccd_exclusive = DISABLED
Wed Jan 2 14:20:28 2019 us=721790 tmp_dir = '/tmp'
Wed Jan 2 14:20:28 2019 us=721806 push_ifconfig_defined = DISABLED
Wed Jan 2 14:20:28 2019 us=721823 push_ifconfig_local = 0.0.0.0
Wed Jan 2 14:20:28 2019 us=721841 push_ifconfig_remote_netmask = 0.0.0.0
Wed Jan 2 14:20:28 2019 us=721857 push_ifconfig_ipv6_defined = DISABLED
Wed Jan 2 14:20:28 2019 us=721874 push_ifconfig_ipv6_local = ::/0
Wed Jan 2 14:20:28 2019 us=721891 push_ifconfig_ipv6_remote = ::
Wed Jan 2 14:20:28 2019 us=721907 enable_c2c = DISABLED
Wed Jan 2 14:20:28 2019 us=721923 duplicate_cn = DISABLED
Wed Jan 2 14:20:28 2019 us=721939 cf_max = 0
Wed Jan 2 14:20:28 2019 us=721956 cf_per = 0
Wed Jan 2 14:20:28 2019 us=721972 max_clients = 1024
Wed Jan 2 14:20:28 2019 us=721988 max_routes_per_client = 256
Wed Jan 2 14:20:28 2019 us=722004 auth_user_pass_verify_script = '[UNDEF]'
Wed Jan 2 14:20:28 2019 us=722020 auth_user_pass_verify_script_via_file = DISABLED
Wed Jan 2 14:20:28 2019 us=722037 auth_token_generate = DISABLED
Wed Jan 2 14:20:28 2019 us=722059 auth_token_lifetime = 0
Wed Jan 2 14:20:28 2019 us=722077 port_share_host = '[UNDEF]'
Wed Jan 2 14:20:28 2019 us=722093 port_share_port = '[UNDEF]'
Wed Jan 2 14:20:28 2019 us=722109 client = DISABLED
Wed Jan 2 14:20:28 2019 us=722125 pull = DISABLED
Wed Jan 2 14:20:28 2019 us=722142 auth_user_pass_file = '[UNDEF]'
Wed Jan 2 14:20:28 2019 us=722163 OpenVPN 2.4.6 amd64-portbld-freebsd10.4 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Sep 29 2018
Wed Jan 2 14:20:28 2019 us=722184 library versions: OpenSSL 1.0.1s-freebsd 1 Mar 2016, LZO 2.10
Wed Jan 2 14:20:28 2019 us=722639 NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x. Be aware that this might create routing conflicts if you connect to the VPN server from public locations such as internet cafes that use the same subnet.
Wed Jan 2 14:20:28 2019 us=723082 Diffie-Hellman initialized with 2048 bit key
Wed Jan 2 14:20:28 2019 us=723861 Failed to extract curve from certificate (UNDEF), using secp384r1 instead.
Wed Jan 2 14:20:28 2019 us=723903 ECDH curve secp384r1 added
Wed Jan 2 14:20:28 2019 us=724070 Outgoing Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Wed Jan 2 14:20:28 2019 us=724100 Incoming Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Wed Jan 2 14:20:28 2019 us=724128 TLS-Auth MTU parms [ L:1622 D:1172 EF:78 EB:0 ET:0 EL:3 ]
Wed Jan 2 14:20:28 2019 us=724232 ROUTE_GATEWAY 192.168.1.1/255.255.255.0 IFACE=epair2b HWADDR=ba:07:c6:7f:65:e9
Wed Jan 2 14:20:28 2019 us=724305 TUN/TAP device /dev/tun0 opened
Wed Jan 2 14:20:28 2019 us=724333 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Wed Jan 2 14:20:28 2019 us=724364 /sbin/ifconfig tun0 172.16.8.1 172.16.8.2 mtu 1500 netmask 255.255.255.255 up
Wed Jan 2 14:20:28 2019 us=725840 /sbin/route add -net 172.16.8.0 172.16.8.2 255.255.255.0
add net 172.16.8.0: gateway 172.16.8.2
Wed Jan 2 14:20:28 2019 us=726768 Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
Wed Jan 2 14:20:28 2019 us=739035 Could not determine IPv4/IPv6 protocol. Using AF_INET6
Wed Jan 2 14:20:28 2019 us=739078 Socket Buffers: R=[42080->42080] S=[9216->9216]
Wed Jan 2 14:20:28 2019 us=739100 setsockopt(IPV6_V6ONLY=0)
Wed Jan 2 14:20:28 2019 us=739133 UDPv6 link local (bound): [AF_INET6][undef]:10011
Wed Jan 2 14:20:28 2019 us=739155 UDPv6 link remote: [AF_UNSPEC]
Wed Jan 2 14:20:28 2019 us=739178 GID set to nobody
Wed Jan 2 14:20:28 2019 us=739204 UID set to nobody
Wed Jan 2 14:20:28 2019 us=739227 MULTI: multi_init called, r=256 v=256
Wed Jan 2 14:20:28 2019 us=739267 IFCONFIG POOL: base=172.16.8.4 size=62, ipv6=0
Wed Jan 2 14:20:28 2019 us=739316 ifconfig_pool_read(), in='*hidden* nas ca,172.16.8.4', TODO: IPv6
Wed Jan 2 14:20:28 2019 us=739340 succeeded -> ifconfig_pool_set()
Wed Jan 2 14:20:28 2019 us=739364 IFCONFIG POOL LIST
Wed Jan 2 14:20:28 2019 us=739384 *hidden* nas ca,172.16.8.4
Wed Jan 2 14:20:28 2019 us=739428 Initialization Sequence Completed
Wed Jan 2 14:20:48 2019 us=980325 MULTI: multi_create_instance called
Wed Jan 2 14:20:48 2019 us=980419 82.132.xxx.xxx Re-using SSL/TLS context
Wed Jan 2 14:20:48 2019 us=980447 82.132.xxx.xxx LZO compression initializing
Wed Jan 2 14:20:48 2019 us=980594 82.132.xxx.xxx Control Channel MTU parms [ L:1622 D:1172 EF:78 EB:0 ET:0 EL:3 ]
Wed Jan 2 14:20:48 2019 us=980627 82.132.xxx.xxx Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
Wed Jan 2 14:20:48 2019 us=980680 82.132.xxx.xxx Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1570,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 0,cipher AES-256-CBC,auth SHA256,keysize 256,tls-auth,key-method 2,tls-server'
Wed Jan 2 14:20:48 2019 us=980704 82.132.xxx.xxx Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1570,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher AES-256-CBC,auth SHA256,keysize 256,tls-auth,key-method 2,tls-client'
Wed Jan 2 14:20:48 2019 us=980750 82.132.xxx.xxx TLS: Initial packet from [AF_INET6]::ffff:82.132.xxx.xxx:17906, sid=82b2d8b7 74d11088
Wed Jan 2 14:20:49 2019 us=206291 82.132.xxx.xxx PID_ERR replay-window backtrack occurred [1] [TLS_WRAP-0] [0_0001] 1546467648:6 1546467648:5 t=1546467649[0] r=[-1,64,15,1,1] sl=[58,6,64,528]
Wed Jan 2 14:20:49 2019 us=206576 82.132.xxx.xxx VERIFY OK: depth=1, CN=*hidden* nas ca
Wed Jan 2 14:20:49 2019 us=206832 82.132.xxx.xxx VERIFY OK: depth=0, CN=*hidden* nas ca
Wed Jan 2 14:20:49 2019 us=270040 82.132.xxx.xxx peer info: IV_GUI_VER=OC30Android
Wed Jan 2 14:20:49 2019 us=270077 82.132.xxx.xxx peer info: IV_VER=3.2
Wed Jan 2 14:20:49 2019 us=270101 82.132.xxx.xxx peer info: IV_PLAT=android
Wed Jan 2 14:20:49 2019 us=270123 82.132.xxx.xxx peer info: IV_NCP=2
Wed Jan 2 14:20:49 2019 us=270145 82.132.xxx.xxx peer info: IV_TCPNL=1
Wed Jan 2 14:20:49 2019 us=270166 82.132.xxx.xxx peer info: IV_PROTO=2
Wed Jan 2 14:20:49 2019 us=270187 82.132.xxx.xxx peer info: IV_LZO=1
Wed Jan 2 14:20:49 2019 us=270209 82.132.xxx.xxx peer info: IV_IPv6=0
Wed Jan 2 14:20:49 2019 us=270230 82.132.xxx.xxx peer info: IV_AUTO_SESS=1
Wed Jan 2 14:20:49 2019 us=330927 82.132.xxx.xxx Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Wed Jan 2 14:20:49 2019 us=330974 82.132.xxx.xxx [*hidden* nas ca] Peer Connection Initiated with [AF_INET6]::ffff:82.132.xxx.xxx:17906
Wed Jan 2 14:20:49 2019 us=331015 *hidden* nas ca/82.132.xxx.xxx MULTI_sva: pool returned IPv4=172.16.8.6, IPv6=(Not enabled)
Wed Jan 2 14:20:49 2019 us=331079 *hidden* nas ca/82.132.xxx.xxx MULTI: Learn: 172.16.8.6 -> *hidden* nas ca/82.132.xxx.xxx
Wed Jan 2 14:20:49 2019 us=331102 *hidden* nas ca/82.132.xxx.xxx MULTI: primary virtual IP for *hidden* nas ca/82.132.xxx.xxx: 172.16.8.6
Wed Jan 2 14:20:49 2019 us=339968 *hidden* nas ca/82.132.xxx.xxx PUSH: Received control message: 'PUSH_REQUEST'
Wed Jan 2 14:20:49 2019 us=340022 *hidden* nas ca/82.132.xxx.xxx SENT CONTROL [*hidden* nas ca]: 'PUSH_REPLY,route 10.8.0.0 255.255.255.0,route 172.16.8.1,topology net30,ping 10,ping-restart 120,ifconfig 172.16.8.6 172.16.8.5,peer-id 0,cipher AES-256-GCM' (status=1)
Wed Jan 2 14:20:49 2019 us=340046 *hidden* nas ca/82.132.xxx.xxx Data Channel: using negotiated cipher 'AES-256-GCM'
Wed Jan 2 14:20:49 2019 us=340073 *hidden* nas ca/82.132.xxx.xxx Data Channel MTU parms [ L:1550 D:1450 EF:50 EB:406 ET:0 EL:3 ]
Wed Jan 2 14:20:49 2019 us=340188 *hidden* nas ca/82.132.xxx.xxx Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Wed Jan 2 14:20:49 2019 us=340214 *hidden* nas ca/82.132.xxx.xxx Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Wed Jan 2 14:20:49 2019 us=576081 *hidden* nas ca/82.132.xxx.xxx MULTI: bad source address from client [10.145.xxx.xxx], packet dropped
Wed Jan 2 14:20:49 2019 us=676156 *hidden* nas ca/82.132.xxx.xxx MULTI: bad source address from client [10.145.xxx.xxx], packet dropped
Wed Jan 2 14:20:49 2019 us=910075 *hidden* nas ca/82.132.xxx.xxx MULTI: bad source address from client [10.145.xxx.xxx], packet dropped
Wed Jan 2 14:20:50 2019 us=429160 *hidden* nas ca/82.132.xxx.xxx MULTI: bad source address from client [10.145.xxx.xxx], packet dropped
Wed Jan 2 14:20:51 2019 us=321248 *hidden* nas ca/82.132.xxx.xxx MULTI: bad source address from client [10.145.xxx.xxx], packet dropped
Wed Jan 2 14:21:13 2019 us=328092 *hidden* nas ca/82.132.xxx.xxx SIGTERM[soft,remote-exit] received, client-instance exiting

mattlev2
OpenVpn Newbie
Posts: 12
Joined: Fri Dec 28, 2018 12:11 pm

Re: vpn connects but no traffic

Post by mattlev2 » Fri Jan 04, 2019 1:00 pm

Bump bump bump bump

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: vpn connects but no traffic

Post by TinCanTech » Fri Jan 04, 2019 2:20 pm

mattlev2 wrote:
Wed Jan 02, 2019 10:24 pm
i was unable to get a log from the client side, not sure if thats a restriction of android?
Everybody else manages to get the client log from Android.

mattlev2
OpenVpn Newbie
Posts: 12
Joined: Fri Dec 28, 2018 12:11 pm

Re: vpn connects but no traffic

Post by mattlev2 » Fri Jan 04, 2019 3:15 pm

TinCanTech wrote:
Fri Jan 04, 2019 2:20 pm
mattlev2 wrote:
Wed Jan 02, 2019 10:24 pm
i was unable to get a log from the client side, not sure if thats a restriction of android?
Everybody else manages to get the client log from Android.
I have verb 4 in the .ovpn file and it doesn't output any log

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: vpn connects but no traffic

Post by TinCanTech » Fri Jan 04, 2019 5:44 pm

All I can tell you is your VPN (and therefore OpenVPN) is working.

If you cannot find the client log then we cannot verify how the client is behaving
and therefore cannot advise you as to any apparent errors.

The rest of the problems you are having are related to your FreeNAS OS, which we do not support.

If all else fails you can contact me privately: tincanteksup <at> gmail

mattlev2
OpenVpn Newbie
Posts: 12
Joined: Fri Dec 28, 2018 12:11 pm

Re: vpn connects but no traffic

Post by mattlev2 » Fri Jan 04, 2019 7:13 pm

TinCanTech wrote:
Fri Jan 04, 2019 5:44 pm
All I can tell you is your VPN (and therefore OpenVPN) is working.

If you cannot find the client log then we cannot verify how the client is behaving
and therefore cannot advise you as to any apparent errors.

The rest of the problems you are having are related to your FreeNAS OS, which we do not support.

If all else fails you can contact me privately: tincanteksup <at> gmail
What do I put in my client config for the log?
I have got
verb 4
Log openvpn.log

It doesn't output anything to the phones storage

The client log would be stored on the client rather than the server right?

What about this part in the server log
us=321248 *hidden* nas ca/82.132.xxx.xxx MULTI: bad source address from client [10.145.xxx.xxx], packet dropped

Does this tell you anything?

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: vpn connects but no traffic

Post by TinCanTech » Fri Jan 04, 2019 7:48 pm

mattlev2 wrote:
Fri Jan 04, 2019 7:13 pm
What do I put in my client config for the log?
As far as I know the Android log is on by default ..

If you look here you will see lots of Android logs.
mattlev2 wrote:
Fri Jan 04, 2019 7:13 pm
The client log would be stored on the client rather than the server right?
yes .....
mattlev2 wrote:
Fri Jan 04, 2019 7:13 pm
What about this part in the server log
us=321248 *hidden* nas ca/82.132.xxx.xxx MULTI: bad source address from client [10.145.xxx.xxx], packet dropped

Does this tell you anything?
You can totally ignore that, it does not effect the VPN at all.

mattlev2
OpenVpn Newbie
Posts: 12
Joined: Fri Dec 28, 2018 12:11 pm

Re: vpn connects but no traffic

Post by mattlev2 » Fri Jan 04, 2019 9:14 pm

TinCanTech wrote:
Fri Jan 04, 2019 7:48 pm
mattlev2 wrote:
Fri Jan 04, 2019 7:13 pm
What do I put in my client config for the log?
As far as I know the Android log is on by default ..

If you look here you will see lots of Android logs.
mattlev2 wrote:
Fri Jan 04, 2019 7:13 pm
The client log would be stored on the client rather than the server right?
yes .....
mattlev2 wrote:
Fri Jan 04, 2019 7:13 pm
What about this part in the server log
us=321248 *hidden* nas ca/82.132.xxx.xxx MULTI: bad source address from client [10.145.xxx.xxx], packet dropped

Does this tell you anything?
You can totally ignore that, it does not effect the VPN at all.
Found it
Didn't realize it was within the app

client log

21:09:43.210 -- ----- OpenVPN Start -----

21:09:43.210 -- EVENT: CORE_THREAD_ACTIVE

21:09:43.213 -- Frame=512/2048/512 mssfix-ctrl=1250

21:09:43.216 -- UNUSED OPTIONS
4 [resolv-retry] [infinite]
5 [nobind]
6 [persist-key]
7 [persist-tun]
19 [verb] [4]
20 [log] [openvpn.log]


21:09:43.217 -- EVENT: RESOLVE

21:09:43.221 -- Contacting XX.xx.xx.xx:10011 via UDP

21:09:43.221 -- EVENT: WAIT

21:09:43.227 -- Connecting to [myddns]:10011 (XX.xx.xx.xx) via UDPv4

21:09:43.279 -- EVENT: CONNECTING

21:09:43.282 -- Tunnel Options:V4,dev-type tun,link-mtu 1570,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher AES-256-CBC,auth SHA256,keysize 256,tls-auth,key-method 2,tls-client

21:09:43.283 -- Creds: Username/Password

21:09:43.284 -- Peer Info:
IV_GUI_VER=OC30Android
IV_VER=3.2
IV_PLAT=android
IV_NCP=2
IV_TCPNL=1
IV_PROTO=2
IV_LZO=1
IV_IPv6=0
IV_AUTO_SESS=1


21:09:43.374 -- VERIFY OK : depth=1
cert. version : 3
serial number : CB:7D:FD:13:2F:0E:EF:78
issuer name : CN=hidden nas ca
subject name : CN=hidden nas ca
Issued on : 2018-12-28 08:59:41
expires on : 2028-12-25 08:59:41
signed using : RSA with SHA-256
RSA key size : 2048 bits
basic constraints : CA=true
key usage : Key Cert Sign, CRL Sign


21:09:43.375 -- VERIFY OK : depth=0
cert. version : 3
serial number : A1:C7:A3:CC:17:65:0C:73:F0:F1:5A:7F:9A:22:FC:5D
issuer name : CN=hidden nas ca
subject name : CN=openvpn-server
issued on : 2018-12-28 09:01:05
expires on : 2028-12-25 09:01:05
signed using : RSA with SHA-256
RSA key size : 2048 bits
basic constraints : CA=false
subject alt name : openvpn-server
key usage : Digital Signature, Key Encipherment
ext key usage : TLS Web Server Authentication


21:09:43.592 -- SSL Handshake: TLSv1.2/TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384

21:09:43.593 -- Session is ACTIVE

21:09:43.593 -- EVENT: GET_CONFIG

21:09:43.598 -- Sending PUSH_REQUEST to server...

21:09:43.670 -- OPTIONS:
0 [redirect-gateway] [def1]
1 [dhcp-option] [DNS] [192.168.1.1]
2 [route] [10.8.0.0] [255.255.255.0]
3 [route] [172.16.8.1]
4 [topology] [net30]
5 [ping] [10]
6 [ping-restart] [120]
7 [ifconfig] [172.16.8.6] [172.16.8.5]
8 [peer-id] [0]
9 [cipher] [AES-256-GCM]
10 [block-ipv6]


21:09:43.672 -- PROTOCOL OPTIONS:
cipher: AES-256-GCM
digest: SHA256
compress: LZO
peer ID: 0

21:09:43.674 -- EVENT: ASSIGN_IP

21:09:43.708 -- Connected via tun

21:09:43.709 -- LZO-ASYM init swap=0 asym=0

21:09:43.710 -- EVENT: CONNECTED info='@myddns.net:10011 (XX.xx.xx.xx) via /UDPv4 on tun/172.16.8.6/ gw=[172.16.8.5/]' trans=TO_CONNECTED
/oconf]

mattlev2
OpenVpn Newbie
Posts: 12
Joined: Fri Dec 28, 2018 12:11 pm

Re: vpn connects but no traffic

Post by mattlev2 » Fri Jan 04, 2019 9:16 pm

Sorry for the stupid questions I just wanted to make sure it didn't transfer client logs to the server storage

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: vpn connects but no traffic

Post by TinCanTech » Fri Jan 04, 2019 9:46 pm

You should wait for your log to complete

and stop using bbcode oconf for logs .. use code instead.

mattlev2
OpenVpn Newbie
Posts: 12
Joined: Fri Dec 28, 2018 12:11 pm

Re: vpn connects but no traffic

Post by mattlev2 » Sat Jan 05, 2019 8:23 am

TinCanTech wrote:
Fri Jan 04, 2019 9:46 pm
You should wait for your log to complete

and stop using bbcode oconf for logs .. use code instead.
Nothing changes after nearly 5 minutes of being connected

Code: Select all

08:15:50.233 -- ----- OpenVPN Start -----

08:15:50.234 -- EVENT: CORE_THREAD_ACTIVE

08:15:50.238 -- Frame=512/2048/512 mssfix-ctrl=1250

08:15:50.239 -- UNUSED OPTIONS
4 [resolv-retry] [infinite] 
5 [nobind] 
6 [persist-key] 
7 [persist-tun] 
19 [verb] [4] 
20 [log] [openvpn.log] 


08:15:50.239 -- EVENT: RESOLVE

08:15:50.242 -- Contacting XX.xx.xx.xx:10011 via UDP

08:15:50.242 -- EVENT: WAIT

08:15:50.245 -- Connecting to [myddns.net]:10011 (XX.xx.xx.xx) via UDPv4

08:15:50.380 -- EVENT: CONNECTING

08:15:50.384 -- Tunnel Options:V4,dev-type tun,link-mtu 1570,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher AES-256-CBC,auth SHA256,keysize 256,tls-auth,key-method 2,tls-client

08:15:50.385 -- Creds: Username/Password

08:15:50.385 -- Peer Info:
IV_GUI_VER=OC30Android
IV_VER=3.2
IV_PLAT=android
IV_NCP=2
IV_TCPNL=1
IV_PROTO=2
IV_LZO=1
IV_IPv6=0
IV_AUTO_SESS=1


08:15:50.462 -- VERIFY OK : depth=1
cert. version     : 3
serial number     : CB:7D:FD:13:2F:0E:EF:78
issuer name       : CN=hidden nas ca
subject name      : CN=hidden nas ca
issued  on        : 2018-12-28 08:59:41
expires on        : 2028-12-25 08:59:41
signed using      : RSA with SHA-256
RSA key size      : 2048 bits
basic constraints : CA=true
key usage         : Key Cert Sign, CRL Sign


08:15:50.463 -- VERIFY OK : depth=0
cert. version     : 3
serial number     : A1:C7:A3:CC:17:65:0C:73:F0:F1:5A:7F:9A:22:FC:5D
issuer name       : CN=hidden nas ca
subject name      : CN=openvpn-server
issued  on        : 2018-12-28 09:01:05
expires on        : 2028-12-25 09:01:05
signed using      : RSA with SHA-256
RSA key size      : 2048 bits
basic constraints : CA=false
subject alt name  : openvpn-server
key usage         : Digital Signature, Key Encipherment
ext key usage     : TLS Web Server Authentication


08:15:50.713 -- SSL Handshake: TLSv1.2/TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384

08:15:50.714 -- Session is ACTIVE

08:15:50.715 -- EVENT: GET_CONFIG

08:15:50.718 -- Sending PUSH_REQUEST to server...

08:15:50.782 -- OPTIONS:
0 [redirect-gateway] [def1] 
1 [dhcp-option] [DNS] [192.168.1.1] 
2 [route] [10.8.0.0] [255.255.255.0] 
3 [route] [172.16.8.1] 
4 [topology] [net30] 
5 [ping] [10] 
6 [ping-restart] [120] 
7 [ifconfig] [172.16.8.6] [172.16.8.5] 
8 [peer-id] [0] 
9 [cipher] [AES-256-GCM] 
10 [block-ipv6] 


08:15:50.783 -- PROTOCOL OPTIONS:
  cipher: AES-256-GCM
  digest: SHA256
  compress: LZO
  peer ID: 0

08:15:50.783 -- EVENT: ASSIGN_IP

08:15:50.829 -- Connected via tun

08:15:50.829 -- LZO-ASYM init swap=0 asym=0

08:15:50.830 -- EVENT: CONNECTED info='@myddns.net:10011 (XX.xx.xx.xx) via /UDPv4 on tun/172.16.8.6/ gw=[172.16.8.5/]' trans=TO_CONNECTED

08:19:36.663 -- EVENT: DISCONNECTED trans=TO_DISCONNECTED

08:19:36.666 -- EVENT: CORE_THREAD_INACTIVE

08:19:36.666 -- Tunnel bytes per CPU second: 0

08:19:36.667 -- ----- OpenVPN Stop -----
/code]

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: vpn connects but no traffic

Post by TinCanTech » Sun Jan 06, 2019 12:13 am

TinCanTech wrote:
Fri Jan 04, 2019 9:46 pm
You should wait for your log to complete
mattlev2 wrote:
Sat Jan 05, 2019 8:23 am
Nothing changes after nearly 5 minutes of being connected
Your server log .. :roll:

Post Reply