For the past few days, 1 user (among 20) isn't able to connect to OpenVPN Server. User is on Windows 10 (v10.0.18362) and tried with the latest OpenVPN client for windows available on OpenVPN website.
This is how the server logs look:
Code: Select all
[IP Address Masked]:59745 TLS: Username/Password authentication succeeded for username '[Username Masked]' [CN SET]
[IP Address Masked]:59745 [[Username Masked]] Peer Connection Initiated with [AF_INET][IP Address Masked]:59745
[Username Masked]/[IP Address Masked]:59745 MULTI_sva: pool returned IPv4=10.8.0.4, IPv6=(Not enabled)
[Username Masked]/[IP Address Masked]:59745 MULTI: Learn: 10.8.0.4 -> [Username Masked]/[IP Address Masked]:59745
[Username Masked]/[IP Address Masked]:59745 MULTI: primary virtual IP for [Username Masked]/[IP Address Masked]:59745: 10.8.0.4
[Username Masked]/[IP Address Masked]:59745 PUSH: Received control message: 'PUSH_REQUEST'
[Username Masked]/[IP Address Masked]:59745 SENT CONTROL [[Username Masked]]: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DOMAIN vpn.maxamation.com,dhcp-option DNS 10.1.1.157,route 10.8.0.0 255.255.255.0,route 10.1.1.0 255.255.255.0,redirect-gateway def1 bypass-dhcp,block-outside-dns,route-gateway 10.8.0.1,topology subnet,ping 10,ping-restart 120,ifconfig 10.8.0.4 255.255.255.0,peer-id 2,cipher AES-256-GCM' (status=1)
[Username Masked]/[IP Address Masked]:59745 Data Channel: using negotiated cipher 'AES-256-GCM'
[Username Masked]/[IP Address Masked]:59745 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
[Username Masked]/[IP Address Masked]:59745 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
[IP Address Masked]:59715 TLS: Username/Password authentication succeeded for username '[Username Masked]' [CN SET]
[IP Address Masked]:59715 [[Username Masked]] Peer Connection Initiated with [AF_INET][IP Address Masked]:59715
[Username Masked]/[IP Address Masked]:59715 MULTI_sva: pool returned IPv4=10.8.0.5, IPv6=(Not enabled)
[Username Masked]/[IP Address Masked]:59715 MULTI: Learn: 10.8.0.5 -> [Username Masked]/[IP Address Masked]:59715
[Username Masked]/[IP Address Masked]:59715 MULTI: primary virtual IP for [Username Masked]/[IP Address Masked]:59715: 10.8.0.5
[Username Masked]/[IP Address Masked]:59715 PUSH: Received control message: 'PUSH_REQUEST'
[Username Masked]/[IP Address Masked]:59715 SENT CONTROL [[Username Masked]]: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DOMAIN vpn.maxamation.com,dhcp-option DNS 10.1.1.157,route 10.8.0.0 255.255.255.0,route 10.1.1.0 255.255.255.0,redirect-gateway def1 bypass-dhcp,block-outside-dns,route-gateway 10.8.0.1,topology subnet,ping 10,ping-restart 120,ifconfig 10.8.0.5 255.255.255.0,peer-id 3,cipher AES-256-GCM' (status=1)
[Username Masked]/[IP Address Masked]:59715 Data Channel: using negotiated cipher 'AES-256-GCM'
[Username Masked]/[IP Address Masked]:59715 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
[Username Masked]/[IP Address Masked]:59715 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
[Username Masked]/[IP Address Masked]:59745 [[Username Masked]] Inactivity timeout (--ping-restart), restarting
[Username Masked]/[IP Address Masked]:59745 SIGUSR1[soft,ping-restart] received, client-instance restarting
[Username Masked]/[IP Address Masked]:59715 [[Username Masked]] Inactivity timeout (--ping-restart), restarting
[Username Masked]/[IP Address Masked]:59715 SIGUSR1[soft,ping-restart] received, client-instance restarting
[IP Address Masked]:59810 TLS: Username/Password authentication succeeded for username '[Username Masked]' [CN SET]
[IP Address Masked]:59810 [[Username Masked]] Peer Connection Initiated with [AF_INET][IP Address Masked]:59810
[Username Masked]/[IP Address Masked]:59810 MULTI_sva: pool returned IPv4=10.8.0.3, IPv6=(Not enabled)
[Username Masked]/[IP Address Masked]:59810 MULTI: Learn: 10.8.0.3 -> [Username Masked]/[IP Address Masked]:59810
[Username Masked]/[IP Address Masked]:59810 MULTI: primary virtual IP for [Username Masked]/[IP Address Masked]:59810: 10.8.0.3
[Username Masked]/[IP Address Masked]:59810 PUSH: Received control message: 'PUSH_REQUEST'
[Username Masked]/[IP Address Masked]:59810 SENT CONTROL [[Username Masked]]: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DOMAIN vpn.maxamation.com,dhcp-option DNS 10.1.1.157,route 10.8.0.0 255.255.255.0,route 10.1.1.0 255.255.255.0,redirect-gateway def1 bypass-dhcp,block-outside-dns,route-gateway 10.8.0.1,topology subnet,ping 10,ping-restart 120,ifconfig 10.8.0.3 255.255.255.0,peer-id 1,cipher AES-256-GCM' (status=1)
[Username Masked]/[IP Address Masked]:59810 Data Channel: using negotiated cipher 'AES-256-GCM'
[Username Masked]/[IP Address Masked]:59810 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
[Username Masked]/[IP Address Masked]:59810 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
[Username Masked]/[IP Address Masked]:59810 [[Username Masked]] Inactivity timeout (--ping-restart), restarting
[Username Masked]/[IP Address Masked]:59810 SIGUSR1[soft,ping-restart] received, client-instance restarting
[IP Address Masked]:59819 TLS: Username/Password authentication succeeded for username '[Username Masked]' [CN SET]
[IP Address Masked]:59819 [[Username Masked]] Peer Connection Initiated with [AF_INET][IP Address Masked]:59819
[Username Masked]/[IP Address Masked]:59819 MULTI_sva: pool returned IPv4=10.8.0.5, IPv6=(Not enabled)
[Username Masked]/[IP Address Masked]:59819 MULTI: Learn: 10.8.0.5 -> [Username Masked]/[IP Address Masked]:59819
[Username Masked]/[IP Address Masked]:59819 MULTI: primary virtual IP for [Username Masked]/[IP Address Masked]:59819: 10.8.0.5
[Username Masked]/[IP Address Masked]:59819 PUSH: Received control message: 'PUSH_REQUEST'
[Username Masked]/[IP Address Masked]:59819 SENT CONTROL [[Username Masked]]: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DOMAIN vpn.maxamation.com,dhcp-option DNS 10.1.1.157,route 10.8.0.0 255.255.255.0,route 10.1.1.0 255.255.255.0,redirect-gateway def1 bypass-dhcp,block-outside-dns,route-gateway 10.8.0.1,topology subnet,ping 10,ping-restart 120,ifconfig 10.8.0.5 255.255.255.0,peer-id 3,cipher AES-256-GCM' (status=1)
[Username Masked]/[IP Address Masked]:59819 Data Channel: using negotiated cipher 'AES-256-GCM'
[Username Masked]/[IP Address Masked]:59819 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
[Username Masked]/[IP Address Masked]:59819 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
[Username Masked]/[IP Address Masked]:59819 [[Username Masked]] Inactivity timeout (--ping-restart), restarting
[Username Masked]/[IP Address Masked]:59819 SIGUSR1[soft,ping-restart] received, client-instance restarting
The client logs say:
Code: Select all
POST np://[\\.\pipe\agent_ovpnconnect]/tun-setup : 400 Bad Request
TAP ADAPTERS:
guid='{B02F5201-98C2-4FC9-A4D0-ED29A27F1384}' index=18 name='Ethernet 7'
Open TAP device "Ethernet 7" PATH="\\.\Global\{B02F5201-98C2-4FC9-A4D0-ED29A27F1384}.tap" SUCCEEDED
TAP-Windows Driver Version 9.23
Destroyed previous TAP instance due to exception
tun_win_setup: redirect-gateway error: cannot detect default gateway
⏎12/10/2020, 09:21:16 TUN Error: ovpnagent: request error
⏎12/10/2020, 09:21:16 Client exception in transport_recv: tun_exception: not connected
⏎12/10/2020, 09:21:16 EVENT: TUN_SETUP_FAILED ovpnagent: request error⏎12/10/2020, 09:21:16 EVENT: DISCONNECTED ⏎12/10/2020, 09:23:49 OpenVPN core 3.git::f225fcd0 win x86_64 64-bit PT_PROXY built on Mar 19 2020 21:16:20
⏎12/10/2020, 09:23:49 Frame=512/2048/512 mssfix-ctrl=1250
Upto a few days back the client logs looked like this, when it was working fine.
Code: Select all
POST np://[\\.\pipe\agent_ovpnconnect]/tun-setup : 200 OK
TAP ADAPTERS:
guid='{B02F5201-98C2-4FC9-A4D0-ED29A27F1384}' index=18 name='Ethernet 7'
Open TAP device "Ethernet 7" PATH="\\.\Global\{B02F5201-98C2-4FC9-A4D0-ED29A27F1384}.tap" SUCCEEDED
TAP-Windows Driver Version 9.23
ActionDeleteAllRoutesOnInterface iface_index=18
But now the client log says, and user is not able to connect:
Code: Select all
POST np://[\\.\pipe\agent_ovpnconnect]/tun-setup : 400 Bad Request
TAP ADAPTERS:
guid='{B02F5201-98C2-4FC9-A4D0-ED29A27F1384}' index=18 name='Ethernet 7'
Open TAP device "Ethernet 7" PATH="\\.\Global\{B02F5201-98C2-4FC9-A4D0-ED29A27F1384}.tap" SUCCEEDED
TAP-Windows Driver Version 9.23
Destroyed previous TAP instance due to exception
tun_win_setup: redirect-gateway error: cannot detect default gateway
⏎12/10/2020, 09:21:16 TUN Error: ovpnagent: request error
⏎12/10/2020, 09:21:16 Client exception in transport_recv: tun_exception: not connected
⏎12/10/2020, 09:21:16 EVENT: TUN_SETUP_FAILED ovpnagent: request error⏎12/10/2020, 09:21:16 EVENT: DISCONNECTED ⏎12/10/2020, 09:23:49 OpenVPN core 3.git::f225fcd0 win x86_64 64-bit PT_PROXY built on Mar 19 2020 21:16:20
⏎12/10/2020, 09:23:49 Frame=512/2048/512 mssfix-ctrl=1250
User has tried restarting laptop and has ensured that no other VPN was on and the firewalls were off when he tried connecting.