tls_read_plaintext error
Posted: Thu Jul 16, 2015 2:22 pm
Folks I'm really stuck. I'm trying to setup ECC for openvpn and got an error.
Could you help me, because I really don't know how to solve that issue.
Versions:
CA cert info:
Server cert info:
Client cert info:
Server conf:
Client conf:
Server log:
Client log:
Could you help me, because I really don't know how to solve that issue.
Versions:
Code: Select all
OpenSSL 1.0.1k 8 Jan 2015
OpenVPN 2.3.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jun 8 2015
library versions: OpenSSL 1.0.1k 8 Jan 2015, LZO 2.08
Originally developed by James Yonan
Copyright (C) 2002-2010 OpenVPN Technologies, Inc. <sales@openvpn.net>
Compile time defines: enable_crypto=yes enable_crypto_ofb_cfb=yes enable_debug=no enable_def_auth=yes enable_dlopen=unknown enable_dlopen_self=unknown enable_dlopen_self_static=unknown enable_fast_install=yes enable_fragment=yes enable_http_proxy=yes enable_iproute2=no enable_libtool_lock=yes enable_lzo=yes enable_lzo_stub=no enable_management=yes enable_multi=yes enable_multihome=yes enable_pam_dlopen=no enable_password_save=yes enable_pedantic=no enable_pf=yes enable_pkcs11=yes enable_plugin_auth_pam=yes enable_plugin_down_root=yes enable_plugins=yes enable_port_share=yes enable_selinux=no enable_server=yes enable_shared=yes enable_shared_with_static_runtimes=no enable_small=no enable_socks=yes enable_ssl=yes enable_static=yes enable_strict=no enable_strict_options=no enable_systemd=no enable_win32_dll=yes enable_x509_alt_username=no with_crypto_library=openssl with_gnu_ld=yes with_mem_check=no with_plugindir='$(libdir)/openvpn/plugins' with_sysroot=no
Code: Select all
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13420793709862672151 (0xba403cc5d0295717)
Signature Algorithm: ecdsa-with-SHA256
Issuer: C=US, ST=NY, L=New York, O=SFS co., OU=SFS CA-center, CN=CA_center
Validity
Not Before: Jul 16 11:10:28 2015 GMT
Not After : Jun 22 11:10:28 2115 GMT
Subject: C=US, ST=NY, L=New York, O=SFS co., OU=SFS CA-center, CN=CA_center
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (256 bit)
pub:
04:9e:3f:62:38:71:ac:fb:74:51:46:8e:4b:11:fa:
0a:52:f0:f3:05:e8:fe:03:b6:68:13:60:f8:89:e5:
e0:fb:1b:c3:82:46:20:0f:7a:71:bf:17:32:e0:c1:
4c:a1:40:83:6e:1b:52:5d:49:b7:46:57:a0:9d:99:
4b:ca:ac:d5:de
ASN1 OID: secp256k1
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:4B:E2:3A:0E:AF:22:3F:81:1C:77:EB:55:A9:69:64:04:6B:1A:5A
X509v3 Authority Key Identifier:
keyid:F8:4B:E2:3A:0E:AF:22:3F:81:1C:77:EB:55:A9:69:64:04:6B:1A:5A
X509v3 Basic Constraints:
CA:TRUE
Signature Algorithm: ecdsa-with-SHA256
30:44:02:20:63:2e:8d:00:f6:85:c5:e6:1c:13:d9:ff:52:1f:
ad:d8:41:2a:7a:ae:00:90:12:5f:64:d4:9d:c7:50:59:a9:84:
02:20:43:b0:53:fd:02:26:76:00:0b:db:fe:8c:09:39:8b:fc:
9d:c5:3f:14:53:d0:f0:2e:74:9b:90:39:74:53:9b:cf
-----BEGIN CERTIFICATE-----
MIICGzCCAcKgAwIBAgIJALpAPMXQKVcXMAoGCCqGSM49BAMCMGsxCzAJBgNVBAYT
AlVTMQswCQYDVQQIDAJOWTERMA8GA1UEBwwITmV3IFlvcmsxEDAOBgNVBAoMB1NG
UyBjby4xFjAUBgNVBAsMDVNGUyBDQS1jZW50ZXIxEjAQBgNVBAMMCUNBX2NlbnRl
cjAgFw0xNTA3MTYxMTEwMjhaGA8yMTE1MDYyMjExMTAyOFowazELMAkGA1UEBhMC
VVMxCzAJBgNVBAgMAk5ZMREwDwYDVQQHDAhOZXcgWW9yazEQMA4GA1UECgwHU0ZT
IGNvLjEWMBQGA1UECwwNU0ZTIENBLWNlbnRlcjESMBAGA1UEAwwJQ0FfY2VudGVy
MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEnj9iOHGs+3RRRo5LEfoKUvDzBej+A7Zo
E2D4ieXg+xvDgkYgD3pxvxcy4MFMoUCDbhtSXUm3RlegnZlLyqzV3qNQME4wHQYD
VR0OBBYEFPhL4joOryI/gRx361WpaWQEaxpaMB8GA1UdIwQYMBaAFPhL4joOryI/
gRx361WpaWQEaxpaMAwGA1UdEwQFMAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgYy6N
APaFxeYcE9n/Uh+t2EEqeq4AkBJfZNSdx1BZqYQCIEOwU/0CJnYAC9v+jAk5i/yd
xT8UU9DwLnSbkDl0U5vP
-----END CERTIFICATE-----
Code: Select all
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: ecdsa-with-SHA256
Issuer: C=US, ST=NY, L=New York, O=SFS co., OU=SFS CA-center, CN=CA_center
Validity
Not Before: Jul 16 11:23:43 2015 GMT
Not After : Jun 22 11:23:43 2115 GMT
Subject: C=US, ST=NY, L=New York, O=SFS co., OU=SFS vpnserver2, CN=vpnserver2
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (256 bit)
pub:
04:ce:54:3d:a9:01:48:53:89:8a:6a:e3:4f:48:14:
0f:de:a7:d5:ae:8d:dc:de:e8:12:7a:89:dc:fe:07:
e5:a2:d0:4d:10:2a:ba:0d:ee:ec:8e:36:73:b2:01:
e4:7a:d2:5f:23:db:54:f7:1d:18:cc:99:ef:49:6f:
24:f5:15:6d:66
ASN1 OID: secp256k1
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Cert Type:
SSL Server
Netscape Comment:
OpenSSL Generated Server Certificate
X509v3 Subject Key Identifier:
5A:8F:79:75:86:F3:0A:22:F6:40:45:90:30:66:2C:95:1D:EA:9D:01
X509v3 Authority Key Identifier:
keyid:F8:4B:E2:3A:0E:AF:22:3F:81:1C:77:EB:55:A9:69:64:04:6B:1A:5A
DirName:/C=US/ST=NY/L=New York/O=SFS co./OU=SFS CA-center/CN=CA_center
serial:BA:40:3C:C5:D0:29:57:17
X509v3 Extended Key Usage:
TLS Web Server Authentication
X509v3 Key Usage:
Digital Signature, Key Encipherment
Signature Algorithm: ecdsa-with-SHA256
30:44:02:20:5f:42:ff:ef:2d:ee:2a:14:6b:2a:3e:d0:b4:c0:
d5:54:68:9e:6e:64:1a:80:fe:c3:b9:ff:ac:51:54:d2:47:25:
02:20:6d:34:d4:d1:d3:f2:1f:a9:85:e8:83:0f:e7:e8:04:af:
96:65:da:8c:4d:b8:7f:29:ad:c8:cf:22:58:07:24:92
-----BEGIN CERTIFICATE-----
MIIC/zCCAqagAwIBAgIBAjAKBggqhkjOPQQDAjBrMQswCQYDVQQGEwJVUzELMAkG
A1UECAwCTlkxETAPBgNVBAcMCE5ldyBZb3JrMRAwDgYDVQQKDAdTRlMgY28uMRYw
FAYDVQQLDA1TRlMgQ0EtY2VudGVyMRIwEAYDVQQDDAlDQV9jZW50ZXIwIBcNMTUw
NzE2MTEyMzQzWhgPMjExNTA2MjIxMTIzNDNaMG0xCzAJBgNVBAYTAlVTMQswCQYD
VQQIDAJOWTERMA8GA1UEBwwITmV3IFlvcmsxEDAOBgNVBAoMB1NGUyBjby4xFzAV
BgNVBAsMDlNGUyB2cG5zZXJ2ZXIyMRMwEQYDVQQDDAp2cG5zZXJ2ZXIyMFYwEAYH
KoZIzj0CAQYFK4EEAAoDQgAEzlQ9qQFIU4mKauNPSBQP3qfVro3c3ugSeonc/gfl
otBNECq6De7sjjZzsgHketJfI9tU9x0YzJnvSW8k9RVtZqOCATgwggE0MAkGA1Ud
EwQCMAAwEQYJYIZIAYb4QgEBBAQDAgZAMDMGCWCGSAGG+EIBDQQmFiRPcGVuU1NM
IEdlbmVyYXRlZCBTZXJ2ZXIgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFFqPeXWG8woi
9kBFkDBmLJUd6p0BMIGdBgNVHSMEgZUwgZKAFPhL4joOryI/gRx361WpaWQEaxpa
oW+kbTBrMQswCQYDVQQGEwJVUzELMAkGA1UECAwCTlkxETAPBgNVBAcMCE5ldyBZ
b3JrMRAwDgYDVQQKDAdTRlMgY28uMRYwFAYDVQQLDA1TRlMgQ0EtY2VudGVyMRIw
EAYDVQQDDAlDQV9jZW50ZXKCCQC6QDzF0ClXFzATBgNVHSUEDDAKBggrBgEFBQcD
ATALBgNVHQ8EBAMCBaAwCgYIKoZIzj0EAwIDRwAwRAIgX0L/7y3uKhRrKj7QtMDV
VGiebmQagP7Duf+sUVTSRyUCIG001NHT8h+pheiDD+foBK+WZdqMTbh/Ka3IzyJY
BySS
-----END CERTIFICATE-----
Code: Select all
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: ecdsa-with-SHA256
Issuer: C=US, ST=NY, L=New York, O=SFS co., OU=SFS CA-center, CN=CA_center
Validity
Not Before: Jul 16 11:39:11 2015 GMT
Not After : Jun 22 11:39:11 2115 GMT
Subject: C=US, ST=NY, L=New York, O=SFS co., OU=SFS relay, CN=relay
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (256 bit)
pub:
04:2f:15:6f:74:c6:1b:26:5e:1a:73:76:bc:f0:65:
dc:f9:f3:4d:1f:d1:11:ff:b0:82:91:84:7a:b7:3c:
84:9f:47:1d:57:90:2a:02:c5:55:19:20:ad:7e:d7:
8f:1b:37:65:53:85:0e:59:c9:1d:ae:b1:15:cb:24:
24:87:d3:cf:ba
ASN1 OID: secp256k1
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Cert Type:
SSL Client, S/MIME
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
F1:B3:B2:52:31:79:77:F9:98:8A:EE:5B:93:D1:93:15:87:E0:1C:3C
X509v3 Authority Key Identifier:
keyid:F8:4B:E2:3A:0E:AF:22:3F:81:1C:77:EB:55:A9:69:64:04:6B:1A:5A
Signature Algorithm: ecdsa-with-SHA256
30:45:02:20:45:2c:4f:2c:fe:dc:7d:b9:e5:1b:e5:d9:0f:e7:
fc:c9:cf:f0:81:f4:1c:d3:e5:2d:09:85:32:3d:66:76:0d:49:
02:21:00:bd:61:50:ce:d7:53:a3:f7:b5:79:59:67:c6:9b:34:
f2:7c:60:bb:dc:c0:a5:b3:60:83:ac:d7:23:34:fe:d5:59
-----BEGIN CERTIFICATE-----
MIICTDCCAfKgAwIBAgIBBDAKBggqhkjOPQQDAjBrMQswCQYDVQQGEwJVUzELMAkG
A1UECAwCTlkxETAPBgNVBAcMCE5ldyBZb3JrMRAwDgYDVQQKDAdTRlMgY28uMRYw
FAYDVQQLDA1TRlMgQ0EtY2VudGVyMRIwEAYDVQQDDAlDQV9jZW50ZXIwIBcNMTUw
NzE2MTEzOTExWhgPMjExNTA2MjIxMTM5MTFaMGMxCzAJBgNVBAYTAlVTMQswCQYD
VQQIDAJOWTERMA8GA1UEBwwITmV3IFlvcmsxEDAOBgNVBAoMB1NGUyBjby4xEjAQ
BgNVBAsMCVNGUyByZWxheTEOMAwGA1UEAwwFcmVsYXkwVjAQBgcqhkjOPQIBBgUr
gQQACgNCAAQvFW90xhsmXhpzdrzwZdz5800f0RH/sIKRhHq3PISfRx1XkCoCxVUZ
IK1+148bN2VThQ5ZyR2usRXLJCSH08+6o4GPMIGMMAkGA1UdEwQCMAAwEQYJYIZI
AYb4QgEBBAQDAgWgMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBD
ZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQU8bOyUjF5d/mYiu5bk9GTFYfgHDwwHwYDVR0j
BBgwFoAU+EviOg6vIj+BHHfrValpZARrGlowCgYIKoZIzj0EAwIDSAAwRQIgRSxP
LP7cfbnlG+XZD+f8yc/wgfQc0+UtCYUyPWZ2DUkCIQC9YVDO11Oj97V5WWfGmzTy
fGC73MCls2CDrNcjNP7VWQ==
-----END CERTIFICATE-----
Code: Select all
port 80
proto udp
dev tun
tls-version-min 1.2
auth SHA256
tls-cipher TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256:TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256:TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256:TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256
cipher AES-256-CBC
cd /etc/openvpn
persist-key
persist-tun
tls-server
tls-timeout 120
dh /etc/openvpn/dh.pem
ca /etc/openvpn/ca.crt
cert /etc/openvpn/vpnserver2.crt
key /etc/openvpn/vpnserver2.key
tls-auth /etc/openvpn/ta.key 0
server 10.0.2.0 255.255.255.0
topology subnet
max-clients 5
push "dhcp-option DNS 8.8.8.8"
push route 10.0.2.0 255.255.255.0
#comp-lzo
keepalive 10 120
status-version 3
verb 6
mute 20
#push redirect-gateway
script-security 3
up /etc/openvpn/up
down /etc/openvpn/down
#sndbuf 0
#rcvbuf 0
#tun-mtu 1500
#fragment 1300
#mssfix
status /etc/openvpn/1
log-append /etc/openvpn/2
Code: Select all
client
port 80
dev tun1
proto udp
tls-version-min 1.2
auth SHA256
tls-cipher TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256:TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256:TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256:TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256
cipher AES-256-CBC
# VIRGINIA WINDOWS
remote 192.168.1.40
resolv-retry infinite
ca "/etc/openvpn/ca.crt"
cert "/etc/openvpn/relay.crt"
key "/etc/openvpn/relay.key"
tls-auth "/etc/openvpn/ta.key" 1
remote-cert-tls server
persist-key
persist-tun
#comp-lzo
verb 6
status-version 3
#tls-client
script-security 3 system
#sndbuf 0
#rcvbuf 0
#tun-mtu 1500
#fragment 1300
#mssfix 0
status /etc/openvpn/1
log-append /etc/openvpn/2
Code: Select all
Thu Jul 16 09:36:47 2015 us=73831 Current Parameter Settings:
Thu Jul 16 09:36:47 2015 us=73878 config = '/etc/openvpn/server.conf'
Thu Jul 16 09:36:47 2015 us=73886 mode = 1
Thu Jul 16 09:36:47 2015 us=73892 persist_config = DISABLED
Thu Jul 16 09:36:47 2015 us=73898 persist_mode = 1
Thu Jul 16 09:36:47 2015 us=73903 show_ciphers = DISABLED
Thu Jul 16 09:36:47 2015 us=73909 show_digests = DISABLED
Thu Jul 16 09:36:47 2015 us=73914 show_engines = DISABLED
Thu Jul 16 09:36:47 2015 us=73920 genkey = DISABLED
Thu Jul 16 09:36:47 2015 us=73925 key_pass_file = '[UNDEF]'
Thu Jul 16 09:36:47 2015 us=73931 show_tls_ciphers = DISABLED
Thu Jul 16 09:36:47 2015 us=73937 Connection profiles [default]:
Thu Jul 16 09:36:47 2015 us=73943 proto = udp
Thu Jul 16 09:36:47 2015 us=73948 local = '[UNDEF]'
Thu Jul 16 09:36:47 2015 us=73954 local_port = 80
Thu Jul 16 09:36:47 2015 us=73960 remote = '[UNDEF]'
Thu Jul 16 09:36:47 2015 us=73965 remote_port = 80
Thu Jul 16 09:36:47 2015 us=73971 remote_float = DISABLED
Thu Jul 16 09:36:47 2015 us=73976 bind_defined = DISABLED
Thu Jul 16 09:36:47 2015 us=73981 bind_local = ENABLED
Thu Jul 16 09:36:47 2015 us=73987 NOTE: --mute triggered...
Thu Jul 16 09:36:47 2015 us=73998 260 variation(s) on previous 20 message(s) suppressed by --mute
Thu Jul 16 09:36:47 2015 us=74036 OpenVPN 2.3.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jun 8 2015
Thu Jul 16 09:36:47 2015 us=74048 library versions: OpenSSL 1.0.1k 8 Jan 2015, LZO 2.08
Thu Jul 16 09:36:47 2015 us=76095 NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x. Be aware that this might create routing conflicts if you connect to the VPN server from public locations such as internet cafes that use the same subnet.
Thu Jul 16 09:36:47 2015 us=76111 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Thu Jul 16 09:36:47 2015 us=80990 Diffie-Hellman initialized with 2048 bit key
Thu Jul 16 09:36:47 2015 us=81305 WARNING: file '/etc/openvpn/vpnserver2.key' is group or others accessible
Thu Jul 16 09:36:47 2015 us=81494 WARNING: file '/etc/openvpn/ta.key' is group or others accessible
Thu Jul 16 09:36:47 2015 us=81504 Control Channel Authentication: using '/etc/openvpn/ta.key' as a OpenVPN static key file
Thu Jul 16 09:36:47 2015 us=81519 Outgoing Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Thu Jul 16 09:36:47 2015 us=81527 Incoming Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Thu Jul 16 09:36:47 2015 us=81538 TLS-Auth MTU parms [ L:1569 D:178 EF:78 EB:0 ET:0 EL:3 ]
Thu Jul 16 09:36:47 2015 us=81553 Socket Buffers: R=[212992->131072] S=[212992->131072]
Thu Jul 16 09:36:47 2015 us=82055 TUN/TAP device tun0 opened
Thu Jul 16 09:36:47 2015 us=82072 TUN/TAP TX queue length set to 100
Thu Jul 16 09:36:47 2015 us=82083 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Thu Jul 16 09:36:47 2015 us=82101 /sbin/ifconfig tun0 10.0.2.1 netmask 255.255.255.0 mtu 1500 broadcast 10.0.2.255
Thu Jul 16 09:36:47 2015 us=83555 /etc/openvpn/up tun0 1500 1569 10.0.2.1 255.255.255.0 init
Thu Jul 16 09:36:47 2015 us=91314 Data Channel MTU parms [ L:1569 D:1450 EF:69 EB:12 ET:0 EL:3 ]
Thu Jul 16 09:36:47 2015 us=91363 UDPv4 link local (bound): [undef]
Thu Jul 16 09:36:47 2015 us=91372 UDPv4 link remote: [undef]
Thu Jul 16 09:36:47 2015 us=91381 MULTI: multi_init called, r=256 v=256
Thu Jul 16 09:36:47 2015 us=91412 IFCONFIG POOL: base=10.0.2.2 size=252, ipv6=0
Thu Jul 16 09:36:47 2015 us=91431 Initialization Sequence Completed
Thu Jul 16 09:37:25 2015 us=775633 MULTI: multi_create_instance called
Thu Jul 16 09:37:25 2015 us=775707 192.168.1.41:80 Re-using SSL/TLS context
Thu Jul 16 09:37:25 2015 us=775816 192.168.1.41:80 Control Channel MTU parms [ L:1569 D:178 EF:78 EB:0 ET:0 EL:3 ]
Thu Jul 16 09:37:25 2015 us=775829 192.168.1.41:80 Data Channel MTU parms [ L:1569 D:1450 EF:69 EB:12 ET:0 EL:3 ]
Thu Jul 16 09:37:25 2015 us=775853 192.168.1.41:80 Local Options String: 'V4,dev-type tun,link-mtu 1569,tun-mtu 1500,proto UDPv4,keydir 0,cipher AES-256-CBC,auth SHA256,keysize 256,tls-auth,key-method 2,tls-server'
Thu Jul 16 09:37:25 2015 us=775888 192.168.1.41:80 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1569,tun-mtu 1500,proto UDPv4,keydir 1,cipher AES-256-CBC,auth SHA256,keysize 256,tls-auth,key-method 2,tls-client'
Thu Jul 16 09:37:25 2015 us=775927 192.168.1.41:80 Local Options hash (VER=V4): '66f5538f'
Thu Jul 16 09:37:25 2015 us=775943 192.168.1.41:80 Expected Remote Options hash (VER=V4): 'c7c95cbc'
Thu Jul 16 09:37:25 2015 us=775981 192.168.1.41:80 UDPv4 READ [54] from [AF_INET]192.168.1.41:80: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 pid=[ #1 ] [ ] pid=0 DATA len=0
Thu Jul 16 09:37:25 2015 us=775992 192.168.1.41:80 TLS: Initial packet from [AF_INET]192.168.1.41:80, sid=0888e384 fc142ae3
Thu Jul 16 09:37:25 2015 us=776015 192.168.1.41:80 UDPv4 WRITE [66] to [AF_INET]192.168.1.41:80: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 pid=[ #1 ] [ 0 ] pid=0 DATA len=0
Thu Jul 16 09:37:25 2015 us=776700 192.168.1.41:80 UDPv4 READ [62] from [AF_INET]192.168.1.41:80: P_ACK_V1 kid=0 pid=[ #2 ] [ 0 ]
Thu Jul 16 09:37:25 2015 us=776811 192.168.1.41:80 UDPv4 READ [154] from [AF_INET]192.168.1.41:80: P_CONTROL_V1 kid=0 pid=[ #3 ] [ ] pid=1 DATA len=100
Thu Jul 16 09:37:25 2015 us=776864 192.168.1.41:80 UDPv4 WRITE [62] to [AF_INET]192.168.1.41:80: P_ACK_V1 kid=0 pid=[ #2 ] [ 1 ]
Thu Jul 16 09:37:25 2015 us=776943 192.168.1.41:80 UDPv4 READ [119] from [AF_INET]192.168.1.41:80: P_CONTROL_V1 kid=0 pid=[ #4 ] [ ] pid=2 DATA len=65
Thu Jul 16 09:37:25 2015 us=777113 192.168.1.41:80 TLS_ERROR: BIO read tls_read_plaintext error: error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher
Thu Jul 16 09:37:25 2015 us=777125 192.168.1.41:80 TLS Error: TLS object -> incoming plaintext read error
Thu Jul 16 09:37:25 2015 us=777131 192.168.1.41:80 TLS Error: TLS handshake failed
Thu Jul 16 09:37:25 2015 us=777177 192.168.1.41:80 SIGUSR1[soft,tls-error] received, client-instance restarting
Thu Jul 16 09:38:20 2015 us=412364 event_wait : Interrupted system call (code=4)
Thu Jul 16 09:38:20 2015 us=412463 TCP/UDP: Closing socket
Thu Jul 16 09:38:20 2015 us=412493 Closing TUN/TAP interface
Thu Jul 16 09:38:20 2015 us=412505 /sbin/ifconfig tun0 0.0.0.0
Thu Jul 16 09:38:20 2015 us=425111 /etc/openvpn/down tun0 1500 1569 10.0.2.1 255.255.255.0 init
Thu Jul 16 09:38:20 2015 us=429263 SIGTERM[hard,] received, process exiting
Code: Select all
Thu Jul 16 09:37:25 2015 us=771667 Current Parameter Settings:
Thu Jul 16 09:37:25 2015 us=771710 config = '/etc/openvpn/client.conf'
Thu Jul 16 09:37:25 2015 us=771717 mode = 0
Thu Jul 16 09:37:25 2015 us=771723 persist_config = DISABLED
Thu Jul 16 09:37:25 2015 us=771729 persist_mode = 1
Thu Jul 16 09:37:25 2015 us=771735 show_ciphers = DISABLED
Thu Jul 16 09:37:25 2015 us=771740 show_digests = DISABLED
Thu Jul 16 09:37:25 2015 us=771746 show_engines = DISABLED
Thu Jul 16 09:37:25 2015 us=771751 genkey = DISABLED
Thu Jul 16 09:37:25 2015 us=771757 key_pass_file = '[UNDEF]'
Thu Jul 16 09:37:25 2015 us=771762 show_tls_ciphers = DISABLED
Thu Jul 16 09:37:25 2015 us=771768 Connection profiles [default]:
Thu Jul 16 09:37:25 2015 us=771773 proto = udp
Thu Jul 16 09:37:25 2015 us=771858 local = '[UNDEF]'
Thu Jul 16 09:37:25 2015 us=771865 local_port = 80
Thu Jul 16 09:37:25 2015 us=771870 remote = '192.168.1.40'
Thu Jul 16 09:37:25 2015 us=771875 remote_port = 80
Thu Jul 16 09:37:25 2015 us=771880 remote_float = DISABLED
Thu Jul 16 09:37:25 2015 us=771886 bind_defined = DISABLED
Thu Jul 16 09:37:25 2015 us=771891 bind_local = ENABLED
Thu Jul 16 09:37:25 2015 us=771897 connect_retry_seconds = 5
Thu Jul 16 09:37:25 2015 us=771902 connect_timeout = 10
Thu Jul 16 09:37:25 2015 us=771907 connect_retry_max = 0
Thu Jul 16 09:37:25 2015 us=771913 socks_proxy_server = '[UNDEF]'
Thu Jul 16 09:37:25 2015 us=771918 socks_proxy_port = 0
Thu Jul 16 09:37:25 2015 us=771924 socks_proxy_retry = DISABLED
Thu Jul 16 09:37:25 2015 us=771929 tun_mtu = 1500
Thu Jul 16 09:37:25 2015 us=771934 tun_mtu_defined = ENABLED
Thu Jul 16 09:37:25 2015 us=771939 link_mtu = 1500
Thu Jul 16 09:37:25 2015 us=771945 link_mtu_defined = DISABLED
Thu Jul 16 09:37:25 2015 us=771950 tun_mtu_extra = 0
Thu Jul 16 09:37:25 2015 us=771955 tun_mtu_extra_defined = DISABLED
Thu Jul 16 09:37:25 2015 us=771960 mtu_discover_type = -1
Thu Jul 16 09:37:25 2015 us=771965 fragment = 0
Thu Jul 16 09:37:25 2015 us=771971 mssfix = 1450
Thu Jul 16 09:37:25 2015 us=771976 explicit_exit_notification = 0
Thu Jul 16 09:37:25 2015 us=771981 Connection profiles END
Thu Jul 16 09:37:25 2015 us=771986 remote_random = DISABLED
Thu Jul 16 09:37:25 2015 us=771991 ipchange = '[UNDEF]'
Thu Jul 16 09:37:25 2015 us=771996 dev = 'tun1'
Thu Jul 16 09:37:25 2015 us=772002 dev_type = '[UNDEF]'
Thu Jul 16 09:37:25 2015 us=772007 dev_node = '[UNDEF]'
Thu Jul 16 09:37:25 2015 us=772012 lladdr = '[UNDEF]'
Thu Jul 16 09:37:25 2015 us=772017 topology = 1
Thu Jul 16 09:37:25 2015 us=772022 tun_ipv6 = DISABLED
Thu Jul 16 09:37:25 2015 us=772027 ifconfig_local = '[UNDEF]'
Thu Jul 16 09:37:25 2015 us=772032 ifconfig_remote_netmask = '[UNDEF]'
Thu Jul 16 09:37:25 2015 us=772037 ifconfig_noexec = DISABLED
Thu Jul 16 09:37:25 2015 us=772042 ifconfig_nowarn = DISABLED
Thu Jul 16 09:37:25 2015 us=772048 ifconfig_ipv6_local = '[UNDEF]'
Thu Jul 16 09:37:25 2015 us=772053 ifconfig_ipv6_netbits = 0
Thu Jul 16 09:37:25 2015 us=772058 ifconfig_ipv6_remote = '[UNDEF]'
Thu Jul 16 09:37:25 2015 us=772063 shaper = 0
Thu Jul 16 09:37:25 2015 us=772068 mtu_test = 0
Thu Jul 16 09:37:25 2015 us=772073 mlock = DISABLED
Thu Jul 16 09:37:25 2015 us=772081 keepalive_ping = 0
Thu Jul 16 09:37:25 2015 us=772087 keepalive_timeout = 0
Thu Jul 16 09:37:25 2015 us=772092 inactivity_timeout = 0
Thu Jul 16 09:37:25 2015 us=772097 ping_send_timeout = 0
Thu Jul 16 09:37:25 2015 us=772102 ping_rec_timeout = 0
Thu Jul 16 09:37:25 2015 us=772108 ping_rec_timeout_action = 0
Thu Jul 16 09:37:25 2015 us=772113 ping_timer_remote = DISABLED
Thu Jul 16 09:37:25 2015 us=772118 remap_sigusr1 = 0
Thu Jul 16 09:37:25 2015 us=772123 persist_tun = ENABLED
Thu Jul 16 09:37:25 2015 us=772128 persist_local_ip = DISABLED
Thu Jul 16 09:37:25 2015 us=772133 persist_remote_ip = DISABLED
Thu Jul 16 09:37:25 2015 us=772138 persist_key = ENABLED
Thu Jul 16 09:37:25 2015 us=772143 passtos = DISABLED
Thu Jul 16 09:37:25 2015 us=772148 resolve_retry_seconds = 1000000000
Thu Jul 16 09:37:25 2015 us=772162 username = '[UNDEF]'
Thu Jul 16 09:37:25 2015 us=772167 groupname = '[UNDEF]'
Thu Jul 16 09:37:25 2015 us=772172 chroot_dir = '[UNDEF]'
Thu Jul 16 09:37:25 2015 us=772177 cd_dir = '/etc/openvpn'
Thu Jul 16 09:37:25 2015 us=772182 writepid = '/var/run/openvpn.client.pid'
Thu Jul 16 09:37:25 2015 us=772187 up_script = '[UNDEF]'
Thu Jul 16 09:37:25 2015 us=772192 down_script = '[UNDEF]'
Thu Jul 16 09:37:25 2015 us=772197 down_pre = DISABLED
Thu Jul 16 09:37:25 2015 us=772202 up_restart = DISABLED
Thu Jul 16 09:37:25 2015 us=772207 up_delay = DISABLED
Thu Jul 16 09:37:25 2015 us=772212 daemon = ENABLED
Thu Jul 16 09:37:25 2015 us=772217 inetd = 0
Thu Jul 16 09:37:25 2015 us=772221 log = ENABLED
Thu Jul 16 09:37:25 2015 us=772226 suppress_timestamps = DISABLED
Thu Jul 16 09:37:25 2015 us=772231 nice = 0
Thu Jul 16 09:37:25 2015 us=772236 verbosity = 6
Thu Jul 16 09:37:25 2015 us=772241 mute = 0
Thu Jul 16 09:37:25 2015 us=772246 status_file = '/etc/openvpn/1'
Thu Jul 16 09:37:25 2015 us=772251 status_file_version = 3
Thu Jul 16 09:37:25 2015 us=772256 status_file_update_freq = 60
Thu Jul 16 09:37:25 2015 us=772261 occ = ENABLED
Thu Jul 16 09:37:25 2015 us=772266 rcvbuf = 65536
Thu Jul 16 09:37:25 2015 us=772271 sndbuf = 65536
Thu Jul 16 09:37:25 2015 us=772276 mark = 0
Thu Jul 16 09:37:25 2015 us=772281 sockflags = 0
Thu Jul 16 09:37:25 2015 us=772286 fast_io = DISABLED
Thu Jul 16 09:37:25 2015 us=772291 lzo = 0
Thu Jul 16 09:37:25 2015 us=772296 route_script = '[UNDEF]'
Thu Jul 16 09:37:25 2015 us=772301 route_default_gateway = '[UNDEF]'
Thu Jul 16 09:37:25 2015 us=772306 route_default_metric = 0
Thu Jul 16 09:37:25 2015 us=772311 route_noexec = DISABLED
Thu Jul 16 09:37:25 2015 us=772317 route_delay = 0
Thu Jul 16 09:37:25 2015 us=772322 route_delay_window = 30
Thu Jul 16 09:37:25 2015 us=772327 route_delay_defined = DISABLED
Thu Jul 16 09:37:25 2015 us=772332 route_nopull = DISABLED
Thu Jul 16 09:37:25 2015 us=772337 route_gateway_via_dhcp = DISABLED
Thu Jul 16 09:37:25 2015 us=772342 max_routes = 100
Thu Jul 16 09:37:25 2015 us=772347 allow_pull_fqdn = DISABLED
Thu Jul 16 09:37:25 2015 us=772353 management_addr = '[UNDEF]'
Thu Jul 16 09:37:25 2015 us=772358 management_port = 0
Thu Jul 16 09:37:25 2015 us=772362 management_user_pass = '[UNDEF]'
Thu Jul 16 09:37:25 2015 us=772367 management_log_history_cache = 250
Thu Jul 16 09:37:25 2015 us=772372 management_echo_buffer_size = 100
Thu Jul 16 09:37:25 2015 us=772378 management_write_peer_info_file = '[UNDEF]'
Thu Jul 16 09:37:25 2015 us=772383 management_client_user = '[UNDEF]'
Thu Jul 16 09:37:25 2015 us=772388 management_client_group = '[UNDEF]'
Thu Jul 16 09:37:25 2015 us=772393 management_flags = 0
Thu Jul 16 09:37:25 2015 us=772398 shared_secret_file = '[UNDEF]'
Thu Jul 16 09:37:25 2015 us=772403 key_direction = 2
Thu Jul 16 09:37:25 2015 us=772408 ciphername_defined = ENABLED
Thu Jul 16 09:37:25 2015 us=772413 ciphername = 'AES-256-CBC'
Thu Jul 16 09:37:25 2015 us=772418 authname_defined = ENABLED
Thu Jul 16 09:37:25 2015 us=772423 authname = 'SHA256'
Thu Jul 16 09:37:25 2015 us=772428 prng_hash = 'SHA1'
Thu Jul 16 09:37:25 2015 us=772433 prng_nonce_secret_len = 16
Thu Jul 16 09:37:25 2015 us=772438 keysize = 0
Thu Jul 16 09:37:25 2015 us=772443 engine = DISABLED
Thu Jul 16 09:37:25 2015 us=772448 replay = ENABLED
Thu Jul 16 09:37:25 2015 us=772453 mute_replay_warnings = DISABLED
Thu Jul 16 09:37:25 2015 us=772458 replay_window = 64
Thu Jul 16 09:37:25 2015 us=772463 replay_time = 15
Thu Jul 16 09:37:25 2015 us=772468 packet_id_file = '[UNDEF]'
Thu Jul 16 09:37:25 2015 us=772473 use_iv = ENABLED
Thu Jul 16 09:37:25 2015 us=772478 test_crypto = DISABLED
Thu Jul 16 09:37:25 2015 us=772483 tls_server = DISABLED
Thu Jul 16 09:37:25 2015 us=772488 tls_client = ENABLED
Thu Jul 16 09:37:25 2015 us=772493 key_method = 2
Thu Jul 16 09:37:25 2015 us=772498 ca_file = '/etc/openvpn/ca.crt'
Thu Jul 16 09:37:25 2015 us=772507 ca_path = '[UNDEF]'
Thu Jul 16 09:37:25 2015 us=772512 dh_file = '[UNDEF]'
Thu Jul 16 09:37:25 2015 us=772517 cert_file = '/etc/openvpn/relay.crt'
Thu Jul 16 09:37:25 2015 us=772522 priv_key_file = '/etc/openvpn/relay.key'
Thu Jul 16 09:37:25 2015 us=772527 pkcs12_file = '[UNDEF]'
Thu Jul 16 09:37:25 2015 us=772534 cipher_list = 'TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256:TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256:TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256:TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256'
Thu Jul 16 09:37:25 2015 us=772540 tls_verify = '[UNDEF]'
Thu Jul 16 09:37:25 2015 us=772545 tls_export_cert = '[UNDEF]'
Thu Jul 16 09:37:25 2015 us=772551 verify_x509_type = 0
Thu Jul 16 09:37:25 2015 us=772556 verify_x509_name = '[UNDEF]'
Thu Jul 16 09:37:25 2015 us=772561 crl_file = '[UNDEF]'
Thu Jul 16 09:37:25 2015 us=772566 ns_cert_type = 0
Thu Jul 16 09:37:25 2015 us=772571 remote_cert_ku[i] = 160
Thu Jul 16 09:37:25 2015 us=772576 remote_cert_ku[i] = 136
Thu Jul 16 09:37:25 2015 us=772581 remote_cert_ku[i] = 0
Thu Jul 16 09:37:25 2015 us=772586 remote_cert_ku[i] = 0
Thu Jul 16 09:37:25 2015 us=772591 remote_cert_ku[i] = 0
Thu Jul 16 09:37:25 2015 us=772596 remote_cert_ku[i] = 0
Thu Jul 16 09:37:25 2015 us=772600 remote_cert_ku[i] = 0
Thu Jul 16 09:37:25 2015 us=772605 remote_cert_ku[i] = 0
Thu Jul 16 09:37:25 2015 us=772610 remote_cert_ku[i] = 0
Thu Jul 16 09:37:25 2015 us=772615 remote_cert_ku[i] = 0
Thu Jul 16 09:37:25 2015 us=772620 remote_cert_ku[i] = 0
Thu Jul 16 09:37:25 2015 us=772625 remote_cert_ku[i] = 0
Thu Jul 16 09:37:25 2015 us=772630 remote_cert_ku[i] = 0
Thu Jul 16 09:37:25 2015 us=772635 remote_cert_ku[i] = 0
Thu Jul 16 09:37:25 2015 us=772640 remote_cert_ku[i] = 0
Thu Jul 16 09:37:25 2015 us=772644 remote_cert_ku[i] = 0
Thu Jul 16 09:37:25 2015 us=772650 remote_cert_eku = 'TLS Web Server Authentication'
Thu Jul 16 09:37:25 2015 us=772655 ssl_flags = 192
Thu Jul 16 09:37:25 2015 us=772660 tls_timeout = 2
Thu Jul 16 09:37:25 2015 us=772665 renegotiate_bytes = 0
Thu Jul 16 09:37:25 2015 us=772670 renegotiate_packets = 0
Thu Jul 16 09:37:25 2015 us=772675 renegotiate_seconds = 3600
Thu Jul 16 09:37:25 2015 us=772680 handshake_window = 60
Thu Jul 16 09:37:25 2015 us=772685 transition_window = 3600
Thu Jul 16 09:37:25 2015 us=772690 single_session = DISABLED
Thu Jul 16 09:37:25 2015 us=772695 push_peer_info = DISABLED
Thu Jul 16 09:37:25 2015 us=772700 tls_exit = DISABLED
Thu Jul 16 09:37:25 2015 us=772705 tls_auth_file = '/etc/openvpn/ta.key'
Thu Jul 16 09:37:25 2015 us=772710 pkcs11_protected_authentication = DISABLED
Thu Jul 16 09:37:25 2015 us=772716 pkcs11_protected_authentication = DISABLED
Thu Jul 16 09:37:25 2015 us=772721 pkcs11_protected_authentication = DISABLED
Thu Jul 16 09:37:25 2015 us=772726 pkcs11_protected_authentication = DISABLED
Thu Jul 16 09:37:25 2015 us=772730 pkcs11_protected_authentication = DISABLED
Thu Jul 16 09:37:25 2015 us=772735 pkcs11_protected_authentication = DISABLED
Thu Jul 16 09:37:25 2015 us=772740 pkcs11_protected_authentication = DISABLED
Thu Jul 16 09:37:25 2015 us=772745 pkcs11_protected_authentication = DISABLED
Thu Jul 16 09:37:25 2015 us=772750 pkcs11_protected_authentication = DISABLED
Thu Jul 16 09:37:25 2015 us=772755 pkcs11_protected_authentication = DISABLED
Thu Jul 16 09:37:25 2015 us=772760 pkcs11_protected_authentication = DISABLED
Thu Jul 16 09:37:25 2015 us=772765 pkcs11_protected_authentication = DISABLED
Thu Jul 16 09:37:25 2015 us=772769 pkcs11_protected_authentication = DISABLED
Thu Jul 16 09:37:25 2015 us=772774 pkcs11_protected_authentication = DISABLED
Thu Jul 16 09:37:25 2015 us=772811 pkcs11_protected_authentication = DISABLED
Thu Jul 16 09:37:25 2015 us=772817 pkcs11_protected_authentication = DISABLED
Thu Jul 16 09:37:25 2015 us=772822 pkcs11_private_mode = 00000000
Thu Jul 16 09:37:25 2015 us=772827 pkcs11_private_mode = 00000000
Thu Jul 16 09:37:25 2015 us=772832 pkcs11_private_mode = 00000000
Thu Jul 16 09:37:25 2015 us=772837 pkcs11_private_mode = 00000000
Thu Jul 16 09:37:25 2015 us=772846 pkcs11_private_mode = 00000000
Thu Jul 16 09:37:25 2015 us=772851 pkcs11_private_mode = 00000000
Thu Jul 16 09:37:25 2015 us=772856 pkcs11_private_mode = 00000000
Thu Jul 16 09:37:25 2015 us=772861 pkcs11_private_mode = 00000000
Thu Jul 16 09:37:25 2015 us=772866 pkcs11_private_mode = 00000000
Thu Jul 16 09:37:25 2015 us=772871 pkcs11_private_mode = 00000000
Thu Jul 16 09:37:25 2015 us=772876 pkcs11_private_mode = 00000000
Thu Jul 16 09:37:25 2015 us=772881 pkcs11_private_mode = 00000000
Thu Jul 16 09:37:25 2015 us=772886 pkcs11_private_mode = 00000000
Thu Jul 16 09:37:25 2015 us=772891 pkcs11_private_mode = 00000000
Thu Jul 16 09:37:25 2015 us=772895 pkcs11_private_mode = 00000000
Thu Jul 16 09:37:25 2015 us=772900 pkcs11_private_mode = 00000000
Thu Jul 16 09:37:25 2015 us=772905 pkcs11_cert_private = DISABLED
Thu Jul 16 09:37:25 2015 us=772910 pkcs11_cert_private = DISABLED
Thu Jul 16 09:37:25 2015 us=772915 pkcs11_cert_private = DISABLED
Thu Jul 16 09:37:25 2015 us=772920 pkcs11_cert_private = DISABLED
Thu Jul 16 09:37:25 2015 us=772925 pkcs11_cert_private = DISABLED
Thu Jul 16 09:37:25 2015 us=772930 pkcs11_cert_private = DISABLED
Thu Jul 16 09:37:25 2015 us=772934 pkcs11_cert_private = DISABLED
Thu Jul 16 09:37:25 2015 us=772939 pkcs11_cert_private = DISABLED
Thu Jul 16 09:37:25 2015 us=772944 pkcs11_cert_private = DISABLED
Thu Jul 16 09:37:25 2015 us=772949 pkcs11_cert_private = DISABLED
Thu Jul 16 09:37:25 2015 us=772954 pkcs11_cert_private = DISABLED
Thu Jul 16 09:37:25 2015 us=772959 pkcs11_cert_private = DISABLED
Thu Jul 16 09:37:25 2015 us=772964 pkcs11_cert_private = DISABLED
Thu Jul 16 09:37:25 2015 us=772969 pkcs11_cert_private = DISABLED
Thu Jul 16 09:37:25 2015 us=772974 pkcs11_cert_private = DISABLED
Thu Jul 16 09:37:25 2015 us=772979 pkcs11_cert_private = DISABLED
Thu Jul 16 09:37:25 2015 us=772984 pkcs11_pin_cache_period = -1
Thu Jul 16 09:37:25 2015 us=772989 pkcs11_id = '[UNDEF]'
Thu Jul 16 09:37:25 2015 us=772994 pkcs11_id_management = DISABLED
Thu Jul 16 09:37:25 2015 us=773002 server_network = 0.0.0.0
Thu Jul 16 09:37:25 2015 us=773008 server_netmask = 0.0.0.0
Thu Jul 16 09:37:25 2015 us=773018 server_network_ipv6 = ::
Thu Jul 16 09:37:25 2015 us=773024 server_netbits_ipv6 = 0
Thu Jul 16 09:37:25 2015 us=773030 server_bridge_ip = 0.0.0.0
Thu Jul 16 09:37:25 2015 us=773035 server_bridge_netmask = 0.0.0.0
Thu Jul 16 09:37:25 2015 us=773041 server_bridge_pool_start = 0.0.0.0
Thu Jul 16 09:37:25 2015 us=773047 server_bridge_pool_end = 0.0.0.0
Thu Jul 16 09:37:25 2015 us=773052 ifconfig_pool_defined = DISABLED
Thu Jul 16 09:37:25 2015 us=773058 ifconfig_pool_start = 0.0.0.0
Thu Jul 16 09:37:25 2015 us=773063 ifconfig_pool_end = 0.0.0.0
Thu Jul 16 09:37:25 2015 us=773069 ifconfig_pool_netmask = 0.0.0.0
Thu Jul 16 09:37:25 2015 us=773074 ifconfig_pool_persist_filename = '[UNDEF]'
Thu Jul 16 09:37:25 2015 us=773079 ifconfig_pool_persist_refresh_freq = 600
Thu Jul 16 09:37:25 2015 us=773084 ifconfig_ipv6_pool_defined = DISABLED
Thu Jul 16 09:37:25 2015 us=773090 ifconfig_ipv6_pool_base = ::
Thu Jul 16 09:37:25 2015 us=773095 ifconfig_ipv6_pool_netbits = 0
Thu Jul 16 09:37:25 2015 us=773100 n_bcast_buf = 256
Thu Jul 16 09:37:25 2015 us=773105 tcp_queue_limit = 64
Thu Jul 16 09:37:25 2015 us=773110 real_hash_size = 256
Thu Jul 16 09:37:25 2015 us=773115 virtual_hash_size = 256
Thu Jul 16 09:37:25 2015 us=773120 client_connect_script = '[UNDEF]'
Thu Jul 16 09:37:25 2015 us=773125 learn_address_script = '[UNDEF]'
Thu Jul 16 09:37:25 2015 us=773130 client_disconnect_script = '[UNDEF]'
Thu Jul 16 09:37:25 2015 us=773136 client_config_dir = '[UNDEF]'
Thu Jul 16 09:37:25 2015 us=773142 ccd_exclusive = DISABLED
Thu Jul 16 09:37:25 2015 us=773148 tmp_dir = '/tmp'
Thu Jul 16 09:37:25 2015 us=773153 push_ifconfig_defined = DISABLED
Thu Jul 16 09:37:25 2015 us=773159 push_ifconfig_local = 0.0.0.0
Thu Jul 16 09:37:25 2015 us=773165 push_ifconfig_remote_netmask = 0.0.0.0
Thu Jul 16 09:37:25 2015 us=773173 push_ifconfig_ipv6_defined = DISABLED
Thu Jul 16 09:37:25 2015 us=773179 push_ifconfig_ipv6_local = ::/0
Thu Jul 16 09:37:25 2015 us=773185 push_ifconfig_ipv6_remote = ::
Thu Jul 16 09:37:25 2015 us=773190 enable_c2c = DISABLED
Thu Jul 16 09:37:25 2015 us=773195 duplicate_cn = DISABLED
Thu Jul 16 09:37:25 2015 us=773200 cf_max = 0
Thu Jul 16 09:37:25 2015 us=773205 cf_per = 0
Thu Jul 16 09:37:25 2015 us=773210 max_clients = 1024
Thu Jul 16 09:37:25 2015 us=773215 max_routes_per_client = 256
Thu Jul 16 09:37:25 2015 us=773220 auth_user_pass_verify_script = '[UNDEF]'
Thu Jul 16 09:37:25 2015 us=773225 auth_user_pass_verify_script_via_file = DISABLED
Thu Jul 16 09:37:25 2015 us=773230 port_share_host = '[UNDEF]'
Thu Jul 16 09:37:25 2015 us=773235 port_share_port = 0
Thu Jul 16 09:37:25 2015 us=773240 client = ENABLED
Thu Jul 16 09:37:25 2015 us=773245 pull = ENABLED
Thu Jul 16 09:37:25 2015 us=773250 auth_user_pass_file = '[UNDEF]'
Thu Jul 16 09:37:25 2015 us=773256 OpenVPN 2.3.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jun 8 2015
Thu Jul 16 09:37:25 2015 us=773267 library versions: OpenSSL 1.0.1k 8 Jan 2015, LZO 2.08
Thu Jul 16 09:37:25 2015 us=774758 WARNING: file '/etc/openvpn/relay.key' is group or others accessible
Thu Jul 16 09:37:25 2015 us=774967 Control Channel Authentication: using '/etc/openvpn/ta.key' as a OpenVPN static key file
Thu Jul 16 09:37:25 2015 us=774986 Outgoing Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Thu Jul 16 09:37:25 2015 us=774994 Incoming Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Thu Jul 16 09:37:25 2015 us=775038 Control Channel MTU parms [ L:1569 D:178 EF:78 EB:0 ET:0 EL:3 ]
Thu Jul 16 09:37:25 2015 us=775064 Socket Buffers: R=[212992->131072] S=[212992->131072]
Thu Jul 16 09:37:25 2015 us=775082 Data Channel MTU parms [ L:1569 D:1450 EF:69 EB:12 ET:0 EL:3 ]
Thu Jul 16 09:37:25 2015 us=775094 Local Options String: 'V4,dev-type tun,link-mtu 1569,tun-mtu 1500,proto UDPv4,keydir 1,cipher AES-256-CBC,auth SHA256,keysize 256,tls-auth,key-method 2,tls-client'
Thu Jul 16 09:37:25 2015 us=775100 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1569,tun-mtu 1500,proto UDPv4,keydir 0,cipher AES-256-CBC,auth SHA256,keysize 256,tls-auth,key-method 2,tls-server'
Thu Jul 16 09:37:25 2015 us=775113 Local Options hash (VER=V4): 'c7c95cbc'
Thu Jul 16 09:37:25 2015 us=775122 Expected Remote Options hash (VER=V4): '66f5538f'
Thu Jul 16 09:37:25 2015 us=775153 UDPv4 link local (bound): [undef]
Thu Jul 16 09:37:25 2015 us=775162 UDPv4 link remote: [AF_INET]192.168.1.40:80
Thu Jul 16 09:37:25 2015 us=775219 UDPv4 WRITE [54] to [AF_INET]192.168.1.40:80: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 pid=[ #1 ] [ ] pid=0 DATA len=0
Thu Jul 16 09:37:25 2015 us=776388 UDPv4 READ [66] from [AF_INET]192.168.1.40:80: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 pid=[ #1 ] [ 0 ] pid=0 DATA len=0
Thu Jul 16 09:37:25 2015 us=776408 TLS: Initial packet from [AF_INET]192.168.1.40:80, sid=5dd23a8c 46b1e06d
Thu Jul 16 09:37:25 2015 us=776436 UDPv4 WRITE [62] to [AF_INET]192.168.1.40:80: P_ACK_V1 kid=0 pid=[ #2 ] [ 0 ]
Thu Jul 16 09:37:25 2015 us=776519 UDPv4 WRITE [154] to [AF_INET]192.168.1.40:80: P_CONTROL_V1 kid=0 pid=[ #3 ] [ ] pid=1 DATA len=100
Thu Jul 16 09:37:25 2015 us=776581 UDPv4 WRITE [119] to [AF_INET]192.168.1.40:80: P_CONTROL_V1 kid=0 pid=[ #4 ] [ ] pid=2 DATA len=65
Thu Jul 16 09:37:25 2015 us=776844 UDPv4 READ [62] from [AF_INET]192.168.1.40:80: P_ACK_V1 kid=0 pid=[ #2 ] [ 1 ]
Thu Jul 16 09:37:28 2015 us=883138 UDPv4 WRITE [119] to [AF_INET]192.168.1.40:80: P_CONTROL_V1 kid=0 pid=[ #5 ] [ ] pid=2 DATA len=65
Thu Jul 16 09:37:33 2015 us=24950 UDPv4 WRITE [119] to [AF_INET]192.168.1.40:80: P_CONTROL_V1 kid=0 pid=[ #6 ] [ ] pid=2 DATA len=65
Thu Jul 16 09:37:42 2015 us=71699 UDPv4 WRITE [119] to [AF_INET]192.168.1.40:80: P_CONTROL_V1 kid=0 pid=[ #7 ] [ ] pid=2 DATA len=65
Thu Jul 16 09:37:58 2015 us=694273 UDPv4 WRITE [119] to [AF_INET]192.168.1.40:80: P_CONTROL_V1 kid=0 pid=[ #8 ] [ ] pid=2 DATA len=65
Thu Jul 16 09:38:25 2015 us=384927 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Thu Jul 16 09:38:25 2015 us=384941 TLS Error: TLS handshake failed
Thu Jul 16 09:38:25 2015 us=385018 TCP/UDP: Closing socket
Thu Jul 16 09:38:25 2015 us=385044 SIGUSR1[soft,tls-error] received, process restarting
Thu Jul 16 09:38:25 2015 us=385054 Restart pause, 2 second(s)
Thu Jul 16 09:38:27 2015 us=176913 SIGTERM[hard,init_instance] received, process exiting