Linux Client: Route Add Command Failed

This forum is for admins who are looking to build or expand their OpenVPN setup.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
coded
OpenVpn Newbie
Posts: 3
Joined: Fri Aug 21, 2015 6:01 pm

Linux Client: Route Add Command Failed

Post by coded » Fri Aug 21, 2015 10:19 pm

Trying to get a linux client to connect, and having issues. Hopefully someone can help. I searched the forums and found several threads with this error, but none seem to be related to my issue with the possible exception here(of which the answer isn't real clear): topic16429.html

ASUS RT-AC68U OpenVPN Server:

Windows client works(gui)
Chrome OS client(dev mode/command line) works
OpenSUSE client fails(Network-Manager & command line) - log below

Server & Client Config Files:

Code: Select all

SERVER: config.ovpn

daemon
server-bridge
push "route 0.0.0.0 255.255.255.255 net_gateway"
proto udp
port 11994
dev tap21
comp-lzo adaptive
keepalive 15 60
verb 3
duplicate-cn
plugin /usr/lib/openvpn-plugin-auth-pam.so openvpn
ca ca.crt
dh dh.pem
cert server.crt
key server.key
status-version 2
status status


CLIENT: ss.ovpn

client
dev tap
;dev-node MyTap
proto udp
remote 1.*.*.* 11994
float
comp-lzo adaptive
keepalive 15 60
auth-user-pass 
ns-cert-type server
<ca>
-----BEGIN CERTIFICATE-----
omitted
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
omitted
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
omitted
-----END PRIVATE KEY-----
</key>
resolv-retry infinite
nobind
OpenSUSE Connection Info:

Code: Select all

coded@codedSUSE:~> ssvpn

Fri Aug 21 17:13:11 2015 us=922879 Current Parameter Settings:
Fri Aug 21 17:13:11 2015 us=922953   config = '/home/coded/OpenVPN/ss.ovpn'
Fri Aug 21 17:13:11 2015 us=922973   mode = 0
Fri Aug 21 17:13:11 2015 us=922990   persist_config = DISABLED
Fri Aug 21 17:13:11 2015 us=923006   persist_mode = 1
Fri Aug 21 17:13:11 2015 us=923022   show_ciphers = DISABLED
Fri Aug 21 17:13:11 2015 us=923037   show_digests = DISABLED
Fri Aug 21 17:13:11 2015 us=923053   show_engines = DISABLED
Fri Aug 21 17:13:11 2015 us=923068   genkey = DISABLED
Fri Aug 21 17:13:11 2015 us=923084   key_pass_file = '[UNDEF]'
Fri Aug 21 17:13:11 2015 us=923099   show_tls_ciphers = DISABLED
Fri Aug 21 17:13:11 2015 us=923114 Connection profiles [default]:
Fri Aug 21 17:13:11 2015 us=923130   proto = udp
Fri Aug 21 17:13:11 2015 us=923145   local = '[UNDEF]'
Fri Aug 21 17:13:11 2015 us=923160   local_port = 0
Fri Aug 21 17:13:11 2015 us=923176   remote = '1.*.*.*'
Fri Aug 21 17:13:11 2015 us=923191   remote_port = 11994
Fri Aug 21 17:13:11 2015 us=923206   remote_float = ENABLED
Fri Aug 21 17:13:11 2015 us=923221   bind_defined = DISABLED
Fri Aug 21 17:13:11 2015 us=923237   bind_local = DISABLED
Fri Aug 21 17:13:11 2015 us=923253   connect_retry_seconds = 5
Fri Aug 21 17:13:11 2015 us=923268   connect_timeout = 10
Fri Aug 21 17:13:11 2015 us=923283   connect_retry_max = 0
Fri Aug 21 17:13:11 2015 us=923310   socks_proxy_server = '[UNDEF]'
Fri Aug 21 17:13:11 2015 us=923326   socks_proxy_port = 0
Fri Aug 21 17:13:11 2015 us=923341   socks_proxy_retry = DISABLED
Fri Aug 21 17:13:11 2015 us=923357   tun_mtu = 1500
Fri Aug 21 17:13:11 2015 us=923372   tun_mtu_defined = ENABLED
Fri Aug 21 17:13:11 2015 us=923387   link_mtu = 1500
Fri Aug 21 17:13:11 2015 us=923402   link_mtu_defined = DISABLED
Fri Aug 21 17:13:11 2015 us=923417   tun_mtu_extra = 32
Fri Aug 21 17:13:11 2015 us=923432   tun_mtu_extra_defined = ENABLED
Fri Aug 21 17:13:11 2015 us=923447   mtu_discover_type = -1
Fri Aug 21 17:13:11 2015 us=923462   fragment = 0
Fri Aug 21 17:13:11 2015 us=923477   mssfix = 1450
Fri Aug 21 17:13:11 2015 us=923492   explicit_exit_notification = 0
Fri Aug 21 17:13:11 2015 us=923508 Connection profiles END
Fri Aug 21 17:13:11 2015 us=923524   remote_random = DISABLED
Fri Aug 21 17:13:11 2015 us=923539   ipchange = '[UNDEF]'
Fri Aug 21 17:13:11 2015 us=923554   dev = 'tap'
Fri Aug 21 17:13:11 2015 us=923569   dev_type = '[UNDEF]'
Fri Aug 21 17:13:11 2015 us=923583   dev_node = '[UNDEF]'
Fri Aug 21 17:13:11 2015 us=923598   lladdr = '[UNDEF]'
Fri Aug 21 17:13:11 2015 us=923613   topology = 1
Fri Aug 21 17:13:11 2015 us=923628   tun_ipv6 = DISABLED
Fri Aug 21 17:13:11 2015 us=923642   ifconfig_local = '[UNDEF]'
Fri Aug 21 17:13:11 2015 us=923658   ifconfig_remote_netmask = '[UNDEF]'
Fri Aug 21 17:13:11 2015 us=923673   ifconfig_noexec = DISABLED
Fri Aug 21 17:13:11 2015 us=923688   ifconfig_nowarn = DISABLED
Fri Aug 21 17:13:11 2015 us=923702   ifconfig_ipv6_local = '[UNDEF]'
Fri Aug 21 17:13:11 2015 us=923718   ifconfig_ipv6_netbits = 0
Fri Aug 21 17:13:11 2015 us=923733   ifconfig_ipv6_remote = '[UNDEF]'
Fri Aug 21 17:13:11 2015 us=923748   shaper = 0
Fri Aug 21 17:13:11 2015 us=923763   mtu_test = 0
Fri Aug 21 17:13:11 2015 us=923778   mlock = DISABLED
Fri Aug 21 17:13:11 2015 us=923793   keepalive_ping = 15
Fri Aug 21 17:13:11 2015 us=923807   keepalive_timeout = 60
Fri Aug 21 17:13:11 2015 us=923822   inactivity_timeout = 0
Fri Aug 21 17:13:11 2015 us=923837   ping_send_timeout = 15
Fri Aug 21 17:13:11 2015 us=923852   ping_rec_timeout = 60
Fri Aug 21 17:13:11 2015 us=923867   ping_rec_timeout_action = 2
Fri Aug 21 17:13:11 2015 us=923881   ping_timer_remote = DISABLED
Fri Aug 21 17:13:11 2015 us=923897   remap_sigusr1 = 0
Fri Aug 21 17:13:11 2015 us=923911   persist_tun = DISABLED
Fri Aug 21 17:13:11 2015 us=923926   persist_local_ip = DISABLED
Fri Aug 21 17:13:11 2015 us=923941   persist_remote_ip = DISABLED
Fri Aug 21 17:13:11 2015 us=923956   persist_key = DISABLED
Fri Aug 21 17:13:11 2015 us=923971   passtos = DISABLED
Fri Aug 21 17:13:11 2015 us=923986   resolve_retry_seconds = 1000000000
Fri Aug 21 17:13:11 2015 us=924001   username = '[UNDEF]'
Fri Aug 21 17:13:11 2015 us=924016   groupname = '[UNDEF]'
Fri Aug 21 17:13:11 2015 us=924031   chroot_dir = '[UNDEF]'
Fri Aug 21 17:13:11 2015 us=924045   cd_dir = '[UNDEF]'
Fri Aug 21 17:13:11 2015 us=924061   writepid = '[UNDEF]'
Fri Aug 21 17:13:11 2015 us=924076   up_script = '[UNDEF]'
Fri Aug 21 17:13:11 2015 us=924090   down_script = '[UNDEF]'
Fri Aug 21 17:13:11 2015 us=924105   down_pre = DISABLED
Fri Aug 21 17:13:11 2015 us=924120   up_restart = DISABLED
Fri Aug 21 17:13:11 2015 us=924135   up_delay = DISABLED
Fri Aug 21 17:13:11 2015 us=924150   daemon = DISABLED
Fri Aug 21 17:13:11 2015 us=924164   inetd = 0
Fri Aug 21 17:13:11 2015 us=924179   log = DISABLED
Fri Aug 21 17:13:11 2015 us=924194   suppress_timestamps = DISABLED
Fri Aug 21 17:13:11 2015 us=924208   nice = 0
Fri Aug 21 17:13:11 2015 us=924223   verbosity = 4
Fri Aug 21 17:13:11 2015 us=924237   mute = 0
Fri Aug 21 17:13:11 2015 us=924252   gremlin = 0
Fri Aug 21 17:13:11 2015 us=924266   status_file = '[UNDEF]'
Fri Aug 21 17:13:11 2015 us=924281   status_file_version = 1
Fri Aug 21 17:13:11 2015 us=924311   status_file_update_freq = 60
Fri Aug 21 17:13:11 2015 us=924326   occ = ENABLED
Fri Aug 21 17:13:11 2015 us=924360   rcvbuf = 65536
Fri Aug 21 17:13:11 2015 us=924375   sndbuf = 65536
Fri Aug 21 17:13:11 2015 us=924390   mark = 0
Fri Aug 21 17:13:11 2015 us=924404   sockflags = 0
Fri Aug 21 17:13:11 2015 us=924419   fast_io = DISABLED
Fri Aug 21 17:13:11 2015 us=924433   lzo = 7
Fri Aug 21 17:13:11 2015 us=924448   route_script = '[UNDEF]'
Fri Aug 21 17:13:11 2015 us=924463   route_default_gateway = '[UNDEF]'
Fri Aug 21 17:13:11 2015 us=924478   route_default_metric = 0
Fri Aug 21 17:13:11 2015 us=924493   route_noexec = DISABLED
Fri Aug 21 17:13:11 2015 us=924508   route_delay = 0
Fri Aug 21 17:13:11 2015 us=924523   route_delay_window = 30
Fri Aug 21 17:13:11 2015 us=924538   route_delay_defined = DISABLED
Fri Aug 21 17:13:11 2015 us=924553   route_nopull = DISABLED
Fri Aug 21 17:13:11 2015 us=924568   route_gateway_via_dhcp = DISABLED
Fri Aug 21 17:13:11 2015 us=924583   max_routes = 100
Fri Aug 21 17:13:11 2015 us=924598   allow_pull_fqdn = DISABLED
Fri Aug 21 17:13:11 2015 us=924613   management_addr = '[UNDEF]'
Fri Aug 21 17:13:11 2015 us=924628   management_port = 0
Fri Aug 21 17:13:11 2015 us=924642   management_user_pass = '[UNDEF]'
Fri Aug 21 17:13:11 2015 us=924657   management_log_history_cache = 250
Fri Aug 21 17:13:11 2015 us=924672   management_echo_buffer_size = 100
Fri Aug 21 17:13:11 2015 us=924687   management_write_peer_info_file = '[UNDEF]'
Fri Aug 21 17:13:11 2015 us=924702   management_client_user = '[UNDEF]'
Fri Aug 21 17:13:11 2015 us=924717   management_client_group = '[UNDEF]'
Fri Aug 21 17:13:11 2015 us=924732   management_flags = 0
Fri Aug 21 17:13:11 2015 us=924747   shared_secret_file = '[UNDEF]'
Fri Aug 21 17:13:11 2015 us=924762   key_direction = 0
Fri Aug 21 17:13:11 2015 us=924776   ciphername_defined = ENABLED
Fri Aug 21 17:13:11 2015 us=924791   ciphername = 'BF-CBC'
Fri Aug 21 17:13:11 2015 us=924806   authname_defined = ENABLED
Fri Aug 21 17:13:11 2015 us=924821   authname = 'SHA1'
Fri Aug 21 17:13:11 2015 us=924835   prng_hash = 'SHA1'
Fri Aug 21 17:13:11 2015 us=924850   prng_nonce_secret_len = 16
Fri Aug 21 17:13:11 2015 us=924865   keysize = 0
Fri Aug 21 17:13:11 2015 us=924880   engine = DISABLED
Fri Aug 21 17:13:11 2015 us=924894   replay = ENABLED
Fri Aug 21 17:13:11 2015 us=924909   mute_replay_warnings = DISABLED
Fri Aug 21 17:13:11 2015 us=924925   replay_window = 64
Fri Aug 21 17:13:11 2015 us=924939   replay_time = 15
Fri Aug 21 17:13:11 2015 us=924954   packet_id_file = '[UNDEF]'
Fri Aug 21 17:13:11 2015 us=924969   use_iv = ENABLED
Fri Aug 21 17:13:11 2015 us=924984   test_crypto = DISABLED
Fri Aug 21 17:13:11 2015 us=924999   tls_server = DISABLED
Fri Aug 21 17:13:11 2015 us=925013   tls_client = ENABLED
Fri Aug 21 17:13:11 2015 us=925028   key_method = 2
Fri Aug 21 17:13:11 2015 us=925043   ca_file = '[[INLINE]]'
Fri Aug 21 17:13:11 2015 us=925058   ca_path = '[UNDEF]'
Fri Aug 21 17:13:11 2015 us=925072   dh_file = '[UNDEF]'
Fri Aug 21 17:13:11 2015 us=925087   cert_file = '[[INLINE]]'
Fri Aug 21 17:13:11 2015 us=925102   priv_key_file = '[[INLINE]]'
Fri Aug 21 17:13:11 2015 us=925117   pkcs12_file = '[UNDEF]'
Fri Aug 21 17:13:11 2015 us=925132   cipher_list = '[UNDEF]'
Fri Aug 21 17:13:11 2015 us=925146   tls_verify = '[UNDEF]'
Fri Aug 21 17:13:11 2015 us=925161   tls_export_cert = '[UNDEF]'
Fri Aug 21 17:13:11 2015 us=925176   verify_x509_type = 0
Fri Aug 21 17:13:11 2015 us=925191   verify_x509_name = '[UNDEF]'
Fri Aug 21 17:13:11 2015 us=925205   crl_file = '[UNDEF]'
Fri Aug 21 17:13:11 2015 us=925220   ns_cert_type = 1
Fri Aug 21 17:13:11 2015 us=925235   remote_cert_ku[i] = 0
Fri Aug 21 17:13:11 2015 us=925249   remote_cert_ku[i] = 0
Fri Aug 21 17:13:11 2015 us=925264   remote_cert_ku[i] = 0
Fri Aug 21 17:13:11 2015 us=925278   remote_cert_ku[i] = 0
Fri Aug 21 17:13:11 2015 us=925303   remote_cert_ku[i] = 0
Fri Aug 21 17:13:11 2015 us=925318   remote_cert_ku[i] = 0
Fri Aug 21 17:13:11 2015 us=925333   remote_cert_ku[i] = 0
Fri Aug 21 17:13:11 2015 us=925348   remote_cert_ku[i] = 0
Fri Aug 21 17:13:11 2015 us=925362   remote_cert_ku[i] = 0
Fri Aug 21 17:13:11 2015 us=925377   remote_cert_ku[i] = 0
Fri Aug 21 17:13:11 2015 us=925391   remote_cert_ku[i] = 0
Fri Aug 21 17:13:11 2015 us=925406   remote_cert_ku[i] = 0
Fri Aug 21 17:13:11 2015 us=925421   remote_cert_ku[i] = 0
Fri Aug 21 17:13:11 2015 us=925435   remote_cert_ku[i] = 0
Fri Aug 21 17:13:11 2015 us=925450   remote_cert_ku[i] = 0
Fri Aug 21 17:13:11 2015 us=925465   remote_cert_ku[i] = 0
Fri Aug 21 17:13:11 2015 us=925479   remote_cert_eku = '[UNDEF]'
Fri Aug 21 17:13:11 2015 us=925494   ssl_flags = 0
Fri Aug 21 17:13:11 2015 us=925508   tls_timeout = 2
Fri Aug 21 17:13:11 2015 us=925523   renegotiate_bytes = 0
Fri Aug 21 17:13:11 2015 us=925537   renegotiate_packets = 0
Fri Aug 21 17:13:11 2015 us=925552   renegotiate_seconds = 3600
Fri Aug 21 17:13:11 2015 us=925567   handshake_window = 60
Fri Aug 21 17:13:11 2015 us=925581   transition_window = 3600
Fri Aug 21 17:13:11 2015 us=925596   single_session = DISABLED
Fri Aug 21 17:13:11 2015 us=925610   push_peer_info = DISABLED
Fri Aug 21 17:13:11 2015 us=925625   tls_exit = DISABLED
Fri Aug 21 17:13:11 2015 us=925640   tls_auth_file = '[UNDEF]'
Fri Aug 21 17:13:11 2015 us=925657   server_network = 0.0.0.0
Fri Aug 21 17:13:11 2015 us=925673   server_netmask = 0.0.0.0
Fri Aug 21 17:13:11 2015 us=925697   server_network_ipv6 = ::
Fri Aug 21 17:13:11 2015 us=925713   server_netbits_ipv6 = 0
Fri Aug 21 17:13:11 2015 us=925728   server_bridge_ip = 0.0.0.0
Fri Aug 21 17:13:11 2015 us=925744   server_bridge_netmask = 0.0.0.0
Fri Aug 21 17:13:11 2015 us=925759   server_bridge_pool_start = 0.0.0.0
Fri Aug 21 17:13:11 2015 us=925775   server_bridge_pool_end = 0.0.0.0
Fri Aug 21 17:13:11 2015 us=925790   ifconfig_pool_defined = DISABLED
Fri Aug 21 17:13:11 2015 us=925806   ifconfig_pool_start = 0.0.0.0
Fri Aug 21 17:13:11 2015 us=925821   ifconfig_pool_end = 0.0.0.0
Fri Aug 21 17:13:11 2015 us=925837   ifconfig_pool_netmask = 0.0.0.0
Fri Aug 21 17:13:11 2015 us=925851   ifconfig_pool_persist_filename = '[UNDEF]'
Fri Aug 21 17:13:11 2015 us=925866   ifconfig_pool_persist_refresh_freq = 600
Fri Aug 21 17:13:11 2015 us=925881   ifconfig_ipv6_pool_defined = DISABLED
Fri Aug 21 17:13:11 2015 us=925896   ifconfig_ipv6_pool_base = ::
Fri Aug 21 17:13:11 2015 us=925912   ifconfig_ipv6_pool_netbits = 0
Fri Aug 21 17:13:11 2015 us=925926   n_bcast_buf = 256
Fri Aug 21 17:13:11 2015 us=925941   tcp_queue_limit = 64
Fri Aug 21 17:13:11 2015 us=925955   real_hash_size = 256
Fri Aug 21 17:13:11 2015 us=925970   virtual_hash_size = 256
Fri Aug 21 17:13:11 2015 us=925984   client_connect_script = '[UNDEF]'
Fri Aug 21 17:13:11 2015 us=925999   learn_address_script = '[UNDEF]'
Fri Aug 21 17:13:11 2015 us=926014   client_disconnect_script = '[UNDEF]'
Fri Aug 21 17:13:11 2015 us=926029   client_config_dir = '[UNDEF]'
Fri Aug 21 17:13:11 2015 us=926043   ccd_exclusive = DISABLED
Fri Aug 21 17:13:11 2015 us=926058   tmp_dir = '/tmp'
Fri Aug 21 17:13:11 2015 us=926072   push_ifconfig_defined = DISABLED
Fri Aug 21 17:13:11 2015 us=926088   push_ifconfig_local = 0.0.0.0
Fri Aug 21 17:13:11 2015 us=926104   push_ifconfig_remote_netmask = 0.0.0.0
Fri Aug 21 17:13:11 2015 us=926118   push_ifconfig_ipv6_defined = DISABLED
Fri Aug 21 17:13:11 2015 us=926134   push_ifconfig_ipv6_local = ::/0
Fri Aug 21 17:13:11 2015 us=926149   push_ifconfig_ipv6_remote = ::
Fri Aug 21 17:13:11 2015 us=926164   enable_c2c = DISABLED
Fri Aug 21 17:13:11 2015 us=926178   duplicate_cn = DISABLED
Fri Aug 21 17:13:11 2015 us=926193   cf_max = 0
Fri Aug 21 17:13:11 2015 us=926208   cf_per = 0
Fri Aug 21 17:13:11 2015 us=926222   max_clients = 1024
Fri Aug 21 17:13:11 2015 us=926237   max_routes_per_client = 256
Fri Aug 21 17:13:11 2015 us=926252   auth_user_pass_verify_script = '[UNDEF]'
Fri Aug 21 17:13:11 2015 us=926267   auth_user_pass_verify_script_via_file = DISABLED
Fri Aug 21 17:13:11 2015 us=926282   port_share_host = '[UNDEF]'
Fri Aug 21 17:13:11 2015 us=926307   port_share_port = 0
Fri Aug 21 17:13:11 2015 us=926321   client = ENABLED
Fri Aug 21 17:13:11 2015 us=926336   pull = ENABLED
Fri Aug 21 17:13:11 2015 us=926351   auth_user_pass_file = 'stdin'
Fri Aug 21 17:13:11 2015 us=926367 OpenVPN 2.3.4 x86_64-suse-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on May  1 2014
Fri Aug 21 17:13:11 2015 us=926392 library versions: OpenSSL 1.0.1k-fips 8 Jan 2015, LZO 2.08
Enter Auth Username: *****
Enter Auth Password: *****
Fri Aug 21 17:13:17 2015 us=576574 LZO compression initialized
Fri Aug 21 17:13:17 2015 us=576731 Control Channel MTU parms [ L:1574 D:138 EF:38 EB:0 ET:0 EL:0 ]
Fri Aug 21 17:13:17 2015 us=576797 Socket Buffers: R=[212992->131072] S=[212992->131072]
Fri Aug 21 17:13:17 2015 us=577098 Data Channel MTU parms [ L:1574 D:1450 EF:42 EB:135 ET:32 EL:0 AF:3/1 ]
Fri Aug 21 17:13:17 2015 us=577146 Local Options String: 'V4,dev-type tap,link-mtu 1574,tun-mtu 1532,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Fri Aug 21 17:13:17 2015 us=577168 Expected Remote Options String: 'V4,dev-type tap,link-mtu 1574,tun-mtu 1532,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Fri Aug 21 17:13:17 2015 us=577208 Local Options hash (VER=V4): '215690d9'
Fri Aug 21 17:13:17 2015 us=577245 Expected Remote Options hash (VER=V4): 'e1608fa9'
Fri Aug 21 17:13:17 2015 us=577281 UDPv4 link local: [undef]
Fri Aug 21 17:13:17 2015 us=577325 UDPv4 link remote: [AF_INET]1.*.*.*:11994
Fri Aug 21 17:13:17 2015 us=655668 TLS: Initial packet from [AF_INET]1.*.*.*:11994, sid=cabbe5fe 32bed0df
Fri Aug 21 17:13:17 2015 us=655850 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Fri Aug 21 17:13:18 2015 us=231228 VERIFY OK: depth=1, C=TW, ST=TW, L=Taipei, O=ASUS, CN=RT-AC68U, emailAddress=me@myhost.mydomain
Fri Aug 21 17:13:18 2015 us=231519 VERIFY OK: nsCertType=SERVER
Fri Aug 21 17:13:18 2015 us=231535 VERIFY OK: depth=0, C=TW, ST=TW, L=Taipei, O=ASUS, CN=RT-AC68U, emailAddress=me@myhost.mydomain
Fri Aug 21 17:13:19 2015 us=176636 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Fri Aug 21 17:13:19 2015 us=176698 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Aug 21 17:13:19 2015 us=176811 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Fri Aug 21 17:13:19 2015 us=176834 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Aug 21 17:13:19 2015 us=176906 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Fri Aug 21 17:13:19 2015 us=176951 [RT-AC68U] Peer Connection Initiated with [AF_INET]1.*.*.*:11994
Fri Aug 21 17:13:21 2015 us=463471 SENT CONTROL [RT-AC68U]: 'PUSH_REQUEST' (status=1)
Fri Aug 21 17:13:21 2015 us=539269 AUTH: Received control message: AUTH_FAILED
Fri Aug 21 17:13:21 2015 us=539574 TCP/UDP: Closing socket
Fri Aug 21 17:13:21 2015 us=539632 SIGTERM[soft,auth-failure] received, process exiting

coded@codedSUSE:~> sudo route

Kernel IP routing table
Destination 	Gateway     	Genmask     	Flags Metric Ref	Use Iface
default     	apb0c7453f018a  255.255.255.255 UGH   0  	0    	0 wlp2s0
default     	apb0c7453f018a  0.0.0.0     	UG	1024   0    	0 wlp2s0
192.168.11.0	*           	255.255.255.0   U 	0  	0    	0 wlp2s0

coded@codedSUSE:~> sudo ifconfig
enp1s0	Link encap:Ethernet  HWaddr 00:24:BE:40:98:81  
      	UP BROADCAST MULTICAST  MTU:1500  Metric:1
      	RX packets:0 errors:0 dropped:0 overruns:0 frame:0
      	TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
      	collisions:0 txqueuelen:1000
      	RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)
      	Interrupt:16

lo    	Link encap:Local Loopback  
      	inet addr:127.0.0.1  Mask:255.0.0.0
      	inet6 addr: ::1/128 Scope:Host
      	UP LOOPBACK RUNNING  MTU:65536  Metric:1
      	RX packets:38704 errors:0 dropped:0 overruns:0 frame:0
      	TX packets:38704 errors:0 dropped:0 overruns:0 carrier:0
      	collisions:0 txqueuelen:0
      	RX bytes:24674635 (23.5 Mb)  TX bytes:24674635 (23.5 Mb)

wlp2s0	Link encap:Ethernet  HWaddr 00:26:5E:F7:80:89  
      	inet addr:192.168.11.5  Bcast:192.168.11.255  Mask:255.255.255.0
      	inet6 addr: fe80::226:5eff:fef7:8089/64 Scope:Link
      	UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
      	RX packets:2652899 errors:0 dropped:0 overruns:0 frame:0
      	TX packets:1406813 errors:0 dropped:0 overruns:0 carrier:0
      	collisions:0 txqueuelen:1000
      	RX bytes:3811174813 (3634.6 Mb)  TX bytes:132505251 (126.3 Mb)
Top
coded
OpenVpn Newbie
Posts: 3
Joined: Fri Aug 21, 2015 6:01 pm

Re: Linux Client: Route Add Command Failed

Post by coded » Sat Aug 22, 2015 5:08 pm

It doesn't look like I can edit the OP, and I didn't realize after I changed the config to verb 4 and re-ran it that I got an auth fail and not the route add fail, so here is the real error(after proper auth). SOrry.

Code: Select all

coded@codedSUSE:~> ssvpn

Fri Aug 21 18:01:49 2015 us=937201   config = '/home/coded/OpenVPN/ss.ovpn'
Fri Aug 21 18:01:49 2015 us=937222   mode = 0
Fri Aug 21 18:01:49 2015 us=937238   persist_config = DISABLED
Fri Aug 21 18:01:49 2015 us=937255   persist_mode = 1
Fri Aug 21 18:01:49 2015 us=937272   show_ciphers = DISABLED
Fri Aug 21 18:01:49 2015 us=937300   show_digests = DISABLED
Fri Aug 21 18:01:49 2015 us=937317   show_engines = DISABLED
Fri Aug 21 18:01:49 2015 us=937333   genkey = DISABLED
Fri Aug 21 18:01:49 2015 us=937348   key_pass_file = '[UNDEF]'
Fri Aug 21 18:01:49 2015 us=937364   show_tls_ciphers = DISABLED
Fri Aug 21 18:01:49 2015 us=937379 Connection profiles [default]:
Fri Aug 21 18:01:49 2015 us=937395   proto = udp
Fri Aug 21 18:01:49 2015 us=937410   local = '[UNDEF]'
Fri Aug 21 18:01:49 2015 us=937426   local_port = 0
Fri Aug 21 18:01:49 2015 us=937441   remote = '1.*.*.*'
Fri Aug 21 18:01:49 2015 us=937457   remote_port = 11994
Fri Aug 21 18:01:49 2015 us=937472   remote_float = ENABLED
Fri Aug 21 18:01:49 2015 us=937488   bind_defined = DISABLED
Fri Aug 21 18:01:49 2015 us=937504   bind_local = DISABLED
Fri Aug 21 18:01:49 2015 us=937519   connect_retry_seconds = 5
Fri Aug 21 18:01:49 2015 us=937535   connect_timeout = 10
Fri Aug 21 18:01:49 2015 us=937550   connect_retry_max = 0
Fri Aug 21 18:01:49 2015 us=937565   socks_proxy_server = '[UNDEF]'
Fri Aug 21 18:01:49 2015 us=937581   socks_proxy_port = 0
Fri Aug 21 18:01:49 2015 us=937596   socks_proxy_retry = DISABLED
Fri Aug 21 18:01:49 2015 us=937612   tun_mtu = 1500
Fri Aug 21 18:01:49 2015 us=937628   tun_mtu_defined = ENABLED
Fri Aug 21 18:01:49 2015 us=937643   link_mtu = 1500
Fri Aug 21 18:01:49 2015 us=937659   link_mtu_defined = DISABLED
Fri Aug 21 18:01:49 2015 us=937675   tun_mtu_extra = 32
Fri Aug 21 18:01:49 2015 us=937690   tun_mtu_extra_defined = ENABLED
Fri Aug 21 18:01:49 2015 us=937706   mtu_discover_type = -1
Fri Aug 21 18:01:49 2015 us=937721   fragment = 0
Fri Aug 21 18:01:49 2015 us=937737   mssfix = 1450
Fri Aug 21 18:01:49 2015 us=937753   explicit_exit_notification = 0
Fri Aug 21 18:01:49 2015 us=937768 Connection profiles END
Fri Aug 21 18:01:49 2015 us=937784   remote_random = DISABLED
Fri Aug 21 18:01:49 2015 us=937800   ipchange = '[UNDEF]'
Fri Aug 21 18:01:49 2015 us=937815   dev = 'tap'
Fri Aug 21 18:01:49 2015 us=937830   dev_type = '[UNDEF]'
Fri Aug 21 18:01:49 2015 us=937845   dev_node = '[UNDEF]'
Fri Aug 21 18:01:49 2015 us=937860   lladdr = '[UNDEF]'
Fri Aug 21 18:01:49 2015 us=937875   topology = 1
Fri Aug 21 18:01:49 2015 us=937890   tun_ipv6 = DISABLED
Fri Aug 21 18:01:49 2015 us=937905   ifconfig_local = '[UNDEF]'
Fri Aug 21 18:01:49 2015 us=937921   ifconfig_remote_netmask = '[UNDEF]'
Fri Aug 21 18:01:49 2015 us=937936   ifconfig_noexec = DISABLED
Fri Aug 21 18:01:49 2015 us=937951   ifconfig_nowarn = DISABLED
Fri Aug 21 18:01:49 2015 us=937966   ifconfig_ipv6_local = '[UNDEF]'
Fri Aug 21 18:01:49 2015 us=937982   ifconfig_ipv6_netbits = 0
Fri Aug 21 18:01:49 2015 us=937997   ifconfig_ipv6_remote = '[UNDEF]'
Fri Aug 21 18:01:49 2015 us=938012   shaper = 0
Fri Aug 21 18:01:49 2015 us=938027   mtu_test = 0
Fri Aug 21 18:01:49 2015 us=938042   mlock = DISABLED
Fri Aug 21 18:01:49 2015 us=938057   keepalive_ping = 15
Fri Aug 21 18:01:49 2015 us=938073   keepalive_timeout = 60
Fri Aug 21 18:01:49 2015 us=938088   inactivity_timeout = 0
Fri Aug 21 18:01:49 2015 us=938103   ping_send_timeout = 15
Fri Aug 21 18:01:49 2015 us=938118   ping_rec_timeout = 60
Fri Aug 21 18:01:49 2015 us=938133   ping_rec_timeout_action = 2
Fri Aug 21 18:01:49 2015 us=938149   ping_timer_remote = DISABLED
Fri Aug 21 18:01:49 2015 us=938164   remap_sigusr1 = 0
Fri Aug 21 18:01:49 2015 us=938179   persist_tun = DISABLED
Fri Aug 21 18:01:49 2015 us=938194   persist_local_ip = DISABLED
Fri Aug 21 18:01:49 2015 us=938209   persist_remote_ip = DISABLED
Fri Aug 21 18:01:49 2015 us=938224   persist_key = DISABLED
Fri Aug 21 18:01:49 2015 us=938239   passtos = DISABLED
Fri Aug 21 18:01:49 2015 us=938254   resolve_retry_seconds = 1000000000
Fri Aug 21 18:01:49 2015 us=938269   username = '[UNDEF]'
Fri Aug 21 18:01:49 2015 us=938284   groupname = '[UNDEF]'
Fri Aug 21 18:01:49 2015 us=938311   chroot_dir = '[UNDEF]'
Fri Aug 21 18:01:49 2015 us=938326   cd_dir = '[UNDEF]'
Fri Aug 21 18:01:49 2015 us=938341   writepid = '[UNDEF]'
Fri Aug 21 18:01:49 2015 us=938357   up_script = '[UNDEF]'
Fri Aug 21 18:01:49 2015 us=938372   down_script = '[UNDEF]'
Fri Aug 21 18:01:49 2015 us=938388   down_pre = DISABLED
Fri Aug 21 18:01:49 2015 us=938403   up_restart = DISABLED
Fri Aug 21 18:01:49 2015 us=938419   up_delay = DISABLED
Fri Aug 21 18:01:49 2015 us=938434   daemon = DISABLED
Fri Aug 21 18:01:49 2015 us=938449   inetd = 0
Fri Aug 21 18:01:49 2015 us=938465   log = DISABLED
Fri Aug 21 18:01:49 2015 us=938480   suppress_timestamps = DISABLED
Fri Aug 21 18:01:49 2015 us=938495   nice = 0
Fri Aug 21 18:01:49 2015 us=938511   verbosity = 4
Fri Aug 21 18:01:49 2015 us=938526   mute = 0
Fri Aug 21 18:01:49 2015 us=938541   gremlin = 0
Fri Aug 21 18:01:49 2015 us=938557   status_file = '[UNDEF]'
Fri Aug 21 18:01:49 2015 us=938572   status_file_version = 1
Fri Aug 21 18:01:49 2015 us=938588   status_file_update_freq = 60
Fri Aug 21 18:01:49 2015 us=938604   occ = ENABLED
Fri Aug 21 18:01:49 2015 us=938619   rcvbuf = 65536
Fri Aug 21 18:01:49 2015 us=938634   sndbuf = 65536
Fri Aug 21 18:01:49 2015 us=938650   mark = 0
Fri Aug 21 18:01:49 2015 us=938665   sockflags = 0
Fri Aug 21 18:01:49 2015 us=938680   fast_io = DISABLED
Fri Aug 21 18:01:49 2015 us=938695   lzo = 7
Fri Aug 21 18:01:49 2015 us=938710   route_script = '[UNDEF]'
Fri Aug 21 18:01:49 2015 us=938726   route_default_gateway = '[UNDEF]'
Fri Aug 21 18:01:49 2015 us=938741   route_default_metric = 0
Fri Aug 21 18:01:49 2015 us=938757   route_noexec = DISABLED
Fri Aug 21 18:01:49 2015 us=938773   route_delay = 0
Fri Aug 21 18:01:49 2015 us=938788   route_delay_window = 30
Fri Aug 21 18:01:49 2015 us=938804   route_delay_defined = DISABLED
Fri Aug 21 18:01:49 2015 us=938819   route_nopull = DISABLED
Fri Aug 21 18:01:49 2015 us=938835   route_gateway_via_dhcp = DISABLED
Fri Aug 21 18:01:49 2015 us=938850   max_routes = 100
Fri Aug 21 18:01:49 2015 us=938865   allow_pull_fqdn = DISABLED
Fri Aug 21 18:01:49 2015 us=938880   management_addr = '[UNDEF]'
Fri Aug 21 18:01:49 2015 us=938895   management_port = 0
Fri Aug 21 18:01:49 2015 us=938911   management_user_pass = '[UNDEF]'
Fri Aug 21 18:01:49 2015 us=938926   management_log_history_cache = 250
Fri Aug 21 18:01:49 2015 us=938941   management_echo_buffer_size = 100
Fri Aug 21 18:01:49 2015 us=938957   management_write_peer_info_file = '[UNDEF]'
Fri Aug 21 18:01:49 2015 us=938972   management_client_user = '[UNDEF]'
Fri Aug 21 18:01:49 2015 us=938987   management_client_group = '[UNDEF]'
Fri Aug 21 18:01:49 2015 us=939002   management_flags = 0
Fri Aug 21 18:01:49 2015 us=939017   shared_secret_file = '[UNDEF]'
Fri Aug 21 18:01:49 2015 us=939033   key_direction = 0
Fri Aug 21 18:01:49 2015 us=939048   ciphername_defined = ENABLED
Fri Aug 21 18:01:49 2015 us=939063   ciphername = 'BF-CBC'
Fri Aug 21 18:01:49 2015 us=939078   authname_defined = ENABLED
Fri Aug 21 18:01:49 2015 us=939093   authname = 'SHA1'
Fri Aug 21 18:01:49 2015 us=939108   prng_hash = 'SHA1'
Fri Aug 21 18:01:49 2015 us=939123   prng_nonce_secret_len = 16
Fri Aug 21 18:01:49 2015 us=939138   keysize = 0
Fri Aug 21 18:01:49 2015 us=939153   engine = DISABLED
Fri Aug 21 18:01:49 2015 us=939168   replay = ENABLED
Fri Aug 21 18:01:49 2015 us=939183   mute_replay_warnings = DISABLED
Fri Aug 21 18:01:49 2015 us=939198   replay_window = 64
Fri Aug 21 18:01:49 2015 us=939213   replay_time = 15
Fri Aug 21 18:01:49 2015 us=939228   packet_id_file = '[UNDEF]'
Fri Aug 21 18:01:49 2015 us=939243   use_iv = ENABLED
Fri Aug 21 18:01:49 2015 us=939259   test_crypto = DISABLED
Fri Aug 21 18:01:49 2015 us=939274   tls_server = DISABLED
Fri Aug 21 18:01:49 2015 us=939304   tls_client = ENABLED
Fri Aug 21 18:01:49 2015 us=939321   key_method = 2
Fri Aug 21 18:01:49 2015 us=939336   ca_file = '[[INLINE]]'
Fri Aug 21 18:01:49 2015 us=939351   ca_path = '[UNDEF]'
Fri Aug 21 18:01:49 2015 us=939366   dh_file = '[UNDEF]'
Fri Aug 21 18:01:49 2015 us=939381   cert_file = '[[INLINE]]'
Fri Aug 21 18:01:49 2015 us=939397   priv_key_file = '[[INLINE]]'
Fri Aug 21 18:01:49 2015 us=939412   pkcs12_file = '[UNDEF]'
Fri Aug 21 18:01:49 2015 us=939427   cipher_list = '[UNDEF]'
Fri Aug 21 18:01:49 2015 us=939442   tls_verify = '[UNDEF]'
Fri Aug 21 18:01:49 2015 us=939457   tls_export_cert = '[UNDEF]'
Fri Aug 21 18:01:49 2015 us=939472   verify_x509_type = 0
Fri Aug 21 18:01:49 2015 us=939487   verify_x509_name = '[UNDEF]'
Fri Aug 21 18:01:49 2015 us=939502   crl_file = '[UNDEF]'
Fri Aug 21 18:01:49 2015 us=939518   ns_cert_type = 1
Fri Aug 21 18:01:49 2015 us=939533   remote_cert_ku[i] = 0
Fri Aug 21 18:01:49 2015 us=939548   remote_cert_ku[i] = 0
Fri Aug 21 18:01:49 2015 us=939563   remote_cert_ku[i] = 0
Fri Aug 21 18:01:49 2015 us=939578   remote_cert_ku[i] = 0
Fri Aug 21 18:01:49 2015 us=939593   remote_cert_ku[i] = 0
Fri Aug 21 18:01:49 2015 us=939608   remote_cert_ku[i] = 0
Fri Aug 21 18:01:49 2015 us=939623   remote_cert_ku[i] = 0
Fri Aug 21 18:01:49 2015 us=939638   remote_cert_ku[i] = 0
Fri Aug 21 18:01:49 2015 us=939653   remote_cert_ku[i] = 0
Fri Aug 21 18:01:49 2015 us=939668   remote_cert_ku[i] = 0
Fri Aug 21 18:01:49 2015 us=939683   remote_cert_ku[i] = 0
Fri Aug 21 18:01:49 2015 us=939698   remote_cert_ku[i] = 0
Fri Aug 21 18:01:49 2015 us=939713   remote_cert_ku[i] = 0
Fri Aug 21 18:01:49 2015 us=939728   remote_cert_ku[i] = 0
Fri Aug 21 18:01:49 2015 us=939743   remote_cert_ku[i] = 0
Fri Aug 21 18:01:49 2015 us=939758   remote_cert_ku[i] = 0
Fri Aug 21 18:01:49 2015 us=939773   remote_cert_eku = '[UNDEF]'
Fri Aug 21 18:01:49 2015 us=939789   ssl_flags = 0
Fri Aug 21 18:01:49 2015 us=939803   tls_timeout = 2
Fri Aug 21 18:01:49 2015 us=939818   renegotiate_bytes = 0
Fri Aug 21 18:01:49 2015 us=939833   renegotiate_packets = 0
Fri Aug 21 18:01:49 2015 us=939848   renegotiate_seconds = 3600
Fri Aug 21 18:01:49 2015 us=939863   handshake_window = 60
Fri Aug 21 18:01:49 2015 us=939878   transition_window = 3600
Fri Aug 21 18:01:49 2015 us=939893   single_session = DISABLED
Fri Aug 21 18:01:49 2015 us=939908   push_peer_info = DISABLED
Fri Aug 21 18:01:49 2015 us=939923   tls_exit = DISABLED
Fri Aug 21 18:01:49 2015 us=939938   tls_auth_file = '[UNDEF]'
Fri Aug 21 18:01:49 2015 us=939955   server_network = 0.0.0.0
Fri Aug 21 18:01:49 2015 us=939972   server_netmask = 0.0.0.0
Fri Aug 21 18:01:49 2015 us=939995   server_network_ipv6 = ::
Fri Aug 21 18:01:49 2015 us=940011   server_netbits_ipv6 = 0
Fri Aug 21 18:01:49 2015 us=940027   server_bridge_ip = 0.0.0.0
Fri Aug 21 18:01:49 2015 us=940043   server_bridge_netmask = 0.0.0.0
Fri Aug 21 18:01:49 2015 us=940059   server_bridge_pool_start = 0.0.0.0
Fri Aug 21 18:01:49 2015 us=940075   server_bridge_pool_end = 0.0.0.0
Fri Aug 21 18:01:49 2015 us=940090   ifconfig_pool_defined = DISABLED
Fri Aug 21 18:01:49 2015 us=940106   ifconfig_pool_start = 0.0.0.0
Fri Aug 21 18:01:49 2015 us=940121   ifconfig_pool_end = 0.0.0.0
Fri Aug 21 18:01:49 2015 us=940137   ifconfig_pool_netmask = 0.0.0.0
Fri Aug 21 18:01:49 2015 us=940152   ifconfig_pool_persist_filename = '[UNDEF]'
Fri Aug 21 18:01:49 2015 us=940168   ifconfig_pool_persist_refresh_freq = 600
Fri Aug 21 18:01:49 2015 us=940183   ifconfig_ipv6_pool_defined = DISABLED
Fri Aug 21 18:01:49 2015 us=940199   ifconfig_ipv6_pool_base = ::
Fri Aug 21 18:01:49 2015 us=940214   ifconfig_ipv6_pool_netbits = 0
Fri Aug 21 18:01:49 2015 us=940229   n_bcast_buf = 256
Fri Aug 21 18:01:49 2015 us=940244   tcp_queue_limit = 64
Fri Aug 21 18:01:49 2015 us=940259   real_hash_size = 256
Fri Aug 21 18:01:49 2015 us=940274   virtual_hash_size = 256
Fri Aug 21 18:01:49 2015 us=940299   client_connect_script = '[UNDEF]'
Fri Aug 21 18:01:49 2015 us=940315   learn_address_script = '[UNDEF]'
Fri Aug 21 18:01:49 2015 us=940341   client_disconnect_script = '[UNDEF]'
Fri Aug 21 18:01:49 2015 us=940356   client_config_dir = '[UNDEF]'
Fri Aug 21 18:01:49 2015 us=940372   ccd_exclusive = DISABLED
Fri Aug 21 18:01:49 2015 us=940386   tmp_dir = '/tmp'
Fri Aug 21 18:01:49 2015 us=940401   push_ifconfig_defined = DISABLED
Fri Aug 21 18:01:49 2015 us=940417   push_ifconfig_local = 0.0.0.0
Fri Aug 21 18:01:49 2015 us=940433   push_ifconfig_remote_netmask = 0.0.0.0
Fri Aug 21 18:01:49 2015 us=940448   push_ifconfig_ipv6_defined = DISABLED
Fri Aug 21 18:01:49 2015 us=940464   push_ifconfig_ipv6_local = ::/0
Fri Aug 21 18:01:49 2015 us=940480   push_ifconfig_ipv6_remote = ::
Fri Aug 21 18:01:49 2015 us=940495   enable_c2c = DISABLED
Fri Aug 21 18:01:49 2015 us=940509   duplicate_cn = DISABLED
Fri Aug 21 18:01:49 2015 us=940524   cf_max = 0
Fri Aug 21 18:01:49 2015 us=940539   cf_per = 0
Fri Aug 21 18:01:49 2015 us=940554   max_clients = 1024
Fri Aug 21 18:01:49 2015 us=940569   max_routes_per_client = 256
Fri Aug 21 18:01:49 2015 us=940584   auth_user_pass_verify_script = '[UNDEF]'
Fri Aug 21 18:01:49 2015 us=940599   auth_user_pass_verify_script_via_file = DISABLED
Fri Aug 21 18:01:49 2015 us=940615   port_share_host = '[UNDEF]'
Fri Aug 21 18:01:49 2015 us=940630   port_share_port = 0
Fri Aug 21 18:01:49 2015 us=940644   client = ENABLED
Fri Aug 21 18:01:49 2015 us=940659   pull = ENABLED
Fri Aug 21 18:01:49 2015 us=940674   auth_user_pass_file = 'stdin'
Fri Aug 21 18:01:49 2015 us=940690 OpenVPN 2.3.4 x86_64-suse-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on May  1 2014
Fri Aug 21 18:01:49 2015 us=940715 library versions: OpenSSL 1.0.1k-fips 8 Jan 2015, LZO 2.08
Enter Auth Username: *****
Enter Auth Password: *****
Fri Aug 21 18:01:55 2015 us=925455 LZO compression initialized
Fri Aug 21 18:01:55 2015 us=925622 Control Channel MTU parms [ L:1574 D:138 EF:38 EB:0 ET:0 EL:0 ]
Fri Aug 21 18:01:55 2015 us=925690 Socket Buffers: R=[212992->131072] S=[212992->131072]
Fri Aug 21 18:01:55 2015 us=925976 Data Channel MTU parms [ L:1574 D:1450 EF:42 EB:135 ET:32 EL:0 AF:3/1 ]
Fri Aug 21 18:01:55 2015 us=926029 Local Options String: 'V4,dev-type tap,link-mtu 1574,tun-mtu 1532,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Fri Aug 21 18:01:55 2015 us=926052 Expected Remote Options String: 'V4,dev-type tap,link-mtu 1574,tun-mtu 1532,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Fri Aug 21 18:01:55 2015 us=926091 Local Options hash (VER=V4): '215690d9'
Fri Aug 21 18:01:55 2015 us=926123 Expected Remote Options hash (VER=V4): 'e1608fa9'
Fri Aug 21 18:01:55 2015 us=926157 UDPv4 link local: [undef]
Fri Aug 21 18:01:55 2015 us=926181 UDPv4 link remote: [AF_INET]1.*.*.*:11994
Fri Aug 21 18:01:56 2015 us=4841 TLS: Initial packet from [AF_INET]1.*.*.*:11994, sid=3c6a0909 53f81c2b
Fri Aug 21 18:01:56 2015 us=5027 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Fri Aug 21 18:01:56 2015 us=578248 VERIFY OK: depth=1, C=TW, ST=TW, L=Taipei, O=ASUS, CN=RT-AC68U, emailAddress=me@myhost.mydomain
Fri Aug 21 18:01:56 2015 us=578562 VERIFY OK: nsCertType=SERVER
Fri Aug 21 18:01:56 2015 us=578588 VERIFY OK: depth=0, C=TW, ST=TW, L=Taipei, O=ASUS, CN=RT-AC68U, emailAddress=me@myhost.mydomain
Fri Aug 21 18:01:57 2015 us=532991 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Fri Aug 21 18:01:57 2015 us=533055 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Aug 21 18:01:57 2015 us=533168 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Fri Aug 21 18:01:57 2015 us=533191 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Aug 21 18:01:57 2015 us=533341 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Fri Aug 21 18:01:57 2015 us=533431 [RT-AC68U] Peer Connection Initiated with [AF_INET]1.*.*.*:11994
Fri Aug 21 18:01:59 2015 us=380212 SENT CONTROL [RT-AC68U]: 'PUSH_REQUEST' (status=1)
Fri Aug 21 18:01:59 2015 us=456549 PUSH: Received control message: 'PUSH_REPLY,route 0.0.0.0 255.255.255.255 net_gateway,route-gateway dhcp,ping 15,ping-restart 60'
Fri Aug 21 18:01:59 2015 us=456677 OPTIONS IMPORT: timers and/or timeouts modified
Fri Aug 21 18:01:59 2015 us=456702 OPTIONS IMPORT: route options modified
Fri Aug 21 18:01:59 2015 us=456720 OPTIONS IMPORT: route-related options modified
Fri Aug 21 18:01:59 2015 us=456951 ROUTE_GATEWAY 192.168.11.1/255.255.255.0 IFACE=wlp2s0 HWADDR=00:26:5e:f7:80:89
Fri Aug 21 18:01:59 2015 us=457451 TUN/TAP device tap0 opened
Fri Aug 21 18:01:59 2015 us=457490 TUN/TAP TX queue length set to 100
Fri Aug 21 18:01:59 2015 us=457570 /bin/ip route add 0.0.0.0/32 via 192.168.11.1
RTNETLINK answers: File exists
Fri Aug 21 18:01:59 2015 us=462177 ERROR: Linux route add command failed: external program exited with error status: 2
Fri Aug 21 18:01:59 2015 us=462263 Initialization Sequence Completed
Top
User avatar
maikcat
Forum Team
Posts: 4200
Joined: Wed Jan 12, 2011 9:23 am
Location: Athens,Greece
Contact:
Contact maikcat

Re: Linux Client: Route Add Command Failed

Post by maikcat » Tue Aug 25, 2015 8:36 am

can you please explain whats this for?

Code: Select all

push "route 0.0.0.0 255.255.255.255 net_gateway"
Michael.
Top
coded
OpenVpn Newbie
Posts: 3
Joined: Fri Aug 21, 2015 6:01 pm

Re: Linux Client: Route Add Command Failed

Post by coded » Thu Aug 27, 2015 3:16 am

maikcat wrote:can you please explain whats this for?

Code: Select all

push "route 0.0.0.0 255.255.255.255 net_gateway"
Michael.

I didn't create the server file it was automatically created by the router and works for other devices(windows and chromeos, don't think I have tested mac). After disabling the firewall on OpenSuse the "route add command fails" error goes away and this is the oupput. However it still fails to bring up the tap device(it is missing in ifconfig and route doesn't show the vpn network).

Code: Select all

Enter Auth Username: *****
Enter Auth Password: *****
Wed Aug 26 22:10:12 2015 us=925449 LZO compression initialized
Wed Aug 26 22:10:12 2015 us=925599 Control Channel MTU parms [ L:1574 D:138 EF:38 EB:0 ET:0 EL:0 ]
Wed Aug 26 22:10:12 2015 us=925666 Socket Buffers: R=[212992->131072] S=[212992->131072]
Wed Aug 26 22:10:12 2015 us=925980 Data Channel MTU parms [ L:1574 D:1450 EF:42 EB:135 ET:32 EL:0 AF:3/1 ]
Wed Aug 26 22:10:12 2015 us=926030 Local Options String: 'V4,dev-type tap,link-mtu 1574,tun-mtu 1532,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Wed Aug 26 22:10:12 2015 us=926052 Expected Remote Options String: 'V4,dev-type tap,link-mtu 1574,tun-mtu 1532,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Wed Aug 26 22:10:12 2015 us=926093 Local Options hash (VER=V4): '215690d9'
Wed Aug 26 22:10:12 2015 us=926132 Expected Remote Options hash (VER=V4): 'e1608fa9'
Wed Aug 26 22:10:12 2015 us=926167 UDPv4 link local: [undef]
Wed Aug 26 22:10:12 2015 us=926191 UDPv4 link remote: [AF_INET]1.*.*.*:11994
Wed Aug 26 22:10:13 2015 us=2974 TLS: Initial packet from [AF_INET]1.*.*.*:11994, sid=e4919f3f f4174386
Wed Aug 26 22:10:13 2015 us=3128 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Wed Aug 26 22:10:13 2015 us=672341 VERIFY OK: depth=1, C=TW, ST=TW, L=Taipei, O=ASUS, CN=RT-AC68U, emailAddress=me@myhost.mydomain
Wed Aug 26 22:10:13 2015 us=672641 VERIFY OK: nsCertType=SERVER
Wed Aug 26 22:10:13 2015 us=672667 VERIFY OK: depth=0, C=TW, ST=TW, L=Taipei, O=ASUS, CN=RT-AC68U, emailAddress=me@myhost.mydomain
Wed Aug 26 22:10:14 2015 us=800244 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Aug 26 22:10:14 2015 us=800305 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Aug 26 22:10:14 2015 us=800418 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Aug 26 22:10:14 2015 us=800441 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Aug 26 22:10:14 2015 us=800511 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Wed Aug 26 22:10:14 2015 us=800555 [RT-AC68U] Peer Connection Initiated with [AF_INET]1.*.*.*:11994
Wed Aug 26 22:10:16 2015 us=477084 SENT CONTROL [RT-AC68U]: 'PUSH_REQUEST' (status=1)
Wed Aug 26 22:10:16 2015 us=574163 PUSH: Received control message: 'PUSH_REPLY,route 0.0.0.0 255.255.255.255 net_gateway,route-gateway dhcp,ping 15,ping-restart 60'
Wed Aug 26 22:10:16 2015 us=574309 OPTIONS IMPORT: timers and/or timeouts modified
Wed Aug 26 22:10:16 2015 us=574333 OPTIONS IMPORT: route options modified
Wed Aug 26 22:10:16 2015 us=574350 OPTIONS IMPORT: route-related options modified
Wed Aug 26 22:10:16 2015 us=574570 ROUTE_GATEWAY 192.168.11.1/255.255.255.0 IFACE=wlp2s0 HWADDR=00:26:5e:f7:80:89
Wed Aug 26 22:10:16 2015 us=617929 TUN/TAP device tap0 opened
Wed Aug 26 22:10:16 2015 us=617978 TUN/TAP TX queue length set to 100
Wed Aug 26 22:10:16 2015 us=618037 /bin/ip route add 0.0.0.0/32 via 192.168.11.1
Wed Aug 26 22:10:16 2015 us=651139 Initialization Sequence Completed
Top
User avatar
maikcat
Forum Team
Posts: 4200
Joined: Wed Jan 12, 2011 9:23 am
Location: Athens,Greece
Contact:
Contact maikcat

Re: Linux Client: Route Add Command Failed

Post by maikcat » Thu Aug 27, 2015 9:52 am

However it still fails to bring up the tap device(it is missing in ifconfig and route doesn't show the vpn network).
in your logs

Code: Select all

Wed Aug 26 22:10:16 2015 us=617929 TUN/TAP device tap0 opened
your bridging setup uses your lan side DHCP server, meaning that for some reason it
does not provides your client with an ip

FYI, this:

Code: Select all

push "route 0.0.0.0 255.255.255.255 net_gateway"
is for protecting the client if your dhcp hands over a default gateway as well...
server side logs?

also disable apparmour on opensuse while testing...


Michael.
Top
Post Reply

Return to “Server Administration”