HOWTO: Request Help !

All comments and questions related to the functionality of the OpenVPN web pages and forum should go here.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Post Reply
TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

HOWTO: Request Help !

Post by TinCanTech » Tue Oct 11, 2016 2:30 pm

Welcome to OpenVPN: HOWTO Request Help

Please Identify your version of Openvpn




To search the Forum please use a search provider like so:
  • Enter this into the input field to search for redirect-gateway def1

    Code: Select all

    site:forums.openvpn.net "redirect-gateway def1"
    Notice the "site:" operator, which is not followed by a space but is directly followed by the site URL.


For help connecting to an Online VPN Service Provider

If all else fails please post here
Have a nice day :D

Thank you.
Last edited by Pippin on Wed Dec 14, 2022 3:02 pm, edited 1 time in total.

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: HOWTO: Request Help !

Post by TinCanTech » Thu Mar 23, 2017 1:26 pm

For help connecting to an Online VPN Service Provider
OpenVPN humbly apologise for asking you to read this.

Below is an example of how to get help for openvpn community edition:

In summary, if you have been asked to read this post then we require to see:
  • Your server configuration file.
    If you are using a Router with OpenVPN then please consult your Router support channel.
    The details of your server configuration are mandatory.
    Please use BBCODE [oconf=server]
  • Your server log file at --verb 4
    Which means put the words "verb 4" into your configuration file and restart your server
    Please use BBCODE [code]
  • Your client configuration file
    Do not include the DNS name or IP address of your server.
    Please use BBCODE [oconf=client]
  • Your client log file at --verb 4
    Which means put the words "verb 4" into your configuration file and restart your client
    Please use BBCODE [code]
  • Do not include the DNS name or IP address of your server.
    Open your log file in a text editor and replace the server IP address with "x.x.x.x"
    Open your log file in a text editor and delete the DNS name of your server
    which appears only once and is located at line 17 (approx) of the log file
  • Take note, we can only comment on what you post, we do not have access to your system.
    Therefore, the quality of our replies will reflect the quality of the information in your thread.

Thank you

EXAMPLE:

* Server *

Operating system:

Code: Select all

# uname -a
Linux my_pc 3.16.0-38-generic #52~14.04.1-Ubuntu SMP Fri May 8 09:43:57 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
Network setup:

Code: Select all

$ ifconfig
eth0      Link encap:Ethernet  HWaddr 00:30:1b:42:65:ac  
          inet addr:10.1.101.101  Bcast:10.1.101.255  Mask:255.255.255.0
          inet6 addr: fe80::230:1bff:fe42:65ac/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:69732 errors:0 dropped:0 overruns:0 frame:0
          TX packets:55761 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:42033514 (42.0 MB)  TX bytes:8046997 (8.0 MB)

eth1      Link encap:Ethernet  HWaddr 00:50:04:d0:50:0f  
          inet6 addr: fe80::250:4ff:fed0:500f/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:28 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 B)  TX bytes:5331 (5.3 KB)
          Interrupt:17 Base address:0xc000 

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:284 errors:0 dropped:0 overruns:0 frame:0
          TX packets:284 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:33669 (33.6 KB)  TX bytes:33669 (33.6 KB)
Server config file:
server.conf
cd /etc/openvpn
dev tuns108
port 11948

server 10.8.0.0 255.255.255.0

server-ipv6 12fc:1918::10:8:0:0/112

keepalive 10 60
comp-lzo no
push "comp-lzo no"
push "explicit-exit-notify 3"

log defaults/108.log
verb 4


client-config-dir defaults/ccd
ccd-exclusive

script-security 3
;auth-user-pass-optional
auth-user-pass-verify defaults/userpass.sh via-env

tls-auth defaults/ta.key 0
ca defaults/ca.crt
cert defaults/defaults.crt
key defaults/defaults.key # This file should be kept secret
dh defaults/dh-4096b.pem


Server log (at --verb 4 and client IP address removed)

Code: Select all

Thu Mar 23 12:28:43 2017 us=789305 Current Parameter Settings:
Thu Mar 23 12:28:43 2017 us=789424   config = '/etc/openvpn/defs108.conf'
Thu Mar 23 12:28:43 2017 us=789445   mode = 1
Thu Mar 23 12:28:43 2017 us=789464   persist_config = DISABLED
Thu Mar 23 12:28:43 2017 us=789482   persist_mode = 1
Thu Mar 23 12:28:43 2017 us=789500   show_ciphers = DISABLED
Thu Mar 23 12:28:43 2017 us=789518   show_digests = DISABLED
Thu Mar 23 12:28:43 2017 us=789536   show_engines = DISABLED
Thu Mar 23 12:28:43 2017 us=789554   genkey = DISABLED
Thu Mar 23 12:28:43 2017 us=789572   key_pass_file = '[UNDEF]'
Thu Mar 23 12:28:43 2017 us=789590   show_tls_ciphers = DISABLED
Thu Mar 23 12:28:43 2017 us=789609   connect_retry_max = 0
Thu Mar 23 12:28:43 2017 us=789627 Connection profiles [0]:
Thu Mar 23 12:28:43 2017 us=789646   proto = udp
Thu Mar 23 12:28:43 2017 us=789664   local = '[UNDEF]'
Thu Mar 23 12:28:43 2017 us=789683   local_port = '11948'
Thu Mar 23 12:28:43 2017 us=789700   remote = '[UNDEF]'
Thu Mar 23 12:28:43 2017 us=789718   remote_port = '11948'
Thu Mar 23 12:28:43 2017 us=789736   remote_float = DISABLED
Thu Mar 23 12:28:43 2017 us=789753   bind_defined = DISABLED
Thu Mar 23 12:28:43 2017 us=789771   bind_local = ENABLED
Thu Mar 23 12:28:43 2017 us=789789   bind_ipv6_only = DISABLED
Thu Mar 23 12:28:43 2017 us=789806   connect_retry_seconds = 5
Thu Mar 23 12:28:43 2017 us=789824   connect_timeout = 120
Thu Mar 23 12:28:43 2017 us=789842   socks_proxy_server = '[UNDEF]'
Thu Mar 23 12:28:43 2017 us=789860   socks_proxy_port = '[UNDEF]'
Thu Mar 23 12:28:43 2017 us=789877   tun_mtu = 1500
Thu Mar 23 12:28:43 2017 us=789895   tun_mtu_defined = ENABLED
Thu Mar 23 12:28:43 2017 us=789913   link_mtu = 1500
Thu Mar 23 12:28:43 2017 us=789930   link_mtu_defined = DISABLED
Thu Mar 23 12:28:43 2017 us=789948   tun_mtu_extra = 0
Thu Mar 23 12:28:43 2017 us=789966   tun_mtu_extra_defined = DISABLED
Thu Mar 23 12:28:43 2017 us=789984   mtu_discover_type = -1
Thu Mar 23 12:28:43 2017 us=790001   fragment = 0
Thu Mar 23 12:28:43 2017 us=790019   mssfix = 1450
Thu Mar 23 12:28:43 2017 us=790037   explicit_exit_notification = 0
Thu Mar 23 12:28:43 2017 us=790055 Connection profiles END
Thu Mar 23 12:28:43 2017 us=790073   remote_random = DISABLED
Thu Mar 23 12:28:43 2017 us=790091   ipchange = '[UNDEF]'
Thu Mar 23 12:28:43 2017 us=790109   dev = 'tun108'
Thu Mar 23 12:28:43 2017 us=790127   dev_type = '[UNDEF]'
Thu Mar 23 12:28:43 2017 us=790144   dev_node = '[UNDEF]'
Thu Mar 23 12:28:43 2017 us=790163   lladdr = '[UNDEF]'
Thu Mar 23 12:28:43 2017 us=790181   topology = 1
Thu Mar 23 12:28:43 2017 us=790198   ifconfig_local = '10.8.0.1'
Thu Mar 23 12:28:43 2017 us=790217   ifconfig_remote_netmask = '10.8.0.2'
Thu Mar 23 12:28:43 2017 us=790235   ifconfig_noexec = DISABLED
Thu Mar 23 12:28:43 2017 us=790252   ifconfig_nowarn = DISABLED
Thu Mar 23 12:28:43 2017 us=790270   ifconfig_ipv6_local = '12fc:1918::10:8:0:1'
Thu Mar 23 12:28:43 2017 us=790312   ifconfig_ipv6_netbits = 112
Thu Mar 23 12:28:43 2017 us=790348   ifconfig_ipv6_remote = '12fc:1918::10:8:0:2'
Thu Mar 23 12:28:43 2017 us=790367   shaper = 0
Thu Mar 23 12:28:43 2017 us=790385   mtu_test = 0
Thu Mar 23 12:28:43 2017 us=790403   mlock = DISABLED
Thu Mar 23 12:28:43 2017 us=790421   keepalive_ping = 10
Thu Mar 23 12:28:43 2017 us=790439   keepalive_timeout = 30
Thu Mar 23 12:28:43 2017 us=790457   inactivity_timeout = 0
Thu Mar 23 12:28:43 2017 us=790475   ping_send_timeout = 10
Thu Mar 23 12:28:43 2017 us=790493   ping_rec_timeout = 60
Thu Mar 23 12:28:43 2017 us=790511   ping_rec_timeout_action = 2
Thu Mar 23 12:28:43 2017 us=790529   ping_timer_remote = DISABLED
Thu Mar 23 12:28:43 2017 us=790547   remap_sigusr1 = 0
Thu Mar 23 12:28:43 2017 us=790565   persist_tun = DISABLED
Thu Mar 23 12:28:43 2017 us=790583   persist_local_ip = DISABLED
Thu Mar 23 12:28:43 2017 us=790601   persist_remote_ip = DISABLED
Thu Mar 23 12:28:43 2017 us=790619   persist_key = DISABLED
Thu Mar 23 12:28:43 2017 us=790636   passtos = DISABLED
Thu Mar 23 12:28:43 2017 us=790655   resolve_retry_seconds = 1000000000
Thu Mar 23 12:28:43 2017 us=790685   resolve_in_advance = DISABLED
Thu Mar 23 12:28:43 2017 us=790703   username = '[UNDEF]'
Thu Mar 23 12:28:43 2017 us=790721   groupname = '[UNDEF]'
Thu Mar 23 12:28:43 2017 us=790739   chroot_dir = '[UNDEF]'
Thu Mar 23 12:28:43 2017 us=790757   cd_dir = '/etc/openvpn'
Thu Mar 23 12:28:43 2017 us=790775   writepid = '/run/openvpn/defs108.pid'
Thu Mar 23 12:28:43 2017 us=790793   up_script = '[UNDEF]'
Thu Mar 23 12:28:43 2017 us=790811   down_script = '[UNDEF]'
Thu Mar 23 12:28:43 2017 us=790829   down_pre = DISABLED
Thu Mar 23 12:28:43 2017 us=790846   up_restart = DISABLED
Thu Mar 23 12:28:43 2017 us=790864   up_delay = DISABLED
Thu Mar 23 12:28:43 2017 us=790882   daemon = ENABLED
Thu Mar 23 12:28:43 2017 us=790900   inetd = 0
Thu Mar 23 12:28:43 2017 us=790917   log = ENABLED
Thu Mar 23 12:28:43 2017 us=790935   suppress_timestamps = DISABLED
Thu Mar 23 12:28:43 2017 us=790953   machine_readable_output = DISABLED
Thu Mar 23 12:28:43 2017 us=790972   nice = 0
Thu Mar 23 12:28:43 2017 us=790990   verbosity = 4
Thu Mar 23 12:28:43 2017 us=791007   mute = 0
Thu Mar 23 12:28:43 2017 us=791025   gremlin = 0
Thu Mar 23 12:28:43 2017 us=791043   status_file = '/run/openvpn/defs108.status'
Thu Mar 23 12:28:43 2017 us=791062   status_file_version = 1
Thu Mar 23 12:28:43 2017 us=791079   status_file_update_freq = 10
Thu Mar 23 12:28:43 2017 us=791097   occ = ENABLED
Thu Mar 23 12:28:43 2017 us=791115   rcvbuf = 0
Thu Mar 23 12:28:43 2017 us=791133   sndbuf = 0
Thu Mar 23 12:28:43 2017 us=791151   mark = 0
Thu Mar 23 12:28:43 2017 us=791169   sockflags = 0
Thu Mar 23 12:28:43 2017 us=791187   fast_io = DISABLED
Thu Mar 23 12:28:43 2017 us=791205   comp.alg = 1
Thu Mar 23 12:28:43 2017 us=791223   comp.flags = 0
Thu Mar 23 12:28:43 2017 us=791241   route_script = '[UNDEF]'
Thu Mar 23 12:28:43 2017 us=791260   route_default_gateway = '[UNDEF]'
Thu Mar 23 12:28:43 2017 us=791278   route_default_metric = 0
Thu Mar 23 12:28:43 2017 us=791296   route_noexec = DISABLED
Thu Mar 23 12:28:43 2017 us=791314   route_delay = 0
Thu Mar 23 12:28:43 2017 us=791332   route_delay_window = 30
Thu Mar 23 12:28:43 2017 us=791350   route_delay_defined = DISABLED
Thu Mar 23 12:28:43 2017 us=791368   route_nopull = DISABLED
Thu Mar 23 12:28:43 2017 us=791386   route_gateway_via_dhcp = DISABLED
Thu Mar 23 12:28:43 2017 us=791404   allow_pull_fqdn = DISABLED
Thu Mar 23 12:28:43 2017 us=791423   route 10.8.0.0/255.255.255.0/default (not set)/default (not set)
Thu Mar 23 12:28:43 2017 us=791442   management_addr = '127.0.0.1'
Thu Mar 23 12:28:43 2017 us=791460   management_port = '11948'
Thu Mar 23 12:28:43 2017 us=791479   management_user_pass = '[UNDEF]'
Thu Mar 23 12:28:43 2017 us=791497   management_log_history_cache = 250
Thu Mar 23 12:28:43 2017 us=791516   management_echo_buffer_size = 100
Thu Mar 23 12:28:43 2017 us=791534   management_write_peer_info_file = '[UNDEF]'
Thu Mar 23 12:28:43 2017 us=791553   management_client_user = '[UNDEF]'
Thu Mar 23 12:28:43 2017 us=791571   management_client_group = '[UNDEF]'
Thu Mar 23 12:28:43 2017 us=791589   management_flags = 0
Thu Mar 23 12:28:43 2017 us=791607   shared_secret_file = '[UNDEF]'
Thu Mar 23 12:28:43 2017 us=791625   key_direction = 1
Thu Mar 23 12:28:43 2017 us=791643   ciphername = 'BF-CBC'
Thu Mar 23 12:28:43 2017 us=791661   ncp_enabled = ENABLED
Thu Mar 23 12:28:43 2017 us=791679   ncp_ciphers = 'AES-256-GCM:AES-128-GCM'
Thu Mar 23 12:28:43 2017 us=791698   authname = 'SHA1'
Thu Mar 23 12:28:43 2017 us=791716   prng_hash = 'SHA1'
Thu Mar 23 12:28:43 2017 us=791735   prng_nonce_secret_len = 16
Thu Mar 23 12:28:43 2017 us=791753   keysize = 0
Thu Mar 23 12:28:43 2017 us=791771   engine = DISABLED
Thu Mar 23 12:28:43 2017 us=791789   replay = ENABLED
Thu Mar 23 12:28:43 2017 us=791807   mute_replay_warnings = DISABLED
Thu Mar 23 12:28:43 2017 us=791825   replay_window = 64
Thu Mar 23 12:28:43 2017 us=791844   replay_time = 15
Thu Mar 23 12:28:43 2017 us=791862   packet_id_file = '[UNDEF]'
Thu Mar 23 12:28:43 2017 us=791880   test_crypto = DISABLED
Thu Mar 23 12:28:43 2017 us=791913   tls_server = ENABLED
Thu Mar 23 12:28:43 2017 us=791931   tls_client = DISABLED
Thu Mar 23 12:28:43 2017 us=791949   key_method = 2
Thu Mar 23 12:28:43 2017 us=791967   ca_file = 'defaults/ca.crt'
Thu Mar 23 12:28:43 2017 us=791985   ca_path = '[UNDEF]'
Thu Mar 23 12:28:43 2017 us=792003   dh_file = 'defaults/dh-4096b.pem'
Thu Mar 23 12:28:43 2017 us=792022   cert_file = 'defaults/defaults.crt'
Thu Mar 23 12:28:43 2017 us=792040   extra_certs_file = '[UNDEF]'
Thu Mar 23 12:28:43 2017 us=792059   priv_key_file = 'defaults/defaults.key'
Thu Mar 23 12:28:43 2017 us=792077   pkcs12_file = '[UNDEF]'
Thu Mar 23 12:28:43 2017 us=792095   cipher_list = '[UNDEF]'
Thu Mar 23 12:28:43 2017 us=792113   tls_verify = '[UNDEF]'
Thu Mar 23 12:28:43 2017 us=792131   tls_export_cert = '[UNDEF]'
Thu Mar 23 12:28:43 2017 us=792149   verify_x509_type = 0
Thu Mar 23 12:28:43 2017 us=792167   verify_x509_name = '[UNDEF]'
Thu Mar 23 12:28:43 2017 us=792185   crl_file = '[UNDEF]'
Thu Mar 23 12:28:43 2017 us=792203   ns_cert_type = 0
Thu Mar 23 12:28:43 2017 us=792221   remote_cert_ku[i] = 0
Thu Mar 23 12:28:43 2017 us=792239   remote_cert_ku[i] = 0
Thu Mar 23 12:28:43 2017 us=792257   remote_cert_ku[i] = 0
Thu Mar 23 12:28:43 2017 us=792275   remote_cert_ku[i] = 0
Thu Mar 23 12:28:43 2017 us=792293   remote_cert_ku[i] = 0
Thu Mar 23 12:28:43 2017 us=792311   remote_cert_ku[i] = 0
Thu Mar 23 12:28:43 2017 us=792329   remote_cert_ku[i] = 0
Thu Mar 23 12:28:43 2017 us=792347   remote_cert_ku[i] = 0
Thu Mar 23 12:28:43 2017 us=792365   remote_cert_ku[i] = 0
Thu Mar 23 12:28:43 2017 us=792383   remote_cert_ku[i] = 0
Thu Mar 23 12:28:43 2017 us=792402   remote_cert_ku[i] = 0
Thu Mar 23 12:28:43 2017 us=792420   remote_cert_ku[i] = 0
Thu Mar 23 12:28:43 2017 us=792438   remote_cert_ku[i] = 0
Thu Mar 23 12:28:43 2017 us=792456   remote_cert_ku[i] = 0
Thu Mar 23 12:28:43 2017 us=792474   remote_cert_ku[i] = 0
Thu Mar 23 12:28:43 2017 us=792492   remote_cert_ku[i] = 0
Thu Mar 23 12:28:43 2017 us=792510   remote_cert_eku = '[UNDEF]'
Thu Mar 23 12:28:43 2017 us=792528   ssl_flags = 8
Thu Mar 23 12:28:43 2017 us=792546   tls_timeout = 2
Thu Mar 23 12:28:43 2017 us=792564   renegotiate_bytes = -1
Thu Mar 23 12:28:43 2017 us=792582   renegotiate_packets = 0
Thu Mar 23 12:28:43 2017 us=792600   renegotiate_seconds = 3600
Thu Mar 23 12:28:43 2017 us=792618   handshake_window = 60
Thu Mar 23 12:28:43 2017 us=792636   transition_window = 3600
Thu Mar 23 12:28:43 2017 us=792653   single_session = DISABLED
Thu Mar 23 12:28:43 2017 us=792688   push_peer_info = DISABLED
Thu Mar 23 12:28:43 2017 us=792711   tls_exit = DISABLED
Thu Mar 23 12:28:43 2017 us=792735   tls_auth_file = 'defaults/ta.key'
Thu Mar 23 12:28:43 2017 us=792758   tls_crypt_file = '[UNDEF]'
Thu Mar 23 12:28:43 2017 us=792785   server_network = 10.8.0.0
Thu Mar 23 12:28:43 2017 us=792811   server_netmask = 255.255.255.0
Thu Mar 23 12:28:43 2017 us=792839   server_network_ipv6 = 12fc:1918::10:8:0:0
Thu Mar 23 12:28:43 2017 us=792862   server_netbits_ipv6 = 112
Thu Mar 23 12:28:43 2017 us=792889   server_bridge_ip = 0.0.0.0
Thu Mar 23 12:28:43 2017 us=792915   server_bridge_netmask = 0.0.0.0
Thu Mar 23 12:28:43 2017 us=792941   server_bridge_pool_start = 0.0.0.0
Thu Mar 23 12:28:43 2017 us=792966   server_bridge_pool_end = 0.0.0.0
Thu Mar 23 12:28:43 2017 us=792990   push_entry = 'comp-lzo no'
Thu Mar 23 12:28:43 2017 us=793013   push_entry = 'explicit-exit-notify 3'
Thu Mar 23 12:28:43 2017 us=793036   push_entry = 'tun-ipv6'
Thu Mar 23 12:28:43 2017 us=793060   push_entry = 'route 10.8.0.1'
Thu Mar 23 12:28:43 2017 us=793083   push_entry = 'topology net30'
Thu Mar 23 12:28:43 2017 us=793106   push_entry = 'ping 10'
Thu Mar 23 12:28:43 2017 us=793129   push_entry = 'ping-restart 30'
Thu Mar 23 12:28:43 2017 us=793152   ifconfig_pool_defined = ENABLED
Thu Mar 23 12:28:43 2017 us=793177   ifconfig_pool_start = 10.8.0.4
Thu Mar 23 12:28:43 2017 us=793203   ifconfig_pool_end = 10.8.0.251
Thu Mar 23 12:28:43 2017 us=793229   ifconfig_pool_netmask = 0.0.0.0
Thu Mar 23 12:28:43 2017 us=793252   ifconfig_pool_persist_filename = '[UNDEF]'
Thu Mar 23 12:28:43 2017 us=793287   ifconfig_pool_persist_refresh_freq = 600
Thu Mar 23 12:28:43 2017 us=793310   ifconfig_ipv6_pool_defined = ENABLED
Thu Mar 23 12:28:43 2017 us=793337   ifconfig_ipv6_pool_base = 12fc:1918::10:8:0:1000
Thu Mar 23 12:28:43 2017 us=793360   ifconfig_ipv6_pool_netbits = 112
Thu Mar 23 12:28:43 2017 us=793383   n_bcast_buf = 256
Thu Mar 23 12:28:43 2017 us=793406   tcp_queue_limit = 64
Thu Mar 23 12:28:43 2017 us=793429   real_hash_size = 256
Thu Mar 23 12:28:43 2017 us=793453   virtual_hash_size = 256
Thu Mar 23 12:28:43 2017 us=793476   client_connect_script = '[UNDEF]'
Thu Mar 23 12:28:43 2017 us=793499   learn_address_script = '[UNDEF]'
Thu Mar 23 12:28:43 2017 us=793521   client_disconnect_script = '[UNDEF]'
Thu Mar 23 12:28:43 2017 us=793543   client_config_dir = 'defaults/ccd'
Thu Mar 23 12:28:43 2017 us=793566   ccd_exclusive = ENABLED
Thu Mar 23 12:28:43 2017 us=793588   tmp_dir = '/tmp'
Thu Mar 23 12:28:43 2017 us=793612   push_ifconfig_defined = DISABLED
Thu Mar 23 12:28:43 2017 us=793641   push_ifconfig_local = 0.0.0.0
Thu Mar 23 12:28:43 2017 us=793663   push_ifconfig_remote_netmask = 0.0.0.0
Thu Mar 23 12:28:43 2017 us=793682   push_ifconfig_ipv6_defined = DISABLED
Thu Mar 23 12:28:43 2017 us=793702   push_ifconfig_ipv6_local = ::/0
Thu Mar 23 12:28:43 2017 us=793720   push_ifconfig_ipv6_remote = ::
Thu Mar 23 12:28:43 2017 us=793738   enable_c2c = DISABLED
Thu Mar 23 12:28:43 2017 us=793756   duplicate_cn = DISABLED
Thu Mar 23 12:28:43 2017 us=793773   cf_max = 0
Thu Mar 23 12:28:43 2017 us=793791   cf_per = 0
Thu Mar 23 12:28:43 2017 us=793808   max_clients = 1024
Thu Mar 23 12:28:43 2017 us=793826   max_routes_per_client = 256
Thu Mar 23 12:28:43 2017 us=793844   auth_user_pass_verify_script = 'defaults/userpass.sh'
Thu Mar 23 12:28:43 2017 us=793862   auth_user_pass_verify_script_via_file = DISABLED
Thu Mar 23 12:28:43 2017 us=793880   auth_token_generate = DISABLED
Thu Mar 23 12:28:43 2017 us=793897   auth_token_lifetime = 0
Thu Mar 23 12:28:43 2017 us=793915   port_share_host = '[UNDEF]'
Thu Mar 23 12:28:43 2017 us=793933   port_share_port = '[UNDEF]'
Thu Mar 23 12:28:43 2017 us=793950   client = DISABLED
Thu Mar 23 12:28:43 2017 us=793968   pull = DISABLED
Thu Mar 23 12:28:43 2017 us=793985   auth_user_pass_file = '[UNDEF]'
Thu Mar 23 12:28:43 2017 us=794006 OpenVPN 2.5_git [git:master/07372a0fdeb36382] x86_64-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Feb 23 2017
Thu Mar 23 12:28:43 2017 us=794045 library versions: OpenSSL 1.0.1f 6 Jan 2014, LZO 2.06
Thu Mar 23 12:28:43 2017 us=795012 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:11948
Thu Mar 23 12:28:43 2017 us=795448 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Thu Mar 23 12:28:43 2017 us=980428 Diffie-Hellman initialized with 4096 bit key
Thu Mar 23 12:28:44 2017 us=64136 Failed to extract curve from certificate (UNDEF), using secp384r1 instead.
Thu Mar 23 12:28:44 2017 us=64204 ECDH curve secp384r1 added
Thu Mar 23 12:28:44 2017 us=71160 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Mar 23 12:28:44 2017 us=71201 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Mar 23 12:28:44 2017 us=71244 TLS-Auth MTU parms [ L:1622 D:1184 EF:66 EB:0 ET:0 EL:3 ]
Thu Mar 23 12:28:44 2017 us=71793 ROUTE_GATEWAY 10.1.101.1/255.255.255.0 IFACE=eth0 HWADDR=00:30:1b:42:65:ac
Thu Mar 23 12:28:44 2017 us=72370 TUN/TAP device tun108 opened
Thu Mar 23 12:28:44 2017 us=72418 TUN/TAP TX queue length set to 100
Thu Mar 23 12:28:44 2017 us=72464 do_ifconfig, tt->did_ifconfig_ipv6_setup=1
Thu Mar 23 12:28:44 2017 us=72519 /sbin/ifconfig tun108 10.8.0.1 pointopoint 10.8.0.2 mtu 1500
Thu Mar 23 12:28:44 2017 us=79910 /sbin/ifconfig tun108 add 12fc:1918::10:8:0:1/112
Thu Mar 23 12:28:44 2017 us=84341 /sbin/route add -net 10.8.0.0 netmask 255.255.255.0 gw 10.8.0.2
Thu Mar 23 12:28:44 2017 us=86501 Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
Thu Mar 23 12:28:44 2017 us=86588 Could not determine IPv4/IPv6 protocol. Using AF_INET
Thu Mar 23 12:28:44 2017 us=86644 Socket Buffers: R=[212992->212992] S=[212992->212992]
Thu Mar 23 12:28:44 2017 us=86686 UDPv4 link local (bound): [AF_INET][undef]:11948
Thu Mar 23 12:28:44 2017 us=86710 UDPv4 link remote: [AF_UNSPEC]
Thu Mar 23 12:28:44 2017 us=86741 MULTI: multi_init called, r=256 v=256
Thu Mar 23 12:28:44 2017 us=86813 IFCONFIG POOL IPv6: (IPv4) size=62, size_ipv6=65536, netbits=112, base_ipv6=12fc:1918::10:8:0:1000
Thu Mar 23 12:28:44 2017 us=86846 IFCONFIG POOL: base=10.8.0.4 size=62, ipv6=1
Thu Mar 23 12:28:44 2017 us=86914 Initialization Sequence Completed
Thu Mar 23 13:35:37 2017 us=228773 Authenticate/Decrypt packet error: packet HMAC authentication failed
Thu Mar 23 13:35:37 2017 us=228906 TLS Error: incoming packet authentication failed from [AF_INET]Client_ip_address:3581
Thu Mar 23 13:35:57 2017 us=400041 Authenticate/Decrypt packet error: packet HMAC authentication failed
Thu Mar 23 13:35:57 2017 us=400175 TLS Error: incoming packet authentication failed from [AF_INET]Client_ip_address:3581
Thu Mar 23 13:36:31 2017 us=938488 Authenticate/Decrypt packet error: packet HMAC authentication failed
Thu Mar 23 13:36:31 2017 us=938659 TLS Error: incoming packet authentication failed from [AF_INET]Client_ip_address:2405
Thu Mar 23 13:36:41 2017 us=698118 Authenticate/Decrypt packet error: packet HMAC authentication failed
Thu Mar 23 13:36:41 2017 us=698279 TLS Error: incoming packet authentication failed from [AF_INET]Client_ip_address:2405
secret

;Thu Mar 23 13:35:37 2017 us=228773 Authenticate/Decrypt packet error: packet HMAC authentication failed
;Thu Mar 23 13:35:37 2017 us=228906 TLS Error: incoming packet authentication failed from [AF_INET]Client_ip_address:3581



* Client *

Operating system:

Code: Select all

C:\> ver
Microsoft Windows [Version 10 .0.14393]
Network setup:

Code: Select all

C:\> ipconfig /all
Windows IP Configuration

   Host Name . . . . . . . . . . . . : w10p-dell-1
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : Yes
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter tunc0:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : TAP-Windows Adapter V9
   Physical Address. . . . . . . . . : 00-FF-14-ED-62-1A
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Network Bridge:

   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Network Adapter Multiplexor Driver
   Physical Address. . . . . . . . . : 00-FF-01-08-CD-B3
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 10.10.101.111(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 10.10.101.1
   DNS Servers . . . . . . . . . . . : 10.10.101.1
   NetBIOS over Tcpip. . . . . . . . : Disabled
Client config file:
client.ovpn
# mtu-test


# ping-timer-rem



dev-node tunc0
dev-type tun
proto udp
nobind
resolv-retry infinite
client

ca ca.crt
cert w10p.crt
key w10p.key


tls-auth ta-default.key 1

# tls-timeout 10
# tls-version-min 1.2

cipher AES-256-CBC

auth RSA-SHA512
comp-lzo no

remote-cert-tls server

reneg-sec 0

verb 4

#script-security 2

remote [my server name] [my server port] udp


Client log (at --verb 4 and server name and IP address removed)

Code: Select all

Thu Mar 23 13:29:53 2017 us=278952 Current Parameter Settings:
Thu Mar 23 13:29:53 2017 us=278952   config = 'w10client.ovpn'
Thu Mar 23 13:29:53 2017 us=278952   mode = 0
Thu Mar 23 13:29:53 2017 us=278952   show_ciphers = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   show_digests = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   show_engines = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   genkey = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   key_pass_file = '[UNDEF]'
Thu Mar 23 13:29:53 2017 us=278952   show_tls_ciphers = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   connect_retry_max = 0
Thu Mar 23 13:29:53 2017 us=278952 Connection profiles [0]:
Thu Mar 23 13:29:53 2017 us=278952   proto = udp
Thu Mar 23 13:29:53 2017 us=278952   local = '[UNDEF]'
Thu Mar 23 13:29:53 2017 us=278952   local_port = '[UNDEF]'
Thu Mar 23 13:29:53 2017 us=278952   remote = '[ my server name ]'
Thu Mar 23 13:29:53 2017 us=278952   remote_port = 'PORTNO'
Thu Mar 23 13:29:53 2017 us=278952   remote_float = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   bind_defined = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   bind_local = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   bind_ipv6_only = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   connect_retry_seconds = 5
Thu Mar 23 13:29:53 2017 us=278952   connect_timeout = 120
Thu Mar 23 13:29:53 2017 us=278952   socks_proxy_server = '[UNDEF]'
Thu Mar 23 13:29:53 2017 us=278952   socks_proxy_port = '[UNDEF]'
Thu Mar 23 13:29:53 2017 us=278952   tun_mtu = 1500
Thu Mar 23 13:29:53 2017 us=278952   tun_mtu_defined = ENABLED
Thu Mar 23 13:29:53 2017 us=278952   link_mtu = 1500
Thu Mar 23 13:29:53 2017 us=278952   link_mtu_defined = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   tun_mtu_extra = 0
Thu Mar 23 13:29:53 2017 us=278952   tun_mtu_extra_defined = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   mtu_discover_type = -1
Thu Mar 23 13:29:53 2017 us=278952   fragment = 0
Thu Mar 23 13:29:53 2017 us=278952   mssfix = 1450
Thu Mar 23 13:29:53 2017 us=278952   explicit_exit_notification = 0
Thu Mar 23 13:29:53 2017 us=278952 Connection profiles END
Thu Mar 23 13:29:53 2017 us=278952   remote_random = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   ipchange = '[UNDEF]'
Thu Mar 23 13:29:53 2017 us=278952   dev = 'tunc0'
Thu Mar 23 13:29:53 2017 us=278952   dev_type = 'tun'
Thu Mar 23 13:29:53 2017 us=278952   dev_node = 'tunc0'
Thu Mar 23 13:29:53 2017 us=278952   lladdr = '[UNDEF]'
Thu Mar 23 13:29:53 2017 us=278952   topology = 1
Thu Mar 23 13:29:53 2017 us=278952   ifconfig_local = '[UNDEF]'
Thu Mar 23 13:29:53 2017 us=278952   ifconfig_remote_netmask = '[UNDEF]'
Thu Mar 23 13:29:53 2017 us=278952   ifconfig_noexec = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   ifconfig_nowarn = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   ifconfig_ipv6_local = '[UNDEF]'
Thu Mar 23 13:29:53 2017 us=278952   ifconfig_ipv6_netbits = 0
Thu Mar 23 13:29:53 2017 us=278952   ifconfig_ipv6_remote = '[UNDEF]'
Thu Mar 23 13:29:53 2017 us=278952   shaper = 0
Thu Mar 23 13:29:53 2017 us=278952   mtu_test = 1
Thu Mar 23 13:29:53 2017 us=278952   mlock = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   keepalive_ping = 0
Thu Mar 23 13:29:53 2017 us=278952   keepalive_timeout = 0
Thu Mar 23 13:29:53 2017 us=278952   inactivity_timeout = 0
Thu Mar 23 13:29:53 2017 us=278952   ping_send_timeout = 0
Thu Mar 23 13:29:53 2017 us=278952   ping_rec_timeout = 0
Thu Mar 23 13:29:53 2017 us=278952   ping_rec_timeout_action = 0
Thu Mar 23 13:29:53 2017 us=278952   ping_timer_remote = ENABLED
Thu Mar 23 13:29:53 2017 us=278952   remap_sigusr1 = 0
Thu Mar 23 13:29:53 2017 us=278952   persist_tun = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   persist_local_ip = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   persist_remote_ip = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   persist_key = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   passtos = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   resolve_retry_seconds = 1000000000
Thu Mar 23 13:29:53 2017 us=278952   resolve_in_advance = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   username = '[UNDEF]'
Thu Mar 23 13:29:53 2017 us=278952   groupname = '[UNDEF]'
Thu Mar 23 13:29:53 2017 us=278952   chroot_dir = '[UNDEF]'
Thu Mar 23 13:29:53 2017 us=278952   cd_dir = '[UNDEF]'
Thu Mar 23 13:29:53 2017 us=278952   writepid = '[UNDEF]'
Thu Mar 23 13:29:53 2017 us=278952   up_script = '[UNDEF]'
Thu Mar 23 13:29:53 2017 us=278952   down_script = '[UNDEF]'
Thu Mar 23 13:29:53 2017 us=278952   down_pre = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   up_restart = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   up_delay = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   daemon = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   inetd = 0
Thu Mar 23 13:29:53 2017 us=278952   log = ENABLED
Thu Mar 23 13:29:53 2017 us=278952   suppress_timestamps = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   machine_readable_output = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   nice = 0
Thu Mar 23 13:29:53 2017 us=278952   verbosity = 4
Thu Mar 23 13:29:53 2017 us=278952   mute = 0
Thu Mar 23 13:29:53 2017 us=278952   gremlin = 0
Thu Mar 23 13:29:53 2017 us=278952   status_file = '[UNDEF]'
Thu Mar 23 13:29:53 2017 us=278952   status_file_version = 1
Thu Mar 23 13:29:53 2017 us=278952   status_file_update_freq = 60
Thu Mar 23 13:29:53 2017 us=278952   occ = ENABLED
Thu Mar 23 13:29:53 2017 us=278952   rcvbuf = 0
Thu Mar 23 13:29:53 2017 us=278952   sndbuf = 0
Thu Mar 23 13:29:53 2017 us=278952   sockflags = 0
Thu Mar 23 13:29:53 2017 us=278952   fast_io = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   comp.alg = 1
Thu Mar 23 13:29:53 2017 us=278952   comp.flags = 0
Thu Mar 23 13:29:53 2017 us=278952   route_script = '[UNDEF]'
Thu Mar 23 13:29:53 2017 us=278952   route_default_gateway = '[UNDEF]'
Thu Mar 23 13:29:53 2017 us=278952   route_default_metric = 0
Thu Mar 23 13:29:53 2017 us=278952   route_noexec = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   route_delay = 5
Thu Mar 23 13:29:53 2017 us=278952   route_delay_window = 30
Thu Mar 23 13:29:53 2017 us=278952   route_delay_defined = ENABLED
Thu Mar 23 13:29:53 2017 us=278952   route_nopull = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   route_gateway_via_dhcp = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   allow_pull_fqdn = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   management_addr = '127.0.0.1'
Thu Mar 23 13:29:53 2017 us=278952   management_port = '25347'
Thu Mar 23 13:29:53 2017 us=278952   management_user_pass = 'stdin'
Thu Mar 23 13:29:53 2017 us=278952   management_log_history_cache = 250
Thu Mar 23 13:29:53 2017 us=278952   management_echo_buffer_size = 100
Thu Mar 23 13:29:53 2017 us=278952   management_write_peer_info_file = '[UNDEF]'
Thu Mar 23 13:29:53 2017 us=278952   management_client_user = '[UNDEF]'
Thu Mar 23 13:29:53 2017 us=278952   management_client_group = '[UNDEF]'
Thu Mar 23 13:29:53 2017 us=278952   management_flags = 6
Thu Mar 23 13:29:53 2017 us=278952   shared_secret_file = '[UNDEF]'
Thu Mar 23 13:29:53 2017 us=278952   key_direction = 2
Thu Mar 23 13:29:53 2017 us=278952   ciphername = 'AES-256-CBC'
Thu Mar 23 13:29:53 2017 us=278952   ncp_enabled = ENABLED
Thu Mar 23 13:29:53 2017 us=278952   ncp_ciphers = 'AES-256-GCM:AES-128-GCM'
Thu Mar 23 13:29:53 2017 us=278952   authname = 'RSA-SHA512'
Thu Mar 23 13:29:53 2017 us=278952   prng_hash = 'SHA1'
Thu Mar 23 13:29:53 2017 us=278952   prng_nonce_secret_len = 16
Thu Mar 23 13:29:53 2017 us=278952   keysize = 0
Thu Mar 23 13:29:53 2017 us=278952   engine = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   replay = ENABLED
Thu Mar 23 13:29:53 2017 us=278952   mute_replay_warnings = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   replay_window = 64
Thu Mar 23 13:29:53 2017 us=278952   replay_time = 15
Thu Mar 23 13:29:53 2017 us=278952   packet_id_file = '[UNDEF]'
Thu Mar 23 13:29:53 2017 us=278952   use_iv = ENABLED
Thu Mar 23 13:29:53 2017 us=278952   test_crypto = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   tls_server = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   tls_client = ENABLED
Thu Mar 23 13:29:53 2017 us=278952   key_method = 2
Thu Mar 23 13:29:53 2017 us=278952   ca_file = 'ca.crt'
Thu Mar 23 13:29:53 2017 us=278952   ca_path = '[UNDEF]'
Thu Mar 23 13:29:53 2017 us=278952   dh_file = '[UNDEF]'
Thu Mar 23 13:29:53 2017 us=278952   cert_file = 'w10p.crt'
Thu Mar 23 13:29:53 2017 us=278952   extra_certs_file = '[UNDEF]'
Thu Mar 23 13:29:53 2017 us=278952   priv_key_file = 'w10p.key'
Thu Mar 23 13:29:53 2017 us=278952   pkcs12_file = '[UNDEF]'
Thu Mar 23 13:29:53 2017 us=278952   cryptoapi_cert = '[UNDEF]'
Thu Mar 23 13:29:53 2017 us=278952   cipher_list = '[UNDEF]'
Thu Mar 23 13:29:53 2017 us=278952   tls_verify = '[UNDEF]'
Thu Mar 23 13:29:53 2017 us=278952   tls_export_cert = '[UNDEF]'
Thu Mar 23 13:29:53 2017 us=278952   verify_x509_type = 0
Thu Mar 23 13:29:53 2017 us=278952   verify_x509_name = '[UNDEF]'
Thu Mar 23 13:29:53 2017 us=278952   crl_file = '[UNDEF]'
Thu Mar 23 13:29:53 2017 us=278952   ns_cert_type = 0
Thu Mar 23 13:29:53 2017 us=278952   remote_cert_ku[i] = 160
Thu Mar 23 13:29:53 2017 us=278952   remote_cert_ku[i] = 136
Thu Mar 23 13:29:53 2017 us=278952   remote_cert_ku[i] = 0
Thu Mar 23 13:29:53 2017 us=278952   remote_cert_ku[i] = 0
Thu Mar 23 13:29:53 2017 us=278952   remote_cert_ku[i] = 0
Thu Mar 23 13:29:53 2017 us=278952   remote_cert_ku[i] = 0
Thu Mar 23 13:29:53 2017 us=278952   remote_cert_ku[i] = 0
Thu Mar 23 13:29:53 2017 us=278952   remote_cert_ku[i] = 0
Thu Mar 23 13:29:53 2017 us=278952   remote_cert_ku[i] = 0
Thu Mar 23 13:29:53 2017 us=278952   remote_cert_ku[i] = 0
Thu Mar 23 13:29:53 2017 us=278952   remote_cert_ku[i] = 0
Thu Mar 23 13:29:53 2017 us=278952   remote_cert_ku[i] = 0
Thu Mar 23 13:29:53 2017 us=278952   remote_cert_ku[i] = 0
Thu Mar 23 13:29:53 2017 us=278952   remote_cert_ku[i] = 0
Thu Mar 23 13:29:53 2017 us=278952   remote_cert_ku[i] = 0
Thu Mar 23 13:29:53 2017 us=278952   remote_cert_ku[i] = 0
Thu Mar 23 13:29:53 2017 us=278952   remote_cert_eku = 'TLS Web Server Authentication'
Thu Mar 23 13:29:53 2017 us=278952   ssl_flags = 192
Thu Mar 23 13:29:53 2017 us=278952   tls_timeout = 10
Thu Mar 23 13:29:53 2017 us=278952   renegotiate_bytes = -1
Thu Mar 23 13:29:53 2017 us=278952   renegotiate_packets = 0
Thu Mar 23 13:29:53 2017 us=278952   renegotiate_seconds = 0
Thu Mar 23 13:29:53 2017 us=278952   handshake_window = 60
Thu Mar 23 13:29:53 2017 us=278952   transition_window = 3600
Thu Mar 23 13:29:53 2017 us=278952   single_session = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   push_peer_info = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   tls_exit = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   tls_auth_file = 'ta-default.key'
Thu Mar 23 13:29:53 2017 us=278952   tls_crypt_file = '[UNDEF]'
Thu Mar 23 13:29:53 2017 us=278952   pkcs11_protected_authentication = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   pkcs11_protected_authentication = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   pkcs11_protected_authentication = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   pkcs11_protected_authentication = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   pkcs11_protected_authentication = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   pkcs11_protected_authentication = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   pkcs11_protected_authentication = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   pkcs11_protected_authentication = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   pkcs11_protected_authentication = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   pkcs11_protected_authentication = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   pkcs11_protected_authentication = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   pkcs11_protected_authentication = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   pkcs11_protected_authentication = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   pkcs11_protected_authentication = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   pkcs11_protected_authentication = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   pkcs11_protected_authentication = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   pkcs11_private_mode = 00000000
Thu Mar 23 13:29:53 2017 us=278952   pkcs11_private_mode = 00000000
Thu Mar 23 13:29:53 2017 us=278952   pkcs11_private_mode = 00000000
Thu Mar 23 13:29:53 2017 us=278952   pkcs11_private_mode = 00000000
Thu Mar 23 13:29:53 2017 us=278952   pkcs11_private_mode = 00000000
Thu Mar 23 13:29:53 2017 us=278952   pkcs11_private_mode = 00000000
Thu Mar 23 13:29:53 2017 us=278952   pkcs11_private_mode = 00000000
Thu Mar 23 13:29:53 2017 us=278952   pkcs11_private_mode = 00000000
Thu Mar 23 13:29:53 2017 us=278952   pkcs11_private_mode = 00000000
Thu Mar 23 13:29:53 2017 us=278952   pkcs11_private_mode = 00000000
Thu Mar 23 13:29:53 2017 us=278952   pkcs11_private_mode = 00000000
Thu Mar 23 13:29:53 2017 us=278952   pkcs11_private_mode = 00000000
Thu Mar 23 13:29:53 2017 us=278952   pkcs11_private_mode = 00000000
Thu Mar 23 13:29:53 2017 us=278952   pkcs11_private_mode = 00000000
Thu Mar 23 13:29:53 2017 us=278952   pkcs11_private_mode = 00000000
Thu Mar 23 13:29:53 2017 us=278952   pkcs11_private_mode = 00000000
Thu Mar 23 13:29:53 2017 us=278952   pkcs11_cert_private = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   pkcs11_cert_private = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   pkcs11_cert_private = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   pkcs11_cert_private = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   pkcs11_cert_private = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   pkcs11_cert_private = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   pkcs11_cert_private = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   pkcs11_cert_private = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   pkcs11_cert_private = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   pkcs11_cert_private = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   pkcs11_cert_private = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   pkcs11_cert_private = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   pkcs11_cert_private = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   pkcs11_cert_private = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   pkcs11_cert_private = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   pkcs11_cert_private = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   pkcs11_pin_cache_period = -1
Thu Mar 23 13:29:53 2017 us=278952   pkcs11_id = '[UNDEF]'
Thu Mar 23 13:29:53 2017 us=278952   pkcs11_id_management = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   server_network = 0.0.0.0
Thu Mar 23 13:29:53 2017 us=278952   server_netmask = 0.0.0.0
Thu Mar 23 13:29:53 2017 us=278952   server_network_ipv6 = ::
Thu Mar 23 13:29:53 2017 us=278952   server_netbits_ipv6 = 0
Thu Mar 23 13:29:53 2017 us=278952   server_bridge_ip = 0.0.0.0
Thu Mar 23 13:29:53 2017 us=278952   server_bridge_netmask = 0.0.0.0
Thu Mar 23 13:29:53 2017 us=278952   server_bridge_pool_start = 0.0.0.0
Thu Mar 23 13:29:53 2017 us=278952   server_bridge_pool_end = 0.0.0.0
Thu Mar 23 13:29:53 2017 us=278952   ifconfig_pool_defined = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   ifconfig_pool_start = 0.0.0.0
Thu Mar 23 13:29:53 2017 us=278952   ifconfig_pool_end = 0.0.0.0
Thu Mar 23 13:29:53 2017 us=278952   ifconfig_pool_netmask = 0.0.0.0
Thu Mar 23 13:29:53 2017 us=278952   ifconfig_pool_persist_filename = '[UNDEF]'
Thu Mar 23 13:29:53 2017 us=278952   ifconfig_pool_persist_refresh_freq = 600
Thu Mar 23 13:29:53 2017 us=278952   ifconfig_ipv6_pool_defined = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   ifconfig_ipv6_pool_base = ::
Thu Mar 23 13:29:53 2017 us=278952   ifconfig_ipv6_pool_netbits = 0
Thu Mar 23 13:29:53 2017 us=278952   n_bcast_buf = 256
Thu Mar 23 13:29:53 2017 us=278952   tcp_queue_limit = 64
Thu Mar 23 13:29:53 2017 us=278952   real_hash_size = 256
Thu Mar 23 13:29:53 2017 us=278952   virtual_hash_size = 256
Thu Mar 23 13:29:53 2017 us=278952   client_connect_script = '[UNDEF]'
Thu Mar 23 13:29:53 2017 us=278952   learn_address_script = '[UNDEF]'
Thu Mar 23 13:29:53 2017 us=278952   client_disconnect_script = '[UNDEF]'
Thu Mar 23 13:29:53 2017 us=278952   client_config_dir = '[UNDEF]'
Thu Mar 23 13:29:53 2017 us=278952   ccd_exclusive = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   tmp_dir = 'C:\Users\root\AppData\Local\Temp\'
Thu Mar 23 13:29:53 2017 us=278952   push_ifconfig_defined = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   push_ifconfig_local = 0.0.0.0
Thu Mar 23 13:29:53 2017 us=278952   push_ifconfig_remote_netmask = 0.0.0.0
Thu Mar 23 13:29:53 2017 us=278952   push_ifconfig_ipv6_defined = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   push_ifconfig_ipv6_local = ::/0
Thu Mar 23 13:29:53 2017 us=278952   push_ifconfig_ipv6_remote = ::
Thu Mar 23 13:29:53 2017 us=278952   enable_c2c = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   duplicate_cn = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   cf_max = 0
Thu Mar 23 13:29:53 2017 us=278952   cf_per = 0
Thu Mar 23 13:29:53 2017 us=278952   max_clients = 1024
Thu Mar 23 13:29:53 2017 us=278952   max_routes_per_client = 256
Thu Mar 23 13:29:53 2017 us=278952   auth_user_pass_verify_script = '[UNDEF]'
Thu Mar 23 13:29:53 2017 us=278952   auth_user_pass_verify_script_via_file = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   auth_token_generate = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   auth_token_lifetime = 0
Thu Mar 23 13:29:53 2017 us=278952   client = ENABLED
Thu Mar 23 13:29:53 2017 us=278952   pull = ENABLED
Thu Mar 23 13:29:53 2017 us=278952   auth_user_pass_file = '[UNDEF]'
Thu Mar 23 13:29:53 2017 us=278952   show_net_up = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   route_method = 3
Thu Mar 23 13:29:53 2017 us=278952   block_outside_dns = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   ip_win32_defined = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   ip_win32_type = 3
Thu Mar 23 13:29:53 2017 us=278952   dhcp_masq_offset = 0
Thu Mar 23 13:29:53 2017 us=278952   dhcp_lease_time = 31536000
Thu Mar 23 13:29:53 2017 us=278952   tap_sleep = 0
Thu Mar 23 13:29:53 2017 us=278952   dhcp_options = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   dhcp_renew = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   dhcp_pre_release = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   dhcp_release = DISABLED
Thu Mar 23 13:29:53 2017 us=278952   domain = '[UNDEF]'
Thu Mar 23 13:29:53 2017 us=278952   netbios_scope = '[UNDEF]'
Thu Mar 23 13:29:53 2017 us=278952   netbios_node_type = 0
Thu Mar 23 13:29:53 2017 us=278952   disable_nbt = DISABLED
Thu Mar 23 13:29:53 2017 us=278952 OpenVPN 2.4.0 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Jan 31 2017
Thu Mar 23 13:29:53 2017 us=278952 Windows version 6.2 (Windows 8 or greater) 64bit
Thu Mar 23 13:29:53 2017 us=278952 library versions: OpenSSL 1.0.2k  26 Jan 2017, LZO 2.09
Enter Management Password:
Thu Mar 23 13:29:53 2017 us=278952 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25347
Thu Mar 23 13:29:53 2017 us=278952 Need hold release from management interface, waiting...
Thu Mar 23 13:29:53 2017 us=747714 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25347
Thu Mar 23 13:29:53 2017 us=857077 MANAGEMENT: CMD 'state on'
Thu Mar 23 13:29:53 2017 us=857077 MANAGEMENT: CMD 'log all on'
Thu Mar 23 13:29:54 2017 us=44575 MANAGEMENT: CMD 'hold off'
Thu Mar 23 13:29:54 2017 us=44575 MANAGEMENT: CMD 'hold release'
Thu Mar 23 13:29:54 2017 us=216522 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Thu Mar 23 13:29:54 2017 us=216522 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Thu Mar 23 13:29:54 2017 us=216522 Control Channel MTU parms [ L:1622 D:1140 EF:110 EB:0 ET:0 EL:3 ]
Thu Mar 23 13:29:54 2017 us=216522 MANAGEMENT: >STATE:1490275794,RESOLVE,,,,,,
Thu Mar 23 13:29:54 2017 us=216522 RESOLVE: Cannot resolve host address: [ my server name ]:PORTNO (No such host is known. )
Thu Mar 23 13:29:54 2017 us=216522 Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
Thu Mar 23 13:29:54 2017 us=216522 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1602,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-client'
Thu Mar 23 13:29:54 2017 us=216522 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1602,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 0,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-server'
Thu Mar 23 13:29:54 2017 us=216522 MANAGEMENT: >STATE:1490275794,RESOLVE,,,,,,
Thu Mar 23 13:29:54 2017 us=216522 RESOLVE: Cannot resolve host address: [ my server name ]:PORTNO (No such host is known. )
Thu Mar 23 13:29:54 2017 us=216522 Could not determine IPv4/IPv6 protocol
Thu Mar 23 13:29:54 2017 us=216522 SIGUSR1[soft,init_instance] received, process restarting
Thu Mar 23 13:29:54 2017 us=216522 MANAGEMENT: >STATE:1490275794,RECONNECTING,init_instance,,,,,
Thu Mar 23 13:29:54 2017 us=216522 Restart pause, 5 second(s)
Thu Mar 23 13:29:59 2017 us=247765 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Thu Mar 23 13:29:59 2017 us=247765 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Thu Mar 23 13:29:59 2017 us=247765 Control Channel MTU parms [ L:1622 D:1140 EF:110 EB:0 ET:0 EL:3 ]
Thu Mar 23 13:29:59 2017 us=247765 MANAGEMENT: >STATE:1490275799,RESOLVE,,,,,,
Thu Mar 23 13:29:59 2017 us=247765 Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
Thu Mar 23 13:29:59 2017 us=247765 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1602,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-client'
Thu Mar 23 13:29:59 2017 us=247765 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1602,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 0,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-server'
Thu Mar 23 13:29:59 2017 us=247765 TCP/UDP: Preserving recently used remote address: [AF_INET]Server_ip_address:PORTNO
Thu Mar 23 13:29:59 2017 us=247765 Socket Buffers: R=[65536->65536] S=[65536->65536]
Thu Mar 23 13:29:59 2017 us=247765 UDP link local: (not bound)
Thu Mar 23 13:29:59 2017 us=247765 UDP link remote: [AF_INET]Server_ip_address:PORTNO
Thu Mar 23 13:29:59 2017 us=247765 MANAGEMENT: >STATE:1490275799,WAIT,,,,,,
Thu Mar 23 13:30:59 2017 us=763436 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Thu Mar 23 13:30:59 2017 us=763436 TLS Error: TLS handshake failed
Thu Mar 23 13:30:59 2017 us=763436 TCP/UDP: Closing socket
Thu Mar 23 13:30:59 2017 us=763436 SIGUSR1[soft,tls-error] received, process restarting
Thu Mar 23 13:30:59 2017 us=763436 MANAGEMENT: >STATE:1490275859,RECONNECTING,tls-error,,,,,
Thu Mar 23 13:30:59 2017 us=763436 Restart pause, 5 second(s)
Thu Mar 23 13:31:04 2017 us=810270 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Thu Mar 23 13:31:04 2017 us=810270 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Thu Mar 23 13:31:04 2017 us=810270 Control Channel MTU parms [ L:1622 D:1140 EF:110 EB:0 ET:0 EL:3 ]
Thu Mar 23 13:31:04 2017 us=810270 MANAGEMENT: >STATE:1490275864,RESOLVE,,,,,,
Thu Mar 23 13:31:04 2017 us=810270 Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
Thu Mar 23 13:31:04 2017 us=810270 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1602,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-client'
Thu Mar 23 13:31:04 2017 us=810270 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1602,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 0,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-server'
Thu Mar 23 13:31:04 2017 us=810270 TCP/UDP: Preserving recently used remote address: [AF_INET]Server_ip_address:PORTNO
Thu Mar 23 13:31:04 2017 us=810270 Socket Buffers: R=[65536->65536] S=[65536->65536]
Thu Mar 23 13:31:04 2017 us=810270 UDP link local: (not bound)
Thu Mar 23 13:31:04 2017 us=810270 UDP link remote: [AF_INET]Server_ip_address:PORTNO
Thu Mar 23 13:31:04 2017 us=810270 MANAGEMENT: >STATE:1490275864,WAIT,,,,,,
Thu Mar 23 13:32:04 2017 us=575879 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Thu Mar 23 13:32:04 2017 us=575879 TLS Error: TLS handshake failed
Thu Mar 23 13:32:04 2017 us=575879 TCP/UDP: Closing socket
Thu Mar 23 13:32:04 2017 us=575879 SIGUSR1[soft,tls-error] received, process restarting
Thu Mar 23 13:32:04 2017 us=575879 MANAGEMENT: >STATE:1490275924,RECONNECTING,tls-error,,,,,
Thu Mar 23 13:32:04 2017 us=575879 Restart pause, 5 second(s)
Thu Mar 23 13:32:09 2017 us=622770 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Thu Mar 23 13:32:09 2017 us=622770 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Thu Mar 23 13:32:09 2017 us=622770 Control Channel MTU parms [ L:1622 D:1140 EF:110 EB:0 ET:0 EL:3 ]
Thu Mar 23 13:32:09 2017 us=622770 MANAGEMENT: >STATE:1490275929,RESOLVE,,,,,,
Thu Mar 23 13:32:09 2017 us=622770 Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
Thu Mar 23 13:32:09 2017 us=622770 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1602,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-client'
Thu Mar 23 13:32:09 2017 us=622770 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1602,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 0,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-server'
Thu Mar 23 13:32:09 2017 us=622770 TCP/UDP: Preserving recently used remote address: [AF_INET]Server_ip_address:PORTNO
Thu Mar 23 13:32:09 2017 us=622770 Socket Buffers: R=[65536->65536] S=[65536->65536]
Thu Mar 23 13:32:09 2017 us=622770 UDP link local: (not bound)
Thu Mar 23 13:32:09 2017 us=622770 UDP link remote: [AF_INET]Server_ip_address:PORTNO
Thu Mar 23 13:32:09 2017 us=622770 MANAGEMENT: >STATE:1490275929,WAIT,,,,,,
Thu Mar 23 13:33:09 2017 us=263423 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Thu Mar 23 13:33:09 2017 us=263423 TLS Error: TLS handshake failed
Thu Mar 23 13:33:09 2017 us=263423 TCP/UDP: Closing socket
Thu Mar 23 13:33:09 2017 us=263423 SIGUSR1[soft,tls-error] received, process restarting
Thu Mar 23 13:33:09 2017 us=263423 MANAGEMENT: >STATE:1490275989,RECONNECTING,tls-error,,,,,
Thu Mar 23 13:33:09 2017 us=263423 Restart pause, 5 second(s)
Thu Mar 23 13:33:14 2017 us=310248 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Thu Mar 23 13:33:14 2017 us=310248 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Thu Mar 23 13:33:14 2017 us=310248 Control Channel MTU parms [ L:1622 D:1140 EF:110 EB:0 ET:0 EL:3 ]
Thu Mar 23 13:33:14 2017 us=310248 MANAGEMENT: >STATE:1490275994,RESOLVE,,,,,,
Thu Mar 23 13:33:14 2017 us=310248 Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
Thu Mar 23 13:33:14 2017 us=310248 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1602,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-client'
Thu Mar 23 13:33:14 2017 us=310248 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1602,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 0,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-server'
Thu Mar 23 13:33:14 2017 us=310248 TCP/UDP: Preserving recently used remote address: [AF_INET]Server_ip_address:PORTNO
Thu Mar 23 13:33:14 2017 us=310248 Socket Buffers: R=[65536->65536] S=[65536->65536]
Thu Mar 23 13:33:14 2017 us=310248 UDP link local: (not bound)
Thu Mar 23 13:33:14 2017 us=310248 UDP link remote: [AF_INET]Server_ip_address:PORTNO
Thu Mar 23 13:33:14 2017 us=310248 MANAGEMENT: >STATE:1490275994,WAIT,,,,,,
Thu Mar 23 13:33:32 2017 us=544667 TCP/UDP: Closing socket
Thu Mar 23 13:33:32 2017 us=544667 SIGTERM[hard,] received, process exiting
Thu Mar 23 13:33:32 2017 us=544667 MANAGEMENT: >STATE:1490276012,EXITING,SIGTERM,,,,,
TLS Error: TLS key negotiation failed to occur within 60 seconds .. IKR:

Code: Select all

Thu Mar 23 13:32:04 2017 us=575879 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Thu Mar 23 13:32:04 2017 us=575879 TLS Error: TLS handshake failed
Thu Mar 23 13:32:04 2017 us=575879 TCP/UDP: Closing socket
Thu Mar 23 13:32:04 2017 us=575879 SIGUSR1[soft,tls-error] received, process restarting
Thank you for your help.

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: HOWTO: Request Help !

Post by TinCanTech » Thu Mar 23, 2017 2:27 pm

In this case
TinCanTech wrote:

Code: Select all

Thu Mar 23 13:35:37 2017 us=228773 Authenticate/Decrypt packet error: packet HMAC authentication failed
Thu Mar 23 13:35:37 2017 us=228906 TLS Error: incoming packet authentication failed from [AF_INET]Client_ip_address:3581
the error is caused by:
  • the server is using --auth SHA1 (openvpn default)
  • while the client is using --auth RSA-SHA512.
--auth algo MUST match on both Server and Client.

Note: The default for --auth is SHA1 because that is all that is required. Using a higher value SHA algorithm is simply wasting your CPU time. High value SHA e.g. SHA512 does not provide any more security than [*1] SHA1.

[*1] Although this could change with time .. e.g. [*2] IoT

[*2] IoT is such an interesting discussion [comments redacted] that somebody ought to start it here.

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: HOWTO: Request Help !

Post by TinCanTech » Mon Jun 25, 2018 9:18 pm

disqualified wrote:
Thu Mar 30, 2017 11:28 pm
I still don't understand, where should I post ?
Then post here:
Openvpn Configuration.

Important News:
Thank you for taking the time to read this post, we hope it helps you.

Remember: The OpenVPN HOWTO-2

[Return to top]

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: HOWTO: Request Help !

Post by TinCanTech » Wed Mar 18, 2020 2:26 am

In addition to Easy-RSA there is now a companion utility to help manage OpenVPN specific TLS keys:
Easy-TLS can help manage TLS auth/crypt/crypt-v2 and inline files.

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: HOWTO: Request Help !

Post by TinCanTech » Sat Aug 01, 2020 11:29 am

Howto: Use BBCodes [ oconf= ] and [ code ]
  • BBCode: [ oconf=file-name ]
    • BBCode [ oconf=file-name ] will format your config file, removing private data and comments. This makes the config file safe to post publicly and considerably easier to read.
    • Click on SELECT ALL below and then copy and paste the text to your thread:

      Code: Select all

      [oconf=SERVER]
      
      # Paste your SERVER config file here
      
      [/oconf]
      
      Then paste the contents of your SERVER config file between the BBCode tags.
    • Click on SELECT ALL below and then copy and paste the text to your thread:

      Code: Select all

      [oconf=CLIENT]
      
      # Paste your CLIENT config file here
      
      [/oconf]
      
      Then paste the contents of your CLIENT config file between the BBCode tags.
  • BBCode: [ code ]
    • BBCode [ code ] can be used for all log files and code snippets.
    • Click on SELECT ALL below and then copy and paste the text to your thread:

      Code: Select all

      [code--]
      
      # Paste your --verb 4 LOG file here
      
      [/code--]
      
      To use this example you must delete the double-dash -- between code and ]

      Then paste the contents of your LOG file between the BBCode tags.
      Please use 'verb 4' in your config file before posting your complete log.

User avatar
Pippin
Forum Team
Posts: 1200
Joined: Wed Jul 01, 2015 8:03 am
Location: irc://irc.libera.chat:6697/openvpn

Re: HOWTO: Request Help !

Post by Pippin » Sat Aug 01, 2020 11:36 am

Nice, appreciated.
I gloomily came to the ironic conclusion that if you take a highly intelligent person and give them the best possible, elite education, then you will most likely wind up with an academic who is completely impervious to reality.
Halton Arp

Post Reply