Traffic not routed through VPN tunnel
Posted: Mon Sep 13, 2021 9:23 am
Hi, I'm trying to build a simple VPN configuration on a remote server and i'm encountering an issue.
Having the tunnel mounted without any errors, it turns out the client traffic never makes it through the tunnel. See the traceroute command output, where i only try to ping the server's tun interface :
user@ubuntu:~$ traceroute 10.10.0.1
traceroute to 10.10.0.1 (10.10.0.1), 30 hops max, 60 byte packets
1 * * *
2 * * *
3 * * *
4 * * *
5 * *^C
Although, my kernel routing table contains the right gateway :
user@ubuntu:~$ route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default _gateway 0.0.0.0 UG 100 0 0 ens33
10.10.0.0 0.0.0.0 255.255.128.0 U 0 0 0 tun0
link-local 0.0.0.0 255.255.0.0 U 1000 0 0 ens33
<SNIP>
Here is my client configuration :
Here is my server configuration :
client output :
server output :
Having the tunnel mounted without any errors, it turns out the client traffic never makes it through the tunnel. See the traceroute command output, where i only try to ping the server's tun interface :
user@ubuntu:~$ traceroute 10.10.0.1
traceroute to 10.10.0.1 (10.10.0.1), 30 hops max, 60 byte packets
1 * * *
2 * * *
3 * * *
4 * * *
5 * *^C
Although, my kernel routing table contains the right gateway :
user@ubuntu:~$ route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default _gateway 0.0.0.0 UG 100 0 0 ens33
10.10.0.0 0.0.0.0 255.255.128.0 U 0 0 0 tun0
link-local 0.0.0.0 255.255.0.0 U 1000 0 0 ens33
<SNIP>
Here is my client configuration :
Code: Select all
client
dev tun
proto udp
remote <server_ip> 1194
route 10.10.0.0 255.255.128.0
nobind
resolv-retry infinite
persist-key
persist-tun
comp-lzo
verb 3
cipher AES-256-CBC
<ca>
-----BEGIN CERTIFICATE-----
<SNIP>
-----END CERTIFICATE-----
</ca>
<cert>
Certificate:
<SNIP>
-----BEGIN CERTIFICATE-----
<SNIP>
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
<SNIP>
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
<SNIP>
-----END PRIVATE KEY-----
</key>
Code: Select all
local 0.0.0.0
port 1194
proto udp
dev tun
ca /etc/openvpn/easy-rsa/pki/ca.crt
cert /etc/openvpn/easy-rsa/pki/issued/server.crt
key /etc/openvpn/easy-rsa/pki/private/server.key
dh /etc/openvpn/easy-rsa/pki/dh.pem
topology subnet
server 10.10.0.0 255.255.128.0
duplicate-cn
keepalive 10 120
cipher AES-256-CBC
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 4
mute 10
explicit-exit-notify 1
Code: Select all
Mon Sep 13 10:59:40 2021 us=230681 Current Parameter Settings:
Mon Sep 13 10:59:40 2021 us=230750 config = 'vpn-test'
Mon Sep 13 10:59:40 2021 us=230761 mode = 0
Mon Sep 13 10:59:40 2021 us=230766 persist_config = DISABLED
Mon Sep 13 10:59:40 2021 us=230772 persist_mode = 1
Mon Sep 13 10:59:40 2021 us=230777 show_ciphers = DISABLED
Mon Sep 13 10:59:40 2021 us=230782 show_digests = DISABLED
Mon Sep 13 10:59:40 2021 us=230787 show_engines = DISABLED
Mon Sep 13 10:59:40 2021 us=230792 genkey = DISABLED
Mon Sep 13 10:59:40 2021 us=230797 key_pass_file = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=230802 show_tls_ciphers = DISABLED
Mon Sep 13 10:59:40 2021 us=230807 connect_retry_max = 0
Mon Sep 13 10:59:40 2021 us=230812 Connection profiles [0]:
Mon Sep 13 10:59:40 2021 us=230817 proto = udp
Mon Sep 13 10:59:40 2021 us=230822 local = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=230828 local_port = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=230833 remote = '<server_ip_address>'
Mon Sep 13 10:59:40 2021 us=230838 remote_port = '1194'
Mon Sep 13 10:59:40 2021 us=230843 remote_float = DISABLED
Mon Sep 13 10:59:40 2021 us=230848 bind_defined = DISABLED
Mon Sep 13 10:59:40 2021 us=230853 bind_local = DISABLED
Mon Sep 13 10:59:40 2021 us=230901 bind_ipv6_only = DISABLED
Mon Sep 13 10:59:40 2021 us=230914 connect_retry_seconds = 5
Mon Sep 13 10:59:40 2021 us=230920 connect_timeout = 120
Mon Sep 13 10:59:40 2021 us=230925 socks_proxy_server = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=230930 socks_proxy_port = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=230935 tun_mtu = 1500
Mon Sep 13 10:59:40 2021 us=230940 tun_mtu_defined = ENABLED
Mon Sep 13 10:59:40 2021 us=230946 link_mtu = 1500
Mon Sep 13 10:59:40 2021 us=230951 link_mtu_defined = DISABLED
Mon Sep 13 10:59:40 2021 us=230956 tun_mtu_extra = 0
Mon Sep 13 10:59:40 2021 us=230961 tun_mtu_extra_defined = DISABLED
Mon Sep 13 10:59:40 2021 us=230966 mtu_discover_type = -1
Mon Sep 13 10:59:40 2021 us=230971 fragment = 0
Mon Sep 13 10:59:40 2021 us=230976 mssfix = 1450
Mon Sep 13 10:59:40 2021 us=230981 explicit_exit_notification = 0
Mon Sep 13 10:59:40 2021 us=230987 Connection profiles END
Mon Sep 13 10:59:40 2021 us=230992 remote_random = DISABLED
Mon Sep 13 10:59:40 2021 us=230997 ipchange = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=231002 dev = 'tun'
Mon Sep 13 10:59:40 2021 us=231007 dev_type = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=231012 dev_node = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=231017 lladdr = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=231022 topology = 1
Mon Sep 13 10:59:40 2021 us=231027 ifconfig_local = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=231032 ifconfig_remote_netmask = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=231038 ifconfig_noexec = DISABLED
Mon Sep 13 10:59:40 2021 us=231042 ifconfig_nowarn = DISABLED
Mon Sep 13 10:59:40 2021 us=231047 ifconfig_ipv6_local = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=231053 ifconfig_ipv6_netbits = 0
Mon Sep 13 10:59:40 2021 us=231058 ifconfig_ipv6_remote = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=231063 shaper = 0
Mon Sep 13 10:59:40 2021 us=231068 mtu_test = 0
Mon Sep 13 10:59:40 2021 us=231076 mlock = DISABLED
Mon Sep 13 10:59:40 2021 us=231081 keepalive_ping = 0
Mon Sep 13 10:59:40 2021 us=231086 keepalive_timeout = 0
Mon Sep 13 10:59:40 2021 us=231091 inactivity_timeout = 0
Mon Sep 13 10:59:40 2021 us=231096 ping_send_timeout = 0
Mon Sep 13 10:59:40 2021 us=231101 ping_rec_timeout = 0
Mon Sep 13 10:59:40 2021 us=231107 ping_rec_timeout_action = 0
Mon Sep 13 10:59:40 2021 us=231112 ping_timer_remote = DISABLED
Mon Sep 13 10:59:40 2021 us=231117 remap_sigusr1 = 0
Mon Sep 13 10:59:40 2021 us=231122 persist_tun = ENABLED
Mon Sep 13 10:59:40 2021 us=231127 persist_local_ip = DISABLED
Mon Sep 13 10:59:40 2021 us=231132 persist_remote_ip = DISABLED
Mon Sep 13 10:59:40 2021 us=231136 persist_key = ENABLED
Mon Sep 13 10:59:40 2021 us=231141 passtos = DISABLED
Mon Sep 13 10:59:40 2021 us=231147 resolve_retry_seconds = 1000000000
Mon Sep 13 10:59:40 2021 us=231152 resolve_in_advance = DISABLED
Mon Sep 13 10:59:40 2021 us=231162 username = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=231167 groupname = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=231172 chroot_dir = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=231177 cd_dir = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=231182 writepid = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=231187 up_script = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=231192 down_script = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=231197 down_pre = DISABLED
Mon Sep 13 10:59:40 2021 us=231202 up_restart = DISABLED
Mon Sep 13 10:59:40 2021 us=231207 up_delay = DISABLED
Mon Sep 13 10:59:40 2021 us=231212 daemon = DISABLED
Mon Sep 13 10:59:40 2021 us=231217 inetd = 0
Mon Sep 13 10:59:40 2021 us=231222 log = DISABLED
Mon Sep 13 10:59:40 2021 us=231227 suppress_timestamps = DISABLED
Mon Sep 13 10:59:40 2021 us=231232 machine_readable_output = DISABLED
Mon Sep 13 10:59:40 2021 us=231237 nice = 0
Mon Sep 13 10:59:40 2021 us=231242 verbosity = 4
Mon Sep 13 10:59:40 2021 us=231247 mute = 0
Mon Sep 13 10:59:40 2021 us=231252 gremlin = 0
Mon Sep 13 10:59:40 2021 us=231257 status_file = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=231262 status_file_version = 1
Mon Sep 13 10:59:40 2021 us=231268 status_file_update_freq = 60
Mon Sep 13 10:59:40 2021 us=231272 occ = ENABLED
Mon Sep 13 10:59:40 2021 us=231277 rcvbuf = 0
Mon Sep 13 10:59:40 2021 us=231282 sndbuf = 0
Mon Sep 13 10:59:40 2021 us=231287 mark = 0
Mon Sep 13 10:59:40 2021 us=231292 sockflags = 0
Mon Sep 13 10:59:40 2021 us=231297 fast_io = DISABLED
Mon Sep 13 10:59:40 2021 us=231302 comp.alg = 2
Mon Sep 13 10:59:40 2021 us=231307 comp.flags = 1
Mon Sep 13 10:59:40 2021 us=231312 route_script = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=231318 route_default_gateway = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=231323 route_default_metric = 0
Mon Sep 13 10:59:40 2021 us=231328 route_noexec = DISABLED
Mon Sep 13 10:59:40 2021 us=231333 route_delay = 0
Mon Sep 13 10:59:40 2021 us=231338 route_delay_window = 30
Mon Sep 13 10:59:40 2021 us=231343 route_delay_defined = DISABLED
Mon Sep 13 10:59:40 2021 us=231348 route_nopull = DISABLED
Mon Sep 13 10:59:40 2021 us=231353 route_gateway_via_dhcp = DISABLED
Mon Sep 13 10:59:40 2021 us=231358 allow_pull_fqdn = DISABLED
Mon Sep 13 10:59:40 2021 us=231364 management_addr = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=231369 management_port = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=231374 management_user_pass = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=231379 management_log_history_cache = 250
Mon Sep 13 10:59:40 2021 us=231385 management_echo_buffer_size = 100
Mon Sep 13 10:59:40 2021 us=231390 management_write_peer_info_file = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=231395 management_client_user = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=231400 management_client_group = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=231405 management_flags = 0
Mon Sep 13 10:59:40 2021 us=231410 shared_secret_file = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=231415 key_direction = not set
Mon Sep 13 10:59:40 2021 us=231420 ciphername = 'AES-256-CBC'
Mon Sep 13 10:59:40 2021 us=231425 ncp_enabled = ENABLED
Mon Sep 13 10:59:40 2021 us=231431 ncp_ciphers = 'AES-256-GCM:AES-128-GCM'
Mon Sep 13 10:59:40 2021 us=231436 authname = 'SHA1'
Mon Sep 13 10:59:40 2021 us=231441 prng_hash = 'SHA1'
Mon Sep 13 10:59:40 2021 us=231446 prng_nonce_secret_len = 16
Mon Sep 13 10:59:40 2021 us=231451 keysize = 0
Mon Sep 13 10:59:40 2021 us=231456 engine = DISABLED
Mon Sep 13 10:59:40 2021 us=231461 replay = ENABLED
Mon Sep 13 10:59:40 2021 us=231466 mute_replay_warnings = DISABLED
Mon Sep 13 10:59:40 2021 us=231471 replay_window = 64
Mon Sep 13 10:59:40 2021 us=231477 replay_time = 15
Mon Sep 13 10:59:40 2021 us=231482 packet_id_file = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=231487 use_iv = ENABLED
Mon Sep 13 10:59:40 2021 us=231492 test_crypto = DISABLED
Mon Sep 13 10:59:40 2021 us=231498 tls_server = DISABLED
Mon Sep 13 10:59:40 2021 us=231503 tls_client = ENABLED
Mon Sep 13 10:59:40 2021 us=231508 key_method = 2
Mon Sep 13 10:59:40 2021 us=231516 ca_file = '[[INLINE]]'
Mon Sep 13 10:59:40 2021 us=231521 ca_path = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=231526 dh_file = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=231531 cert_file = '[[INLINE]]'
Mon Sep 13 10:59:40 2021 us=231537 extra_certs_file = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=231542 priv_key_file = '[[INLINE]]'
Mon Sep 13 10:59:40 2021 us=231547 pkcs12_file = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=231552 cipher_list = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=231557 cipher_list_tls13 = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=231562 tls_cert_profile = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=231567 tls_verify = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=231572 tls_export_cert = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=231585 verify_x509_type = 0
Mon Sep 13 10:59:40 2021 us=231601 verify_x509_name = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=231677 crl_file = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=231681 ns_cert_type = 0
Mon Sep 13 10:59:40 2021 us=231685 remote_cert_ku[i] = 0
Mon Sep 13 10:59:40 2021 us=231689 remote_cert_ku[i] = 0
Mon Sep 13 10:59:40 2021 us=231693 remote_cert_ku[i] = 0
Mon Sep 13 10:59:40 2021 us=231697 remote_cert_ku[i] = 0
Mon Sep 13 10:59:40 2021 us=231702 remote_cert_ku[i] = 0
Mon Sep 13 10:59:40 2021 us=231706 remote_cert_ku[i] = 0
Mon Sep 13 10:59:40 2021 us=231710 remote_cert_ku[i] = 0
Mon Sep 13 10:59:40 2021 us=231715 remote_cert_ku[i] = 0
Mon Sep 13 10:59:40 2021 us=231719 remote_cert_ku[i] = 0
Mon Sep 13 10:59:40 2021 us=231723 remote_cert_ku[i] = 0
Mon Sep 13 10:59:40 2021 us=231727 remote_cert_ku[i] = 0
Mon Sep 13 10:59:40 2021 us=231731 remote_cert_ku[i] = 0
Mon Sep 13 10:59:40 2021 us=231736 remote_cert_ku[i] = 0
Mon Sep 13 10:59:40 2021 us=231740 remote_cert_ku[i] = 0
Mon Sep 13 10:59:40 2021 us=231744 remote_cert_ku[i] = 0
Mon Sep 13 10:59:40 2021 us=231748 remote_cert_ku[i] = 0
Mon Sep 13 10:59:40 2021 us=231752 remote_cert_eku = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=231757 ssl_flags = 0
Mon Sep 13 10:59:40 2021 us=231761 tls_timeout = 2
Mon Sep 13 10:59:40 2021 us=231798 renegotiate_bytes = -1
Mon Sep 13 10:59:40 2021 us=231805 renegotiate_packets = 0
Mon Sep 13 10:59:40 2021 us=231810 renegotiate_seconds = 3600
Mon Sep 13 10:59:40 2021 us=231814 handshake_window = 60
Mon Sep 13 10:59:40 2021 us=231819 transition_window = 3600
Mon Sep 13 10:59:40 2021 us=231823 single_session = DISABLED
Mon Sep 13 10:59:40 2021 us=231827 push_peer_info = DISABLED
Mon Sep 13 10:59:40 2021 us=231831 tls_exit = DISABLED
Mon Sep 13 10:59:40 2021 us=231835 tls_auth_file = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=231839 tls_crypt_file = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=231845 pkcs11_protected_authentication = DISABLED
Mon Sep 13 10:59:40 2021 us=231848 pkcs11_protected_authentication = DISABLED
Mon Sep 13 10:59:40 2021 us=231852 pkcs11_protected_authentication = DISABLED
Mon Sep 13 10:59:40 2021 us=231855 pkcs11_protected_authentication = DISABLED
Mon Sep 13 10:59:40 2021 us=231859 pkcs11_protected_authentication = DISABLED
Mon Sep 13 10:59:40 2021 us=231863 pkcs11_protected_authentication = DISABLED
Mon Sep 13 10:59:40 2021 us=231866 pkcs11_protected_authentication = DISABLED
Mon Sep 13 10:59:40 2021 us=231870 pkcs11_protected_authentication = DISABLED
Mon Sep 13 10:59:40 2021 us=231873 pkcs11_protected_authentication = DISABLED
Mon Sep 13 10:59:40 2021 us=231877 pkcs11_protected_authentication = DISABLED
Mon Sep 13 10:59:40 2021 us=231880 pkcs11_protected_authentication = DISABLED
Mon Sep 13 10:59:40 2021 us=231884 pkcs11_protected_authentication = DISABLED
Mon Sep 13 10:59:40 2021 us=231887 pkcs11_protected_authentication = DISABLED
Mon Sep 13 10:59:40 2021 us=231891 pkcs11_protected_authentication = DISABLED
Mon Sep 13 10:59:40 2021 us=231894 pkcs11_protected_authentication = DISABLED
Mon Sep 13 10:59:40 2021 us=231898 pkcs11_protected_authentication = DISABLED
Mon Sep 13 10:59:40 2021 us=231902 pkcs11_private_mode = 00000000
Mon Sep 13 10:59:40 2021 us=231908 pkcs11_private_mode = 00000000
Mon Sep 13 10:59:40 2021 us=231911 pkcs11_private_mode = 00000000
Mon Sep 13 10:59:40 2021 us=231915 pkcs11_private_mode = 00000000
Mon Sep 13 10:59:40 2021 us=231919 pkcs11_private_mode = 00000000
Mon Sep 13 10:59:40 2021 us=231922 pkcs11_private_mode = 00000000
Mon Sep 13 10:59:40 2021 us=231926 pkcs11_private_mode = 00000000
Mon Sep 13 10:59:40 2021 us=231929 pkcs11_private_mode = 00000000
Mon Sep 13 10:59:40 2021 us=231933 pkcs11_private_mode = 00000000
Mon Sep 13 10:59:40 2021 us=231936 pkcs11_private_mode = 00000000
Mon Sep 13 10:59:40 2021 us=231940 pkcs11_private_mode = 00000000
Mon Sep 13 10:59:40 2021 us=231944 pkcs11_private_mode = 00000000
Mon Sep 13 10:59:40 2021 us=231947 pkcs11_private_mode = 00000000
Mon Sep 13 10:59:40 2021 us=231951 pkcs11_private_mode = 00000000
Mon Sep 13 10:59:40 2021 us=231954 pkcs11_private_mode = 00000000
Mon Sep 13 10:59:40 2021 us=231958 pkcs11_private_mode = 00000000
Mon Sep 13 10:59:40 2021 us=231962 pkcs11_cert_private = DISABLED
Mon Sep 13 10:59:40 2021 us=231965 pkcs11_cert_private = DISABLED
Mon Sep 13 10:59:40 2021 us=231969 pkcs11_cert_private = DISABLED
Mon Sep 13 10:59:40 2021 us=231972 pkcs11_cert_private = DISABLED
Mon Sep 13 10:59:40 2021 us=231976 pkcs11_cert_private = DISABLED
Mon Sep 13 10:59:40 2021 us=231979 pkcs11_cert_private = DISABLED
Mon Sep 13 10:59:40 2021 us=231983 pkcs11_cert_private = DISABLED
Mon Sep 13 10:59:40 2021 us=231986 pkcs11_cert_private = DISABLED
Mon Sep 13 10:59:40 2021 us=231990 pkcs11_cert_private = DISABLED
Mon Sep 13 10:59:40 2021 us=231993 pkcs11_cert_private = DISABLED
Mon Sep 13 10:59:40 2021 us=231997 pkcs11_cert_private = DISABLED
Mon Sep 13 10:59:40 2021 us=232000 pkcs11_cert_private = DISABLED
Mon Sep 13 10:59:40 2021 us=232004 pkcs11_cert_private = DISABLED
Mon Sep 13 10:59:40 2021 us=232007 pkcs11_cert_private = DISABLED
Mon Sep 13 10:59:40 2021 us=232011 pkcs11_cert_private = DISABLED
Mon Sep 13 10:59:40 2021 us=232014 pkcs11_cert_private = DISABLED
Mon Sep 13 10:59:40 2021 us=232018 pkcs11_pin_cache_period = -1
Mon Sep 13 10:59:40 2021 us=232022 pkcs11_id = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=232025 pkcs11_id_management = DISABLED
Mon Sep 13 10:59:40 2021 us=232030 server_network = 0.0.0.0
Mon Sep 13 10:59:40 2021 us=232034 server_netmask = 0.0.0.0
Mon Sep 13 10:59:40 2021 us=232041 server_network_ipv6 = ::
Mon Sep 13 10:59:40 2021 us=232044 server_netbits_ipv6 = 0
Mon Sep 13 10:59:40 2021 us=232049 server_bridge_ip = 0.0.0.0
Mon Sep 13 10:59:40 2021 us=232053 server_bridge_netmask = 0.0.0.0
Mon Sep 13 10:59:40 2021 us=232057 server_bridge_pool_start = 0.0.0.0
Mon Sep 13 10:59:40 2021 us=232060 server_bridge_pool_end = 0.0.0.0
Mon Sep 13 10:59:40 2021 us=232064 ifconfig_pool_defined = DISABLED
Mon Sep 13 10:59:40 2021 us=232068 ifconfig_pool_start = 0.0.0.0
Mon Sep 13 10:59:40 2021 us=232072 ifconfig_pool_end = 0.0.0.0
Mon Sep 13 10:59:40 2021 us=232077 ifconfig_pool_netmask = 0.0.0.0
Mon Sep 13 10:59:40 2021 us=232081 ifconfig_pool_persist_filename = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=232085 ifconfig_pool_persist_refresh_freq = 600
Mon Sep 13 10:59:40 2021 us=232089 ifconfig_ipv6_pool_defined = DISABLED
Mon Sep 13 10:59:40 2021 us=232093 ifconfig_ipv6_pool_base = ::
Mon Sep 13 10:59:40 2021 us=232096 ifconfig_ipv6_pool_netbits = 0
Mon Sep 13 10:59:40 2021 us=232100 n_bcast_buf = 256
Mon Sep 13 10:59:40 2021 us=232104 tcp_queue_limit = 64
Mon Sep 13 10:59:40 2021 us=232108 real_hash_size = 256
Mon Sep 13 10:59:40 2021 us=232111 virtual_hash_size = 256
Mon Sep 13 10:59:40 2021 us=232115 client_connect_script = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=232118 learn_address_script = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=232122 client_disconnect_script = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=232125 client_config_dir = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=232129 ccd_exclusive = DISABLED
Mon Sep 13 10:59:40 2021 us=232133 tmp_dir = '/tmp'
Mon Sep 13 10:59:40 2021 us=232138 push_ifconfig_defined = DISABLED
Mon Sep 13 10:59:40 2021 us=232142 push_ifconfig_local = 0.0.0.0
Mon Sep 13 10:59:40 2021 us=232146 push_ifconfig_remote_netmask = 0.0.0.0
Mon Sep 13 10:59:40 2021 us=232150 push_ifconfig_ipv6_defined = DISABLED
Mon Sep 13 10:59:40 2021 us=232153 push_ifconfig_ipv6_local = ::/0
Mon Sep 13 10:59:40 2021 us=232158 push_ifconfig_ipv6_remote = ::
Mon Sep 13 10:59:40 2021 us=232161 enable_c2c = DISABLED
Mon Sep 13 10:59:40 2021 us=232165 duplicate_cn = DISABLED
Mon Sep 13 10:59:40 2021 us=232169 cf_max = 0
Mon Sep 13 10:59:40 2021 us=232172 cf_per = 0
Mon Sep 13 10:59:40 2021 us=232176 max_clients = 1024
Mon Sep 13 10:59:40 2021 us=232179 max_routes_per_client = 256
Mon Sep 13 10:59:40 2021 us=232183 auth_user_pass_verify_script = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=232187 auth_user_pass_verify_script_via_file = DISABLED
Mon Sep 13 10:59:40 2021 us=232190 auth_token_generate = DISABLED
Mon Sep 13 10:59:40 2021 us=232194 auth_token_lifetime = 0
Mon Sep 13 10:59:40 2021 us=232197 port_share_host = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=232201 port_share_port = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=232204 client = ENABLED
Mon Sep 13 10:59:40 2021 us=232208 pull = ENABLED
Mon Sep 13 10:59:40 2021 us=232211 auth_user_pass_file = '[UNDEF]'
Mon Sep 13 10:59:40 2021 us=232216 OpenVPN 2.4.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jul 19 2021
Mon Sep 13 10:59:40 2021 us=232225 library versions: OpenSSL 1.1.1f 31 Mar 2020, LZO 2.10
Mon Sep 13 10:59:40 2021 us=232268 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Mon Sep 13 10:59:40 2021 us=232466 LZO compression initializing
Mon Sep 13 10:59:40 2021 us=232503 Control Channel MTU parms [ L:1622 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Mon Sep 13 10:59:40 2021 us=232514 Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
Mon Sep 13 10:59:40 2021 us=232526 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-client'
Mon Sep 13 10:59:40 2021 us=232530 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-server'
Mon Sep 13 10:59:40 2021 us=232537 TCP/UDP: Preserving recently used remote address: [AF_INET]<server_ip_address>:1194
Mon Sep 13 10:59:40 2021 us=232550 Socket Buffers: R=[212992->212992] S=[212992->212992]
Mon Sep 13 10:59:40 2021 us=232554 UDP link local: (not bound)
Mon Sep 13 10:59:40 2021 us=232558 UDP link remote: [AF_INET]<server_ip_address>:1194
Mon Sep 13 10:59:40 2021 us=240297 TLS: Initial packet from [AF_INET]<server_ip_address>:1194, sid=80184720 d20b73e2
Mon Sep 13 10:59:40 2021 us=249099 VERIFY OK: depth=1, CN=Easy-RSA CA
Mon Sep 13 10:59:40 2021 us=249219 VERIFY OK: depth=0, CN=server
Mon Sep 13 10:59:40 2021 us=259202 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, 2048 bit RSA
Mon Sep 13 10:59:40 2021 us=259283 [server] Peer Connection Initiated with [AF_INET]<server_ip_address>:1194
Mon Sep 13 10:59:41 2021 us=287391 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Mon Sep 13 10:59:41 2021 us=294771 PUSH: Received control message: 'PUSH_REPLY,route-gateway 10.10.0.1,topology subnet,ping 10,ping-restart 120,ifconfig 10.10.0.3 255.255.128.0,peer-id 1,cipher AES-256-GCM'
Mon Sep 13 10:59:41 2021 us=294992 OPTIONS IMPORT: timers and/or timeouts modified
Mon Sep 13 10:59:41 2021 us=295015 OPTIONS IMPORT: --ifconfig/up options modified
Mon Sep 13 10:59:41 2021 us=295026 OPTIONS IMPORT: route-related options modified
Mon Sep 13 10:59:41 2021 us=295036 OPTIONS IMPORT: peer-id set
Mon Sep 13 10:59:41 2021 us=295047 OPTIONS IMPORT: adjusting link_mtu to 1625
Mon Sep 13 10:59:41 2021 us=295057 OPTIONS IMPORT: data channel crypto options modified
Mon Sep 13 10:59:41 2021 us=295069 Data Channel: using negotiated cipher 'AES-256-GCM'
Mon Sep 13 10:59:41 2021 us=295091 Data Channel MTU parms [ L:1553 D:1450 EF:53 EB:406 ET:0 EL:3 ]
Mon Sep 13 10:59:41 2021 us=295185 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Mon Sep 13 10:59:41 2021 us=295196 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Mon Sep 13 10:59:41 2021 us=297131 TUN/TAP device tun0 opened
Mon Sep 13 10:59:41 2021 us=297180 TUN/TAP TX queue length set to 100
Mon Sep 13 10:59:41 2021 us=297192 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Mon Sep 13 10:59:41 2021 us=297202 /sbin/ip link set dev tun0 up mtu 1500
Mon Sep 13 10:59:41 2021 us=299327 /sbin/ip addr add dev tun0 10.10.0.3/17 broadcast 10.10.127.255
Mon Sep 13 10:59:41 2021 us=302515 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Mon Sep 13 10:59:41 2021 us=302535 Initialization Sequence Completed
Mon Sep 13 10:59:51 2021 us=775442 event_wait : Interrupted system call (code=4)
Mon Sep 13 10:59:51 2021 us=775795 TCP/UDP: Closing socket
Mon Sep 13 10:59:51 2021 us=775963 Closing TUN/TAP interface
Mon Sep 13 10:59:51 2021 us=775990 /sbin/ip addr del dev tun0 10.10.0.3/17
Mon Sep 13 10:59:51 2021 us=799795 SIGINT[hard,] received, process exiting
Code: Select all
Mon Sep 13 09:15:53 2021 us=561634 Current Parameter Settings:
Mon Sep 13 09:15:53 2021 us=561684 config = 'server.conf'
Mon Sep 13 09:15:53 2021 us=561693 mode = 1
Mon Sep 13 09:15:53 2021 us=561699 persist_config = DISABLED
Mon Sep 13 09:15:53 2021 us=561704 persist_mode = 1
Mon Sep 13 09:15:53 2021 us=561710 show_ciphers = DISABLED
Mon Sep 13 09:15:53 2021 us=561715 show_digests = DISABLED
Mon Sep 13 09:15:53 2021 us=561721 show_engines = DISABLED
Mon Sep 13 09:15:53 2021 us=561726 genkey = DISABLED
Mon Sep 13 09:15:53 2021 us=561731 key_pass_file = '[UNDEF]'
Mon Sep 13 09:15:53 2021 us=561737 NOTE: --mute triggered...
Mon Sep 13 09:15:53 2021 us=561748 276 variation(s) on previous 10 message(s) suppressed by --mute
Mon Sep 13 09:15:53 2021 us=561755 OpenVPN 2.4.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jul 19 2021
Mon Sep 13 09:15:53 2021 us=561766 library versions: OpenSSL 1.1.1f 31 Mar 2020, LZO 2.10
Mon Sep 13 09:15:53 2021 us=562085 Diffie-Hellman initialized with 2048 bit key
Mon Sep 13 09:15:53 2021 us=562354 TLS-Auth MTU parms [ L:1622 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Mon Sep 13 09:15:53 2021 us=566401 TUN/TAP device tun0 opened
Mon Sep 13 09:15:53 2021 us=566447 TUN/TAP TX queue length set to 100
Mon Sep 13 09:15:53 2021 us=566465 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Mon Sep 13 09:15:53 2021 us=566478 /sbin/ip link set dev tun0 up mtu 1500
Mon Sep 13 09:15:53 2021 us=571756 /sbin/ip addr add dev tun0 10.10.0.1/17 broadcast 10.10.127.255
Mon Sep 13 09:15:53 2021 us=572902 Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
Mon Sep 13 09:15:53 2021 us=572925 Could not determine IPv4/IPv6 protocol. Using AF_INET
Mon Sep 13 09:15:53 2021 us=572944 Socket Buffers: R=[212992->212992] S=[212992->212992]
Mon Sep 13 09:15:53 2021 us=572958 UDPv4 link local (bound): [AF_INET][undef]:1194
Mon Sep 13 09:15:53 2021 us=572965 UDPv4 link remote: [AF_UNSPEC]
Mon Sep 13 09:15:53 2021 us=572977 MULTI: multi_init called, r=256 v=256
Mon Sep 13 09:15:53 2021 us=573575 IFCONFIG POOL: base=10.10.0.2 size=32764, ipv6=0
Mon Sep 13 09:15:53 2021 us=573610 Initialization Sequence Completed
Mon Sep 13 09:16:03 2021 us=105208 MULTI: multi_create_instance called
Mon Sep 13 09:16:03 2021 us=105283 <client_ip_address>:51270 Re-using SSL/TLS context
Mon Sep 13 09:16:03 2021 us=105298 <client_ip_address>:51270 LZO compression initializing
Mon Sep 13 09:16:03 2021 us=105418 <client_ip_address>:51270 Control Channel MTU parms [ L:1622 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Mon Sep 13 09:16:03 2021 us=105429 <client_ip_address>:51270 Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
Mon Sep 13 09:16:03 2021 us=105461 <client_ip_address>:51270 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-server'
Mon Sep 13 09:16:03 2021 us=105468 <client_ip_address>:51270 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-client'
Mon Sep 13 09:16:03 2021 us=105495 <client_ip_address>:51270 TLS: Initial packet from [AF_INET]<client_ip_address>:51270, sid=bc49bbcb 588c5d5a
Mon Sep 13 09:16:03 2021 us=122935 <client_ip_address>:51270 VERIFY OK: depth=1, CN=Easy-RSA CA
Mon Sep 13 09:16:03 2021 us=123053 <client_ip_address>:51270 VERIFY OK: depth=0, CN=john.doe@hotmail.com
Mon Sep 13 09:16:03 2021 us=123234 <client_ip_address>:51270 peer info: IV_VER=2.4.7
Mon Sep 13 09:16:03 2021 us=123249 <client_ip_address>:51270 peer info: IV_PLAT=linux
Mon Sep 13 09:16:03 2021 us=123255 <client_ip_address>:51270 peer info: IV_PROTO=2
Mon Sep 13 09:16:03 2021 us=123261 <client_ip_address>:51270 peer info: IV_NCP=2
Mon Sep 13 09:16:03 2021 us=123267 <client_ip_address>:51270 peer info: IV_LZ4=1
Mon Sep 13 09:16:03 2021 us=123272 <client_ip_address>:51270 peer info: IV_LZ4v2=1
Mon Sep 13 09:16:03 2021 us=123287 <client_ip_address>:51270 peer info: IV_LZO=1
Mon Sep 13 09:16:03 2021 us=123293 <client_ip_address>:51270 peer info: IV_COMP_STUB=1
Mon Sep 13 09:16:03 2021 us=123299 <client_ip_address>:51270 peer info: IV_COMP_STUBv2=1
Mon Sep 13 09:16:03 2021 us=123318 <client_ip_address>:51270 peer info: IV_TCPNL=1
Mon Sep 13 09:16:03 2021 us=129212 <client_ip_address>:51270 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, 2048 bit RSA
Mon Sep 13 09:16:03 2021 us=129237 <client_ip_address>:51270 [john.doe@hotmail.com] Peer Connection Initiated with [AF_INET]<client_ip_address>:51270
Mon Sep 13 09:16:03 2021 us=129251 john.doe@hotmail.com/<client_ip_address>:51270 MULTI_sva: pool returned IPv4=10.10.0.2, IPv6=(Not enabled)
Mon Sep 13 09:16:03 2021 us=129277 john.doe@hotmail.com/<client_ip_address>:51270 MULTI: Learn: 10.10.0.2 -> john.doe@hotmail.com/<client_ip_address>:51270
Mon Sep 13 09:16:03 2021 us=129285 john.doe@hotmail.com/<client_ip_address>:51270 MULTI: primary virtual IP for john.doe@hotmail.com/<client_ip_address>:51270: 10.10.0.2
Mon Sep 13 09:16:04 2021 us=377282 john.doe@hotmail.com/<client_ip_address>:51270 PUSH: Received control message: 'PUSH_REQUEST'
Mon Sep 13 09:16:04 2021 us=377350 john.doe@hotmail.com/<client_ip_address>:51270 SENT CONTROL [john.doe@hotmail.com]: 'PUSH_REPLY,route-gateway 10.10.0.1,topology subnet,ping 10,ping-restart 120,ifconfig 10.10.0.2 255.255.128.0,peer-id 0,cipher AES-256-GCM' (status=1)
Mon Sep 13 09:16:04 2021 us=377361 john.doe@hotmail.com/<client_ip_address>:51270 Data Channel: using negotiated cipher 'AES-256-GCM'
Mon Sep 13 09:16:04 2021 us=377379 john.doe@hotmail.com/<client_ip_address>:51270 Data Channel MTU parms [ L:1550 D:1450 EF:50 EB:406 ET:0 EL:3 ]
Mon Sep 13 09:16:04 2021 us=377445 john.doe@hotmail.com/<client_ip_address>:51270 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Mon Sep 13 09:16:04 2021 us=377455 john.doe@hotmail.com/<client_ip_address>:51270 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Mon Sep 13 09:16:09 2021 us=976123 event_wait : Interrupted system call (code=4)
Mon Sep 13 09:16:09 2021 us=976187 SENT CONTROL [john.doe@hotmail.com]: 'RESTART' (status=1)
Mon Sep 13 09:16:10 2021 us=876980 event_wait : Interrupted system call (code=4)
Mon Sep 13 09:16:10 2021 us=877422 TCP/UDP: Closing socket
Mon Sep 13 09:16:10 2021 us=877458 Closing TUN/TAP interface
Mon Sep 13 09:16:10 2021 us=877471 /sbin/ip addr del dev tun0 10.10.0.1/17
Mon Sep 13 09:16:10 2021 us=890560 SIGINT[hard,] received, process exiting