VPn connected : can't access server lan side

Need help configuring your VPN? Just post here and you'll get that help.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
OscarDelta59
OpenVpn Newbie
Posts: 6
Joined: Wed Jun 22, 2022 11:04 am

VPn connected : can't access server lan side

Post by OscarDelta59 » Thu Jun 30, 2022 2:00 pm

Hi there,

I was using native's Windows VPN L2TP till it started to fail "sometimes". Some changes on our FAI router and/or firewall. I can't check this, and my fai is not really responsive.

So, to have VPN for some users that are really annoyed, I want to create an OpenVPN VPN.

- Client VPN is connected, ping (with some packets loss) VPN server
- Client can't ping all others IPs on server side
- server can't ping client.

I've made a lot of tries, no luck.
What am I missing ?

Thank's for your help !

Here is the infra :

Server Side :
Lan 192.168.1.0/255.255.255.0 Gateway 192.168.1.1
VPN : 10.20.25.0/255.255.255.04

Client side :
LAN : it can be everything ! Connected with wifis, or 4G, or home boxes.

Server Conf


port 1194
proto udp4
dev tun

topology subnet
server 10.20.25.0 255.255.255.0

route 10.20.25.0 255.255.255.0
push "route 192.168.1.0 255.255.255.0"
push "dhcp-option DNS 192.168.1.240"
push "dhcp-option DNS 192.168.1.150"


ifconfig-pool-persist ipp.txt

ca ca.crt
cert server.crt
key server.key
dh dh.pem

cipher AES-256-CBC
data-ciphers-fallback 'AES-256-CBC'

keepalive 10 120

link-mtu 1400
persist-key
persist-tun

status openvpn-status.log

verb 4


Server Log


2022-06-30 15:34:53 us=546000 Current Parameter Settings:
2022-06-30 15:34:53 us=546000 config = 'C:\Program Files\OpenVPN\config-auto\server.ovpn'
2022-06-30 15:34:53 us=546000 mode = 1
2022-06-30 15:34:53 us=546000 show_ciphers = DISABLED
2022-06-30 15:34:53 us=546000 show_digests = DISABLED
2022-06-30 15:34:53 us=546000 show_engines = DISABLED
2022-06-30 15:34:53 us=546000 genkey = DISABLED
2022-06-30 15:34:53 us=546000 genkey_filename = '[UNDEF]'
2022-06-30 15:34:53 us=546000 key_pass_file = '[UNDEF]'
2022-06-30 15:34:53 us=546000 show_tls_ciphers = DISABLED
2022-06-30 15:34:53 us=546000 connect_retry_max = 0
2022-06-30 15:34:53 us=546000 Connection profiles [0]:
2022-06-30 15:34:53 us=546000 proto = udp4
2022-06-30 15:34:53 us=546000 local = '[UNDEF]'
2022-06-30 15:34:53 us=546000 local_port = '1194'
2022-06-30 15:34:53 us=546000 remote = '[UNDEF]'
2022-06-30 15:34:53 us=546000 remote_port = '1194'
2022-06-30 15:34:53 us=546000 remote_float = DISABLED
2022-06-30 15:34:53 us=546000 bind_defined = DISABLED
2022-06-30 15:34:53 us=546000 bind_local = ENABLED
2022-06-30 15:34:53 us=546000 bind_ipv6_only = DISABLED
2022-06-30 15:34:53 us=546000 connect_retry_seconds = 5
2022-06-30 15:34:53 us=546000 connect_timeout = 120
2022-06-30 15:34:53 us=546000 socks_proxy_server = '[UNDEF]'
2022-06-30 15:34:53 us=546000 socks_proxy_port = '[UNDEF]'
2022-06-30 15:34:53 us=562000 tun_mtu = 1500
2022-06-30 15:34:53 us=562000 tun_mtu_defined = DISABLED
2022-06-30 15:34:53 us=562000 link_mtu = 1400
2022-06-30 15:34:53 us=562000 link_mtu_defined = ENABLED
2022-06-30 15:34:53 us=562000 tun_mtu_extra = 0
2022-06-30 15:34:53 us=562000 tun_mtu_extra_defined = DISABLED
2022-06-30 15:34:53 us=562000 mtu_discover_type = -1
2022-06-30 15:34:53 us=562000 fragment = 0
2022-06-30 15:34:53 us=562000 mssfix = 1450
2022-06-30 15:34:53 us=562000 explicit_exit_notification = 0
2022-06-30 15:34:53 us=562000 tls_auth_file = '[UNDEF]'
2022-06-30 15:34:53 us=562000 key_direction = not set
2022-06-30 15:34:53 us=562000 tls_crypt_file = '[UNDEF]'
2022-06-30 15:34:53 us=562000 tls_crypt_v2_file = '[UNDEF]'
2022-06-30 15:34:53 us=562000 Connection profiles END
2022-06-30 15:34:53 us=562000 remote_random = DISABLED
2022-06-30 15:34:53 us=562000 ipchange = '[UNDEF]'
2022-06-30 15:34:53 us=562000 dev = 'tun'
2022-06-30 15:34:53 us=562000 dev_type = '[UNDEF]'
2022-06-30 15:34:53 us=562000 dev_node = '[UNDEF]'
2022-06-30 15:34:53 us=562000 lladdr = '[UNDEF]'
2022-06-30 15:34:53 us=562000 topology = 3
2022-06-30 15:34:53 us=562000 ifconfig_local = '10.20.25.1'
2022-06-30 15:34:53 us=562000 ifconfig_remote_netmask = '255.255.255.0'
2022-06-30 15:34:53 us=562000 ifconfig_noexec = DISABLED
2022-06-30 15:34:53 us=562000 ifconfig_nowarn = DISABLED
2022-06-30 15:34:53 us=562000 ifconfig_ipv6_local = '[UNDEF]'
2022-06-30 15:34:53 us=562000 ifconfig_ipv6_netbits = 0
2022-06-30 15:34:53 us=562000 ifconfig_ipv6_remote = '[UNDEF]'
2022-06-30 15:34:53 us=562000 shaper = 0
2022-06-30 15:34:53 us=562000 mtu_test = 0
2022-06-30 15:34:53 us=562000 mlock = DISABLED
2022-06-30 15:34:53 us=562000 keepalive_ping = 10
2022-06-30 15:34:53 us=562000 keepalive_timeout = 120
2022-06-30 15:34:53 us=562000 inactivity_timeout = 0
2022-06-30 15:34:53 us=562000 inactivity_minimum_bytes = 0
2022-06-30 15:34:53 us=562000 ping_send_timeout = 10
2022-06-30 15:34:53 us=562000 ping_rec_timeout = 240
2022-06-30 15:34:53 us=562000 ping_rec_timeout_action = 2
2022-06-30 15:34:53 us=562000 ping_timer_remote = DISABLED
2022-06-30 15:34:53 us=562000 remap_sigusr1 = 0
2022-06-30 15:34:53 us=562000 persist_tun = ENABLED
2022-06-30 15:34:53 us=562000 persist_local_ip = DISABLED
2022-06-30 15:34:53 us=562000 persist_remote_ip = DISABLED
2022-06-30 15:34:53 us=562000 persist_key = ENABLED
2022-06-30 15:34:53 us=562000 passtos = DISABLED
2022-06-30 15:34:53 us=562000 resolve_retry_seconds = 1000000000
2022-06-30 15:34:53 us=562000 resolve_in_advance = DISABLED
2022-06-30 15:34:53 us=562000 username = '[UNDEF]'
2022-06-30 15:34:53 us=562000 groupname = '[UNDEF]'
2022-06-30 15:34:53 us=562000 chroot_dir = '[UNDEF]'
2022-06-30 15:34:53 us=562000 cd_dir = '[UNDEF]'
2022-06-30 15:34:53 us=562000 writepid = '[UNDEF]'
2022-06-30 15:34:53 us=562000 up_script = '[UNDEF]'
2022-06-30 15:34:53 us=562000 down_script = '[UNDEF]'
2022-06-30 15:34:53 us=562000 down_pre = DISABLED
2022-06-30 15:34:53 us=562000 up_restart = DISABLED
2022-06-30 15:34:53 us=562000 up_delay = DISABLED
2022-06-30 15:34:53 us=562000 daemon = DISABLED
2022-06-30 15:34:53 us=562000 inetd = 0
2022-06-30 15:34:53 us=562000 log = DISABLED
2022-06-30 15:34:53 us=562000 suppress_timestamps = DISABLED
2022-06-30 15:34:53 us=562000 machine_readable_output = DISABLED
2022-06-30 15:34:53 us=562000 nice = 0
2022-06-30 15:34:53 us=562000 verbosity = 4
2022-06-30 15:34:53 us=562000 mute = 0
2022-06-30 15:34:53 us=562000 status_file = 'openvpn-status.log'
2022-06-30 15:34:53 us=562000 status_file_version = 1
2022-06-30 15:34:53 us=562000 status_file_update_freq = 60
2022-06-30 15:34:53 us=562000 occ = ENABLED
2022-06-30 15:34:53 us=562000 rcvbuf = 0
2022-06-30 15:34:53 us=562000 sndbuf = 0
2022-06-30 15:34:53 us=562000 sockflags = 0
2022-06-30 15:34:53 us=562000 fast_io = DISABLED
2022-06-30 15:34:53 us=562000 comp.alg = 0
2022-06-30 15:34:53 us=562000 comp.flags = 0
2022-06-30 15:34:53 us=562000 route_script = '[UNDEF]'
2022-06-30 15:34:53 us=562000 route_default_gateway = '10.20.25.2'
2022-06-30 15:34:53 us=562000 route_default_metric = 0
2022-06-30 15:34:53 us=562000 route_noexec = DISABLED
2022-06-30 15:34:53 us=562000 route_delay = 0
2022-06-30 15:34:53 us=562000 route_delay_window = 30
2022-06-30 15:34:53 us=562000 route_delay_defined = DISABLED
2022-06-30 15:34:53 us=562000 route_nopull = DISABLED
2022-06-30 15:34:53 us=562000 route_gateway_via_dhcp = DISABLED
2022-06-30 15:34:53 us=562000 allow_pull_fqdn = DISABLED
2022-06-30 15:34:53 us=562000 route 10.20.25.0/255.255.255.0/default (not set)/default (not set)
2022-06-30 15:34:53 us=562000 management_addr = '[UNDEF]'
2022-06-30 15:34:53 us=562000 management_port = '[UNDEF]'
2022-06-30 15:34:53 us=562000 management_user_pass = '[UNDEF]'
2022-06-30 15:34:53 us=562000 management_log_history_cache = 250
2022-06-30 15:34:53 us=562000 management_echo_buffer_size = 100
2022-06-30 15:34:53 us=562000 management_write_peer_info_file = '[UNDEF]'
2022-06-30 15:34:53 us=562000 management_client_user = '[UNDEF]'
2022-06-30 15:34:53 us=562000 management_client_group = '[UNDEF]'
2022-06-30 15:34:53 us=562000 management_flags = 0
2022-06-30 15:34:53 us=562000 shared_secret_file = '[UNDEF]'
2022-06-30 15:34:53 us=562000 key_direction = not set
2022-06-30 15:34:53 us=562000 ciphername = 'AES-256-CBC'
2022-06-30 15:34:53 us=562000 ncp_enabled = ENABLED
2022-06-30 15:34:53 us=562000 ncp_ciphers = 'AES-256-GCM:AES-128-GCM'
2022-06-30 15:34:53 us=562000 authname = 'SHA1'
2022-06-30 15:34:53 us=562000 prng_hash = 'SHA1'
2022-06-30 15:34:53 us=562000 prng_nonce_secret_len = 16
2022-06-30 15:34:53 us=562000 keysize = 0
2022-06-30 15:34:53 us=562000 engine = DISABLED
2022-06-30 15:34:53 us=562000 replay = ENABLED
2022-06-30 15:34:53 us=562000 mute_replay_warnings = DISABLED
2022-06-30 15:34:53 us=562000 replay_window = 64
2022-06-30 15:34:53 us=562000 replay_time = 15
2022-06-30 15:34:53 us=562000 packet_id_file = '[UNDEF]'
2022-06-30 15:34:53 us=562000 test_crypto = DISABLED
2022-06-30 15:34:53 us=562000 tls_server = ENABLED
2022-06-30 15:34:53 us=562000 tls_client = DISABLED
2022-06-30 15:34:53 us=562000 ca_file = 'ca.crt'
2022-06-30 15:34:53 us=562000 ca_path = '[UNDEF]'
2022-06-30 15:34:53 us=562000 dh_file = 'dh.pem'
2022-06-30 15:34:53 us=562000 cert_file = 'server.crt'
2022-06-30 15:34:53 us=562000 extra_certs_file = '[UNDEF]'
2022-06-30 15:34:53 us=562000 priv_key_file = 'server.key'
2022-06-30 15:34:53 us=562000 pkcs12_file = '[UNDEF]'
2022-06-30 15:34:53 us=562000 cryptoapi_cert = '[UNDEF]'
2022-06-30 15:34:53 us=562000 cipher_list = '[UNDEF]'
2022-06-30 15:34:53 us=562000 cipher_list_tls13 = '[UNDEF]'
2022-06-30 15:34:53 us=562000 tls_cert_profile = '[UNDEF]'
2022-06-30 15:34:53 us=562000 tls_verify = '[UNDEF]'
2022-06-30 15:34:53 us=562000 tls_export_cert = '[UNDEF]'
2022-06-30 15:34:53 us=562000 verify_x509_type = 0
2022-06-30 15:34:53 us=562000 verify_x509_name = '[UNDEF]'
2022-06-30 15:34:53 us=562000 crl_file = '[UNDEF]'
2022-06-30 15:34:53 us=562000 ns_cert_type = 0
2022-06-30 15:34:53 us=562000 remote_cert_ku = 0
2022-06-30 15:34:53 us=562000 remote_cert_ku = 0
2022-06-30 15:34:53 us=562000 remote_cert_ku = 0
2022-06-30 15:34:53 us=562000 remote_cert_ku = 0
2022-06-30 15:34:53 us=562000 remote_cert_ku = 0
2022-06-30 15:34:53 us=562000 remote_cert_ku = 0
2022-06-30 15:34:53 us=562000 remote_cert_ku = 0
2022-06-30 15:34:53 us=562000 remote_cert_ku = 0
2022-06-30 15:34:53 us=562000 remote_cert_ku = 0
2022-06-30 15:34:53 us=562000 remote_cert_ku = 0
2022-06-30 15:34:53 us=562000 remote_cert_ku[i] = 0
2022-06-30 15:34:53 us=562000 remote_cert_ku[i] = 0
2022-06-30 15:34:53 us=562000 remote_cert_ku[i] = 0
2022-06-30 15:34:53 us=562000 remote_cert_ku[i] = 0
2022-06-30 15:34:53 us=562000 remote_cert_ku[i] = 0
2022-06-30 15:34:53 us=562000 remote_cert_ku[i] = 0
2022-06-30 15:34:53 us=562000 remote_cert_eku = '[UNDEF]'
2022-06-30 15:34:53 us=562000 ssl_flags = 0
2022-06-30 15:34:53 us=562000 tls_timeout = 2
2022-06-30 15:34:53 us=562000 renegotiate_bytes = -1
2022-06-30 15:34:53 us=562000 renegotiate_packets = 0
2022-06-30 15:34:53 us=562000 renegotiate_seconds = 3600
2022-06-30 15:34:53 us=562000 handshake_window = 60
2022-06-30 15:34:53 us=562000 transition_window = 3600
2022-06-30 15:34:53 us=562000 single_session = DISABLED
2022-06-30 15:34:53 us=562000 push_peer_info = DISABLED
2022-06-30 15:34:53 us=562000 tls_exit = DISABLED
2022-06-30 15:34:53 us=562000 tls_crypt_v2_metadata = '[UNDEF]'
2022-06-30 15:34:53 us=562000 pkcs11_protected_authentication = DISABLED
2022-06-30 15:34:53 us=562000 pkcs11_protected_authentication = DISABLED
2022-06-30 15:34:53 us=562000 pkcs11_protected_authentication = DISABLED
2022-06-30 15:34:53 us=562000 pkcs11_protected_authentication = DISABLED
2022-06-30 15:34:53 us=562000 pkcs11_protected_authentication = DISABLED
2022-06-30 15:34:53 us=562000 pkcs11_protected_authentication = DISABLED
2022-06-30 15:34:53 us=562000 pkcs11_protected_authentication = DISABLED
2022-06-30 15:34:53 us=562000 pkcs11_protected_authentication = DISABLED
2022-06-30 15:34:53 us=562000 pkcs11_protected_authentication = DISABLED
2022-06-30 15:34:53 us=562000 pkcs11_protected_authentication = DISABLED
2022-06-30 15:34:53 us=562000 pkcs11_protected_authentication = DISABLED
2022-06-30 15:34:53 us=562000 pkcs11_protected_authentication = DISABLED
2022-06-30 15:34:53 us=562000 pkcs11_protected_authentication = DISABLED
2022-06-30 15:34:53 us=562000 pkcs11_protected_authentication = DISABLED
2022-06-30 15:34:53 us=562000 pkcs11_protected_authentication = DISABLED
2022-06-30 15:34:53 us=562000 pkcs11_protected_authentication = DISABLED
2022-06-30 15:34:53 us=562000 pkcs11_private_mode = 00000000
2022-06-30 15:34:53 us=562000 pkcs11_private_mode = 00000000
2022-06-30 15:34:53 us=562000 pkcs11_private_mode = 00000000
2022-06-30 15:34:53 us=562000 pkcs11_private_mode = 00000000
2022-06-30 15:34:53 us=562000 pkcs11_private_mode = 00000000
2022-06-30 15:34:53 us=562000 pkcs11_private_mode = 00000000
2022-06-30 15:34:53 us=562000 pkcs11_private_mode = 00000000
2022-06-30 15:34:53 us=562000 pkcs11_private_mode = 00000000
2022-06-30 15:34:53 us=562000 pkcs11_private_mode = 00000000
2022-06-30 15:34:53 us=562000 pkcs11_private_mode = 00000000
2022-06-30 15:34:53 us=562000 pkcs11_private_mode = 00000000
2022-06-30 15:34:53 us=562000 pkcs11_private_mode = 00000000
2022-06-30 15:34:53 us=562000 pkcs11_private_mode = 00000000
2022-06-30 15:34:53 us=562000 pkcs11_private_mode = 00000000
2022-06-30 15:34:53 us=562000 pkcs11_private_mode = 00000000
2022-06-30 15:34:53 us=562000 pkcs11_private_mode = 00000000
2022-06-30 15:34:53 us=562000 pkcs11_cert_private = DISABLED
2022-06-30 15:34:53 us=562000 pkcs11_cert_private = DISABLED
2022-06-30 15:34:53 us=562000 pkcs11_cert_private = DISABLED
2022-06-30 15:34:53 us=562000 pkcs11_cert_private = DISABLED
2022-06-30 15:34:53 us=562000 pkcs11_cert_private = DISABLED
2022-06-30 15:34:53 us=562000 pkcs11_cert_private = DISABLED
2022-06-30 15:34:53 us=562000 pkcs11_cert_private = DISABLED
2022-06-30 15:34:53 us=562000 pkcs11_cert_private = DISABLED
2022-06-30 15:34:53 us=562000 pkcs11_cert_private = DISABLED
2022-06-30 15:34:53 us=562000 pkcs11_cert_private = DISABLED
2022-06-30 15:34:53 us=562000 pkcs11_cert_private = DISABLED
2022-06-30 15:34:53 us=562000 pkcs11_cert_private = DISABLED
2022-06-30 15:34:53 us=562000 pkcs11_cert_private = DISABLED
2022-06-30 15:34:53 us=562000 pkcs11_cert_private = DISABLED
2022-06-30 15:34:53 us=562000 pkcs11_cert_private = DISABLED
2022-06-30 15:34:53 us=562000 pkcs11_cert_private = DISABLED
2022-06-30 15:34:53 us=562000 pkcs11_pin_cache_period = -1
2022-06-30 15:34:53 us=562000 pkcs11_id = '[UNDEF]'
2022-06-30 15:34:53 us=562000 pkcs11_id_management = DISABLED
2022-06-30 15:34:53 us=562000 server_network = 10.20.25.0
2022-06-30 15:34:53 us=562000 server_netmask = 255.255.255.0
2022-06-30 15:34:53 us=562000 server_network_ipv6 = ::
2022-06-30 15:34:53 us=562000 server_netbits_ipv6 = 0
2022-06-30 15:34:53 us=562000 server_bridge_ip = 0.0.0.0
2022-06-30 15:34:53 us=562000 server_bridge_netmask = 0.0.0.0
2022-06-30 15:34:53 us=562000 server_bridge_pool_start = 0.0.0.0
2022-06-30 15:34:53 us=562000 server_bridge_pool_end = 0.0.0.0
2022-06-30 15:34:53 us=562000 push_entry = 'route 192.168.1.0 255.255.255.0'
2022-06-30 15:34:53 us=562000 push_entry = 'dhcp-option DNS 192.168.1.240'
2022-06-30 15:34:53 us=562000 push_entry = 'dhcp-option DNS 192.168.1.150'
2022-06-30 15:34:53 us=562000 push_entry = 'route-gateway 10.20.25.1'
2022-06-30 15:34:53 us=562000 push_entry = 'topology subnet'
2022-06-30 15:34:53 us=562000 push_entry = 'ping 10'
2022-06-30 15:34:53 us=562000 push_entry = 'ping-restart 120'
2022-06-30 15:34:53 us=562000 ifconfig_pool_defined = ENABLED
2022-06-30 15:34:53 us=562000 ifconfig_pool_start = 10.20.25.2
2022-06-30 15:34:53 us=562000 ifconfig_pool_end = 10.20.25.254
2022-06-30 15:34:53 us=562000 ifconfig_pool_netmask = 255.255.255.0
2022-06-30 15:34:53 us=562000 ifconfig_pool_persist_filename = 'ipp.txt'
2022-06-30 15:34:53 us=562000 ifconfig_pool_persist_refresh_freq = 600
2022-06-30 15:34:53 us=562000 ifconfig_ipv6_pool_defined = DISABLED
2022-06-30 15:34:53 us=562000 ifconfig_ipv6_pool_base = ::
2022-06-30 15:34:53 us=562000 ifconfig_ipv6_pool_netbits = 0
2022-06-30 15:34:53 us=562000 n_bcast_buf = 256
2022-06-30 15:34:53 us=562000 tcp_queue_limit = 64
2022-06-30 15:34:53 us=562000 real_hash_size = 256
2022-06-30 15:34:53 us=562000 virtual_hash_size = 256
2022-06-30 15:34:53 us=562000 client_connect_script = '[UNDEF]'
2022-06-30 15:34:53 us=562000 learn_address_script = '[UNDEF]'
2022-06-30 15:34:53 us=562000 client_disconnect_script = '[UNDEF]'
2022-06-30 15:34:53 us=562000 client_config_dir = '[UNDEF]'
2022-06-30 15:34:53 us=562000 ccd_exclusive = DISABLED
2022-06-30 15:34:53 us=562000 tmp_dir = 'C:\Windows\TEMP\'
2022-06-30 15:34:53 us=562000 push_ifconfig_defined = DISABLED
2022-06-30 15:34:53 us=562000 push_ifconfig_local = 0.0.0.0
2022-06-30 15:34:53 us=562000 push_ifconfig_remote_netmask = 0.0.0.0
2022-06-30 15:34:53 us=562000 push_ifconfig_ipv6_defined = DISABLED
2022-06-30 15:34:53 us=562000 push_ifconfig_ipv6_local = ::/0
2022-06-30 15:34:53 us=562000 push_ifconfig_ipv6_remote = ::
2022-06-30 15:34:53 us=562000 enable_c2c = DISABLED
2022-06-30 15:34:53 us=562000 duplicate_cn = DISABLED
2022-06-30 15:34:53 us=562000 cf_max = 0
2022-06-30 15:34:53 us=562000 cf_per = 0
2022-06-30 15:34:53 us=562000 max_clients = 1024
2022-06-30 15:34:53 us=562000 max_routes_per_client = 256
2022-06-30 15:34:53 us=562000 auth_user_pass_verify_script = '[UNDEF]'
2022-06-30 15:34:53 us=562000 auth_user_pass_verify_script_via_file = DISABLED
2022-06-30 15:34:53 us=562000 auth_token_generate = DISABLED
2022-06-30 15:34:53 us=562000 auth_token_lifetime = 0
2022-06-30 15:34:53 us=562000 auth_token_secret_file = '[UNDEF]'
2022-06-30 15:34:53 us=562000 vlan_tagging = DISABLED
2022-06-30 15:34:53 us=562000 vlan_accept = all
2022-06-30 15:34:53 us=562000 vlan_pvid = 1
2022-06-30 15:34:53 us=562000 client = DISABLED
2022-06-30 15:34:53 us=562000 pull = DISABLED
2022-06-30 15:34:53 us=562000 auth_user_pass_file = '[UNDEF]'
2022-06-30 15:34:53 us=562000 show_net_up = DISABLED
2022-06-30 15:34:53 us=562000 route_method = 0
2022-06-30 15:34:53 us=562000 block_outside_dns = DISABLED
2022-06-30 15:34:53 us=562000 ip_win32_defined = DISABLED
2022-06-30 15:34:53 us=562000 ip_win32_type = 3
2022-06-30 15:34:53 us=562000 dhcp_masq_offset = 0
2022-06-30 15:34:53 us=562000 dhcp_lease_time = 31536000
2022-06-30 15:34:53 us=562000 tap_sleep = 10
2022-06-30 15:34:53 us=562000 dhcp_options = DISABLED
2022-06-30 15:34:53 us=562000 dhcp_renew = DISABLED
2022-06-30 15:34:53 us=562000 dhcp_pre_release = DISABLED
2022-06-30 15:34:53 us=562000 domain = '[UNDEF]'
2022-06-30 15:34:53 us=562000 netbios_scope = '[UNDEF]'
2022-06-30 15:34:53 us=562000 netbios_node_type = 0
2022-06-30 15:34:53 us=562000 disable_nbt = DISABLED
2022-06-30 15:34:53 us=562000 OpenVPN 2.5.7 Windows-MSVC [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on May 27 2022
2022-06-30 15:34:53 us=562000 Windows version 10.0 (Windows 10 or greater) 64bit
2022-06-30 15:34:53 us=562000 library versions: OpenSSL 1.1.1o 3 May 2022, LZO 2.10
2022-06-30 15:34:53 us=562000 NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x. Be aware that this might create routing conflicts if you connect to the VPN server from public locations such as internet cafes that use the same subnet.
2022-06-30 15:34:53 us=578000 Diffie-Hellman initialized with 2048 bit key
2022-06-30 15:34:53 us=578000 WARNING: normally if you use --mssfix and/or --fragment, you should also set --tun-mtu 1500 (currently it is 1279)
2022-06-30 15:34:53 us=578000 TLS-Auth MTU parms [ L:1400 D:1212 EF:38 EB:0 ET:0 EL:3 ]
2022-06-30 15:34:53 us=578000 interactive service msg_channel=0
2022-06-30 15:34:53 us=578000 open_tun
2022-06-30 15:34:53 us=578000 tap-windows6 device [OpenVPN TAP-Windows6] opened
2022-06-30 15:34:53 us=578000 TAP-Windows Driver Version 9.24
2022-06-30 15:34:53 us=578000 TAP-Windows MTU=1500
2022-06-30 15:34:53 us=578000 Set TAP-Windows TUN subnet mode network/local/netmask = 10.20.25.0/10.20.25.1/255.255.255.0 [SUCCEEDED]
2022-06-30 15:34:53 us=578000 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.20.25.1/255.255.255.0 on interface {BB22F7AB-4C9E-4792-8A4E-8A32F2E7D679} [DHCP-serv: 10.20.25.0, lease-time: 31536000]
2022-06-30 15:34:53 us=578000 Sleeping for 10 seconds...


Client Conf

client
dev tun

proto udp4

remote-cert-tls server
cipher AES-256-CBC
data-ciphers-fallback 'AES-256-CBC'
resolv-retry infinite
nobind
persist-key
persist-tun
auth-nocache
link-mtu 1400

ca ca.crt
cert clientlse.crt
key clientlse.key
verb 3


ClientLog


2022-06-30 15:35:46 OpenVPN 2.5.7 Windows-MSVC [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on May 27 2022
2022-06-30 15:35:46 Windows version 10.0 (Windows 10 or greater) 64bit
2022-06-30 15:35:46 library versions: OpenSSL 1.1.1o 3 May 2022, LZO 2.10
2022-06-30 15:35:46 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25341
2022-06-30 15:35:46 Need hold release from management interface, waiting...
2022-06-30 15:35:47 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25341
2022-06-30 15:35:47 MANAGEMENT: CMD 'state on'
2022-06-30 15:35:47 MANAGEMENT: CMD 'log all on'
2022-06-30 15:35:47 MANAGEMENT: CMD 'echo all on'
2022-06-30 15:35:47 MANAGEMENT: CMD 'bytecount 5'
2022-06-30 15:35:47 MANAGEMENT: CMD 'hold off'
2022-06-30 15:35:47 MANAGEMENT: CMD 'hold release'
2022-06-30 15:35:47 WARNING: normally if you use --mssfix and/or --fragment, you should also set --tun-mtu 1500 (currently it is 1279)
2022-06-30 15:35:47 TCP/UDP: Preserving recently used remote address: [AF_INET]xxx.xxx.xxx.xxx:1194
2022-06-30 15:35:47 Socket Buffers: R=[65536->65536] S=[65536->65536]
2022-06-30 15:35:47 UDPv4 link local: (not bound)
2022-06-30 15:35:47 UDPv4 link remote: [AF_INET]xxx.xxx.xxx.xxx:1194
2022-06-30 15:35:47 MANAGEMENT: >STATE:1656596147,WAIT,,,,,,
2022-06-30 15:35:53 MANAGEMENT: >STATE:1656596153,AUTH,,,,,,
2022-06-30 15:35:53 TLS: Initial packet from [AF_INET]xxx.xxx.xxx.xxx:1194, sid=cf942349 ae3fa861
2022-06-30 15:35:53 VERIFY OK: depth=1, CN=xxx.xxx.xxx.xxx
2022-06-30 15:35:53 VERIFY KU OK
2022-06-30 15:35:53 Validating certificate extended key usage
2022-06-30 15:35:53 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2022-06-30 15:35:53 VERIFY EKU OK
2022-06-30 15:35:53 VERIFY OK: depth=0, CN=server
2022-06-30 15:35:56 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 2048 bit RSA, signature: RSA-SHA256
2022-06-30 15:35:56 [server] Peer Connection Initiated with [AF_INET]xxx.xxx.xxx.xxx:1194
2022-06-30 15:35:56 PUSH: Received control message: 'PUSH_REPLY,route 192.168.1.0 255.255.255.0,dhcp-option DNS 192.168.1.240,dhcp-option DNS 192.168.1.150,route-gateway 10.20.25.1,topology subnet,ping 10,ping-restart 120,ifconfig 10.20.25.2 255.255.255.0,peer-id 1,cipher AES-256-GCM'
2022-06-30 15:35:56 OPTIONS IMPORT: timers and/or timeouts modified
2022-06-30 15:35:56 OPTIONS IMPORT: --ifconfig/up options modified
2022-06-30 15:35:56 OPTIONS IMPORT: route options modified
2022-06-30 15:35:56 OPTIONS IMPORT: route-related options modified
2022-06-30 15:35:56 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
2022-06-30 15:35:56 OPTIONS IMPORT: peer-id set
2022-06-30 15:35:56 OPTIONS IMPORT: WARNING: peer-id set, but link-mtu fixed by config - reducing tun-mtu to 1276, expect MTU problems
2022-06-30 15:35:56 OPTIONS IMPORT: data channel crypto options modified
2022-06-30 15:35:56 Data Channel: using negotiated cipher 'AES-256-GCM'
2022-06-30 15:35:56 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2022-06-30 15:35:56 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2022-06-30 15:35:56 interactive service msg_channel=628
2022-06-30 15:35:56 open_tun
2022-06-30 15:35:56 tap-windows6 device [Connexion au réseau local 2] opened
2022-06-30 15:35:56 TAP-Windows Driver Version 9.24
2022-06-30 15:35:56 Set TAP-Windows TUN subnet mode network/local/netmask = 10.20.25.0/10.20.25.2/255.255.255.0 [SUCCEEDED]
2022-06-30 15:35:56 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.20.25.2/255.255.255.0 on interface {2E19C6C8-6AFC-45A8-96B3-DE95AD5ED97D} [DHCP-serv: 10.20.25.0, lease-time: 31536000]
2022-06-30 15:35:56 Successful ARP Flush on interface [8] {2E19C6C8-6AFC-45A8-96B3-DE95AD5ED97D}
2022-06-30 15:35:56 MANAGEMENT: >STATE:1656596156,ASSIGN_IP,,10.20.25.2,,,,
2022-06-30 15:35:56 IPv4 MTU set to 1348 on interface 8 using service
2022-06-30 15:36:01 TEST ROUTES: 1/1 succeeded len=1 ret=1 a=0 u/d=up
2022-06-30 15:36:01 MANAGEMENT: >STATE:1656596161,ADD_ROUTES,,,,,,
2022-06-30 15:36:01 C:\WINDOWS\system32\route.exe ADD 192.168.1.0 MASK 255.255.255.0 10.20.25.1
2022-06-30 15:36:01 Route addition via service succeeded
2022-06-30 15:36:01 Initialization Sequence Completed
2022-06-30 15:36:01 MANAGEMENT: >STATE:1656596161,CONNECTED,SUCCESS,10.20.25.2,xxx.xxx.xxx.xxx,1194,,
2022-06-30 15:37:54 C:\WINDOWS\system32\route.exe DELETE 192.168.1.0 MASK 255.255.255.0 10.20.25.1
2022-06-30 15:37:54 Route deletion via service succeeded
2022-06-30 15:37:54 Closing TUN/TAP interface
2022-06-30 15:38:06 TAP: DHCP address released
2022-06-30 15:38:06 SIGTERM[hard,] received, process exiting
2022-06-30 15:38:06 MANAGEMENT: >STATE:1656596286,EXITING,SIGTERM,,,,,

OscarDelta59
OpenVpn Newbie
Posts: 6
Joined: Wed Jun 22, 2022 11:04 am

Re: VPn connected : can't access server lan side

Post by OscarDelta59 » Fri Jul 01, 2022 7:01 am

Hi,

Ping from client to server : lot of lag, lot of packet loss.
Ping from server to client : never works.

Server side : the server can ping any servers/clients. The server responds to any pings. When Client VPN is UP, internet is still OK.
Client side : ping works in all ways. When OpenVPN is up, internet is OK.

So, I'm still digging for a solution !

Kind regards,
Oliver.

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: VPn connected : can't access server lan side

Post by TinCanTech » Fri Jul 01, 2022 11:33 am

I would start by reading the log files ..

OscarDelta59
OpenVpn Newbie
Posts: 6
Joined: Wed Jun 22, 2022 11:04 am

Re: VPn connected : can't access server lan side

Post by OscarDelta59 » Fri Jul 01, 2022 1:08 pm

Hi TinCanTech ,

Thanks for looking at this.

I've already read a lot of logs, with many tries.

So :
us=562000 NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x. Be aware that this might create routing conflicts if you connect to the VPN server from public locations such as internet cafes that use the same subnet.
I understand that. However, i can't change it for now. And it was (and is ) working perfectly on clients using Microsoft L2TP (it's still working for some of them). It maybe very different, but it might be said.
us=578000 WARNING: normally if you use --mssfix and/or --fragment, you should also set --tun-mtu 1500 (currently it is 1279)
I've tried many MTU values, and got same behaviors. Hower, this warning disapeared.

I'm sorry if i'm missing something very clear fo you. I'm discovering OpenVpn !

May you point out what is wrong ?

Regards,
Oliver.

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: VPn connected : can't access server lan side

Post by TinCanTech » Fri Jul 01, 2022 1:47 pm

Don't mess with MTU, unless you fully understand the consequences.

OscarDelta59
OpenVpn Newbie
Posts: 6
Joined: Wed Jun 22, 2022 11:04 am

Re: VPn connected : can't access server lan side

Post by OscarDelta59 » Fri Jul 01, 2022 2:12 pm

EDIT : Sorry for the bad olog definition !

Here's a ping with OVPN connected :

Image

And the same ping with Microsoft L2TP VPN :

Image

Server Conf

port 1194
proto udp4
dev tun

topology subnet

server 10.20.25.0 255.255.255.0

push "route-gateway 10.20.25.1"

push "route 192.168.1.0 255.255.255.0"

push "dhcp-option DNS 192.168.1.240"
push "dhcp-option DNS 192.168.1.150"
push "DOMAIN spare.local"

ifconfig-pool-persist ipp.txt

ca ca.crt
cert server.crt
key server.key
dh dh.pem

cipher AES-256-CBC
data-ciphers-fallback 'AES-256-CBC'

keepalive 10 120

link-mtu 1400
persist-key
persist-tun

status openvpn-status.log

verb 4

Code: Select all

 Server LOG

2022-07-01 15:52:30 us=390000 Current Parameter Settings:
2022-07-01 15:52:30 us=390000   config = 'C:\Program Files\OpenVPN\config-auto\server.ovpn'
2022-07-01 15:52:30 us=390000   mode = 1
2022-07-01 15:52:30 us=390000   show_ciphers = DISABLED
2022-07-01 15:52:30 us=390000   show_digests = DISABLED
2022-07-01 15:52:30 us=390000   show_engines = DISABLED
2022-07-01 15:52:30 us=390000   genkey = DISABLED
2022-07-01 15:52:30 us=390000   genkey_filename = '[UNDEF]'
2022-07-01 15:52:30 us=390000   key_pass_file = '[UNDEF]'
2022-07-01 15:52:30 us=390000   show_tls_ciphers = DISABLED
2022-07-01 15:52:30 us=390000   connect_retry_max = 0
2022-07-01 15:52:30 us=390000 Connection profiles [0]:
2022-07-01 15:52:30 us=390000   proto = udp4
2022-07-01 15:52:30 us=390000   local = '[UNDEF]'
2022-07-01 15:52:30 us=390000   local_port = '1194'
2022-07-01 15:52:30 us=390000   remote = '[UNDEF]'
2022-07-01 15:52:30 us=390000   remote_port = '1194'
2022-07-01 15:52:30 us=390000   remote_float = DISABLED
2022-07-01 15:52:30 us=390000   bind_defined = DISABLED
2022-07-01 15:52:30 us=390000   bind_local = ENABLED
2022-07-01 15:52:30 us=390000   bind_ipv6_only = DISABLED
2022-07-01 15:52:30 us=390000   connect_retry_seconds = 5
2022-07-01 15:52:30 us=390000   connect_timeout = 120
2022-07-01 15:52:30 us=390000   socks_proxy_server = '[UNDEF]'
2022-07-01 15:52:30 us=390000   socks_proxy_port = '[UNDEF]'
2022-07-01 15:52:30 us=390000   tun_mtu = 1500
2022-07-01 15:52:30 us=390000   tun_mtu_defined = DISABLED
2022-07-01 15:52:30 us=390000   link_mtu = 1400
2022-07-01 15:52:30 us=390000   link_mtu_defined = ENABLED
2022-07-01 15:52:30 us=390000   tun_mtu_extra = 0
2022-07-01 15:52:30 us=390000   tun_mtu_extra_defined = DISABLED
2022-07-01 15:52:30 us=390000   mtu_discover_type = -1
2022-07-01 15:52:30 us=390000   fragment = 0
2022-07-01 15:52:30 us=390000   mssfix = 1450
2022-07-01 15:52:30 us=390000   explicit_exit_notification = 0
2022-07-01 15:52:30 us=390000   tls_auth_file = '[UNDEF]'
2022-07-01 15:52:30 us=390000   key_direction = not set
2022-07-01 15:52:30 us=390000   tls_crypt_file = '[UNDEF]'
2022-07-01 15:52:30 us=390000   tls_crypt_v2_file = '[UNDEF]'
2022-07-01 15:52:30 us=390000 Connection profiles END
2022-07-01 15:52:30 us=390000   remote_random = DISABLED
2022-07-01 15:52:30 us=390000   ipchange = '[UNDEF]'
2022-07-01 15:52:30 us=390000   dev = 'tun'
2022-07-01 15:52:30 us=390000   dev_type = '[UNDEF]'
2022-07-01 15:52:30 us=390000   dev_node = '[UNDEF]'
2022-07-01 15:52:30 us=390000   lladdr = '[UNDEF]'
2022-07-01 15:52:30 us=390000   topology = 3
2022-07-01 15:52:30 us=390000   ifconfig_local = '10.20.25.1'
2022-07-01 15:52:30 us=390000   ifconfig_remote_netmask = '255.255.255.0'
2022-07-01 15:52:30 us=390000   ifconfig_noexec = DISABLED
2022-07-01 15:52:30 us=390000   ifconfig_nowarn = DISABLED
2022-07-01 15:52:30 us=390000   ifconfig_ipv6_local = '[UNDEF]'
2022-07-01 15:52:30 us=390000   ifconfig_ipv6_netbits = 0
2022-07-01 15:52:30 us=390000   ifconfig_ipv6_remote = '[UNDEF]'
2022-07-01 15:52:30 us=390000   shaper = 0
2022-07-01 15:52:30 us=390000   mtu_test = 0
2022-07-01 15:52:30 us=390000   mlock = DISABLED
2022-07-01 15:52:30 us=390000   keepalive_ping = 10
2022-07-01 15:52:30 us=390000   keepalive_timeout = 120
2022-07-01 15:52:30 us=390000   inactivity_timeout = 0
2022-07-01 15:52:30 us=390000   inactivity_minimum_bytes = 0
2022-07-01 15:52:30 us=390000   ping_send_timeout = 10
2022-07-01 15:52:30 us=390000   ping_rec_timeout = 240
2022-07-01 15:52:30 us=390000   ping_rec_timeout_action = 2
2022-07-01 15:52:30 us=390000   ping_timer_remote = DISABLED
2022-07-01 15:52:30 us=390000   remap_sigusr1 = 0
2022-07-01 15:52:30 us=390000   persist_tun = ENABLED
2022-07-01 15:52:30 us=390000   persist_local_ip = DISABLED
2022-07-01 15:52:30 us=390000   persist_remote_ip = DISABLED
2022-07-01 15:52:30 us=390000   persist_key = ENABLED
2022-07-01 15:52:30 us=390000   passtos = DISABLED
2022-07-01 15:52:30 us=390000   resolve_retry_seconds = 1000000000
2022-07-01 15:52:30 us=390000   resolve_in_advance = DISABLED
2022-07-01 15:52:30 us=390000   username = '[UNDEF]'
2022-07-01 15:52:30 us=390000   groupname = '[UNDEF]'
2022-07-01 15:52:30 us=390000   chroot_dir = '[UNDEF]'
2022-07-01 15:52:30 us=390000   cd_dir = '[UNDEF]'
2022-07-01 15:52:30 us=390000   writepid = '[UNDEF]'
2022-07-01 15:52:30 us=390000   up_script = '[UNDEF]'
2022-07-01 15:52:30 us=390000   down_script = '[UNDEF]'
2022-07-01 15:52:30 us=390000   down_pre = DISABLED
2022-07-01 15:52:30 us=390000   up_restart = DISABLED
2022-07-01 15:52:30 us=390000   up_delay = DISABLED
2022-07-01 15:52:30 us=390000   daemon = DISABLED
2022-07-01 15:52:30 us=390000   inetd = 0
2022-07-01 15:52:30 us=390000   log = DISABLED
2022-07-01 15:52:30 us=390000   suppress_timestamps = DISABLED
2022-07-01 15:52:30 us=390000   machine_readable_output = DISABLED
2022-07-01 15:52:30 us=390000   nice = 0
2022-07-01 15:52:30 us=390000   verbosity = 4
2022-07-01 15:52:30 us=390000   mute = 0
2022-07-01 15:52:30 us=390000   status_file = 'openvpn-status.log'
2022-07-01 15:52:30 us=390000   status_file_version = 1
2022-07-01 15:52:30 us=390000   status_file_update_freq = 60
2022-07-01 15:52:30 us=390000   occ = ENABLED
2022-07-01 15:52:30 us=390000   rcvbuf = 0
2022-07-01 15:52:30 us=390000   sndbuf = 0
2022-07-01 15:52:30 us=390000   sockflags = 0
2022-07-01 15:52:30 us=390000   fast_io = DISABLED
2022-07-01 15:52:30 us=390000   comp.alg = 0
2022-07-01 15:52:30 us=390000   comp.flags = 0
2022-07-01 15:52:30 us=390000   route_script = '[UNDEF]'
2022-07-01 15:52:30 us=390000   route_default_gateway = '10.20.25.2'
2022-07-01 15:52:30 us=390000   route_default_metric = 0
2022-07-01 15:52:30 us=390000   route_noexec = DISABLED
2022-07-01 15:52:30 us=390000   route_delay = 0
2022-07-01 15:52:30 us=390000   route_delay_window = 30
2022-07-01 15:52:30 us=390000   route_delay_defined = DISABLED
2022-07-01 15:52:30 us=390000   route_nopull = DISABLED
2022-07-01 15:52:30 us=390000   route_gateway_via_dhcp = DISABLED
2022-07-01 15:52:30 us=390000   allow_pull_fqdn = DISABLED
2022-07-01 15:52:30 us=390000   management_addr = '[UNDEF]'
2022-07-01 15:52:30 us=390000   management_port = '[UNDEF]'
2022-07-01 15:52:30 us=390000   management_user_pass = '[UNDEF]'
2022-07-01 15:52:30 us=390000   management_log_history_cache = 250
2022-07-01 15:52:30 us=390000   management_echo_buffer_size = 100
2022-07-01 15:52:30 us=390000   management_write_peer_info_file = '[UNDEF]'
2022-07-01 15:52:30 us=390000   management_client_user = '[UNDEF]'
2022-07-01 15:52:30 us=390000   management_client_group = '[UNDEF]'
2022-07-01 15:52:30 us=390000   management_flags = 0
2022-07-01 15:52:30 us=390000   shared_secret_file = '[UNDEF]'
2022-07-01 15:52:30 us=390000   key_direction = not set
2022-07-01 15:52:30 us=390000   ciphername = 'AES-256-CBC'
2022-07-01 15:52:30 us=390000   ncp_enabled = ENABLED
2022-07-01 15:52:30 us=390000   ncp_ciphers = 'AES-256-GCM:AES-128-GCM'
2022-07-01 15:52:30 us=390000   authname = 'SHA1'
2022-07-01 15:52:30 us=390000   prng_hash = 'SHA1'
2022-07-01 15:52:30 us=390000   prng_nonce_secret_len = 16
2022-07-01 15:52:30 us=390000   keysize = 0
2022-07-01 15:52:30 us=390000   engine = DISABLED
2022-07-01 15:52:30 us=390000   replay = ENABLED
2022-07-01 15:52:30 us=390000   mute_replay_warnings = DISABLED
2022-07-01 15:52:30 us=390000   replay_window = 64
2022-07-01 15:52:30 us=390000   replay_time = 15
2022-07-01 15:52:30 us=390000   packet_id_file = '[UNDEF]'
2022-07-01 15:52:30 us=390000   test_crypto = DISABLED
2022-07-01 15:52:30 us=390000   tls_server = ENABLED
2022-07-01 15:52:30 us=390000   tls_client = DISABLED
2022-07-01 15:52:30 us=390000   ca_file = 'ca.crt'
2022-07-01 15:52:30 us=390000   ca_path = '[UNDEF]'
2022-07-01 15:52:30 us=390000   dh_file = 'dh.pem'
2022-07-01 15:52:30 us=390000   cert_file = 'server.crt'
2022-07-01 15:52:30 us=390000   extra_certs_file = '[UNDEF]'
2022-07-01 15:52:30 us=390000   priv_key_file = 'server.key'
2022-07-01 15:52:30 us=390000   pkcs12_file = '[UNDEF]'
2022-07-01 15:52:30 us=390000   cryptoapi_cert = '[UNDEF]'
2022-07-01 15:52:30 us=390000   cipher_list = '[UNDEF]'
2022-07-01 15:52:30 us=390000   cipher_list_tls13 = '[UNDEF]'
2022-07-01 15:52:30 us=390000   tls_cert_profile = '[UNDEF]'
2022-07-01 15:52:30 us=390000   tls_verify = '[UNDEF]'
2022-07-01 15:52:30 us=390000   tls_export_cert = '[UNDEF]'
2022-07-01 15:52:30 us=390000   verify_x509_type = 0
2022-07-01 15:52:30 us=390000   verify_x509_name = '[UNDEF]'
2022-07-01 15:52:30 us=390000   crl_file = '[UNDEF]'
2022-07-01 15:52:30 us=390000   ns_cert_type = 0
2022-07-01 15:52:30 us=390000   remote_cert_ku[i] = 0
2022-07-01 15:52:30 us=390000   remote_cert_ku[i] = 0
2022-07-01 15:52:30 us=390000   remote_cert_ku[i] = 0
2022-07-01 15:52:30 us=390000   remote_cert_ku[i] = 0
2022-07-01 15:52:30 us=390000   remote_cert_ku[i] = 0
2022-07-01 15:52:30 us=390000   remote_cert_ku[i] = 0
2022-07-01 15:52:30 us=390000   remote_cert_ku[i] = 0
2022-07-01 15:52:30 us=390000   remote_cert_ku[i] = 0
2022-07-01 15:52:30 us=390000   remote_cert_ku[i] = 0
2022-07-01 15:52:30 us=390000   remote_cert_ku[i] = 0
2022-07-01 15:52:30 us=390000   remote_cert_ku[i] = 0
2022-07-01 15:52:30 us=390000   remote_cert_ku[i] = 0
2022-07-01 15:52:30 us=390000   remote_cert_ku[i] = 0
2022-07-01 15:52:30 us=390000   remote_cert_ku[i] = 0
2022-07-01 15:52:30 us=390000   remote_cert_ku[i] = 0
2022-07-01 15:52:30 us=390000   remote_cert_ku[i] = 0
2022-07-01 15:52:30 us=390000   remote_cert_eku = '[UNDEF]'
2022-07-01 15:52:30 us=390000   ssl_flags = 0
2022-07-01 15:52:30 us=390000   tls_timeout = 2
2022-07-01 15:52:30 us=390000   renegotiate_bytes = -1
2022-07-01 15:52:30 us=390000   renegotiate_packets = 0
2022-07-01 15:52:30 us=390000   renegotiate_seconds = 3600
2022-07-01 15:52:30 us=390000   handshake_window = 60
2022-07-01 15:52:30 us=390000   transition_window = 3600
2022-07-01 15:52:30 us=390000   single_session = DISABLED
2022-07-01 15:52:30 us=390000   push_peer_info = DISABLED
2022-07-01 15:52:30 us=390000   tls_exit = DISABLED
2022-07-01 15:52:30 us=390000   tls_crypt_v2_metadata = '[UNDEF]'
2022-07-01 15:52:30 us=390000   pkcs11_protected_authentication = DISABLED
2022-07-01 15:52:30 us=390000   pkcs11_protected_authentication = DISABLED
2022-07-01 15:52:30 us=390000   pkcs11_protected_authentication = DISABLED
2022-07-01 15:52:30 us=390000   pkcs11_protected_authentication = DISABLED
2022-07-01 15:52:30 us=390000   pkcs11_protected_authentication = DISABLED
2022-07-01 15:52:30 us=390000   pkcs11_protected_authentication = DISABLED
2022-07-01 15:52:30 us=390000   pkcs11_protected_authentication = DISABLED
2022-07-01 15:52:30 us=390000   pkcs11_protected_authentication = DISABLED
2022-07-01 15:52:30 us=390000   pkcs11_protected_authentication = DISABLED
2022-07-01 15:52:30 us=390000   pkcs11_protected_authentication = DISABLED
2022-07-01 15:52:30 us=390000   pkcs11_protected_authentication = DISABLED
2022-07-01 15:52:30 us=390000   pkcs11_protected_authentication = DISABLED
2022-07-01 15:52:30 us=390000   pkcs11_protected_authentication = DISABLED
2022-07-01 15:52:30 us=390000   pkcs11_protected_authentication = DISABLED
2022-07-01 15:52:30 us=390000   pkcs11_protected_authentication = DISABLED
2022-07-01 15:52:30 us=390000   pkcs11_protected_authentication = DISABLED
2022-07-01 15:52:30 us=390000   pkcs11_private_mode = 00000000
2022-07-01 15:52:30 us=390000   pkcs11_private_mode = 00000000
2022-07-01 15:52:30 us=390000   pkcs11_private_mode = 00000000
2022-07-01 15:52:30 us=390000   pkcs11_private_mode = 00000000
2022-07-01 15:52:30 us=390000   pkcs11_private_mode = 00000000
2022-07-01 15:52:30 us=390000   pkcs11_private_mode = 00000000
2022-07-01 15:52:30 us=390000   pkcs11_private_mode = 00000000
2022-07-01 15:52:30 us=390000   pkcs11_private_mode = 00000000
2022-07-01 15:52:30 us=390000   pkcs11_private_mode = 00000000
2022-07-01 15:52:30 us=390000   pkcs11_private_mode = 00000000
2022-07-01 15:52:30 us=390000   pkcs11_private_mode = 00000000
2022-07-01 15:52:30 us=390000   pkcs11_private_mode = 00000000
2022-07-01 15:52:30 us=390000   pkcs11_private_mode = 00000000
2022-07-01 15:52:30 us=390000   pkcs11_private_mode = 00000000
2022-07-01 15:52:30 us=390000   pkcs11_private_mode = 00000000
2022-07-01 15:52:30 us=390000   pkcs11_private_mode = 00000000
2022-07-01 15:52:30 us=390000   pkcs11_cert_private = DISABLED
2022-07-01 15:52:30 us=390000   pkcs11_cert_private = DISABLED
2022-07-01 15:52:30 us=390000   pkcs11_cert_private = DISABLED
2022-07-01 15:52:30 us=390000   pkcs11_cert_private = DISABLED
2022-07-01 15:52:30 us=390000   pkcs11_cert_private = DISABLED
2022-07-01 15:52:30 us=390000   pkcs11_cert_private = DISABLED
2022-07-01 15:52:30 us=390000   pkcs11_cert_private = DISABLED
2022-07-01 15:52:30 us=390000   pkcs11_cert_private = DISABLED
2022-07-01 15:52:30 us=390000   pkcs11_cert_private = DISABLED
2022-07-01 15:52:30 us=390000   pkcs11_cert_private = DISABLED
2022-07-01 15:52:30 us=390000   pkcs11_cert_private = DISABLED
2022-07-01 15:52:30 us=390000   pkcs11_cert_private = DISABLED
2022-07-01 15:52:30 us=390000   pkcs11_cert_private = DISABLED
2022-07-01 15:52:30 us=390000   pkcs11_cert_private = DISABLED
2022-07-01 15:52:30 us=390000   pkcs11_cert_private = DISABLED
2022-07-01 15:52:30 us=390000   pkcs11_cert_private = DISABLED
2022-07-01 15:52:30 us=390000   pkcs11_pin_cache_period = -1
2022-07-01 15:52:30 us=390000   pkcs11_id = '[UNDEF]'
2022-07-01 15:52:30 us=390000   pkcs11_id_management = DISABLED
2022-07-01 15:52:30 us=390000   server_network = 10.20.25.0
2022-07-01 15:52:30 us=390000   server_netmask = 255.255.255.0
2022-07-01 15:52:30 us=390000   server_network_ipv6 = ::
2022-07-01 15:52:30 us=390000   server_netbits_ipv6 = 0
2022-07-01 15:52:30 us=390000   server_bridge_ip = 0.0.0.0
2022-07-01 15:52:30 us=390000   server_bridge_netmask = 0.0.0.0
2022-07-01 15:52:30 us=390000   server_bridge_pool_start = 0.0.0.0
2022-07-01 15:52:30 us=390000   server_bridge_pool_end = 0.0.0.0
2022-07-01 15:52:30 us=390000   push_entry = 'route-gateway 10.20.25.1'
2022-07-01 15:52:30 us=390000   push_entry = 'route 192.168.1.0 255.255.255.0'
2022-07-01 15:52:30 us=390000   push_entry = 'dhcp-option DNS 192.168.1.240'
2022-07-01 15:52:30 us=390000   push_entry = 'dhcp-option DNS 192.168.1.150'
2022-07-01 15:52:30 us=390000   push_entry = 'DOMAIN xxx.local'
2022-07-01 15:52:30 us=390000   push_entry = 'route-gateway 10.20.25.1'
2022-07-01 15:52:30 us=390000   push_entry = 'topology subnet'
2022-07-01 15:52:30 us=390000   push_entry = 'ping 10'
2022-07-01 15:52:30 us=390000   push_entry = 'ping-restart 120'
2022-07-01 15:52:30 us=390000   ifconfig_pool_defined = ENABLED
2022-07-01 15:52:30 us=390000   ifconfig_pool_start = 10.20.25.2
2022-07-01 15:52:30 us=390000   ifconfig_pool_end = 10.20.25.254
2022-07-01 15:52:30 us=390000   ifconfig_pool_netmask = 255.255.255.0
2022-07-01 15:52:30 us=390000   ifconfig_pool_persist_filename = 'ipp.txt'
2022-07-01 15:52:30 us=390000   ifconfig_pool_persist_refresh_freq = 600
2022-07-01 15:52:30 us=390000   ifconfig_ipv6_pool_defined = DISABLED
2022-07-01 15:52:30 us=390000   ifconfig_ipv6_pool_base = ::
2022-07-01 15:52:30 us=390000   ifconfig_ipv6_pool_netbits = 0
2022-07-01 15:52:30 us=390000   n_bcast_buf = 256
2022-07-01 15:52:30 us=390000   tcp_queue_limit = 64
2022-07-01 15:52:30 us=390000   real_hash_size = 256
2022-07-01 15:52:30 us=390000   virtual_hash_size = 256
2022-07-01 15:52:30 us=390000   client_connect_script = '[UNDEF]'
2022-07-01 15:52:30 us=390000   learn_address_script = '[UNDEF]'
2022-07-01 15:52:30 us=390000   client_disconnect_script = '[UNDEF]'
2022-07-01 15:52:30 us=390000   client_config_dir = '[UNDEF]'
2022-07-01 15:52:30 us=390000   ccd_exclusive = DISABLED
2022-07-01 15:52:30 us=390000   tmp_dir = 'C:\Windows\TEMP\'
2022-07-01 15:52:30 us=390000   push_ifconfig_defined = DISABLED
2022-07-01 15:52:30 us=390000   push_ifconfig_local = 0.0.0.0
2022-07-01 15:52:30 us=390000   push_ifconfig_remote_netmask = 0.0.0.0
2022-07-01 15:52:30 us=390000   push_ifconfig_ipv6_defined = DISABLED
2022-07-01 15:52:30 us=390000   push_ifconfig_ipv6_local = ::/0
2022-07-01 15:52:30 us=390000   push_ifconfig_ipv6_remote = ::
2022-07-01 15:52:30 us=390000   enable_c2c = DISABLED
2022-07-01 15:52:30 us=390000   duplicate_cn = DISABLED
2022-07-01 15:52:30 us=390000   cf_max = 0
2022-07-01 15:52:30 us=390000   cf_per = 0
2022-07-01 15:52:30 us=390000   max_clients = 1024
2022-07-01 15:52:30 us=390000   max_routes_per_client = 256
2022-07-01 15:52:30 us=390000   auth_user_pass_verify_script = '[UNDEF]'
2022-07-01 15:52:30 us=390000   auth_user_pass_verify_script_via_file = DISABLED
2022-07-01 15:52:30 us=390000   auth_token_generate = DISABLED
2022-07-01 15:52:30 us=390000   auth_token_lifetime = 0
2022-07-01 15:52:30 us=390000   auth_token_secret_file = '[UNDEF]'
2022-07-01 15:52:30 us=390000   vlan_tagging = DISABLED
2022-07-01 15:52:30 us=390000   vlan_accept = all
2022-07-01 15:52:30 us=390000   vlan_pvid = 1
2022-07-01 15:52:30 us=390000   client = DISABLED
2022-07-01 15:52:30 us=390000   pull = DISABLED
2022-07-01 15:52:30 us=390000   auth_user_pass_file = '[UNDEF]'
2022-07-01 15:52:30 us=390000   show_net_up = DISABLED
2022-07-01 15:52:30 us=390000   route_method = 0
2022-07-01 15:52:30 us=390000   block_outside_dns = DISABLED
2022-07-01 15:52:30 us=390000   ip_win32_defined = DISABLED
2022-07-01 15:52:30 us=390000   ip_win32_type = 3
2022-07-01 15:52:30 us=390000   dhcp_masq_offset = 0
2022-07-01 15:52:30 us=390000   dhcp_lease_time = 31536000
2022-07-01 15:52:30 us=390000   tap_sleep = 10
2022-07-01 15:52:30 us=390000   dhcp_options = DISABLED
2022-07-01 15:52:30 us=390000   dhcp_renew = DISABLED
2022-07-01 15:52:30 us=390000   dhcp_pre_release = DISABLED
2022-07-01 15:52:30 us=390000   domain = '[UNDEF]'
2022-07-01 15:52:30 us=390000   netbios_scope = '[UNDEF]'
2022-07-01 15:52:30 us=390000   netbios_node_type = 0
2022-07-01 15:52:30 us=390000   disable_nbt = DISABLED
2022-07-01 15:52:30 us=390000 OpenVPN 2.5.7 Windows-MSVC [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on May 27 2022
2022-07-01 15:52:30 us=390000 Windows version 10.0 (Windows 10 or greater) 64bit
2022-07-01 15:52:30 us=390000 library versions: OpenSSL 1.1.1o  3 May 2022, LZO 2.10
2022-07-01 15:52:30 us=390000 NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x.  Be aware that this might create routing conflicts if you connect to the VPN server from public locations such as internet cafes that use the same subnet.
2022-07-01 15:52:30 us=390000 Diffie-Hellman initialized with 2048 bit key
2022-07-01 15:52:30 us=390000 WARNING: normally if you use --mssfix and/or --fragment, you should also set --tun-mtu 1500 (currently it is 1279)
2022-07-01 15:52:30 us=390000 TLS-Auth MTU parms [ L:1400 D:1212 EF:38 EB:0 ET:0 EL:3 ]
2022-07-01 15:52:30 us=390000 interactive service msg_channel=0
2022-07-01 15:52:30 us=390000 open_tun
2022-07-01 15:52:30 us=406000 tap-windows6 device [OpenVPN TAP-Windows6] opened
2022-07-01 15:52:30 us=406000 TAP-Windows Driver Version 9.24 
2022-07-01 15:52:30 us=406000 TAP-Windows MTU=1500
2022-07-01 15:52:30 us=406000 Set TAP-Windows TUN subnet mode network/local/netmask = 10.20.25.0/10.20.25.1/255.255.255.0 [SUCCEEDED]
2022-07-01 15:52:30 us=406000 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.20.25.1/255.255.255.0 on interface {BB22F7AB-4C9E-4792-8A4E-8A32F2E7D679} [DHCP-serv: 10.20.25.0, lease-time: 31536000]
2022-07-01 15:52:30 us=406000 Sleeping for 10 seconds...
2022-07-01 15:52:40 us=421000 Successful ARP Flush on interface [15] {BB22F7AB-4C9E-4792-8A4E-8A32F2E7D679}
2022-07-01 15:52:40 us=421000 do_ifconfig, ipv4=1, ipv6=0
2022-07-01 15:52:40 us=421000 IPv4 MTU set to 1279 on interface 15 using SetIpInterfaceEntry()
2022-07-01 15:52:40 us=421000 Data Channel MTU parms [ L:1400 D:1400 EF:121 EB:369 ET:0 EL:3 ]
2022-07-01 15:52:40 us=421000 Socket Buffers: R=[65536->65536] S=[65536->65536]
2022-07-01 15:52:40 us=421000 UDPv4 link local (bound): [AF_INET][undef]:1194
2022-07-01 15:52:40 us=421000 UDPv4 link remote: [AF_UNSPEC]
2022-07-01 15:52:40 us=421000 MULTI: multi_init called, r=256 v=256
2022-07-01 15:52:40 us=421000 IFCONFIG POOL IPv4: base=10.20.25.2 size=253
2022-07-01 15:52:40 us=421000 ifconfig_pool_read(), in='clientlse,10.20.25.4,'
2022-07-01 15:52:40 us=421000 succeeded -> ifconfig_pool_set(hand=2)
2022-07-01 15:52:40 us=421000 IFCONFIG POOL LIST
2022-07-01 15:52:40 us=421000 clientlse,10.20.25.4,
2022-07-01 15:52:40 us=421000 Initialization Sequence Completed
2022-07-01 15:52:56 us=875000 MULTI: multi_create_instance called
2022-07-01 15:52:56 us=875000 2.12.224.56:57998 Re-using SSL/TLS context
2022-07-01 15:52:56 us=875000 2.12.224.56:57998 WARNING: normally if you use --mssfix and/or --fragment, you should also set --tun-mtu 1500 (currently it is 1279)
2022-07-01 15:52:56 us=875000 2.12.224.56:57998 Control Channel MTU parms [ L:1400 D:1212 EF:38 EB:0 ET:0 EL:3 ]
2022-07-01 15:52:56 us=875000 2.12.224.56:57998 Data Channel MTU parms [ L:1400 D:1400 EF:121 EB:369 ET:0 EL:3 ]
2022-07-01 15:52:56 us=875000 2.12.224.56:57998 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1400,tun-mtu 1279,proto UDPv4,auth SHA1,keysize 256,key-method 2,tls-server'
2022-07-01 15:52:56 us=875000 2.12.224.56:57998 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1400,tun-mtu 1279,proto UDPv4,auth SHA1,keysize 256,key-method 2,tls-client'
2022-07-01 15:52:56 us=875000 2.12.224.56:57998 TLS: Initial packet from [AF_INET]2.12.224.56:57998, sid=49c5a7ba 7784e50b
2022-07-01 15:52:56 us=906000 2.12.224.56:57998 VERIFY OK: depth=1, CN=109.70.22.227
2022-07-01 15:52:56 us=906000 2.12.224.56:57998 VERIFY OK: depth=0, CN=clientlse
2022-07-01 15:52:56 us=906000 2.12.224.56:57998 peer info: IV_VER=2.5.7
2022-07-01 15:52:56 us=906000 2.12.224.56:57998 peer info: IV_PLAT=win
2022-07-01 15:52:56 us=906000 2.12.224.56:57998 peer info: IV_PROTO=6
2022-07-01 15:52:56 us=906000 2.12.224.56:57998 peer info: IV_NCP=2
2022-07-01 15:52:56 us=906000 2.12.224.56:57998 peer info: IV_CIPHERS=AES-256-GCM:AES-128-GCM
2022-07-01 15:52:56 us=906000 2.12.224.56:57998 peer info: IV_LZ4=1
2022-07-01 15:52:56 us=906000 2.12.224.56:57998 peer info: IV_LZ4v2=1
2022-07-01 15:52:56 us=906000 2.12.224.56:57998 peer info: IV_LZO=1
2022-07-01 15:52:56 us=906000 2.12.224.56:57998 peer info: IV_COMP_STUB=1
2022-07-01 15:52:56 us=906000 2.12.224.56:57998 peer info: IV_COMP_STUBv2=1
2022-07-01 15:52:56 us=906000 2.12.224.56:57998 peer info: IV_TCPNL=1
2022-07-01 15:52:56 us=906000 2.12.224.56:57998 peer info: IV_GUI_VER=OpenVPN_GUI_11
2022-07-01 15:52:56 us=906000 2.12.224.56:57998 peer info: IV_SSO=openurl,crtext
2022-07-01 15:52:56 us=906000 2.12.224.56:57998 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1400', remote='link-mtu 1557'
2022-07-01 15:52:56 us=906000 2.12.224.56:57998 WARNING: 'tun-mtu' is used inconsistently, local='tun-mtu 1279', remote='tun-mtu 1500'
2022-07-01 15:52:56 us=921000 2.12.224.56:57998 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 2048 bit RSA, signature: RSA-SHA256
2022-07-01 15:52:56 us=921000 2.12.224.56:57998 [clientlse] Peer Connection Initiated with [AF_INET]2.12.224.56:57998
2022-07-01 15:52:56 us=921000 clientlse/2.12.224.56:57998 MULTI_sva: pool returned IPv4=10.20.25.4, IPv6=(Not enabled)
2022-07-01 15:52:56 us=921000 clientlse/2.12.224.56:57998 MULTI: Learn: 10.20.25.4 -> clientlse/2.12.224.56:57998
2022-07-01 15:52:56 us=921000 clientlse/2.12.224.56:57998 MULTI: primary virtual IP for clientlse/2.12.224.56:57998: 10.20.25.4
2022-07-01 15:52:56 us=921000 clientlse/2.12.224.56:57998 Data Channel: using negotiated cipher 'AES-256-GCM'
2022-07-01 15:52:56 us=921000 clientlse/2.12.224.56:57998 Data Channel MTU parms [ L:1400 D:1400 EF:49 EB:369 ET:0 EL:3 ]
2022-07-01 15:52:56 us=921000 clientlse/2.12.224.56:57998 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2022-07-01 15:52:56 us=921000 clientlse/2.12.224.56:57998 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2022-07-01 15:52:56 us=921000 clientlse/2.12.224.56:57998 SENT CONTROL [clientlse]: 'PUSH_REPLY,route-gateway 10.20.25.1,route 192.168.1.0 255.255.255.0,dhcp-option DNS 192.168.1.240,dhcp-option DNS 192.168.1.150,DOMAIN xxx.local,route-gateway 10.20.25.1,topology subnet,ping 10,ping-restart 120,ifconfig 10.20.25.4 255.255.255.0,peer-id 0,cipher AES-256-GCM' (status=1)
Client conf

client
dev tun

proto udp4

remote 109.70.22.227 1194


remote-cert-tls server
cipher AES-256-CBC
data-ciphers-fallback 'AES-256-CBC'
resolv-retry infinite
nobind
persist-key
persist-tun
auth-nocache
verify-client-cert require

ca ca.crt
cert clientlse.crt
key clientlse.key

verb 3

Code: Select all

2022-07-01 15:52:32 OpenVPN 2.5.7 Windows-MSVC [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on May 27 2022
2022-07-01 15:52:32 Windows version 10.0 (Windows 10 or greater) 64bit
2022-07-01 15:52:32 library versions: OpenSSL 1.1.1o  3 May 2022, LZO 2.10
2022-07-01 15:52:32 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25341
2022-07-01 15:52:32 Need hold release from management interface, waiting...
2022-07-01 15:52:32 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25341
2022-07-01 15:52:33 MANAGEMENT: CMD 'state on'
2022-07-01 15:52:33 MANAGEMENT: CMD 'log all on'
2022-07-01 15:52:33 MANAGEMENT: CMD 'echo all on'
2022-07-01 15:52:33 MANAGEMENT: CMD 'bytecount 5'
2022-07-01 15:52:33 MANAGEMENT: CMD 'hold off'
2022-07-01 15:52:33 MANAGEMENT: CMD 'hold release'
2022-07-01 15:52:33 TCP/UDP: Preserving recently used remote address: [AF_INET]109.70.22.227:1194
2022-07-01 15:52:33 Socket Buffers: R=[65536->65536] S=[65536->65536]
2022-07-01 15:52:33 UDPv4 link local: (not bound)
2022-07-01 15:52:33 UDPv4 link remote: [AF_INET]109.70.22.227:1194
2022-07-01 15:52:33 MANAGEMENT: >STATE:1656683553,WAIT,,,,,,
2022-07-01 15:52:33 MANAGEMENT: >STATE:1656683553,AUTH,,,,,,
2022-07-01 15:52:33 TLS: Initial packet from [AF_INET]109.70.22.227:1194, sid=18c03b8a a4a6e889
2022-07-01 15:52:33 VERIFY OK: depth=1, CN=109.70.22.227
2022-07-01 15:52:33 VERIFY KU OK
2022-07-01 15:52:33 Validating certificate extended key usage
2022-07-01 15:52:33 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2022-07-01 15:52:33 VERIFY EKU OK
2022-07-01 15:52:33 VERIFY OK: depth=0, CN=server
2022-07-01 15:52:33 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1557', remote='link-mtu 1400'
2022-07-01 15:52:33 WARNING: 'tun-mtu' is used inconsistently, local='tun-mtu 1500', remote='tun-mtu 1279'
2022-07-01 15:52:33 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 2048 bit RSA, signature: RSA-SHA256
2022-07-01 15:52:33 [server] Peer Connection Initiated with [AF_INET]109.70.22.227:1194
2022-07-01 15:52:33 PUSH: Received control message: 'PUSH_REPLY,route-gateway 10.20.25.1,route 192.168.1.0 255.255.255.0,dhcp-option DNS 192.168.1.240,dhcp-option DNS 192.168.1.150,DOMAIN spare.local,route-gateway 10.20.25.1,topology subnet,ping 10,ping-restart 120,ifconfig 10.20.25.4 255.255.255.0,peer-id 0,cipher AES-256-GCM'
2022-07-01 15:52:33 Options error: Unrecognized option or missing or extra parameter(s) in [PUSH-OPTIONS]:5: DOMAIN (2.5.7)
2022-07-01 15:52:33 OPTIONS IMPORT: timers and/or timeouts modified
2022-07-01 15:52:33 OPTIONS IMPORT: --ifconfig/up options modified
2022-07-01 15:52:33 OPTIONS IMPORT: route options modified
2022-07-01 15:52:33 OPTIONS IMPORT: route-related options modified
2022-07-01 15:52:33 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
2022-07-01 15:52:33 OPTIONS IMPORT: peer-id set
2022-07-01 15:52:33 OPTIONS IMPORT: adjusting link_mtu to 1624
2022-07-01 15:52:33 OPTIONS IMPORT: data channel crypto options modified
2022-07-01 15:52:33 Data Channel: using negotiated cipher 'AES-256-GCM'
2022-07-01 15:52:33 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2022-07-01 15:52:33 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2022-07-01 15:52:33 interactive service msg_channel=724
2022-07-01 15:52:33 open_tun
2022-07-01 15:52:33 tap-windows6 device [Connexion au réseau local 2] opened
2022-07-01 15:52:33 TAP-Windows Driver Version 9.24 
2022-07-01 15:52:33 Set TAP-Windows TUN subnet mode network/local/netmask = 10.20.25.0/10.20.25.4/255.255.255.0 [SUCCEEDED]
2022-07-01 15:52:33 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.20.25.4/255.255.255.0 on interface {2E19C6C8-6AFC-45A8-96B3-DE95AD5ED97D} [DHCP-serv: 10.20.25.0, lease-time: 31536000]
2022-07-01 15:52:33 Successful ARP Flush on interface [8] {2E19C6C8-6AFC-45A8-96B3-DE95AD5ED97D}
2022-07-01 15:52:33 MANAGEMENT: >STATE:1656683553,ASSIGN_IP,,10.20.25.4,,,,
2022-07-01 15:52:33 IPv4 MTU set to 1500 on interface 8 using service
2022-07-01 15:52:38 TEST ROUTES: 1/1 succeeded len=1 ret=1 a=0 u/d=up
2022-07-01 15:52:38 MANAGEMENT: >STATE:1656683558,ADD_ROUTES,,,,,,
2022-07-01 15:52:38 C:\WINDOWS\system32\route.exe ADD 192.168.1.0 MASK 255.255.255.0 10.20.25.1
2022-07-01 15:52:38 Route addition via service succeeded
2022-07-01 15:52:38 Initialization Sequence Completed
2022-07-01 15:52:38 MANAGEMENT: >STATE:1656683558,CONNECTED,SUCCESS,10.20.25.4,109.70.22.227,1194,,
2022-07-01 15:58:27 C:\WINDOWS\system32\route.exe DELETE 192.168.1.0 MASK 255.255.255.0 10.20.25.1
2022-07-01 15:58:27 Route deletion via service succeeded
2022-07-01 15:58:27 Closing TUN/TAP interface
2022-07-01 15:58:39 TAP: DHCP address released
2022-07-01 15:58:39 SIGTERM[hard,] received, process exiting
2022-07-01 15:58:39 MANAGEMENT: >STATE:1656683919,EXITING,SIGTERM,,,,,

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: VPn connected : can't access server lan side

Post by TinCanTech » Fri Jul 01, 2022 5:27 pm

OscarDelta59 wrote:
Fri Jul 01, 2022 2:12 pm
EDIT : Sorry for the bad olog definition !
I have edited your post as an example, don't use BBCode OLOG, use CODE instead, much nicer.

You are still trying to use --link-mtu, just stop using it.

Post Reply