Here you go (part1) for a few client connections - I was 40x over the limit of max characters per post so I edited more of the IP version=15 stuff. I've since shortened this significantly but it was still going over the limit. I don't feel like this is enough because it seems like the stuff I provided yesterday.
Code: Select all
Current Parameter Settings:
config = 'server.conf'
mode = 1
persist_config = DISABLED
persist_mode = 1
show_ciphers = DISABLED
show_digests = DISABLED
show_engines = DISABLED
genkey = DISABLED
genkey_filename = '[UNDEF]'
key_pass_file = '[UNDEF]'
show_tls_ciphers = DISABLED
connect_retry_max = 0
Connection profiles [0]:
proto = udp6
local = '[UNDEF]'
local_port = '82'
remote = '[UNDEF]'
remote_port = '82'
remote_float = DISABLED
bind_defined = DISABLED
bind_local = ENABLED
bind_ipv6_only = DISABLED
connect_retry_seconds = 5
connect_timeout = 120
socks_proxy_server = '[UNDEF]'
socks_proxy_port = '[UNDEF]'
tun_mtu = 1500
tun_mtu_defined = ENABLED
link_mtu = 1500
link_mtu_defined = DISABLED
tun_mtu_extra = 0
tun_mtu_extra_defined = DISABLED
mtu_discover_type = -1
fragment = 0
mssfix = 1450
explicit_exit_notification = 1
tls_auth_file = '[INLINE]'
key_direction = 0
tls_crypt_file = '[UNDEF]'
tls_crypt_v2_file = '[UNDEF]'
Connection profiles END
remote_random = DISABLED
ipchange = '[UNDEF]'
dev = 'tun'
dev_type = '[UNDEF]'
dev_node = '[UNDEF]'
lladdr = '[UNDEF]'
topology = 3
ifconfig_local = '172.16.0.1'
ifconfig_remote_netmask = '255.255.255.0'
ifconfig_noexec = DISABLED
ifconfig_nowarn = DISABLED
ifconfig_ipv6_local = '[UNDEF]'
ifconfig_ipv6_netbits = 0
ifconfig_ipv6_remote = '[UNDEF]'
shaper = 0
mtu_test = 0
mlock = DISABLED
keepalive_ping = 10
keepalive_timeout = 120
inactivity_timeout = 0
inactivity_minimum_bytes = 0
ping_send_timeout = 10
ping_rec_timeout = 240
ping_rec_timeout_action = 2
ping_timer_remote = DISABLED
remap_sigusr1 = 0
persist_tun = ENABLED
persist_local_ip = DISABLED
persist_remote_ip = DISABLED
persist_key = ENABLED
passtos = DISABLED
resolve_retry_seconds = 1000000000
resolve_in_advance = DISABLED
username = 'nobody'
groupname = 'nobody'
chroot_dir = '[UNDEF]'
cd_dir = '[UNDEF]'
selinux_context = '[UNDEF]'
writepid = '[UNDEF]'
up_script = '[UNDEF]'
down_script = '[UNDEF]'
down_pre = DISABLED
up_restart = DISABLED
up_delay = DISABLED
daemon = DISABLED
inetd = 0
log = ENABLED
suppress_timestamps = ENABLED
machine_readable_output = DISABLED
nice = 0
verbosity = 4
mute = 0
gremlin = 0
status_file = '/var/log/openvpn/openvpn-status.log'
status_file_version = 2
status_file_update_freq = 60
occ = ENABLED
rcvbuf = 0
sndbuf = 0
mark = 0
sockflags = 0
fast_io = DISABLED
comp.alg = 0
comp.flags = 0
route_script = '[UNDEF]'
route_default_gateway = '172.16.0.2'
route_default_metric = 0
route_noexec = DISABLED
route_delay = 0
route_delay_window = 30
route_delay_defined = DISABLED
route_nopull = DISABLED
route_gateway_via_dhcp = DISABLED
allow_pull_fqdn = DISABLED
route 10.10.10.1/255.255.255.0/default (not set)/default (not set)
management_addr = '[UNDEF]'
management_port = '[UNDEF]'
management_user_pass = '[UNDEF]'
management_log_history_cache = 250
management_echo_buffer_size = 100
management_write_peer_info_file = '[UNDEF]'
management_client_user = '[UNDEF]'
management_client_group = '[UNDEF]'
management_flags = 0
shared_secret_file = '[UNDEF]'
key_direction = 0
ciphername = 'AES-256-CBC'
ncp_enabled = ENABLED
ncp_ciphers = 'AES-256-GCM:AES-128-GCM:AES-256-CBC:AES-128-CBC'
authname = 'SHA512'
prng_hash = 'SHA1'
prng_nonce_secret_len = 16
keysize = 0
engine = DISABLED
replay = ENABLED
mute_replay_warnings = DISABLED
replay_window = 64
replay_time = 15
packet_id_file = '[UNDEF]'
test_crypto = DISABLED
tls_server = ENABLED
tls_client = DISABLED
ca_file = 'ca.crt'
ca_path = '[UNDEF]'
dh_file = 'dh.pem'
cert_file = 'issued/server.crt'
extra_certs_file = '[UNDEF]'
priv_key_file = 'private/server.key'
pkcs12_file = '[UNDEF]'
cipher_list = '[UNDEF]'
cipher_list_tls13 = '[UNDEF]'
tls_cert_profile = '[UNDEF]'
tls_verify = '[UNDEF]'
tls_export_cert = '[UNDEF]'
verify_x509_type = 0
verify_x509_name = '[UNDEF]'
crl_file = '[UNDEF]'
ns_cert_type = 0
remote_cert_ku[i] = 0
remote_cert_ku[i] = 0
remote_cert_ku[i] = 0
remote_cert_ku[i] = 0
remote_cert_ku[i] = 0
remote_cert_ku[i] = 0
remote_cert_eku = '[UNDEF]'
ssl_flags = 0
tls_timeout = 2
renegotiate_bytes = -1
renegotiate_packets = 0
renegotiate_seconds = 3600
handshake_window = 60
transition_window = 3600
single_session = DISABLED
push_peer_info = DISABLED
tls_exit = DISABLED
tls_crypt_v2_metadata = '[UNDEF]'
pkcs11_protected_authentication = DISABLED
pkcs11_protected_authentication = DISABLED
pkcs11_protected_authentication = DISABLED
pkcs11_protected_authentication = DISABLED
pkcs11_protected_authentication = DISABLED
pkcs11_protected_authentication = DISABLED
pkcs11_private_mode = 00000000
pkcs11_private_mode = 00000000
pkcs11_private_mode = 00000000
pkcs11_private_mode = 00000000
pkcs11_private_mode = 00000000
pkcs11_private_mode = 00000000
pkcs11_private_mode = 00000000
pkcs11_cert_private = DISABLED
pkcs11_cert_private = DISABLED
pkcs11_cert_private = DISABLED
pkcs11_cert_private = DISABLED
pkcs11_cert_private = DISABLED
pkcs11_cert_private = DISABLED
pkcs11_pin_cache_period = -1
pkcs11_id = '[UNDEF]'
pkcs11_id_management = DISABLED
server_network = 172.16.0.0
server_netmask = 255.255.255.0
server_network_ipv6 = ::
server_netbits_ipv6 = 0
server_bridge_ip = 0.0.0.0
server_bridge_netmask = 0.0.0.0
server_bridge_pool_start = 0.0.0.0
server_bridge_pool_end = 0.0.0.0
push_entry = 'redirect-gateway def1'
push_entry = 'dhcp-option DNS 10.10.10.1'
push_entry = 'dhcp-option DNS 8.8.8.8'
push_entry = 'dhcp-option DNS 208.67.222.222'
push_entry = 'dhcp-option DNS 208.67.220.220'
push_entry = 'route-gateway 172.16.0.1'
push_entry = 'topology subnet'
push_entry = 'ping 10'
push_entry = 'ping-restart 120'
ifconfig_pool_defined = ENABLED
ifconfig_pool_start = 172.16.0.2
ifconfig_pool_end = 172.16.0.254
ifconfig_pool_netmask = 255.255.255.0
ifconfig_pool_persist_filename = 'ipp.txt'
ifconfig_pool_persist_refresh_freq = 600
ifconfig_ipv6_pool_defined = DISABLED
ifconfig_ipv6_pool_base = ::
ifconfig_ipv6_pool_netbits = 0
n_bcast_buf = 256
tcp_queue_limit = 64
real_hash_size = 256
virtual_hash_size = 256
client_connect_script = '[UNDEF]'
learn_address_script = '[UNDEF]'
client_disconnect_script = '[UNDEF]'
client_config_dir = '[UNDEF]'
ccd_exclusive = DISABLED
tmp_dir = '/tmp'
push_ifconfig_defined = DISABLED
push_ifconfig_local = 0.0.0.0
push_ifconfig_remote_netmask = 0.0.0.0
push_ifconfig_ipv6_defined = DISABLED
push_ifconfig_ipv6_local = ::/0
push_ifconfig_ipv6_remote = ::
enable_c2c = DISABLED
duplicate_cn = DISABLED
cf_max = 0
cf_per = 0
max_clients = 1024
max_routes_per_client = 256
auth_user_pass_verify_script = '[UNDEF]'
auth_user_pass_verify_script_via_file = DISABLED
auth_token_generate = DISABLED
auth_token_lifetime = 0
auth_token_secret_file = '[UNDEF]'
port_share_host = '[UNDEF]'
port_share_port = '[UNDEF]'
vlan_tagging = DISABLED
vlan_accept = all
vlan_pvid = 1
client = DISABLED
pull = DISABLED
auth_user_pass_file = '[UNDEF]'
OpenVPN 2.5.7 x86_64-redhat-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on May 31 2022
library versions: OpenSSL 3.0.5 5 Jul 2022, LZO 2.10
net_route_v4_best_gw query: dst 0.0.0.0
net_route_v4_best_gw result: via 10.10.10.1 dev enp3s0
Diffie-Hellman initialized with 2048 bit key
Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
TLS-Auth MTU parms [ L:1621 D:1140 EF:110 EB:0 ET:0 EL:3 ]
net_route_v4_best_gw query: dst 0.0.0.0
net_route_v4_best_gw result: via 10.10.10.1 dev enp3s0
ROUTE_GATEWAY 10.10.10.1/255.255.255.0 IFACE=enp3s0 HWADDR=00:24:21:10:56:fb
TUN/TAP device tun0 opened
do_ifconfig, ipv4=1, ipv6=0
net_iface_mtu_set: mtu 1500 for tun0
net_iface_up: set tun0 up
net_addr_v4_add: 172.16.0.1/24 dev tun0
net_route_v4_add: 10.10.10.1/24 via 172.16.0.2 dev [NULL] table 0 metric -1
sitnl_send: rtnl: generic error (-22): Invalid argument
ERROR: Linux route add command failed
Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
Socket Buffers: R=[212992->212992] S=[212992->212992]
setsockopt(IPV6_V6ONLY=0)
UDPv6 link local (bound): [AF_INET6][undef]:82
UDPv6 link remote: [AF_UNSPEC]
GID set to nobody
UID set to nobody
MULTI: multi_init called, r=256 v=256
IFCONFIG POOL IPv4: base=172.16.0.2 size=253
ifconfig_pool_read(), in='client,172.16.0.2,'
succeeded -> ifconfig_pool_set(hand=0)
ifconfig_pool_read(), in='client,172.16.0.3,'
succeeded -> ifconfig_pool_set(hand=1)
IFCONFIG POOL LIST
client,172.16.0.2,
client,172.16.0.3,
Initialization Sequence Completed
MULTI: multi_create_instance called
x.x.x.x:8225 Re-using SSL/TLS context
x.x.x.x:8225 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
x.x.x.x:8225 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
x.x.x.x:8225 Control Channel MTU parms [ L:1621 D:1140 EF:110 EB:0 ET:0 EL:3 ]
x.x.x.x:8225 Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
x.x.x.x:8225 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1601,tun-mtu 1500,proto UDPv4,keydir 0,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-server'
x.x.x.x:8225 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1601,tun-mtu 1500,proto UDPv4,keydir 1,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-client'
x.x.x.x:8225 TLS: Initial packet from [AF_INET6]::ffff:x.x.x.x:8225, sid=0d4f1986 ec7db3f0
x.x.x.x:8225 VERIFY OK: depth=1, CN=microwave
x.x.x.x:8225 VERIFY OK: depth=0, CN=client
x.x.x.x:8225 peer info: IV_VER=3.git::d3f8b18b:Release
x.x.x.x:8225 peer info: IV_PLAT=android
x.x.x.x:8225 peer info: IV_NCP=2
x.x.x.x:8225 peer info: IV_TCPNL=1
x.x.x.x:8225 peer info: IV_PROTO=30
x.x.x.x:8225 peer info: IV_CIPHERS=AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305:AES-256-CBC
x.x.x.x:8225 peer info: IV_LZO_STUB=1
x.x.x.x:8225 peer info: IV_COMP_STUB=1
x.x.x.x:8225 peer info: IV_COMP_STUBv2=1
x.x.x.x:8225 peer info: IV_AUTO_SESS=1
x.x.x.x:8225 peer info: IV_GUI_VER=net.openvpn.connect.android_3.2.7-7957
x.x.x.x:8225 peer info: IV_SSO=webauth,openurl
x.x.x.x:8225 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1601', remote='link-mtu 1602'
x.x.x.x:8225 WARNING: 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
x.x.x.x:8225 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 2048 bit RSA, signature: RSA-SHA256
x.x.x.x:8225 [client] Peer Connection Initiated with [AF_INET6]::ffff:x.x.x.x:8225
client/x.x.x.x:8225 MULTI_sva: pool returned IPv4=172.16.0.2, IPv6=(Not enabled)
client/x.x.x.x:8225 MULTI: Learn: 172.16.0.2 -> client/x.x.x.x:8225
client/x.x.x.x:8225 MULTI: primary virtual IP for client/x.x.x.x:8225: 172.16.0.2
client/x.x.x.x:8225 Data Channel: using negotiated cipher 'AES-256-GCM'
client/x.x.x.x:8225 Data Channel MTU parms [ L:1549 D:1450 EF:49 EB:406 ET:0 EL:3 ]
client/x.x.x.x:8225 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
client/x.x.x.x:8225 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
client/x.x.x.x:8225 SENT CONTROL [client]: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.10.10.1,dhcp-option DNS 8.8.8.8,dhcp-option DNS 208.67.222.222,dhcp-option DNS 208.67.220.220,route-gateway 172.16.0.1,topology subnet,ping 10,ping-restart 120,ifconfig 172.16.0.2 255.255.255.0,peer-id 0,cipher AES-256-GCM' (status=1)
client/x.x.x.x:8225 PUSH: Received control message: 'PUSH_REQUEST'
client/x.x.x.x:8225 IP packet with unknown IP version=15 seen
client/x.x.x.x:8225 IP packet with unknown IP version=15 seen
client/x.x.x.x:8225 IP packet with unknown IP version=15 seen
client/x.x.x.x:8225 IP packet with unknown IP version=15 seen
client/x.x.x.x:8225 IP packet with unknown IP version=15 seen
client/x.x.x.x:8225 IP packet with unknown IP version=15 seen
client/x.x.x.x:8225 IP packet with unknown IP version=15 seen
client/x.x.x.x:8225 IP packet with unknown IP version=15 seen
client/x.x.x.x:8225 IP packet with unknown IP version=15 seen
client/x.x.x.x:8225 IP packet with unknown IP version=15 seen
read UDPv6 [NO-INFO]: Connection refused (code=111)
MULTI: multi_create_instance called
x.x.x.x:8228 Re-using SSL/TLS context
x.x.x.x:8228 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
x.x.x.x:8228 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
x.x.x.x:8228 Control Channel MTU parms [ L:1621 D:1140 EF:110 EB:0 ET:0 EL:3 ]
x.x.x.x:8228 Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
x.x.x.x:8228 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1601,tun-mtu 1500,proto UDPv4,keydir 0,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-server'
x.x.x.x:8228 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1601,tun-mtu 1500,proto UDPv4,keydir 1,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-client'
x.x.x.x:8228 TLS: Initial packet from [AF_INET6]::ffff:x.x.x.x:8228, sid=7b3a9244 8d6a164a
x.x.x.x:8228 VERIFY OK: depth=1, CN=microwave
x.x.x.x:8228 VERIFY OK: depth=0, CN=client
x.x.x.x:8228 peer info: IV_VER=3.git::d3f8b18b:Release
x.x.x.x:8228 peer info: IV_PLAT=android
x.x.x.x:8228 peer info: IV_NCP=2
x.x.x.x:8228 peer info: IV_TCPNL=1
x.x.x.x:8228 peer info: IV_PROTO=30
x.x.x.x:8228 peer info: IV_CIPHERS=AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305:AES-256-CBC
x.x.x.x:8228 peer info: IV_LZO_STUB=1
x.x.x.x:8228 peer info: IV_COMP_STUB=1
x.x.x.x:8228 peer info: IV_COMP_STUBv2=1
x.x.x.x:8228 peer info: IV_AUTO_SESS=1
x.x.x.x:8228 peer info: IV_GUI_VER=net.openvpn.connect.android_3.2.7-7957
x.x.x.x:8228 peer info: IV_SSO=webauth,openurl
x.x.x.x:8228 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1601', remote='link-mtu 1602'
x.x.x.x:8228 WARNING: 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
x.x.x.x:8228 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 2048 bit RSA, signature: RSA-SHA256
x.x.x.x:8228 [client] Peer Connection Initiated with [AF_INET6]::ffff:x.x.x.x:8228
MULTI: new connection by client 'client' will cause previous active sessions by this client to be dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
MULTI_sva: pool returned IPv4=172.16.0.2, IPv6=(Not enabled)
MULTI: Learn: 172.16.0.2 -> client/x.x.x.x:8228
MULTI: primary virtual IP for client/x.x.x.x:8228: 172.16.0.2
Data Channel: using negotiated cipher 'AES-256-GCM'
Data Channel MTU parms [ L:1549 D:1450 EF:49 EB:406 ET:0 EL:3 ]
Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
SENT CONTROL [client]: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.10.10.1,dhcp-option DNS 8.8.8.8,dhcp-option DNS 208.67.222.222,dhcp-option DNS 208.67.220.220,route-gateway 172.16.0.1,topology subnet,ping 10,ping-restart 120,ifconfig 172.16.0.2 255.255.255.0,peer-id 1,cipher AES-256-GCM' (status=1)
client/x.x.x.x:8228 PUSH: Received control message: 'PUSH_REQUEST'
client/x.x.x.x:8228 IP packet with unknown IP version=15 seen
client/x.x.x.x:8228 IP packet with unknown IP version=15 seen
client/x.x.x.x:8228 IP packet with unknown IP version=15 seen
client/x.x.x.x:8228 IP packet with unknown IP version=15 seen
client/x.x.x.x:8228 IP packet with unknown IP version=15 seen
client/x.x.x.x:8228 IP packet with unknown IP version=15 seen
client/x.x.x.x:8228 IP packet with unknown IP version=15 seen
client/x.x.x.x:8228 IP packet with unknown IP version=15 seen
client/x.x.x.x:2779 IP packet with unknown IP version=15 seen
client/x.x.x.x:2779 IP packet with unknown IP version=15 seen
client/x.x.x.x:2779 IP packet with unknown IP version=15 seen
client/x.x.x.x:2779 IP packet with unknown IP version=15 seen
client/x.x.x.x:2779 IP packet with unknown IP version=15 seen
MULTI: multi_create_instance called
x.x.x.x:8237 Re-using SSL/TLS context
x.x.x.x:8237 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
x.x.x.x:8237 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
x.x.x.x:8237 Control Channel MTU parms [ L:1621 D:1140 EF:110 EB:0 ET:0 EL:3 ]
x.x.x.x:8237 Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
x.x.x.x:8237 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1601,tun-mtu 1500,proto UDPv4,keydir 0,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-server'
x.x.x.x:8237 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1601,tun-mtu 1500,proto UDPv4,keydir 1,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-client'
x.x.x.x:8237 TLS: Initial packet from [AF_INET6]::ffff:x.x.x.x:8237, sid=16094d88 0bd2f62b
x.x.x.x:8237 VERIFY OK: depth=1, CN=microwave
x.x.x.x:8237 VERIFY OK: depth=0, CN=client
x.x.x.x:8237 peer info: IV_VER=3.git::d3f8b18b:Release
x.x.x.x:8237 peer info: IV_PLAT=android
x.x.x.x:8237 peer info: IV_NCP=2
x.x.x.x:8237 peer info: IV_TCPNL=1
x.x.x.x:8237 peer info: IV_PROTO=30
x.x.x.x:8237 peer info: IV_CIPHERS=AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305:AES-256-CBC
x.x.x.x:8237 peer info: IV_LZO_STUB=1
x.x.x.x:8237 peer info: IV_COMP_STUB=1
x.x.x.x:8237 peer info: IV_COMP_STUBv2=1
x.x.x.x:8237 peer info: IV_AUTO_SESS=1
x.x.x.x:8237 peer info: IV_GUI_VER=net.openvpn.connect.android_3.2.7-7957
x.x.x.x:8237 peer info: IV_SSO=webauth,openurl
x.x.x.x:8237 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1601', remote='link-mtu 1602'
x.x.x.x:8237 WARNING: 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
x.x.x.x:8237 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 2048 bit RSA, signature: RSA-SHA256
x.x.x.x:8237 [client] Peer Connection Initiated with [AF_INET6]::ffff:x.x.x.x:8237
MULTI: new connection by client 'client' will cause previous active sessions by this client to be dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
MULTI_sva: pool returned IPv4=172.16.0.2, IPv6=(Not enabled)
MULTI: Learn: 172.16.0.2 -> client/x.x.x.x:8237
MULTI: primary virtual IP for client/x.x.x.x:8237: 172.16.0.2
Data Channel: using negotiated cipher 'AES-256-GCM'
Data Channel MTU parms [ L:1549 D:1450 EF:49 EB:406 ET:0 EL:3 ]
Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
SENT CONTROL [client]: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.10.10.1,dhcp-option DNS 8.8.8.8,dhcp-option DNS 208.67.222.222,dhcp-option DNS 208.67.220.220,route-gateway 172.16.0.1,topology subnet,ping 10,ping-restart 120,ifconfig 172.16.0.2 255.255.255.0,peer-id 0,cipher AES-256-GCM' (status=1)
client/x.x.x.x:8237 PUSH: Received control message: 'PUSH_REQUEST'
client/x.x.x.x:8237 IP packet with unknown IP version=15 seen
client/x.x.x.x:8237 IP packet with unknown IP version=15 seen
client/x.x.x.x:8237 IP packet with unknown IP version=15 seen
client/x.x.x.x:8237 IP packet with unknown IP version=15 seen
client/x.x.x.x:8237 IP packet with unknown IP version=15 seen
client/x.x.x.x:8237 IP packet with unknown IP version=15 seen
client/x.x.x.x:8237 IP packet with unknown IP version=15 seen
client/x.x.x.x:8237 IP packet with unknown IP version=15 seen
client/x.x.x.x:8237 IP packet with unknown IP version=15 seen
client/x.x.x.x:8237 PID_ERR replay-window backtrack occurred [1] [SSL-0] [0_00000000000000000000] 0:22 0:21 t=1658948294[0] r=[0,64,15,1,1] sl=[42,22,64,528]
client/x.x.x.x:8237 IP packet with unknown IP version=15 seen
client/x.x.x.x:8237 IP packet with unknown IP version=15 seen
client/x.x.x.x:8237 IP packet with unknown IP version=15 seen
client/x.x.x.x:8237 IP packet with unknown IP version=15 seen
client/x.x.x.x:8237 IP packet with unknown IP version=15 seen
client/x.x.x.x:8237 IP packet with unknown IP version=15 seen
client/x.x.x.x:8237 IP packet with unknown IP version=15 seen
client/x.x.x.x:8237 IP packet with unknown IP version=15 seen
client/x.x.x.x:8237 IP packet with unknown IP version=15 seen
MULTI: multi_create_instance called
x.x.x.x:2765 Re-using SSL/TLS context
x.x.x.x:2765 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
x.x.x.x:2765 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
x.x.x.x:2765 Control Channel MTU parms [ L:1621 D:1140 EF:110 EB:0 ET:0 EL:3 ]
x.x.x.x:2765 Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
x.x.x.x:2765 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1601,tun-mtu 1500,proto UDPv4,keydir 0,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-server'
x.x.x.x:2765 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1601,tun-mtu 1500,proto UDPv4,keydir 1,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-client'
x.x.x.x:2765 TLS: Initial packet from [AF_INET6]::ffff:x.x.x.x:2765, sid=6eadb77c 8fb4047d
x.x.x.x:2765 VERIFY OK: depth=1, CN=microwave
x.x.x.x:2765 VERIFY OK: depth=0, CN=client
x.x.x.x:2765 peer info: IV_VER=3.git::d3f8b18b:Release
x.x.x.x:2765 peer info: IV_PLAT=android
x.x.x.x:2765 peer info: IV_NCP=2
x.x.x.x:2765 peer info: IV_TCPNL=1
x.x.x.x:2765 peer info: IV_PROTO=30
x.x.x.x:2765 peer info: IV_CIPHERS=AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305:AES-256-CBC
x.x.x.x:2765 peer info: IV_LZO_STUB=1
x.x.x.x:2765 peer info: IV_COMP_STUB=1
x.x.x.x:2765 peer info: IV_COMP_STUBv2=1
x.x.x.x:2765 peer info: IV_AUTO_SESS=1
x.x.x.x:2765 peer info: IV_GUI_VER=net.openvpn.connect.android_3.2.7-7957
x.x.x.x:2765 peer info: IV_SSO=webauth,openurl
x.x.x.x:2765 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1601', remote='link-mtu 1602'
x.x.x.x:2765 WARNING: 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
x.x.x.x:2765 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 2048 bit RSA, signature: RSA-SHA256
x.x.x.x:2765 [client] Peer Connection Initiated with [AF_INET6]::ffff:x.x.x.x:2765
MULTI: new connection by client 'client' will cause previous active sessions by this client to be dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
MULTI_sva: pool returned IPv4=172.16.0.2, IPv6=(Not enabled)
MULTI: Learn: 172.16.0.2 -> client/x.x.x.x:2765
MULTI: primary virtual IP for client/x.x.x.x:2765: 172.16.0.2
Data Channel: using negotiated cipher 'AES-256-GCM'
Data Channel MTU parms [ L:1549 D:1450 EF:49 EB:406 ET:0 EL:3 ]
Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
SENT CONTROL [client]: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.10.10.1,dhcp-option DNS 8.8.8.8,dhcp-option DNS 208.67.222.222,dhcp-option DNS 208.67.220.220,route-gateway 172.16.0.1,topology subnet,ping 10,ping-restart 120,ifconfig 172.16.0.2 255.255.255.0,peer-id 1,cipher AES-256-GCM' (status=1)
client/x.x.x.x:2765 PUSH: Received control message: 'PUSH_REQUEST'
client/x.x.x.x:2765 IP packet with unknown IP version=15 seen
client/x.x.x.x:2765 IP packet with unknown IP version=15 seen
client/x.x.x.x:2765 IP packet with unknown IP version=15 seen
client/x.x.x.x:2765 IP packet with unknown IP version=15 seen
client/x.x.x.x:2765 IP packet with unknown IP version=15 seen
client/x.x.x.x:2765 IP packet with unknown IP version=15 seen
client/x.x.x.x:2765 IP packet with unknown IP version=15 seen
client/x.x.x.x:2765 IP packet with unknown IP version=15 seen
MULTI: multi_create_instance called
x.x.x.x:8244 Re-using SSL/TLS context
x.x.x.x:8244 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
x.x.x.x:8244 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
x.x.x.x:8244 Control Channel MTU parms [ L:1621 D:1140 EF:110 EB:0 ET:0 EL:3 ]
x.x.x.x:8244 Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
x.x.x.x:8244 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1601,tun-mtu 1500,proto UDPv4,keydir 0,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-server'
x.x.x.x:8244 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1601,tun-mtu 1500,proto UDPv4,keydir 1,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-client'
x.x.x.x:8244 TLS: Initial packet from [AF_INET6]::ffff:x.x.x.x:8244, sid=21bb446a 4f22c85f
x.x.x.x:8244 VERIFY OK: depth=1, CN=microwave
x.x.x.x:8244 VERIFY OK: depth=0, CN=client
x.x.x.x:8244 peer info: IV_VER=3.git::d3f8b18b:Release
x.x.x.x:8244 peer info: IV_PLAT=android
x.x.x.x:8244 peer info: IV_NCP=2
x.x.x.x:8244 peer info: IV_TCPNL=1
x.x.x.x:8244 peer info: IV_PROTO=30
x.x.x.x:8244 peer info: IV_CIPHERS=AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305:AES-256-CBC
x.x.x.x:8244 peer info: IV_LZO_STUB=1
x.x.x.x:8244 peer info: IV_COMP_STUB=1
x.x.x.x:8244 peer info: IV_COMP_STUBv2=1
x.x.x.x:8244 peer info: IV_AUTO_SESS=1
x.x.x.x:8244 peer info: IV_GUI_VER=net.openvpn.connect.android_3.2.7-7957
x.x.x.x:8244 peer info: IV_SSO=webauth,openurl
x.x.x.x:8244 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1601', remote='link-mtu 1602'
x.x.x.x:8244 WARNING: 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
x.x.x.x:8244 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 2048 bit RSA, signature: RSA-SHA256
x.x.x.x:8244 [client] Peer Connection Initiated with [AF_INET6]::ffff:x.x.x.x:8244
,dhcp-option DNS 10.10.10.1,dhcp-option DNS 8.8.8.8,dhcp-option DNS 208.67.222.222,dhcp-option DNS 208.67.220.220,route-gateway 172.16.0.1,topology subnet,ping 10,ping-restart 120,ifconfig 172.16.0.2 255.255.255.0,peer-id 0,cipher AES-256-GCM' (status=1)
client/x.x.x.x:8244 PUSH: Received control message: 'PUSH_REQUEST'
client/x.x.x.x:8244 IP packet with unknown IP version=15 seen
client/x.x.x.x:8244 IP packet with unknown IP version=15 seen
client/x.x.x.x:8234 IP packet with unknown IP version=15 seen
client/x.x.x.x:8234 IP packet with unknown IP version=15 seen
client/x.x.x.x:8234 IP packet with unknown IP version=15 seen
client/x.x.x.x:8234 IP packet with unknown IP version=15 seen
client/x.x.x.x:8234 IP packet with unknown IP version=15 seen
MULTI: multi_create_instance called
x.x.x.x:8252 Re-using SSL/TLS context
x.x.x.x:8252 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
x.x.x.x:8252 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
x.x.x.x:8252 Control Channel MTU parms [ L:1621 D:1140 EF:110 EB:0 ET:0 EL:3 ]
x.x.x.x:8252 Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
x.x.x.x:8252 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1601,tun-mtu 1500,proto UDPv4,keydir 0,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-server'
x.x.x.x:8252 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1601,tun-mtu 1500,proto UDPv4,keydir 1,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-client'
x.x.x.x:8252 TLS: Initial packet from [AF_INET6]::ffff:x.x.x.x:8252, sid=39a98b71 8a42c84c
x.x.x.x:8252 VERIFY OK: depth=1, CN=microwave
x.x.x.x:8252 VERIFY OK: depth=0, CN=client
x.x.x.x:8252 peer info: IV_VER=3.git::d3f8b18b:Release
x.x.x.x:8252 peer info: IV_PLAT=android
x.x.x.x:8252 peer info: IV_NCP=2
x.x.x.x:8252 peer info: IV_TCPNL=1
x.x.x.x:8252 peer info: IV_PROTO=30
x.x.x.x:8252 peer info: IV_CIPHERS=AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305:AES-256-CBC
x.x.x.x:8252 peer info: IV_LZO_STUB=1
x.x.x.x:8252 peer info: IV_COMP_STUB=1
x.x.x.x:8252 peer info: IV_COMP_STUBv2=1
x.x.x.x:8252 peer info: IV_AUTO_SESS=1
x.x.x.x:8252 peer info: IV_GUI_VER=net.openvpn.connect.android_3.2.7-7957
x.x.x.x:8252 peer info: IV_SSO=webauth,openurl
x.x.x.x:8252 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1601', remote='link-mtu 1602'
x.x.x.x:8252 WARNING: 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
x.x.x.x:8252 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 2048 bit RSA, signature: RSA-SHA256
x.x.x.x:8252 [client] Peer Connection Initiated with [AF_INET6]::ffff:x.x.x.x:8252
MULTI: new connection by client 'client' will cause previous active sessions by this client to be dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
MULTI_sva: pool returned IPv4=172.16.0.2, IPv6=(Not enabled)
MULTI: Learn: 172.16.0.2 -> client/x.x.x.x:8252
MULTI: primary virtual IP for client/x.x.x.x:8252: 172.16.0.2
Data Channel: using negotiated cipher 'AES-256-GCM'
Data Channel MTU parms [ L:1549 D:1450 EF:49 EB:406 ET:0 EL:3 ]
Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
SENT CONTROL [client]: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.10.10.1,dhcp-option DNS 8.8.8.8,dhcp-option DNS 208.67.222.222,dhcp-option DNS 208.67.220.220,route-gateway 172.16.0.1,topology subnet,ping 10,ping-restart 120,ifconfig 172.16.0.2 255.255.255.0,peer-id 1,cipher AES-256-GCM' (status=1)
client/x.x.x.x:8252 PUSH: Received control message: 'PUSH_REQUEST'
client/x.x.x.x:8252 IP packet with unknown IP version=15 seen
client/x.x.x.x:8252 IP packet with unknown IP version=15 seen
client/x.x.x.x:8252 IP packet with unknown IP version=15 seen
client/x.x.x.x:8252 IP packet with unknown IP version=15 seen
client/x.x.x.x:8252 IP packet with unknown IP version=15 seen
client/x.x.x.x:8252 PID_ERR replay-window backtrack occurred [2] [SSL-0] [00_0000000000000000000] 0:22 0:20 t=1658948906[0] r=[0,64,15,2,1] sl=[42,22,64,528]
client/x.x.x.x:8252 IP packet with unknown IP version=15 seen
client/x.x.x.x:8252 IP packet with unknown IP version=15 seen
client/x.x.x.x:8252 IP packet with unknown IP version=15 seen
client/x.x.x.x:8252 IP packet with unknown IP version=15 seen
client/x.x.x.x:8252 IP packet with unknown IP version=15 seen
client/x.x.x.x:8252 IP packet with unknown IP version=15 seen
client/x.x.x.x:8252 IP packet with unknown IP version=15 seen
client/x.x.x.x:8252 IP packet with unknown IP version=15 seen
client/x.x.x.x:8252 IP packet with unknown IP version=15 seen
client/x.x.x.x:8252 IP packet with unknown IP version=15 seen
client/x.x.x.x:8252 IP packet with unknown IP version=15 seen
client/x.x.x.x:8252 IP packet with unknown IP version=15 seen
client/x.x.x.x:8252 IP packet with unknown IP version=15 seen
client/x.x.x.x:8252 IP packet with unknown IP version=15 seen
client/x.x.x.x:8252 IP packet with unknown IP version=15 seen
client/x.x.x.x:8252 IP packet with unknown IP version=15 seen
client/x.x.x.x:8252 IP packet with unknown IP version=15 seen
MULTI: multi_create_instance called
x.x.x.x:8226 Re-using SSL/TLS context
x.x.x.x:8226 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
x.x.x.x:8226 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
x.x.x.x:8226 Control Channel MTU parms [ L:1621 D:1140 EF:110 EB:0 ET:0 EL:3 ]
x.x.x.x:8226 Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
x.x.x.x:8226 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1601,tun-mtu 1500,proto UDPv4,keydir 0,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-server'
x.x.x.x:8226 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1601,tun-mtu 1500,proto UDPv4,keydir 1,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-client'
x.x.x.x:8226 TLS: Initial packet from [AF_INET6]::ffff:x.x.x.x:8226, sid=486ebd27 ac0c6e71
x.x.x.x:8226 VERIFY OK: depth=1, CN=microwave
x.x.x.x:8226 VERIFY OK: depth=0, CN=client
x.x.x.x:8226 peer info: IV_VER=3.git::d3f8b18b:Release
x.x.x.x:8226 peer info: IV_PLAT=android
x.x.x.x:8226 peer info: IV_NCP=2
x.x.x.x:8226 peer info: IV_TCPNL=1
x.x.x.x:8226 peer info: IV_PROTO=30
x.x.x.x:8226 peer info: IV_CIPHERS=AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305:AES-256-CBC
x.x.x.x:8226 peer info: IV_LZO_STUB=1
x.x.x.x:8226 peer info: IV_COMP_STUB=1
x.x.x.x:8226 peer info: IV_COMP_STUBv2=1
x.x.x.x:8226 peer info: IV_AUTO_SESS=1
x.x.x.x:8226 peer info: IV_GUI_VER=net.openvpn.connect.android_3.2.7-7957
x.x.x.x:8226 peer info: IV_SSO=webauth,openurl
x.x.x.x:8226 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1601', remote='link-mtu 1602'
x.x.x.x:8226 WARNING: 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
x.x.x.x:8226 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 2048 bit RSA, signature: RSA-SHA256
x.x.x.x:8226 [client] Peer Connection Initiated with [AF_INET6]::ffff:x.x.x.x:8226
MULTI: new connection by client 'client' will cause previous active sessions by this client to be dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
MULTI_sva: pool returned IPv4=172.16.0.2, IPv6=(Not enabled)
MULTI: Learn: 172.16.0.2 -> client/x.x.x.x:8226
MULTI: primary virtual IP for client/x.x.x.x:8226: 172.16.0.2
Data Channel: using negotiated cipher 'AES-256-GCM'
Data Channel MTU parms [ L:1549 D:1450 EF:49 EB:406 ET:0 EL:3 ]
Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
SENT CONTROL [client]: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.10.10.1,dhcp-option DNS 8.8.8.8,dhcp-option DNS 208.67.222.222,dhcp-option DNS 208.67.220.220,route-gateway 172.16.0.1,topology subnet,ping 10,ping-restart 120,ifconfig 172.16.0.2 255.255.255.0,peer-id 0,cipher AES-256-GCM' (status=1)
client/x.x.x.x:8226 PUSH: Received control message: 'PUSH_REQUEST'
client/x.x.x.x:8226 IP packet with unknown IP version=15 seen
client/x.x.x.x:8226 IP packet with unknown IP version=15 seen
client/x.x.x.x:8226 IP packet with unknown IP version=15 seen
client/x.x.x.x:8226 IP packet with unknown IP version=15 seen
client/x.x.x.x:8226 IP packet with unknown IP version=15 seen
client/x.x.x.x:8226 IP packet with unknown IP version=15 seen
client/x.x.x.x:8226 IP packet with unknown IP version=15 seen
client/x.x.x.x:8226 IP packet with unknown IP version=15 seen
client/x.x.x.x:8226 IP packet with unknown IP version=15 seen
client/x.x.x.x:8226 IP packet with unknown IP version=15 seen
client/x.x.x.x:8226 IP packet with unknown IP version=15 seen
client/x.x.x.x:8226 IP packet with unknown IP version=15 seen
client/x.x.x.x:8226 IP packet with unknown IP version=15 seen
client/x.x.x.x:8226 IP packet with unknown IP version=15 seen
client/x.x.x.x:8226 IP packet with unknown IP version=15 seen
read UDPv6 [NO-INFO]: Connection refused (code=111)
MULTI: multi_create_instance called
x.x.x.x:8233 Re-using SSL/TLS context
x.x.x.x:8233 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
x.x.x.x:8233 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
x.x.x.x:8233 Control Channel MTU parms [ L:1621 D:1140 EF:110 EB:0 ET:0 EL:3 ]
x.x.x.x:8233 Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
x.x.x.x:8233 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1601,tun-mtu 1500,proto UDPv4,keydir 0,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-server'
x.x.x.x:8233 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1601,tun-mtu 1500,proto UDPv4,keydir 1,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-client'
x.x.x.x:8233 TLS: Initial packet from [AF_INET6]::ffff:x.x.x.x:8233, sid=fe836bf3 c45b942a
x.x.x.x:8233 VERIFY OK: depth=1, CN=microwave
x.x.x.x:8233 VERIFY OK: depth=0, CN=client
x.x.x.x:8233 peer info: IV_VER=3.git::d3f8b18b:Release
x.x.x.x:8233 peer info: IV_PLAT=android
x.x.x.x:8233 peer info: IV_NCP=2
x.x.x.x:8233 peer info: IV_TCPNL=1
x.x.x.x:8233 peer info: IV_PROTO=30
x.x.x.x:8233 peer info: IV_CIPHERS=AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305:AES-256-CBC
x.x.x.x:8233 peer info: IV_LZO_STUB=1
x.x.x.x:8233 peer info: IV_COMP_STUB=1
x.x.x.x:8233 peer info: IV_COMP_STUBv2=1
x.x.x.x:8233 peer info: IV_AUTO_SESS=1
x.x.x.x:8233 peer info: IV_GUI_VER=net.openvpn.connect.android_3.2.7-7957
x.x.x.x:8233 peer info: IV_SSO=webauth,openurl
x.x.x.x:8233 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1601', remote='link-mtu 1602'
x.x.x.x:8233 WARNING: 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
x.x.x.x:8233 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 2048 bit RSA, signature: RSA-SHA256
x.x.x.x:8233 [client] Peer Connection Initiated with [AF_INET6]::ffff:x.x.x.x:8233
MULTI: new connection by client 'client' will cause previous active sessions by this client to be dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
MULTI_sva: pool returned IPv4=172.16.0.2, IPv6=(Not enabled)
MULTI: Learn: 172.16.0.2 -> client/x.x.x.x:8233
MULTI: primary virtual IP for client/x.x.x.x:8233: 172.16.0.2
Data Channel: using negotiated cipher 'AES-256-GCM'
Data Channel MTU parms [ L:1549 D:1450 EF:49 EB:406 ET:0 EL:3 ]
Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
SENT CONTROL [client]: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.10.10.1,dhcp-option DNS 8.8.8.8,dhcp-option DNS 208.67.222.222,dhcp-option DNS 208.67.220.220,route-gateway 172.16.0.1,topology subnet,ping 10,ping-restart 120,ifconfig 172.16.0.2 255.255.255.0,peer-id 1,cipher AES-256-GCM' (status=1)
client/x.x.x.x:8233 PUSH: Received control message: 'PUSH_REQUEST'
client/x.x.x.x:8233 IP packet with unknown IP version=15 seen
client/x.x.x.x:8233 IP packet with unknown IP version=15 seen
client/x.x.x.x:8233 IP packet with unknown IP version=15 seen
client/x.x.x.x:8233 IP packet with unknown IP version=15 seen
client/x.x.x.x:8233 IP packet with unknown IP version=15 seen
client/x.x.x.x:8233 IP packet with unknown IP version=15 seen
client/x.x.x.x:8233 IP packet with unknown IP version=15 seen
client/x.x.x.x:8233 IP packet with unknown IP version=15 seen
client/x.x.x.x:8233 IP packet with unknown IP version=15 seen
client/x.x.x.x:8233 IP packet with unknown IP version=15 seen
client/x.x.x.x:8233 IP packet with unknown IP version=15 seen
client/x.x.x.x:8233 IP packet with unknown IP version=15 seen
MULTI: multi_create_instance called
x.x.x.x:8227 Re-using SSL/TLS context
x.x.x.x:8227 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
x.x.x.x:8227 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
x.x.x.x:8227 Control Channel MTU parms [ L:1621 D:1140 EF:110 EB:0 ET:0 EL:3 ]
x.x.x.x:8227 Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
x.x.x.x:8227 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1601,tun-mtu 1500,proto UDPv4,keydir 0,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-server'
x.x.x.x:8227 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1601,tun-mtu 1500,proto UDPv4,keydir 1,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-client'
x.x.x.x:8227 TLS: Initial packet from [AF_INET6]::ffff:x.x.x.x:8227, sid=86341a5b f8b09353
x.x.x.x:8227 VERIFY OK: depth=1, CN=microwave
x.x.x.x:8227 VERIFY OK: depth=0, CN=client
x.x.x.x:8227 peer info: IV_VER=3.git::d3f8b18b:Release
x.x.x.x:8227 peer info: IV_PLAT=android
x.x.x.x:8227 peer info: IV_NCP=2
x.x.x.x:8227 peer info: IV_TCPNL=1
x.x.x.x:8227 peer info: IV_PROTO=30
x.x.x.x:8227 peer info: IV_CIPHERS=AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305:AES-256-CBC
x.x.x.x:8227 peer info: IV_LZO_STUB=1
x.x.x.x:8227 peer info: IV_COMP_STUB=1
x.x.x.x:8227 peer info: IV_COMP_STUBv2=1
x.x.x.x:8227 peer info: IV_AUTO_SESS=1
x.x.x.x:8227 peer info: IV_GUI_VER=net.openvpn.connect.android_3.2.7-7957
x.x.x.x:8227 peer info: IV_SSO=webauth,openurl
x.x.x.x:8227 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1601', remote='link-mtu 1602'
x.x.x.x:8227 WARNING: 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
x.x.x.x:8227 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 2048 bit RSA, signature: RSA-SHA256
x.x.x.x:8227 [client] Peer Connection Initiated with [AF_INET6]::ffff:x.x.x.x:8227
MULTI: new connection by client 'client' will cause previous active sessions by this client to be dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
MULTI_sva: pool returned IPv4=172.16.0.2, IPv6=(Not enabled)
MULTI: Learn: 172.16.0.2 -> client/x.x.x.x:8227
MULTI: primary virtual IP for client/x.x.x.x:8227: 172.16.0.2
Data Channel: using negotiated cipher 'AES-256-GCM'
Data Channel MTU parms [ L:1549 D:1450 EF:49 EB:406 ET:0 EL:3 ]
Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
SENT CONTROL [client]: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.10.10.1,dhcp-option DNS 8.8.8.8,dhcp-option DNS 208.67.222.222,dhcp-option DNS 208.67.220.220,route-gateway 172.16.0.1,topology subnet,ping 10,ping-restart 120,ifconfig 172.16.0.2 255.255.255.0,peer-id 0,cipher AES-256-GCM' (status=1)
client/x.x.x.x:8227 PUSH: Received control message: 'PUSH_REQUEST'
client/x.x.x.x:8227 IP packet with unknown IP version=15 seen
client/x.x.x.x:8227 IP packet with unknown IP version=15 seen
client/x.x.x.x:8227 IP packet with unknown IP version=15 seen
client/x.x.x.x:8227 IP packet with unknown IP version=15 seen
client/x.x.x.x:8227 IP packet with unknown IP version=15 seen
client/x.x.x.x:8227 IP packet with unknown IP version=15 seen
client/x.x.x.x:8227 IP packet with unknown IP version=15 seen
client/x.x.x.x:8227 IP packet with unknown IP version=15 seen
client/x.x.x.x:8227 IP packet with unknown IP version=15 seen
client/x.x.x.x:8227 IP packet with unknown IP version=15 seen
client/x.x.x.x:8227 IP packet with unknown IP version=15 seen
client/x.x.x.x:8227 IP packet with unknown IP version=15 seen
MULTI: multi_create_instance called
x.x.x.x:8247 Re-using SSL/TLS context
x.x.x.x:8247 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
x.x.x.x:8247 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
x.x.x.x:8247 Control Channel MTU parms [ L:1621 D:1140 EF:110 EB:0 ET:0 EL:3 ]
x.x.x.x:8247 Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
x.x.x.x:8247 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1601,tun-mtu 1500,proto UDPv4,keydir 0,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-server'
x.x.x.x:8247 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1601,tun-mtu 1500,proto UDPv4,keydir 1,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-client'
x.x.x.x:8247 TLS: Initial packet from [AF_INET6]::ffff:x.x.x.x:8247, sid=3fb9be81 f376247c
x.x.x.x:8247 VERIFY OK: depth=1, CN=microwave
x.x.x.x:8247 VERIFY OK: depth=0, CN=client
x.x.x.x:8247 peer info: IV_VER=3.git::d3f8b18b:Release
x.x.x.x:8247 peer info: IV_PLAT=android
x.x.x.x:8247 peer info: IV_NCP=2
x.x.x.x:8247 peer info: IV_TCPNL=1
x.x.x.x:8247 peer info: IV_PROTO=30
x.x.x.x:8247 peer info: IV_CIPHERS=AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305:AES-256-CBC
x.x.x.x:8247 peer info: IV_LZO_STUB=1
x.x.x.x:8247 peer info: IV_COMP_STUB=1
x.x.x.x:8247 peer info: IV_COMP_STUBv2=1
x.x.x.x:8247 peer info: IV_AUTO_SESS=1
x.x.x.x:8247 peer info: IV_GUI_VER=net.openvpn.connect.android_3.2.7-7957
x.x.x.x:8247 peer info: IV_SSO=webauth,openurl
x.x.x.x:8247 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1601', remote='link-mtu 1602'
x.x.x.x:8247 WARNING: 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
x.x.x.x:8247 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 2048 bit RSA, signature: RSA-SHA256
x.x.x.x:8247 [client] Peer Connection Initiated with [AF_INET6]::ffff:x.x.x.x:8247
MULTI: new connection by client 'client' will cause previous active sessions by this client to be dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
MULTI_sva: pool returned IPv4=172.16.0.2, IPv6=(Not enabled)
MULTI: Learn: 172.16.0.2 -> client/x.x.x.x:8247
MULTI: primary virtual IP for client/x.x.x.x:8247: 172.16.0.2
Data Channel: using negotiated cipher 'AES-256-GCM'
Data Channel MTU parms [ L:1549 D:1450 EF:49 EB:406 ET:0 EL:3 ]
Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
SENT CONTROL [client]: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.10.10.1,dhcp-option DNS 8.8.8.8,dhcp-option DNS 208.67.222.222,dhcp-option DNS 208.67.220.220,route-gateway 172.16.0.1,topology subnet,ping 10,ping-restart 120,ifconfig 172.16.0.2 255.255.255.0,peer-id 1,cipher AES-256-GCM' (status=1)
client/x.x.x.x:8247 PUSH: Received control message: 'PUSH_REQUEST'
client/x.x.x.x:8247 IP packet with unknown IP version=15 seen
client/x.x.x.x:8247 IP packet with unknown IP version=15 seen
client/x.x.x.x:8247 IP packet with unknown IP version=15 seen
client/x.x.x.x:8247 IP packet with unknown IP version=15 seen
client/x.x.x.x:8247 IP packet with unknown IP version=15 seen
client/x.x.x.x:8247 IP packet with unknown IP version=15 seen
client/x.x.x.x:8247 IP packet with unknown IP version=15 seen
client/x.x.x.x:8247 IP packet with unknown IP version=15 seen
client/x.x.x.x:8247 IP packet with unknown IP version=15 seen
client/x.x.x.x:8247 IP packet with unknown IP version=15 seen
client/x.x.x.x:8247 IP packet with unknown IP version=15 seen
client/x.x.x.x:8247 IP packet with unknown IP version=15 seen
client/x.x.x.x:8247 IP packet with unknown IP version=15 seen
client/x.x.x.x:8247 IP packet with unknown IP version=15 seen
client/x.x.x.x:8247 IP packet with unknown IP version=15 seen
MULTI: multi_create_instance called
x.x.x.x:8243 Re-using SSL/TLS context
x.x.x.x:8243 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
x.x.x.x:8243 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
x.x.x.x:8243 Control Channel MTU parms [ L:1621 D:1140 EF:110 EB:0 ET:0 EL:3 ]
x.x.x.x:8243 Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
x.x.x.x:8243 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1601,tun-mtu 1500,proto UDPv4,keydir 0,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-server'
x.x.x.x:8243 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1601,tun-mtu 1500,proto UDPv4,keydir 1,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-client'
x.x.x.x:8243 TLS: Initial packet from [AF_INET6]::ffff:x.x.x.x:8243, sid=268dca1a 805b9dd6
x.x.x.x:8243 VERIFY OK: depth=1, CN=microwave
x.x.x.x:8243 VERIFY OK: depth=0, CN=client
x.x.x.x:8243 peer info: IV_VER=3.git::d3f8b18b:Release
x.x.x.x:8243 peer info: IV_PLAT=android
x.x.x.x:8243 peer info: IV_NCP=2
x.x.x.x:8243 peer info: IV_TCPNL=1
x.x.x.x:8243 peer info: IV_PROTO=30
x.x.x.x:8243 peer info: IV_CIPHERS=AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305:AES-256-CBC
x.x.x.x:8243 peer info: IV_LZO_STUB=1
x.x.x.x:8243 peer info: IV_COMP_STUB=1
x.x.x.x:8243 peer info: IV_COMP_STUBv2=1
x.x.x.x:8243 peer info: IV_AUTO_SESS=1
x.x.x.x:8243 peer info: IV_GUI_VER=net.openvpn.connect.android_3.2.7-7957
x.x.x.x:8243 peer info: IV_SSO=webauth,openurl
x.x.x.x:8243 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1601', remote='link-mtu 1602'
x.x.x.x:8243 WARNING: 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
x.x.x.x:8243 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 2048 bit RSA, signature: RSA-SHA256
x.x.x.x:8243 [client] Peer Connection Initiated with [AF_INET6]::ffff:x.x.x.x:8243
MULTI: new connection by client 'client' will cause previous active sessions by this client to be dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
MULTI_sva: pool returned IPv4=172.16.0.2, IPv6=(Not enabled)
MULTI: Learn: 172.16.0.2 -> client/x.x.x.x:8243
MULTI: primary virtual IP for client/x.x.x.x:8243: 172.16.0.2
Data Channel: using negotiated cipher 'AES-256-GCM'
Data Channel MTU parms [ L:1549 D:1450 EF:49 EB:406 ET:0 EL:3 ]
Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
SENT CONTROL [client]: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.10.10.1,dhcp-option DNS 8.8.8.8,dhcp-option DNS 208.67.222.222,dhcp-option DNS 208.67.220.220,route-gateway 172.16.0.1,topology subnet,ping 10,ping-restart 120,ifconfig 172.16.0.2 255.255.255.0,peer-id 0,cipher AES-256-GCM' (status=1)
client/x.x.x.x:8243 PUSH: Received control message: 'PUSH_REQUEST'
client/x.x.x.x:8243 IP packet with unknown IP version=15 seen
client/x.x.x.x:8243 IP packet with unknown IP version=15 seen
client/x.x.x.x:8243 IP packet with unknown IP version=15 seen
client/x.x.x.x:8243 IP packet with unknown IP version=15 seen
client/x.x.x.x:8243 IP packet with unknown IP version=15 seen
client/x.x.x.x:8243 IP packet with unknown IP version=15 seen
client/x.x.x.x:8243 IP packet with unknown IP version=15 seen
client/x.x.x.x:8243 IP packet with unknown IP version=15 seen
client/x.x.x.x:8243 IP packet with unknown IP version=15 seen
client/x.x.x.x:8243 IP packet with unknown IP version=15 seen
client/x.x.x.x:8243 IP packet with unknown IP version=15 seen
client/x.x.x.x:8243 IP packet with unknown IP version=15 seen
client/x.x.x.x:8243 IP packet with unknown IP version=15 seen
client/x.x.x.x:8243 IP packet with unknown IP version=15 seen
MULTI: multi_create_instance called
x.x.x.x:8248 Re-using SSL/TLS context
x.x.x.x:8248 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
x.x.x.x:8248 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
x.x.x.x:8248 Control Channel MTU parms [ L:1621 D:1140 EF:110 EB:0 ET:0 EL:3 ]
x.x.x.x:8248 Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
x.x.x.x:8248 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1601,tun-mtu 1500,proto UDPv4,keydir 0,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-server'
x.x.x.x:8248 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1601,tun-mtu 1500,proto UDPv4,keydir 1,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-client'
x.x.x.x:8248 TLS: Initial packet from [AF_INET6]::ffff:x.x.x.x:8248, sid=b53382e4 c5955db2
x.x.x.x:8248 VERIFY OK: depth=1, CN=microwave
x.x.x.x:8248 VERIFY OK: depth=0, CN=client
x.x.x.x:8248 peer info: IV_VER=3.git::d3f8b18b:Release
x.x.x.x:8248 peer info: IV_PLAT=android
x.x.x.x:8248 peer info: IV_NCP=2
x.x.x.x:8248 peer info: IV_TCPNL=1
x.x.x.x:8248 peer info: IV_PROTO=30
x.x.x.x:8248 peer info: IV_CIPHERS=AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305:AES-256-CBC
x.x.x.x:8248 peer info: IV_LZO_STUB=1
x.x.x.x:8248 peer info: IV_COMP_STUB=1
x.x.x.x:8248 peer info: IV_COMP_STUBv2=1
x.x.x.x:8248 peer info: IV_AUTO_SESS=1
x.x.x.x:8248 peer info: IV_GUI_VER=net.openvpn.connect.android_3.2.7-7957
x.x.x.x:8248 peer info: IV_SSO=webauth,openurl
Can send the other part of this code if need be, but hopefully this is enough. I've made too many edits for this to fit here...