This is the .opvn configuration file exported from the Access Server:
Code: Select all
cipher AES-256-CBC
client
server-poll-timeout 4
nobind
remote XXX.XXX.XXX.XXX 1194 udp
remote XXX.XXX.XXX.XXX 443 tcp
dev tun
dev-type tun
remote-cert-tls server
tls-version-min 1.2
reneg-sec 604800
verb 3
push-peer-info
<ca>
-----BEGIN CERTIFICATE-----
REDACTED
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
REDACTED
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
REDACTED
-----END PRIVATE KEY-----
</key>
<tls-crypt-v2>
REDACTED
-----END OpenVPN tls-crypt-v2 client key-----
</tls-crypt-v2>
Code: Select all
[Apr 11, 2023, 17:58:00] START CONNECTION
[Apr 11, 2023, 17:58:00] ----- OpenVPN Start -----
OpenVPN core 3.git::081bfebe ios arm64 64-bit
[Apr 11, 2023, 17:58:00] OpenVPN core 3.git::081bfebe ios arm64 64-bit
[Apr 11, 2023, 17:58:00] Frame=512/2048/512 mssfix-ctrl=1250
[Apr 11, 2023, 17:58:00] UNUSED OPTIONS
[nobind]
17 [verb] [3]
29 [CLI_PREF_ALLOW_WEB_IMPORT] [True]
30 [CLI_PREF_BASIC_CLIENT] [False]
31 [CLI_PREF_ENABLE_CONNECT] [False]
32 [CLI_PREF_ENABLE_XD_PROXY] [True]
33 [WSHOST] [XX.XXX.XXX.XXX:443]
34 [WEB_CA_BUNDLE] [-----BEGIN CERTIFICATE----- BgkqhkiG...]
35 [IS_OPENVPN_WEB_CA] [1]
[Apr 11, 2023, 17:58:00] EVENT: RESOLVE
[Apr 11, 2023, 17:58:00] Contacting XX.XXX.XXX.XXX:1194 via UDP
[Apr 11, 2023, 17:58:00] EVENT: WAIT
[Apr 11, 2023, 17:58:00] Connecting to [XX.XXX.XXX.XXX]:1194 (XX.XXX.XXX.XXX) via UDPv4
[Apr 11, 2023, 17:58:00] EVENT: CONNECTING
[Apr 11, 2023, 17:58:00] Tunnel Options:V4,dev-type tun,link-mtu 1557,tun-mtu 1500,proto UDPv4,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-client
[Apr 11, 2023, 17:58:00] Creds: Username/PasswordEmpty
[Apr 11, 2023, 17:58:00] Peer Info:
IV_VER=3.git::081bfebe
IV_PLAT=ios
IV_NCP=2
IV_TCPNL=1
IV_PROTO=30
IV_CIPHERS=AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305:AES-256-CBC
IV_AUTO_SESS=1
UV_ASCLI_VER=3.3.3-5109
UV_PLAT_REL=16.4.1
UV_UUID=ffff
IV_GUI_VER=net.openvpn.connect.ios_3.3.3-5109
IV_SSO=webauth,openurl,crtext
IV_HWADDR=fff
IV_SSL=OpenSSL 1.1.1n 15 Mar 2022
[Apr 11, 2023, 17:58:00] VERIFY OK: depth=1, /CN=OpenVPN CA, signature: RSA-SHA256
[Apr 11, 2023, 17:58:00] VERIFY OK: depth=0, /CN=OpenVPN Server, signature: RSA-SHA256
[Apr 11, 2023, 17:58:00] SSL Handshake: peer certificate: CN=OpenVPN Server, 2048 bit RSA, cipher: TLS_AES_256_GCM_SHA384 TLSv1.3 Kx=any Au=any Enc=AESGCM(256) Mac=AEAD
[Apr 11, 2023, 17:58:00] Session is ACTIVE
[Apr 11, 2023, 17:58:00] EVENT: GET_CONFIG
[Apr 11, 2023, 17:58:00] Sending PUSH_REQUEST to server...
[Apr 11, 2023, 17:58:01] OPTIONS:
0 [explicit-exit-notify]
1 [topology] [subnet]
2 [route-delay] [5] [30]
3 [dhcp-pre-release]
4 [dhcp-renew]
5 [dhcp-release]
6 [route-metric] [101]
7 [ping] [12]
8 [ping-restart] [50]
9 [redirect-private] [def1]
10 [redirect-private] [bypass-dhcp]
11 [redirect-private] [autolocal]
12 [redirect-private] [bypass-dns]
13 [route-gateway] [172.27.224.129]
14 [route] [172.xx.xx.xx]
15 [route] [172.xx.xx.xx] [255.255.255.0]
16 [route] [172.xx.xx.xx] [255.255.255.0]
17 [block-ipv6]
18 [ifconfig] [172.xx.xx.xx] [255.255.255.128]
19 [peer-id] [0]
20 [auth-token] ...
21 [cipher] [AES-256-GCM]
22 [key-derivation] [tls-ekm]
[Apr 11, 2023, 17:58:01] Session token: [redacted]
[Apr 11, 2023, 17:58:01] PROTOCOL OPTIONS:
cipher: AES-256-GCM
digest: NONE
key-derivation: TLS Keying Material Exporter [RFC5705]
compress: NONE
peer ID: 0
control channel: tls-crypt v2 enabled
[Apr 11, 2023, 17:58:01] EVENT: ASSIGN_IP
[Apr 11, 2023, 17:58:01] NIP: preparing TUN network settings
[Apr 11, 2023, 17:58:01] NIP: init TUN network settings with endpoint: XX.XXX.XXX.XXX
[Apr 11, 2023, 17:58:01] NIP: adding IPv4 address to network settings 172.xx.xx.xx/255.255.255.128
[Apr 11, 2023, 17:58:01] NIP: adding (included) IPv4 route 172.xx.xx.xx/25
[Apr 11, 2023, 17:58:01] NIP: adding (included) IPv4 route 172.xx.xx.xx/32
[Apr 11, 2023, 17:58:01] NIP: adding (included) IPv4 route 172.xx.xx.xx/24
[Apr 11, 2023, 17:58:01] NIP: adding (included) IPv4 route 172.xx.xx.xx/24
[Apr 11, 2023, 17:58:01] NIP: blocking all IPv6 traffic
[Apr 11, 2023, 17:58:01] Connected via NetworkExtensionTUN
[Apr 11, 2023, 17:58:01] EVENT: CONNECTED user@XX.XXX.XXX.XXX:1194 (XX.XXX.XXX.XXX) via /UDPv4 on NetworkExtensionTUN/172.xx.xx.xx/ gw=[/]