Need help setting openVPN on a WRT54G router w/DD-WRT

ytekght · Post by **ytekght** » Tue Oct 26, 2010 9:03 am

My Current setup ..

Internet Gateway - ISP Provided
External IP=DynDns.org Hostname
Internal IP=10.100.1.200/16
DHCP Range =10.100.1.101-150

VPN Server - Linksys WRT54Gv4 Router Running DD-WRT sp2 VPN build 15200
LAN IP=10.100.1.203 (Static)
Gateway=10.100.1.200 (IP Address of the Internet Gateway)

DHCP Server=Enabled
Local IP =10.100.2.200/24
Gateway =10.100.1.200 (IP Address of the Internet Gateway)
Local DNS =10.100.1.200 (IP Address of the Internet Gateway)

OpenVPN Server Config File
mode server
proto udp
port 1194
dev tap0
server-bridge 10.100.2.200 255.255.0.0 10.100.2.151 10.100.2.175
keepalive 10 120
daemon
verb 5
client-to-client
dh /tmp/openvpn/dh.pem
ca /tmp/openvpn/ca.crt
cert /tmp/openvpn/cert.pem
key /tmp/openvpn/key.pem
management localhost 5001

OpenVPN Client Config File
remote xxxxxxx.dyndns.org 1194
client
dev tap0
proto udp
resolv-retry infinite
nobind
persist-key
persist-tun
float
ca ca.crt
cert DV6-1030-US.crt
key DV6-1030-US.key
ns-cert-type server

What am I trying to do: Create a secure channel to connect from the internet to my network at home. Use the home devices (NAS, Printer etc) and connect to the internet too, using the ISP provided gateway. I am trying to create the 10.100.2.* address area for clients coming over the VPN. All the devices (NAS, printer etc) are in the 10.100.1.* address space.

What is happening: I am able to connect to the VPN server, but am unable to connect (or ping) to the devices in the 10.100.1.* space. When I look at the OpenVPN log, I see the following entries.

Tue Oct 26 09:08:23 2010 OpenVPN 2.1.3 i686-pc-mingw32 [SSL] [LZO2] [PKCS11] built on Aug 20 2010
Tue Oct 26 09:08:23 2010 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Tue Oct 26 09:08:23 2010 UDPv4 link local: [undef]
Tue Oct 26 09:08:23 2010 UDPv4 link remote: xx.xx.xx.xx:1194
Tue Oct 26 09:08:25 2010 [server] Peer Connection Initiated with xx.xx.xx.xx:1194
Tue Oct 26 09:08:27 2010 TAP-WIN32 device [OpenVPN to LAN @ Home] opened: \\.\Global\{9CD9C201-A423-4EA2-ADF5-5EFE5839BCFE}.tap
Tue Oct 26 09:08:27 2010 Notified TAP-Win32 driver to set a DHCP IP/netmask of 10.100.2.151/255.255.255.0 on interface {9CD9C201-A423-4EA2-ADF5-5EFE5839BCFE} [DHCP-serv: 10.100.2.0, lease-time: 31536000]
Tue Oct 26 09:08:27 2010 Successful ARP Flush on interface [17] {9CD9C201-A423-4EA2-ADF5-5EFE5839BCFE}
Tue Oct 26 09:08:32 2010 Initialization Sequence Completed
Tue Oct 26 09:09:21 2010 SIGTERM[hard,] received, process exiting

I 'think' the problem may lie in the DHCP-serv: setting (7th entry in the log above). It is trying to set the DHCP server to 10.100.2.0 when it 'should' be 10.100.2.200. Also, when I do an 'ipconfig /all' command. I do not see the gateway address being set.

I am trying a 'bridged' setup. I also tried the 'routed' setup, but could get the OpenVPN to run at startup. If someone has ideas on making that work, that would be GREAT.

Thanks .. Let me know if you need more information.

Post by **krzee** » Wed Oct 27, 2010 12:03 am

pls use verb 5 in your windows config and edit the above log

ytekght · Post by **ytekght** » Wed Oct 27, 2010 3:26 am

Which part of the log do you want me to post? It is defintely too lengthy to post here. If you'd prefer, I can send it as an attachment to you. Let me know.

Thx

Post by **krzee** » Wed Oct 27, 2010 9:21 am

the whole thing...
also why are you using a bridge?
You ONLY want to use dev tap if you are tunneling layer2 traffic, if you are using IP traffic you want tun. If you are using tap only for windows file sharing, look into running a WINS server instead.

ytekght · Post by **ytekght** » Wed Oct 27, 2010 9:40 am

Why Bridge ..? Couldnt get the ROUTED version to work ..

When I set the WRT54G up for OpenVPN in ROUTED Mode .. OpenVPN would not come up .. if there is a reliable wiki, I will try that.

Point me in the direction, I will go..

Will post the output shortly .. Standby

ytekght · Post by **ytekght** » Wed Oct 27, 2010 9:58 am

Here is the output ... Since I was monkeying with the setup the last few days, I decided to post the client and server side configs again.

Again, if someone can advice on how to run the ROUTER config, that would be great. Thanks

-------
OpenVPN Server Config (Linksys WRT54G V4 running DD-WRT sp2 VPN-small build 15200)
mode server
proto udp
port 1194
dev tap0
server-bridge 10.100.2.200 255.255.0.0 10.100.2.151 10.100.2.175
keepalive 10 120
daemon
verb 5
client-to-client
dh /tmp/openvpn/dh.pem
ca /tmp/openvpn/ca.crt
cert /tmp/openvpn/cert.pem
key /tmp/openvpn/key.pem
management localhost 5001

OpenVPN Client Config (Windows Vista 64bit)
remote superpower.dyndns.org 1194
client
dev tap0
proto udp
resolv-retry infinite
nobind
persist-key
persist-tun
float
verb 5
ca ca.crt
cert DV6-1030-US.crt
key DV6-1030-US.key
ns-cert-type server

OpenVPN Client Log
Wed Oct 27 12:53:13 2010 us=945000 Current Parameter Settings:
Wed Oct 27 12:53:13 2010 us=945000 config = 'DV6-1030-US - Bridged.ovpn'
Wed Oct 27 12:53:13 2010 us=945000 mode = 0
Wed Oct 27 12:53:13 2010 us=945000 show_ciphers = DISABLED
Wed Oct 27 12:53:13 2010 us=945000 show_digests = DISABLED
Wed Oct 27 12:53:13 2010 us=945000 show_engines = DISABLED
Wed Oct 27 12:53:13 2010 us=945000 genkey = DISABLED
Wed Oct 27 12:53:13 2010 us=945000 key_pass_file = '[UNDEF]'
Wed Oct 27 12:53:13 2010 us=945000 show_tls_ciphers = DISABLED
Wed Oct 27 12:53:13 2010 us=945000 Connection profiles [default]:
Wed Oct 27 12:53:13 2010 us=945000 proto = udp
Wed Oct 27 12:53:13 2010 us=945000 local = '[UNDEF]'
Wed Oct 27 12:53:13 2010 us=945000 local_port = 0
Wed Oct 27 12:53:13 2010 us=945000 remote = 'superpower.dyndns.org'
Wed Oct 27 12:53:13 2010 us=945000 remote_port = 1194
Wed Oct 27 12:53:13 2010 us=945000 remote_float = ENABLED
Wed Oct 27 12:53:13 2010 us=945000 bind_defined = DISABLED
Wed Oct 27 12:53:13 2010 us=945000 bind_local = DISABLED
Wed Oct 27 12:53:13 2010 us=945000 connect_retry_seconds = 5
Wed Oct 27 12:53:13 2010 us=945000 connect_timeout = 10
Wed Oct 27 12:53:13 2010 us=945000 connect_retry_max = 0
Wed Oct 27 12:53:13 2010 us=945000 socks_proxy_server = '[UNDEF]'
Wed Oct 27 12:53:13 2010 us=945000 socks_proxy_port = 0
Wed Oct 27 12:53:13 2010 us=945000 socks_proxy_retry = DISABLED
Wed Oct 27 12:53:13 2010 us=945000 Connection profiles END
Wed Oct 27 12:53:13 2010 us=945000 remote_random = DISABLED
Wed Oct 27 12:53:13 2010 us=945000 ipchange = '[UNDEF]'
Wed Oct 27 12:53:13 2010 us=945000 dev = 'tap0'
Wed Oct 27 12:53:13 2010 us=945000 dev_type = '[UNDEF]'
Wed Oct 27 12:53:13 2010 us=945000 dev_node = '[UNDEF]'
Wed Oct 27 12:53:13 2010 us=945000 lladdr = '[UNDEF]'
Wed Oct 27 12:53:13 2010 us=945000 topology = 1
Wed Oct 27 12:53:13 2010 us=945000 tun_ipv6 = DISABLED
Wed Oct 27 12:53:13 2010 us=945000 ifconfig_local = '[UNDEF]'
Wed Oct 27 12:53:13 2010 us=945000 ifconfig_remote_netmask = '[UNDEF]'
Wed Oct 27 12:53:13 2010 us=945000 ifconfig_noexec = DISABLED
Wed Oct 27 12:53:13 2010 us=945000 ifconfig_nowarn = DISABLED
Wed Oct 27 12:53:13 2010 us=945000 shaper = 0
Wed Oct 27 12:53:13 2010 us=945000 tun_mtu = 1500
Wed Oct 27 12:53:13 2010 us=945000 tun_mtu_defined = ENABLED
Wed Oct 27 12:53:13 2010 us=945000 link_mtu = 1500
Wed Oct 27 12:53:13 2010 us=945000 link_mtu_defined = DISABLED
Wed Oct 27 12:53:13 2010 us=945000 tun_mtu_extra = 32
Wed Oct 27 12:53:13 2010 us=945000 tun_mtu_extra_defined = ENABLED
Wed Oct 27 12:53:13 2010 us=945000 fragment = 0
Wed Oct 27 12:53:13 2010 us=945000 mtu_discover_type = -1
Wed Oct 27 12:53:13 2010 us=945000 mtu_test = 0
Wed Oct 27 12:53:13 2010 us=945000 mlock = DISABLED
Wed Oct 27 12:53:13 2010 us=945000 keepalive_ping = 0
Wed Oct 27 12:53:13 2010 us=945000 keepalive_timeout = 0
Wed Oct 27 12:53:13 2010 us=945000 inactivity_timeout = 0
Wed Oct 27 12:53:13 2010 us=945000 ping_send_timeout = 0
Wed Oct 27 12:53:13 2010 us=945000 ping_rec_timeout = 0
Wed Oct 27 12:53:13 2010 us=945000 ping_rec_timeout_action = 0
Wed Oct 27 12:53:13 2010 us=945000 ping_timer_remote = DISABLED
Wed Oct 27 12:53:13 2010 us=945000 remap_sigusr1 = 0
Wed Oct 27 12:53:13 2010 us=945000 explicit_exit_notification = 0
Wed Oct 27 12:53:13 2010 us=945000 persist_tun = ENABLED
Wed Oct 27 12:53:13 2010 us=945000 persist_local_ip = DISABLED
Wed Oct 27 12:53:13 2010 us=945000 persist_remote_ip = DISABLED
Wed Oct 27 12:53:13 2010 us=945000 persist_key = ENABLED
Wed Oct 27 12:53:13 2010 us=945000 mssfix = 1450
Wed Oct 27 12:53:13 2010 us=945000 resolve_retry_seconds = 1000000000
Wed Oct 27 12:53:13 2010 us=945000 username = '[UNDEF]'
Wed Oct 27 12:53:13 2010 us=945000 groupname = '[UNDEF]'
Wed Oct 27 12:53:13 2010 us=945000 chroot_dir = '[UNDEF]'
Wed Oct 27 12:53:13 2010 us=961000 cd_dir = '[UNDEF]'
Wed Oct 27 12:53:13 2010 us=961000 writepid = '[UNDEF]'
Wed Oct 27 12:53:14 2010 us=195000 up_script = '[UNDEF]'
Wed Oct 27 12:53:14 2010 us=195000 down_script = '[UNDEF]'
Wed Oct 27 12:53:14 2010 us=195000 down_pre = DISABLED
Wed Oct 27 12:53:14 2010 us=195000 up_restart = DISABLED
Wed Oct 27 12:53:14 2010 us=195000 up_delay = DISABLED
Wed Oct 27 12:53:14 2010 us=195000 daemon = DISABLED
Wed Oct 27 12:53:14 2010 us=195000 inetd = 0
Wed Oct 27 12:53:14 2010 us=195000 log = DISABLED
Wed Oct 27 12:53:14 2010 us=195000 suppress_timestamps = DISABLED
Wed Oct 27 12:53:14 2010 us=195000 nice = 0
Wed Oct 27 12:53:14 2010 us=195000 verbosity = 5
Wed Oct 27 12:53:14 2010 us=195000 mute = 0
Wed Oct 27 12:53:14 2010 us=195000 gremlin = 0
Wed Oct 27 12:53:14 2010 us=195000 status_file = '[UNDEF]'
Wed Oct 27 12:53:14 2010 us=195000 status_file_version = 1
Wed Oct 27 12:53:14 2010 us=195000 status_file_update_freq = 60
Wed Oct 27 12:53:14 2010 us=195000 occ = ENABLED
Wed Oct 27 12:53:14 2010 us=195000 rcvbuf = 0
Wed Oct 27 12:53:14 2010 us=226000 sndbuf = 0
Wed Oct 27 12:53:14 2010 us=226000 sockflags = 0
Wed Oct 27 12:53:14 2010 us=226000 fast_io = DISABLED
Wed Oct 27 12:53:14 2010 us=226000 lzo = 0
Wed Oct 27 12:53:14 2010 us=226000 route_script = '[UNDEF]'
Wed Oct 27 12:53:14 2010 us=226000 route_default_gateway = '[UNDEF]'
Wed Oct 27 12:53:14 2010 us=226000 route_default_metric = 0
Wed Oct 27 12:53:14 2010 us=226000 route_noexec = DISABLED
Wed Oct 27 12:53:14 2010 us=226000 route_delay = 5
Wed Oct 27 12:53:14 2010 us=226000 route_delay_window = 30
Wed Oct 27 12:53:14 2010 us=226000 route_delay_defined = ENABLED
Wed Oct 27 12:53:14 2010 us=226000 route_nopull = DISABLED
Wed Oct 27 12:53:14 2010 us=226000 route_gateway_via_dhcp = DISABLED
Wed Oct 27 12:53:14 2010 us=226000 max_routes = 100
Wed Oct 27 12:53:14 2010 us=226000 allow_pull_fqdn = DISABLED
Wed Oct 27 12:53:14 2010 us=226000 management_addr = '[UNDEF]'
Wed Oct 27 12:53:14 2010 us=257000 management_port = 0
Wed Oct 27 12:53:14 2010 us=257000 management_user_pass = '[UNDEF]'
Wed Oct 27 12:53:14 2010 us=257000 management_log_history_cache = 250
Wed Oct 27 12:53:14 2010 us=257000 management_echo_buffer_size = 100
Wed Oct 27 12:53:14 2010 us=257000 management_write_peer_info_file = '[UNDEF]'
Wed Oct 27 12:53:14 2010 us=257000 management_client_user = '[UNDEF]'
Wed Oct 27 12:53:14 2010 us=257000 management_client_group = '[UNDEF]'
Wed Oct 27 12:53:14 2010 us=257000 management_flags = 0
Wed Oct 27 12:53:14 2010 us=257000 shared_secret_file = '[UNDEF]'
Wed Oct 27 12:53:14 2010 us=257000 key_direction = 0
Wed Oct 27 12:53:14 2010 us=257000 ciphername_defined = ENABLED
Wed Oct 27 12:53:14 2010 us=257000 ciphername = 'BF-CBC'
Wed Oct 27 12:53:14 2010 us=257000 authname_defined = ENABLED
Wed Oct 27 12:53:14 2010 us=257000 authname = 'SHA1'
Wed Oct 27 12:53:14 2010 us=257000 prng_hash = 'SHA1'
Wed Oct 27 12:53:14 2010 us=257000 prng_nonce_secret_len = 16
Wed Oct 27 12:53:14 2010 us=289000 keysize = 0
Wed Oct 27 12:53:14 2010 us=289000 engine = DISABLED
Wed Oct 27 12:53:14 2010 us=289000 replay = ENABLED
Wed Oct 27 12:53:14 2010 us=289000 mute_replay_warnings = DISABLED
Wed Oct 27 12:53:14 2010 us=289000 replay_window = 64
Wed Oct 27 12:53:14 2010 us=289000 replay_time = 15
Wed Oct 27 12:53:14 2010 us=289000 packet_id_file = '[UNDEF]'
Wed Oct 27 12:53:14 2010 us=289000 use_iv = ENABLED
Wed Oct 27 12:53:14 2010 us=289000 test_crypto = DISABLED
Wed Oct 27 12:53:14 2010 us=289000 tls_server = DISABLED
Wed Oct 27 12:53:14 2010 us=289000 tls_client = ENABLED
Wed Oct 27 12:53:14 2010 us=289000 key_method = 2
Wed Oct 27 12:53:14 2010 us=289000 ca_file = 'ca.crt'
Wed Oct 27 12:53:14 2010 us=289000 ca_path = '[UNDEF]'
Wed Oct 27 12:53:14 2010 us=289000 dh_file = '[UNDEF]'
Wed Oct 27 12:53:14 2010 us=289000 cert_file = 'DV6-1030-US.crt'
Wed Oct 27 12:53:14 2010 us=289000 priv_key_file = 'DV6-1030-US.key'
Wed Oct 27 12:53:14 2010 us=304000 pkcs12_file = '[UNDEF]'
Wed Oct 27 12:53:14 2010 us=304000 cryptoapi_cert = '[UNDEF]'
Wed Oct 27 12:53:14 2010 us=304000 cipher_list = '[UNDEF]'
Wed Oct 27 12:53:14 2010 us=304000 tls_verify = '[UNDEF]'
Wed Oct 27 12:53:14 2010 us=304000 tls_remote = '[UNDEF]'
Wed Oct 27 12:53:14 2010 us=304000 crl_file = '[UNDEF]'
Wed Oct 27 12:53:14 2010 us=304000 ns_cert_type = 64
Wed Oct 27 12:53:14 2010 us=304000 remote_cert_ku = 0
Wed Oct 27 12:53:14 2010 us=304000 remote_cert_ku = 0
Wed Oct 27 12:53:14 2010 us=304000 remote_cert_ku = 0
Wed Oct 27 12:53:14 2010 us=304000 remote_cert_ku = 0
Wed Oct 27 12:53:14 2010 us=304000 remote_cert_ku = 0
Wed Oct 27 12:53:14 2010 us=304000 remote_cert_ku = 0
Wed Oct 27 12:53:14 2010 us=304000 remote_cert_ku = 0
Wed Oct 27 12:53:14 2010 us=304000 remote_cert_ku = 0
Wed Oct 27 12:53:14 2010 us=304000 remote_cert_ku = 0
Wed Oct 27 12:53:14 2010 us=335000 remote_cert_ku = 0
Wed Oct 27 12:53:14 2010 us=335000 remote_cert_ku[i] = 0
Wed Oct 27 12:53:14 2010 us=335000 remote_cert_ku[i] = 0
Wed Oct 27 12:53:14 2010 us=335000 remote_cert_ku[i] = 0
Wed Oct 27 12:53:14 2010 us=335000 remote_cert_ku[i] = 0
Wed Oct 27 12:53:14 2010 us=335000 remote_cert_ku[i] = 0
Wed Oct 27 12:53:14 2010 us=335000 remote_cert_ku[i] = 0
Wed Oct 27 12:53:14 2010 us=335000 remote_cert_eku = '[UNDEF]'
Wed Oct 27 12:53:14 2010 us=335000 tls_timeout = 2
Wed Oct 27 12:53:14 2010 us=335000 renegotiate_bytes = 0
Wed Oct 27 12:53:14 2010 us=335000 renegotiate_packets = 0
Wed Oct 27 12:53:14 2010 us=335000 renegotiate_seconds = 3600
Wed Oct 27 12:53:14 2010 us=335000 handshake_window = 60
Wed Oct 27 12:53:14 2010 us=335000 transition_window = 3600
Wed Oct 27 12:53:14 2010 us=335000 single_session = DISABLED
Wed Oct 27 12:53:14 2010 us=335000 push_peer_info = DISABLED
Wed Oct 27 12:53:14 2010 us=351000 tls_exit = DISABLED
Wed Oct 27 12:53:14 2010 us=351000 tls_auth_file = '[UNDEF]'
Wed Oct 27 12:53:14 2010 us=351000 pkcs11_protected_authentication = DISABLED
Wed Oct 27 12:53:14 2010 us=351000 pkcs11_protected_authentication = DISABLED
Wed Oct 27 12:53:14 2010 us=351000 pkcs11_protected_authentication = DISABLED
Wed Oct 27 12:53:14 2010 us=351000 pkcs11_protected_authentication = DISABLED
Wed Oct 27 12:53:14 2010 us=351000 pkcs11_protected_authentication = DISABLED
Wed Oct 27 12:53:14 2010 us=351000 pkcs11_protected_authentication = DISABLED
Wed Oct 27 12:53:14 2010 us=351000 pkcs11_protected_authentication = DISABLED
Wed Oct 27 12:53:14 2010 us=351000 pkcs11_protected_authentication = DISABLED
Wed Oct 27 12:53:14 2010 us=351000 pkcs11_protected_authentication = DISABLED
Wed Oct 27 12:53:14 2010 us=351000 pkcs11_protected_authentication = DISABLED
Wed Oct 27 12:53:14 2010 us=351000 pkcs11_protected_authentication = DISABLED
Wed Oct 27 12:53:14 2010 us=367000 pkcs11_protected_authentication = DISABLED
Wed Oct 27 12:53:14 2010 us=367000 pkcs11_protected_authentication = DISABLED
Wed Oct 27 12:53:14 2010 us=367000 pkcs11_protected_authentication = DISABLED
Wed Oct 27 12:53:14 2010 us=367000 pkcs11_protected_authentication = DISABLED
Wed Oct 27 12:53:14 2010 us=367000 pkcs11_protected_authentication = DISABLED
Wed Oct 27 12:53:14 2010 us=367000 pkcs11_private_mode = 00000000
Wed Oct 27 12:53:14 2010 us=367000 pkcs11_private_mode = 00000000
Wed Oct 27 12:53:14 2010 us=367000 pkcs11_private_mode = 00000000
Wed Oct 27 12:53:14 2010 us=367000 pkcs11_private_mode = 00000000
Wed Oct 27 12:53:14 2010 us=367000 pkcs11_private_mode = 00000000
Wed Oct 27 12:53:14 2010 us=367000 pkcs11_private_mode = 00000000
Wed Oct 27 12:53:14 2010 us=367000 pkcs11_private_mode = 00000000
Wed Oct 27 12:53:14 2010 us=367000 pkcs11_private_mode = 00000000
Wed Oct 27 12:53:14 2010 us=367000 pkcs11_private_mode = 00000000
Wed Oct 27 12:53:14 2010 us=398000 pkcs11_private_mode = 00000000
Wed Oct 27 12:53:14 2010 us=398000 pkcs11_private_mode = 00000000
Wed Oct 27 12:53:14 2010 us=398000 pkcs11_private_mode = 00000000
Wed Oct 27 12:53:14 2010 us=398000 pkcs11_private_mode = 00000000
Wed Oct 27 12:53:14 2010 us=398000 pkcs11_private_mode = 00000000
Wed Oct 27 12:53:14 2010 us=398000 pkcs11_private_mode = 00000000
Wed Oct 27 12:53:14 2010 us=398000 pkcs11_private_mode = 00000000
Wed Oct 27 12:53:14 2010 us=398000 pkcs11_cert_private = DISABLED
Wed Oct 27 12:53:14 2010 us=398000 pkcs11_cert_private = DISABLED
Wed Oct 27 12:53:14 2010 us=398000 pkcs11_cert_private = DISABLED
Wed Oct 27 12:53:14 2010 us=398000 pkcs11_cert_private = DISABLED
Wed Oct 27 12:53:14 2010 us=398000 pkcs11_cert_private = DISABLED
Wed Oct 27 12:53:14 2010 us=398000 pkcs11_cert_private = DISABLED
Wed Oct 27 12:53:14 2010 us=398000 pkcs11_cert_private = DISABLED
Wed Oct 27 12:53:14 2010 us=429000 pkcs11_cert_private = DISABLED
Wed Oct 27 12:53:14 2010 us=429000 pkcs11_cert_private = DISABLED
Wed Oct 27 12:53:14 2010 us=429000 pkcs11_cert_private = DISABLED
Wed Oct 27 12:53:14 2010 us=429000 pkcs11_cert_private = DISABLED
Wed Oct 27 12:53:14 2010 us=429000 pkcs11_cert_private = DISABLED
Wed Oct 27 12:53:14 2010 us=429000 pkcs11_cert_private = DISABLED
Wed Oct 27 12:53:14 2010 us=429000 pkcs11_cert_private = DISABLED
Wed Oct 27 12:53:14 2010 us=429000 pkcs11_cert_private = DISABLED
Wed Oct 27 12:53:14 2010 us=429000 pkcs11_cert_private = DISABLED
Wed Oct 27 12:53:14 2010 us=429000 pkcs11_pin_cache_period = -1
Wed Oct 27 12:53:14 2010 us=429000 pkcs11_id = '[UNDEF]'
Wed Oct 27 12:53:14 2010 us=429000 pkcs11_id_management = DISABLED
Wed Oct 27 12:53:14 2010 us=429000 server_network = 0.0.0.0
Wed Oct 27 12:53:14 2010 us=429000 server_netmask = 0.0.0.0
Wed Oct 27 12:53:14 2010 us=429000 server_bridge_ip = 0.0.0.0
Wed Oct 27 12:53:14 2010 us=445000 server_bridge_netmask = 0.0.0.0
Wed Oct 27 12:53:14 2010 us=445000 server_bridge_pool_start = 0.0.0.0
Wed Oct 27 12:53:14 2010 us=445000 server_bridge_pool_end = 0.0.0.0
Wed Oct 27 12:53:14 2010 us=445000 ifconfig_pool_defined = DISABLED
Wed Oct 27 12:53:14 2010 us=445000 ifconfig_pool_start = 0.0.0.0
Wed Oct 27 12:53:14 2010 us=445000 ifconfig_pool_end = 0.0.0.0
Wed Oct 27 12:53:14 2010 us=445000 ifconfig_pool_netmask = 0.0.0.0
Wed Oct 27 12:53:14 2010 us=445000 ifconfig_pool_persist_filename = '[UNDEF]'
Wed Oct 27 12:53:14 2010 us=445000 ifconfig_pool_persist_refresh_freq = 600
Wed Oct 27 12:53:14 2010 us=445000 n_bcast_buf = 256
Wed Oct 27 12:53:14 2010 us=445000 tcp_queue_limit = 64
Wed Oct 27 12:53:14 2010 us=445000 real_hash_size = 256
Wed Oct 27 12:53:14 2010 us=445000 virtual_hash_size = 256
Wed Oct 27 12:53:14 2010 us=445000 client_connect_script = '[UNDEF]'
Wed Oct 27 12:53:14 2010 us=460000 learn_address_script = '[UNDEF]'
Wed Oct 27 12:53:14 2010 us=460000 client_disconnect_script = '[UNDEF]'
Wed Oct 27 12:53:14 2010 us=460000 client_config_dir = '[UNDEF]'
Wed Oct 27 12:53:14 2010 us=476000 ccd_exclusive = DISABLED
Wed Oct 27 12:53:14 2010 us=476000 tmp_dir = '[UNDEF]'
Wed Oct 27 12:53:14 2010 us=476000 push_ifconfig_defined = DISABLED
Wed Oct 27 12:53:14 2010 us=476000 push_ifconfig_local = 0.0.0.0
Wed Oct 27 12:53:14 2010 us=476000 push_ifconfig_remote_netmask = 0.0.0.0
Wed Oct 27 12:53:14 2010 us=476000 enable_c2c = DISABLED
Wed Oct 27 12:53:14 2010 us=476000 duplicate_cn = DISABLED
Wed Oct 27 12:53:14 2010 us=476000 cf_max = 0
Wed Oct 27 12:53:14 2010 us=476000 cf_per = 0
Wed Oct 27 12:53:14 2010 us=476000 max_clients = 1024
Wed Oct 27 12:53:14 2010 us=476000 max_routes_per_client = 256
Wed Oct 27 12:53:14 2010 us=476000 auth_user_pass_verify_script = '[UNDEF]'
Wed Oct 27 12:53:14 2010 us=491000 auth_user_pass_verify_script_via_file = DISABLED
Wed Oct 27 12:53:14 2010 us=491000 ssl_flags = 0
Wed Oct 27 12:53:14 2010 us=491000 client = ENABLED
Wed Oct 27 12:53:14 2010 us=491000 pull = ENABLED
Wed Oct 27 12:53:14 2010 us=491000 auth_user_pass_file = '[UNDEF]'
Wed Oct 27 12:53:14 2010 us=491000 show_net_up = DISABLED
Wed Oct 27 12:53:14 2010 us=491000 route_method = 0
Wed Oct 27 12:53:14 2010 us=491000 ip_win32_defined = DISABLED
Wed Oct 27 12:53:14 2010 us=491000 ip_win32_type = 3
Wed Oct 27 12:53:14 2010 us=491000 dhcp_masq_offset = 0
Wed Oct 27 12:53:14 2010 us=491000 dhcp_lease_time = 31536000
Wed Oct 27 12:53:14 2010 us=491000 tap_sleep = 0
Wed Oct 27 12:53:14 2010 us=491000 dhcp_options = DISABLED
Wed Oct 27 12:53:14 2010 us=491000 dhcp_renew = DISABLED
Wed Oct 27 12:53:14 2010 us=491000 dhcp_pre_release = DISABLED
Wed Oct 27 12:53:14 2010 us=491000 dhcp_release = DISABLED
Wed Oct 27 12:53:14 2010 us=538000 domain = '[UNDEF]'
Wed Oct 27 12:53:14 2010 us=538000 netbios_scope = '[UNDEF]'
Wed Oct 27 12:53:14 2010 us=538000 netbios_node_type = 0
Wed Oct 27 12:53:14 2010 us=538000 disable_nbt = DISABLED
Wed Oct 27 12:53:14 2010 us=538000 OpenVPN 2.1.3 i686-pc-mingw32 [SSL] [LZO2] [PKCS11] built on Aug 20 2010
Wed Oct 27 12:53:14 2010 us=538000 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Wed Oct 27 12:53:14 2010 us=803000 Control Channel MTU parms [ L:1573 D:138 EF:38 EB:0 ET:0 EL:0 ]
Wed Oct 27 12:53:14 2010 us=803000 Socket Buffers: R=[8192->8192] S=[8192->8192]
Wed Oct 27 12:53:14 2010 us=928000 Data Channel MTU parms [ L:1573 D:1450 EF:41 EB:4 ET:32 EL:0 ]
Wed Oct 27 12:53:14 2010 us=928000 Local Options String: 'V4,dev-type tap,link-mtu 1573,tun-mtu 1532,proto UDPv4,cipher BF-CBC,auth SHA1,keysize 128,key-

method 2,tls-client'
Wed Oct 27 12:53:14 2010 us=928000 Expected Remote Options String: 'V4,dev-type tap,link-mtu 1573,tun-mtu 1532,proto UDPv4,cipher BF-CBC,auth SHA1,keysize

128,key-method 2,tls-server'
Wed Oct 27 12:53:14 2010 us=928000 Local Options hash (VER=V4): '2c50bd2c'
Wed Oct 27 12:53:14 2010 us=928000 Expected Remote Options hash (VER=V4): '0ddbb6e3'
Wed Oct 27 12:53:14 2010 us=928000 UDPv4 link local: [undef]
Wed Oct 27 12:53:14 2010 us=928000 UDPv4 link remote: 99.16.101.28:1194
Wed Oct 27 12:53:15 2010 us=53000 TLS: Initial packet from 99.16.101.28:1194, sid=eaaf72e5 a2bfbb1a
Wed Oct 27 12:53:15 2010 us=755000 VERIFY OK: depth=1, /C=US/ST=CA/L=WalnutCreek/O=DewanNetVPN/CN=DewanNetOpenVPN/emailAddress=naveendewan@gmail.com
Wed Oct 27 12:53:15 2010 us=755000 VERIFY OK: nsCertType=SERVER
Wed Oct 27 12:53:15 2010 us=755000 VERIFY OK: depth=0, /C=US/ST=CA/O=DewanNetVPN/CN=server/emailAddress=naveendewan@gmail.com
Wed Oct 27 12:53:16 2010 us=644000 NOTE: Options consistency check may be skewed by version differences
Wed Oct 27 12:53:16 2010 us=644000 WARNING: 'version' is used inconsistently, local='version V4', remote='version V0 UNDEF'
Wed Oct 27 12:53:16 2010 us=644000 WARNING: 'dev-type' is present in local config but missing in remote config, local='dev-type tap'
Wed Oct 27 12:53:16 2010 us=644000 WARNING: 'link-mtu' is present in local config but missing in remote config, local='link-mtu 1573'
Wed Oct 27 12:53:16 2010 us=644000 WARNING: 'tun-mtu' is present in local config but missing in remote config, local='tun-mtu 1532'
Wed Oct 27 12:53:16 2010 us=644000 WARNING: 'proto' is present in local config but missing in remote config, local='proto UDPv4'
Wed Oct 27 12:53:16 2010 us=644000 WARNING: 'cipher' is present in local config but missing in remote config, local='cipher BF-CBC'
Wed Oct 27 12:53:16 2010 us=644000 WARNING: 'auth' is present in local config but missing in remote config, local='auth SHA1'
Wed Oct 27 12:53:16 2010 us=644000 WARNING: 'keysize' is present in local config but missing in remote config, local='keysize 128'
Wed Oct 27 12:53:16 2010 us=644000 WARNING: 'key-method' is present in local config but missing in remote config, local='key-method 2'
Wed Oct 27 12:53:16 2010 us=644000 WARNING: 'tls-server' is present in local config but missing in remote config, local='tls-server'
Wed Oct 27 12:53:16 2010 us=644000 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Oct 27 12:53:16 2010 us=644000 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Oct 27 12:53:16 2010 us=644000 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Oct 27 12:53:16 2010 us=644000 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Oct 27 12:53:16 2010 us=644000 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Wed Oct 27 12:53:16 2010 us=644000 [server] Peer Connection Initiated with 99.16.101.28:1194
Wed Oct 27 12:53:19 2010 us=31000 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Wed Oct 27 12:53:19 2010 us=78000 PUSH: Received control message: 'PUSH_REPLY,route-gateway 10.100.2.200,ping 10,ping-restart 120,ifconfig 10.100.2.151

255.255.0.0'
Wed Oct 27 12:53:19 2010 us=78000 OPTIONS IMPORT: timers and/or timeouts modified
Wed Oct 27 12:53:19 2010 us=78000 OPTIONS IMPORT: --ifconfig/up options modified
Wed Oct 27 12:53:19 2010 us=78000 OPTIONS IMPORT: route-related options modified
Wed Oct 27 12:53:19 2010 us=93000 TAP-WIN32 device [OpenVPN to LAN @ Home] opened: \\.\Global\{9CD9C201-A423-4EA2-ADF5-5EFE5839BCFE}.tap
Wed Oct 27 12:53:19 2010 us=93000 TAP-Win32 Driver Version 9.7
Wed Oct 27 12:53:19 2010 us=93000 TAP-Win32 MTU=1500
Wed Oct 27 12:53:19 2010 us=109000 Notified TAP-Win32 driver to set a DHCP IP/netmask of 10.100.2.151/255.255.0.0 on interface {9CD9C201-A423-4EA2-ADF5-

5EFE5839BCFE} [DHCP-serv: 10.100.0.0, lease-time: 31536000]
Wed Oct 27 12:53:19 2010 us=109000 Successful ARP Flush on interface [19] {9CD9C201-A423-4EA2-ADF5-5EFE5839BCFE}
Wed Oct 27 12:53:24 2010 us=460000 TEST ROUTES: 0/0 succeeded len=-1 ret=1 a=0 u/d=up
Wed Oct 27 12:53:24 2010 us=460000 Initialization Sequence Completed
-----------

Post by **krzee** » Wed Oct 27, 2010 9:50 pm

ytekght wrote:Why Bridge ..? Couldnt get the ROUTED version to work ..

When I set the WRT54G up for OpenVPN in ROUTED Mode .. OpenVPN would not come up .. if there is a reliable wiki, I will try that.

Point me in the direction, I will go..

Will post the output shortly .. Standby

http://www.secure-computing.net/wiki/in ... PN/Routing
there is the wiki on how to setup routing in openvpn

http://www.ircpimps.org/openvpn.configs
there is my working configs, read the manual to understand each config option

If it has a problem starting, add this to your configs

Code: Select all

log /path/to/file
verb 4

and paste the log of openvpn not starting

ytekght · Post by **ytekght** » Thu Oct 28, 2010 1:27 pm

Any comments on the BRIDGED configs and logs ..?

Took a quick look at your config and the wiki and had a couple (possibly dumb) questions?

I am assuming the <server-ip> refers to the ip/hostname that will be accessed from the internet.

The 'server' directive in the config "server 10.8.1.0 255.255.255.0" indicates the internal 'local' ip address .. right ? is the last octet of '0' required in the ip-address?

Same comment on the wiki that you refer to. Refers to LAN's and route commands with the last octet being '0'.

My router (VPN server) does not have the last octet as zero. Could that be the problem?

Thanks in advance.

ytekght · Post by **ytekght** » Thu Oct 28, 2010 5:38 pm

OK .. Switched my attempt to run in a ROUTED Configuration.

Here are the configs and logs. Looks like thte TLS Handshake is failing. Any suggestions ?

OpenVPN ROUTED Server Config
----------------------------
push "route 10.100.1.0 255.255.0.0"
server 10.100.2.0 255.255.255.0
port 1194
proto udp
dev tun0
ca /tmp/openvpn/ca.crt
cert /tmp/openvpn/cert.pem
key /tmp/openvpn/key.pem
dh /tmp/openvpn/dh.pem
keepalive 10 120
verb 5

# Only use crl-verify if you are using the revoke list - otherwise leave it commented out
# crl-verify /tmp/openvpn/ca.crl
# management parameter allows DD-WRT's OpenVPN Status web page to access the server's management port
# port must be 5001 for scripts embedded in firmware to work
management localhost 5001

OpenVPN ROUTER Client Config
----------------------------
remote superpower.dyndns.org 1194

client
remote-cert-tls server
dev tun0
proto udp
resolv-retry infinite
nobind
persist-key
persist-tun
float
verb 5

ca ca.crt
cert DV6-1030-US.crt
key DV6-1030-US.key

ns-cert-type server

OpenVPN Client Log
------------------
Thu Oct 28 10:21:42 2010 us=749000 Current Parameter Settings:
Thu Oct 28 10:21:42 2010 us=749000 config = 'DV6-1030-US - Routed.ovpn'
Thu Oct 28 10:21:42 2010 us=749000 mode = 0
Thu Oct 28 10:21:42 2010 us=749000 show_ciphers = DISABLED
Thu Oct 28 10:21:42 2010 us=749000 show_digests = DISABLED
Thu Oct 28 10:21:42 2010 us=749000 show_engines = DISABLED
Thu Oct 28 10:21:42 2010 us=749000 genkey = DISABLED
Thu Oct 28 10:21:42 2010 us=749000 key_pass_file = '[UNDEF]'
Thu Oct 28 10:21:42 2010 us=749000 show_tls_ciphers = DISABLED
Thu Oct 28 10:21:42 2010 us=749000 Connection profiles [default]:
Thu Oct 28 10:21:42 2010 us=749000 proto = udp
Thu Oct 28 10:21:42 2010 us=749000 local = '[UNDEF]'
Thu Oct 28 10:21:42 2010 us=749000 local_port = 0
Thu Oct 28 10:21:42 2010 us=749000 remote = 'superpower.dyndns.org'
Thu Oct 28 10:21:42 2010 us=749000 remote_port = 1194
Thu Oct 28 10:21:42 2010 us=749000 remote_float = ENABLED
Thu Oct 28 10:21:42 2010 us=749000 bind_defined = DISABLED
Thu Oct 28 10:21:42 2010 us=749000 bind_local = DISABLED
Thu Oct 28 10:21:42 2010 us=749000 connect_retry_seconds = 5
Thu Oct 28 10:21:42 2010 us=749000 connect_timeout = 10
Thu Oct 28 10:21:42 2010 us=749000 connect_retry_max = 0
Thu Oct 28 10:21:42 2010 us=749000 socks_proxy_server = '[UNDEF]'
Thu Oct 28 10:21:42 2010 us=749000 socks_proxy_port = 0
Thu Oct 28 10:21:42 2010 us=749000 socks_proxy_retry = DISABLED
Thu Oct 28 10:21:42 2010 us=749000 Connection profiles END
Thu Oct 28 10:21:42 2010 us=749000 remote_random = DISABLED
Thu Oct 28 10:21:42 2010 us=749000 ipchange = '[UNDEF]'
Thu Oct 28 10:21:42 2010 us=749000 dev = 'tun0'
Thu Oct 28 10:21:42 2010 us=749000 dev_type = '[UNDEF]'
Thu Oct 28 10:21:42 2010 us=749000 dev_node = '[UNDEF]'
Thu Oct 28 10:21:42 2010 us=749000 lladdr = '[UNDEF]'
Thu Oct 28 10:21:42 2010 us=749000 topology = 1
Thu Oct 28 10:21:42 2010 us=749000 tun_ipv6 = DISABLED
Thu Oct 28 10:21:42 2010 us=749000 ifconfig_local = '[UNDEF]'
Thu Oct 28 10:21:42 2010 us=749000 ifconfig_remote_netmask = '[UNDEF]'
Thu Oct 28 10:21:42 2010 us=749000 ifconfig_noexec = DISABLED
Thu Oct 28 10:21:42 2010 us=749000 ifconfig_nowarn = DISABLED
Thu Oct 28 10:21:42 2010 us=749000 shaper = 0
Thu Oct 28 10:21:42 2010 us=749000 tun_mtu = 1500
Thu Oct 28 10:21:42 2010 us=749000 tun_mtu_defined = ENABLED
Thu Oct 28 10:21:42 2010 us=749000 link_mtu = 1500
Thu Oct 28 10:21:42 2010 us=749000 link_mtu_defined = DISABLED
Thu Oct 28 10:21:42 2010 us=749000 tun_mtu_extra = 0
Thu Oct 28 10:21:42 2010 us=749000 tun_mtu_extra_defined = DISABLED
Thu Oct 28 10:21:42 2010 us=749000 fragment = 0
Thu Oct 28 10:21:42 2010 us=749000 mtu_discover_type = -1
Thu Oct 28 10:21:42 2010 us=749000 mtu_test = 0
Thu Oct 28 10:21:42 2010 us=749000 mlock = DISABLED
Thu Oct 28 10:21:42 2010 us=749000 keepalive_ping = 0
Thu Oct 28 10:21:42 2010 us=749000 keepalive_timeout = 0
Thu Oct 28 10:21:42 2010 us=749000 inactivity_timeout = 0
Thu Oct 28 10:21:42 2010 us=749000 ping_send_timeout = 0
Thu Oct 28 10:21:42 2010 us=749000 ping_rec_timeout = 0
Thu Oct 28 10:21:42 2010 us=749000 ping_rec_timeout_action = 0
Thu Oct 28 10:21:42 2010 us=749000 ping_timer_remote = DISABLED
Thu Oct 28 10:21:42 2010 us=749000 remap_sigusr1 = 0
Thu Oct 28 10:21:42 2010 us=749000 explicit_exit_notification = 0
Thu Oct 28 10:21:42 2010 us=749000 persist_tun = ENABLED
Thu Oct 28 10:21:42 2010 us=749000 persist_local_ip = DISABLED
Thu Oct 28 10:21:42 2010 us=749000 persist_remote_ip = DISABLED
Thu Oct 28 10:21:42 2010 us=749000 persist_key = ENABLED
Thu Oct 28 10:21:42 2010 us=749000 mssfix = 1450
Thu Oct 28 10:21:42 2010 us=749000 resolve_retry_seconds = 1000000000
Thu Oct 28 10:21:42 2010 us=749000 username = '[UNDEF]'
Thu Oct 28 10:21:42 2010 us=749000 groupname = '[UNDEF]'
Thu Oct 28 10:21:42 2010 us=749000 chroot_dir = '[UNDEF]'
Thu Oct 28 10:21:42 2010 us=749000 cd_dir = '[UNDEF]'
Thu Oct 28 10:21:42 2010 us=749000 writepid = '[UNDEF]'
Thu Oct 28 10:21:42 2010 us=936000 up_script = '[UNDEF]'
Thu Oct 28 10:21:42 2010 us=936000 down_script = '[UNDEF]'
Thu Oct 28 10:21:42 2010 us=936000 down_pre = DISABLED
Thu Oct 28 10:21:42 2010 us=936000 up_restart = DISABLED
Thu Oct 28 10:21:42 2010 us=936000 up_delay = DISABLED
Thu Oct 28 10:21:42 2010 us=936000 daemon = DISABLED
Thu Oct 28 10:21:42 2010 us=936000 inetd = 0
Thu Oct 28 10:21:42 2010 us=936000 log = DISABLED
Thu Oct 28 10:21:42 2010 us=936000 suppress_timestamps = DISABLED
Thu Oct 28 10:21:42 2010 us=936000 nice = 0
Thu Oct 28 10:21:42 2010 us=936000 verbosity = 5
Thu Oct 28 10:21:42 2010 us=936000 mute = 0
Thu Oct 28 10:21:42 2010 us=936000 gremlin = 0
Thu Oct 28 10:21:42 2010 us=936000 status_file = '[UNDEF]'
Thu Oct 28 10:21:42 2010 us=936000 status_file_version = 1
Thu Oct 28 10:21:42 2010 us=936000 status_file_update_freq = 60
Thu Oct 28 10:21:42 2010 us=936000 occ = ENABLED
Thu Oct 28 10:21:42 2010 us=936000 rcvbuf = 0
Thu Oct 28 10:21:42 2010 us=951000 sndbuf = 0
Thu Oct 28 10:21:42 2010 us=951000 sockflags = 0
Thu Oct 28 10:21:42 2010 us=951000 fast_io = DISABLED
Thu Oct 28 10:21:42 2010 us=951000 lzo = 0
Thu Oct 28 10:21:42 2010 us=951000 route_script = '[UNDEF]'
Thu Oct 28 10:21:42 2010 us=951000 route_default_gateway = '[UNDEF]'
Thu Oct 28 10:21:42 2010 us=951000 route_default_metric = 0
Thu Oct 28 10:21:42 2010 us=951000 route_noexec = DISABLED
Thu Oct 28 10:21:42 2010 us=951000 route_delay = 5
Thu Oct 28 10:21:42 2010 us=951000 route_delay_window = 30
Thu Oct 28 10:21:42 2010 us=967000 route_delay_defined = ENABLED
Thu Oct 28 10:21:42 2010 us=967000 route_nopull = DISABLED
Thu Oct 28 10:21:42 2010 us=967000 route_gateway_via_dhcp = DISABLED
Thu Oct 28 10:21:42 2010 us=967000 max_routes = 100
Thu Oct 28 10:21:42 2010 us=967000 allow_pull_fqdn = DISABLED
Thu Oct 28 10:21:42 2010 us=967000 management_addr = '[UNDEF]'
Thu Oct 28 10:21:42 2010 us=998000 management_port = 0
Thu Oct 28 10:21:42 2010 us=998000 management_user_pass = '[UNDEF]'
Thu Oct 28 10:21:42 2010 us=998000 management_log_history_cache = 250
Thu Oct 28 10:21:42 2010 us=998000 management_echo_buffer_size = 100
Thu Oct 28 10:21:42 2010 us=998000 management_write_peer_info_file = '[UNDEF]'
Thu Oct 28 10:21:42 2010 us=998000 management_client_user = '[UNDEF]'
Thu Oct 28 10:21:42 2010 us=998000 management_client_group = '[UNDEF]'
Thu Oct 28 10:21:42 2010 us=998000 management_flags = 0
Thu Oct 28 10:21:42 2010 us=998000 shared_secret_file = '[UNDEF]'
Thu Oct 28 10:21:42 2010 us=998000 key_direction = 0
Thu Oct 28 10:21:42 2010 us=998000 ciphername_defined = ENABLED
Thu Oct 28 10:21:42 2010 us=998000 ciphername = 'BF-CBC'
Thu Oct 28 10:21:42 2010 us=998000 authname_defined = ENABLED
Thu Oct 28 10:21:42 2010 us=998000 authname = 'SHA1'
Thu Oct 28 10:21:42 2010 us=998000 prng_hash = 'SHA1'
Thu Oct 28 10:21:42 2010 us=998000 prng_nonce_secret_len = 16
Thu Oct 28 10:21:43 2010 us=29000 keysize = 0
Thu Oct 28 10:21:43 2010 us=29000 engine = DISABLED
Thu Oct 28 10:21:43 2010 us=29000 replay = ENABLED
Thu Oct 28 10:21:43 2010 us=29000 mute_replay_warnings = DISABLED
Thu Oct 28 10:21:43 2010 us=29000 replay_window = 64
Thu Oct 28 10:21:43 2010 us=29000 replay_time = 15
Thu Oct 28 10:21:43 2010 us=29000 packet_id_file = '[UNDEF]'
Thu Oct 28 10:21:43 2010 us=29000 use_iv = ENABLED
Thu Oct 28 10:21:43 2010 us=29000 test_crypto = DISABLED
Thu Oct 28 10:21:43 2010 us=29000 tls_server = DISABLED
Thu Oct 28 10:21:43 2010 us=29000 tls_client = ENABLED
Thu Oct 28 10:21:43 2010 us=29000 key_method = 2
Thu Oct 28 10:21:43 2010 us=29000 ca_file = 'ca.crt'
Thu Oct 28 10:21:43 2010 us=29000 ca_path = '[UNDEF]'
Thu Oct 28 10:21:43 2010 us=29000 dh_file = '[UNDEF]'
Thu Oct 28 10:21:43 2010 us=29000 cert_file = 'DV6-1030-US.crt'
Thu Oct 28 10:21:43 2010 us=29000 priv_key_file = 'DV6-1030-US.key'
Thu Oct 28 10:21:43 2010 us=45000 pkcs12_file = '[UNDEF]'
Thu Oct 28 10:21:43 2010 us=45000 cryptoapi_cert = '[UNDEF]'
Thu Oct 28 10:21:43 2010 us=45000 cipher_list = '[UNDEF]'
Thu Oct 28 10:21:43 2010 us=45000 tls_verify = '[UNDEF]'
Thu Oct 28 10:21:43 2010 us=45000 tls_remote = '[UNDEF]'
Thu Oct 28 10:21:43 2010 us=45000 crl_file = '[UNDEF]'
Thu Oct 28 10:21:43 2010 us=45000 ns_cert_type = 64
Thu Oct 28 10:21:43 2010 us=45000 remote_cert_ku = 160
Thu Oct 28 10:21:43 2010 us=45000 remote_cert_ku = 136
Thu Oct 28 10:21:43 2010 us=45000 remote_cert_ku = 0
Thu Oct 28 10:21:43 2010 us=45000 remote_cert_ku = 0
Thu Oct 28 10:21:43 2010 us=45000 remote_cert_ku = 0
Thu Oct 28 10:21:43 2010 us=45000 remote_cert_ku = 0
Thu Oct 28 10:21:43 2010 us=45000 remote_cert_ku = 0
Thu Oct 28 10:21:43 2010 us=45000 remote_cert_ku = 0
Thu Oct 28 10:21:43 2010 us=45000 remote_cert_ku = 0
Thu Oct 28 10:21:43 2010 us=45000 remote_cert_ku = 0
Thu Oct 28 10:21:43 2010 us=76000 remote_cert_ku[i] = 0
Thu Oct 28 10:21:43 2010 us=76000 remote_cert_ku[i] = 0
Thu Oct 28 10:21:43 2010 us=76000 remote_cert_ku[i] = 0
Thu Oct 28 10:21:43 2010 us=76000 remote_cert_ku[i] = 0
Thu Oct 28 10:21:43 2010 us=76000 remote_cert_ku[i] = 0
Thu Oct 28 10:21:43 2010 us=76000 remote_cert_ku[i] = 0
Thu Oct 28 10:21:43 2010 us=76000 remote_cert_eku = 'TLS Web Server Authentication'
Thu Oct 28 10:21:43 2010 us=76000 tls_timeout = 2
Thu Oct 28 10:21:43 2010 us=76000 renegotiate_bytes = 0
Thu Oct 28 10:21:43 2010 us=76000 renegotiate_packets = 0
Thu Oct 28 10:21:43 2010 us=76000 renegotiate_seconds = 3600
Thu Oct 28 10:21:43 2010 us=76000 handshake_window = 60
Thu Oct 28 10:21:43 2010 us=76000 transition_window = 3600
Thu Oct 28 10:21:43 2010 us=76000 single_session = DISABLED
Thu Oct 28 10:21:43 2010 us=76000 push_peer_info = DISABLED
Thu Oct 28 10:21:43 2010 us=107000 tls_exit = DISABLED
Thu Oct 28 10:21:43 2010 us=107000 tls_auth_file = '[UNDEF]'
Thu Oct 28 10:21:43 2010 us=107000 pkcs11_protected_authentication = DISABLED
Thu Oct 28 10:21:43 2010 us=107000 pkcs11_protected_authentication = DISABLED
Thu Oct 28 10:21:43 2010 us=107000 pkcs11_protected_authentication = DISABLED
Thu Oct 28 10:21:43 2010 us=107000 pkcs11_protected_authentication = DISABLED
Thu Oct 28 10:21:43 2010 us=107000 pkcs11_protected_authentication = DISABLED
Thu Oct 28 10:21:43 2010 us=107000 pkcs11_protected_authentication = DISABLED
Thu Oct 28 10:21:43 2010 us=107000 pkcs11_protected_authentication = DISABLED
Thu Oct 28 10:21:43 2010 us=107000 pkcs11_protected_authentication = DISABLED
Thu Oct 28 10:21:43 2010 us=107000 pkcs11_protected_authentication = DISABLED
Thu Oct 28 10:21:43 2010 us=107000 pkcs11_protected_authentication = DISABLED
Thu Oct 28 10:21:43 2010 us=107000 pkcs11_protected_authentication = DISABLED
Thu Oct 28 10:21:43 2010 us=123000 pkcs11_protected_authentication = DISABLED
Thu Oct 28 10:21:43 2010 us=123000 pkcs11_protected_authentication = DISABLED
Thu Oct 28 10:21:43 2010 us=123000 pkcs11_protected_authentication = DISABLED
Thu Oct 28 10:21:43 2010 us=123000 pkcs11_protected_authentication = DISABLED
Thu Oct 28 10:21:43 2010 us=123000 pkcs11_protected_authentication = DISABLED
Thu Oct 28 10:21:43 2010 us=123000 pkcs11_private_mode = 00000000
Thu Oct 28 10:21:43 2010 us=123000 pkcs11_private_mode = 00000000
Thu Oct 28 10:21:43 2010 us=123000 pkcs11_private_mode = 00000000
Thu Oct 28 10:21:43 2010 us=123000 pkcs11_private_mode = 00000000
Thu Oct 28 10:21:43 2010 us=123000 pkcs11_private_mode = 00000000
Thu Oct 28 10:21:43 2010 us=123000 pkcs11_private_mode = 00000000
Thu Oct 28 10:21:43 2010 us=123000 pkcs11_private_mode = 00000000
Thu Oct 28 10:21:43 2010 us=123000 pkcs11_private_mode = 00000000
Thu Oct 28 10:21:43 2010 us=123000 pkcs11_private_mode = 00000000
Thu Oct 28 10:21:43 2010 us=139000 pkcs11_private_mode = 00000000
Thu Oct 28 10:21:43 2010 us=139000 pkcs11_private_mode = 00000000
Thu Oct 28 10:21:43 2010 us=139000 pkcs11_private_mode = 00000000
Thu Oct 28 10:21:43 2010 us=139000 pkcs11_private_mode = 00000000
Thu Oct 28 10:21:43 2010 us=139000 pkcs11_private_mode = 00000000
Thu Oct 28 10:21:43 2010 us=139000 pkcs11_private_mode = 00000000
Thu Oct 28 10:21:43 2010 us=139000 pkcs11_private_mode = 00000000
Thu Oct 28 10:21:43 2010 us=139000 pkcs11_cert_private = DISABLED
Thu Oct 28 10:21:43 2010 us=139000 pkcs11_cert_private = DISABLED
Thu Oct 28 10:21:43 2010 us=139000 pkcs11_cert_private = DISABLED
Thu Oct 28 10:21:43 2010 us=139000 pkcs11_cert_private = DISABLED
Thu Oct 28 10:21:43 2010 us=139000 pkcs11_cert_private = DISABLED
Thu Oct 28 10:21:43 2010 us=139000 pkcs11_cert_private = DISABLED
Thu Oct 28 10:21:43 2010 us=139000 pkcs11_cert_private = DISABLED
Thu Oct 28 10:21:43 2010 us=154000 pkcs11_cert_private = DISABLED
Thu Oct 28 10:21:43 2010 us=154000 pkcs11_cert_private = DISABLED
Thu Oct 28 10:21:43 2010 us=154000 pkcs11_cert_private = DISABLED
Thu Oct 28 10:21:43 2010 us=154000 pkcs11_cert_private = DISABLED
Thu Oct 28 10:21:43 2010 us=154000 pkcs11_cert_private = DISABLED
Thu Oct 28 10:21:43 2010 us=154000 pkcs11_cert_private = DISABLED
Thu Oct 28 10:21:43 2010 us=154000 pkcs11_cert_private = DISABLED
Thu Oct 28 10:21:43 2010 us=154000 pkcs11_cert_private = DISABLED
Thu Oct 28 10:21:43 2010 us=154000 pkcs11_cert_private = DISABLED
Thu Oct 28 10:21:43 2010 us=154000 pkcs11_pin_cache_period = -1
Thu Oct 28 10:21:43 2010 us=154000 pkcs11_id = '[UNDEF]'
Thu Oct 28 10:21:43 2010 us=154000 pkcs11_id_management = DISABLED
Thu Oct 28 10:21:43 2010 us=154000 server_network = 0.0.0.0
Thu Oct 28 10:21:43 2010 us=154000 server_netmask = 0.0.0.0
Thu Oct 28 10:21:43 2010 us=154000 server_bridge_ip = 0.0.0.0
Thu Oct 28 10:21:43 2010 us=185000 server_bridge_netmask = 0.0.0.0
Thu Oct 28 10:21:43 2010 us=185000 server_bridge_pool_start = 0.0.0.0
Thu Oct 28 10:21:43 2010 us=185000 server_bridge_pool_end = 0.0.0.0
Thu Oct 28 10:21:43 2010 us=185000 ifconfig_pool_defined = DISABLED
Thu Oct 28 10:21:43 2010 us=185000 ifconfig_pool_start = 0.0.0.0
Thu Oct 28 10:21:43 2010 us=185000 ifconfig_pool_end = 0.0.0.0
Thu Oct 28 10:21:43 2010 us=185000 ifconfig_pool_netmask = 0.0.0.0
Thu Oct 28 10:21:43 2010 us=185000 ifconfig_pool_persist_filename = '[UNDEF]'
Thu Oct 28 10:21:43 2010 us=185000 ifconfig_pool_persist_refresh_freq = 600
Thu Oct 28 10:21:43 2010 us=185000 n_bcast_buf = 256
Thu Oct 28 10:21:43 2010 us=185000 tcp_queue_limit = 64
Thu Oct 28 10:21:43 2010 us=185000 real_hash_size = 256
Thu Oct 28 10:21:43 2010 us=185000 virtual_hash_size = 256
Thu Oct 28 10:21:43 2010 us=185000 client_connect_script = '[UNDEF]'
Thu Oct 28 10:21:43 2010 us=201000 learn_address_script = '[UNDEF]'
Thu Oct 28 10:21:43 2010 us=201000 client_disconnect_script = '[UNDEF]'
Thu Oct 28 10:21:43 2010 us=201000 client_config_dir = '[UNDEF]'
Thu Oct 28 10:21:43 2010 us=201000 ccd_exclusive = DISABLED
Thu Oct 28 10:21:43 2010 us=201000 tmp_dir = '[UNDEF]'
Thu Oct 28 10:21:43 2010 us=201000 push_ifconfig_defined = DISABLED
Thu Oct 28 10:21:43 2010 us=201000 push_ifconfig_local = 0.0.0.0
Thu Oct 28 10:21:43 2010 us=201000 push_ifconfig_remote_netmask = 0.0.0.0
Thu Oct 28 10:21:43 2010 us=201000 enable_c2c = DISABLED
Thu Oct 28 10:21:43 2010 us=201000 duplicate_cn = DISABLED
Thu Oct 28 10:21:43 2010 us=201000 cf_max = 0
Thu Oct 28 10:21:43 2010 us=201000 cf_per = 0
Thu Oct 28 10:21:43 2010 us=201000 max_clients = 1024
Thu Oct 28 10:21:43 2010 us=201000 max_routes_per_client = 256
Thu Oct 28 10:21:43 2010 us=201000 auth_user_pass_verify_script = '[UNDEF]'
Thu Oct 28 10:21:43 2010 us=217000 auth_user_pass_verify_script_via_file = DISABLED
Thu Oct 28 10:21:43 2010 us=217000 ssl_flags = 0
Thu Oct 28 10:21:43 2010 us=217000 client = ENABLED
Thu Oct 28 10:21:43 2010 us=217000 pull = ENABLED
Thu Oct 28 10:21:43 2010 us=217000 auth_user_pass_file = '[UNDEF]'
Thu Oct 28 10:21:43 2010 us=217000 show_net_up = DISABLED
Thu Oct 28 10:21:43 2010 us=217000 route_method = 0
Thu Oct 28 10:21:43 2010 us=217000 ip_win32_defined = DISABLED
Thu Oct 28 10:21:43 2010 us=217000 ip_win32_type = 3
Thu Oct 28 10:21:43 2010 us=217000 dhcp_masq_offset = 0
Thu Oct 28 10:21:43 2010 us=217000 dhcp_lease_time = 31536000
Thu Oct 28 10:21:43 2010 us=217000 tap_sleep = 0
Thu Oct 28 10:21:43 2010 us=217000 dhcp_options = DISABLED
Thu Oct 28 10:21:43 2010 us=217000 dhcp_renew = DISABLED
Thu Oct 28 10:21:43 2010 us=217000 dhcp_pre_release = DISABLED
Thu Oct 28 10:21:43 2010 us=217000 dhcp_release = DISABLED
Thu Oct 28 10:21:43 2010 us=232000 domain = '[UNDEF]'
Thu Oct 28 10:21:43 2010 us=232000 netbios_scope = '[UNDEF]'
Thu Oct 28 10:21:43 2010 us=232000 netbios_node_type = 0
Thu Oct 28 10:21:43 2010 us=232000 disable_nbt = DISABLED
Thu Oct 28 10:21:43 2010 us=232000 OpenVPN 2.1.3 i686-pc-mingw32 [SSL] [LZO2] [PKCS11] built on Aug 20 2010
Thu Oct 28 10:21:43 2010 us=232000 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Thu Oct 28 10:21:43 2010 us=482000 Control Channel MTU parms [ L:1541 D:138 EF:38 EB:0 ET:0 EL:0 ]
Thu Oct 28 10:21:43 2010 us=482000 Socket Buffers: R=[8192->8192] S=[8192->8192]
Thu Oct 28 10:21:43 2010 us=607000 Data Channel MTU parms [ L:1541 D:1450 EF:41 EB:4 ET:0 EL:0 ]
Thu Oct 28 10:21:43 2010 us=607000 Local Options String: 'V4,dev-type tun,link-mtu 1541,tun-mtu 1500,proto UDPv4,cipher BF-CBC,auth

SHA1,keysize 128,key-method 2,tls-client'
Thu Oct 28 10:21:43 2010 us=607000 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1541,tun-mtu 1500,proto UDPv4,cipher BF-CBC,auth

SHA1,keysize 128,key-method 2,tls-server'
Thu Oct 28 10:21:43 2010 us=607000 Local Options hash (VER=V4): '3514370b'
Thu Oct 28 10:21:43 2010 us=607000 Expected Remote Options hash (VER=V4): '239669a8'
Thu Oct 28 10:21:43 2010 us=607000 UDPv4 link local: [undef]
Thu Oct 28 10:21:43 2010 us=607000 UDPv4 link remote: 99.16.101.28:1194
Thu Oct 28 10:21:43 2010 us=856000 TLS: Initial packet from 99.16.101.28:1194, sid=5a0cc02c 79eb04bf
Thu Oct 28 10:21:44 2010 us=527000 VERIFY OK: depth=1,

/C=US/ST=CA/L=WalnutCreek/O=DewanNetVPN/CN=DewanNetOpenVPN/emailAddress=naveendewan@gmail.com
Thu Oct 28 10:21:44 2010 us=527000 VERIFY OK: nsCertType=SERVER
Thu Oct 28 10:21:44 2010 us=527000 Certificate does not have key usage extension
Thu Oct 28 10:21:44 2010 us=527000 VERIFY KU ERROR
Thu Oct 28 10:21:44 2010 us=527000 TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:SSL

routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Thu Oct 28 10:21:44 2010 us=527000 TLS Error: TLS object -> incoming plaintext read error
Thu Oct 28 10:21:44 2010 us=527000 TLS Error: TLS handshake failed
Thu Oct 28 10:21:44 2010 us=527000 TCP/UDP: Closing socket
Thu Oct 28 10:21:44 2010 us=527000 SIGUSR1[soft,tls-error] received, process restarting
Thu Oct 28 10:21:44 2010 us=527000 Restart pause, 2 second(s)

ytekght · Post by **ytekght** » Thu Oct 28, 2010 5:47 pm

Progressing in baby steps ..

Commented out the 'remote-cert-tls' directive .. I can now establish connection and get an IP ..

But cannot ping/see any of the devices on the 10.100.2.* or 10.100.1.* network ..

Thoughts/suggestions ..?

ytekght · Post by **ytekght** » Thu Oct 28, 2010 5:51 pm

here is the log ..

WRWWWWWRWWWThu Oct 28 10:47:48 2010 us=890000 Current Parameter Settings:
Thu Oct 28 10:47:48 2010 us=890000 config = 'DV6-1030-US - Routed.ovpn'
Thu Oct 28 10:47:48 2010 us=890000 mode = 0
Thu Oct 28 10:47:48 2010 us=890000 show_ciphers = DISABLED
Thu Oct 28 10:47:48 2010 us=890000 show_digests = DISABLED
Thu Oct 28 10:47:48 2010 us=890000 show_engines = DISABLED
Thu Oct 28 10:47:48 2010 us=890000 genkey = DISABLED
Thu Oct 28 10:47:48 2010 us=890000 key_pass_file = '[UNDEF]'
Thu Oct 28 10:47:48 2010 us=890000 show_tls_ciphers = DISABLED
Thu Oct 28 10:47:48 2010 us=890000 Connection profiles [default]:
Thu Oct 28 10:47:48 2010 us=890000 proto = udp
Thu Oct 28 10:47:48 2010 us=890000 local = '[UNDEF]'
Thu Oct 28 10:47:48 2010 us=890000 local_port = 0
Thu Oct 28 10:47:48 2010 us=890000 remote = 'superpower.dyndns.org'
Thu Oct 28 10:47:48 2010 us=890000 remote_port = 1194
Thu Oct 28 10:47:48 2010 us=890000 remote_float = ENABLED
Thu Oct 28 10:47:48 2010 us=890000 bind_defined = DISABLED
Thu Oct 28 10:47:48 2010 us=890000 bind_local = DISABLED
Thu Oct 28 10:47:48 2010 us=890000 connect_retry_seconds = 5
Thu Oct 28 10:47:48 2010 us=890000 connect_timeout = 10
Thu Oct 28 10:47:48 2010 us=890000 connect_retry_max = 0
Thu Oct 28 10:47:48 2010 us=890000 socks_proxy_server = '[UNDEF]'
Thu Oct 28 10:47:48 2010 us=905000 socks_proxy_port = 0
Thu Oct 28 10:47:48 2010 us=905000 socks_proxy_retry = DISABLED
Thu Oct 28 10:47:48 2010 us=905000 Connection profiles END
Thu Oct 28 10:47:48 2010 us=905000 remote_random = DISABLED
Thu Oct 28 10:47:48 2010 us=905000 ipchange = '[UNDEF]'
Thu Oct 28 10:47:48 2010 us=905000 dev = 'tun0'
Thu Oct 28 10:47:48 2010 us=905000 dev_type = '[UNDEF]'
Thu Oct 28 10:47:48 2010 us=905000 dev_node = '[UNDEF]'
Thu Oct 28 10:47:48 2010 us=905000 lladdr = '[UNDEF]'
Thu Oct 28 10:47:48 2010 us=905000 topology = 1
Thu Oct 28 10:47:48 2010 us=905000 tun_ipv6 = DISABLED
Thu Oct 28 10:47:48 2010 us=905000 ifconfig_local = '[UNDEF]'
Thu Oct 28 10:47:48 2010 us=905000 ifconfig_remote_netmask = '[UNDEF]'
Thu Oct 28 10:47:48 2010 us=905000 ifconfig_noexec = DISABLED
Thu Oct 28 10:47:48 2010 us=905000 ifconfig_nowarn = DISABLED
Thu Oct 28 10:47:48 2010 us=905000 shaper = 0
Thu Oct 28 10:47:48 2010 us=905000 tun_mtu = 1500
Thu Oct 28 10:47:48 2010 us=905000 tun_mtu_defined = ENABLED
Thu Oct 28 10:47:48 2010 us=905000 link_mtu = 1500
Thu Oct 28 10:47:48 2010 us=905000 link_mtu_defined = DISABLED
Thu Oct 28 10:47:48 2010 us=905000 tun_mtu_extra = 0
Thu Oct 28 10:47:48 2010 us=905000 tun_mtu_extra_defined = DISABLED
Thu Oct 28 10:47:48 2010 us=905000 fragment = 0
Thu Oct 28 10:47:48 2010 us=905000 mtu_discover_type = -1
Thu Oct 28 10:47:48 2010 us=905000 mtu_test = 0
Thu Oct 28 10:47:48 2010 us=905000 mlock = DISABLED
Thu Oct 28 10:47:48 2010 us=905000 keepalive_ping = 0
Thu Oct 28 10:47:48 2010 us=905000 keepalive_timeout = 0
Thu Oct 28 10:47:48 2010 us=905000 inactivity_timeout = 0
Thu Oct 28 10:47:48 2010 us=905000 ping_send_timeout = 0
Thu Oct 28 10:47:48 2010 us=905000 ping_rec_timeout = 0
Thu Oct 28 10:47:48 2010 us=905000 ping_rec_timeout_action = 0
Thu Oct 28 10:47:48 2010 us=905000 ping_timer_remote = DISABLED
Thu Oct 28 10:47:48 2010 us=905000 remap_sigusr1 = 0
Thu Oct 28 10:47:48 2010 us=905000 explicit_exit_notification = 0
Thu Oct 28 10:47:48 2010 us=905000 persist_tun = ENABLED
Thu Oct 28 10:47:48 2010 us=905000 persist_local_ip = DISABLED
Thu Oct 28 10:47:48 2010 us=905000 persist_remote_ip = DISABLED
Thu Oct 28 10:47:48 2010 us=905000 persist_key = ENABLED
Thu Oct 28 10:47:48 2010 us=905000 mssfix = 1450
Thu Oct 28 10:47:48 2010 us=905000 resolve_retry_seconds = 1000000000
Thu Oct 28 10:47:48 2010 us=905000 username = '[UNDEF]'
Thu Oct 28 10:47:48 2010 us=905000 groupname = '[UNDEF]'
Thu Oct 28 10:47:48 2010 us=905000 chroot_dir = '[UNDEF]'
Thu Oct 28 10:47:48 2010 us=905000 cd_dir = '[UNDEF]'
Thu Oct 28 10:47:48 2010 us=905000 writepid = '[UNDEF]'
Thu Oct 28 10:47:49 2010 us=77000 up_script = '[UNDEF]'
Thu Oct 28 10:47:49 2010 us=77000 down_script = '[UNDEF]'
Thu Oct 28 10:47:49 2010 us=77000 down_pre = DISABLED
Thu Oct 28 10:47:49 2010 us=77000 up_restart = DISABLED
Thu Oct 28 10:47:49 2010 us=77000 up_delay = DISABLED
Thu Oct 28 10:47:49 2010 us=77000 daemon = DISABLED
Thu Oct 28 10:47:49 2010 us=77000 inetd = 0
Thu Oct 28 10:47:49 2010 us=77000 log = DISABLED
Thu Oct 28 10:47:49 2010 us=77000 suppress_timestamps = DISABLED
Thu Oct 28 10:47:49 2010 us=77000 nice = 0
Thu Oct 28 10:47:49 2010 us=77000 verbosity = 5
Thu Oct 28 10:47:49 2010 us=77000 mute = 0
Thu Oct 28 10:47:49 2010 us=77000 gremlin = 0
Thu Oct 28 10:47:49 2010 us=77000 status_file = '[UNDEF]'
Thu Oct 28 10:47:49 2010 us=77000 status_file_version = 1
Thu Oct 28 10:47:49 2010 us=77000 status_file_update_freq = 60
Thu Oct 28 10:47:49 2010 us=77000 occ = ENABLED
Thu Oct 28 10:47:49 2010 us=77000 rcvbuf = 0
Thu Oct 28 10:47:49 2010 us=108000 sndbuf = 0
Thu Oct 28 10:47:49 2010 us=108000 sockflags = 0
Thu Oct 28 10:47:49 2010 us=108000 fast_io = DISABLED
Thu Oct 28 10:47:49 2010 us=108000 lzo = 0
Thu Oct 28 10:47:49 2010 us=108000 route_script = '[UNDEF]'
Thu Oct 28 10:47:49 2010 us=108000 route_default_gateway = '[UNDEF]'
Thu Oct 28 10:47:49 2010 us=108000 route_default_metric = 0
Thu Oct 28 10:47:49 2010 us=108000 route_noexec = DISABLED
Thu Oct 28 10:47:49 2010 us=108000 route_delay = 5
Thu Oct 28 10:47:49 2010 us=108000 route_delay_window = 30
Thu Oct 28 10:47:49 2010 us=108000 route_delay_defined = ENABLED
Thu Oct 28 10:47:49 2010 us=108000 route_nopull = DISABLED
Thu Oct 28 10:47:49 2010 us=108000 route_gateway_via_dhcp = DISABLED
Thu Oct 28 10:47:49 2010 us=108000 max_routes = 100
Thu Oct 28 10:47:49 2010 us=108000 allow_pull_fqdn = DISABLED
Thu Oct 28 10:47:49 2010 us=108000 management_addr = '[UNDEF]'
Thu Oct 28 10:47:49 2010 us=108000 management_port = 0
Thu Oct 28 10:47:49 2010 us=139000 management_user_pass = '[UNDEF]'
Thu Oct 28 10:47:49 2010 us=139000 management_log_history_cache = 250
Thu Oct 28 10:47:49 2010 us=139000 management_echo_buffer_size = 100
Thu Oct 28 10:47:49 2010 us=139000 management_write_peer_info_file = '[UNDEF]'
Thu Oct 28 10:47:49 2010 us=139000 management_client_user = '[UNDEF]'
Thu Oct 28 10:47:49 2010 us=139000 management_client_group = '[UNDEF]'
Thu Oct 28 10:47:49 2010 us=139000 management_flags = 0
Thu Oct 28 10:47:49 2010 us=139000 shared_secret_file = '[UNDEF]'
Thu Oct 28 10:47:49 2010 us=139000 key_direction = 0
Thu Oct 28 10:47:49 2010 us=139000 ciphername_defined = ENABLED
Thu Oct 28 10:47:49 2010 us=139000 ciphername = 'BF-CBC'
Thu Oct 28 10:47:49 2010 us=139000 authname_defined = ENABLED
Thu Oct 28 10:47:49 2010 us=139000 authname = 'SHA1'
Thu Oct 28 10:47:49 2010 us=139000 prng_hash = 'SHA1'
Thu Oct 28 10:47:49 2010 us=139000 prng_nonce_secret_len = 16
Thu Oct 28 10:47:49 2010 us=170000 keysize = 0
Thu Oct 28 10:47:49 2010 us=170000 engine = DISABLED
Thu Oct 28 10:47:49 2010 us=170000 replay = ENABLED
Thu Oct 28 10:47:49 2010 us=170000 mute_replay_warnings = DISABLED
Thu Oct 28 10:47:49 2010 us=170000 replay_window = 64
Thu Oct 28 10:47:49 2010 us=170000 replay_time = 15
Thu Oct 28 10:47:49 2010 us=170000 packet_id_file = '[UNDEF]'
Thu Oct 28 10:47:49 2010 us=170000 use_iv = ENABLED
Thu Oct 28 10:47:49 2010 us=170000 test_crypto = DISABLED
Thu Oct 28 10:47:49 2010 us=170000 tls_server = DISABLED
Thu Oct 28 10:47:49 2010 us=170000 tls_client = ENABLED
Thu Oct 28 10:47:49 2010 us=170000 key_method = 2
Thu Oct 28 10:47:49 2010 us=170000 ca_file = 'ca.crt'
Thu Oct 28 10:47:49 2010 us=170000 ca_path = '[UNDEF]'
Thu Oct 28 10:47:49 2010 us=170000 dh_file = '[UNDEF]'
Thu Oct 28 10:47:49 2010 us=170000 cert_file = 'DV6-1030-US.crt'
Thu Oct 28 10:47:49 2010 us=170000 priv_key_file = 'DV6-1030-US.key'
Thu Oct 28 10:47:49 2010 us=202000 pkcs12_file = '[UNDEF]'
Thu Oct 28 10:47:49 2010 us=202000 cryptoapi_cert = '[UNDEF]'
Thu Oct 28 10:47:49 2010 us=202000 cipher_list = '[UNDEF]'
Thu Oct 28 10:47:49 2010 us=202000 tls_verify = '[UNDEF]'
Thu Oct 28 10:47:49 2010 us=202000 tls_remote = '[UNDEF]'
Thu Oct 28 10:47:49 2010 us=217000 crl_file = '[UNDEF]'
Thu Oct 28 10:47:49 2010 us=217000 ns_cert_type = 64
Thu Oct 28 10:47:49 2010 us=217000 remote_cert_ku = 0
Thu Oct 28 10:47:49 2010 us=217000 remote_cert_ku = 0
Thu Oct 28 10:47:49 2010 us=217000 remote_cert_ku = 0
Thu Oct 28 10:47:49 2010 us=217000 remote_cert_ku = 0
Thu Oct 28 10:47:49 2010 us=217000 remote_cert_ku = 0
Thu Oct 28 10:47:49 2010 us=217000 remote_cert_ku = 0
Thu Oct 28 10:47:49 2010 us=217000 remote_cert_ku = 0
Thu Oct 28 10:47:49 2010 us=217000 remote_cert_ku = 0
Thu Oct 28 10:47:49 2010 us=217000 remote_cert_ku = 0
Thu Oct 28 10:47:49 2010 us=217000 remote_cert_ku = 0
Thu Oct 28 10:47:49 2010 us=248000 remote_cert_ku[i] = 0
Thu Oct 28 10:47:49 2010 us=248000 remote_cert_ku[i] = 0
Thu Oct 28 10:47:49 2010 us=248000 remote_cert_ku[i] = 0
Thu Oct 28 10:47:49 2010 us=248000 remote_cert_ku[i] = 0
Thu Oct 28 10:47:49 2010 us=248000 remote_cert_ku[i] = 0
Thu Oct 28 10:47:49 2010 us=248000 remote_cert_ku[i] = 0
Thu Oct 28 10:47:49 2010 us=248000 remote_cert_eku = '[UNDEF]'
Thu Oct 28 10:47:49 2010 us=248000 tls_timeout = 2
Thu Oct 28 10:47:49 2010 us=248000 renegotiate_bytes = 0
Thu Oct 28 10:47:49 2010 us=248000 renegotiate_packets = 0
Thu Oct 28 10:47:49 2010 us=248000 renegotiate_seconds = 3600
Thu Oct 28 10:47:49 2010 us=248000 handshake_window = 60
Thu Oct 28 10:47:49 2010 us=248000 transition_window = 3600
Thu Oct 28 10:47:49 2010 us=248000 single_session = DISABLED
Thu Oct 28 10:47:49 2010 us=248000 push_peer_info = DISABLED
Thu Oct 28 10:47:49 2010 us=248000 tls_exit = DISABLED
Thu Oct 28 10:47:49 2010 us=280000 tls_auth_file = '[UNDEF]'
Thu Oct 28 10:47:49 2010 us=280000 pkcs11_protected_authentication = DISABLED
Thu Oct 28 10:47:49 2010 us=280000 pkcs11_protected_authentication = DISABLED
Thu Oct 28 10:47:49 2010 us=280000 pkcs11_protected_authentication = DISABLED
Thu Oct 28 10:47:49 2010 us=280000 pkcs11_protected_authentication = DISABLED
Thu Oct 28 10:47:49 2010 us=280000 pkcs11_protected_authentication = DISABLED
Thu Oct 28 10:47:49 2010 us=280000 pkcs11_protected_authentication = DISABLED
Thu Oct 28 10:47:49 2010 us=280000 pkcs11_protected_authentication = DISABLED
Thu Oct 28 10:47:49 2010 us=280000 pkcs11_protected_authentication = DISABLED
Thu Oct 28 10:47:49 2010 us=280000 pkcs11_protected_authentication = DISABLED
Thu Oct 28 10:47:49 2010 us=280000 pkcs11_protected_authentication = DISABLED
Thu Oct 28 10:47:49 2010 us=280000 pkcs11_protected_authentication = DISABLED
Thu Oct 28 10:47:49 2010 us=280000 pkcs11_protected_authentication = DISABLED
Thu Oct 28 10:47:49 2010 us=311000 pkcs11_protected_authentication = DISABLED
Thu Oct 28 10:47:49 2010 us=311000 pkcs11_protected_authentication = DISABLED
Thu Oct 28 10:47:49 2010 us=311000 pkcs11_protected_authentication = DISABLED
Thu Oct 28 10:47:49 2010 us=311000 pkcs11_protected_authentication = DISABLED
Thu Oct 28 10:47:49 2010 us=311000 pkcs11_private_mode = 00000000
Thu Oct 28 10:47:49 2010 us=311000 pkcs11_private_mode = 00000000
Thu Oct 28 10:47:49 2010 us=311000 pkcs11_private_mode = 00000000
Thu Oct 28 10:47:49 2010 us=311000 pkcs11_private_mode = 00000000
Thu Oct 28 10:47:49 2010 us=311000 pkcs11_private_mode = 00000000
Thu Oct 28 10:47:49 2010 us=311000 pkcs11_private_mode = 00000000
Thu Oct 28 10:47:49 2010 us=311000 pkcs11_private_mode = 00000000
Thu Oct 28 10:47:49 2010 us=311000 pkcs11_private_mode = 00000000
Thu Oct 28 10:47:49 2010 us=311000 pkcs11_private_mode = 00000000
Thu Oct 28 10:47:49 2010 us=311000 pkcs11_private_mode = 00000000
Thu Oct 28 10:47:49 2010 us=342000 pkcs11_private_mode = 00000000
Thu Oct 28 10:47:49 2010 us=342000 pkcs11_private_mode = 00000000
Thu Oct 28 10:47:49 2010 us=342000 pkcs11_private_mode = 00000000
Thu Oct 28 10:47:49 2010 us=342000 pkcs11_private_mode = 00000000
Thu Oct 28 10:47:49 2010 us=342000 pkcs11_private_mode = 00000000
Thu Oct 28 10:47:49 2010 us=342000 pkcs11_private_mode = 00000000
Thu Oct 28 10:47:49 2010 us=342000 pkcs11_cert_private = DISABLED
Thu Oct 28 10:47:49 2010 us=342000 pkcs11_cert_private = DISABLED
Thu Oct 28 10:47:49 2010 us=342000 pkcs11_cert_private = DISABLED
Thu Oct 28 10:47:49 2010 us=342000 pkcs11_cert_private = DISABLED
Thu Oct 28 10:47:49 2010 us=342000 pkcs11_cert_private = DISABLED
Thu Oct 28 10:47:49 2010 us=342000 pkcs11_cert_private = DISABLED
Thu Oct 28 10:47:49 2010 us=342000 pkcs11_cert_private = DISABLED
Thu Oct 28 10:47:49 2010 us=342000 pkcs11_cert_private = DISABLED
Thu Oct 28 10:47:49 2010 us=373000 pkcs11_cert_private = DISABLED
Thu Oct 28 10:47:49 2010 us=373000 pkcs11_cert_private = DISABLED
Thu Oct 28 10:47:49 2010 us=373000 pkcs11_cert_private = DISABLED
Thu Oct 28 10:47:49 2010 us=373000 pkcs11_cert_private = DISABLED
Thu Oct 28 10:47:49 2010 us=373000 pkcs11_cert_private = DISABLED
Thu Oct 28 10:47:49 2010 us=373000 pkcs11_cert_private = DISABLED
Thu Oct 28 10:47:49 2010 us=373000 pkcs11_cert_private = DISABLED
Thu Oct 28 10:47:49 2010 us=373000 pkcs11_cert_private = DISABLED
Thu Oct 28 10:47:49 2010 us=373000 pkcs11_pin_cache_period = -1
Thu Oct 28 10:47:49 2010 us=373000 pkcs11_id = '[UNDEF]'
Thu Oct 28 10:47:49 2010 us=373000 pkcs11_id_management = DISABLED
Thu Oct 28 10:47:49 2010 us=373000 server_network = 0.0.0.0
Thu Oct 28 10:47:49 2010 us=373000 server_netmask = 0.0.0.0
Thu Oct 28 10:47:49 2010 us=373000 server_bridge_ip = 0.0.0.0
Thu Oct 28 10:47:49 2010 us=373000 server_bridge_netmask = 0.0.0.0
Thu Oct 28 10:47:49 2010 us=404000 server_bridge_pool_start = 0.0.0.0
Thu Oct 28 10:47:49 2010 us=404000 server_bridge_pool_end = 0.0.0.0
Thu Oct 28 10:47:49 2010 us=404000 ifconfig_pool_defined = DISABLED
Thu Oct 28 10:47:49 2010 us=404000 ifconfig_pool_start = 0.0.0.0
Thu Oct 28 10:47:49 2010 us=404000 ifconfig_pool_end = 0.0.0.0
Thu Oct 28 10:47:49 2010 us=404000 ifconfig_pool_netmask = 0.0.0.0
Thu Oct 28 10:47:49 2010 us=404000 ifconfig_pool_persist_filename = '[UNDEF]'
Thu Oct 28 10:47:49 2010 us=404000 ifconfig_pool_persist_refresh_freq = 600
Thu Oct 28 10:47:49 2010 us=404000 n_bcast_buf = 256
Thu Oct 28 10:47:49 2010 us=404000 tcp_queue_limit = 64
Thu Oct 28 10:47:49 2010 us=404000 real_hash_size = 256
Thu Oct 28 10:47:49 2010 us=404000 virtual_hash_size = 256
Thu Oct 28 10:47:49 2010 us=404000 client_connect_script = '[UNDEF]'
Thu Oct 28 10:47:49 2010 us=404000 learn_address_script = '[UNDEF]'
Thu Oct 28 10:47:49 2010 us=420000 client_disconnect_script = '[UNDEF]'
Thu Oct 28 10:47:49 2010 us=420000 client_config_dir = '[UNDEF]'
Thu Oct 28 10:47:49 2010 us=420000 ccd_exclusive = DISABLED
Thu Oct 28 10:47:49 2010 us=420000 tmp_dir = '[UNDEF]'
Thu Oct 28 10:47:49 2010 us=420000 push_ifconfig_defined = DISABLED
Thu Oct 28 10:47:49 2010 us=420000 push_ifconfig_local = 0.0.0.0
Thu Oct 28 10:47:49 2010 us=420000 push_ifconfig_remote_netmask = 0.0.0.0
Thu Oct 28 10:47:49 2010 us=420000 enable_c2c = DISABLED
Thu Oct 28 10:47:49 2010 us=420000 duplicate_cn = DISABLED
Thu Oct 28 10:47:49 2010 us=420000 cf_max = 0
Thu Oct 28 10:47:49 2010 us=420000 cf_per = 0
Thu Oct 28 10:47:49 2010 us=420000 max_clients = 1024
Thu Oct 28 10:47:49 2010 us=420000 max_routes_per_client = 256
Thu Oct 28 10:47:49 2010 us=420000 auth_user_pass_verify_script = '[UNDEF]'
Thu Oct 28 10:47:49 2010 us=420000 auth_user_pass_verify_script_via_file = DISABLED
Thu Oct 28 10:47:49 2010 us=467000 ssl_flags = 0
Thu Oct 28 10:47:49 2010 us=467000 client = ENABLED
Thu Oct 28 10:47:49 2010 us=467000 pull = ENABLED
Thu Oct 28 10:47:49 2010 us=467000 auth_user_pass_file = '[UNDEF]'
Thu Oct 28 10:47:49 2010 us=467000 show_net_up = DISABLED
Thu Oct 28 10:47:49 2010 us=467000 route_method = 0
Thu Oct 28 10:47:49 2010 us=467000 ip_win32_defined = DISABLED
Thu Oct 28 10:47:49 2010 us=467000 ip_win32_type = 3
Thu Oct 28 10:47:49 2010 us=467000 dhcp_masq_offset = 0
Thu Oct 28 10:47:49 2010 us=467000 dhcp_lease_time = 31536000
Thu Oct 28 10:47:49 2010 us=467000 tap_sleep = 0
Thu Oct 28 10:47:49 2010 us=467000 dhcp_options = DISABLED
Thu Oct 28 10:47:49 2010 us=467000 dhcp_renew = DISABLED
Thu Oct 28 10:47:49 2010 us=467000 dhcp_pre_release = DISABLED
Thu Oct 28 10:47:49 2010 us=467000 dhcp_release = DISABLED
Thu Oct 28 10:47:49 2010 us=467000 domain = '[UNDEF]'
Thu Oct 28 10:47:49 2010 us=482000 netbios_scope = '[UNDEF]'
Thu Oct 28 10:47:49 2010 us=482000 netbios_node_type = 0
Thu Oct 28 10:47:49 2010 us=482000 disable_nbt = DISABLED
Thu Oct 28 10:47:49 2010 us=482000 OpenVPN 2.1.3 i686-pc-mingw32 [SSL] [LZO2] [PKCS11] built on Aug 20 2010
Thu Oct 28 10:47:49 2010 us=482000 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Thu Oct 28 10:47:49 2010 us=794000 Control Channel MTU parms [ L:1541 D:138 EF:38 EB:0 ET:0 EL:0 ]
Thu Oct 28 10:47:49 2010 us=794000 Socket Buffers: R=[8192->8192] S=[8192->8192]
Thu Oct 28 10:47:49 2010 us=935000 Data Channel MTU parms [ L:1541 D:1450 EF:41 EB:4 ET:0 EL:0 ]
Thu Oct 28 10:47:49 2010 us=935000 Local Options String: 'V4,dev-type tun,link-mtu 1541,tun-mtu 1500,proto UDPv4,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Thu Oct 28 10:47:49 2010 us=935000 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1541,tun-mtu 1500,proto UDPv4,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Thu Oct 28 10:47:49 2010 us=935000 Local Options hash (VER=V4): '3514370b'
Thu Oct 28 10:47:49 2010 us=935000 Expected Remote Options hash (VER=V4): '239669a8'
Thu Oct 28 10:47:49 2010 us=935000 UDPv4 link local: [undef]
Thu Oct 28 10:47:49 2010 us=935000 UDPv4 link remote: 99.16.101.28:1194
Thu Oct 28 10:47:50 2010 us=60000 TLS: Initial packet from 99.16.101.28:1194, sid=cacf5680 c5298bfa
Thu Oct 28 10:47:50 2010 us=746000 VERIFY OK: depth=1, /C=US/ST=CA/L=WalnutCreek/O=DewanNetVPN/CN=DewanNetOpenVPN/emailAddress=naveendewan@gmail.com
Thu Oct 28 10:47:50 2010 us=746000 VERIFY OK: nsCertType=SERVER
Thu Oct 28 10:47:50 2010 us=746000 VERIFY OK: depth=0, /C=US/ST=CA/O=DewanNetVPN/CN=server/emailAddress=naveendewan@gmail.com
Thu Oct 28 10:47:51 2010 us=620000 NOTE: Options consistency check may be skewed by version differences
Thu Oct 28 10:47:51 2010 us=620000 WARNING: 'version' is used inconsistently, local='version V4', remote='version V0 UNDEF'
Thu Oct 28 10:47:51 2010 us=620000 WARNING: 'dev-type' is present in local config but missing in remote config, local='dev-type tun'
Thu Oct 28 10:47:51 2010 us=620000 WARNING: 'link-mtu' is present in local config but missing in remote config, local='link-mtu 1541'
Thu Oct 28 10:47:51 2010 us=620000 WARNING: 'tun-mtu' is present in local config but missing in remote config, local='tun-mtu 1500'
Thu Oct 28 10:47:51 2010 us=620000 WARNING: 'proto' is present in local config but missing in remote config, local='proto UDPv4'
Thu Oct 28 10:47:51 2010 us=620000 WARNING: 'cipher' is present in local config but missing in remote config, local='cipher BF-CBC'
Thu Oct 28 10:47:51 2010 us=620000 WARNING: 'auth' is present in local config but missing in remote config, local='auth SHA1'
Thu Oct 28 10:47:51 2010 us=620000 WARNING: 'keysize' is present in local config but missing in remote config, local='keysize 128'
Thu Oct 28 10:47:51 2010 us=620000 WARNING: 'key-method' is present in local config but missing in remote config, local='key-method 2'
Thu Oct 28 10:47:51 2010 us=620000 WARNING: 'tls-server' is present in local config but missing in remote config, local='tls-server'
Thu Oct 28 10:47:51 2010 us=620000 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Oct 28 10:47:51 2010 us=620000 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Oct 28 10:47:51 2010 us=620000 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Oct 28 10:47:51 2010 us=620000 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Oct 28 10:47:51 2010 us=620000 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Thu Oct 28 10:47:51 2010 us=620000 [server] Peer Connection Initiated with 99.16.101.28:1194
Thu Oct 28 10:47:54 2010 us=116000 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Thu Oct 28 10:47:54 2010 us=162000 PUSH: Received control message: 'PUSH_REPLY,route 10.100.1.0 255.255.0.0,route 10.100.2.1,topology net30,ping 10,ping-restart 120,ifconfig 10.100.2.6 10.100.2.5'
Thu Oct 28 10:47:54 2010 us=162000 OPTIONS IMPORT: timers and/or timeouts modified
Thu Oct 28 10:47:54 2010 us=162000 OPTIONS IMPORT: --ifconfig/up options modified
Thu Oct 28 10:47:54 2010 us=162000 OPTIONS IMPORT: route options modified
Thu Oct 28 10:47:54 2010 us=162000 ROUTE default_gateway=192.168.43.1
Thu Oct 28 10:47:54 2010 us=178000 TAP-WIN32 device [OpenVPN to LAN @ Home] opened: \\.\Global\{9CD9C201-A423-4EA2-ADF5-5EFE5839BCFE}.tap
Thu Oct 28 10:47:54 2010 us=178000 TAP-Win32 Driver Version 9.7
Thu Oct 28 10:47:54 2010 us=178000 TAP-Win32 MTU=1500
Thu Oct 28 10:47:54 2010 us=178000 Notified TAP-Win32 driver to set a DHCP IP/netmask of 10.100.2.6/255.255.255.252 on interface {9CD9C201-A423-4EA2-ADF5-5EFE5839BCFE} [DHCP-serv: 10.100.2.5, lease-time: 31536000]
Thu Oct 28 10:47:54 2010 us=178000 Successful ARP Flush on interface [17] {9CD9C201-A423-4EA2-ADF5-5EFE5839BCFE}
Thu Oct 28 10:47:59 2010 us=466000 TEST ROUTES: 2/2 succeeded len=2 ret=1 a=0 u/d=up
Thu Oct 28 10:47:59 2010 us=482000 C:\WINDOWS\system32\route.exe ADD 10.100.1.0 MASK 255.255.0.0 10.100.2.5
Thu Oct 28 10:47:59 2010 us=482000 Warning: address 10.100.1.0 is not a network address in relation to netmask 255.255.0.0
Thu Oct 28 10:47:59 2010 us=482000 ROUTE: route addition failed using CreateIpForwardEntry: The parameter is incorrect. [status=87 if_index=17]
Thu Oct 28 10:47:59 2010 us=482000 Route addition via IPAPI failed [adaptive]
Thu Oct 28 10:47:59 2010 us=482000 Route addition fallback to route.exe
The route addition failed: The parameter is incorrect.
Thu Oct 28 10:47:59 2010 us=544000 C:\WINDOWS\system32\route.exe ADD 10.100.2.1 MASK 255.255.255.255 10.100.2.5
Thu Oct 28 10:47:59 2010 us=544000 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4
Thu Oct 28 10:47:59 2010 us=544000 Route addition via IPAPI succeeded [adaptive]
Thu Oct 28 10:47:59 2010 us=544000 Initialization Sequence Completed

ytekght · Post by **ytekght** » Sat Oct 30, 2010 12:27 am

thoughts / ideas /anyone ..?

Post by **krzee** » Wed Nov 03, 2010 4:40 am

add this to your windows config

Code: Select all

route-method exe

in your server config you have

Code: Select all

push "route 10.100.1.0 255.255.0.0"

why do you push 255.255.0.0? is this the lan behind your openvpn server? a whole /16!?
im pretty sure you wanted 255.255.255.0 here

OpenVPN Support Forum

Need help setting openVPN on a WRT54G router w/DD-WRT

Need help setting openVPN on a WRT54G router w/DD-WRT

Re: Need help setting openVPN on a WRT54G router w/DD-WRT

Re: Need help setting openVPN on a WRT54G router w/DD-WRT

Re: Need help setting openVPN on a WRT54G router w/DD-WRT

Re: Need help setting openVPN on a WRT54G router w/DD-WRT

Re: Need help setting openVPN on a WRT54G router w/DD-WRT

Re: Need help setting openVPN on a WRT54G router w/DD-WRT

Re: Need help setting openVPN on a WRT54G router w/DD-WRT

Re: Need help setting openVPN on a WRT54G router w/DD-WRT

Re: Need help setting openVPN on a WRT54G router w/DD-WRT

Re: Need help setting openVPN on a WRT54G router w/DD-WRT

Re: Need help setting openVPN on a WRT54G router w/DD-WRT

Re: Need help setting openVPN on a WRT54G router w/DD-WRT