OpenVPN Support Forum

I have set up an OpenVPN server on Windows XP and it works perfectly when connecting a Windows 7 client; however, when I attempt to connect a Linux client, I sometimes can ping the remote target hosts, sometimes not and every two minutes I get an "Inactivity Timeout [ping-restart] message even if I disable the keepalive option in client.conf.

I am running using proto udp at both ends as I am told that running TCP over TCP is bad news.

What is happening here ?

One thing I have found is that the tun interface is not always being destroyed at the end of session; when I do "sudo ifconfig -a" I see entries for tun0, tun1 and tun2 which is clearly wrong.

I have preformed power off shutdowns but they will not go away. I have looked in /etc/network/interfaces but they do not appear there so what is making them appear directly after Linux startup

How do I destroy them

I've moved on to a different Linux machine now and don't seem to be getting these spurious tun interfaces at least. However, the ping-restart inactivity timeouts still occur. The odd thing is that for the two minutes prior to the time-out it all seems to work, then the client activity freezes and a few seconds later I get the timeout and it all repeats again.

How can it get regular traffic through but filters out the keepalive packets ? I'm pretty sure I switched the firewall off in the server (its all an internal experiment so no harm there). More to the point, why does XP work as a client but not Linux ? As far as I can see the client.conf files are no different.

May be XP client is sending some packets anyhow. But on linux use keepalive - it's not so bad. It's a ping packet every nth second when no other traffic goes.

That's the problem though, it still times-out with a ping restart with keep alive enabled; I have tried it both ways.

Are the keep alive packets in or out of band i.e. do they go down the VPN tunnel or as free UDP packets; in the latter case, it could be a firewall somewhere interfering, in the former case, I have no idea what may be happening.

Here is my client.conf (with comments removed for ease of reading) :-

keepalive 10 600
client
dev tun
proto udp
remote 10.4.19.120 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca /etc/openvpn/ca.crt
cert /etc/openvpn/john.crt
key /etc/openvpn/john.key
ns-cert-type server
comp-lzo
verb 3

Ah, is it because dev tun can only tunnel IP traffic and the keep alive packets are not IP ?

If so, how do you ever get it to work; should I use dev tap instead ?

It's not about the tun or tap device. You must use keepalive on both, server and client config files, as pings are not echoed back.

proto udp
Sorry Mimiko, I forgot to include the server.conf file as well.

As you can see, it has the keepalive option as well.

dev tun
ca "c:\\Program Files\\OpenVPN\\easy-rsa\\keys\\ca.crt"
cert "c:\\Program Files\\OpenVPN\\easy-rsa\\keys\\kas_test.crt"
key "c:\\Program Files\\OpenVPN\\easy-rsa\\keys\\kas_test.key" # This file should be kept secret
dh "c:\\Program Files\\OpenVPN\\easy-rsa\\keys\\dh1024.pem"
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "route 192.168.0.0 255.255.255.0"
keepalive 10 120
cipher BF-CBC # Blowfish (default)
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 4


One thing I should point out is that my client is on an internal building LAN 10.4.0.0/16 and the
server is on the same LAN. The object of my experiment is to try out remote management as a proof of
concept. The items to be managed are on a separate local sub-net 192.168.0.0/24 as well as the other Ethernet connection of the server that is on address 192.168.0.3. All items on the "remote" local sub-net
have 192.168.0.3 programmed as their default gateway (I know this means they have no access to the
public internet but this is what I want on security grounds).

Hope this information can shed some light and thanks for your contribution so far.

Could you post the linux log of OpenVPN, and the OpenVPN server's log related to this client?

Here is a sample client log

Tue Oct 25 14:01:21 2011 OpenVPN 2.1_rc11 i486-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] built on Sep 18 2008
Tue Oct 25 14:01:21 2011 WARNING: file '/etc/openvpn/john.key' is group or others accessible
Tue Oct 25 14:01:21 2011 /usr/bin/openssl-vulnkey -q -b 1024 -m <modulus omitted>
Tue Oct 25 14:01:21 2011 Control Channel MTU parms [ L:1541 D:138 EF:38 EB:0 ET:0 EL:0 ]
Tue Oct 25 14:01:21 2011 Data Channel MTU parms [ L:1541 D:1450 EF:41 EB:4 ET:0 EL:0 ]
Tue Oct 25 14:01:21 2011 Local Options hash (VER=V4): '3514370b'
Tue Oct 25 14:01:21 2011 Expected Remote Options hash (VER=V4): '239669a8'
Tue Oct 25 14:01:21 2011 Socket Buffers: R=[109568->131072] S=[109568->131072]
Tue Oct 25 14:01:21 2011 UDPv4 link local: [undef]
Tue Oct 25 14:01:21 2011 UDPv4 link remote: 10.4.19.120:1194
Tue Oct 25 14:01:21 2011 TLS: Initial packet from 10.4.19.120:1194, sid=d417ca12 762f0580
Tue Oct 25 14:01:22 2011 VERIFY OK: depth=1, /C=GB/ST=Beds/L=Dunstable/O=KAS/OU=changeme/CN=kas_test/name=changeme/emailAddress=john@kaspapersystems.com
Tue Oct 25 14:01:22 2011 VERIFY OK: nsCertType=SERVER
Tue Oct 25 14:01:22 2011 VERIFY OK: depth=0, /C=GB/ST=Beds/L=Dunstable/O=KAS/OU=changeme/CN=kas_test/name=changeme/emailAddress=john@kaspapersystems.com
Tue Oct 25 14:01:26 2011 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1541', remote='link-mtu 1542'
Tue Oct 25 14:01:26 2011 WARNING: 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
Tue Oct 25 14:01:26 2011 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Tue Oct 25 14:01:26 2011 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Oct 25 14:01:26 2011 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Tue Oct 25 14:01:26 2011 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Oct 25 14:01:26 2011 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Tue Oct 25 14:01:26 2011 [kas_test] Peer Connection Initiated with 10.4.19.120:1194
Tue Oct 25 14:01:27 2011 SENT CONTROL [kas_test]: 'PUSH_REQUEST' (status=1)
Tue Oct 25 14:01:27 2011 PUSH: Received control message: 'PUSH_REPLY,route 192.168.0.0 255.255.255.0,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5'
Tue Oct 25 14:01:27 2011 OPTIONS IMPORT: timers and/or timeouts modified
Tue Oct 25 14:01:27 2011 OPTIONS IMPORT: --ifconfig/up options modified
Tue Oct 25 14:01:27 2011 OPTIONS IMPORT: route options modified
Tue Oct 25 14:01:27 2011 ROUTE default_gateway=10.4.19.3
Tue Oct 25 14:01:27 2011 TUN/TAP device tun2 opened
Tue Oct 25 14:01:27 2011 TUN/TAP TX queue length set to 100
Tue Oct 25 14:01:27 2011 /sbin/ifconfig tun2 10.8.0.6 pointopoint 10.8.0.5 mtu 1500
Tue Oct 25 14:01:27 2011 /sbin/route add -net 192.168.0.0 netmask 255.255.255.0 gw 10.8.0.5
Tue Oct 25 14:01:27 2011 /sbin/route add -net 10.8.0.1 netmask 255.255.255.255 gw 10.8.0.5
Tue Oct 25 14:01:27 2011 Initialization Sequence Completed
Tue Oct 25 14:04:27 2011 [kas_test] Inactivity timeout (--ping-restart), restarting
Tue Oct 25 14:04:27 2011 TCP/UDP: Closing socket
Tue Oct 25 14:04:27 2011 SIGUSR1[soft,ping-restart] received, process restarting
Tue Oct 25 14:04:27 2011 Restart pause, 2 second(s)
Tue Oct 25 14:04:29 2011 Re-using SSL/TLS context
Tue Oct 25 14:04:29 2011 Control Channel MTU parms [ L:1541 D:138 EF:38 EB:0 ET:0 EL:0 ]
Tue Oct 25 14:04:29 2011 Data Channel MTU parms [ L:1541 D:1450 EF:41 EB:4 ET:0 EL:0 ]
Tue Oct 25 14:04:29 2011 Local Options hash (VER=V4): '3514370b'
Tue Oct 25 14:04:29 2011 Expected Remote Options hash (VER=V4): '239669a8'
Tue Oct 25 14:04:29 2011 Socket Buffers: R=[109568->131072] S=[109568->131072]
Tue Oct 25 14:04:29 2011 UDPv4 link local: [undef]
Tue Oct 25 14:04:29 2011 UDPv4 link remote: 10.4.19.120:1194
Tue Oct 25 14:04:29 2011 TLS: Initial packet from 10.4.19.120:1194, sid=95a5aa35 799ea977
Tue Oct 25 14:04:29 2011 VERIFY OK: depth=1, /C=GB/ST=Beds/L=Dunstable/O=KAS/OU=changeme/CN=kas_test/name=changeme/emailAddress=john@kaspapersystems.com
Tue Oct 25 14:04:29 2011 VERIFY OK: nsCertType=SERVER
Tue Oct 25 14:04:29 2011 VERIFY OK: depth=0, /C=GB/ST=Beds/L=Dunstable/O=KAS/OU=changeme/CN=kas_test/name=changeme/emailAddress=john@kaspapersystems.com
Tue Oct 25 14:04:36 2011 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1541', remote='link-mtu 1542'
Tue Oct 25 14:04:36 2011 WARNING: 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
Tue Oct 25 14:04:36 2011 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Tue Oct 25 14:04:36 2011 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Oct 25 14:04:36 2011 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Tue Oct 25 14:04:36 2011 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Oct 25 14:04:36 2011 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Tue Oct 25 14:04:36 2011 [kas_test] Peer Connection Initiated with 10.4.19.120:1194
Tue Oct 25 14:04:37 2011 SENT CONTROL [kas_test]: 'PUSH_REQUEST' (status=1)
Tue Oct 25 14:04:37 2011 PUSH: Received control message: 'PUSH_REPLY,route 192.168.0.0 255.255.255.0,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5'
Tue Oct 25 14:04:37 2011 OPTIONS IMPORT: timers and/or timeouts modified
Tue Oct 25 14:04:37 2011 OPTIONS IMPORT: --ifconfig/up options modified
Tue Oct 25 14:04:37 2011 OPTIONS IMPORT: route options modified
Tue Oct 25 14:04:37 2011 Preserving previous TUN/TAP instance: tun2
Tue Oct 25 14:04:37 2011 Initialization Sequence Completed
Tue Oct 25 14:06:57 2011 [kas_test] Inactivity timeout (--ping-restart), restarting
Tue Oct 25 14:06:57 2011 TCP/UDP: Closing socket
Tue Oct 25 14:06:57 2011 SIGUSR1[soft,ping-restart] received, process restarting
Tue Oct 25 14:06:57 2011 Restart pause, 2 second(s)
Tue Oct 25 14:06:59 2011 Re-using SSL/TLS context
Tue Oct 25 14:06:59 2011 Control Channel MTU parms [ L:1541 D:138 EF:38 EB:0 ET:0 EL:0 ]
Tue Oct 25 14:06:59 2011 Data Channel MTU parms [ L:1541 D:1450 EF:41 EB:4 ET:0 EL:0 ]
Tue Oct 25 14:06:59 2011 Local Options hash (VER=V4): '3514370b'
Tue Oct 25 14:06:59 2011 Expected Remote Options hash (VER=V4): '239669a8'
Tue Oct 25 14:06:59 2011 Socket Buffers: R=[109568->131072] S=[109568->131072]
Tue Oct 25 14:06:59 2011 UDPv4 link local: [undef]
Tue Oct 25 14:06:59 2011 UDPv4 link remote: 10.4.19.120:1194
Tue Oct 25 14:06:59 2011 TLS: Initial packet from 10.4.19.120:1194, sid=14aaf6fc b5c87f84
Tue Oct 25 14:07:04 2011 VERIFY OK: depth=1, /C=GB/ST=Beds/L=Dunstable/O=KAS/OU=changeme/CN=kas_test/name=changeme/emailAddress=john@kaspapersystems.com
Tue Oct 25 14:07:04 2011 VERIFY OK: nsCertType=SERVER
Tue Oct 25 14:07:04 2011 VERIFY OK: depth=0, /C=GB/ST=Beds/L=Dunstable/O=KAS/OU=changeme/CN=kas_test/name=changeme/emailAddress=john@kaspapersystems.com
Tue Oct 25 14:07:06 2011 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1541', remote='link-mtu 1542'
Tue Oct 25 14:07:06 2011 WARNING: 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
Tue Oct 25 14:07:06 2011 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Tue Oct 25 14:07:06 2011 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Oct 25 14:07:06 2011 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Tue Oct 25 14:07:06 2011 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Oct 25 14:07:06 2011 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Tue Oct 25 14:07:06 2011 [kas_test] Peer Connection Initiated with 10.4.19.120:1194
Tue Oct 25 14:07:08 2011 SENT CONTROL [kas_test]: 'PUSH_REQUEST' (status=1)
Tue Oct 25 14:07:08 2011 PUSH: Received control message: 'PUSH_REPLY,route 192.168.0.0 255.255.255.0,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5'
Tue Oct 25 14:07:08 2011 OPTIONS IMPORT: timers and/or timeouts modified
Tue Oct 25 14:07:08 2011 OPTIONS IMPORT: --ifconfig/up options modified
Tue Oct 25 14:07:08 2011 OPTIONS IMPORT: route options modified
Tue Oct 25 14:07:08 2011 Preserving previous TUN/TAP instance: tun2
Tue Oct 25 14:07:08 2011 Initialization Sequence Completed
Tue Oct 25 14:09:08 2011 [kas_test] Inactivity timeout (--ping-restart), restarting
Tue Oct 25 14:09:08 2011 TCP/UDP: Closing socket
Tue Oct 25 14:09:08 2011 SIGUSR1[soft,ping-restart] received, process restarting
Tue Oct 25 14:09:08 2011 Restart pause, 2 second(s)
Tue Oct 25 14:09:10 2011 Re-using SSL/TLS context
Tue Oct 25 14:09:10 2011 Control Channel MTU parms [ L:1541 D:138 EF:38 EB:0 ET:0 EL:0 ]
Tue Oct 25 14:09:10 2011 Data Channel MTU parms [ L:1541 D:1450 EF:41 EB:4 ET:0 EL:0 ]
Tue Oct 25 14:09:10 2011 Local Options hash (VER=V4): '3514370b'
Tue Oct 25 14:09:10 2011 Expected Remote Options hash (VER=V4): '239669a8'
Tue Oct 25 14:09:10 2011 Socket Buffers: R=[109568->131072] S=[109568->131072]
Tue Oct 25 14:09:10 2011 UDPv4 link local: [undef]
Tue Oct 25 14:09:10 2011 UDPv4 link remote: 10.4.19.120:1194
Tue Oct 25 14:09:10 2011 TLS: Initial packet from 10.4.19.120:1194, sid=4f12a651 bb820f4a
Tue Oct 25 14:09:10 2011 VERIFY OK: depth=1, /C=GB/ST=Beds/L=Dunstable/O=KAS/OU=changeme/CN=kas_test/name=changeme/emailAddress=john@kaspapersystems.com
Tue Oct 25 14:09:10 2011 VERIFY OK: nsCertType=SERVER
Tue Oct 25 14:09:10 2011 VERIFY OK: depth=0, /C=GB/ST=Beds/L=Dunstable/O=KAS/OU=changeme/CN=kas_test/name=changeme/emailAddress=john@kaspapersystems.com
Tue Oct 25 14:09:15 2011 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1541', remote='link-mtu 1542'
Tue Oct 25 14:09:15 2011 WARNING: 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
Tue Oct 25 14:09:15 2011 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Tue Oct 25 14:09:15 2011 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Oct 25 14:09:15 2011 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Tue Oct 25 14:09:15 2011 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Oct 25 14:09:15 2011 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Tue Oct 25 14:09:15 2011 [kas_test] Peer Connection Initiated with 10.4.19.120:1194
Tue Oct 25 14:09:16 2011 SENT CONTROL [kas_test]: 'PUSH_REQUEST' (status=1)
Tue Oct 25 14:09:16 2011 PUSH: Received control message: 'PUSH_REPLY,route 192.168.0.0 255.255.255.0,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5'
Tue Oct 25 14:09:16 2011 OPTIONS IMPORT: timers and/or timeouts modified
Tue Oct 25 14:09:16 2011 OPTIONS IMPORT: --ifconfig/up options modified
Tue Oct 25 14:09:16 2011 OPTIONS IMPORT: route options modified
Tue Oct 25 14:09:16 2011 Preserving previous TUN/TAP instance: tun2
Tue Oct 25 14:09:16 2011 Initialization Sequence Completed
Tue Oct 25 14:10:16 2011 event_wait : Interrupted system call (code=4)
Tue Oct 25 14:10:16 2011 TCP/UDP: Closing socket
Tue Oct 25 14:10:16 2011 /sbin/route del -net 10.8.0.1 netmask 255.255.255.255
Tue Oct 25 14:10:16 2011 /sbin/route del -net 192.168.0.0 netmask 255.255.255.0
Tue Oct 25 14:10:16 2011 Closing TUN/TAP interface
Tue Oct 25 14:10:16 2011 /sbin/ifconfig tun2 0.0.0.0
Tue Oct 25 14:10:16 2011 SIGINT[hard,] received, process exiting




Here is part of the server log; it is far too big to send it all


Mon Oct 24 08:40:12 2011 us=46000 Current Parameter Settings:
Mon Oct 24 08:40:12 2011 us=46000 config = 'server.ovpn'
Mon Oct 24 08:40:12 2011 us=46000 mode = 1
Mon Oct 24 08:40:12 2011 us=46000 show_ciphers = DISABLED
Mon Oct 24 08:40:12 2011 us=46000 show_digests = DISABLED
Mon Oct 24 08:40:12 2011 us=46000 show_engines = DISABLED
Mon Oct 24 08:40:12 2011 us=46000 genkey = DISABLED
Mon Oct 24 08:40:12 2011 us=46000 key_pass_file = '[UNDEF]'
Mon Oct 24 08:40:12 2011 us=46000 show_tls_ciphers = DISABLED
Mon Oct 24 08:40:12 2011 us=46000 Connection profiles [default]:
Mon Oct 24 08:40:12 2011 us=46000 proto = udp
Mon Oct 24 08:40:12 2011 us=46000 local = '[UNDEF]'
Mon Oct 24 08:40:12 2011 us=46000 local_port = 1194
Mon Oct 24 08:40:12 2011 us=46000 remote = '[UNDEF]'
Mon Oct 24 08:40:12 2011 us=46000 remote_port = 1194
Mon Oct 24 08:40:12 2011 us=46000 remote_float = DISABLED
Mon Oct 24 08:40:12 2011 us=46000 bind_defined = DISABLED
Mon Oct 24 08:40:12 2011 us=46000 bind_local = ENABLED
Mon Oct 24 08:40:12 2011 us=46000 connect_retry_seconds = 5
Mon Oct 24 08:40:12 2011 us=46000 connect_timeout = 10
Mon Oct 24 08:40:12 2011 us=46000 connect_retry_max = 0
Mon Oct 24 08:40:12 2011 us=46000 socks_proxy_server = '[UNDEF]'
Mon Oct 24 08:40:12 2011 us=46000 socks_proxy_port = 0
Mon Oct 24 08:40:12 2011 us=46000 socks_proxy_retry = DISABLED
Mon Oct 24 08:40:12 2011 us=46000 Connection profiles END
Mon Oct 24 08:40:12 2011 us=46000 remote_random = DISABLED
Mon Oct 24 08:40:12 2011 us=46000 ipchange = '[UNDEF]'
Mon Oct 24 08:40:12 2011 us=46000 dev = 'tun'
Mon Oct 24 08:40:12 2011 us=46000 dev_type = '[UNDEF]'
Mon Oct 24 08:40:12 2011 us=46000 dev_node = 'Local Area Connection 2'
Mon Oct 24 08:40:12 2011 us=46000 lladdr = '[UNDEF]'
Mon Oct 24 08:40:12 2011 us=46000 topology = 1
Mon Oct 24 08:40:12 2011 us=46000 tun_ipv6 = DISABLED
Mon Oct 24 08:40:12 2011 us=46000 ifconfig_local = '10.8.0.1'
Mon Oct 24 08:40:12 2011 us=46000 ifconfig_remote_netmask = '10.8.0.2'
Mon Oct 24 08:40:12 2011 us=46000 ifconfig_noexec = DISABLED
Mon Oct 24 08:40:12 2011 us=46000 ifconfig_nowarn = DISABLED
Mon Oct 24 08:40:12 2011 us=46000 shaper = 0
Mon Oct 24 08:40:12 2011 us=46000 tun_mtu = 1500
Mon Oct 24 08:40:12 2011 us=46000 tun_mtu_defined = ENABLED
Mon Oct 24 08:40:12 2011 us=46000 link_mtu = 1500
Mon Oct 24 08:40:12 2011 us=46000 link_mtu_defined = DISABLED
Mon Oct 24 08:40:12 2011 us=46000 tun_mtu_extra = 0
Mon Oct 24 08:40:12 2011 us=46000 tun_mtu_extra_defined = DISABLED
Mon Oct 24 08:40:12 2011 us=46000 fragment = 0
Mon Oct 24 08:40:12 2011 us=46000 mtu_discover_type = -1
Mon Oct 24 08:40:12 2011 us=46000 mtu_test = 0
Mon Oct 24 08:40:12 2011 us=46000 mlock = DISABLED
Mon Oct 24 08:40:12 2011 us=46000 keepalive_ping = 10
Mon Oct 24 08:40:12 2011 us=46000 keepalive_timeout = 120
Mon Oct 24 08:40:12 2011 us=46000 inactivity_timeout = 0
Mon Oct 24 08:40:12 2011 us=46000 ping_send_timeout = 10
Mon Oct 24 08:40:12 2011 us=46000 ping_rec_timeout = 240
Mon Oct 24 08:40:12 2011 us=46000 ping_rec_timeout_action = 2
Mon Oct 24 08:40:12 2011 us=46000 ping_timer_remote = DISABLED
Mon Oct 24 08:40:12 2011 us=46000 remap_sigusr1 = 0
Mon Oct 24 08:40:12 2011 us=46000 explicit_exit_notification = 0
Mon Oct 24 08:40:12 2011 us=46000 persist_tun = ENABLED
Mon Oct 24 08:40:12 2011 us=46000 persist_local_ip = DISABLED
Mon Oct 24 08:40:12 2011 us=46000 persist_remote_ip = DISABLED
Mon Oct 24 08:40:12 2011 us=46000 persist_key = ENABLED
Mon Oct 24 08:40:12 2011 us=46000 mssfix = 1450
Mon Oct 24 08:40:12 2011 us=46000 resolve_retry_seconds = 1000000000
Mon Oct 24 08:40:12 2011 us=46000 username = '[UNDEF]'
Mon Oct 24 08:40:12 2011 us=46000 groupname = '[UNDEF]'
Mon Oct 24 08:40:12 2011 us=46000 chroot_dir = '[UNDEF]'
Mon Oct 24 08:40:12 2011 us=46000 cd_dir = '[UNDEF]'
Mon Oct 24 08:40:12 2011 us=46000 writepid = '[UNDEF]'
Mon Oct 24 08:40:12 2011 us=46000 up_script = '[UNDEF]'
Mon Oct 24 08:40:12 2011 us=296000 down_script = '[UNDEF]'
Mon Oct 24 08:40:12 2011 us=296000 down_pre = DISABLED
Mon Oct 24 08:40:12 2011 us=296000 up_restart = DISABLED
Mon Oct 24 08:40:12 2011 us=296000 up_delay = DISABLED
Mon Oct 24 08:40:12 2011 us=296000 daemon = DISABLED
Mon Oct 24 08:40:12 2011 us=296000 inetd = 0
Mon Oct 24 08:40:12 2011 us=296000 log = DISABLED
Mon Oct 24 08:40:12 2011 us=296000 suppress_timestamps = DISABLED
Mon Oct 24 08:40:12 2011 us=296000 nice = 0
Mon Oct 24 08:40:12 2011 us=296000 verbosity = 4
Mon Oct 24 08:40:12 2011 us=296000 mute = 0
Mon Oct 24 08:40:12 2011 us=296000 gremlin = 0
Mon Oct 24 08:40:12 2011 us=296000 status_file = 'openvpn-status.log'
Mon Oct 24 08:40:12 2011 us=296000 status_file_version = 1
Mon Oct 24 08:40:12 2011 us=296000 status_file_update_freq = 60
Mon Oct 24 08:40:12 2011 us=296000 occ = ENABLED
Mon Oct 24 08:40:12 2011 us=296000 rcvbuf = 0
Mon Oct 24 08:40:12 2011 us=296000 sndbuf = 0
Mon Oct 24 08:40:12 2011 us=343000 sockflags = 0
Mon Oct 24 08:40:12 2011 us=343000 fast_io = DISABLED
Mon Oct 24 08:40:12 2011 us=343000 lzo = 7
Mon Oct 24 08:40:12 2011 us=343000 route_script = '[UNDEF]'
Mon Oct 24 08:40:12 2011 us=343000 route_default_gateway = '[UNDEF]'
Mon Oct 24 08:40:12 2011 us=343000 route_default_metric = 0
Mon Oct 24 08:40:12 2011 us=343000 route_noexec = DISABLED
Mon Oct 24 08:40:12 2011 us=343000 route_delay = 0
Mon Oct 24 08:40:12 2011 us=343000 route_delay_window = 30
Mon Oct 24 08:40:12 2011 us=343000 route_delay_defined = DISABLED
Mon Oct 24 08:40:12 2011 us=343000 route_nopull = DISABLED
Mon Oct 24 08:40:12 2011 us=343000 route_gateway_via_dhcp = DISABLED
Mon Oct 24 08:40:12 2011 us=343000 max_routes = 100
Mon Oct 24 08:40:12 2011 us=343000 allow_pull_fqdn = DISABLED
Mon Oct 24 08:40:12 2011 us=343000 route 10.8.0.0/255.255.255.0/nil/nil
Mon Oct 24 08:40:12 2011 us=343000 management_addr = '[UNDEF]'
Mon Oct 24 08:40:12 2011 us=359000 management_port = 0
Mon Oct 24 08:40:12 2011 us=359000 management_user_pass = '[UNDEF]'
Mon Oct 24 08:40:12 2011 us=359000 management_log_history_cache = 250
Mon Oct 24 08:40:12 2011 us=359000 management_echo_buffer_size = 100
Mon Oct 24 08:40:12 2011 us=359000 management_write_peer_info_file = '[UNDEF]'
Mon Oct 24 08:40:12 2011 us=359000 management_client_user = '[UNDEF]'
Mon Oct 24 08:40:12 2011 us=359000 management_client_group = '[UNDEF]'
Mon Oct 24 08:40:12 2011 us=359000 management_flags = 0
Mon Oct 24 08:40:12 2011 us=359000 shared_secret_file = '[UNDEF]'
Mon Oct 24 08:40:12 2011 us=359000 key_direction = 0
Mon Oct 24 08:40:12 2011 us=359000 ciphername_defined = ENABLED
Mon Oct 24 08:40:12 2011 us=359000 ciphername = 'BF-CBC'
Mon Oct 24 08:40:12 2011 us=359000 authname_defined = ENABLED
Mon Oct 24 08:40:12 2011 us=359000 authname = 'SHA1'
Mon Oct 24 08:40:12 2011 us=359000 prng_hash = 'SHA1'
Mon Oct 24 08:40:12 2011 us=359000 prng_nonce_secret_len = 16
Mon Oct 24 08:40:12 2011 us=375000 keysize = 0
Mon Oct 24 08:40:12 2011 us=375000 engine = DISABLED
Mon Oct 24 08:40:12 2011 us=375000 replay = ENABLED
Mon Oct 24 08:40:12 2011 us=375000 mute_replay_warnings = DISABLED
Mon Oct 24 08:40:12 2011 us=375000 replay_window = 64
Mon Oct 24 08:40:12 2011 us=375000 replay_time = 15
Mon Oct 24 08:40:12 2011 us=375000 packet_id_file = '[UNDEF]'
Mon Oct 24 08:40:12 2011 us=375000 use_iv = ENABLED
Mon Oct 24 08:40:12 2011 us=375000 test_crypto = DISABLED
Mon Oct 24 08:40:12 2011 us=375000 tls_server = ENABLED
Mon Oct 24 08:40:12 2011 us=375000 tls_client = DISABLED
Mon Oct 24 08:40:12 2011 us=375000 key_method = 2
Mon Oct 24 08:40:12 2011 us=375000 ca_file = 'c:\Program Files\OpenVPN\easy-rsa\keys\ca.crt'
Mon Oct 24 08:40:12 2011 us=375000 ca_path = '[UNDEF]'
Mon Oct 24 08:40:12 2011 us=375000 dh_file = 'c:\Program Files\OpenVPN\easy-rsa\keys\dh1024.pem'
Mon Oct 24 08:40:12 2011 us=375000 cert_file = 'c:\Program Files\OpenVPN\easy-rsa\keys\kas_test.crt'
Mon Oct 24 08:40:12 2011 us=390000 priv_key_file = 'c:\Program Files\OpenVPN\easy-rsa\keys\kas_test.key'
Mon Oct 24 08:40:12 2011 us=390000 pkcs12_file = '[UNDEF]'
Mon Oct 24 08:40:12 2011 us=390000 cryptoapi_cert = '[UNDEF]'
Mon Oct 24 08:40:12 2011 us=390000 cipher_list = '[UNDEF]'
Mon Oct 24 08:40:12 2011 us=390000 tls_verify = '[UNDEF]'
Mon Oct 24 08:40:12 2011 us=390000 tls_export_cert = '[UNDEF]'
Mon Oct 24 08:40:12 2011 us=390000 tls_remote = '[UNDEF]'
Mon Oct 24 08:40:12 2011 us=390000 crl_file = '[UNDEF]'
Mon Oct 24 08:40:12 2011 us=390000 ns_cert_type = 0
Mon Oct 24 08:40:12 2011 us=390000 remote_cert_ku = 0
Mon Oct 24 08:40:12 2011 us=390000 remote_cert_ku = 0
Mon Oct 24 08:40:12 2011 us=390000 remote_cert_ku = 0
Mon Oct 24 08:40:12 2011 us=390000 remote_cert_ku = 0
Mon Oct 24 08:40:12 2011 us=390000 remote_cert_ku = 0
Mon Oct 24 08:40:12 2011 us=406000 remote_cert_ku = 0
Mon Oct 24 08:40:12 2011 us=406000 remote_cert_ku = 0
Mon Oct 24 08:40:12 2011 us=406000 remote_cert_ku = 0
Mon Oct 24 08:40:12 2011 us=406000 remote_cert_ku = 0
Mon Oct 24 08:40:12 2011 us=406000 remote_cert_ku = 0
Mon Oct 24 08:40:12 2011 us=406000 remote_cert_ku[i] = 0
Mon Oct 24 08:40:12 2011 us=406000 remote_cert_ku[i] = 0
Mon Oct 24 08:40:12 2011 us=406000 remote_cert_ku[i] = 0
Mon Oct 24 08:40:12 2011 us=406000 remote_cert_ku[i] = 0
Mon Oct 24 08:40:12 2011 us=406000 remote_cert_ku[i] = 0
Mon Oct 24 08:40:12 2011 us=406000 remote_cert_ku[i] = 0
Mon Oct 24 08:40:12 2011 us=406000 remote_cert_eku = '[UNDEF]'
Mon Oct 24 08:40:12 2011 us=406000 tls_timeout = 2
Mon Oct 24 08:40:12 2011 us=406000 renegotiate_bytes = 0
Mon Oct 24 08:40:12 2011 us=406000 renegotiate_packets = 0
Mon Oct 24 08:40:12 2011 us=406000 renegotiate_seconds = 3600
Mon Oct 24 08:40:12 2011 us=421000 handshake_window = 60
Mon Oct 24 08:40:12 2011 us=421000 transition_window = 3600
Mon Oct 24 08:40:12 2011 us=421000 single_session = DISABLED
Mon Oct 24 08:40:12 2011 us=421000 push_peer_info = DISABLED
Mon Oct 24 08:40:12 2011 us=421000 tls_exit = DISABLED
Mon Oct 24 08:40:12 2011 us=421000 tls_auth_file = '[UNDEF]'
Mon Oct 24 08:40:12 2011 us=421000 server_network = 10.8.0.0
Mon Oct 24 08:40:12 2011 us=421000 server_netmask = 255.255.255.0
Mon Oct 24 08:40:12 2011 us=421000 server_bridge_ip = 0.0.0.0
Mon Oct 24 08:40:12 2011 us=421000 server_bridge_netmask = 0.0.0.0
Mon Oct 24 08:40:12 2011 us=421000 server_bridge_pool_start = 0.0.0.0
Mon Oct 24 08:40:12 2011 us=421000 server_bridge_pool_end = 0.0.0.0
Mon Oct 24 08:40:12 2011 us=421000 push_entry = 'route 192.168.0.0 255.255.255.0'
Mon Oct 24 08:40:12 2011 us=421000 push_entry = 'route 10.8.0.1'
Mon Oct 24 08:40:12 2011 us=421000 push_entry = 'topology net30'
Mon Oct 24 08:40:12 2011 us=437000 push_entry = 'ping 10'
Mon Oct 24 08:40:12 2011 us=437000 push_entry = 'ping-restart 120'
Mon Oct 24 08:40:12 2011 us=437000 ifconfig_pool_defined = ENABLED
Mon Oct 24 08:40:12 2011 us=437000 ifconfig_pool_start = 10.8.0.4
Mon Oct 24 08:40:12 2011 us=437000 ifconfig_pool_end = 10.8.0.251
Mon Oct 24 08:40:12 2011 us=437000 ifconfig_pool_netmask = 0.0.0.0
Mon Oct 24 08:40:12 2011 us=437000 ifconfig_pool_persist_filename = 'ipp.txt'
Mon Oct 24 08:40:12 2011 us=437000 ifconfig_pool_persist_refresh_freq = 600
Mon Oct 24 08:40:12 2011 us=437000 n_bcast_buf = 256
Mon Oct 24 08:40:12 2011 us=437000 tcp_queue_limit = 64
Mon Oct 24 08:40:12 2011 us=437000 real_hash_size = 256
Mon Oct 24 08:40:12 2011 us=437000 virtual_hash_size = 256
Mon Oct 24 08:40:12 2011 us=437000 client_connect_script = '[UNDEF]'
Mon Oct 24 08:40:12 2011 us=437000 learn_address_script = '[UNDEF]'
Mon Oct 24 08:40:12 2011 us=437000 client_disconnect_script = '[UNDEF]'
Mon Oct 24 08:40:12 2011 us=453000 client_config_dir = '[UNDEF]'
Mon Oct 24 08:40:12 2011 us=453000 ccd_exclusive = DISABLED
Mon Oct 24 08:40:12 2011 us=453000 tmp_dir = 'C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\'
Mon Oct 24 08:40:12 2011 us=453000 push_ifconfig_defined = DISABLED
Mon Oct 24 08:40:12 2011 us=453000 push_ifconfig_local = 0.0.0.0
Mon Oct 24 08:40:12 2011 us=453000 push_ifconfig_remote_netmask = 0.0.0.0
Mon Oct 24 08:40:12 2011 us=453000 enable_c2c = DISABLED
Mon Oct 24 08:40:12 2011 us=453000 duplicate_cn = DISABLED
Mon Oct 24 08:40:12 2011 us=453000 cf_max = 0
Mon Oct 24 08:40:12 2011 us=453000 cf_per = 0
Mon Oct 24 08:40:12 2011 us=453000 max_clients = 1024
Mon Oct 24 08:40:12 2011 us=453000 max_routes_per_client = 256
Mon Oct 24 08:40:12 2011 us=453000 auth_user_pass_verify_script = '[UNDEF]'
Mon Oct 24 08:40:12 2011 us=453000 auth_user_pass_verify_script_via_file = DISABLED
Mon Oct 24 08:40:12 2011 us=453000 ssl_flags = 0
Mon Oct 24 08:40:12 2011 us=468000 client = DISABLED
Mon Oct 24 08:40:12 2011 us=468000 pull = DISABLED
Mon Oct 24 08:40:12 2011 us=468000 auth_user_pass_file = '[UNDEF]'
Mon Oct 24 08:40:12 2011 us=468000 show_net_up = DISABLED
Mon Oct 24 08:40:12 2011 us=468000 route_method = 0
Mon Oct 24 08:40:12 2011 us=468000 ip_win32_defined = DISABLED
Mon Oct 24 08:40:12 2011 us=468000 ip_win32_type = 3
Mon Oct 24 08:40:12 2011 us=468000 dhcp_masq_offset = 0
Mon Oct 24 08:40:12 2011 us=468000 dhcp_lease_time = 31536000
Mon Oct 24 08:40:12 2011 us=468000 tap_sleep = 10
Mon Oct 24 08:40:12 2011 us=468000 dhcp_options = DISABLED
Mon Oct 24 08:40:12 2011 us=468000 dhcp_renew = DISABLED
Mon Oct 24 08:40:12 2011 us=468000 dhcp_pre_release = DISABLED
Mon Oct 24 08:40:12 2011 us=468000 dhcp_release = DISABLED
Mon Oct 24 08:40:12 2011 us=468000 domain = '[UNDEF]'
Mon Oct 24 08:40:12 2011 us=468000 netbios_scope = '[UNDEF]'
Mon Oct 24 08:40:12 2011 us=468000 netbios_node_type = 0
Mon Oct 24 08:40:12 2011 us=468000 disable_nbt = DISABLED
Mon Oct 24 08:40:12 2011 us=468000 OpenVPN 2.2.1 Win32-MSVC++ [SSL] [LZO2] built on Jul 1 2011
Mon Oct 24 08:40:12 2011 us=484000 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Mon Oct 24 08:40:12 2011 us=609000 Diffie-Hellman initialized with 1024 bit key
Mon Oct 24 08:40:12 2011 us=609000 TLS-Auth MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Mon Oct 24 08:40:12 2011 us=609000 Socket Buffers: R=[8192->8192] S=[8192->8192]
Mon Oct 24 08:40:12 2011 us=609000 ROUTE default_gateway=10.4.19.3
Mon Oct 24 08:40:12 2011 us=609000 TAP-WIN32 device [Local Area Connection 2] opened: \\.\Global\{B92278AC-D2AE-491B-A030-BFB96F541690}.tap
Mon Oct 24 08:40:12 2011 us=609000 TAP-Win32 Driver Version 9.8
Mon Oct 24 08:40:12 2011 us=609000 TAP-Win32 MTU=1500
Mon Oct 24 08:40:12 2011 us=609000 Notified TAP-Win32 driver to set a DHCP IP/netmask of 10.8.0.1/255.255.255.252 on interface {B92278AC-D2AE-491B-A030-BFB96F541690} [DHCP-serv: 10.8.0.2, lease-time: 31536000]
Mon Oct 24 08:40:12 2011 us=609000 Sleeping for 10 seconds...
Mon Oct 24 08:40:22 2011 us=609000 Successful ARP Flush on interface [4] {B92278AC-D2AE-491B-A030-BFB96F541690}
Mon Oct 24 08:40:22 2011 us=609000 C:\WINDOWS\system32\route.exe ADD 10.8.0.0 MASK 255.255.255.0 10.8.0.2
Mon Oct 24 08:40:22 2011 us=640000 Route addition via IPAPI succeeded [adaptive]
Mon Oct 24 08:40:22 2011 us=640000 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Mon Oct 24 08:40:22 2011 us=656000 UDPv4 link local (bound): [undef]:1194
Mon Oct 24 08:40:22 2011 us=656000 UDPv4 link remote: [undef]
Mon Oct 24 08:40:22 2011 us=656000 MULTI: multi_init called, r=256 v=256
Mon Oct 24 08:40:22 2011 us=656000 IFCONFIG POOL: base=10.8.0.4 size=62
Mon Oct 24 08:40:22 2011 us=656000 IFCONFIG POOL LIST
Mon Oct 24 08:40:22 2011 us=656000 john,10.8.0.4
Mon Oct 24 08:40:22 2011 us=656000 andy,10.8.0.8
Mon Oct 24 08:40:22 2011 us=656000 Initialization Sequence Completed
Mon Oct 24 08:40:22 2011 us=671000 MULTI: multi_create_instance called
Mon Oct 24 08:40:22 2011 us=671000 10.4.19.160:41149 Re-using SSL/TLS context
Mon Oct 24 08:40:22 2011 us=671000 10.4.19.160:41149 LZO compression initialized
Mon Oct 24 08:40:22 2011 us=671000 10.4.19.160:41149 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Mon Oct 24 08:40:22 2011 us=671000 10.4.19.160:41149 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Mon Oct 24 08:40:22 2011 us=671000 10.4.19.160:41149 Local Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Mon Oct 24 08:40:22 2011 us=671000 10.4.19.160:41149 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Mon Oct 24 08:40:22 2011 us=671000 10.4.19.160:41149 Local Options hash (VER=V4): '530fdded'
Mon Oct 24 08:40:22 2011 us=671000 10.4.19.160:41149 Expected Remote Options hash (VER=V4): '41690919'
Mon Oct 24 08:40:22 2011 us=671000 10.4.19.160:41149 TLS: Initial packet from 10.4.19.160:41149, sid=20bdbd5b 8e03e9a9
Mon Oct 24 08:40:22 2011 us=687000 MULTI: multi_create_instance called
Mon Oct 24 08:40:22 2011 us=687000 10.4.19.160:41148 Re-using SSL/TLS context
Mon Oct 24 08:40:22 2011 us=687000 10.4.19.160:41148 LZO compression initialized
Mon Oct 24 08:40:22 2011 us=687000 10.4.19.160:41148 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Mon Oct 24 08:40:22 2011 us=687000 10.4.19.160:41148 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Mon Oct 24 08:40:22 2011 us=687000 10.4.19.160:41148 Local Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Mon Oct 24 08:40:22 2011 us=687000 10.4.19.160:41148 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Mon Oct 24 08:40:22 2011 us=687000 10.4.19.160:41148 Local Options hash (VER=V4): '530fdded'
Mon Oct 24 08:40:22 2011 us=687000 10.4.19.160:41148 Expected Remote Options hash (VER=V4): '41690919'
Mon Oct 24 08:40:22 2011 us=687000 10.4.19.160:41148 TLS: Initial packet from 10.4.19.160:41148, sid=0966ccc3 48fa392d
Mon Oct 24 08:40:22 2011 us=703000 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Mon Oct 24 08:40:22 2011 us=703000 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Mon Oct 24 08:40:22 2011 us=703000 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Mon Oct 24 08:40:22 2011 us=703000 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Mon Oct 24 08:40:24 2011 us=281000 MULTI: multi_create_instance called
Mon Oct 24 08:40:24 2011 us=281000 10.4.19.160:41150 Re-using SSL/TLS context
Mon Oct 24 08:40:24 2011 us=281000 10.4.19.160:41150 LZO compression initialized
Mon Oct 24 08:40:24 2011 us=281000 10.4.19.160:41150 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Mon Oct 24 08:40:24 2011 us=281000 10.4.19.160:41150 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Mon Oct 24 08:40:24 2011 us=281000 10.4.19.160:41150 Local Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Mon Oct 24 08:40:24 2011 us=281000 10.4.19.160:41150 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Mon Oct 24 08:40:24 2011 us=281000 10.4.19.160:41150 Local Options hash (VER=V4): '530fdded'
Mon Oct 24 08:40:24 2011 us=281000 10.4.19.160:41150 Expected Remote Options hash (VER=V4): '41690919'
Mon Oct 24 08:40:24 2011 us=281000 10.4.19.160:41150 TLS: Initial packet from 10.4.19.160:41150, sid=1c7cc800 5cc175b9
Mon Oct 24 08:40:25 2011 us=140000 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Mon Oct 24 08:40:25 2011 us=234000 10.4.19.160:41149 VERIFY OK: depth=1, /C=GB/ST=Beds/L=Dunstable/O=KAS/OU=changeme/CN=kas_test/name=changeme/emailAddress=john@kaspapersystems.com
Mon Oct 24 08:40:25 2011 us=234000 10.4.19.160:41149 VERIFY OK: depth=0, /C=GB/ST=Beds/L=Dunstable/O=KAS/OU=changeme/CN=john/name=changeme/emailAddress=john@kaspapersystems.com
Mon Oct 24 08:40:30 2011 us=156000 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Mon Oct 24 08:40:32 2011 us=156000 10.4.19.160:41149 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mon Oct 24 08:40:32 2011 us=156000 10.4.19.160:41149 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Oct 24 08:40:32 2011 us=156000 10.4.19.160:41149 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mon Oct 24 08:40:32 2011 us=156000 10.4.19.160:41149 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Oct 24 08:40:32 2011 us=156000 10.4.19.160:41149 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Mon Oct 24 08:40:32 2011 us=156000 10.4.19.160:41149 [john] Peer Connection Initiated with 10.4.19.160:41149
Mon Oct 24 08:40:32 2011 us=156000 john/10.4.19.160:41149 MULTI: Learn: 10.8.0.6 -> john/10.4.19.160:41149
Mon Oct 24 08:40:32 2011 us=156000 john/10.4.19.160:41149 MULTI: primary virtual IP for john/10.4.19.160:41149: 10.8.0.6
Mon Oct 24 08:40:32 2011 us=296000 10.4.19.160:41150 VERIFY OK: depth=1,

Tue Oct 25 14:01:26 2011 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1541', remote='link-mtu 1542'
Tue Oct 25 14:01:26 2011 WARNING: 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'

How this come? The client and server config shows both "comp-lzo" present, but here client complains about missing. Client on linux uses different config file. Please find it and resolve this two issues.

The server file was very big and I may have picked out the wrong session; I know I had mistakenly not switched on compression earlier. I will restart the server so I get a fresh log and run a known client session checking first that compression is on and send you the results.

OK, all logs were removed, comp-lz0 setting checked, server restarted and a short client session run.

Client log

Tue Oct 25 15:24:45 2011 OpenVPN 2.1_rc11 i486-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] built on Sep 18 2008
Tue Oct 25 15:24:45 2011 WARNING: file '/etc/openvpn/john.key' is group or others accessible
Tue Oct 25 15:24:45 2011 /usr/bin/openssl-vulnkey -q -b 1024 -m <modulus omitted>
Tue Oct 25 15:24:45 2011 LZO compression initialized
Tue Oct 25 15:24:45 2011 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Tue Oct 25 15:24:45 2011 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Oct 25 15:24:45 2011 Local Options hash (VER=V4): '41690919'
Tue Oct 25 15:24:45 2011 Expected Remote Options hash (VER=V4): '530fdded'
Tue Oct 25 15:24:45 2011 Socket Buffers: R=[109568->131072] S=[109568->131072]
Tue Oct 25 15:24:45 2011 UDPv4 link local: [undef]
Tue Oct 25 15:24:45 2011 UDPv4 link remote: 10.4.19.120:1194
Tue Oct 25 15:24:45 2011 TLS: Initial packet from 10.4.19.120:1194, sid=d70d7d94 590433fd
Tue Oct 25 15:24:50 2011 VERIFY OK: depth=1, /C=GB/ST=Beds/L=Dunstable/O=KAS/OU=changeme/CN=kas_test/name=changeme/emailAddress=john@kaspapersystems.com
Tue Oct 25 15:24:50 2011 VERIFY OK: nsCertType=SERVER
Tue Oct 25 15:24:50 2011 VERIFY OK: depth=0, /C=GB/ST=Beds/L=Dunstable/O=KAS/OU=changeme/CN=kas_test/name=changeme/emailAddress=john@kaspapersystems.com
Tue Oct 25 15:24:54 2011 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Tue Oct 25 15:24:54 2011 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Oct 25 15:24:54 2011 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Tue Oct 25 15:24:54 2011 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Oct 25 15:24:54 2011 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Tue Oct 25 15:24:54 2011 [kas_test] Peer Connection Initiated with 10.4.19.120:1194
Tue Oct 25 15:24:55 2011 SENT CONTROL [kas_test]: 'PUSH_REQUEST' (status=1)
Tue Oct 25 15:24:55 2011 PUSH: Received control message: 'PUSH_REPLY,route 192.168.0.0 255.255.255.0,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5'
Tue Oct 25 15:24:55 2011 OPTIONS IMPORT: timers and/or timeouts modified
Tue Oct 25 15:24:55 2011 OPTIONS IMPORT: --ifconfig/up options modified
Tue Oct 25 15:24:55 2011 OPTIONS IMPORT: route options modified
Tue Oct 25 15:24:55 2011 ROUTE default_gateway=10.4.19.3
Tue Oct 25 15:24:55 2011 TUN/TAP device tun2 opened
Tue Oct 25 15:24:55 2011 TUN/TAP TX queue length set to 100
Tue Oct 25 15:24:55 2011 /sbin/ifconfig tun2 10.8.0.6 pointopoint 10.8.0.5 mtu 1500
Tue Oct 25 15:24:55 2011 /sbin/route add -net 192.168.0.0 netmask 255.255.255.0 gw 10.8.0.5
Tue Oct 25 15:24:55 2011 /sbin/route add -net 10.8.0.1 netmask 255.255.255.255 gw 10.8.0.5
Tue Oct 25 15:24:55 2011 Initialization Sequence Completed
Tue Oct 25 15:27:45 2011 [kas_test] Inactivity timeout (--ping-restart), restarting
Tue Oct 25 15:27:45 2011 TCP/UDP: Closing socket
Tue Oct 25 15:27:45 2011 SIGUSR1[soft,ping-restart] received, process restarting
Tue Oct 25 15:27:45 2011 Restart pause, 2 second(s)
Tue Oct 25 15:27:47 2011 Re-using SSL/TLS context
Tue Oct 25 15:27:47 2011 LZO compression initialized
Tue Oct 25 15:27:47 2011 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Tue Oct 25 15:27:47 2011 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Oct 25 15:27:47 2011 Local Options hash (VER=V4): '41690919'
Tue Oct 25 15:27:47 2011 Expected Remote Options hash (VER=V4): '530fdded'
Tue Oct 25 15:27:47 2011 Socket Buffers: R=[109568->131072] S=[109568->131072]
Tue Oct 25 15:27:47 2011 UDPv4 link local: [undef]
Tue Oct 25 15:27:47 2011 UDPv4 link remote: 10.4.19.120:1194
Tue Oct 25 15:27:47 2011 TLS: Initial packet from 10.4.19.120:1194, sid=ed4405db fba267fc
Tue Oct 25 15:27:47 2011 VERIFY OK: depth=1, /C=GB/ST=Beds/L=Dunstable/O=KAS/OU=changeme/CN=kas_test/name=changeme/emailAddress=john@kaspapersystems.com
Tue Oct 25 15:27:47 2011 VERIFY OK: nsCertType=SERVER
Tue Oct 25 15:27:47 2011 VERIFY OK: depth=0, /C=GB/ST=Beds/L=Dunstable/O=KAS/OU=changeme/CN=kas_test/name=changeme/emailAddress=john@kaspapersystems.com
Tue Oct 25 15:27:51 2011 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Tue Oct 25 15:27:51 2011 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Oct 25 15:27:51 2011 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Tue Oct 25 15:27:51 2011 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Oct 25 15:27:51 2011 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Tue Oct 25 15:27:51 2011 [kas_test] Peer Connection Initiated with 10.4.19.120:1194
Tue Oct 25 15:27:52 2011 SENT CONTROL [kas_test]: 'PUSH_REQUEST' (status=1)
Tue Oct 25 15:27:52 2011 PUSH: Received control message: 'PUSH_REPLY,route 192.168.0.0 255.255.255.0,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5'
Tue Oct 25 15:27:52 2011 OPTIONS IMPORT: timers and/or timeouts modified
Tue Oct 25 15:27:52 2011 OPTIONS IMPORT: --ifconfig/up options modified
Tue Oct 25 15:27:52 2011 OPTIONS IMPORT: route options modified
Tue Oct 25 15:27:52 2011 Preserving previous TUN/TAP instance: tun2
Tue Oct 25 15:27:52 2011 Initialization Sequence Completed
Tue Oct 25 15:27:54 2011 event_wait : Interrupted system call (code=4)
Tue Oct 25 15:27:54 2011 TCP/UDP: Closing socket
Tue Oct 25 15:27:54 2011 /sbin/route del -net 10.8.0.1 netmask 255.255.255.255
Tue Oct 25 15:27:54 2011 /sbin/route del -net 192.168.0.0 netmask 255.255.255.0
Tue Oct 25 15:27:54 2011 Closing TUN/TAP interface
Tue Oct 25 15:27:54 2011 /sbin/ifconfig tun2 0.0.0.0
Tue Oct 25 15:27:54 2011 SIGINT[hard,] received, process exiting


Server log

Tue Oct 25 15:24:03 2011 us=953000 Current Parameter Settings:
Tue Oct 25 15:24:03 2011 us=953000 config = 'server.ovpn'
Tue Oct 25 15:24:03 2011 us=953000 mode = 1
Tue Oct 25 15:24:03 2011 us=953000 show_ciphers = DISABLED
Tue Oct 25 15:24:03 2011 us=953000 show_digests = DISABLED
Tue Oct 25 15:24:03 2011 us=953000 show_engines = DISABLED
Tue Oct 25 15:24:03 2011 us=953000 genkey = DISABLED
Tue Oct 25 15:24:03 2011 us=953000 key_pass_file = '[UNDEF]'
Tue Oct 25 15:24:03 2011 us=953000 show_tls_ciphers = DISABLED
Tue Oct 25 15:24:03 2011 us=953000 Connection profiles [default]:
Tue Oct 25 15:24:03 2011 us=953000 proto = udp
Tue Oct 25 15:24:03 2011 us=953000 local = '[UNDEF]'
Tue Oct 25 15:24:03 2011 us=953000 local_port = 1194
Tue Oct 25 15:24:03 2011 us=953000 remote = '[UNDEF]'
Tue Oct 25 15:24:03 2011 us=953000 remote_port = 1194
Tue Oct 25 15:24:03 2011 us=953000 remote_float = DISABLED
Tue Oct 25 15:24:03 2011 us=953000 bind_defined = DISABLED
Tue Oct 25 15:24:03 2011 us=953000 bind_local = ENABLED
Tue Oct 25 15:24:03 2011 us=953000 connect_retry_seconds = 5
Tue Oct 25 15:24:03 2011 us=953000 connect_timeout = 10
Tue Oct 25 15:24:03 2011 us=953000 connect_retry_max = 0
Tue Oct 25 15:24:03 2011 us=953000 socks_proxy_server = '[UNDEF]'
Tue Oct 25 15:24:03 2011 us=953000 socks_proxy_port = 0
Tue Oct 25 15:24:03 2011 us=953000 socks_proxy_retry = DISABLED
Tue Oct 25 15:24:03 2011 us=953000 Connection profiles END
Tue Oct 25 15:24:03 2011 us=953000 remote_random = DISABLED
Tue Oct 25 15:24:03 2011 us=953000 ipchange = '[UNDEF]'
Tue Oct 25 15:24:03 2011 us=953000 dev = 'tun'
Tue Oct 25 15:24:03 2011 us=953000 dev_type = '[UNDEF]'
Tue Oct 25 15:24:03 2011 us=953000 dev_node = 'Local Area Connection 2'
Tue Oct 25 15:24:03 2011 us=953000 lladdr = '[UNDEF]'
Tue Oct 25 15:24:03 2011 us=953000 topology = 1
Tue Oct 25 15:24:03 2011 us=953000 tun_ipv6 = DISABLED
Tue Oct 25 15:24:03 2011 us=953000 ifconfig_local = '10.8.0.1'
Tue Oct 25 15:24:03 2011 us=953000 ifconfig_remote_netmask = '10.8.0.2'
Tue Oct 25 15:24:03 2011 us=953000 ifconfig_noexec = DISABLED
Tue Oct 25 15:24:03 2011 us=953000 ifconfig_nowarn = DISABLED
Tue Oct 25 15:24:03 2011 us=953000 shaper = 0
Tue Oct 25 15:24:03 2011 us=953000 tun_mtu = 1500
Tue Oct 25 15:24:03 2011 us=953000 tun_mtu_defined = ENABLED
Tue Oct 25 15:24:03 2011 us=953000 link_mtu = 1500
Tue Oct 25 15:24:03 2011 us=953000 link_mtu_defined = DISABLED
Tue Oct 25 15:24:03 2011 us=953000 tun_mtu_extra = 0
Tue Oct 25 15:24:03 2011 us=953000 tun_mtu_extra_defined = DISABLED
Tue Oct 25 15:24:03 2011 us=953000 fragment = 0
Tue Oct 25 15:24:03 2011 us=953000 mtu_discover_type = -1
Tue Oct 25 15:24:03 2011 us=953000 mtu_test = 0
Tue Oct 25 15:24:03 2011 us=953000 mlock = DISABLED
Tue Oct 25 15:24:03 2011 us=953000 keepalive_ping = 10
Tue Oct 25 15:24:03 2011 us=953000 keepalive_timeout = 120
Tue Oct 25 15:24:03 2011 us=953000 inactivity_timeout = 0
Tue Oct 25 15:24:03 2011 us=953000 ping_send_timeout = 10
Tue Oct 25 15:24:03 2011 us=953000 ping_rec_timeout = 240
Tue Oct 25 15:24:03 2011 us=953000 ping_rec_timeout_action = 2
Tue Oct 25 15:24:03 2011 us=953000 ping_timer_remote = DISABLED
Tue Oct 25 15:24:03 2011 us=953000 remap_sigusr1 = 0
Tue Oct 25 15:24:03 2011 us=953000 explicit_exit_notification = 0
Tue Oct 25 15:24:03 2011 us=953000 persist_tun = ENABLED
Tue Oct 25 15:24:03 2011 us=953000 persist_local_ip = DISABLED
Tue Oct 25 15:24:03 2011 us=953000 persist_remote_ip = DISABLED
Tue Oct 25 15:24:03 2011 us=953000 persist_key = ENABLED
Tue Oct 25 15:24:03 2011 us=953000 mssfix = 1450
Tue Oct 25 15:24:03 2011 us=953000 resolve_retry_seconds = 1000000000
Tue Oct 25 15:24:03 2011 us=953000 username = '[UNDEF]'
Tue Oct 25 15:24:03 2011 us=953000 groupname = '[UNDEF]'
Tue Oct 25 15:24:03 2011 us=953000 chroot_dir = '[UNDEF]'
Tue Oct 25 15:24:03 2011 us=953000 cd_dir = '[UNDEF]'
Tue Oct 25 15:24:03 2011 us=953000 writepid = '[UNDEF]'
Tue Oct 25 15:24:04 2011 us=187000 up_script = '[UNDEF]'
Tue Oct 25 15:24:04 2011 us=187000 down_script = '[UNDEF]'
Tue Oct 25 15:24:04 2011 us=187000 down_pre = DISABLED
Tue Oct 25 15:24:04 2011 us=187000 up_restart = DISABLED
Tue Oct 25 15:24:04 2011 us=187000 up_delay = DISABLED
Tue Oct 25 15:24:04 2011 us=187000 daemon = DISABLED
Tue Oct 25 15:24:04 2011 us=187000 inetd = 0
Tue Oct 25 15:24:04 2011 us=187000 log = DISABLED
Tue Oct 25 15:24:04 2011 us=187000 suppress_timestamps = DISABLED
Tue Oct 25 15:24:04 2011 us=187000 nice = 0
Tue Oct 25 15:24:04 2011 us=187000 verbosity = 4
Tue Oct 25 15:24:04 2011 us=187000 mute = 0
Tue Oct 25 15:24:04 2011 us=187000 gremlin = 0
Tue Oct 25 15:24:04 2011 us=187000 status_file = 'openvpn-status.log'
Tue Oct 25 15:24:04 2011 us=187000 status_file_version = 1
Tue Oct 25 15:24:04 2011 us=187000 status_file_update_freq = 60
Tue Oct 25 15:24:04 2011 us=187000 occ = ENABLED
Tue Oct 25 15:24:04 2011 us=187000 rcvbuf = 0
Tue Oct 25 15:24:04 2011 us=203000 sndbuf = 0
Tue Oct 25 15:24:04 2011 us=203000 sockflags = 0
Tue Oct 25 15:24:04 2011 us=203000 fast_io = DISABLED
Tue Oct 25 15:24:04 2011 us=203000 lzo = 7
Tue Oct 25 15:24:04 2011 us=203000 route_script = '[UNDEF]'
Tue Oct 25 15:24:04 2011 us=203000 route_default_gateway = '[UNDEF]'
Tue Oct 25 15:24:04 2011 us=203000 route_default_metric = 0
Tue Oct 25 15:24:04 2011 us=203000 route_noexec = DISABLED
Tue Oct 25 15:24:04 2011 us=203000 route_delay = 0
Tue Oct 25 15:24:04 2011 us=203000 route_delay_window = 30
Tue Oct 25 15:24:04 2011 us=203000 route_delay_defined = DISABLED
Tue Oct 25 15:24:04 2011 us=203000 route_nopull = DISABLED
Tue Oct 25 15:24:04 2011 us=203000 route_gateway_via_dhcp = DISABLED
Tue Oct 25 15:24:04 2011 us=203000 max_routes = 100
Tue Oct 25 15:24:04 2011 us=203000 allow_pull_fqdn = DISABLED
Tue Oct 25 15:24:04 2011 us=203000 route 10.8.0.0/255.255.255.0/nil/nil
Tue Oct 25 15:24:04 2011 us=203000 management_addr = '[UNDEF]'
Tue Oct 25 15:24:04 2011 us=218000 management_port = 0
Tue Oct 25 15:24:04 2011 us=218000 management_user_pass = '[UNDEF]'
Tue Oct 25 15:24:04 2011 us=218000 management_log_history_cache = 250
Tue Oct 25 15:24:04 2011 us=218000 management_echo_buffer_size = 100
Tue Oct 25 15:24:04 2011 us=218000 management_write_peer_info_file = '[UNDEF]'
Tue Oct 25 15:24:04 2011 us=218000 management_client_user = '[UNDEF]'
Tue Oct 25 15:24:04 2011 us=218000 management_client_group = '[UNDEF]'
Tue Oct 25 15:24:04 2011 us=218000 management_flags = 0
Tue Oct 25 15:24:04 2011 us=218000 shared_secret_file = '[UNDEF]'
Tue Oct 25 15:24:04 2011 us=218000 key_direction = 0
Tue Oct 25 15:24:04 2011 us=218000 ciphername_defined = ENABLED
Tue Oct 25 15:24:04 2011 us=218000 ciphername = 'BF-CBC'
Tue Oct 25 15:24:04 2011 us=218000 authname_defined = ENABLED
Tue Oct 25 15:24:04 2011 us=218000 authname = 'SHA1'
Tue Oct 25 15:24:04 2011 us=234000 prng_hash = 'SHA1'
Tue Oct 25 15:24:04 2011 us=234000 prng_nonce_secret_len = 16
Tue Oct 25 15:24:04 2011 us=234000 keysize = 0
Tue Oct 25 15:24:04 2011 us=234000 engine = DISABLED
Tue Oct 25 15:24:04 2011 us=234000 replay = ENABLED
Tue Oct 25 15:24:04 2011 us=234000 mute_replay_warnings = DISABLED
Tue Oct 25 15:24:04 2011 us=234000 replay_window = 64
Tue Oct 25 15:24:04 2011 us=234000 replay_time = 15
Tue Oct 25 15:24:04 2011 us=234000 packet_id_file = '[UNDEF]'
Tue Oct 25 15:24:04 2011 us=234000 use_iv = ENABLED
Tue Oct 25 15:24:04 2011 us=234000 test_crypto = DISABLED
Tue Oct 25 15:24:04 2011 us=234000 tls_server = ENABLED
Tue Oct 25 15:24:04 2011 us=234000 tls_client = DISABLED
Tue Oct 25 15:24:04 2011 us=234000 key_method = 2
Tue Oct 25 15:24:04 2011 us=234000 ca_file = 'c:\Program Files\OpenVPN\easy-rsa\keys\ca.crt'
Tue Oct 25 15:24:04 2011 us=234000 ca_path = '[UNDEF]'
Tue Oct 25 15:24:04 2011 us=234000 dh_file = 'c:\Program Files\OpenVPN\easy-rsa\keys\dh1024.pem'
Tue Oct 25 15:24:04 2011 us=250000 cert_file = 'c:\Program Files\OpenVPN\easy-rsa\keys\kas_test.crt'
Tue Oct 25 15:24:04 2011 us=250000 priv_key_file = 'c:\Program Files\OpenVPN\easy-rsa\keys\kas_test.key'
Tue Oct 25 15:24:04 2011 us=250000 pkcs12_file = '[UNDEF]'
Tue Oct 25 15:24:04 2011 us=250000 cryptoapi_cert = '[UNDEF]'
Tue Oct 25 15:24:04 2011 us=250000 cipher_list = '[UNDEF]'
Tue Oct 25 15:24:04 2011 us=250000 tls_verify = '[UNDEF]'
Tue Oct 25 15:24:04 2011 us=250000 tls_export_cert = '[UNDEF]'
Tue Oct 25 15:24:04 2011 us=250000 tls_remote = '[UNDEF]'
Tue Oct 25 15:24:04 2011 us=250000 crl_file = '[UNDEF]'
Tue Oct 25 15:24:04 2011 us=250000 ns_cert_type = 0
Tue Oct 25 15:24:04 2011 us=250000 remote_cert_ku = 0
Tue Oct 25 15:24:04 2011 us=250000 remote_cert_ku = 0
Tue Oct 25 15:24:04 2011 us=250000 remote_cert_ku = 0
Tue Oct 25 15:24:04 2011 us=250000 remote_cert_ku = 0
Tue Oct 25 15:24:04 2011 us=250000 remote_cert_ku = 0
Tue Oct 25 15:24:04 2011 us=250000 remote_cert_ku = 0
Tue Oct 25 15:24:04 2011 us=250000 remote_cert_ku = 0
Tue Oct 25 15:24:04 2011 us=250000 remote_cert_ku = 0
Tue Oct 25 15:24:04 2011 us=250000 remote_cert_ku = 0
Tue Oct 25 15:24:04 2011 us=250000 remote_cert_ku = 0
Tue Oct 25 15:24:04 2011 us=250000 remote_cert_ku[i] = 0
Tue Oct 25 15:24:04 2011 us=250000 remote_cert_ku[i] = 0
Tue Oct 25 15:24:04 2011 us=250000 remote_cert_ku[i] = 0
Tue Oct 25 15:24:04 2011 us=250000 remote_cert_ku[i] = 0
Tue Oct 25 15:24:04 2011 us=250000 remote_cert_ku[i] = 0
Tue Oct 25 15:24:04 2011 us=250000 remote_cert_ku[i] = 0
Tue Oct 25 15:24:04 2011 us=250000 remote_cert_eku = '[UNDEF]'
Tue Oct 25 15:24:04 2011 us=250000 tls_timeout = 2
Tue Oct 25 15:24:04 2011 us=250000 renegotiate_bytes = 0
Tue Oct 25 15:24:04 2011 us=250000 renegotiate_packets = 0
Tue Oct 25 15:24:04 2011 us=265000 renegotiate_seconds = 3600
Tue Oct 25 15:24:04 2011 us=265000 handshake_window = 60
Tue Oct 25 15:24:04 2011 us=265000 transition_window = 3600
Tue Oct 25 15:24:04 2011 us=265000 single_session = DISABLED
Tue Oct 25 15:24:04 2011 us=265000 push_peer_info = DISABLED
Tue Oct 25 15:24:04 2011 us=265000 tls_exit = DISABLED
Tue Oct 25 15:24:04 2011 us=265000 tls_auth_file = '[UNDEF]'
Tue Oct 25 15:24:04 2011 us=265000 server_network = 10.8.0.0
Tue Oct 25 15:24:04 2011 us=265000 server_netmask = 255.255.255.0
Tue Oct 25 15:24:04 2011 us=265000 server_bridge_ip = 0.0.0.0
Tue Oct 25 15:24:04 2011 us=265000 server_bridge_netmask = 0.0.0.0
Tue Oct 25 15:24:04 2011 us=265000 server_bridge_pool_start = 0.0.0.0
Tue Oct 25 15:24:04 2011 us=265000 server_bridge_pool_end = 0.0.0.0
Tue Oct 25 15:24:04 2011 us=265000 push_entry = 'route 192.168.0.0 255.255.255.0'
Tue Oct 25 15:24:04 2011 us=265000 push_entry = 'route 10.8.0.1'
Tue Oct 25 15:24:04 2011 us=281000 push_entry = 'topology net30'
Tue Oct 25 15:24:04 2011 us=281000 push_entry = 'ping 10'
Tue Oct 25 15:24:04 2011 us=281000 push_entry = 'ping-restart 120'
Tue Oct 25 15:24:04 2011 us=281000 ifconfig_pool_defined = ENABLED
Tue Oct 25 15:24:04 2011 us=281000 ifconfig_pool_start = 10.8.0.4
Tue Oct 25 15:24:04 2011 us=281000 ifconfig_pool_end = 10.8.0.251
Tue Oct 25 15:24:04 2011 us=281000 ifconfig_pool_netmask = 0.0.0.0
Tue Oct 25 15:24:04 2011 us=281000 ifconfig_pool_persist_filename = 'ipp.txt'
Tue Oct 25 15:24:04 2011 us=281000 ifconfig_pool_persist_refresh_freq = 600
Tue Oct 25 15:24:04 2011 us=281000 n_bcast_buf = 256
Tue Oct 25 15:24:04 2011 us=281000 tcp_queue_limit = 64
Tue Oct 25 15:24:04 2011 us=281000 real_hash_size = 256
Tue Oct 25 15:24:04 2011 us=281000 virtual_hash_size = 256
Tue Oct 25 15:24:04 2011 us=281000 client_connect_script = '[UNDEF]'
Tue Oct 25 15:24:04 2011 us=281000 learn_address_script = '[UNDEF]'
Tue Oct 25 15:24:04 2011 us=281000 client_disconnect_script = '[UNDEF]'
Tue Oct 25 15:24:04 2011 us=296000 client_config_dir = '[UNDEF]'
Tue Oct 25 15:24:04 2011 us=296000 ccd_exclusive = DISABLED
Tue Oct 25 15:24:04 2011 us=296000 tmp_dir = 'C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\'
Tue Oct 25 15:24:04 2011 us=296000 push_ifconfig_defined = DISABLED
Tue Oct 25 15:24:04 2011 us=296000 push_ifconfig_local = 0.0.0.0
Tue Oct 25 15:24:04 2011 us=296000 push_ifconfig_remote_netmask = 0.0.0.0
Tue Oct 25 15:24:04 2011 us=296000 enable_c2c = DISABLED
Tue Oct 25 15:24:04 2011 us=296000 duplicate_cn = DISABLED
Tue Oct 25 15:24:04 2011 us=296000 cf_max = 0
Tue Oct 25 15:24:04 2011 us=296000 cf_per = 0
Tue Oct 25 15:24:04 2011 us=296000 max_clients = 1024
Tue Oct 25 15:24:04 2011 us=296000 max_routes_per_client = 256
Tue Oct 25 15:24:04 2011 us=296000 auth_user_pass_verify_script = '[UNDEF]'
Tue Oct 25 15:24:04 2011 us=296000 auth_user_pass_verify_script_via_file = DISABLED
Tue Oct 25 15:24:04 2011 us=312000 ssl_flags = 0
Tue Oct 25 15:24:04 2011 us=312000 client = DISABLED
Tue Oct 25 15:24:04 2011 us=312000 pull = DISABLED
Tue Oct 25 15:24:04 2011 us=312000 auth_user_pass_file = '[UNDEF]'
Tue Oct 25 15:24:04 2011 us=312000 show_net_up = DISABLED
Tue Oct 25 15:24:04 2011 us=312000 route_method = 0
Tue Oct 25 15:24:04 2011 us=312000 ip_win32_defined = DISABLED
Tue Oct 25 15:24:04 2011 us=312000 ip_win32_type = 3
Tue Oct 25 15:24:04 2011 us=312000 dhcp_masq_offset = 0
Tue Oct 25 15:24:04 2011 us=312000 dhcp_lease_time = 31536000
Tue Oct 25 15:24:04 2011 us=312000 tap_sleep = 10
Tue Oct 25 15:24:04 2011 us=312000 dhcp_options = DISABLED
Tue Oct 25 15:24:04 2011 us=312000 dhcp_renew = DISABLED
Tue Oct 25 15:24:04 2011 us=312000 dhcp_pre_release = DISABLED
Tue Oct 25 15:24:04 2011 us=312000 dhcp_release = DISABLED
Tue Oct 25 15:24:04 2011 us=312000 domain = '[UNDEF]'
Tue Oct 25 15:24:04 2011 us=328000 netbios_scope = '[UNDEF]'
Tue Oct 25 15:24:04 2011 us=328000 netbios_node_type = 0
Tue Oct 25 15:24:04 2011 us=328000 disable_nbt = DISABLED
Tue Oct 25 15:24:04 2011 us=328000 OpenVPN 2.2.1 Win32-MSVC++ [SSL] [LZO2] built on Jul 1 2011
Tue Oct 25 15:24:04 2011 us=328000 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Tue Oct 25 15:24:04 2011 us=453000 Diffie-Hellman initialized with 1024 bit key
Tue Oct 25 15:24:04 2011 us=453000 TLS-Auth MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Tue Oct 25 15:24:04 2011 us=453000 Socket Buffers: R=[8192->8192] S=[8192->8192]
Tue Oct 25 15:24:04 2011 us=453000 ROUTE default_gateway=10.4.19.3
Tue Oct 25 15:24:04 2011 us=453000 TAP-WIN32 device [Local Area Connection 2] opened: \\.\Global\{B92278AC-D2AE-491B-A030-BFB96F541690}.tap
Tue Oct 25 15:24:04 2011 us=453000 TAP-Win32 Driver Version 9.8
Tue Oct 25 15:24:04 2011 us=453000 TAP-Win32 MTU=1500
Tue Oct 25 15:24:04 2011 us=453000 Notified TAP-Win32 driver to set a DHCP IP/netmask of 10.8.0.1/255.255.255.252 on interface {B92278AC-D2AE-491B-A030-BFB96F541690} [DHCP-serv: 10.8.0.2, lease-time: 31536000]
Tue Oct 25 15:24:04 2011 us=453000 Sleeping for 10 seconds...
Tue Oct 25 15:24:14 2011 us=453000 Successful ARP Flush on interface [4] {B92278AC-D2AE-491B-A030-BFB96F541690}
Tue Oct 25 15:24:14 2011 us=453000 C:\WINDOWS\system32\route.exe ADD 10.8.0.0 MASK 255.255.255.0 10.8.0.2
Tue Oct 25 15:24:14 2011 us=453000 Route addition via IPAPI succeeded [adaptive]
Tue Oct 25 15:24:14 2011 us=453000 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Oct 25 15:24:14 2011 us=453000 UDPv4 link local (bound): [undef]:1194
Tue Oct 25 15:24:14 2011 us=453000 UDPv4 link remote: [undef]
Tue Oct 25 15:24:14 2011 us=453000 MULTI: multi_init called, r=256 v=256
Tue Oct 25 15:24:14 2011 us=453000 IFCONFIG POOL: base=10.8.0.4 size=62
Tue Oct 25 15:24:14 2011 us=453000 IFCONFIG POOL LIST
Tue Oct 25 15:24:14 2011 us=453000 john,10.8.0.4
Tue Oct 25 15:24:14 2011 us=453000 andy,10.8.0.8
Tue Oct 25 15:24:14 2011 us=453000 Initialization Sequence Completed
Tue Oct 25 15:24:14 2011 us=453000 MULTI: multi_create_instance called
Tue Oct 25 15:24:14 2011 us=453000 10.4.19.160:43188 Re-using SSL/TLS context
Tue Oct 25 15:24:14 2011 us=453000 10.4.19.160:43188 LZO compression initialized
Tue Oct 25 15:24:14 2011 us=453000 10.4.19.160:43188 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Tue Oct 25 15:24:14 2011 us=453000 10.4.19.160:43188 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Oct 25 15:24:14 2011 us=453000 10.4.19.160:43188 Local Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Tue Oct 25 15:24:14 2011 us=453000 10.4.19.160:43188 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Tue Oct 25 15:24:14 2011 us=453000 10.4.19.160:43188 Local Options hash (VER=V4): '530fdded'
Tue Oct 25 15:24:14 2011 us=453000 10.4.19.160:43188 Expected Remote Options hash (VER=V4): '41690919'
Tue Oct 25 15:24:14 2011 us=453000 10.4.19.160:43188 TLS: Initial packet from 10.4.19.160:43188, sid=a4973947 ba6e50c6
Tue Oct 25 15:24:19 2011 us=109000 10.4.19.160:43188 VERIFY OK: depth=1, /C=GB/ST=Beds/L=Dunstable/O=KAS/OU=changeme/CN=kas_test/name=changeme/emailAddress=john@kaspapersystems.com
Tue Oct 25 15:24:19 2011 us=109000 10.4.19.160:43188 VERIFY OK: depth=0, /C=GB/ST=Beds/L=Dunstable/O=KAS/OU=changeme/CN=john/name=changeme/emailAddress=john@kaspapersystems.com
Tue Oct 25 15:24:19 2011 us=109000 10.4.19.160:43188 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Tue Oct 25 15:24:19 2011 us=109000 10.4.19.160:43188 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Oct 25 15:24:19 2011 us=109000 10.4.19.160:43188 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Tue Oct 25 15:24:19 2011 us=109000 10.4.19.160:43188 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Oct 25 15:24:19 2011 us=109000 10.4.19.160:43188 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Tue Oct 25 15:24:19 2011 us=109000 10.4.19.160:43188 [john] Peer Connection Initiated with 10.4.19.160:43188
Tue Oct 25 15:24:19 2011 us=109000 john/10.4.19.160:43188 MULTI: Learn: 10.8.0.6 -> john/10.4.19.160:43188
Tue Oct 25 15:24:19 2011 us=109000 john/10.4.19.160:43188 MULTI: primary virtual IP for john/10.4.19.160:43188: 10.8.0.6
Tue Oct 25 15:24:20 2011 us=265000 john/10.4.19.160:43188 PUSH: Received control message: 'PUSH_REQUEST'
Tue Oct 25 15:24:20 2011 us=265000 john/10.4.19.160:43188 SENT CONTROL [john]: 'PUSH_REPLY,route 192.168.0.0 255.255.255.0,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' (status=1)
Tue Oct 25 15:24:45 2011 us=375000 MULTI: multi_create_instance called
Tue Oct 25 15:24:45 2011 us=375000 10.4.19.160:43190 Re-using SSL/TLS context
Tue Oct 25 15:24:45 2011 us=375000 10.4.19.160:43190 LZO compression initialized
Tue Oct 25 15:24:45 2011 us=375000 10.4.19.160:43190 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Tue Oct 25 15:24:45 2011 us=375000 10.4.19.160:43190 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Oct 25 15:24:45 2011 us=375000 10.4.19.160:43190 Local Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Tue Oct 25 15:24:45 2011 us=375000 10.4.19.160:43190 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Tue Oct 25 15:24:45 2011 us=375000 10.4.19.160:43190 Local Options hash (VER=V4): '530fdded'
Tue Oct 25 15:24:45 2011 us=375000 10.4.19.160:43190 Expected Remote Options hash (VER=V4): '41690919'
Tue Oct 25 15:24:45 2011 us=375000 10.4.19.160:43190 TLS: Initial packet from 10.4.19.160:43190, sid=41ce567b 86023a0d
Tue Oct 25 15:24:46 2011 us=468000 MULTI: multi_create_instance called
Tue Oct 25 15:24:46 2011 us=468000 10.4.19.160:43191 Re-using SSL/TLS context
Tue Oct 25 15:24:46 2011 us=468000 10.4.19.160:43191 LZO compression initialized
Tue Oct 25 15:24:46 2011 us=468000 10.4.19.160:43191 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Tue Oct 25 15:24:46 2011 us=468000 10.4.19.160:43191 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Oct 25 15:24:46 2011 us=468000 10.4.19.160:43191 Local Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Tue Oct 25 15:24:46 2011 us=468000 10.4.19.160:43191 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Tue Oct 25 15:24:46 2011 us=468000 10.4.19.160:43191 Local Options hash (VER=V4): '530fdded'
Tue Oct 25 15:24:46 2011 us=468000 10.4.19.160:43191 Expected Remote Options hash (VER=V4): '41690919'
Tue Oct 25 15:24:46 2011 us=468000 10.4.19.160:43191 TLS: Initial packet from 10.4.19.160:43191, sid=926e4c47 7749223c
Tue Oct 25 15:24:50 2011 us=203000 10.4.19.160:43191 VERIFY OK: depth=1, /C=GB/ST=Beds/L=Dunstable/O=KAS/OU=changeme/CN=kas_test/name=changeme/emailAddress=john@kaspapersystems.com
Tue Oct 25 15:24:50 2011 us=203000 10.4.19.160:43191 VERIFY OK: depth=0, /C=GB/ST=Beds/L=Dunstable/O=KAS/OU=changeme/CN=john/name=changeme/emailAddress=john@kaspapersystems.com
Tue Oct 25 15:24:50 2011 us=203000 10.4.19.160:43191 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Tue Oct 25 15:24:50 2011 us=203000 10.4.19.160:43191 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Oct 25 15:24:50 2011 us=203000 10.4.19.160:43191 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Tue Oct 25 15:24:50 2011 us=203000 10.4.19.160:43191 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Oct 25 15:24:50 2011 us=203000 10.4.19.160:43191 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Tue Oct 25 15:24:50 2011 us=203000 10.4.19.160:43191 [john] Peer Connection Initiated with 10.4.19.160:43191
Tue Oct 25 15:24:50 2011 us=203000 MULTI: new connection by client 'john' will cause previous active sessions by this client to be dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
Tue Oct 25 15:24:50 2011 us=203000 MULTI: Learn: 10.8.0.6 -> john/10.4.19.160:43191
Tue Oct 25 15:24:50 2011 us=203000 MULTI: primary virtual IP for john/10.4.19.160:43191: 10.8.0.6
Tue Oct 25 15:24:51 2011 us=437000 john/10.4.19.160:43191 PUSH: Received control message: 'PUSH_REQUEST'
Tue Oct 25 15:24:51 2011 us=437000 john/10.4.19.160:43191 SENT CONTROL [john]: 'PUSH_REPLY,route 192.168.0.0 255.255.255.0,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' (status=1)
Tue Oct 25 15:24:54 2011 us=734000 10.4.19.160:43190 VERIFY OK: depth=1, /C=GB/ST=Beds/L=Dunstable/O=KAS/OU=changeme/CN=kas_test/name=changeme/emailAddress=john@kaspapersystems.com
Tue Oct 25 15:24:54 2011 us=734000 10.4.19.160:43190 VERIFY OK: depth=0, /C=GB/ST=Beds/L=Dunstable/O=KAS/OU=changeme/CN=john/name=changeme/emailAddress=john@kaspapersystems.com
Tue Oct 25 15:24:54 2011 us=750000 10.4.19.160:43190 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Tue Oct 25 15:24:54 2011 us=750000 10.4.19.160:43190 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Oct 25 15:24:54 2011 us=750000 10.4.19.160:43190 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Tue Oct 25 15:24:54 2011 us=750000 10.4.19.160:43190 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Oct 25 15:24:54 2011 us=750000 10.4.19.160:43190 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Tue Oct 25 15:24:54 2011 us=750000 10.4.19.160:43190 [john] Peer Connection Initiated with 10.4.19.160:43190
Tue Oct 25 15:24:54 2011 us=750000 MULTI: new connection by client 'john' will cause previous active sessions by this client to be dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
Tue Oct 25 15:24:54 2011 us=750000 MULTI: Learn: 10.8.0.6 -> john/10.4.19.160:43190
Tue Oct 25 15:24:54 2011 us=750000 MULTI: primary virtual IP for john/10.4.19.160:43190: 10.8.0.6
Tue Oct 25 15:24:55 2011 us=828000 john/10.4.19.160:43190 PUSH: Received control message: 'PUSH_REQUEST'
Tue Oct 25 15:24:55 2011 us=828000 john/10.4.19.160:43190 SENT CONTROL [john]: 'PUSH_REPLY,route 192.168.0.0 255.255.255.0,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' (status=1)
Tue Oct 25 15:25:42 2011 us=203000 MULTI: multi_create_instance called
Tue Oct 25 15:25:42 2011 us=203000 10.4.19.122:41542 Re-using SSL/TLS context
Tue Oct 25 15:25:42 2011 us=203000 10.4.19.122:41542 LZO compression initialized
Tue Oct 25 15:25:42 2011 us=203000 10.4.19.122:41542 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Tue Oct 25 15:25:42 2011 us=203000 10.4.19.122:41542 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Oct 25 15:25:42 2011 us=203000 10.4.19.122:41542 Local Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Tue Oct 25 15:25:42 2011 us=203000 10.4.19.122:41542 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Tue Oct 25 15:25:42 2011 us=203000 10.4.19.122:41542 Local Options hash (VER=V4): '530fdded'
Tue Oct 25 15:25:42 2011 us=203000 10.4.19.122:41542 Expected Remote Options hash (VER=V4): '41690919'
Tue Oct 25 15:25:42 2011 us=203000 10.4.19.122:41542 TLS: Initial packet from 10.4.19.122:41542, sid=e0f79f93 6b2e447c
Tue Oct 25 15:25:46 2011 us=31000 10.4.19.122:41542 VERIFY OK: depth=1, /C=GB/ST=Beds/L=Dunstable/O=KAS/OU=changeme/CN=kas_test/name=changeme/emailAddress=john@kaspapersystems.com
Tue Oct 25 15:25:46 2011 us=31000 10.4.19.122:41542 VERIFY OK: depth=0, /C=GB/ST=Beds/L=Dunstable/O=KAS/OU=changeme/CN=john/name=changeme/emailAddress=john@kaspapersystems.com
Tue Oct 25 15:25:46 2011 us=31000 10.4.19.122:41542 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Tue Oct 25 15:25:46 2011 us=31000 10.4.19.122:41542 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Oct 25 15:25:46 2011 us=31000 10.4.19.122:41542 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Tue Oct 25 15:25:46 2011 us=31000 10.4.19.122:41542 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Oct 25 15:25:46 2011 us=46000 10.4.19.122:41542 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Tue Oct 25 15:25:46 2011 us=46000 10.4.19.122:41542 [john] Peer Connection Initiated with 10.4.19.122:41542
Tue Oct 25 15:25:46 2011 us=46000 MULTI: new connection by client 'john' will cause previous active sessions by this client to be dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
Tue Oct 25 15:25:46 2011 us=46000 MULTI: Learn: 10.8.0.6 -> john/10.4.19.122:41542
Tue Oct 25 15:25:46 2011 us=46000 MULTI: primary virtual IP for john/10.4.19.122:41542: 10.8.0.6
Tue Oct 25 15:25:47 2011 us=296000 john/10.4.19.122:41542 PUSH: Received control message: 'PUSH_REQUEST'
Tue Oct 25 15:25:47 2011 us=296000 john/10.4.19.122:41542 SENT CONTROL [john]: 'PUSH_REPLY,route 192.168.0.0 255.255.255.0,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' (status=1)
Tue Oct 25 15:26:42 2011 us=937000 MULTI: multi_create_instance called
Tue Oct 25 15:26:42 2011 us=937000 10.4.19.160:43192 Re-using SSL/TLS context
Tue Oct 25 15:26:42 2011 us=937000 10.4.19.160:43192 LZO compression initialized
Tue Oct 25 15:26:42 2011 us=937000 10.4.19.160:43192 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Tue Oct 25 15:26:42 2011 us=937000 10.4.19.160:43192 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Oct 25 15:26:42 2011 us=937000 10.4.19.160:43192 Local Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Tue Oct 25 15:26:42 2011 us=937000 10.4.19.160:43192 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Tue Oct 25 15:26:42 2011 us=937000 10.4.19.160:43192 Local Options hash (VER=V4): '530fdded'
Tue Oct 25 15:26:42 2011 us=937000 10.4.19.160:43192 Expected Remote Options hash (VER=V4): '41690919'
Tue Oct 25 15:26:42 2011 us=937000 10.4.19.160:43192 TLS: Initial packet from 10.4.19.160:43192, sid=d77b48bf 7d2e9c6b
Tue Oct 25 15:26:46 2011 us=546000 10.4.19.160:43192 VERIFY OK: depth=1, /C=GB/ST=Beds/L=Dunstable/O=KAS/OU=changeme/CN=kas_test/name=changeme/emailAddress=john@kaspapersystems.com
Tue Oct 25 15:26:46 2011 us=546000 10.4.19.160:43192 VERIFY OK: depth=0, /C=GB/ST=Beds/L=Dunstable/O=KAS/OU=changeme/CN=john/name=changeme/emailAddress=john@kaspapersystems.com
Tue Oct 25 15:26:46 2011 us=562000 10.4.19.160:43192 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Tue Oct 25 15:26:46 2011 us=562000 10.4.19.160:43192 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Oct 25 15:26:46 2011 us=562000 10.4.19.160:43192 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Tue Oct 25 15:26:46 2011 us=562000 10.4.19.160:43192 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Oct 25 15:26:46 2011 us=562000 10.4.19.160:43192 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Tue Oct 25 15:26:46 2011 us=562000 10.4.19.160:43192 [john] Peer Connection Initiated with 10.4.19.160:43192
Tue Oct 25 15:26:46 2011 us=562000 MULTI: new connection by client 'john' will cause previous active sessions by this client to be dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
Tue Oct 25 15:26:46 2011 us=562000 MULTI: Learn: 10.8.0.6 -> john/10.4.19.160:43192
Tue Oct 25 15:26:46 2011 us=562000 MULTI: primary virtual IP for john/10.4.19.160:43192: 10.8.0.6
Tue Oct 25 15:26:47 2011 us=750000 john/10.4.19.160:43192 PUSH: Received control message: 'PUSH_REQUEST'
Tue Oct 25 15:26:47 2011 us=750000 john/10.4.19.160:43192 SENT CONTROL [john]: 'PUSH_REPLY,route 192.168.0.0 255.255.255.0,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' (status=1)
Tue Oct 25 15:26:53 2011 us=453000 MULTI: multi_create_instance called
Tue Oct 25 15:26:53 2011 us=453000 10.4.19.160:43193 Re-using SSL/TLS context
Tue Oct 25 15:26:53 2011 us=453000 10.4.19.160:43193 LZO compression initialized
Tue Oct 25 15:26:53 2011 us=453000 10.4.19.160:43193 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Tue Oct 25 15:26:53 2011 us=453000 10.4.19.160:43193 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Oct 25 15:26:53 2011 us=453000 10.4.19.160:43193 Local Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Tue Oct 25 15:26:53 2011 us=453000 10.4.19.160:43193 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Tue Oct 25 15:26:53 2011 us=453000 10.4.19.160:43193 Local Options hash (VER=V4): '530fdded'
Tue Oct 25 15:26:53 2011 us=453000 10.4.19.160:43193 Expected Remote Options hash (VER=V4): '41690919'
Tue Oct 25 15:26:53 2011 us=453000 10.4.19.160:43193 TLS: Initial packet from 10.4.19.160:43193, sid=a1005579 53bcf8d8
Tue Oct 25 15:26:55 2011 us=703000 10.4.19.160:43193 VERIFY OK: depth=1, /C=GB/ST=Beds/L=Dunstable/O=KAS/OU=changeme/CN=kas_test/name=changeme/emailAddress=john@kaspapersystems.com
Tue Oct 25 15:26:55 2011 us=703000 10.4.19.160:43193 VERIFY OK: depth=0, /C=GB/ST=Beds/L=Dunstable/O=KAS/OU=changeme/CN=john/name=changeme/emailAddress=john@kaspapersystems.com
Tue Oct 25 15:26:55 2011 us=718000 10.4.19.160:43193 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Tue Oct 25 15:26:55 2011 us=718000 10.4.19.160:43193 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Oct 25 15:26:55 2011 us=718000 10.4.19.160:43193 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Tue Oct 25 15:26:55 2011 us=718000 10.4.19.160:43193 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Oct 25 15:26:55 2011 us=718000 10.4.19.160:43193 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Tue Oct 25 15:26:55 2011 us=718000 10.4.19.160:43193 [john] Peer Connection Initiated with 10.4.19.160:43193
Tue Oct 25 15:26:55 2011 us=718000 MULTI: new connection by client 'john' will cause previous active sessions by this client to be dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
Tue Oct 25 15:26:55 2011 us=718000 MULTI: Learn: 10.8.0.6 -> john/10.4.19.160:43193
Tue Oct 25 15:26:55 2011 us=718000 MULTI: primary virtual IP for john/10.4.19.160:43193: 10.8.0.6
Tue Oct 25 15:26:56 2011 us=828000 john/10.4.19.160:43193 PUSH: Received control message: 'PUSH_REQUEST'
Tue Oct 25 15:26:56 2011 us=828000 john/10.4.19.160:43193 SENT CONTROL [john]: 'PUSH_REPLY,route 192.168.0.0 255.255.255.0,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' (status=1)
Tue Oct 25 15:27:47 2011 us=734000 MULTI: multi_create_instance called
Tue Oct 25 15:27:47 2011 us=734000 10.4.19.160:43194 Re-using SSL/TLS context
Tue Oct 25 15:27:47 2011 us=734000 10.4.19.160:43194 LZO compression initialized
Tue Oct 25 15:27:47 2011 us=734000 10.4.19.160:43194 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Tue Oct 25 15:27:47 2011 us=734000 10.4.19.160:43194 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Oct 25 15:27:47 2011 us=734000 10.4.19.160:43194 Local Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Tue Oct 25 15:27:47 2011 us=734000 10.4.19.160:43194 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Tue Oct 25 15:27:47 2011 us=734000 10.4.19.160:43194 Local Options hash (VER=V4): '530fdded'
Tue Oct 25 15:27:47 2011 us=734000 10.4.19.160:43194 Expected Remote Options hash (VER=V4): '41690919'
Tue Oct 25 15:27:47 2011 us=734000 10.4.19.160:43194 TLS: Initial packet from 10.4.19.160:43194, sid=e5a05ed2 51c15e8e
Tue Oct 25 15:27:51 2011 us=46000 10.4.19.160:43194 VERIFY OK: depth=1, /C=GB/ST=Beds/L=Dunstable/O=KAS/OU=changeme/CN=kas_test/name=changeme/emailAddress=john@kaspapersystems.com
Tue Oct 25 15:27:51 2011 us=46000 10.4.19.160:43194 VERIFY OK: depth=0, /C=GB/ST=Beds/L=Dunstable/O=KAS/OU=changeme/CN=john/name=changeme/emailAddress=john@kaspapersystems.com
Tue Oct 25 15:27:51 2011 us=46000 10.4.19.160:43194 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Tue Oct 25 15:27:51 2011 us=46000 10.4.19.160:43194 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Oct 25 15:27:51 2011 us=46000 10.4.19.160:43194 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Tue Oct 25 15:27:51 2011 us=46000 10.4.19.160:43194 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Oct 25 15:27:51 2011 us=62000 10.4.19.160:43194 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Tue Oct 25 15:27:51 2011 us=62000 10.4.19.160:43194 [john] Peer Connection Initiated with 10.4.19.160:43194
Tue Oct 25 15:27:51 2011 us=62000 MULTI: new connection by client 'john' will cause previous active sessions by this client to be dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
Tue Oct 25 15:27:51 2011 us=62000 MULTI: Learn: 10.8.0.6 -> john/10.4.19.160:43194
Tue Oct 25 15:27:51 2011 us=62000 MULTI: primary virtual IP for john/10.4.19.160:43194: 10.8.0.6
Tue Oct 25 15:27:52 2011 us=156000 john/10.4.19.160:43194 PUSH: Received control message: 'PUSH_REQUEST'
Tue Oct 25 15:27:52 2011 us=156000 john/10.4.19.160:43194 SENT CONTROL [john]: 'PUSH_REPLY,route 192.168.0.0 255.255.255.0,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' (status=1)
Tue Oct 25 15:28:02 2011 us=375000 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Tue Oct 25 15:28:12 2011 us=812000 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Tue Oct 25 15:28:23 2011 us=31000 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Tue Oct 25 15:28:33 2011 us=187000 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Tue Oct 25 15:28:39 2011 us=250000 MULTI: multi_create_instance called
Tue Oct 25 15:28:39 2011 us=250000 10.4.19.122:41849 Re-using SSL/TLS context
Tue Oct 25 15:28:39 2011 us=250000 10.4.19.122:41849 LZO compression initialized
Tue Oct 25 15:28:39 2011 us=250000 10.4.19.122:41849 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Tue Oct 25 15:28:39 2011 us=250000 10.4.19.122:41849 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Oct 25 15:28:39 2011 us=250000 10.4.19.122:41849 Local Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Tue Oct 25 15:28:39 2011 us=250000 10.4.19.122:41849 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Tue Oct 25 15:28:39 2011 us=250000 10.4.19.122:41849 Local Options hash (VER=V4): '530fdded'
Tue Oct 25 15:28:39 2011 us=250000 10.4.19.122:41849 Expected Remote Options hash (VER=V4): '41690919'
Tue Oct 25 15:28:39 2011 us=250000 10.4.19.122:41849 TLS: Initial packet from 10.4.19.122:41849, sid=7733fb75 39f87cae
Tue Oct 25 15:28:39 2011 us=312000 10.4.19.122:41849 VERIFY OK: depth=1, /C=GB/ST=Beds/L=Dunstable/O=KAS/OU=changeme/CN=kas_test/name=changeme/emailAddress=john@kaspapersystems.com
Tue Oct 25 15:28:39 2011 us=312000 10.4.19.122:41849 VERIFY OK: depth=0, /C=GB/ST=Beds/L=Dunstable/O=KAS/OU=changeme/CN=john/name=changeme/emailAddress=john@kaspapersystems.com
Tue Oct 25 15:28:39 2011 us=312000 10.4.19.122:41849 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Tue Oct 25 15:28:39 2011 us=312000 10.4.19.122:41849 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Oct 25 15:28:39 2011 us=312000 10.4.19.122:41849 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Tue Oct 25 15:28:39 2011 us=312000 10.4.19.122:41849 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Oct 25 15:28:39 2011 us=312000 10.4.19.122:41849 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Tue Oct 25 15:28:39 2011 us=312000 10.4.19.122:41849 [john] Peer Connection Initiated with 10.4.19.122:41849
Tue Oct 25 15:28:39 2011 us=328000 MULTI: new connection by client 'john' will cause previous active sessions by this client to be dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
Tue Oct 25 15:28:39 2011 us=328000 MULTI: Learn: 10.8.0.6 -> john/10.4.19.122:41849
Tue Oct 25 15:28:39 2011 us=328000 MULTI: primary virtual IP for john/10.4.19.122:41849: 10.8.0.6
Tue Oct 25 15:28:40 2011 us=375000 john/10.4.19.122:41849 PUSH: Received control message: 'PUSH_REQUEST'
Tue Oct 25 15:28:40 2011 us=375000 john/10.4.19.122:41849 SENT CONTROL [john]: 'PUSH_REPLY,route 192.168.0.0 255.255.255.0,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' (status=1)
Tue Oct 25 15:28:44 2011 us=812000 TCP/UDP: Closing socket
Tue Oct 25 15:28:44 2011 us=812000 C:\WINDOWS\system32\route.exe DELETE 10.8.0.0 MASK 255.255.255.0 10.8.0.2
Tue Oct 25 15:28:44 2011 us=812000 Route deletion via IPAPI succeeded [adaptive]
Tue Oct 25 15:28:44 2011 us=812000 Closing TUN/TAP interface
Tue Oct 25 15:28:44 2011 us=828000 SIGTERM[hard,] received, process exiting

It's not about server. It's linux client. Check what atsk are running on linux. May be something is interfering.

I now have two problems; but first the concurrent tasks. I have looked through them but
I can't see anything untoward :-

USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.0 2100 684 ? Ss 08:17 0:01 init [2]
root 2 0.0 0.0 0 0 ? S< 08:17 0:00 [kthreadd]
root 3 0.0 0.0 0 0 ? S< 08:17 0:00 [migration/0]
root 4 0.0 0.0 0 0 ? S< 08:17 0:00 [ksoftirqd/0]
root 5 0.0 0.0 0 0 ? S< 08:17 0:00 [watchdog/0]
root 6 0.0 0.0 0 0 ? S< 08:17 0:00 [migration/1]
root 7 0.0 0.0 0 0 ? S< 08:17 0:00 [ksoftirqd/1]
root 8 0.0 0.0 0 0 ? S< 08:17 0:00 [watchdog/1]
root 9 0.0 0.0 0 0 ? S< 08:17 0:00 [events/0]
root 10 0.0 0.0 0 0 ? S< 08:17 0:00 [events/1]
root 11 0.0 0.0 0 0 ? S< 08:17 0:00 [khelper]
root 44 0.0 0.0 0 0 ? S< 08:17 0:00 [kblockd/0]
root 45 0.0 0.0 0 0 ? S< 08:17 0:00 [kblockd/1]
root 47 0.0 0.0 0 0 ? S< 08:17 0:00 [kacpid]
root 48 0.0 0.0 0 0 ? S< 08:17 0:00 [kacpi_notify]
root 144 0.0 0.0 0 0 ? S< 08:17 0:00 [kseriod]
root 185 0.0 0.0 0 0 ? S 08:17 0:00 [pdflush]
root 186 0.0 0.0 0 0 ? S 08:17 0:00 [pdflush]
root 187 0.0 0.0 0 0 ? S< 08:17 0:00 [kswapd0]
root 188 0.0 0.0 0 0 ? S< 08:17 0:00 [aio/0]
root 189 0.0 0.0 0 0 ? S< 08:17 0:00 [aio/1]
root 637 0.0 0.0 0 0 ? S< 08:17 0:00 [ksuspend_usbd]
root 640 0.0 0.0 0 0 ? S< 08:17 0:00 [khubd]
root 784 0.0 0.0 0 0 ? S< 08:17 0:00 [ata/0]
root 785 0.0 0.0 0 0 ? S< 08:17 0:00 [ata/1]
root 786 0.0 0.0 0 0 ? S< 08:17 0:00 [ata_aux]
root 792 0.0 0.0 0 0 ? S< 08:17 0:00 [khpsbpkt]
root 964 0.0 0.0 0 0 ? S< 08:17 0:00 [scsi_eh_0]
root 965 0.0 0.0 0 0 ? S< 08:17 0:00 [scsi_eh_1]
root 966 0.0 0.0 0 0 ? S< 08:17 0:00 [scsi_eh_2]
root 975 0.0 0.0 0 0 ? S< 08:17 0:00 [knodemgrd_0]
root 1055 0.0 0.0 0 0 ? S< 08:17 0:00 [xfslogd/0]
root 1057 0.0 0.0 0 0 ? S< 08:17 0:00 [xfslogd/1]
root 1058 0.0 0.0 0 0 ? S< 08:17 0:00 [xfsdatad/0]
root 1059 0.0 0.0 0 0 ? S< 08:17 0:00 [xfsdatad/1]
root 1060 0.0 0.0 0 0 ? S< 08:17 0:00 [xfs_mru_cache]
root 1062 0.0 0.0 0 0 ? S< 08:17 0:00 [xfsbufd]
root 1063 0.0 0.0 0 0 ? S< 08:17 0:00 [xfsaild]
root 1066 0.0 0.0 0 0 ? S< 08:17 0:00 [xfssyncd]
root 1142 0.0 0.0 3092 1688 ? S<s 08:17 0:00 udevd --daemon
root 1532 0.0 0.0 0 0 ? S< 08:17 0:00 [ktpacpid]
root 1552 0.0 0.0 0 0 ? S< 08:17 0:00 [btaddconn]
root 1553 0.0 0.0 0 0 ? S< 08:17 0:00 [btdelconn]
root 1808 0.0 0.0 0 0 ? S< 08:17 0:00 [pccardd]
root 1932 0.0 0.0 0 0 ? S< 08:17 0:00 [kpsmoused]
root 1943 0.0 0.0 0 0 ? S< 08:17 0:00 [iwl4965]
root 1977 0.0 0.0 0 0 ? S< 08:17 0:00 [iwl4965/0]
root 1978 0.0 0.0 0 0 ? S< 08:17 0:00 [iwl4965/1]
root 2286 0.0 0.0 0 0 ? S< 08:17 0:00 [kjournald]
root 2287 0.0 0.0 0 0 ? S< 08:17 0:00 [xfsbufd]
root 2288 0.0 0.0 0 0 ? S< 08:17 0:00 [xfsaild]
root 2289 0.0 0.0 0 0 ? S< 08:17 0:00 [xfssyncd]
daemon 2410 0.0 0.0 1892 512 ? Ss 08:17 0:00 /sbin/portmap
statd 2421 0.0 0.0 1956 728 ? Ss 08:17 0:00 /sbin/rpc.statd
root 2694 0.0 0.0 0 0 ? S< 08:17 0:00 [kondemand/0]
root 2695 0.0 0.0 0 0 ? S< 08:17 0:00 [kondemand/1]
root 2768 0.0 0.0 28560 1588 ? Sl 08:17 0:00 /usr/sbin/rsyslogd -c3
root 2779 0.0 0.0 2292 1228 ? Ss 08:17 0:00 /usr/sbin/acpid
103 2791 0.0 0.0 2748 1104 ? Ss 08:17 0:00 /usr/bin/dbus-daemon --system
avahi 2811 0.0 0.0 2996 1488 ? Ss 08:17 0:00 avahi-daemon: running [kas-swdev-mobile
avahi 2812 0.0 0.0 2884 484 ? Ss 08:17 0:00 avahi-daemon: chroot helper
root 2830 0.0 0.1 4632 2140 ? Ss 08:17 0:00 /usr/sbin/openvpn --writepid /var/run/o
root 2885 0.0 0.1 6344 2272 ? Ss 08:17 0:00 /usr/sbin/cupsd
root 2896 0.0 0.0 2888 688 ? Ss 08:17 0:00 /usr/bin/dirmngr --daemon --sh
101 3168 0.0 0.0 6300 936 ? Ss 08:17 0:00 /usr/sbin/exim4 -bd -q30m
root 3179 0.0 0.0 6572 1012 ? Ss 08:17 0:00 /usr/sbin/kerneloops
root 3183 0.0 0.0 2952 912 ? Ss 08:17 0:00 /usr/sbin/lisa
root 3197 0.0 0.0 1952 596 ? Ss 08:17 0:00 /usr/sbin/inetd
ntp 3210 0.0 0.0 4284 1288 ? Ss 08:17 0:00 /usr/sbin/ntpd -p /var/run/ntpd.pid -u
root 3220 0.0 0.0 2052 880 ? Ss 08:17 0:00 /usr/sbin/dhcdbd --system
107 3231 0.0 0.1 6040 3848 ? Ss 08:17 0:00 /usr/sbin/hald
root 3232 0.0 0.0 3324 1080 ? S 08:17 0:00 hald-runner
root 3250 0.0 0.0 3388 1040 ? S 08:17 0:00 hald-addon-input: Listening on /dev/inp
root 3254 0.0 0.0 3400 1116 ? S 08:17 0:00 /usr/lib/hal/hald-addon-cpufreq
107 3255 0.0 0.0 2272 880 ? S 08:17 0:00 hald-addon-acpi: listening on acpid soc
root 3263 0.0 0.0 3388 1044 ? S 08:17 0:00 hald-addon-storage: polling /dev/hda (e
root 3279 0.0 0.0 3248 1388 ? Ss 08:17 0:00 /usr/sbin/hcid -x -s
root 3293 0.0 0.0 0 0 ? S< 08:17 0:00 [krfcommd]
root 3302 0.0 0.1 22196 2148 ? Ssl 08:17 0:00 /usr/sbin/NetworkManager --pid-file /va
root 3310 0.0 0.0 3508 1336 ? Ss 08:17 0:00 /usr/sbin/NetworkManagerDispatcher --pi
root 3327 0.0 0.0 3852 1020 ? Ss 08:17 0:00 /usr/bin/system-tools-backends
root 3339 0.0 0.0 1988 848 ? Ss 08:17 0:00 /usr/sbin/anacron -s
daemon 3352 0.0 0.0 2048 440 ? Ss 08:17 0:00 /usr/sbin/atd
root 3384 0.0 0.0 3456 984 ? Ss 08:17 0:00 /usr/sbin/cron
root 3444 0.0 0.0 3252 620 ? Ss 08:17 0:00 /usr/bin/kdm -config /var/run/kdm/kdmrc
root 3450 4.6 0.8 22852 16916 tty7 Ss+ 08:17 1:23 /usr/bin/X -br -nolisten tcp :0 vt7 -au
root 3458 0.0 0.0 1764 508 tty1 Ss+ 08:17 0:00 /sbin/getty 38400 tty1
root 3459 0.0 0.0 1764 508 tty2 Ss+ 08:17 0:00 /sbin/getty 38400 tty2
root 3460 0.0 0.0 1764 504 tty3 Ss+ 08:17 0:00 /sbin/getty 38400 tty3
root 3461 0.0 0.0 1764 508 tty4 Ss+ 08:17 0:00 /sbin/getty 38400 tty4
root 3462 0.0 0.0 1764 504 tty5 Ss+ 08:17 0:00 /sbin/getty 38400 tty5
root 3463 0.0 0.0 1764 504 tty6 Ss+ 08:17 0:00 /sbin/getty 38400 tty6
root 3474 0.0 0.0 4012 1788 ? S 08:17 0:00 -:0
root 3487 0.0 0.0 2180 892 ? S 08:17 0:00 /sbin/dhclient -1 -lf /var/lib/dhcp3/dh
root 3519 0.0 0.0 2180 456 ? S<s 08:17 0:00 dhclient3 -pf /var/run/dhclient.eth0.pi
john 3638 0.0 0.0 4376 1508 ? Ss 08:17 0:00 /bin/sh /usr/bin/startkde
john 3676 0.0 0.0 4756 572 ? Ss 08:17 0:00 /usr/bin/ssh-agent /usr/bin/dbus-launch
john 3679 0.0 0.0 3100 716 ? S 08:17 0:00 /usr/bin/dbus-launch --exit-with-sessio
john 3680 0.0 0.0 2620 868 ? Ss 08:17 0:00 /usr/bin/dbus-daemon --fork --print-pid
root 3710 0.0 0.0 1608 156 ? S 08:17 0:00 start_kdeinit --new-startup +kcminit_st
john 3711 0.0 0.1 25556 3472 ? Ss 08:17 0:00 kdeinit Running...
john 3714 0.0 0.1 25300 2588 ? S 08:17 0:00 dcopserver [kdeinit] --nosid
john 3716 0.0 0.2 27252 6088 ? S 08:17 0:00 klauncher [kdeinit] --new-startup
john 3718 0.0 0.6 32956 13108 ? S 08:17 0:00 kded [kdeinit] --new-startup
john 3723 0.0 0.0 1744 360 ? S 08:17 0:00 kwrapper ksmserver
john 3725 0.0 0.3 26608 7760 ? S 08:17 0:00 ksmserver [kdeinit]
john 3726 0.0 0.5 29828 10916 ? S 08:17 0:00 kwin [kdeinit] -session 101b616e1b01660
john 3728 0.0 0.6 32716 13036 ? S 08:17 0:01 kdesktop [kdeinit]
john 3733 0.2 0.7 34992 16460 ? S 08:17 0:03 kicker [kdeinit]
john 3734 0.0 0.2 27780 5480 ? S 08:17 0:00 kio_file [kdeinit] file /tmp/ksocket-jo
john 3736 0.0 0.4 29200 9780 ? S 08:17 0:00 kxkb [kdeinit]
john 3742 0.0 0.4 23116 8428 ? S 08:17 0:01 /usr/bin/artsd -F 10 -S 4096 -n -s 60 -
john 3744 0.0 0.3 26460 7128 ? S 08:17 0:00 kaccess [kdeinit]
john 3746 0.1 0.7 33916 15060 ? R 08:17 0:02 konsole [kdeinit] -session 101b616e1b01
john 3747 0.0 0.1 7728 3208 ? S 08:17 0:00 xclock -xtsessionID 101b616e1b016600012
john 3749 0.0 0.8 39204 16932 ? S 08:17 0:00 noatun [kdeinit] -session 101b616e1b016
john 3751 0.0 0.5 30800 11848 ? S 08:17 0:00 kmix [kdeinit] -session 101b616e1b01660
john 3752 0.0 0.4 62380 10072 ? Sl 08:17 0:00 /usr/lib/evolution/2.22/evolution-alarm
john 3753 0.0 0.1 6184 3436 pts/0 Ss+ 08:18 0:00 /bin/bash
john 3754 0.0 0.1 6184 3460 pts/1 Ss 08:18 0:00 /bin/bash
john 3755 0.0 0.1 6184 3432 pts/2 Ss+ 08:18 0:00 /bin/bash
john 3756 0.0 0.1 6184 3432 pts/3 Ss+ 08:18 0:00 /bin/bash
john 3757 0.0 0.1 6184 3432 pts/4 Ss+ 08:18 0:00 /bin/bash
john 3813 0.0 0.1 7084 3984 ? S 08:18 0:00 /usr/lib/libgconf2-4/gconfd-2 12
john 3816 0.0 0.1 33168 3124 ? Ssl 08:18 0:00 /usr/lib/bonobo-activation/bonobo-activ
john 3821 0.0 0.4 27700 8816 ? S 08:18 0:00 klipper [kdeinit]
john 3824 0.0 0.4 30024 10068 ? S 08:18 0:00 kpowersave [kdeinit]
john 3826 0.0 0.4 34756 9884 ? S 08:18 0:00 knotify [kdeinit]
john 3828 0.0 0.5 34536 11152 ? S 08:18 0:00 knetworkmanager [kdeinit]
john 3832 0.0 0.4 38452 9600 ? Sl 08:18 0:00 /usr/lib/evolution/2.22/evolution-excha
john 3833 0.0 0.7 35392 14556 ? S 08:18 0:00 korgac --miniicon korganizer
john 3835 0.0 0.0 6244 1352 ? S 08:18 0:00 gnome-keyring-daemon
john 3857 0.0 0.3 68728 7084 ? Sl 08:18 0:00 /usr/lib/evolution/evolution-data-serve
root 4054 0.0 0.0 1748 556 ? SN 08:22 0:00 run-parts --report /etc/cron.daily
root 4058 0.0 0.0 2604 1128 ? SN 08:22 0:00 /bin/sh /etc/cron.daily/apt
root 4069 0.0 0.0 1760 420 ? SN 08:22 0:00 sleep 1697
john 4816 2.9 3.2 142240 65892 ? Sl 08:42 0:08 /usr/lib/iceweasel/firefox-bin -a icewe
root 4992 0.0 0.0 3716 1028 pts/1 R+ 08:47 0:00 ps aux


My second problem is that on one occasion the client didn't shut down properly and it has left the interface
tun0 running and I can't destroy it. I have tried "ifconfig tun 0 destroy" but it keeps on saying
"unknown host" even though tun0 is listed when I type "ifconfig -a". The result of this is that
when I start the client again, it creates another tun interface - tun1 and the open vpn client gets
confused as to which tun interface to use and no data gets through.

How do I get rid of tun0 ?

I think I have found the answer to the tun persistence problem; you can't destroy them.
So I changed the address of tun 0 to something else and re-ran openvpn client and eventually
the tun0 interface got recycled.

Oh dear, worst case scenario - everything started working and I have no idea why.

I did nothing special at all; I guess I will have to monitor the situation and see if it comes back.
Until then, I have no evidence as to what might have happened.

Thank you so much for your help Mimiko. I might need to talk again but for now, let's see how it goes.

I think I have finally nailed it

The problem was that the linux client does not always shut itself down properly.
The symptom was that the tun interface persisted; this should never happen as
the interface is automatically destroyed when the Openvpn process shuts down.

The thing is that there are two processes created for each OpenVPN session (as I
observed using "ps aux | grep OpenVPN") and one had not shut down. I simply had to
type "sudo kill xxxx" where xxx was the process number and all was back to proper working
order; tun0 disappeared and when I restarted the client session again, it stayed up without
any time-out incidents.

One final side-note; remember I added a default gateway on all the items on the remote local sub-net
and you weren't too happy about it. Well, I found that, even running it locally I couldn't ssh into
one of the items until I removed the default gateway statement - wierd !. Instead though I added
the following statement to the startup script of that item :-

route add -net 10.8.0.0/24 gateway 192.168.0.3 eth0

Now ssh works perfectly both locally and remotely via the OpenVPN link.

Thank you once again - you have been most patient with me

Good to hear you finally resolved the problem.