Destination Host Unreachable

Need help configuring your VPN? Just post here and you'll get that help.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
c0mputerking
OpenVpn Newbie
Posts: 1
Joined: Wed Dec 07, 2011 8:39 pm

Destination Host Unreachable

Post by c0mputerking » Wed Dec 07, 2011 9:36 pm

I did a search for this subject and oddly enough nothing came up so i figured it was safe to start an new thread.

Some background I Using Ubuntu 10.04 LTS as the server and the latest Debian Squeeze as the test client for testing. I have followed this tutorial cause it seemed up to date simple and to the point. http://wiki.debian.org/HowTo/openvpn

When i try to ping with openvpn running I get similar from both server and client
This is on the server
From 10.9.8.1 icmp_seq=1 Destination Host Unreachable
This is on the client
From 10.9.8.1 icmp_seq=1 Destination Host Unreachable


My route looks like this
Server

Code: Select all

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
10.9.8.2        *               255.255.255.255 UH    0      0        0 tun0
192.168.1.0     *               255.255.255.0   U     0      0        0 eth1
96.xx.xxx.0     *               255.255.252.0   U     0      0        0 eth0
default         96.xx.xxx.1     0.0.0.0         UG    100    0        0 eth0
Client

Code: Select all

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
10.9.8.1        *               255.255.255.255 UH    0      0        0 tun0
192.168.1.0     *               255.255.255.0   U     0      0        0 eth1
192.168.1.0     *               255.255.255.0   U     0      0        0 vmbr0
68.xxx.x.0      *               255.255.252.0   U     0      0        0 eth0
default         68.xxx.x.1      0.0.0.0         UG    0      0        0 eth0
My configurtation file on the server is like this

Code: Select all

tun0.conf
dev tun0
ifconfig 10.9.8.1 10.9.8.2
secret /etc/openvpn/static.key
My configuration file on the client is like this

Code: Select all

remote my.server..ca
dev tun0
ifconfig 10.9.8.2 10.9.8.1
secret /etc/openvpn/static.key
I am running a shorewall setup and have added what i think is needed to the interfaces zones and rules and polity files

interfaces

Code: Select all

vpn     tun0            detect          dhcp,tcpflags,nosmurfs,routefilter,logmartians
policy

Code: Select all

loc     vpn     ACCEPT
vpn     net     ACCEPT
vpn     dmz     ACCEPT
vpn     $FW     ACCEPT
rules

Code: Select all

ACCEPT          net     $FW     udp     1194
ACCEPT          $FW     net     udp     1194
zones

Code: Select all

fw      firewall
net     ipv4
loc     ipv4
dmz     ipv4
vpn     ipv4

On the server i have successfully started the server with openvpn --config /etc/openvpn/tun0.conf --verb 6

Code: Select all

# openvpn --config /etc/openvpn/tun0.conf --verb 6 
Wed Dec  7 14:00:23 2011 us=885053 Current Parameter Settings:
Wed Dec  7 14:00:23 2011 us=885122   config = '/etc/openvpn/tun0.conf'
Wed Dec  7 14:00:23 2011 us=885136   mode = 0
Wed Dec  7 14:00:23 2011 us=885146   persist_config = DISABLED
Wed Dec  7 14:00:23 2011 us=885156   persist_mode = 1
Wed Dec  7 14:00:23 2011 us=885166   show_ciphers = DISABLED
Wed Dec  7 14:00:23 2011 us=885176   show_digests = DISABLED
Wed Dec  7 14:00:23 2011 us=885185   show_engines = DISABLED
Wed Dec  7 14:00:23 2011 us=885195   genkey = DISABLED
Wed Dec  7 14:00:23 2011 us=885205   key_pass_file = '[UNDEF]'
Wed Dec  7 14:00:23 2011 us=885215   show_tls_ciphers = DISABLED
Wed Dec  7 14:00:23 2011 us=885224 Connection profiles [default]:
Wed Dec  7 14:00:23 2011 us=885235   proto = udp
Wed Dec  7 14:00:23 2011 us=885244   local = '[UNDEF]'
Wed Dec  7 14:00:23 2011 us=885254   local_port = 1194
Wed Dec  7 14:00:23 2011 us=885264   remote = '[UNDEF]'
Wed Dec  7 14:00:23 2011 us=885273   remote_port = 1194
Wed Dec  7 14:00:23 2011 us=885282   remote_float = DISABLED
Wed Dec  7 14:00:23 2011 us=885292   bind_defined = DISABLED
Wed Dec  7 14:00:23 2011 us=885302   bind_local = ENABLED
Wed Dec  7 14:00:23 2011 us=885311   connect_retry_seconds = 5
Wed Dec  7 14:00:23 2011 us=885321   connect_timeout = 10
Wed Dec  7 14:00:23 2011 us=885331   connect_retry_max = 0
Wed Dec  7 14:00:23 2011 us=885341   socks_proxy_server = '[UNDEF]'
Wed Dec  7 14:00:23 2011 us=885350   socks_proxy_port = 0
Wed Dec  7 14:00:23 2011 us=885360   socks_proxy_retry = DISABLED
Wed Dec  7 14:00:23 2011 us=885372 Connection profiles END
Wed Dec  7 14:00:23 2011 us=885382   remote_random = DISABLED
Wed Dec  7 14:00:23 2011 us=885391   ipchange = '[UNDEF]'
Wed Dec  7 14:00:23 2011 us=885400   dev = 'tun0'
Wed Dec  7 14:00:23 2011 us=885410   dev_type = '[UNDEF]'
Wed Dec  7 14:00:23 2011 us=885419   dev_node = '[UNDEF]'
Wed Dec  7 14:00:23 2011 us=885428   lladdr = '[UNDEF]'
Wed Dec  7 14:00:23 2011 us=885437   topology = 1
Wed Dec  7 14:00:23 2011 us=885447   tun_ipv6 = DISABLED
Wed Dec  7 14:00:23 2011 us=885456   ifconfig_local = '10.9.8.1'
Wed Dec  7 14:00:23 2011 us=885466   ifconfig_remote_netmask = '10.9.8.2'
Wed Dec  7 14:00:23 2011 us=885475   ifconfig_noexec = DISABLED
Wed Dec  7 14:00:23 2011 us=885485   ifconfig_nowarn = DISABLED
Wed Dec  7 14:00:23 2011 us=885494   shaper = 0
Wed Dec  7 14:00:23 2011 us=885504   tun_mtu = 1500
Wed Dec  7 14:00:23 2011 us=885513   tun_mtu_defined = ENABLED
Wed Dec  7 14:00:23 2011 us=885522   link_mtu = 1500
Wed Dec  7 14:00:23 2011 us=885532   link_mtu_defined = DISABLED
Wed Dec  7 14:00:23 2011 us=885541   tun_mtu_extra = 0
Wed Dec  7 14:00:23 2011 us=885551   tun_mtu_extra_defined = DISABLED
Wed Dec  7 14:00:23 2011 us=885561   fragment = 0
Wed Dec  7 14:00:23 2011 us=885570   mtu_discover_type = -1
Wed Dec  7 14:00:23 2011 us=885580   mtu_test = 0
Wed Dec  7 14:00:23 2011 us=885616   mlock = DISABLED
Wed Dec  7 14:00:23 2011 us=885627   keepalive_ping = 0
Wed Dec  7 14:00:23 2011 us=885637   keepalive_timeout = 0
Wed Dec  7 14:00:23 2011 us=885647   inactivity_timeout = 0
Wed Dec  7 14:00:23 2011 us=885657   ping_send_timeout = 0
Wed Dec  7 14:00:23 2011 us=885666   ping_rec_timeout = 0
Wed Dec  7 14:00:23 2011 us=885675   ping_rec_timeout_action = 0
Wed Dec  7 14:00:23 2011 us=885685   ping_timer_remote = DISABLED
Wed Dec  7 14:00:23 2011 us=885694   remap_sigusr1 = 0
Wed Dec  7 14:00:23 2011 us=885704   explicit_exit_notification = 0
Wed Dec  7 14:00:23 2011 us=885714   persist_tun = DISABLED
Wed Dec  7 14:00:23 2011 us=885725   persist_local_ip = DISABLED
Wed Dec  7 14:00:23 2011 us=885753   persist_remote_ip = DISABLED
Wed Dec  7 14:00:23 2011 us=885767   persist_key = DISABLED
Wed Dec  7 14:00:23 2011 us=885777   mssfix = 1450
Wed Dec  7 14:00:23 2011 us=885787   passtos = DISABLED
Wed Dec  7 14:00:23 2011 us=885797   resolve_retry_seconds = 1000000000
Wed Dec  7 14:00:23 2011 us=885807   username = '[UNDEF]'
Wed Dec  7 14:00:23 2011 us=885816   groupname = '[UNDEF]'
Wed Dec  7 14:00:23 2011 us=885826   chroot_dir = '[UNDEF]'
Wed Dec  7 14:00:23 2011 us=885849   cd_dir = '[UNDEF]'
Wed Dec  7 14:00:23 2011 us=885860   writepid = '[UNDEF]'
Wed Dec  7 14:00:23 2011 us=885870   up_script = '[UNDEF]'
Wed Dec  7 14:00:23 2011 us=885879   down_script = '[UNDEF]'
Wed Dec  7 14:00:23 2011 us=885889   down_pre = DISABLED
Wed Dec  7 14:00:23 2011 us=885898   up_restart = DISABLED
Wed Dec  7 14:00:23 2011 us=885908   up_delay = DISABLED
Wed Dec  7 14:00:23 2011 us=885917   daemon = DISABLED
Wed Dec  7 14:00:23 2011 us=885927   inetd = 0
Wed Dec  7 14:00:23 2011 us=885936   log = DISABLED
Wed Dec  7 14:00:23 2011 us=885946   suppress_timestamps = DISABLED
Wed Dec  7 14:00:23 2011 us=885956   nice = 0
Wed Dec  7 14:00:23 2011 us=885965   verbosity = 6
Wed Dec  7 14:00:23 2011 us=885975   mute = 0
Wed Dec  7 14:00:23 2011 us=885984   gremlin = 0
Wed Dec  7 14:00:23 2011 us=885994   status_file = '[UNDEF]'
Wed Dec  7 14:00:23 2011 us=886003   status_file_version = 1
Wed Dec  7 14:00:23 2011 us=886013   status_file_update_freq = 60
Wed Dec  7 14:00:23 2011 us=886022   occ = ENABLED
Wed Dec  7 14:00:23 2011 us=886032   rcvbuf = 65536
Wed Dec  7 14:00:23 2011 us=886041   sndbuf = 65536
Wed Dec  7 14:00:23 2011 us=886051   sockflags = 0
Wed Dec  7 14:00:23 2011 us=886061   fast_io = DISABLED
Wed Dec  7 14:00:23 2011 us=886070   lzo = 0
Wed Dec  7 14:00:23 2011 us=886080   route_script = '[UNDEF]'
Wed Dec  7 14:00:23 2011 us=886089   route_default_gateway = '[UNDEF]'
Wed Dec  7 14:00:23 2011 us=886099   route_default_metric = 0
Wed Dec  7 14:00:23 2011 us=886109   route_noexec = DISABLED
Wed Dec  7 14:00:23 2011 us=886118   route_delay = 0
Wed Dec  7 14:00:23 2011 us=886128   route_delay_window = 30
Wed Dec  7 14:00:23 2011 us=886138   route_delay_defined = DISABLED
Wed Dec  7 14:00:23 2011 us=886147   route_nopull = DISABLED
Wed Dec  7 14:00:23 2011 us=886157   route_gateway_via_dhcp = DISABLED
Wed Dec  7 14:00:23 2011 us=886167   max_routes = 100
Wed Dec  7 14:00:23 2011 us=886176   allow_pull_fqdn = DISABLED
Wed Dec  7 14:00:23 2011 us=886186   management_addr = '[UNDEF]'
Wed Dec  7 14:00:23 2011 us=886196   management_port = 0
Wed Dec  7 14:00:23 2011 us=886206   management_user_pass = '[UNDEF]'
Wed Dec  7 14:00:23 2011 us=886216   management_log_history_cache = 250
Wed Dec  7 14:00:23 2011 us=886225   management_echo_buffer_size = 100
Wed Dec  7 14:00:23 2011 us=886235   management_write_peer_info_file = '[UNDEF]'
Wed Dec  7 14:00:23 2011 us=886245   management_client_user = '[UNDEF]'
Wed Dec  7 14:00:23 2011 us=886256   management_client_group = '[UNDEF]'
Wed Dec  7 14:00:23 2011 us=886265   management_flags = 0
Wed Dec  7 14:00:23 2011 us=886275   shared_secret_file = '/etc/openvpn/static.key'
Wed Dec  7 14:00:23 2011 us=886285   key_direction = 0
Wed Dec  7 14:00:23 2011 us=886295   ciphername_defined = ENABLED
Wed Dec  7 14:00:23 2011 us=886305   ciphername = 'BF-CBC'
Wed Dec  7 14:00:23 2011 us=890608   authname_defined = ENABLED
Wed Dec  7 14:00:23 2011 us=890630   authname = 'SHA1'
Wed Dec  7 14:00:23 2011 us=890645   prng_hash = 'SHA1'
Wed Dec  7 14:00:23 2011 us=890656   prng_nonce_secret_len = 16
Wed Dec  7 14:00:23 2011 us=890667   keysize = 0
Wed Dec  7 14:00:23 2011 us=890677   engine = DISABLED
Wed Dec  7 14:00:23 2011 us=890686   replay = ENABLED
Wed Dec  7 14:00:23 2011 us=890696   mute_replay_warnings = DISABLED
Wed Dec  7 14:00:23 2011 us=890706   replay_window = 64
Wed Dec  7 14:00:23 2011 us=890716   replay_time = 15
Wed Dec  7 14:00:23 2011 us=890726   packet_id_file = '[UNDEF]'
Wed Dec  7 14:00:23 2011 us=890736   use_iv = ENABLED
Wed Dec  7 14:00:23 2011 us=890746   test_crypto = DISABLED
Wed Dec  7 14:00:23 2011 us=890757   tls_server = DISABLED
Wed Dec  7 14:00:23 2011 us=890767   tls_client = DISABLED
Wed Dec  7 14:00:23 2011 us=890778   key_method = 2
Wed Dec  7 14:00:23 2011 us=890788   ca_file = '[UNDEF]'
Wed Dec  7 14:00:23 2011 us=890797   ca_path = '[UNDEF]'
Wed Dec  7 14:00:23 2011 us=890807   dh_file = '[UNDEF]'
Wed Dec  7 14:00:23 2011 us=890817   cert_file = '[UNDEF]'
Wed Dec  7 14:00:23 2011 us=890828   priv_key_file = '[UNDEF]'
Wed Dec  7 14:00:23 2011 us=890838   pkcs12_file = '[UNDEF]'
Wed Dec  7 14:00:23 2011 us=890848   cipher_list = '[UNDEF]'
Wed Dec  7 14:00:23 2011 us=890858   tls_verify = '[UNDEF]'
Wed Dec  7 14:00:23 2011 us=890869   tls_remote = '[UNDEF]'
Wed Dec  7 14:00:23 2011 us=890879   crl_file = '[UNDEF]'
Wed Dec  7 14:00:23 2011 us=890892   ns_cert_type = 0
Wed Dec  7 14:00:23 2011 us=890902   remote_cert_ku[i] = 0
Wed Dec  7 14:00:23 2011 us=890911   remote_cert_ku[i] = 0
Wed Dec  7 14:00:23 2011 us=890922   remote_cert_ku[i] = 0
Wed Dec  7 14:00:23 2011 us=890932   remote_cert_ku[i] = 0
Wed Dec  7 14:00:23 2011 us=890942   remote_cert_ku[i] = 0
Wed Dec  7 14:00:23 2011 us=890952   remote_cert_ku[i] = 0
Wed Dec  7 14:00:23 2011 us=890962   remote_cert_ku[i] = 0
Wed Dec  7 14:00:23 2011 us=890972   remote_cert_ku[i] = 0
Wed Dec  7 14:00:23 2011 us=890984   remote_cert_ku[i] = 0
Wed Dec  7 14:00:23 2011 us=890994   remote_cert_ku[i] = 0
Wed Dec  7 14:00:23 2011 us=891003   remote_cert_ku[i] = 0
Wed Dec  7 14:00:23 2011 us=891015   remote_cert_ku[i] = 0
Wed Dec  7 14:00:23 2011 us=891025   remote_cert_ku[i] = 0
Wed Dec  7 14:00:23 2011 us=891035   remote_cert_ku[i] = 0
Wed Dec  7 14:00:23 2011 us=891045   remote_cert_ku[i] = 0
Wed Dec  7 14:00:23 2011 us=891055   remote_cert_ku[i] = 0
Wed Dec  7 14:00:23 2011 us=891065   remote_cert_eku = '[UNDEF]'
Wed Dec  7 14:00:23 2011 us=891076   tls_timeout = 2
Wed Dec  7 14:00:23 2011 us=891086   renegotiate_bytes = 0
Wed Dec  7 14:00:23 2011 us=891096   renegotiate_packets = 0
Wed Dec  7 14:00:23 2011 us=891106   renegotiate_seconds = 3600
Wed Dec  7 14:00:23 2011 us=891117   handshake_window = 60
Wed Dec  7 14:00:23 2011 us=891128   transition_window = 3600
Wed Dec  7 14:00:23 2011 us=891138   single_session = DISABLED
Wed Dec  7 14:00:23 2011 us=891148   tls_exit = DISABLED
Wed Dec  7 14:00:23 2011 us=891159   tls_auth_file = '[UNDEF]'
Wed Dec  7 14:00:23 2011 us=891169   pkcs11_protected_authentication = DISABLED
Wed Dec  7 14:00:23 2011 us=891180   pkcs11_protected_authentication = DISABLED
Wed Dec  7 14:00:23 2011 us=891190   pkcs11_protected_authentication = DISABLED
Wed Dec  7 14:00:23 2011 us=891200   pkcs11_protected_authentication = DISABLED
Wed Dec  7 14:00:23 2011 us=891211   pkcs11_protected_authentication = DISABLED
Wed Dec  7 14:00:23 2011 us=891221   pkcs11_protected_authentication = DISABLED
Wed Dec  7 14:00:23 2011 us=891231   pkcs11_protected_authentication = DISABLED
Wed Dec  7 14:00:23 2011 us=891242   pkcs11_protected_authentication = DISABLED
Wed Dec  7 14:00:23 2011 us=891252   pkcs11_protected_authentication = DISABLED
Wed Dec  7 14:00:23 2011 us=891262   pkcs11_protected_authentication = DISABLED
Wed Dec  7 14:00:23 2011 us=891273   pkcs11_protected_authentication = DISABLED
Wed Dec  7 14:00:23 2011 us=891283   pkcs11_protected_authentication = DISABLED
Wed Dec  7 14:00:23 2011 us=891293   pkcs11_protected_authentication = DISABLED
Wed Dec  7 14:00:23 2011 us=891304   pkcs11_protected_authentication = DISABLED
Wed Dec  7 14:00:23 2011 us=891315   pkcs11_protected_authentication = DISABLED
Wed Dec  7 14:00:23 2011 us=891325   pkcs11_protected_authentication = DISABLED
Wed Dec  7 14:00:23 2011 us=891335   pkcs11_private_mode = 00000000
Wed Dec  7 14:00:23 2011 us=891346   pkcs11_private_mode = 00000000
Wed Dec  7 14:00:23 2011 us=891358   pkcs11_private_mode = 00000000
Wed Dec  7 14:00:23 2011 us=891368   pkcs11_private_mode = 00000000
Wed Dec  7 14:00:23 2011 us=891379   pkcs11_private_mode = 00000000
Wed Dec  7 14:00:23 2011 us=891389   pkcs11_private_mode = 00000000
Wed Dec  7 14:00:23 2011 us=891400   pkcs11_private_mode = 00000000
Wed Dec  7 14:00:23 2011 us=891411   pkcs11_private_mode = 00000000
Wed Dec  7 14:00:23 2011 us=891421   pkcs11_private_mode = 00000000
Wed Dec  7 14:00:23 2011 us=891431   pkcs11_private_mode = 00000000
Wed Dec  7 14:00:23 2011 us=891442   pkcs11_private_mode = 00000000
Wed Dec  7 14:00:23 2011 us=891452   pkcs11_private_mode = 00000000
Wed Dec  7 14:00:23 2011 us=891462   pkcs11_private_mode = 00000000
Wed Dec  7 14:00:23 2011 us=891473   pkcs11_private_mode = 00000000
Wed Dec  7 14:00:23 2011 us=891484   pkcs11_private_mode = 00000000
Wed Dec  7 14:00:23 2011 us=891494   pkcs11_private_mode = 00000000
Wed Dec  7 14:00:23 2011 us=891506   pkcs11_cert_private = DISABLED
Wed Dec  7 14:00:23 2011 us=891516   pkcs11_cert_private = DISABLED
Wed Dec  7 14:00:23 2011 us=891529   pkcs11_cert_private = DISABLED
Wed Dec  7 14:00:23 2011 us=891539   pkcs11_cert_private = DISABLED
Wed Dec  7 14:00:23 2011 us=891549   pkcs11_cert_private = DISABLED
Wed Dec  7 14:00:23 2011 us=891560   pkcs11_cert_private = DISABLED
Wed Dec  7 14:00:23 2011 us=891571   pkcs11_cert_private = DISABLED
Wed Dec  7 14:00:23 2011 us=891580   pkcs11_cert_private = DISABLED
Wed Dec  7 14:00:23 2011 us=891591   pkcs11_cert_private = DISABLED
Wed Dec  7 14:00:23 2011 us=891603   pkcs11_cert_private = DISABLED
Wed Dec  7 14:00:23 2011 us=891613   pkcs11_cert_private = DISABLED
Wed Dec  7 14:00:23 2011 us=891623   pkcs11_cert_private = DISABLED
Wed Dec  7 14:00:23 2011 us=891634   pkcs11_cert_private = DISABLED
Wed Dec  7 14:00:23 2011 us=891644   pkcs11_cert_private = DISABLED
Wed Dec  7 14:00:23 2011 us=891654   pkcs11_cert_private = DISABLED
Wed Dec  7 14:00:23 2011 us=891664   pkcs11_cert_private = DISABLED
Wed Dec  7 14:00:23 2011 us=891675   pkcs11_pin_cache_period = -1
Wed Dec  7 14:00:23 2011 us=891686   pkcs11_id = '[UNDEF]'
Wed Dec  7 14:00:23 2011 us=891696   pkcs11_id_management = DISABLED
Wed Dec  7 14:00:23 2011 us=891718   server_network = 0.0.0.0
Wed Dec  7 14:00:23 2011 us=891731   server_netmask = 0.0.0.0
Wed Dec  7 14:00:23 2011 us=891742   server_bridge_ip = 0.0.0.0
Wed Dec  7 14:00:23 2011 us=891755   server_bridge_netmask = 0.0.0.0
Wed Dec  7 14:00:23 2011 us=891776   server_bridge_pool_start = 0.0.0.0
Wed Dec  7 14:00:23 2011 us=891799   server_bridge_pool_end = 0.0.0.0
Wed Dec  7 14:00:23 2011 us=891812   ifconfig_pool_defined = DISABLED
Wed Dec  7 14:00:23 2011 us=891826   ifconfig_pool_start = 0.0.0.0
Wed Dec  7 14:00:23 2011 us=891838   ifconfig_pool_end = 0.0.0.0
Wed Dec  7 14:00:23 2011 us=891850   ifconfig_pool_netmask = 0.0.0.0
Wed Dec  7 14:00:23 2011 us=891863   ifconfig_pool_persist_filename = '[UNDEF]'
Wed Dec  7 14:00:23 2011 us=891874   ifconfig_pool_persist_refresh_freq = 600
Wed Dec  7 14:00:23 2011 us=891886   n_bcast_buf = 256
Wed Dec  7 14:00:23 2011 us=891896   tcp_queue_limit = 64
Wed Dec  7 14:00:23 2011 us=891906   real_hash_size = 256
Wed Dec  7 14:00:23 2011 us=891916   virtual_hash_size = 256
Wed Dec  7 14:00:23 2011 us=891927   client_connect_script = '[UNDEF]'
Wed Dec  7 14:00:23 2011 us=891937   learn_address_script = '[UNDEF]'
Wed Dec  7 14:00:23 2011 us=891950   client_disconnect_script = '[UNDEF]'
Wed Dec  7 14:00:23 2011 us=891960   client_config_dir = '[UNDEF]'
Wed Dec  7 14:00:23 2011 us=891971   ccd_exclusive = DISABLED
Wed Dec  7 14:00:23 2011 us=891983   tmp_dir = '[UNDEF]'
Wed Dec  7 14:00:23 2011 us=891993   push_ifconfig_defined = DISABLED
Wed Dec  7 14:00:23 2011 us=892004   push_ifconfig_local = 0.0.0.0
Wed Dec  7 14:00:23 2011 us=892017   push_ifconfig_remote_netmask = 0.0.0.0
Wed Dec  7 14:00:23 2011 us=892030   enable_c2c = DISABLED
Wed Dec  7 14:00:23 2011 us=892040   duplicate_cn = DISABLED
Wed Dec  7 14:00:23 2011 us=892051   cf_max = 0
Wed Dec  7 14:00:23 2011 us=892061   cf_per = 0
Wed Dec  7 14:00:23 2011 us=892071   max_clients = 1024
Wed Dec  7 14:00:23 2011 us=892083   max_routes_per_client = 256
Wed Dec  7 14:00:23 2011 us=892093   auth_user_pass_verify_script = '[UNDEF]'
Wed Dec  7 14:00:23 2011 us=892106   auth_user_pass_verify_script_via_file = DISABLED
Wed Dec  7 14:00:23 2011 us=892116   ssl_flags = 0
Wed Dec  7 14:00:23 2011 us=892127   port_share_host = '[UNDEF]'
Wed Dec  7 14:00:23 2011 us=892138   port_share_port = 0
Wed Dec  7 14:00:23 2011 us=892148   client = DISABLED
Wed Dec  7 14:00:23 2011 us=892160   pull = DISABLED
Wed Dec  7 14:00:23 2011 us=892170   auth_user_pass_file = '[UNDEF]'
Wed Dec  7 14:00:23 2011 us=892187 OpenVPN 2.1.0 x86_64-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [MH] [PF_INET6] [eurephia] built on Jul 20 2010
Wed Dec  7 14:00:23 2011 us=892287 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA.  OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Wed Dec  7 14:00:23 2011 us=892304 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Wed Dec  7 14:00:23 2011 us=892336 /usr/sbin/openvpn-vulnkey -q /etc/openvpn/static.key
Wed Dec  7 14:00:23 2011 us=943918 Static Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Dec  7 14:00:23 2011 us=943973 Static Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Dec  7 14:00:23 2011 us=944059 Static Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Dec  7 14:00:23 2011 us=944073 Static Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Dec  7 14:00:23 2011 us=945182 TUN/TAP device tun0 opened
Wed Dec  7 14:00:23 2011 us=945211 TUN/TAP TX queue length set to 100
Wed Dec  7 14:00:23 2011 us=945247 /sbin/ifconfig tun0 10.9.8.1 pointopoint 10.9.8.2 mtu 1500
Wed Dec  7 14:00:23 2011 us=948682 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:4 ET:0 EL:0 ]
Wed Dec  7 14:00:23 2011 us=948736 Local Options String: 'V4,dev-type tun,link-mtu 1544,tun-mtu 1500,proto UDPv4,ifconfig 10.9.8.2 10.9.8.1,cipher BF-CBC,auth SHA1,keysize 128,secret'
Wed Dec  7 14:00:23 2011 us=948749 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1544,tun-mtu 1500,proto UDPv4,ifconfig 10.9.8.1 10.9.8.2,cipher BF-CBC,auth SHA1,keysize 128,secret'
Wed Dec  7 14:00:23 2011 us=948782 Local Options hash (VER=V4): 'ddaab6d6'
Wed Dec  7 14:00:23 2011 us=948800 Expected Remote Options hash (VER=V4): 'e7103b47'
Wed Dec  7 14:00:23 2011 us=948824 Socket Buffers: R=[124928->131072] S=[124928->131072]
Wed Dec  7 14:00:23 2011 us=948841 UDPv4 link local (bound): [undef]
Wed Dec  7 14:00:23 2011 us=948853 UDPv4 link remote: [undef]
On the client i have successfully started openvpn using the same command

Code: Select all

# openvpn --config /etc/openvpn/tun0.conf --verb 6 
Wed Dec  7 14:06:00 2011 us=961344 Current Parameter Settings:
Wed Dec  7 14:06:00 2011 us=961410   config = '/etc/openvpn/tun0.conf'
Wed Dec  7 14:06:00 2011 us=961430   mode = 0
Wed Dec  7 14:06:00 2011 us=961441   persist_config = DISABLED
Wed Dec  7 14:06:00 2011 us=961450   persist_mode = 1
Wed Dec  7 14:06:00 2011 us=961459   show_ciphers = DISABLED
Wed Dec  7 14:06:00 2011 us=961467   show_digests = DISABLED
Wed Dec  7 14:06:00 2011 us=961476   show_engines = DISABLED
Wed Dec  7 14:06:00 2011 us=961485   genkey = DISABLED
Wed Dec  7 14:06:00 2011 us=961494   key_pass_file = '[UNDEF]'
Wed Dec  7 14:06:00 2011 us=961503   show_tls_ciphers = DISABLED
Wed Dec  7 14:06:00 2011 us=961511 Connection profiles [default]:
Wed Dec  7 14:06:00 2011 us=961520   proto = udp
Wed Dec  7 14:06:00 2011 us=961529   local = '[UNDEF]'
Wed Dec  7 14:06:00 2011 us=961537   local_port = 1194
Wed Dec  7 14:06:00 2011 us=961546   remote = 'ns1.computerking.ca'
Wed Dec  7 14:06:00 2011 us=961554   remote_port = 1194
Wed Dec  7 14:06:00 2011 us=961563   remote_float = DISABLED
Wed Dec  7 14:06:00 2011 us=961571   bind_defined = DISABLED
Wed Dec  7 14:06:00 2011 us=961579   bind_local = ENABLED
Wed Dec  7 14:06:00 2011 us=961587   connect_retry_seconds = 5
Wed Dec  7 14:06:00 2011 us=961596   connect_timeout = 10
Wed Dec  7 14:06:00 2011 us=961605   connect_retry_max = 0
Wed Dec  7 14:06:00 2011 us=961613   socks_proxy_server = '[UNDEF]'
Wed Dec  7 14:06:00 2011 us=961621   socks_proxy_port = 0
Wed Dec  7 14:06:00 2011 us=961629   socks_proxy_retry = DISABLED
Wed Dec  7 14:06:00 2011 us=961644 Connection profiles END
Wed Dec  7 14:06:00 2011 us=961654   remote_random = DISABLED
Wed Dec  7 14:06:00 2011 us=961663   ipchange = '[UNDEF]'
Wed Dec  7 14:06:00 2011 us=961671   dev = 'tun0'
Wed Dec  7 14:06:00 2011 us=961679   dev_type = '[UNDEF]'
Wed Dec  7 14:06:00 2011 us=961687   dev_node = '[UNDEF]'
Wed Dec  7 14:06:00 2011 us=961694   lladdr = '[UNDEF]'
Wed Dec  7 14:06:00 2011 us=961703   topology = 1
Wed Dec  7 14:06:00 2011 us=961711   tun_ipv6 = DISABLED
Wed Dec  7 14:06:00 2011 us=961719   ifconfig_local = '10.9.8.2'
Wed Dec  7 14:06:00 2011 us=961727   ifconfig_remote_netmask = '10.9.8.1'
Wed Dec  7 14:06:00 2011 us=961735   ifconfig_noexec = DISABLED
Wed Dec  7 14:06:00 2011 us=961743   ifconfig_nowarn = DISABLED
Wed Dec  7 14:06:00 2011 us=961751   shaper = 0
Wed Dec  7 14:06:00 2011 us=961760   tun_mtu = 1500
Wed Dec  7 14:06:00 2011 us=961768   tun_mtu_defined = ENABLED
Wed Dec  7 14:06:00 2011 us=961776   link_mtu = 1500
Wed Dec  7 14:06:00 2011 us=961784   link_mtu_defined = DISABLED
Wed Dec  7 14:06:00 2011 us=961792   tun_mtu_extra = 0
Wed Dec  7 14:06:00 2011 us=961801   tun_mtu_extra_defined = DISABLED
Wed Dec  7 14:06:00 2011 us=961809   fragment = 0
Wed Dec  7 14:06:00 2011 us=961817   mtu_discover_type = -1
Wed Dec  7 14:06:00 2011 us=961825   mtu_test = 0
Wed Dec  7 14:06:00 2011 us=961833   mlock = DISABLED
Wed Dec  7 14:06:00 2011 us=961842   keepalive_ping = 0
Wed Dec  7 14:06:00 2011 us=961850   keepalive_timeout = 0
Wed Dec  7 14:06:00 2011 us=961858   inactivity_timeout = 0
Wed Dec  7 14:06:00 2011 us=961866   ping_send_timeout = 0
Wed Dec  7 14:06:00 2011 us=961874   ping_rec_timeout = 0
Wed Dec  7 14:06:00 2011 us=961882   ping_rec_timeout_action = 0
Wed Dec  7 14:06:00 2011 us=961889   ping_timer_remote = DISABLED
Wed Dec  7 14:06:00 2011 us=961897   remap_sigusr1 = 0
Wed Dec  7 14:06:00 2011 us=961906   explicit_exit_notification = 0
Wed Dec  7 14:06:00 2011 us=961914   persist_tun = DISABLED
Wed Dec  7 14:06:00 2011 us=961922   persist_local_ip = DISABLED
Wed Dec  7 14:06:00 2011 us=961929   persist_remote_ip = DISABLED
Wed Dec  7 14:06:00 2011 us=961937   persist_key = DISABLED
Wed Dec  7 14:06:00 2011 us=961946   mssfix = 1450
Wed Dec  7 14:06:00 2011 us=961953   passtos = DISABLED
Wed Dec  7 14:06:00 2011 us=961962   resolve_retry_seconds = 1000000000
Wed Dec  7 14:06:00 2011 us=961970   username = '[UNDEF]'
Wed Dec  7 14:06:00 2011 us=961978   groupname = '[UNDEF]'
Wed Dec  7 14:06:00 2011 us=961986   chroot_dir = '[UNDEF]'
Wed Dec  7 14:06:00 2011 us=961994   cd_dir = '[UNDEF]'
Wed Dec  7 14:06:00 2011 us=962002   writepid = '[UNDEF]'
Wed Dec  7 14:06:00 2011 us=962009   up_script = '[UNDEF]'
Wed Dec  7 14:06:00 2011 us=962017   down_script = '[UNDEF]'
Wed Dec  7 14:06:00 2011 us=962025   down_pre = DISABLED
Wed Dec  7 14:06:00 2011 us=962033   up_restart = DISABLED
Wed Dec  7 14:06:00 2011 us=962041   up_delay = DISABLED
Wed Dec  7 14:06:00 2011 us=962049   daemon = DISABLED
Wed Dec  7 14:06:00 2011 us=962057   inetd = 0
Wed Dec  7 14:06:00 2011 us=962065   log = DISABLED
Wed Dec  7 14:06:00 2011 us=962073   suppress_timestamps = DISABLED
Wed Dec  7 14:06:00 2011 us=962081   nice = 0
Wed Dec  7 14:06:00 2011 us=962089   verbosity = 6
Wed Dec  7 14:06:00 2011 us=962097   mute = 0
Wed Dec  7 14:06:00 2011 us=962105   gremlin = 0
Wed Dec  7 14:06:00 2011 us=962113   status_file = '[UNDEF]'
Wed Dec  7 14:06:00 2011 us=962122   status_file_version = 1
Wed Dec  7 14:06:00 2011 us=962130   status_file_update_freq = 60
Wed Dec  7 14:06:00 2011 us=962138   occ = ENABLED
Wed Dec  7 14:06:00 2011 us=962146   rcvbuf = 65536
Wed Dec  7 14:06:00 2011 us=962153   sndbuf = 65536
Wed Dec  7 14:06:00 2011 us=962162   sockflags = 0
Wed Dec  7 14:06:00 2011 us=962169   fast_io = DISABLED
Wed Dec  7 14:06:00 2011 us=962177   lzo = 0
Wed Dec  7 14:06:00 2011 us=962186   route_script = '[UNDEF]'
Wed Dec  7 14:06:00 2011 us=962194   route_default_gateway = '[UNDEF]'
Wed Dec  7 14:06:00 2011 us=962202   route_default_metric = 0
Wed Dec  7 14:06:00 2011 us=962211   route_noexec = DISABLED
Wed Dec  7 14:06:00 2011 us=962219   route_delay = 0
Wed Dec  7 14:06:00 2011 us=962227   route_delay_window = 30
Wed Dec  7 14:06:00 2011 us=962235   route_delay_defined = DISABLED
Wed Dec  7 14:06:00 2011 us=962243   route_nopull = DISABLED
Wed Dec  7 14:06:00 2011 us=962252   route_gateway_via_dhcp = DISABLED
Wed Dec  7 14:06:00 2011 us=962260   max_routes = 100
Wed Dec  7 14:06:00 2011 us=962268   allow_pull_fqdn = DISABLED
Wed Dec  7 14:06:00 2011 us=962276   management_addr = '[UNDEF]'
Wed Dec  7 14:06:00 2011 us=962285   management_port = 0
Wed Dec  7 14:06:00 2011 us=962293   management_user_pass = '[UNDEF]'
Wed Dec  7 14:06:00 2011 us=962302   management_log_history_cache = 250
Wed Dec  7 14:06:00 2011 us=962310   management_echo_buffer_size = 100
Wed Dec  7 14:06:00 2011 us=962318   management_write_peer_info_file = '[UNDEF]'
Wed Dec  7 14:06:00 2011 us=962327   management_client_user = '[UNDEF]'
Wed Dec  7 14:06:00 2011 us=962336   management_client_group = '[UNDEF]'
Wed Dec  7 14:06:00 2011 us=962345   management_flags = 0
Wed Dec  7 14:06:00 2011 us=962353   shared_secret_file = '/etc/openvpn/static.key'
Wed Dec  7 14:06:00 2011 us=962362   key_direction = 0
Wed Dec  7 14:06:00 2011 us=962370   ciphername_defined = ENABLED
Wed Dec  7 14:06:00 2011 us=962379   ciphername = 'BF-CBC'
Wed Dec  7 14:06:00 2011 us=962532   authname_defined = ENABLED
Wed Dec  7 14:06:00 2011 us=962554   authname = 'SHA1'
Wed Dec  7 14:06:00 2011 us=962569   prng_hash = 'SHA1'
Wed Dec  7 14:06:00 2011 us=962581   prng_nonce_secret_len = 16
Wed Dec  7 14:06:00 2011 us=962591   keysize = 0
Wed Dec  7 14:06:00 2011 us=962599   engine = DISABLED
Wed Dec  7 14:06:00 2011 us=962608   replay = ENABLED
Wed Dec  7 14:06:00 2011 us=962617   mute_replay_warnings = DISABLED
Wed Dec  7 14:06:00 2011 us=962626   replay_window = 64
Wed Dec  7 14:06:00 2011 us=962634   replay_time = 15
Wed Dec  7 14:06:00 2011 us=962643   packet_id_file = '[UNDEF]'
Wed Dec  7 14:06:00 2011 us=962651   use_iv = ENABLED
Wed Dec  7 14:06:00 2011 us=962660   test_crypto = DISABLED
Wed Dec  7 14:06:00 2011 us=962669   tls_server = DISABLED
Wed Dec  7 14:06:00 2011 us=962677   tls_client = DISABLED
Wed Dec  7 14:06:00 2011 us=962686   key_method = 2
Wed Dec  7 14:06:00 2011 us=962695   ca_file = '[UNDEF]'
Wed Dec  7 14:06:00 2011 us=962703   ca_path = '[UNDEF]'
Wed Dec  7 14:06:00 2011 us=962711   dh_file = '[UNDEF]'
Wed Dec  7 14:06:00 2011 us=962720   cert_file = '[UNDEF]'
Wed Dec  7 14:06:00 2011 us=962729   priv_key_file = '[UNDEF]'
Wed Dec  7 14:06:00 2011 us=962738   pkcs12_file = '[UNDEF]'
Wed Dec  7 14:06:00 2011 us=962747   cipher_list = '[UNDEF]'
Wed Dec  7 14:06:00 2011 us=962757   tls_verify = '[UNDEF]'
Wed Dec  7 14:06:00 2011 us=962765   tls_remote = '[UNDEF]'
Wed Dec  7 14:06:00 2011 us=962774   crl_file = '[UNDEF]'
Wed Dec  7 14:06:00 2011 us=962783   ns_cert_type = 0
Wed Dec  7 14:06:00 2011 us=962792   remote_cert_ku[i] = 0
Wed Dec  7 14:06:00 2011 us=962801   remote_cert_ku[i] = 0
Wed Dec  7 14:06:00 2011 us=962810   remote_cert_ku[i] = 0
Wed Dec  7 14:06:00 2011 us=962818   remote_cert_ku[i] = 0
Wed Dec  7 14:06:00 2011 us=962827   remote_cert_ku[i] = 0
Wed Dec  7 14:06:00 2011 us=962835   remote_cert_ku[i] = 0
Wed Dec  7 14:06:00 2011 us=962843   remote_cert_ku[i] = 0
Wed Dec  7 14:06:00 2011 us=962852   remote_cert_ku[i] = 0
Wed Dec  7 14:06:00 2011 us=962861   remote_cert_ku[i] = 0
Wed Dec  7 14:06:00 2011 us=962870   remote_cert_ku[i] = 0
Wed Dec  7 14:06:00 2011 us=962878   remote_cert_ku[i] = 0
Wed Dec  7 14:06:00 2011 us=962887   remote_cert_ku[i] = 0
Wed Dec  7 14:06:00 2011 us=962896   remote_cert_ku[i] = 0
Wed Dec  7 14:06:00 2011 us=962904   remote_cert_ku[i] = 0
Wed Dec  7 14:06:00 2011 us=962912   remote_cert_ku[i] = 0
Wed Dec  7 14:06:00 2011 us=962921   remote_cert_ku[i] = 0
Wed Dec  7 14:06:00 2011 us=962930   remote_cert_eku = '[UNDEF]'
Wed Dec  7 14:06:00 2011 us=962939   tls_timeout = 2
Wed Dec  7 14:06:00 2011 us=962948   renegotiate_bytes = 0
Wed Dec  7 14:06:00 2011 us=962956   renegotiate_packets = 0
Wed Dec  7 14:06:00 2011 us=962966   renegotiate_seconds = 3600
Wed Dec  7 14:06:00 2011 us=962975   handshake_window = 60
Wed Dec  7 14:06:00 2011 us=962984   transition_window = 3600
Wed Dec  7 14:06:00 2011 us=962993   single_session = DISABLED
Wed Dec  7 14:06:00 2011 us=963001   push_peer_info = DISABLED
Wed Dec  7 14:06:00 2011 us=963010   tls_exit = DISABLED
Wed Dec  7 14:06:00 2011 us=963019   tls_auth_file = '[UNDEF]'
Wed Dec  7 14:06:00 2011 us=963029   pkcs11_protected_authentication = DISABLED
Wed Dec  7 14:06:00 2011 us=963038   pkcs11_protected_authentication = DISABLED
Wed Dec  7 14:06:00 2011 us=963047   pkcs11_protected_authentication = DISABLED
Wed Dec  7 14:06:00 2011 us=963056   pkcs11_protected_authentication = DISABLED
Wed Dec  7 14:06:00 2011 us=963065   pkcs11_protected_authentication = DISABLED
Wed Dec  7 14:06:00 2011 us=963074   pkcs11_protected_authentication = DISABLED
Wed Dec  7 14:06:00 2011 us=963083   pkcs11_protected_authentication = DISABLED
Wed Dec  7 14:06:00 2011 us=963091   pkcs11_protected_authentication = DISABLED
Wed Dec  7 14:06:00 2011 us=963100   pkcs11_protected_authentication = DISABLED
Wed Dec  7 14:06:00 2011 us=963109   pkcs11_protected_authentication = DISABLED
Wed Dec  7 14:06:00 2011 us=963118   pkcs11_protected_authentication = DISABLED
Wed Dec  7 14:06:00 2011 us=963127   pkcs11_protected_authentication = DISABLED
Wed Dec  7 14:06:00 2011 us=963135   pkcs11_protected_authentication = DISABLED
Wed Dec  7 14:06:00 2011 us=963145   pkcs11_protected_authentication = DISABLED
Wed Dec  7 14:06:00 2011 us=963154   pkcs11_protected_authentication = DISABLED
Wed Dec  7 14:06:00 2011 us=963163   pkcs11_protected_authentication = DISABLED
Wed Dec  7 14:06:00 2011 us=963172   pkcs11_private_mode = 00000000
Wed Dec  7 14:06:00 2011 us=963182   pkcs11_private_mode = 00000000
Wed Dec  7 14:06:00 2011 us=963191   pkcs11_private_mode = 00000000
Wed Dec  7 14:06:00 2011 us=963200   pkcs11_private_mode = 00000000
Wed Dec  7 14:06:00 2011 us=963209   pkcs11_private_mode = 00000000
Wed Dec  7 14:06:00 2011 us=963218   pkcs11_private_mode = 00000000
Wed Dec  7 14:06:00 2011 us=963227   pkcs11_private_mode = 00000000
Wed Dec  7 14:06:00 2011 us=963235   pkcs11_private_mode = 00000000
Wed Dec  7 14:06:00 2011 us=963244   pkcs11_private_mode = 00000000
Wed Dec  7 14:06:00 2011 us=963253   pkcs11_private_mode = 00000000
Wed Dec  7 14:06:00 2011 us=963262   pkcs11_private_mode = 00000000
Wed Dec  7 14:06:00 2011 us=963271   pkcs11_private_mode = 00000000
Wed Dec  7 14:06:00 2011 us=963280   pkcs11_private_mode = 00000000
Wed Dec  7 14:06:00 2011 us=963289   pkcs11_private_mode = 00000000
Wed Dec  7 14:06:00 2011 us=963297   pkcs11_private_mode = 00000000
Wed Dec  7 14:06:00 2011 us=963306   pkcs11_private_mode = 00000000
Wed Dec  7 14:06:00 2011 us=963315   pkcs11_cert_private = DISABLED
Wed Dec  7 14:06:00 2011 us=963324   pkcs11_cert_private = DISABLED
Wed Dec  7 14:06:00 2011 us=963333   pkcs11_cert_private = DISABLED
Wed Dec  7 14:06:00 2011 us=963341   pkcs11_cert_private = DISABLED
Wed Dec  7 14:06:00 2011 us=963350   pkcs11_cert_private = DISABLED
Wed Dec  7 14:06:00 2011 us=963358   pkcs11_cert_private = DISABLED
Wed Dec  7 14:06:00 2011 us=963367   pkcs11_cert_private = DISABLED
Wed Dec  7 14:06:00 2011 us=963375   pkcs11_cert_private = DISABLED
Wed Dec  7 14:06:00 2011 us=963383   pkcs11_cert_private = DISABLED
Wed Dec  7 14:06:00 2011 us=963391   pkcs11_cert_private = DISABLED
Wed Dec  7 14:06:00 2011 us=963400   pkcs11_cert_private = DISABLED
Wed Dec  7 14:06:00 2011 us=963409   pkcs11_cert_private = DISABLED
Wed Dec  7 14:06:00 2011 us=963417   pkcs11_cert_private = DISABLED
Wed Dec  7 14:06:00 2011 us=963454   pkcs11_cert_private = DISABLED
Wed Dec  7 14:06:00 2011 us=963464   pkcs11_cert_private = DISABLED
Wed Dec  7 14:06:00 2011 us=963472   pkcs11_cert_private = DISABLED
Wed Dec  7 14:06:00 2011 us=963481   pkcs11_pin_cache_period = -1
Wed Dec  7 14:06:00 2011 us=963489   pkcs11_id = '[UNDEF]'
Wed Dec  7 14:06:00 2011 us=963498   pkcs11_id_management = DISABLED
Wed Dec  7 14:06:00 2011 us=963526   server_network = 0.0.0.0
Wed Dec  7 14:06:00 2011 us=963531   server_netmask = 0.0.0.0
Wed Dec  7 14:06:00 2011 us=963538   server_bridge_ip = 0.0.0.0
Wed Dec  7 14:06:00 2011 us=963543   server_bridge_netmask = 0.0.0.0
Wed Dec  7 14:06:00 2011 us=963548   server_bridge_pool_start = 0.0.0.0
Wed Dec  7 14:06:00 2011 us=963552   server_bridge_pool_end = 0.0.0.0
Wed Dec  7 14:06:00 2011 us=963557   ifconfig_pool_defined = DISABLED
Wed Dec  7 14:06:00 2011 us=963561   ifconfig_pool_start = 0.0.0.0
Wed Dec  7 14:06:00 2011 us=963566   ifconfig_pool_end = 0.0.0.0
Wed Dec  7 14:06:00 2011 us=963571   ifconfig_pool_netmask = 0.0.0.0
Wed Dec  7 14:06:00 2011 us=963576   ifconfig_pool_persist_filename = '[UNDEF]'
Wed Dec  7 14:06:00 2011 us=963580   ifconfig_pool_persist_refresh_freq = 600
Wed Dec  7 14:06:00 2011 us=963585   n_bcast_buf = 256
Wed Dec  7 14:06:00 2011 us=963589   tcp_queue_limit = 64
Wed Dec  7 14:06:00 2011 us=963593   real_hash_size = 256
Wed Dec  7 14:06:00 2011 us=963597   virtual_hash_size = 256
Wed Dec  7 14:06:00 2011 us=963601   client_connect_script = '[UNDEF]'
Wed Dec  7 14:06:00 2011 us=963605   learn_address_script = '[UNDEF]'
Wed Dec  7 14:06:00 2011 us=963609   client_disconnect_script = '[UNDEF]'
Wed Dec  7 14:06:00 2011 us=963613   client_config_dir = '[UNDEF]'
Wed Dec  7 14:06:00 2011 us=963617   ccd_exclusive = DISABLED
Wed Dec  7 14:06:00 2011 us=963622   tmp_dir = '[UNDEF]'
Wed Dec  7 14:06:00 2011 us=963626   push_ifconfig_defined = DISABLED
Wed Dec  7 14:06:00 2011 us=963631   push_ifconfig_local = 0.0.0.0
Wed Dec  7 14:06:00 2011 us=963636   push_ifconfig_remote_netmask = 0.0.0.0
Wed Dec  7 14:06:00 2011 us=963640   enable_c2c = DISABLED
Wed Dec  7 14:06:00 2011 us=963644   duplicate_cn = DISABLED
Wed Dec  7 14:06:00 2011 us=963649   cf_max = 0
Wed Dec  7 14:06:00 2011 us=963653   cf_per = 0
Wed Dec  7 14:06:00 2011 us=963657   max_clients = 1024
Wed Dec  7 14:06:00 2011 us=963661   max_routes_per_client = 256
Wed Dec  7 14:06:00 2011 us=963666   auth_user_pass_verify_script = '[UNDEF]'
Wed Dec  7 14:06:00 2011 us=963670   auth_user_pass_verify_script_via_file = DISABLED
Wed Dec  7 14:06:00 2011 us=963675   ssl_flags = 0
Wed Dec  7 14:06:00 2011 us=963679   port_share_host = '[UNDEF]'
Wed Dec  7 14:06:00 2011 us=963683   port_share_port = 0
Wed Dec  7 14:06:00 2011 us=963687   client = DISABLED
Wed Dec  7 14:06:00 2011 us=963692   pull = DISABLED
Wed Dec  7 14:06:00 2011 us=963696   auth_user_pass_file = '[UNDEF]'
Wed Dec  7 14:06:00 2011 us=963706 OpenVPN 2.1.3 x86_64-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [MH] [PF_INET6] [eurephia] built on Oct 22 2010
Wed Dec  7 14:06:00 2011 us=963758 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA.  OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Wed Dec  7 14:06:00 2011 us=963765 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Wed Dec  7 14:06:00 2011 us=963784 /usr/sbin/openvpn-vulnkey -q /etc/openvpn/static.key
Wed Dec  7 14:06:00 2011 us=993757 Static Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Dec  7 14:06:00 2011 us=993818 Static Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Dec  7 14:06:00 2011 us=993908 Static Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Dec  7 14:06:00 2011 us=993920 Static Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Dec  7 14:06:00 2011 us=993966 Socket Buffers: R=[133120->131072] S=[133120->131072]
Wed Dec  7 14:06:01 2011 us=809337 TUN/TAP device tun0 opened
Wed Dec  7 14:06:01 2011 us=809410 TUN/TAP TX queue length set to 100
Wed Dec  7 14:06:01 2011 us=809430 /sbin/ifconfig tun0 10.9.8.2 pointopoint 10.9.8.1 mtu 1500
Wed Dec  7 14:06:01 2011 us=810910 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:4 ET:0 EL:0 ]
Wed Dec  7 14:06:01 2011 us=810961 Local Options String: 'V4,dev-type tun,link-mtu 1544,tun-mtu 1500,proto UDPv4,ifconfig 10.9.8.1 10.9.8.2,cipher BF-CBC,auth SHA1,keysize 128,secret'
Wed Dec  7 14:06:01 2011 us=810975 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1544,tun-mtu 1500,proto UDPv4,ifconfig 10.9.8.2 10.9.8.1,cipher BF-CBC,auth SHA1,keysize 128,secret'
Wed Dec  7 14:06:01 2011 us=811012 Local Options hash (VER=V4): 'e7103b47'
Wed Dec  7 14:06:01 2011 us=811028 Expected Remote Options hash (VER=V4): 'ddaab6d6'
Wed Dec  7 14:06:01 2011 us=811049 UDPv4 link local (bound): [undef]
Wed Dec  7 14:06:01 2011 us=811063 UDPv4 link remote: [AF_INET]96.xx.xxx.233:1194
My goal is to setup some windows clients as i would like to share samba files with some remote/offsite windows machines. My base plan is to download install and then run openvpn client service for windows on each client machine. Then simply map network drive from the openvpn server to the remote windows clients.

Please help i have tried to be as complete with this post as possible.
Top
User avatar
janjust
Forum Team
Posts: 2703
Joined: Fri Aug 20, 2010 2:57 pm
Location: Amsterdam
Contact:
Contact janjust

Re: Destination Host Unreachable

Post by janjust » Thu Dec 08, 2011 8:26 am

your setup and logs look OK; if you cannot even ping the VPN interface on the remote end and almost surely you've got a firewall issue somewhere. Can you disable shorewall altogether, for testing? I'm not familiar with shorewall at all, so I don't understand the config lines you list.
Top
Post Reply

Return to “Configuration”