Hi All,
Wondering if someone can help me get this working. Have been through the guide and forum posts but still stuck,
When connecting to the server it just sits there in the logs on the server I can see
IP Changed for security
ipfw list
ifconfig -a
openvpn.conf
openvpn log
Client config
Client Log's
Thanks
Wondering if someone can help me get this working. Have been through the guide and forum posts but still stuck,
When connecting to the server it just sits there in the logs on the server I can see
Code:
TLS Error: cannot locate HMAC in incoming packet from [AF_INET6]::ffff:87.101.157.243:55173
ipfw list
Code:
[root@openvpn_1 /]# ipfw list 00100 nat 1 ip from 172.16.8.0/24 to any out via epair2b 00200 nat 1 ip from any to any in via epair2b 65535 allow ip from any to any
ifconfig -a
Code:
[root@openvpn_1 /]# ifconfig -a lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6> inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1 inet 127.0.0.1 netmask 0xff000000 nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> epair2b: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=8<VLAN_MTU> ether 46:aa:c7:f6:b5:dd inet 192.168.1.4 netmask 0xffffff00 broadcast 192.168.1.255 nd6 options=9<PERFORMNUD,IFDISABLED> media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>) status: active tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1500 options=80000<LINKSTATE> inet 172.16.8.1 --> 172.16.8.2 netmask 0xffffffff nd6 options=9<PERFORMNUD,IFDISABLED>
openvpn.conf
Code:
[root@openvpn_1 /mnt/keys]# cat openvpn.conf port 10011 proto udp dev tun ca ca.crt cert openvpn-server.crt #Server public key key openvpn-server.key #Server private key dh dh.pem #Diffie-Hellman parameters server 172.16.8.0 255.255.255.0 #Purple network ifconfig-pool-persist ipp.txt push "route 192.168.1.0 255.255.255.0" #Yellow network tls-auth ta.key 0 #crl-verify crl.pem keepalive 10 120 cipher AES-256-CBC auth SHA256 group nobody user nobody comp-lzo persist-key persist-tun verb 3
openvpn log
Code:
Jan 11 15:23:03 openvpn_1 openvpn[35911]: WARNING: file 'openvpn-server.key' is group or others accessible Jan 11 15:23:03 openvpn_1 openvpn[35911]: WARNING: file 'ta.key' is group or others accessible Jan 11 15:23:03 openvpn_1 openvpn[35911]: Current Parameter Settings: Jan 11 15:23:03 openvpn_1 openvpn[35911]: config = '/mnt/keys/openvpn.conf' Jan 11 15:23:03 openvpn_1 openvpn[35911]: mode = 1 Jan 11 15:23:03 openvpn_1 openvpn[35911]: show_ciphers = DISABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: show_digests = DISABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: show_engines = DISABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: genkey = DISABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: key_pass_file = '[UNDEF]' Jan 11 15:23:03 openvpn_1 openvpn[35911]: show_tls_ciphers = DISABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: connect_retry_max = 0 Jan 11 15:23:03 openvpn_1 openvpn[35911]: Connection profiles [0]: Jan 11 15:23:03 openvpn_1 openvpn[35911]: proto = udp Jan 11 15:23:03 openvpn_1 openvpn[35911]: local = '[UNDEF]' Jan 11 15:23:03 openvpn_1 openvpn[35911]: local_port = '10011' Jan 11 15:23:03 openvpn_1 openvpn[35911]: remote = '[UNDEF]' Jan 11 15:23:03 openvpn_1 openvpn[35911]: remote_port = '10011' Jan 11 15:23:03 openvpn_1 openvpn[35911]: remote_float = DISABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: bind_defined = DISABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: bind_local = ENABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: bind_ipv6_only = DISABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: connect_retry_seconds = 5 Jan 11 15:23:03 openvpn_1 openvpn[35911]: connect_timeout = 120 Jan 11 15:23:03 openvpn_1 openvpn[35911]: socks_proxy_server = '[UNDEF]' Jan 11 15:23:03 openvpn_1 openvpn[35911]: socks_proxy_port = '[UNDEF]' Jan 11 15:23:03 openvpn_1 openvpn[35911]: tun_mtu = 1500 Jan 11 15:23:03 openvpn_1 openvpn[35911]: tun_mtu_defined = ENABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: link_mtu = 1500 Jan 11 15:23:03 openvpn_1 openvpn[35911]: link_mtu_defined = DISABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: tun_mtu_extra = 0 Jan 11 15:23:03 openvpn_1 openvpn[35911]: tun_mtu_extra_defined = DISABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: mtu_discover_type = -1 Jan 11 15:23:03 openvpn_1 openvpn[35911]: fragment = 0 Jan 11 15:23:03 openvpn_1 openvpn[35911]: mssfix = 1450 Jan 11 15:23:03 openvpn_1 openvpn[35911]: explicit_exit_notification = 0 Jan 11 15:23:03 openvpn_1 openvpn[35911]: Connection profiles END Jan 11 15:23:03 openvpn_1 openvpn[35911]: remote_random = DISABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: ipchange = '[UNDEF]' Jan 11 15:23:03 openvpn_1 openvpn[35911]: dev = 'tun' Jan 11 15:23:03 openvpn_1 openvpn[35911]: dev_type = '[UNDEF]' Jan 11 15:23:03 openvpn_1 openvpn[35911]: dev_node = '[UNDEF]' Jan 11 15:23:03 openvpn_1 openvpn[35911]: lladdr = '[UNDEF]' Jan 11 15:23:03 openvpn_1 openvpn[35911]: topology = 1 Jan 11 15:23:03 openvpn_1 openvpn[35911]: ifconfig_local = '172.16.8.1' Jan 11 15:23:03 openvpn_1 openvpn[35911]: ifconfig_remote_netmask = '172.16.8.2' Jan 11 15:23:03 openvpn_1 openvpn[35911]: ifconfig_noexec = DISABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: ifconfig_nowarn = DISABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: ifconfig_ipv6_local = '[UNDEF]' Jan 11 15:23:03 openvpn_1 openvpn[35911]: ifconfig_ipv6_netbits = 0 Jan 11 15:23:03 openvpn_1 openvpn[35911]: ifconfig_ipv6_remote = '[UNDEF]' Jan 11 15:23:03 openvpn_1 openvpn[35911]: shaper = 0 Jan 11 15:23:03 openvpn_1 openvpn[35911]: mtu_test = 0 Jan 11 15:23:03 openvpn_1 openvpn[35911]: mlock = DISABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: keepalive_ping = 10 Jan 11 15:23:03 openvpn_1 openvpn[35911]: keepalive_timeout = 120 Jan 11 15:23:03 openvpn_1 openvpn[35911]: inactivity_timeout = 0 Jan 11 15:23:03 openvpn_1 openvpn[35911]: ping_send_timeout = 10 Jan 11 15:23:03 openvpn_1 openvpn[35911]: ping_rec_timeout = 240 Jan 11 15:23:03 openvpn_1 openvpn[35911]: ping_rec_timeout_action = 2 Jan 11 15:23:03 openvpn_1 openvpn[35911]: ping_timer_remote = DISABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: remap_sigusr1 = 0 Jan 11 15:23:03 openvpn_1 openvpn[35911]: persist_tun = ENABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: persist_local_ip = DISABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: persist_remote_ip = DISABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: persist_key = ENABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: passtos = DISABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: resolve_retry_seconds = 1000000000 Jan 11 15:23:03 openvpn_1 openvpn[35911]: resolve_in_advance = DISABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: username = 'nobody' Jan 11 15:23:03 openvpn_1 openvpn[35911]: groupname = 'nobody' Jan 11 15:23:03 openvpn_1 openvpn[35911]: chroot_dir = '[UNDEF]' Jan 11 15:23:03 openvpn_1 openvpn[35911]: cd_dir = '/mnt/keys' Jan 11 15:23:03 openvpn_1 openvpn[35911]: writepid = '/var/run/openvpn.pid' Jan 11 15:23:03 openvpn_1 openvpn[35911]: up_script = '[UNDEF]' Jan 11 15:23:03 openvpn_1 openvpn[35911]: down_script = '[UNDEF]' Jan 11 15:23:03 openvpn_1 openvpn[35911]: down_pre = DISABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: up_restart = DISABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: up_delay = DISABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: daemon = ENABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: inetd = 0 Jan 11 15:23:03 openvpn_1 openvpn[35911]: log = DISABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: suppress_timestamps = DISABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: machine_readable_output = DISABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: nice = 0 Jan 11 15:23:03 openvpn_1 openvpn[35911]: verbosity = 4 Jan 11 15:23:03 openvpn_1 openvpn[35911]: mute = 0 Jan 11 15:23:03 openvpn_1 openvpn[35911]: gremlin = 0 Jan 11 15:23:03 openvpn_1 openvpn[35911]: status_file = '[UNDEF]' Jan 11 15:23:03 openvpn_1 openvpn[35911]: status_file_version = 1 Jan 11 15:23:03 openvpn_1 openvpn[35911]: status_file_update_freq = 60 Jan 11 15:23:03 openvpn_1 openvpn[35911]: occ = ENABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: rcvbuf = 0 Jan 11 15:23:03 openvpn_1 openvpn[35911]: sndbuf = 0 Jan 11 15:23:03 openvpn_1 openvpn[35911]: sockflags = 0 Jan 11 15:23:03 openvpn_1 openvpn[35911]: fast_io = DISABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: comp.alg = 2 Jan 11 15:23:03 openvpn_1 openvpn[35911]: comp.flags = 1 Jan 11 15:23:03 openvpn_1 openvpn[35911]: route_script = '[UNDEF]' Jan 11 15:23:03 openvpn_1 openvpn[35911]: route_default_gateway = '[UNDEF]' Jan 11 15:23:03 openvpn_1 openvpn[35911]: route_default_metric = 0 Jan 11 15:23:03 openvpn_1 openvpn[35911]: route_noexec = DISABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: route_delay = 0 Jan 11 15:23:03 openvpn_1 openvpn[35911]: route_delay_window = 30 Jan 11 15:23:03 openvpn_1 openvpn[35911]: route_delay_defined = DISABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: route_nopull = DISABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: route_gateway_via_dhcp = DISABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: allow_pull_fqdn = DISABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: route 172.16.8.0/255.255.255.0/default (not set)/default (not set) Jan 11 15:23:03 openvpn_1 openvpn[35911]: management_addr = '[UNDEF]' Jan 11 15:23:03 openvpn_1 openvpn[35911]: management_port = '[UNDEF]' Jan 11 15:23:03 openvpn_1 openvpn[35911]: management_user_pass = '[UNDEF]' Jan 11 15:23:03 openvpn_1 openvpn[35911]: management_log_history_cache = 250 Jan 11 15:23:03 openvpn_1 openvpn[35911]: management_echo_buffer_size = 100 Jan 11 15:23:03 openvpn_1 openvpn[35911]: management_write_peer_info_file = '[UNDEF]' Jan 11 15:23:03 openvpn_1 openvpn[35911]: management_client_user = '[UNDEF]' Jan 11 15:23:03 openvpn_1 openvpn[35911]: management_client_group = '[UNDEF]' Jan 11 15:23:03 openvpn_1 openvpn[35911]: management_flags = 0 Jan 11 15:23:03 openvpn_1 openvpn[35911]: shared_secret_file = '[UNDEF]' Jan 11 15:23:03 openvpn_1 openvpn[35911]: key_direction = 1 Jan 11 15:23:03 openvpn_1 openvpn[35911]: ciphername = 'AES-256-CBC' Jan 11 15:23:03 openvpn_1 openvpn[35911]: ncp_enabled = ENABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: ncp_ciphers = 'AES-256-GCM:AES-128-GCM' Jan 11 15:23:03 openvpn_1 openvpn[35911]: authname = 'SHA256' Jan 11 15:23:03 openvpn_1 openvpn[35911]: prng_hash = 'SHA1' Jan 11 15:23:03 openvpn_1 openvpn[35911]: prng_nonce_secret_len = 16 Jan 11 15:23:03 openvpn_1 openvpn[35911]: keysize = 0 Jan 11 15:23:03 openvpn_1 openvpn[35911]: engine = DISABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: replay = ENABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: mute_replay_warnings = DISABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: replay_window = 64 Jan 11 15:23:03 openvpn_1 openvpn[35911]: replay_time = 15 Jan 11 15:23:03 openvpn_1 openvpn[35911]: packet_id_file = '[UNDEF]' Jan 11 15:23:03 openvpn_1 openvpn[35911]: use_iv = ENABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: test_crypto = DISABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: tls_server = ENABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: tls_client = DISABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: key_method = 2 Jan 11 15:23:03 openvpn_1 openvpn[35911]: ca_file = 'ca.crt' Jan 11 15:23:03 openvpn_1 openvpn[35911]: ca_path = '[UNDEF]' Jan 11 15:23:03 openvpn_1 openvpn[35911]: dh_file = 'dh.pem' Jan 11 15:23:03 openvpn_1 openvpn[35911]: cert_file = 'openvpn-server.crt' Jan 11 15:23:03 openvpn_1 openvpn[35911]: extra_certs_file = '[UNDEF]' Jan 11 15:23:03 openvpn_1 openvpn[35911]: priv_key_file = 'openvpn-server.key' Jan 11 15:23:03 openvpn_1 openvpn[35911]: pkcs12_file = '[UNDEF]' Jan 11 15:23:03 openvpn_1 openvpn[35911]: cipher_list = '[UNDEF]' Jan 11 15:23:03 openvpn_1 openvpn[35911]: tls_verify = '[UNDEF]' Jan 11 15:23:03 openvpn_1 openvpn[35911]: tls_export_cert = '[UNDEF]' Jan 11 15:23:03 openvpn_1 openvpn[35911]: verify_x509_type = 0 Jan 11 15:23:03 openvpn_1 openvpn[35911]: verify_x509_name = '[UNDEF]' Jan 11 15:23:03 openvpn_1 openvpn[35911]: crl_file = '[UNDEF]' Jan 11 15:23:03 openvpn_1 openvpn[35911]: ns_cert_type = 0 Jan 11 15:23:03 openvpn_1 openvpn[35911]: remote_cert_ku = 0 Jan 11 15:23:03 openvpn_1 last message repeated 15 times Jan 11 15:23:03 openvpn_1 openvpn[35911]: remote_cert_eku = '[UNDEF]' Jan 11 15:23:03 openvpn_1 openvpn[35911]: ssl_flags = 0 Jan 11 15:23:03 openvpn_1 openvpn[35911]: tls_timeout = 2 Jan 11 15:23:03 openvpn_1 openvpn[35911]: renegotiate_bytes = -1 Jan 11 15:23:03 openvpn_1 openvpn[35911]: renegotiate_packets = 0 Jan 11 15:23:03 openvpn_1 openvpn[35911]: renegotiate_seconds = 3600 Jan 11 15:23:03 openvpn_1 openvpn[35911]: handshake_window = 60 Jan 11 15:23:03 openvpn_1 openvpn[35911]: transition_window = 3600 Jan 11 15:23:03 openvpn_1 openvpn[35911]: single_session = DISABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: push_peer_info = DISABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: tls_exit = DISABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: tls_auth_file = 'ta.key' Jan 11 15:23:03 openvpn_1 openvpn[35911]: tls_crypt_file = '[UNDEF]' Jan 11 15:23:03 openvpn_1 openvpn[35911]: server_network = 172.16.8.0 Jan 11 15:23:03 openvpn_1 openvpn[35911]: server_netmask = 255.255.255.0 Jan 11 15:23:03 openvpn_1 openvpn[35911]: server_network_ipv6 = :: Jan 11 15:23:03 openvpn_1 openvpn[35911]: server_netbits_ipv6 = 0 Jan 11 15:23:03 openvpn_1 openvpn[35911]: server_bridge_ip = 0.0.0.0 Jan 11 15:23:03 openvpn_1 openvpn[35911]: server_bridge_netmask = 0.0.0.0 Jan 11 15:23:03 openvpn_1 openvpn[35911]: server_bridge_pool_start = 0.0.0.0 Jan 11 15:23:03 openvpn_1 openvpn[35911]: server_bridge_pool_end = 0.0.0.0 Jan 11 15:23:03 openvpn_1 openvpn[35911]: push_entry = 'route 192.168.1.0 255.255.255.0' Jan 11 15:23:03 openvpn_1 openvpn[35911]: push_entry = 'route 172.16.8.1' Jan 11 15:23:03 openvpn_1 openvpn[35911]: push_entry = 'topology net30' Jan 11 15:23:03 openvpn_1 openvpn[35911]: push_entry = 'ping 10' Jan 11 15:23:03 openvpn_1 openvpn[35911]: push_entry = 'ping-restart 120' Jan 11 15:23:03 openvpn_1 openvpn[35911]: ifconfig_pool_defined = ENABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: ifconfig_pool_start = 172.16.8.4 Jan 11 15:23:03 openvpn_1 openvpn[35911]: ifconfig_pool_end = 172.16.8.251 Jan 11 15:23:03 openvpn_1 openvpn[35911]: ifconfig_pool_netmask = 0.0.0.0 Jan 11 15:23:03 openvpn_1 openvpn[35911]: ifconfig_pool_persist_filename = 'ipp.txt' Jan 11 15:23:03 openvpn_1 openvpn[35911]: ifconfig_pool_persist_refresh_freq = 600 Jan 11 15:23:03 openvpn_1 openvpn[35911]: ifconfig_ipv6_pool_defined = DISABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: ifconfig_ipv6_pool_base = :: Jan 11 15:23:03 openvpn_1 openvpn[35911]: ifconfig_ipv6_pool_netbits = 0 Jan 11 15:23:03 openvpn_1 openvpn[35911]: n_bcast_buf = 256 Jan 11 15:23:03 openvpn_1 openvpn[35911]: tcp_queue_limit = 64 Jan 11 15:23:03 openvpn_1 openvpn[35911]: real_hash_size = 256 Jan 11 15:23:03 openvpn_1 openvpn[35911]: virtual_hash_size = 256 Jan 11 15:23:03 openvpn_1 openvpn[35911]: client_connect_script = '[UNDEF]' Jan 11 15:23:03 openvpn_1 openvpn[35911]: learn_address_script = '[UNDEF]' Jan 11 15:23:03 openvpn_1 openvpn[35911]: client_disconnect_script = '[UNDEF]' Jan 11 15:23:03 openvpn_1 openvpn[35911]: client_config_dir = '[UNDEF]' Jan 11 15:23:03 openvpn_1 openvpn[35911]: ccd_exclusive = DISABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: tmp_dir = '/tmp' Jan 11 15:23:03 openvpn_1 openvpn[35911]: push_ifconfig_defined = DISABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: push_ifconfig_local = 0.0.0.0 Jan 11 15:23:03 openvpn_1 openvpn[35911]: push_ifconfig_remote_netmask = 0.0.0.0 Jan 11 15:23:03 openvpn_1 openvpn[35911]: push_ifconfig_ipv6_defined = DISABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: push_ifconfig_ipv6_local = ::/0 Jan 11 15:23:03 openvpn_1 openvpn[35911]: push_ifconfig_ipv6_remote = :: Jan 11 15:23:03 openvpn_1 openvpn[35911]: enable_c2c = DISABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: duplicate_cn = DISABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: cf_max = 0 Jan 11 15:23:03 openvpn_1 openvpn[35911]: cf_per = 0 Jan 11 15:23:03 openvpn_1 openvpn[35911]: max_clients = 1024 Jan 11 15:23:03 openvpn_1 openvpn[35911]: max_routes_per_client = 256 Jan 11 15:23:03 openvpn_1 openvpn[35911]: auth_user_pass_verify_script = '[UNDEF]' Jan 11 15:23:03 openvpn_1 openvpn[35911]: auth_user_pass_verify_script_via_file = DISABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: auth_token_generate = DISABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: auth_token_lifetime = 0 Jan 11 15:23:03 openvpn_1 openvpn[35911]: port_share_host = '[UNDEF]' Jan 11 15:23:03 openvpn_1 openvpn[35911]: port_share_port = '[UNDEF]' Jan 11 15:23:03 openvpn_1 openvpn[35911]: client = DISABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: pull = DISABLED Jan 11 15:23:03 openvpn_1 openvpn[35911]: auth_user_pass_file = '[UNDEF]' Jan 11 15:23:03 openvpn_1 openvpn[35911]: OpenVPN 2.4.0 amd64-portbld-freebsd10.3 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Jan 3 2017 Jan 11 15:23:03 openvpn_1 openvpn[35911]: library versions: OpenSSL 1.0.1s-freebsd 1 Mar 2016, LZO 2.09 Jan 11 15:23:03 openvpn_1 openvpn[35912]: NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x. Be aware that this might create routing conflicts if you connect to the VPN server from public locations such as internet cafes that use the same subnet. Jan 11 15:23:03 openvpn_1 openvpn[35912]: Diffie-Hellman initialized with 2048 bit key Jan 11 15:23:03 openvpn_1 openvpn[35912]: Failed to extract curve from certificate (UNDEF), using secp384r1 instead. Jan 11 15:23:03 openvpn_1 openvpn[35912]: ECDH curve secp384r1 added Jan 11 15:23:03 openvpn_1 openvpn[35912]: Outgoing Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication Jan 11 15:23:03 openvpn_1 openvpn[35912]: Incoming Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication Jan 11 15:23:03 openvpn_1 openvpn[35912]: TLS-Auth MTU parms [ L:1622 D:1172 EF:78 EB:0 ET:0 EL:3 ] Jan 11 15:23:03 openvpn_1 openvpn[35912]: ROUTE_GATEWAY 192.168.1.1/255.255.255.0 IFACE=epair2b HWADDR=46:aa:c7:f6:b5:dd Jan 11 15:23:03 openvpn_1 openvpn[35912]: TUN/TAP device /dev/tun0 opened Jan 11 15:23:03 openvpn_1 openvpn[35912]: do_ifconfig, tt->did_ifconfig_ipv6_setup=0 Jan 11 15:23:03 openvpn_1 openvpn[35912]: /sbin/ifconfig tun0 172.16.8.1 172.16.8.2 mtu 1500 netmask 255.255.255.255 up Jan 11 15:23:03 openvpn_1 openvpn[35912]: /sbin/route add -net 172.16.8.0 172.16.8.2 255.255.255.0 Jan 11 15:23:03 openvpn_1 openvpn[35912]: Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ] Jan 11 15:23:03 openvpn_1 openvpn[35912]: Could not determine IPv4/IPv6 protocol. Using AF_INET6 Jan 11 15:23:03 openvpn_1 openvpn[35912]: Socket Buffers: R=[42080->42080] S=[9216->9216] Jan 11 15:23:03 openvpn_1 openvpn[35912]: setsockopt(IPV6_V6ONLY=0) Jan 11 15:23:03 openvpn_1 openvpn[35912]: UDPv6 link local (bound): [AF_INET6][undef]:10011 Jan 11 15:23:03 openvpn_1 openvpn[35912]: UDPv6 link remote: [AF_UNSPEC] Jan 11 15:23:03 openvpn_1 openvpn[35912]: GID set to nobody Jan 11 15:23:03 openvpn_1 openvpn[35912]: UID set to nobody Jan 11 15:23:03 openvpn_1 openvpn[35912]: MULTI: multi_init called, r=256 v=256 Jan 11 15:23:03 openvpn_1 openvpn[35912]: IFCONFIG POOL: base=172.16.8.4 size=62, ipv6=0 Jan 11 15:23:03 openvpn_1 openvpn[35912]: ifconfig_pool_read(), in='steve.tozer,172.16.8.4', TODO: IPv6 Jan 11 15:23:03 openvpn_1 openvpn[35912]: succeeded -> ifconfig_pool_set() Jan 11 15:23:03 openvpn_1 openvpn[35912]: IFCONFIG POOL LIST Jan 11 15:23:03 openvpn_1 openvpn[35912]: steve.tozer,172.16.8.4 Jan 11 15:23:03 openvpn_1 openvpn[35912]: Initialization Sequence Completed Jan 11 15:25:03 openvpn_1 openvpn[35912]: TLS Error: cannot locate HMAC in incoming packet from [AF_INET6]::ffff:87.104.157.114:64229
Client config
Code:
client dev tun proto udp remote blank.duckdns.org 500 resolv-retry infinite nobind persist-key persist-tun ca ca.crt cert steve.tozer.crt key steve.tozer.key remote-cert-tls server cipher AES-256-CBC tls-auth ta.key 1 #dhcp-option DNS 0.0.0.0 #redirect-gateway def1 comp-lzo verb 3
Client Log's
Code:
2017-01-11 15:37:42 *Tunnelblick: Established communication with OpenVPN 2017-01-11 15:37:42 OpenVPN 2.3.12 x86_64-apple-darwin [SSL (OpenSSL)] [LZO] [PKCS11] [MH] [IPv6] built on Nov 17 2016 2017-01-11 15:37:42 library versions: OpenSSL 1.0.2j 26 Sep 2016, LZO 2.09 2017-01-11 15:37:42 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:1337 2017-01-11 15:37:42 Need hold release from management interface, waiting... 2017-01-11 15:37:42 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:1337 2017-01-11 15:37:42 MANAGEMENT: CMD 'pid' 2017-01-11 15:37:42 MANAGEMENT: CMD 'state on' 2017-01-11 15:37:42 MANAGEMENT: CMD 'state' 2017-01-11 15:37:42 MANAGEMENT: CMD 'bytecount 1' 2017-01-11 15:37:42 MANAGEMENT: CMD 'hold release' 2017-01-11 15:37:42 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 2017-01-11 15:37:42 Control Channel Authentication: using 'ta.key' as a OpenVPN static key file 2017-01-11 15:37:42 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication 2017-01-11 15:37:42 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication 2017-01-11 15:37:42 Socket Buffers: R=[196724->196724] S=[9216->9216] 2017-01-11 15:37:42 MANAGEMENT: >STATE:1484149062,RESOLVE,,, 2017-01-11 15:37:42 UDPv4 link local: [undef] 2017-01-11 15:37:42 UDPv4 link remote: [AF_INET]IPADDRESS:500 2017-01-11 15:37:42 MANAGEMENT: >STATE:1484149062,WAIT,,, 2017-01-11 15:37:42 *Tunnelblick: openvpnstart starting OpenVPN 2017-01-11 15:39:43 *Tunnelblick: Disconnecting; notification window disconnect button pressed 2017-01-11 15:39:43 *Tunnelblick: No 'pre-disconnect.sh' script to execute 2017-01-11 15:39:43 *Tunnelblick: Disconnecting using 'kill' 2017-01-11 15:39:43 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) 2017-01-11 15:39:43 TLS Error: TLS handshake failed 2017-01-11 15:39:43 SIGUSR1[soft,tls-error] received, process restarting 2017-01-11 15:39:43 MANAGEMENT: >STATE:1484149183,RECONNECTING,tls-error,, 2017-01-11 15:39:43 SIGTERM[hard,init_instance] received, process exiting 2017-01-11 15:39:43 MANAGEMENT: >STATE:1484149183,EXITING,init_instance,, 2017-01-11 15:39:43 *Tunnelblick: No 'post-disconnect.sh' script to execute 2017-01-11 15:39:43 *Tunnelblick: Expected disconnection occurred.
Thanks
Last edited: