Opened 6 years ago
Closed 5 years ago
#1053 closed Bug / Defect (worksforme)
openvpn server does not respect 'port 11194'
Reported by: | mmokrejs | Owned by: | |
---|---|---|---|
Priority: | major | Milestone: | |
Component: | Generic / unclassified | Version: | OpenVPN 2.4.4 (Community Ed) |
Severity: | Not set (select this one, unless your'e a OpenVPN developer) | Keywords: | |
Cc: |
Description
Hi,
because I run openvpn with mtu 9000 on the default port 1194 I needed to start a second instance. It runs at 11194.
Here is server.conf file:
port 11194 # I tried 'lport 11194' on the server instead of 'port 11194' but the messages did not change. dev tun proto udp resolv-retry infinite user nobody group nobody mute-replay-warnings ca keys/ca.crt cert keys/xx.crt key keys/xx.key dh keys/dh2048.pem topology subnet server 192.168.253.0 255.255.255.0 client-to-client ifconfig-pool-persist ipp.txt client-config-dir /etc/openvpn/xxs/staticclients status openvpn-status.log keepalive 10 600 cipher AES-256-CBC verb 4 explicit-exit-notify 1
Unfortunately, once the cleint connects and receives route command the connection blocks. Can I prevent openvpn server from pushing the route command to the client?
Anyway, the main issue is that client complains the server contacted it from port 1194.
Apr 14 09:38:08 info OpenVPN: OpenVPN 2.4.4 [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] Apr 14 09:38:08 info OpenVPN: Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA Apr 14 09:38:10 info OpenVPN: Outgoing Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key Apr 14 09:38:10 info OpenVPN: Outgoing Data Channel: Using 160 bit message hash 'SHA1' for HMAC authentication Apr 14 09:38:10 info OpenVPN: Incoming Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key Apr 14 09:38:10 info OpenVPN: Incoming Data Channel: Using 160 bit message hash 'SHA1' for HMAC authentication Apr 14 09:38:18 info OpenVPN: Connected to zz.zz.zz.zz! Apr 14 09:38:18 info OpenVPN: TCP/UDP: Incoming packet rejected from [AF_INET]zz.zz.zz.zz:1194[2], expected peer address: [AF_INET]zz.zz.zz.zz:11194 (allow this incoming source address/port by removing --remote or adding --float) Apr 14 09:38:25 info OpenVPN: TCP/UDP: Incoming packet rejected from [AF_INET]zz.zz.zz.zz:1194[2], expected peer address: [AF_INET]zz.zz.zz.zz:11194 (allow this incoming source address/port by removing --remote or adding --float) Apr 14 09:38:35 info OpenVPN: TCP/UDP: Incoming packet rejected from [AF_INET]zz.zz.zz.zz:1194[2], expected peer address: [AF_INET]zz.zz.zz.zz:11194 (allow this incoming source address/port by removing --remote or adding --float) Apr 14 09:38:43 info OpenVPN: event_wait : Interrupted system call (code=4) Apr 14 09:38:47 info OpenVPN: Disconnected from zz.zz.zz.zz! Apr 14 09:38:47 info OpenVPN: SIGTERM[hard,] received, process exiting
Here is the log from the server at zz.zz.zz.zz itself:
Apr 14 09:34:47 myserver openvpn[3591]: Current Parameter Settings: Apr 14 09:34:47 myserver openvpn[3591]: config = '/etc/openvpn/xx.conf' Apr 14 09:34:47 myserver openvpn[3591]: mode = 1 Apr 14 09:34:47 myserver openvpn[3591]: persist_config = DISABLED Apr 14 09:34:47 myserver openvpn[3591]: persist_mode = 1 Apr 14 09:34:47 myserver openvpn[3591]: show_ciphers = DISABLED Apr 14 09:34:47 myserver openvpn[3591]: show_digests = DISABLED Apr 14 09:34:47 myserver openvpn[3591]: show_engines = DISABLED Apr 14 09:34:47 myserver openvpn[3591]: genkey = DISABLED Apr 14 09:34:47 myserver openvpn[3591]: key_pass_file = '[UNDEF]' Apr 14 09:34:47 myserver openvpn[3591]: show_tls_ciphers = DISABLED Apr 14 09:34:47 myserver openvpn[3591]: connect_retry_max = 0 Apr 14 09:34:47 myserver openvpn[3591]: Connection profiles [0]: Apr 14 09:34:47 myserver openvpn[3591]: proto = udp Apr 14 09:34:47 myserver openvpn[3591]: local = '[UNDEF]' Apr 14 09:34:47 myserver openvpn[3591]: local_port = '11194' Apr 14 09:34:47 myserver openvpn[3591]: remote = '[UNDEF]' Apr 14 09:34:47 myserver openvpn[3591]: remote_port = '11194' Apr 14 09:34:47 myserver openvpn[3591]: remote_float = DISABLED Apr 14 09:34:47 myserver openvpn[3591]: bind_defined = DISABLED Apr 14 09:34:47 myserver openvpn[3591]: bind_local = ENABLED Apr 14 09:34:47 myserver openvpn[3591]: bind_ipv6_only = DISABLED Apr 14 09:34:47 myserver openvpn[3591]: connect_retry_seconds = 5 Apr 14 09:34:47 myserver openvpn[3591]: connect_timeout = 120 Apr 14 09:34:47 myserver openvpn[3591]: socks_proxy_server = '[UNDEF]' Apr 14 09:34:47 myserver openvpn[3591]: socks_proxy_port = '[UNDEF]' Apr 14 09:34:47 myserver openvpn[3591]: tun_mtu = 1500 Apr 14 09:34:47 myserver openvpn[3591]: tun_mtu_defined = ENABLED Apr 14 09:34:47 myserver openvpn[3591]: link_mtu = 1500 Apr 14 09:34:47 myserver openvpn[3591]: link_mtu_defined = DISABLED Apr 14 09:34:47 myserver openvpn[3591]: tun_mtu_extra = 0 Apr 14 09:34:47 myserver openvpn[3591]: tun_mtu_extra_defined = DISABLED Apr 14 09:34:47 myserver openvpn[3591]: mtu_discover_type = -1 Apr 14 09:34:47 myserver openvpn[3591]: fragment = 0 Apr 14 09:34:47 myserver openvpn[3591]: mssfix = 1450 Apr 14 09:34:47 myserver openvpn[3591]: explicit_exit_notification = 1 Apr 14 09:34:47 myserver openvpn[3591]: Connection profiles END Apr 14 09:34:47 myserver openvpn[3591]: remote_random = DISABLED Apr 14 09:34:47 myserver openvpn[3591]: ipchange = '[UNDEF]' Apr 14 09:34:47 myserver openvpn[3591]: dev = 'tun' Apr 14 09:34:47 myserver openvpn[3591]: dev_type = '[UNDEF]' Apr 14 09:34:47 myserver openvpn[3591]: dev_node = '[UNDEF]' Apr 14 09:34:47 myserver openvpn[3591]: lladdr = '[UNDEF]' Apr 14 09:34:47 myserver openvpn[3591]: topology = 3 Apr 14 09:34:47 myserver openvpn[3591]: ifconfig_local = '192.168.253.1' Apr 14 09:34:47 myserver openvpn[3591]: ifconfig_remote_netmask = '255.255.255.0' Apr 14 09:34:47 myserver openvpn[3591]: ifconfig_noexec = DISABLED Apr 14 09:34:47 myserver openvpn[3591]: ifconfig_nowarn = DISABLED Apr 14 09:34:47 myserver openvpn[3591]: ifconfig_ipv6_local = '[UNDEF]' Apr 14 09:34:47 myserver openvpn[3591]: ifconfig_ipv6_netbits = 0 Apr 14 09:34:47 myserver openvpn[3591]: ifconfig_ipv6_remote = '[UNDEF]' Apr 14 09:34:47 myserver openvpn[3591]: shaper = 0 Apr 14 09:34:47 myserver openvpn[3591]: mtu_test = 0 Apr 14 09:34:47 myserver openvpn[3591]: mlock = DISABLED Apr 14 09:34:47 myserver openvpn[3591]: keepalive_ping = 10 Apr 14 09:34:47 myserver openvpn[3591]: keepalive_timeout = 600 Apr 14 09:34:47 myserver openvpn[3591]: inactivity_timeout = 0 Apr 14 09:34:47 myserver openvpn[3591]: ping_send_timeout = 10 Apr 14 09:34:47 myserver openvpn[3591]: ping_rec_timeout = 1200 Apr 14 09:34:47 myserver openvpn[3591]: ping_rec_timeout_action = 2 Apr 14 09:34:47 myserver openvpn[3591]: ping_timer_remote = DISABLED Apr 14 09:34:47 myserver openvpn[3591]: remap_sigusr1 = 0 Apr 14 09:34:47 myserver openvpn[3591]: persist_tun = DISABLED Apr 14 09:34:47 myserver openvpn[3591]: persist_local_ip = DISABLED Apr 14 09:34:47 myserver openvpn[3591]: persist_remote_ip = DISABLED Apr 14 09:34:47 myserver openvpn[3591]: persist_key = DISABLED Apr 14 09:34:47 myserver openvpn[3591]: passtos = DISABLED Apr 14 09:34:47 myserver openvpn[3591]: resolve_retry_seconds = 1000000000 Apr 14 09:34:47 myserver openvpn[3591]: resolve_in_advance = DISABLED Apr 14 09:34:47 myserver openvpn[3591]: username = 'openvpn' Apr 14 09:34:47 myserver openvpn[3591]: groupname = 'openvpn' Apr 14 09:34:47 myserver openvpn[3591]: chroot_dir = '[UNDEF]' Apr 14 09:34:47 myserver openvpn[3591]: cd_dir = '/etc/openvpn/xx' Apr 14 09:34:47 myserver openvpn[3591]: writepid = '/var/run/openvpn.xx.pid' Apr 14 09:34:47 myserver openvpn[3591]: up_script = '[UNDEF]' Apr 14 09:34:47 myserver openvpn[3591]: down_script = '[UNDEF]' Apr 14 09:34:47 myserver openvpn[3591]: down_pre = DISABLED Apr 14 09:34:47 myserver openvpn[3591]: up_restart = DISABLED Apr 14 09:34:47 myserver openvpn[3591]: up_delay = DISABLED Apr 14 09:34:47 myserver openvpn[3591]: daemon = ENABLED Apr 14 09:34:47 myserver openvpn[3591]: inetd = 0 Apr 14 09:34:47 myserver openvpn[3591]: log = DISABLED Apr 14 09:34:47 myserver openvpn[3591]: suppress_timestamps = DISABLED Apr 14 09:34:47 myserver openvpn[3591]: machine_readable_output = DISABLED Apr 14 09:34:47 myserver openvpn[3591]: nice = 0 Apr 14 09:34:47 myserver openvpn[3591]: verbosity = 4 Apr 14 09:34:47 myserver openvpn[3591]: mute = 0 Apr 14 09:34:47 myserver openvpn[3591]: gremlin = 0 Apr 14 09:34:47 myserver openvpn[3591]: status_file = 'openvpn-status.log' Apr 14 09:34:47 myserver openvpn[3591]: status_file_version = 1 Apr 14 09:34:47 myserver openvpn[3591]: status_file_update_freq = 60 Apr 14 09:34:47 myserver openvpn[3591]: occ = ENABLED Apr 14 09:34:47 myserver openvpn[3591]: rcvbuf = 0 Apr 14 09:34:47 myserver openvpn[3591]: sndbuf = 0 Apr 14 09:34:47 myserver openvpn[3591]: mark = 0 Apr 14 09:34:47 myserver openvpn[3591]: sockflags = 0 Apr 14 09:34:47 myserver openvpn[3591]: fast_io = DISABLED Apr 14 09:34:47 myserver openvpn[3591]: comp.alg = 0 Apr 14 09:34:47 myserver openvpn[3591]: comp.flags = 0 Apr 14 09:34:47 myserver openvpn[3591]: route_script = '[UNDEF]' Apr 14 09:34:47 myserver openvpn[3591]: route_default_gateway = '192.168.253.2' Apr 14 09:34:47 myserver openvpn[3591]: route_default_metric = 0 Apr 14 09:34:47 myserver openvpn[3591]: route_noexec = DISABLED Apr 14 09:34:47 myserver openvpn[3591]: route_delay = 0 Apr 14 09:34:47 myserver openvpn[3591]: route_delay_window = 30 Apr 14 09:34:47 myserver openvpn[3591]: route_delay_defined = DISABLED Apr 14 09:34:47 myserver openvpn[3591]: route_nopull = DISABLED Apr 14 09:34:47 myserver openvpn[3591]: route_gateway_via_dhcp = DISABLED Apr 14 09:34:47 myserver openvpn[3591]: allow_pull_fqdn = DISABLED Apr 14 09:34:47 myserver openvpn[3591]: management_addr = '[UNDEF]' Apr 14 09:34:47 myserver openvpn[3591]: management_port = '[UNDEF]' Apr 14 09:34:47 myserver openvpn[3591]: management_user_pass = '[UNDEF]' Apr 14 09:34:47 myserver openvpn[3591]: management_log_history_cache = 250 Apr 14 09:34:47 myserver openvpn[3591]: management_echo_buffer_size = 100 Apr 14 09:34:47 myserver openvpn[3591]: management_write_peer_info_file = '[UNDEF]' Apr 14 09:34:47 myserver openvpn[3591]: management_client_user = '[UNDEF]' Apr 14 09:34:47 myserver openvpn[3591]: management_client_group = '[UNDEF]' Apr 14 09:34:47 myserver openvpn[3591]: management_flags = 0 Apr 14 09:34:47 myserver openvpn[3591]: shared_secret_file = '[UNDEF]' Apr 14 09:34:47 myserver openvpn[3591]: ciphername = 'AES-256-CBC' Apr 14 09:34:47 myserver openvpn[3591]: ncp_enabled = ENABLED Apr 14 09:34:47 myserver openvpn[3591]: ncp_ciphers = 'AES-256-GCM:AES-128-GCM' Apr 14 09:34:47 myserver openvpn[3591]: authname = 'SHA1' Apr 14 09:34:47 myserver openvpn[3591]: prng_hash = 'SHA1' Apr 14 09:34:47 myserver openvpn[3591]: prng_nonce_secret_len = 16 Apr 14 09:34:47 myserver openvpn[3591]: keysize = 0 Apr 14 09:34:47 myserver openvpn[3591]: engine = DISABLED Apr 14 09:34:47 myserver openvpn[3591]: replay = ENABLED Apr 14 09:34:47 myserver openvpn[3591]: mute_replay_warnings = ENABLED Apr 14 09:34:47 myserver openvpn[3591]: replay_window = 64 Apr 14 09:34:47 myserver openvpn[3591]: replay_time = 15 Apr 14 09:34:47 myserver openvpn[3591]: packet_id_file = '[UNDEF]' Apr 14 09:34:47 myserver openvpn[3591]: use_iv = ENABLED Apr 14 09:34:47 myserver openvpn[3591]: test_crypto = DISABLED Apr 14 09:34:47 myserver openvpn[3591]: tls_server = ENABLED Apr 14 09:34:47 myserver openvpn[3591]: tls_client = DISABLED Apr 14 09:34:47 myserver openvpn[3591]: key_method = 2 Apr 14 09:34:47 myserver openvpn[3591]: ca_file = 'keys/ca.crt' Apr 14 09:34:47 myserver openvpn[3591]: ca_path = '[UNDEF]' Apr 14 09:34:47 myserver openvpn[3591]: dh_file = 'keys/dh2048.pem' Apr 14 09:34:47 myserver openvpn[3591]: cert_file = 'keys/xx.crt' Apr 14 09:34:47 myserver openvpn[3591]: extra_certs_file = '[UNDEF]' Apr 14 09:34:47 myserver openvpn[3591]: priv_key_file = 'keys/xx.key' Apr 14 09:34:47 myserver openvpn[3591]: pkcs12_file = '[UNDEF]' Apr 14 09:34:47 myserver openvpn[3591]: cipher_list = '[UNDEF]' Apr 14 09:34:47 myserver openvpn[3591]: tls_verify = '[UNDEF]' Apr 14 09:34:47 myserver openvpn[3591]: tls_export_cert = '[UNDEF]' Apr 14 09:34:47 myserver openvpn[3591]: verify_x509_type = 0 Apr 14 09:34:47 myserver openvpn[3591]: verify_x509_name = '[UNDEF]' Apr 14 09:34:47 myserver openvpn[3591]: crl_file = '[UNDEF]' Apr 14 09:34:47 myserver openvpn[3591]: ns_cert_type = 0 Apr 14 09:34:47 myserver openvpn[3591]: remote_cert_ku[i] = 0 Apr 14 09:34:47 myserver openvpn[3591]: remote_cert_ku[i] = 0 Apr 14 09:34:47 myserver openvpn[3591]: remote_cert_ku[i] = 0 Apr 14 09:34:47 myserver openvpn[3591]: remote_cert_ku[i] = 0 Apr 14 09:34:47 myserver openvpn[3591]: remote_cert_ku[i] = 0 Apr 14 09:34:47 myserver openvpn[3591]: remote_cert_ku[i] = 0 Apr 14 09:34:47 myserver openvpn[3591]: remote_cert_ku[i] = 0 Apr 14 09:34:47 myserver openvpn[3591]: remote_cert_ku[i] = 0 Apr 14 09:34:47 myserver openvpn[3591]: remote_cert_ku[i] = 0 Apr 14 09:34:47 myserver openvpn[3591]: remote_cert_ku[i] = 0 Apr 14 09:34:47 myserver openvpn[3591]: remote_cert_ku[i] = 0 Apr 14 09:34:47 myserver openvpn[3591]: remote_cert_ku[i] = 0 Apr 14 09:34:47 myserver openvpn[3591]: remote_cert_ku[i] = 0 Apr 14 09:34:47 myserver openvpn[3591]: remote_cert_ku[i] = 0 Apr 14 09:34:47 myserver openvpn[3591]: remote_cert_ku[i] = 0 Apr 14 09:34:47 myserver openvpn[3591]: remote_cert_ku[i] = 0 Apr 14 09:34:47 myserver openvpn[3591]: remote_cert_eku = '[UNDEF]' Apr 14 09:34:47 myserver openvpn[3591]: ssl_flags = 0 Apr 14 09:34:47 myserver openvpn[3591]: tls_timeout = 2 Apr 14 09:34:47 myserver openvpn[3591]: renegotiate_bytes = -1 Apr 14 09:34:47 myserver openvpn[3591]: renegotiate_packets = 0 Apr 14 09:34:47 myserver openvpn[3591]: renegotiate_seconds = 3600 Apr 14 09:34:47 myserver openvpn[3591]: handshake_window = 60 Apr 14 09:34:47 myserver openvpn[3591]: transition_window = 3600 Apr 14 09:34:47 myserver openvpn[3591]: single_session = DISABLED Apr 14 09:34:47 myserver openvpn[3591]: push_peer_info = DISABLED Apr 14 09:34:47 myserver openvpn[3591]: tls_exit = DISABLED Apr 14 09:34:47 myserver openvpn[3591]: tls_auth_file = '[UNDEF]' Apr 14 09:34:47 myserver openvpn[3591]: tls_crypt_file = '[UNDEF]' Apr 14 09:34:47 myserver openvpn[3591]: server_network = 192.168.253.0 Apr 14 09:34:47 myserver openvpn[3591]: server_netmask = 255.255.255.0 Apr 14 09:34:47 myserver openvpn[3591]: server_network_ipv6 = :: Apr 14 09:34:47 myserver openvpn[3591]: server_netbits_ipv6 = 0 Apr 14 09:34:47 myserver openvpn[3591]: server_bridge_ip = 0.0.0.0 Apr 14 09:34:47 myserver openvpn[3591]: server_bridge_netmask = 0.0.0.0 Apr 14 09:34:47 myserver openvpn[3591]: server_bridge_pool_start = 0.0.0.0 Apr 14 09:34:47 myserver openvpn[3591]: server_bridge_pool_end = 0.0.0.0 Apr 14 09:34:47 myserver openvpn[3591]: push_entry = 'route-gateway 192.168.253.1' Apr 14 09:34:47 myserver openvpn[3591]: push_entry = 'topology subnet' Apr 14 09:34:47 myserver openvpn[3591]: push_entry = 'ping 10' Apr 14 09:34:47 myserver openvpn[3591]: push_entry = 'ping-restart 600' Apr 14 09:34:47 myserver openvpn[3591]: ifconfig_pool_defined = ENABLED Apr 14 09:34:47 myserver openvpn[3591]: ifconfig_pool_start = 192.168.253.2 Apr 14 09:34:47 myserver openvpn[3591]: ifconfig_pool_end = 192.168.253.253 Apr 14 09:34:47 myserver openvpn[3591]: ifconfig_pool_netmask = 255.255.255.0 Apr 14 09:34:47 myserver openvpn[3591]: ifconfig_pool_persist_filename = 'ipp.txt' Apr 14 09:34:47 myserver openvpn[3591]: ifconfig_pool_persist_refresh_freq = 600 Apr 14 09:34:47 myserver openvpn[3591]: ifconfig_ipv6_pool_defined = DISABLED Apr 14 09:34:47 myserver openvpn[3591]: ifconfig_ipv6_pool_base = :: Apr 14 09:34:47 myserver openvpn[3591]: ifconfig_ipv6_pool_netbits = 0 Apr 14 09:34:47 myserver openvpn[3591]: n_bcast_buf = 256 Apr 14 09:34:47 myserver openvpn[3591]: tcp_queue_limit = 64 Apr 14 09:34:47 myserver openvpn[3591]: real_hash_size = 256 Apr 14 09:34:47 myserver openvpn[3591]: virtual_hash_size = 256 Apr 14 09:34:47 myserver openvpn[3591]: client_connect_script = '[UNDEF]' Apr 14 09:34:47 myserver openvpn[3591]: learn_address_script = '[UNDEF]' Apr 14 09:34:47 myserver openvpn[3591]: client_disconnect_script = '[UNDEF]' Apr 14 09:34:47 myserver openvpn[3591]: client_config_dir = '/etc/openvpn/xx/staticclients' Apr 14 09:34:47 myserver openvpn[3591]: ccd_exclusive = DISABLED Apr 14 09:34:47 myserver openvpn[3591]: tmp_dir = '/tmp' Apr 14 09:34:47 myserver openvpn[3591]: push_ifconfig_defined = DISABLED Apr 14 09:34:47 myserver openvpn[3591]: push_ifconfig_local = 0.0.0.0 Apr 14 09:34:47 myserver openvpn[3591]: push_ifconfig_remote_netmask = 0.0.0.0 Apr 14 09:34:47 myserver openvpn[3591]: push_ifconfig_ipv6_defined = DISABLED Apr 14 09:34:47 myserver openvpn[3591]: push_ifconfig_ipv6_local = ::/0 Apr 14 09:34:47 myserver openvpn[3591]: push_ifconfig_ipv6_remote = :: Apr 14 09:34:47 myserver openvpn[3591]: enable_c2c = ENABLED Apr 14 09:34:47 myserver openvpn[3591]: duplicate_cn = DISABLED Apr 14 09:34:47 myserver openvpn[3591]: cf_max = 0 Apr 14 09:34:47 myserver openvpn[3591]: cf_per = 0 Apr 14 09:34:47 myserver openvpn[3591]: max_clients = 1024 Apr 14 09:34:47 myserver openvpn[3591]: max_routes_per_client = 256 Apr 14 09:34:47 myserver openvpn[3591]: auth_user_pass_verify_script = '[UNDEF]' Apr 14 09:34:47 myserver openvpn[3591]: auth_user_pass_verify_script_via_file = DISABLED Apr 14 09:34:47 myserver openvpn[3591]: auth_token_generate = DISABLED Apr 14 09:34:47 myserver openvpn[3591]: auth_token_lifetime = 0 Apr 14 09:34:47 myserver openvpn[3591]: port_share_host = '[UNDEF]' Apr 14 09:34:47 myserver openvpn[3591]: port_share_port = '[UNDEF]' Apr 14 09:34:47 myserver openvpn[3591]: client = DISABLED Apr 14 09:34:47 myserver openvpn[3591]: pull = DISABLED Apr 14 09:34:47 myserver openvpn[3591]: auth_user_pass_file = '[UNDEF]' Apr 14 09:34:47 myserver openvpn[3591]: OpenVPN 2.4.4 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH/PKTINFO] [AEAD] built on Jan 12 2018 Apr 14 09:34:47 myserver openvpn[3591]: library versions: OpenSSL 1.0.2o 27 Mar 2018, LZO 2.10 Apr 14 09:34:47 myserver openvpn[3592]: WARNING: you are using user/group/chroot/setcon without persist-tun -- this may cause restarts to fail Apr 14 09:34:47 myserver openvpn[3592]: WARNING: you are using user/group/chroot/setcon without persist-key -- this may cause restarts to fail Apr 14 09:34:47 myserver openvpn[3592]: Diffie-Hellman initialized with 2048 bit key Apr 14 09:34:47 myserver openvpn[3592]: TLS-Auth MTU parms [ L:1621 D:1212 EF:38 EB:0 ET:0 EL:3 ] Apr 14 09:34:47 myserver openvpn[3592]: TUN/TAP device tun1 opened Apr 14 09:34:47 myserver openvpn[3592]: TUN/TAP TX queue length set to 100 Apr 14 09:34:47 myserver openvpn[3592]: do_ifconfig, tt->did_ifconfig_ipv6_setup=0 Apr 14 09:34:47 myserver openvpn[3592]: /bin/ifconfig tun1 192.168.253.1 netmask 255.255.255.0 mtu 1500 broadcast 192.168.253.255 Apr 14 09:34:47 myserver openvpn[3592]: Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ] Apr 14 09:34:47 myserver openvpn[3592]: Could not determine IPv4/IPv6 protocol. Using AF_INET Apr 14 09:34:47 myserver openvpn[3592]: Socket Buffers: R=[212992->212992] S=[212992->212992] Apr 14 09:34:47 myserver openvpn[3592]: UDPv4 link local (bound): [AF_INET][undef]:11194 Apr 14 09:34:47 myserver openvpn[3592]: UDPv4 link remote: [AF_UNSPEC] Apr 14 09:34:47 myserver openvpn[3592]: GID set to openvpn Apr 14 09:34:47 myserver openvpn[3592]: UID set to openvpn Apr 14 09:34:47 myserver openvpn[3592]: MULTI: multi_init called, r=256 v=256 Apr 14 09:34:47 myserver openvpn[3592]: IFCONFIG POOL: base=192.168.253.2 size=252, ipv6=0 Apr 14 09:34:47 myserver openvpn[3592]: ifconfig_pool_read(), in='xx,192.168.253.2', TODO: IPv6 Apr 14 09:34:47 myserver openvpn[3592]: succeeded -> ifconfig_pool_set() Apr 14 09:34:47 myserver openvpn[3592]: IFCONFIG POOL LIST Apr 14 09:34:47 myserver openvpn[3592]: xx,192.168.253.2 Apr 14 09:34:47 myserver openvpn[3592]: Initialization Sequence Completed Apr 14 09:38:09 myserver openvpn[3592]: MULTI: multi_create_instance called Apr 14 09:38:09 myserver openvpn[3592]: xx.xx.xx.xx:33093 Re-using SSL/TLS context Apr 14 09:38:09 myserver openvpn[3592]: xx.xx.xx.xx:33093 Control Channel MTU parms [ L:1621 D:1212 EF:38 EB:0 ET:0 EL:3 ] Apr 14 09:38:09 myserver openvpn[3592]: xx.xx.xx.xx:33093 Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ] Apr 14 09:38:09 myserver openvpn[3592]: xx.xx.xx.xx:33093 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1557,tun-mtu 1500,proto UDPv4,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-server' Apr 14 09:38:09 myserver openvpn[3592]: xx.xx.xx.xx:33093 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1557,tun-mtu 1500,proto UDPv4,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-client' Apr 14 09:38:09 myserver openvpn[3592]: xx.xx.xx.xx:33093 TLS: Initial packet from [AF_INET]xx.xx.xx.xx:33093, sid=a9386b3f eb16c625 Apr 14 09:38:09 myserver openvpn[3592]: xx.xx.xx.xx:33093 VERIFY OK: depth=1, C=CZ, ST=CZ, L=ee, O=qq qq, CN=qq qq, emailAddress=aa@xx Apr 14 09:38:09 myserver openvpn[3592]: xx.xx.xx.xx:33093 VERIFY OK: depth=0, C=CZ, ST=CZ, L=xx, CN=xx, emailAddress=aa@xx Apr 14 09:38:09 myserver openvpn[3592]: xx.xx.xx.xx:33093 peer info: IV_VER=2.4.4 Apr 14 09:38:09 myserver openvpn[3592]: xx.xx.xx.xx:33093 peer info: IV_PLAT=linux Apr 14 09:38:09 myserver openvpn[3592]: xx.xx.xx.xx:33093 peer info: IV_PROTO=2 Apr 14 09:38:09 myserver openvpn[3592]: xx.xx.xx.xx:33093 peer info: IV_LZ4=1 Apr 14 09:38:09 myserver openvpn[3592]: xx.xx.xx.xx:33093 peer info: IV_LZ4v2=1 Apr 14 09:38:09 myserver openvpn[3592]: xx.xx.xx.xx:33093 peer info: IV_LZO=1 Apr 14 09:38:09 myserver openvpn[3592]: xx.xx.xx.xx:33093 peer info: IV_COMP_STUB=1 Apr 14 09:38:09 myserver openvpn[3592]: xx.xx.xx.xx:33093 peer info: IV_COMP_STUBv2=1 Apr 14 09:38:09 myserver openvpn[3592]: xx.xx.xx.xx:33093 peer info: IV_TCPNL=1 Apr 14 09:38:09 myserver openvpn[3592]: xx.xx.xx.xx:33093 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1557', remote='link-mtu 1521' Apr 14 09:38:09 myserver openvpn[3592]: xx.xx.xx.xx:33093 WARNING: 'tun-mtu' is used inconsistently, local='tun-mtu 1500', remote='tun-mtu 1464' Apr 14 09:38:09 myserver openvpn[3592]: xx.xx.xx.xx:33093 Outgoing Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key Apr 14 09:38:09 myserver openvpn[3592]: xx.xx.xx.xx:33093 Outgoing Data Channel: Using 160 bit message hash 'SHA1' for HMAC authentication Apr 14 09:38:09 myserver openvpn[3592]: xx.xx.xx.xx:33093 Incoming Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key Apr 14 09:38:09 myserver openvpn[3592]: xx.xx.xx.xx:33093 Incoming Data Channel: Using 160 bit message hash 'SHA1' for HMAC authentication Apr 14 09:38:09 myserver openvpn[3592]: xx.xx.xx.xx:33093 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA Apr 14 09:38:09 myserver openvpn[3592]: xx.xx.xx.xx:33093 [xx] Peer Connection Initiated with [AF_INET]xx.xx.xx.xx:33093 Apr 14 09:38:09 myserver openvpn[3592]: xx/xx.xx.xx.xx:33093 MULTI_sva: pool returned IPv4=192.168.253.2, IPv6=(Not enabled) Apr 14 09:38:09 myserver openvpn[3592]: xx/xx.xx.xx.xx:33093 MULTI: Learn: 192.168.253.2 -> xx/xx.xx.xx.xx:33093 Apr 14 09:38:09 myserver openvpn[3592]: xx/xx.xx.xx.xx:33093 MULTI: primary virtual IP for xx/xx.xx.xx.xx:33093: 192.168.253.2 Apr 14 09:38:10 myserver openvpn[3592]: xx/xx.xx.xx.xx:33093 PUSH: Received control message: 'PUSH_REQUEST' Apr 14 09:38:10 myserver openvpn[3592]: xx/xx.xx.xx.xx:33093 SENT CONTROL [xx]: 'PUSH_REPLY,route-gateway 192.168.253.1,topology subnet,ping 10,ping-restart 600,ifconfig 192.168.253.2 255.255.255.0,peer-id 0' (status=1)
Change History (2)
comment:1 Changed 6 years ago by
comment:2 Changed 5 years ago by
Resolution: | → worksforme |
---|---|
Status: | new → closed |
We haven't been able to reproduce this so far. Please re-open this ticket if the issue should persist.
Note: See
TracTickets for help on using
tickets.
Are you connecting to both instances from the same client at the same time? Or this happens also when connecting to port 11194 only?