Aufgabe:¶
Ich versuche, bevor ich mit der fritzbox einen vpn-Zugang einrichte(zweitbester Weg), einen openvpn-Zugang einzurichten. Dies ist mir leider nach der Anleitung hier im Wiki zunächst nicht gelungen. Windows und Linux-PC aus einem Netz mit eigener WAN-IP sollen als openvpn-Clients Zugang zu einem anderen LAN mit ebenfalls eigener WAN-IP bekommen. Dort sollen die Windows und Linux-openvpn-Clients Zugang zu Sambafreigaben, Fritzfax übers Netzwerk, mysql-Datenbanken die nur im dortigen LAN angeboten werden erhalten.
Beim ersten Versuch habe ich mich zunächst per ssh im LAN des openvpn-Servers lokal verbinden können. Dies gelingt nun nicht mehr. Anschließend ist es mir ebenfalls nicht gelungen auch ins Internet zu kommen.
Ich hoffe Ihr könnt mir helfen. Vielen Dank im Voraus!
Netzwerkumgebung des openvpn-servers:¶
Router | 192.168.178.1 |
openvpn-Zugang | 192.168.178.25 |
Server hat eigene dyndns-domain und ist per cname mit de-Domain verbunden.
Fritzbox-Einstellungen:¶
Statische IPv4-Routing-Tabelle
Aktiv | Netzwerk | Subnetzmaske | Gateway |
10.8.0.0 | 255.255.255.0 | 192.168.178.25 |
Portweiterleitung 1194 (UDP) an 192.168.178.25
openvpn-Server-Einstellungen¶
server.conf
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 | cat /etc/openvpn/subdomain.domain.tld.conf | grep -v '^#'| grep -v '^;' | grep -v '^$'|less port 1194 proto udp dev tun ca ./easy-rsa2/keys/ca.crt cert ./easy-rsa2/keys/subdomain.domain.tld.crt key ./easy-rsa2/keys/subdomain.domain.tld.key # This file should be kept secret dh ./easy-rsa2/keys/dh1024.pem server 10.8.0.0 255.255.255.0 ifconfig-pool-persist ipp.txt push "route 192.168.178.0 255.255.255.0" push "dhcp-option DNS 8.8.8.8" keepalive 10 120 comp-lzo group nogroup group nogroup persist-key persist-tun status openvpn-status.log verb 3 |
/etc/openvpn/easy-rsa2/vars
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 | cat /etc/openvpn/easy-rsa2/vars | grep -v '^#'| grep -v '^;' | grep -v '^$'|less export EASY_RSA="`pwd`" export OPENSSL="openssl" export PKCS11TOOL="pkcs11-tool" export GREP="grep" export KEY_CONFIG=`$EASY_RSA/whichopensslcnf $EASY_RSA` export KEY_DIR="$EASY_RSA/keys" echo NOTE: If you run ./clean-all, I will be doing a rm -rf on $KEY_DIR export PKCS11_MODULE_PATH="dummy" export PKCS11_PIN="dummy" export KEY_SIZE=1024 export CA_EXPIRE=3650 export KEY_EXPIRE=3650 export KEY_COUNTRY="DE" export KEY_PROVINCE="NRW" export KEY_CITY="Stadt in NRW" export KEY_ORG="Example Company" export KEY_EMAIL="username@gmail.com" export KEY_EMAIL=username@gmail.com export KEY_CN=subdomain.domain.tld export KEY_NAME=subdomain.domain.tld export KEY_OU=subdomain.domain.tld export PKCS11_MODULE_PATH=changeme export PKCS11_PIN=1234 |
/etc/sysctl.conf
1 2 | cat /etc/sysctl.conf | grep -v '^#'| grep -v '^;' | grep -v '^$'|less net.ipv4.ip_forward=1 |
openvpn-Client-Einstellungen¶
/etc/openvpn/client.conf
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 | cat /etc/openvpn/client.conf | grep -v '^#'| grep -v '^;' | grep -v '^$'|less client dev tun proto udp remote subdomain.domain.tld 1194 resolv-retry infinite nobind persist-key persist-tun ca ca.crt cert ersterclient.crt key ersterclient.key ns-cert-type server comp-lzo verb 3 |
/etc/default/openvpn
1 2 3 4 | cat /etc/default/openvpn | grep -v '^#'| grep -v '^;' | grep -v '^$'|less AUTOSTART="none" OPTARGS="" OMIT_SENDSIGS=0 |
Installationsdokumentation und logs¶
bash-Historie¶
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 | sudo apt-get install openvpn easy-rsa sudo cp /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz /etc/openvpn/ sudo gunzip /etc/openvpn/server.conf.gz sudo cp -r /usr/share/easy-rsa /etc/openvpn/easy-rsa2 cd /etc/openvpn/easy-rsa2/ sudo cp vars vars.bak sudo vi vars sudo mkdir keys sudo cp openssl-1.0.0.cnf openssl.cnf source ./vars sudo -E ./clean-all sudo -E ./build-ca sudo -E ./build-key-server subdomain.domain.tld sudo -E ./build-key-pass ersterclient sudo -E ./build-dh sudo cp server.conf server.conf.bak sudo mv server.conf subdomain.domain.tld.conf sudo vi subdomain.domain.tld.conf sudo vi /etc/sysctl.conf sudo service openvpn restart wget -qO- http://ipecho.net/plain ; echo |
/var/log/syslog
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 | Aug 26 22:34:07 ahostname ovpn-server[3957]: OpenVPN 2.3.2 i686-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6] built on Jul 12 2013 Aug 26 22:34:07 ahostname ovpn-server[3957]: Diffie-Hellman initialized with 1024 bit key Aug 26 22:34:07 ahostname ovpn-server[3957]: Socket Buffers: R=[163840->131072] S=[163840->131072] Aug 26 22:34:07 ahostname ovpn-server[3957]: ROUTE_GATEWAY 192.168.178.1/255.255.255.0 IFACE=eth0 HWADDR=XX:XX:XX:XX:XX:XX Aug 26 22:34:07 ahostname ovpn-server[3957]: TUN/TAP device tun0 opened Aug 26 22:34:07 ahostname ovpn-server[3957]: TUN/TAP TX queue length set to 100 Aug 26 22:34:07 ahostname ovpn-server[3957]: do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0 Aug 26 22:34:07 ahostname ovpn-server[3957]: /sbin/ip link set dev tun0 up mtu 1500 Aug 26 22:34:07 ahostname ovpn-server[3957]: /sbin/ip addr add dev tun0 local 10.8.0.1 peer 10.8.0.2 Aug 26 22:34:07 ahostname ovpn-server[3957]: /sbin/ip route add 10.8.0.0/24 via 10.8.0.2 Aug 26 22:34:07 ahostname ovpn-server[3963]: GID set to nogroup Aug 26 22:34:07 ahostname ovpn-server[3963]: UDPv4 link local (bound): [undef] Aug 26 22:34:07 ahostname ovpn-server[3963]: UDPv4 link remote: [undef] Aug 26 22:34:07 ahostname ovpn-server[3963]: MULTI: multi_init called, r=256 v=256 Aug 26 22:34:07 ahostname ovpn-server[3963]: IFCONFIG POOL: base=10.8.0.4 size=62, ipv6=0 Aug 26 22:34:07 ahostname ovpn-server[3963]: IFCONFIG POOL LIST Aug 26 22:34:07 ahostname ovpn-server[3963]: Initialization Sequence Completed Aug 26 22:34:07 ahostname NetworkManager[665]: <warn> /sys/devices/virtual/net/tun0: couldn't determine device driver; ignoring... Aug 26 22:34:07 ahostname NetworkManager[665]: SCPlugin-Ifupdown: devices added (path: /sys/devices/virtual/net/tun0, iface: tun0) Aug 26 22:34:07 ahostname NetworkManager[665]: SCPlugin-Ifupdown: device added (path: /sys/devices/virtual/net/tun0, iface: tun0): no ifupdown configuration found. Aug 26 22:36:10 ahostname ovpn-server[3963]: event_wait : Interrupted system call (code=4) Aug 26 22:36:10 ahostname ovpn-server[3963]: /sbin/ip route del 10.8.0.0/24 Aug 26 22:36:10 ahostname ovpn-server[3963]: Closing TUN/TAP interface Aug 26 22:36:10 ahostname ovpn-server[3963]: /sbin/ip addr del dev tun0 local 10.8.0.1 peer 10.8.0.2 Aug 26 22:36:10 ahostname avahi-daemon[416]: Withdrawing workstation service for tun0. Aug 26 22:36:10 ahostname NetworkManager[665]: SCPlugin-Ifupdown: devices removed (path: /sys/devices/virtual/net/tun0, iface: tun0) Aug 26 22:36:10 ahostname ovpn-server[3963]: SIGTERM[hard,] received, process exiting Aug 26 22:36:11 ahostname ovpn-server[4012]: OpenVPN 2.3.2 i686-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6] built on Jul 12 2013 Aug 26 22:36:11 ahostname ovpn-server[4012]: Diffie-Hellman initialized with 1024 bit key Aug 26 22:36:11 ahostname ovpn-server[4012]: Socket Buffers: R=[163840->131072] S=[163840->131072] Aug 26 22:36:11 ahostname ovpn-server[4012]: ROUTE_GATEWAY 192.168.178.1/255.255.255.0 IFACE=eth0 HWADDR=XX:XX:XX:XX:XX:XX Aug 26 22:36:11 ahostname NetworkManager[665]: SCPlugin-Ifupdown: devices added (path: /sys/devices/virtual/net/tun0, iface: tun0) Aug 26 22:36:11 ahostname NetworkManager[665]: SCPlugin-Ifupdown: device added (path: /sys/devices/virtual/net/tun0, iface: tun0): no ifupdown configuration found. Aug 26 22:36:11 ahostname NetworkManager[665]: <warn> /sys/devices/virtual/net/tun0: couldn't determine device driver; ignoring... Aug 26 22:36:11 ahostname ovpn-server[4012]: TUN/TAP device tun0 opened Aug 26 22:36:11 ahostname ovpn-server[4012]: TUN/TAP TX queue length set to 100 Aug 26 22:36:11 ahostname ovpn-server[4012]: do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0 Aug 26 22:36:11 ahostname ovpn-server[4012]: /sbin/ip link set dev tun0 up mtu 1500 Aug 26 22:36:11 ahostname ovpn-server[4012]: /sbin/ip addr add dev tun0 local 10.8.0.1 peer 10.8.0.2 Aug 26 22:36:11 ahostname ovpn-server[4012]: /sbin/ip route add 10.8.0.0/24 via 10.8.0.2 Aug 26 22:36:11 ahostname ovpn-server[4021]: GID set to nogroup Aug 26 22:36:11 ahostname ovpn-server[4021]: UDPv4 link local (bound): [undef] Aug 26 22:36:11 ahostname ovpn-server[4021]: UDPv4 link remote: [undef] Aug 26 22:36:11 ahostname ovpn-server[4021]: MULTI: multi_init called, r=256 v=256 Aug 26 22:36:11 ahostname ovpn-server[4021]: IFCONFIG POOL: base=10.8.0.4 size=62, ipv6=0 Aug 26 22:36:11 ahostname ovpn-server[4021]: IFCONFIG POOL LIST Aug 26 22:36:11 ahostname ovpn-server[4021]: Initialization Sequence Completed Aug 26 23:01:52 ahostname ovpn-server[4021]: 93.221.166.135:40405 TLS: Initial packet from [AF_INET]93.221.166.135:40405, sid=6672aead 06c77930 Aug 26 23:01:52 ahostname ovpn-server[4021]: 93.221.166.135:40405 VERIFY OK: depth=1, C=DE, ST=NRW, L=Beispielstadt, O=Example Company, OU=subdomain.domain.tld.net, CN=subdomain.domain.tld.net, name=subdomain.domain.tld.net, emailAddress=username@gmail.com Aug 26 23:01:52 ahostname ovpn-server[4021]: 93.221.166.135:40405 VERIFY OK: depth=0, C=DE, ST=NRW, L=Beispielstadt, O=Example Company, OU=subdomain.domain.tld.net, CN=ersterclient, name=subdomain.domain.tld.net, emailAddress=username@gmail.com Aug 26 23:01:53 ahostname ovpn-server[4021]: 93.221.166.135:40405 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Aug 26 23:01:53 ahostname ovpn-server[4021]: 93.221.166.135:40405 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Aug 26 23:01:53 ahostname ovpn-server[4021]: 93.221.166.135:40405 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Aug 26 23:01:53 ahostname ovpn-server[4021]: 93.221.166.135:40405 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Aug 26 23:01:53 ahostname ovpn-server[4021]: 93.221.166.135:40405 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA Aug 26 23:01:53 ahostname ovpn-server[4021]: 93.221.166.135:40405 [ersterclient] Peer Connection Initiated with [AF_INET]93.221.166.135:40405 Aug 26 23:01:53 ahostname ovpn-server[4021]: ersterclient/93.221.166.135:40405 MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=(Not enabled) Aug 26 23:01:53 ahostname ovpn-server[4021]: ersterclient/93.221.166.135:40405 MULTI: Learn: 10.8.0.6 -> ersterclient/93.221.166.135:40405 Aug 26 23:01:53 ahostname ovpn-server[4021]: ersterclient/93.221.166.135:40405 MULTI: primary virtual IP for ersterclient/93.221.166.135:40405: 10.8.0.6 Aug 26 23:01:55 ahostname ovpn-server[4021]: ersterclient/93.221.166.135:40405 PUSH: Received control message: 'PUSH_REQUEST' Aug 26 23:01:55 ahostname ovpn-server[4021]: ersterclient/93.221.166.135:40405 send_push_reply(): safe_cap=940 Aug 26 23:01:55 ahostname ovpn-server[4021]: ersterclient/93.221.166.135:40405 SENT CONTROL [ersterclient]: 'PUSH_REPLY,route 192.168.178.0 255.255.255.0,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' (status=1) Aug 26 23:03:45 ahostname ovpn-server[4021]: 93.221.166.135:48058 TLS: Initial packet from [AF_INET]93.221.166.135:48058, sid=ab9134e7 d955eaaf Aug 26 23:04:45 ahostname ovpn-server[4021]: 93.221.166.135:48058 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) Aug 26 23:04:45 ahostname ovpn-server[4021]: 93.221.166.135:48058 TLS Error: TLS handshake failed Aug 26 23:04:45 ahostname ovpn-server[4021]: 93.221.166.135:48058 SIGUSR1[soft,tls-error] received, client-instance restarting Aug 26 23:04:48 ahostname ovpn-server[4021]: 93.221.166.135:54050 TLS: Initial packet from [AF_INET]93.221.166.135:54050, sid=8cc05af1 fea55f17 Aug 26 23:05:48 ahostname ovpn-server[4021]: 93.221.166.135:54050 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) Aug 26 23:05:48 ahostname ovpn-server[4021]: 93.221.166.135:54050 TLS Error: TLS handshake failed Aug 26 23:05:48 ahostname ovpn-server[4021]: 93.221.166.135:54050 SIGUSR1[soft,tls-error] received, client-instance restarting Aug 26 23:05:51 ahostname ovpn-server[4021]: 93.221.166.135:55766 TLS: Initial packet from [AF_INET]93.221.166.135:55766, sid=8b3976a3 40e75101 Aug 26 23:06:51 ahostname ovpn-server[4021]: 93.221.166.135:55766 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) Aug 26 23:06:51 ahostname ovpn-server[4021]: 93.221.166.135:55766 TLS Error: TLS handshake failed Aug 26 23:06:51 ahostname ovpn-server[4021]: 93.221.166.135:55766 SIGUSR1[soft,tls-error] received, client-instance restarting Aug 26 23:06:53 ahostname ovpn-server[4021]: 93.221.166.135:34980 TLS: Initial packet from [AF_INET]93.221.166.135:34980, sid=34ed36a5 1e537a9d Aug 26 23:07:53 ahostname ovpn-server[4021]: 93.221.166.135:34980 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) Aug 26 23:07:53 ahostname ovpn-server[4021]: 93.221.166.135:34980 TLS Error: TLS handshake failed Aug 26 23:07:53 ahostname ovpn-server[4021]: 93.221.166.135:34980 SIGUSR1[soft,tls-error] received, client-instance restarting Aug 26 23:07:55 ahostname ovpn-server[4021]: 93.221.166.135:59439 TLS: Initial packet from [AF_INET]93.221.166.135:59439, sid=d56edfa5 9271047d Aug 26 23:08:55 ahostname ovpn-server[4021]: 93.221.166.135:59439 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) Aug 26 23:08:55 ahostname ovpn-server[4021]: 93.221.166.135:59439 TLS Error: TLS handshake failed Aug 26 23:08:55 ahostname ovpn-server[4021]: 93.221.166.135:59439 SIGUSR1[soft,tls-error] received, client-instance restarting Aug 26 23:08:57 ahostname ovpn-server[4021]: 93.221.166.135:49183 TLS: Initial packet from [AF_INET]93.221.166.135:49183, sid=f983440c 2fb73211 Aug 26 23:09:57 ahostname ovpn-server[4021]: 93.221.166.135:49183 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) Aug 26 23:09:57 ahostname ovpn-server[4021]: 93.221.166.135:49183 TLS Error: TLS handshake failed Aug 26 23:09:57 ahostname ovpn-server[4021]: 93.221.166.135:49183 SIGUSR1[soft,tls-error] received, client-instance restarting Aug 26 23:15:39 ahostname ovpn-server[4021]: ersterclient/93.221.166.135:40405 [ersterclient] Inactivity timeout (--ping-restart), restarting Aug 26 23:15:39 ahostname ovpn-server[4021]: ersterclient/93.221.166.135:40405 SIGUSR1[soft,ping-restart] received, client-instance restarting Aug 26 23:17:01 ahostname CRON[4228]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly) Aug 26 23:38:57 ahostname ovpn-server[4021]: 93.221.166.135:63171 TLS: Initial packet from [AF_INET]93.221.166.135:63171, sid=2191e36a 5abfe234 Aug 26 23:38:58 ahostname ovpn-server[4021]: 93.221.166.135:63171 VERIFY OK: depth=1, C=DE, ST=NRW, L=Beispielstadt, O=Example Company, OU=subdomain.domain.tld.net, CN=subdomain.domain.tld.net, name=subdomain.domain.tld.net, emailAddress=username@gmail.com Aug 26 23:38:58 ahostname ovpn-server[4021]: 93.221.166.135:63171 VERIFY OK: depth=0, C=DE, ST=NRW, L=Beispielstadt, O=Example Company, OU=subdomain.domain.tld.net, CN=ersterclient, name=subdomain.domain.tld.net, emailAddress=username@gmail.com Aug 26 23:38:58 ahostname ovpn-server[4021]: 93.221.166.135:63171 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Aug 26 23:38:58 ahostname ovpn-server[4021]: 93.221.166.135:63171 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Aug 26 23:38:58 ahostname ovpn-server[4021]: 93.221.166.135:63171 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Aug 26 23:38:58 ahostname ovpn-server[4021]: 93.221.166.135:63171 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Aug 26 23:38:58 ahostname ovpn-server[4021]: 93.221.166.135:63171 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA Aug 26 23:38:58 ahostname ovpn-server[4021]: 93.221.166.135:63171 [ersterclient] Peer Connection Initiated with [AF_INET]93.221.166.135:63171 Aug 26 23:38:58 ahostname ovpn-server[4021]: ersterclient/93.221.166.135:63171 MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=(Not enabled) Aug 26 23:38:58 ahostname ovpn-server[4021]: ersterclient/93.221.166.135:63171 MULTI: Learn: 10.8.0.6 -> ersterclient/93.221.166.135:63171 Aug 26 23:38:58 ahostname ovpn-server[4021]: ersterclient/93.221.166.135:63171 MULTI: primary virtual IP for ersterclient/93.221.166.135:63171: 10.8.0.6 Aug 26 23:39:00 ahostname ovpn-server[4021]: ersterclient/93.221.166.135:63171 PUSH: Received control message: 'PUSH_REQUEST' Aug 26 23:39:00 ahostname ovpn-server[4021]: ersterclient/93.221.166.135:63171 send_push_reply(): safe_cap=940 Aug 26 23:39:00 ahostname ovpn-server[4021]: ersterclient/93.221.166.135:63171 SENT CONTROL [ersterclient]: 'PUSH_REPLY,route 192.168.178.0 255.255.255.0,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' (status=1) Aug 27 00:06:45 ahostname ovpn-server[4021]: event_wait : Interrupted system call (code=4) Aug 27 00:06:45 ahostname ovpn-server[4021]: /sbin/ip route del 10.8.0.0/24 Aug 27 00:06:45 ahostname ovpn-server[4021]: Closing TUN/TAP interface Aug 27 00:06:45 ahostname ovpn-server[4021]: /sbin/ip addr del dev tun0 local 10.8.0.1 peer 10.8.0.2 Aug 27 00:06:45 ahostname avahi-daemon[416]: Withdrawing workstation service for tun0. Aug 27 00:06:45 ahostname NetworkManager[665]: SCPlugin-Ifupdown: devices removed (path: /sys/devices/virtual/net/tun0, iface: tun0) Aug 27 00:06:45 ahostname ovpn-server[4021]: SIGTERM[hard,] received, process exiting Aug 27 00:06:46 ahostname ovpn-server[4468]: OpenVPN 2.3.2 i686-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6] built on Jul 12 2013 Aug 27 00:06:46 ahostname ovpn-server[4468]: Diffie-Hellman initialized with 1024 bit key Aug 27 00:06:46 ahostname ovpn-server[4468]: Socket Buffers: R=[163840->131072] S=[163840->131072] Aug 27 00:06:46 ahostname ovpn-server[4468]: ROUTE_GATEWAY 192.168.178.1/255.255.255.0 IFACE=eth0 HWADDR=XX:XX:XX:XX:XX:XX Aug 27 00:06:46 ahostname NetworkManager[665]: SCPlugin-Ifupdown: devices added (path: /sys/devices/virtual/net/tun0, iface: tun0) Aug 27 00:06:46 ahostname NetworkManager[665]: SCPlugin-Ifupdown: device added (path: /sys/devices/virtual/net/tun0, iface: tun0): no ifupdown configuration found. Aug 27 00:06:46 ahostname NetworkManager[665]: <warn> /sys/devices/virtual/net/tun0: couldn't determine device driver; ignoring... Aug 27 00:06:46 ahostname ovpn-server[4468]: TUN/TAP device tun0 opened Aug 27 00:06:46 ahostname ovpn-server[4468]: TUN/TAP TX queue length set to 100 Aug 27 00:06:46 ahostname ovpn-server[4468]: do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0 Aug 27 00:06:46 ahostname ovpn-server[4468]: /sbin/ip link set dev tun0 up mtu 1500 Aug 27 00:06:46 ahostname ovpn-server[4468]: /sbin/ip addr add dev tun0 local 10.8.0.1 peer 10.8.0.2 Aug 27 00:06:46 ahostname ovpn-server[4468]: /sbin/ip route add 10.8.0.0/24 via 10.8.0.2 Aug 27 00:06:46 ahostname ovpn-server[4477]: GID set to nogroup Aug 27 00:06:46 ahostname ovpn-server[4477]: UDPv4 link local (bound): [undef] Aug 27 00:06:46 ahostname ovpn-server[4477]: UDPv4 link remote: [undef] Aug 27 00:06:46 ahostname ovpn-server[4477]: MULTI: multi_init called, r=256 v=256 Aug 27 00:06:46 ahostname ovpn-server[4477]: IFCONFIG POOL: base=10.8.0.4 size=62, ipv6=0 Aug 27 00:06:46 ahostname ovpn-server[4477]: ifconfig_pool_read(), in='ersterclient,10.8.0.4', TODO: IPv6 Aug 27 00:06:46 ahostname ovpn-server[4477]: succeeded -> ifconfig_pool_set() Aug 27 00:06:46 ahostname ovpn-server[4477]: IFCONFIG POOL LIST Aug 27 00:06:46 ahostname ovpn-server[4477]: ersterclient,10.8.0.4 Aug 27 00:06:46 ahostname ovpn-server[4477]: Initialization Sequence Completed Aug 27 00:07:11 ahostname ovpn-server[4477]: event_wait : Interrupted system call (code=4) Aug 27 00:07:11 ahostname ovpn-server[4477]: /sbin/ip route del 10.8.0.0/24 Aug 27 00:07:11 ahostname ovpn-server[4477]: Closing TUN/TAP interface Aug 27 00:07:11 ahostname ovpn-server[4477]: /sbin/ip addr del dev tun0 local 10.8.0.1 peer 10.8.0.2 Aug 27 00:07:11 ahostname avahi-daemon[416]: Withdrawing workstation service for tun0. Aug 27 00:07:11 ahostname NetworkManager[665]: SCPlugin-Ifupdown: devices removed (path: /sys/devices/virtual/net/tun0, iface: tun0) Aug 27 00:07:11 ahostname ovpn-server[4477]: SIGTERM[hard,] received, process exiting Aug 27 00:07:12 ahostname ovpn-subdomain.domain.tld[4520]: OpenVPN 2.3.2 i686-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6] built on Jul 12 2013 Aug 27 00:07:12 ahostname ovpn-subdomain.domain.tld[4520]: Diffie-Hellman initialized with 1024 bit key Aug 27 00:07:12 ahostname ovpn-subdomain.domain.tld[4520]: Socket Buffers: R=[163840->131072] S=[163840->131072] Aug 27 00:07:12 ahostname ovpn-subdomain.domain.tld[4520]: ROUTE_GATEWAY 192.168.178.1/255.255.255.0 IFACE=eth0 HWADDR=XX:XX:XX:XX:XX:XX Aug 27 00:07:12 ahostname NetworkManager[665]: SCPlugin-Ifupdown: devices added (path: /sys/devices/virtual/net/tun0, iface: tun0) Aug 27 00:07:12 ahostname NetworkManager[665]: SCPlugin-Ifupdown: device added (path: /sys/devices/virtual/net/tun0, iface: tun0): no ifupdown configuration found. Aug 27 00:07:12 ahostname NetworkManager[665]: <warn> /sys/devices/virtual/net/tun0: couldn't determine device driver; ignoring... Aug 27 00:07:12 ahostname ovpn-subdomain.domain.tld[4520]: TUN/TAP device tun0 opened Aug 27 00:07:12 ahostname ovpn-subdomain.domain.tld[4520]: TUN/TAP TX queue length set to 100 Aug 27 00:07:12 ahostname ovpn-subdomain.domain.tld[4520]: do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0 Aug 27 00:07:12 ahostname ovpn-subdomain.domain.tld[4520]: /sbin/ip link set dev tun0 up mtu 1500 Aug 27 00:07:12 ahostname ovpn-subdomain.domain.tld[4520]: /sbin/ip addr add dev tun0 local 10.8.0.1 peer 10.8.0.2 Aug 27 00:07:12 ahostname ovpn-subdomain.domain.tld[4520]: /sbin/ip route add 10.8.0.0/24 via 10.8.0.2 Aug 27 00:07:12 ahostname ovpn-subdomain.domain.tld[4528]: GID set to nogroup Aug 27 00:07:12 ahostname ovpn-subdomain.domain.tld[4528]: UDPv4 link local (bound): [undef] Aug 27 00:07:12 ahostname ovpn-subdomain.domain.tld[4528]: UDPv4 link remote: [undef] Aug 27 00:07:12 ahostname ovpn-subdomain.domain.tld[4528]: MULTI: multi_init called, r=256 v=256 Aug 27 00:07:12 ahostname ovpn-subdomain.domain.tld[4528]: IFCONFIG POOL: base=10.8.0.4 size=62, ipv6=0 Aug 27 00:07:12 ahostname ovpn-subdomain.domain.tld[4528]: ifconfig_pool_read(), in='ersterclient,10.8.0.4', TODO: IPv6 Aug 27 00:07:12 ahostname ovpn-subdomain.domain.tld[4528]: succeeded -> ifconfig_pool_set() Aug 27 00:07:12 ahostname ovpn-subdomain.domain.tld[4528]: IFCONFIG POOL LIST Aug 27 00:07:12 ahostname ovpn-subdomain.domain.tld[4528]: ersterclient,10.8.0.4 Aug 27 00:07:12 ahostname ovpn-subdomain.domain.tld[4528]: Initialization Sequence Completed Aug 27 00:07:40 ahostname ovpn-subdomain.domain.tld[4528]: 93.221.166.135:35753 TLS: Initial packet from [AF_INET]93.221.166.135:35753, sid=5eef76ad 852e2530 Aug 27 00:07:41 ahostname ovpn-subdomain.domain.tld[4528]: 93.221.166.135:35753 VERIFY OK: depth=1, C=DE, ST=NRW, L=Beispielstadt, O=Example Company, OU=subdomain.domain.tld.net, CN=subdomain.domain.tld.net, name=subdomain.domain.tld.net, emailAddress=username@gmail.com Aug 27 00:07:41 ahostname ovpn-subdomain.domain.tld[4528]: 93.221.166.135:35753 VERIFY OK: depth=0, C=DE, ST=NRW, L=Beispielstadt, O=Example Company, OU=subdomain.domain.tld.net, CN=ersterclient, name=subdomain.domain.tld.net, emailAddress=username@gmail.com Aug 27 00:07:41 ahostname ovpn-subdomain.domain.tld[4528]: 93.221.166.135:35753 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Aug 27 00:07:41 ahostname ovpn-subdomain.domain.tld[4528]: 93.221.166.135:35753 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Aug 27 00:07:41 ahostname ovpn-subdomain.domain.tld[4528]: 93.221.166.135:35753 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Aug 27 00:07:41 ahostname ovpn-subdomain.domain.tld[4528]: 93.221.166.135:35753 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Aug 27 00:07:41 ahostname ovpn-subdomain.domain.tld[4528]: 93.221.166.135:35753 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA Aug 27 00:07:41 ahostname ovpn-subdomain.domain.tld[4528]: 93.221.166.135:35753 [ersterclient] Peer Connection Initiated with [AF_INET]93.221.166.135:35753 Aug 27 00:07:41 ahostname ovpn-subdomain.domain.tld[4528]: ersterclient/93.221.166.135:35753 MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=(Not enabled) Aug 27 00:07:41 ahostname ovpn-subdomain.domain.tld[4528]: ersterclient/93.221.166.135:35753 MULTI: Learn: 10.8.0.6 -> ersterclient/93.221.166.135:35753 Aug 27 00:07:41 ahostname ovpn-subdomain.domain.tld[4528]: ersterclient/93.221.166.135:35753 MULTI: primary virtual IP for ersterclient/93.221.166.135:35753: 10.8.0.6 Aug 27 00:07:44 ahostname ovpn-subdomain.domain.tld[4528]: ersterclient/93.221.166.135:35753 PUSH: Received control message: 'PUSH_REQUEST' Aug 27 00:07:44 ahostname ovpn-subdomain.domain.tld[4528]: ersterclient/93.221.166.135:35753 send_push_reply(): safe_cap=940 Aug 27 00:07:44 ahostname ovpn-subdomain.domain.tld[4528]: ersterclient/93.221.166.135:35753 SENT CONTROL [ersterclient]: 'PUSH_REPLY,route 192.168.178.0 255.255.255.0,dhcp-option DNS 192.168.178.1,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' (status=1) Aug 27 00:08:39 ahostname ovpn-subdomain.domain.tld[4528]: 93.221.166.135:57803 TLS: Initial packet from [AF_INET]93.221.166.135:57803, sid=0eef40db 53c8c462 Aug 27 00:08:51 ahostname ovpn-subdomain.domain.tld[4528]: 93.221.166.135:57803 VERIFY OK: depth=1, C=DE, ST=NRW, L=Beispielstadt, O=Example Company, OU=subdomain.domain.tld.net, CN=subdomain.domain.tld.net, name=subdomain.domain.tld.net, emailAddress=username@gmail.com Aug 27 00:08:51 ahostname ovpn-subdomain.domain.tld[4528]: 93.221.166.135:57803 VERIFY OK: depth=0, C=DE, ST=NRW, L=Beispielstadt, O=Example Company, OU=subdomain.domain.tld.net, CN=ersterclient, name=subdomain.domain.tld.net, emailAddress=username@gmail.com Aug 27 00:08:52 ahostname ovpn-subdomain.domain.tld[4528]: 93.221.166.135:57803 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Aug 27 00:08:52 ahostname ovpn-subdomain.domain.tld[4528]: 93.221.166.135:57803 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Aug 27 00:08:52 ahostname ovpn-subdomain.domain.tld[4528]: 93.221.166.135:57803 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Aug 27 00:08:52 ahostname ovpn-subdomain.domain.tld[4528]: 93.221.166.135:57803 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Aug 27 00:08:52 ahostname ovpn-subdomain.domain.tld[4528]: 93.221.166.135:57803 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA Aug 27 00:08:52 ahostname ovpn-subdomain.domain.tld[4528]: 93.221.166.135:57803 [ersterclient] Peer Connection Initiated with [AF_INET]93.221.166.135:57803 Aug 27 00:08:52 ahostname ovpn-subdomain.domain.tld[4528]: MULTI: new connection by client 'ersterclient' will cause previous active sessions by this client to be dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect. Aug 27 00:08:52 ahostname ovpn-subdomain.domain.tld[4528]: MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=(Not enabled) Aug 27 00:08:52 ahostname ovpn-subdomain.domain.tld[4528]: MULTI: Learn: 10.8.0.6 -> ersterclient/93.221.166.135:57803 Aug 27 00:08:52 ahostname ovpn-subdomain.domain.tld[4528]: MULTI: primary virtual IP for ersterclient/93.221.166.135:57803: 10.8.0.6 Aug 27 00:08:54 ahostname ovpn-subdomain.domain.tld[4528]: ersterclient/93.221.166.135:57803 PUSH: Received control message: 'PUSH_REQUEST' Aug 27 00:08:54 ahostname ovpn-subdomain.domain.tld[4528]: ersterclient/93.221.166.135:57803 send_push_reply(): safe_cap=940 Aug 27 00:08:54 ahostname ovpn-subdomain.domain.tld[4528]: ersterclient/93.221.166.135:57803 SENT CONTROL [ersterclient]: 'PUSH_REPLY,route 192.168.178.0 255.255.255.0,dhcp-option DNS 192.168.178.1,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' (status=1) Aug 27 00:09:25 ahostname ovpn-subdomain.domain.tld[4528]: 93.221.166.135:39872 TLS: Initial packet from [AF_INET]93.221.166.135:39872, sid=395ace37 9dac3bb7 Aug 27 00:09:26 ahostname ovpn-subdomain.domain.tld[4528]: 93.221.166.135:39872 VERIFY OK: depth=1, C=DE, ST=NRW, L=Beispielstadt, O=Example Company, OU=subdomain.domain.tld.net, CN=subdomain.domain.tld.net, name=subdomain.domain.tld.net, emailAddress=username@gmail.com Aug 27 00:09:26 ahostname ovpn-subdomain.domain.tld[4528]: 93.221.166.135:39872 VERIFY OK: depth=0, C=DE, ST=NRW, L=Beispielstadt, O=Example Company, OU=subdomain.domain.tld.net, CN=ersterclient, name=subdomain.domain.tld.net, emailAddress=username@gmail.com Aug 27 00:09:26 ahostname ovpn-subdomain.domain.tld[4528]: 93.221.166.135:39872 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Aug 27 00:09:26 ahostname ovpn-subdomain.domain.tld[4528]: 93.221.166.135:39872 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Aug 27 00:09:26 ahostname ovpn-subdomain.domain.tld[4528]: 93.221.166.135:39872 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Aug 27 00:09:26 ahostname ovpn-subdomain.domain.tld[4528]: 93.221.166.135:39872 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Aug 27 00:09:26 ahostname ovpn-subdomain.domain.tld[4528]: 93.221.166.135:39872 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA Aug 27 00:09:26 ahostname ovpn-subdomain.domain.tld[4528]: 93.221.166.135:39872 [ersterclient] Peer Connection Initiated with [AF_INET]93.221.166.135:39872 Aug 27 00:09:26 ahostname ovpn-subdomain.domain.tld[4528]: MULTI: new connection by client 'ersterclient' will cause previous active sessions by this client to be dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect. Aug 27 00:09:26 ahostname ovpn-subdomain.domain.tld[4528]: MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=(Not enabled) Aug 27 00:09:26 ahostname ovpn-subdomain.domain.tld[4528]: MULTI: Learn: 10.8.0.6 -> ersterclient/93.221.166.135:39872 Aug 27 00:09:26 ahostname ovpn-subdomain.domain.tld[4528]: MULTI: primary virtual IP for ersterclient/93.221.166.135:39872: 10.8.0.6 Aug 27 00:09:28 ahostname ovpn-subdomain.domain.tld[4528]: ersterclient/93.221.166.135:39872 PUSH: Received control message: 'PUSH_REQUEST' Aug 27 00:09:28 ahostname ovpn-subdomain.domain.tld[4528]: ersterclient/93.221.166.135:39872 send_push_reply(): safe_cap=940 Aug 27 00:09:28 ahostname ovpn-subdomain.domain.tld[4528]: ersterclient/93.221.166.135:39872 SENT CONTROL [ersterclient]: 'PUSH_REPLY,route 192.168.178.0 255.255.255.0,dhcp-option DNS 192.168.178.1,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' (status=1) Aug 27 00:11:29 ahostname ovpn-subdomain.domain.tld[4528]: 93.221.166.135:65318 TLS: Initial packet from [AF_INET]93.221.166.135:65318, sid=4cd8ae9f a82588a5 Aug 27 00:11:30 ahostname ovpn-subdomain.domain.tld[4528]: 93.221.166.135:65318 VERIFY OK: depth=1, C=DE, ST=NRW, L=Beispielstadt, O=Example Company, OU=subdomain.domain.tld.net, CN=subdomain.domain.tld.net, name=subdomain.domain.tld.net, emailAddress=username@gmail.com Aug 27 00:11:30 ahostname ovpn-subdomain.domain.tld[4528]: 93.221.166.135:65318 VERIFY OK: depth=0, C=DE, ST=NRW, L=Beispielstadt, O=Example Company, OU=subdomain.domain.tld.net, CN=ersterclient, name=subdomain.domain.tld.net, emailAddress=username@gmail.com Aug 27 00:11:30 ahostname ovpn-subdomain.domain.tld[4528]: 93.221.166.135:65318 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Aug 27 00:11:30 ahostname ovpn-subdomain.domain.tld[4528]: 93.221.166.135:65318 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Aug 27 00:11:30 ahostname ovpn-subdomain.domain.tld[4528]: 93.221.166.135:65318 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Aug 27 00:11:30 ahostname ovpn-subdomain.domain.tld[4528]: 93.221.166.135:65318 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Aug 27 00:11:30 ahostname ovpn-subdomain.domain.tld[4528]: 93.221.166.135:65318 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA Aug 27 00:11:30 ahostname ovpn-subdomain.domain.tld[4528]: 93.221.166.135:65318 [ersterclient] Peer Connection Initiated with [AF_INET]93.221.166.135:65318 Aug 27 00:11:30 ahostname ovpn-subdomain.domain.tld[4528]: MULTI: new connection by client 'ersterclient' will cause previous active sessions by this client to be dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect. Aug 27 00:11:30 ahostname ovpn-subdomain.domain.tld[4528]: MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=(Not enabled) Aug 27 00:11:30 ahostname ovpn-subdomain.domain.tld[4528]: MULTI: Learn: 10.8.0.6 -> ersterclient/93.221.166.135:65318 Aug 27 00:11:30 ahostname ovpn-subdomain.domain.tld[4528]: MULTI: primary virtual IP for ersterclient/93.221.166.135:65318: 10.8.0.6 Aug 27 00:11:32 ahostname ovpn-subdomain.domain.tld[4528]: ersterclient/93.221.166.135:65318 PUSH: Received control message: 'PUSH_REQUEST' Aug 27 00:11:32 ahostname ovpn-subdomain.domain.tld[4528]: ersterclient/93.221.166.135:65318 send_push_reply(): safe_cap=940 Aug 27 00:11:32 ahostname ovpn-subdomain.domain.tld[4528]: ersterclient/93.221.166.135:65318 SENT CONTROL [ersterclient]: 'PUSH_REPLY,route 192.168.178.0 255.255.255.0,dhcp-option DNS 192.168.178.1,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' (status=1) Aug 27 00:17:01 ahostname CRON[4543]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly) Aug 27 00:25:27 ahostname ovpn-subdomain.domain.tld[4528]: event_wait : Interrupted system call (code=4) Aug 27 00:25:27 ahostname ovpn-subdomain.domain.tld[4528]: /sbin/ip route del 10.8.0.0/24 Aug 27 00:25:27 ahostname ovpn-subdomain.domain.tld[4528]: Closing TUN/TAP interface Aug 27 00:25:27 ahostname ovpn-subdomain.domain.tld[4528]: /sbin/ip addr del dev tun0 local 10.8.0.1 peer 10.8.0.2 Aug 27 00:25:27 ahostname avahi-daemon[416]: Withdrawing workstation service for tun0. Aug 27 00:25:27 ahostname NetworkManager[665]: SCPlugin-Ifupdown: devices removed (path: /sys/devices/virtual/net/tun0, iface: tun0) Aug 27 00:25:27 ahostname ovpn-subdomain.domain.tld[4528]: SIGTERM[hard,] received, process exiting Aug 27 00:25:28 ahostname ovpn-subdomain.domain.tld[4595]: OpenVPN 2.3.2 i686-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6] built on Jul 12 2013 Aug 27 00:25:28 ahostname ovpn-subdomain.domain.tld[4595]: Diffie-Hellman initialized with 1024 bit key Aug 27 00:25:28 ahostname ovpn-subdomain.domain.tld[4595]: Socket Buffers: R=[163840->131072] S=[163840->131072] Aug 27 00:25:28 ahostname ovpn-subdomain.domain.tld[4595]: ROUTE_GATEWAY 192.168.178.1/255.255.255.0 IFACE=eth0 HWADDR=XX:XX:XX:XX:XX:XX Aug 27 00:25:28 ahostname NetworkManager[665]: SCPlugin-Ifupdown: devices added (path: /sys/devices/virtual/net/tun0, iface: tun0) Aug 27 00:25:28 ahostname NetworkManager[665]: SCPlugin-Ifupdown: device added (path: /sys/devices/virtual/net/tun0, iface: tun0): no ifupdown configuration found. Aug 27 00:25:28 ahostname NetworkManager[665]: <warn> /sys/devices/virtual/net/tun0: couldn't determine device driver; ignoring... Aug 27 00:25:28 ahostname ovpn-subdomain.domain.tld[4595]: TUN/TAP device tun0 opened Aug 27 00:25:28 ahostname ovpn-subdomain.domain.tld[4595]: TUN/TAP TX queue length set to 100 Aug 27 00:25:28 ahostname ovpn-subdomain.domain.tld[4595]: do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0 Aug 27 00:25:28 ahostname ovpn-subdomain.domain.tld[4595]: /sbin/ip link set dev tun0 up mtu 1500 Aug 27 00:25:28 ahostname ovpn-subdomain.domain.tld[4595]: /sbin/ip addr add dev tun0 local 10.8.0.1 peer 10.8.0.2 Aug 27 00:25:28 ahostname ovpn-subdomain.domain.tld[4595]: /sbin/ip route add 10.8.0.0/24 via 10.8.0.2 Aug 27 00:25:28 ahostname ovpn-subdomain.domain.tld[4605]: GID set to nogroup Aug 27 00:25:28 ahostname ovpn-subdomain.domain.tld[4605]: UDPv4 link local (bound): [undef] Aug 27 00:25:28 ahostname ovpn-subdomain.domain.tld[4605]: UDPv4 link remote: [undef] Aug 27 00:25:28 ahostname ovpn-subdomain.domain.tld[4605]: MULTI: multi_init called, r=256 v=256 Aug 27 00:25:28 ahostname ovpn-subdomain.domain.tld[4605]: IFCONFIG POOL: base=10.8.0.4 size=62, ipv6=0 Aug 27 00:25:28 ahostname ovpn-subdomain.domain.tld[4605]: ifconfig_pool_read(), in='ersterclient,10.8.0.4', TODO: IPv6 Aug 27 00:25:28 ahostname ovpn-subdomain.domain.tld[4605]: succeeded -> ifconfig_pool_set() Aug 27 00:25:28 ahostname ovpn-subdomain.domain.tld[4605]: IFCONFIG POOL LIST Aug 27 00:25:28 ahostname ovpn-subdomain.domain.tld[4605]: ersterclient,10.8.0.4 Aug 27 00:25:28 ahostname ovpn-subdomain.domain.tld[4605]: Initialization Sequence Completed Aug 27 00:26:04 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:52266 TLS: Initial packet from [AF_INET]93.221.166.135:52266, sid=03ec7d6e 8e4728e3 Aug 27 00:26:05 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:52266 VERIFY OK: depth=1, C=DE, ST=NRW, L=Beispielstadt, O=Example Company, OU=subdomain.domain.tld.net, CN=subdomain.domain.tld.net, name=subdomain.domain.tld.net, emailAddress=username@gmail.com Aug 27 00:26:05 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:52266 VERIFY OK: depth=0, C=DE, ST=NRW, L=Beispielstadt, O=Example Company, OU=subdomain.domain.tld.net, CN=ersterclient, name=subdomain.domain.tld.net, emailAddress=username@gmail.com Aug 27 00:26:05 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:52266 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Aug 27 00:26:05 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:52266 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Aug 27 00:26:05 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:52266 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Aug 27 00:26:05 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:52266 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Aug 27 00:26:05 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:52266 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA Aug 27 00:26:05 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:52266 [ersterclient] Peer Connection Initiated with [AF_INET]93.221.166.135:52266 Aug 27 00:26:05 ahostname ovpn-subdomain.domain.tld[4605]: ersterclient/93.221.166.135:52266 MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=(Not enabled) Aug 27 00:26:05 ahostname ovpn-subdomain.domain.tld[4605]: ersterclient/93.221.166.135:52266 MULTI: Learn: 10.8.0.6 -> ersterclient/93.221.166.135:52266 Aug 27 00:26:05 ahostname ovpn-subdomain.domain.tld[4605]: ersterclient/93.221.166.135:52266 MULTI: primary virtual IP for ersterclient/93.221.166.135:52266: 10.8.0.6 Aug 27 00:26:07 ahostname ovpn-subdomain.domain.tld[4605]: ersterclient/93.221.166.135:52266 PUSH: Received control message: 'PUSH_REQUEST' Aug 27 00:26:07 ahostname ovpn-subdomain.domain.tld[4605]: ersterclient/93.221.166.135:52266 send_push_reply(): safe_cap=940 Aug 27 00:26:07 ahostname ovpn-subdomain.domain.tld[4605]: ersterclient/93.221.166.135:52266 SENT CONTROL [ersterclient]: 'PUSH_REPLY,route 192.168.178.0 255.255.255.0,dhcp-option DNS 8.8.8.8,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' (status=1) Aug 27 00:27:29 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:57995 TLS: Initial packet from [AF_INET]93.221.166.135:57995, sid=3fc2db58 03c3a282 Aug 27 00:27:30 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:57995 VERIFY OK: depth=1, C=DE, ST=NRW, L=Beispielstadt, O=Example Company, OU=subdomain.domain.tld.net, CN=subdomain.domain.tld.net, name=subdomain.domain.tld.net, emailAddress=username@gmail.com Aug 27 00:27:30 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:57995 VERIFY OK: depth=0, C=DE, ST=NRW, L=Beispielstadt, O=Example Company, OU=subdomain.domain.tld.net, CN=ersterclient, name=subdomain.domain.tld.net, emailAddress=username@gmail.com Aug 27 00:27:30 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:57995 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Aug 27 00:27:30 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:57995 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Aug 27 00:27:30 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:57995 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Aug 27 00:27:30 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:57995 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Aug 27 00:27:30 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:57995 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA Aug 27 00:27:30 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:57995 [ersterclient] Peer Connection Initiated with [AF_INET]93.221.166.135:57995 Aug 27 00:27:30 ahostname ovpn-subdomain.domain.tld[4605]: MULTI: new connection by client 'ersterclient' will cause previous active sessions by this client to be dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect. Aug 27 00:27:30 ahostname ovpn-subdomain.domain.tld[4605]: MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=(Not enabled) Aug 27 00:27:30 ahostname ovpn-subdomain.domain.tld[4605]: MULTI: Learn: 10.8.0.6 -> ersterclient/93.221.166.135:57995 Aug 27 00:27:30 ahostname ovpn-subdomain.domain.tld[4605]: MULTI: primary virtual IP for ersterclient/93.221.166.135:57995: 10.8.0.6 Aug 27 00:27:32 ahostname ovpn-subdomain.domain.tld[4605]: ersterclient/93.221.166.135:57995 PUSH: Received control message: 'PUSH_REQUEST' Aug 27 00:27:32 ahostname ovpn-subdomain.domain.tld[4605]: ersterclient/93.221.166.135:57995 send_push_reply(): safe_cap=940 Aug 27 00:27:32 ahostname ovpn-subdomain.domain.tld[4605]: ersterclient/93.221.166.135:57995 SENT CONTROL [ersterclient]: 'PUSH_REPLY,route 192.168.178.0 255.255.255.0,dhcp-option DNS 8.8.8.8,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' (status=1) Aug 27 00:40:18 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:50927 TLS: Initial packet from [AF_INET]93.221.166.135:50927, sid=2f40ad64 72fdd252 Aug 27 00:40:19 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:50927 VERIFY OK: depth=1, C=DE, ST=NRW, L=Beispielstadt, O=Example Company, OU=subdomain.domain.tld.net, CN=subdomain.domain.tld.net, name=subdomain.domain.tld.net, emailAddress=username@gmail.com Aug 27 00:40:19 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:50927 VERIFY OK: depth=0, C=DE, ST=NRW, L=Beispielstadt, O=Example Company, OU=subdomain.domain.tld.net, CN=ersterclient, name=subdomain.domain.tld.net, emailAddress=username@gmail.com Aug 27 00:40:19 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:50927 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Aug 27 00:40:19 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:50927 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Aug 27 00:40:19 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:50927 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Aug 27 00:40:19 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:50927 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Aug 27 00:40:19 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:50927 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA Aug 27 00:40:19 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:50927 [ersterclient] Peer Connection Initiated with [AF_INET]93.221.166.135:50927 Aug 27 00:40:19 ahostname ovpn-subdomain.domain.tld[4605]: MULTI: new connection by client 'ersterclient' will cause previous active sessions by this client to be dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect. Aug 27 00:40:19 ahostname ovpn-subdomain.domain.tld[4605]: MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=(Not enabled) Aug 27 00:40:19 ahostname ovpn-subdomain.domain.tld[4605]: MULTI: Learn: 10.8.0.6 -> ersterclient/93.221.166.135:50927 Aug 27 00:40:19 ahostname ovpn-subdomain.domain.tld[4605]: MULTI: primary virtual IP for ersterclient/93.221.166.135:50927: 10.8.0.6 Aug 27 00:40:22 ahostname ovpn-subdomain.domain.tld[4605]: ersterclient/93.221.166.135:50927 PUSH: Received control message: 'PUSH_REQUEST' Aug 27 00:40:22 ahostname ovpn-subdomain.domain.tld[4605]: ersterclient/93.221.166.135:50927 send_push_reply(): safe_cap=940 Aug 27 00:40:22 ahostname ovpn-subdomain.domain.tld[4605]: ersterclient/93.221.166.135:50927 SENT CONTROL [ersterclient]: 'PUSH_REPLY,route 192.168.178.0 255.255.255.0,dhcp-option DNS 8.8.8.8,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' (status=1) Aug 27 00:42:19 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:65196 TLS: Initial packet from [AF_INET]93.221.166.135:65196, sid=fcc73a6e 46f488cc Aug 27 00:42:20 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:65196 VERIFY OK: depth=1, C=DE, ST=NRW, L=Beispielstadt, O=Example Company, OU=subdomain.domain.tld.net, CN=subdomain.domain.tld.net, name=subdomain.domain.tld.net, emailAddress=username@gmail.com Aug 27 00:42:20 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:65196 VERIFY OK: depth=0, C=DE, ST=NRW, L=Beispielstadt, O=Example Company, OU=subdomain.domain.tld.net, CN=ersterclient, name=subdomain.domain.tld.net, emailAddress=username@gmail.com Aug 27 00:42:20 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:65196 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Aug 27 00:42:20 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:65196 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Aug 27 00:42:20 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:65196 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Aug 27 00:42:20 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:65196 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Aug 27 00:42:20 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:65196 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA Aug 27 00:42:20 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:65196 [ersterclient] Peer Connection Initiated with [AF_INET]93.221.166.135:65196 Aug 27 00:42:20 ahostname ovpn-subdomain.domain.tld[4605]: MULTI: new connection by client 'ersterclient' will cause previous active sessions by this client to be dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect. Aug 27 00:42:20 ahostname ovpn-subdomain.domain.tld[4605]: MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=(Not enabled) Aug 27 00:42:20 ahostname ovpn-subdomain.domain.tld[4605]: MULTI: Learn: 10.8.0.6 -> ersterclient/93.221.166.135:65196 Aug 27 00:42:20 ahostname ovpn-subdomain.domain.tld[4605]: MULTI: primary virtual IP for ersterclient/93.221.166.135:65196: 10.8.0.6 Aug 27 00:42:23 ahostname ovpn-subdomain.domain.tld[4605]: ersterclient/93.221.166.135:65196 PUSH: Received control message: 'PUSH_REQUEST' Aug 27 00:42:23 ahostname ovpn-subdomain.domain.tld[4605]: ersterclient/93.221.166.135:65196 send_push_reply(): safe_cap=940 Aug 27 00:42:23 ahostname ovpn-subdomain.domain.tld[4605]: ersterclient/93.221.166.135:65196 SENT CONTROL [ersterclient]: 'PUSH_REPLY,route 192.168.178.0 255.255.255.0,dhcp-option DNS 8.8.8.8,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' (status=1) Aug 27 00:43:32 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:44196 TLS: Initial packet from [AF_INET]93.221.166.135:44196, sid=5a635b3a d7e4856c Aug 27 00:43:33 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:44196 VERIFY OK: depth=1, C=DE, ST=NRW, L=Beispielstadt, O=Example Company, OU=subdomain.domain.tld.net, CN=subdomain.domain.tld.net, name=subdomain.domain.tld.net, emailAddress=username@gmail.com Aug 27 00:43:33 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:44196 VERIFY OK: depth=0, C=DE, ST=NRW, L=Beispielstadt, O=Example Company, OU=subdomain.domain.tld.net, CN=ersterclient, name=subdomain.domain.tld.net, emailAddress=username@gmail.com Aug 27 00:43:33 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:44196 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Aug 27 00:43:33 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:44196 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Aug 27 00:43:33 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:44196 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Aug 27 00:43:33 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:44196 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Aug 27 00:43:33 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:44196 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA Aug 27 00:43:33 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:44196 [ersterclient] Peer Connection Initiated with [AF_INET]93.221.166.135:44196 Aug 27 00:43:33 ahostname ovpn-subdomain.domain.tld[4605]: MULTI: new connection by client 'ersterclient' will cause previous active sessions by this client to be dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect. Aug 27 00:43:33 ahostname ovpn-subdomain.domain.tld[4605]: MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=(Not enabled) Aug 27 00:43:33 ahostname ovpn-subdomain.domain.tld[4605]: MULTI: Learn: 10.8.0.6 -> ersterclient/93.221.166.135:44196 Aug 27 00:43:33 ahostname ovpn-subdomain.domain.tld[4605]: MULTI: primary virtual IP for ersterclient/93.221.166.135:44196: 10.8.0.6 Aug 27 00:43:36 ahostname ovpn-subdomain.domain.tld[4605]: ersterclient/93.221.166.135:44196 PUSH: Received control message: 'PUSH_REQUEST' Aug 27 00:43:36 ahostname ovpn-subdomain.domain.tld[4605]: ersterclient/93.221.166.135:44196 send_push_reply(): safe_cap=940 Aug 27 00:43:36 ahostname ovpn-subdomain.domain.tld[4605]: ersterclient/93.221.166.135:44196 SENT CONTROL [ersterclient]: 'PUSH_REPLY,route 192.168.178.0 255.255.255.0,dhcp-option DNS 8.8.8.8,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' (status=1) Aug 27 00:45:26 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:63990 TLS: Initial packet from [AF_INET]93.221.166.135:63990, sid=ee34d1b4 9609a49e Aug 27 00:45:26 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:63990 VERIFY OK: depth=1, C=DE, ST=NRW, L=Beispielstadt, O=Example Company, OU=subdomain.domain.tld.net, CN=subdomain.domain.tld.net, name=subdomain.domain.tld.net, emailAddress=username@gmail.com Aug 27 00:45:26 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:63990 VERIFY OK: depth=0, C=DE, ST=NRW, L=Beispielstadt, O=Example Company, OU=subdomain.domain.tld.net, CN=ersterclient, name=subdomain.domain.tld.net, emailAddress=username@gmail.com Aug 27 00:45:27 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:63990 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Aug 27 00:45:27 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:63990 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Aug 27 00:45:27 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:63990 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Aug 27 00:45:27 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:63990 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Aug 27 00:45:27 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:63990 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA Aug 27 00:45:27 ahostname ovpn-subdomain.domain.tld[4605]: 93.221.166.135:63990 [ersterclient] Peer Connection Initiated with [AF_INET]93.221.166.135:63990 Aug 27 00:45:27 ahostname ovpn-subdomain.domain.tld[4605]: MULTI: new connection by client 'ersterclient' will cause previous active sessions by this client to be dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect. Aug 27 00:45:27 ahostname ovpn-subdomain.domain.tld[4605]: MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=(Not enabled) Aug 27 00:45:27 ahostname ovpn-subdomain.domain.tld[4605]: MULTI: Learn: 10.8.0.6 -> ersterclient/93.221.166.135:63990 Aug 27 00:45:27 ahostname ovpn-subdomain.domain.tld[4605]: MULTI: primary virtual IP for ersterclient/93.221.166.135:63990: 10.8.0.6 Aug 27 00:45:29 ahostname ovpn-subdomain.domain.tld[4605]: ersterclient/93.221.166.135:63990 PUSH: Received control message: 'PUSH_REQUEST' Aug 27 00:45:29 ahostname ovpn-subdomain.domain.tld[4605]: ersterclient/93.221.166.135:63990 send_push_reply(): safe_cap=940 Aug 27 00:45:29 ahostname ovpn-subdomain.domain.tld[4605]: ersterclient/93.221.166.135:63990 SENT CONTROL [ersterclient]: 'PUSH_REPLY,route 192.168.178.0 255.255.255.0,dhcp-option DNS 8.8.8.8,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' (status=1) Aug 27 00:50:59 ahostname dnsmasq[4651]: failed to create listening socket for port 53: Keine Berechtigung Aug 27 00:50:59 ahostname dnsmasq[4651]: Start fehlgeschlagen Aug 27 01:17:01 ahostname CRON[4668]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly) Aug 27 01:45:27 ahostname ovpn-subdomain.domain.tld[4605]: ersterclient/93.221.166.135:63990 TLS: soft reset sec=0 bytes=109344/0 pkts=851/0 Aug 27 01:45:28 ahostname ovpn-subdomain.domain.tld[4605]: ersterclient/93.221.166.135:63990 VERIFY OK: depth=1, C=DE, ST=NRW, L=Beispielstadt, O=Example Company, OU=subdomain.domain.tld.net, CN=subdomain.domain.tld.net, name=subdomain.domain.tld.net, emailAddress=username@gmail.com Aug 27 01:45:28 ahostname ovpn-subdomain.domain.tld[4605]: ersterclient/93.221.166.135:63990 VERIFY OK: depth=0, C=DE, ST=NRW, L=Beispielstadt, O=Example Company, OU=subdomain.domain.tld.net, CN=ersterclient, name=subdomain.domain.tld.net, emailAddress=username@gmail.com Aug 27 01:45:28 ahostname ovpn-subdomain.domain.tld[4605]: ersterclient/93.221.166.135:63990 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Aug 27 01:45:28 ahostname ovpn-subdomain.domain.tld[4605]: ersterclient/93.221.166.135:63990 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Aug 27 01:45:28 ahostname ovpn-subdomain.domain.tld[4605]: ersterclient/93.221.166.135:63990 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Aug 27 01:45:28 ahostname ovpn-subdomain.domain.tld[4605]: ersterclient/93.221.166.135:63990 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Aug 27 01:45:28 ahostname ovpn-subdomain.domain.tld[4605]: ersterclient/93.221.166.135:63990 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA Aug 27 02:17:01 ahostname CRON[4701]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly) Aug 27 02:45:27 ahostname ovpn-subdomain.domain.tld[4605]: ersterclient/93.221.166.135:63990 TLS: tls_process: killed expiring key Aug 27 02:45:28 ahostname ovpn-subdomain.domain.tld[4605]: ersterclient/93.221.166.135:63990 TLS: soft reset sec=0 bytes=115779/0 pkts=843/0 Aug 27 02:46:28 ahostname ovpn-subdomain.domain.tld[4605]: ersterclient/93.221.166.135:63990 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) Aug 27 02:46:28 ahostname ovpn-subdomain.domain.tld[4605]: ersterclient/93.221.166.135:63990 TLS Error: TLS handshake failed Aug 27 02:46:28 ahostname ovpn-subdomain.domain.tld[4605]: ersterclient/93.221.166.135:63990 TLS: move_session: dest=TM_LAME_DUCK src=TM_ACTIVE reinit_src=1 Aug 27 02:47:43 ahostname ovpn-subdomain.domain.tld[4605]: ersterclient/93.221.166.135:63990 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) Aug 27 02:47:43 ahostname ovpn-subdomain.domain.tld[4605]: ersterclient/93.221.166.135:63990 TLS Error: TLS handshake failed Aug 27 02:47:56 ahostname ovpn-subdomain.domain.tld[4605]: ersterclient/93.221.166.135:63990 [UNDEF] Inactivity timeout (--ping-restart), restarting Aug 27 02:47:56 ahostname ovpn-subdomain.domain.tld[4605]: ersterclient/93.221.166.135:63990 SIGUSR1[soft,ping-restart] received, client-instance restarting |