Ein Vergleich mit den OpenVPN-Konfigurationen, die wir bei uns ausgeben, macht den Eindruck, dass die Datei soweit in Ordnung ist. Ich wiederhole daher nochmal meine Bitte, uns ein vollständiges Protokoll vom Verbindungsaufbau bereitzustellen.
Nachfolgend zwei Beispiele, was ich mir wünsche (Minimal- und Maximalausprägung). Ich gehe davon aus, dass du beim Verbindungsaufbau auch Routen zugeschoben bekommst und bei deren Anwendung etwas schief läuft (siehe Markierungen) - warum auch immer. Die Minimalausprägung (erster Codeblock) ist nur da, um nochmal zu zeigen, wie die Standardausgabe bei funktionierender Verbindung aussehen kann. Ich würde Variante zwei bevorzugen - mehr zu lesen und mehr konkrete Befehle.
Und bitte: Dieses Mal keine halbgaren Sachen (Anonymisierung natürlich ausgenommen!). Wir benötigen unbedingt den genauen Befehl, den OpenVPN zusammenstellt, um an dieser Stelle weiter zu kommen.
Minimalausprägung:
$ sudo openvpn --config connection.ovpn
Sun Apr 19 18:45:35 2020 OpenVPN 2.4.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Sep 5 2019
Sun Apr 19 18:45:35 2020 library versions: OpenSSL 1.1.1c 28 May 2019, LZO 2.10
Enter Auth Username: Ben Utzer
Enter Auth Password: ************************************************************
Sun Apr 19 18:45:40 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]123.123.123.123:443
Sun Apr 19 18:45:40 2020 Socket Buffers: R=[131072->131072] S=[16384->16384]
Sun Apr 19 18:45:40 2020 Attempting to establish TCP connection with [AF_INET]123.123.123.123:443 [nonblock]
Sun Apr 19 18:45:41 2020 TCP connection established with [AF_INET]123.123.123.123:443
Sun Apr 19 18:45:41 2020 TCP_CLIENT link local: (not bound)
Sun Apr 19 18:45:41 2020 TCP_CLIENT link remote: [AF_INET]123.123.123.123:443
Sun Apr 19 18:45:41 2020 TLS: Initial packet from [AF_INET]123.123.123.123:443, sid=xxxxxx yyyyyy
Sun Apr 19 18:45:41 2020 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Sun Apr 19 18:45:41 2020 VERIFY OK: depth=1, C=de, L=Stadt, O=Land, CN=Land VPN CA, emailAddress=Flüsschen
Sun Apr 19 18:45:41 2020 VERIFY X509NAME OK: C=de, L=Stadt, O=Land, CN=Fluss, emailAddress=Flüsschen
Sun Apr 19 18:45:41 2020 VERIFY OK: depth=0, C=de, L=Stadt, O=Land, CN=Fluss, emailAddress=Flüsschen
Sun Apr 19 18:45:41 2020 Control Channel: TLSv1.2, cipher TLSv1.2 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Sun Apr 19 18:45:41 2020 [Fluss] Peer Connection Initiated with [AF_INET]123.123.123.123:443
Sun Apr 19 18:45:42 2020 SENT CONTROL [Fluss]: 'PUSH_REQUEST' (status=1)
Sun Apr 19 18:45:42 2020 PUSH: Received control message: 'PUSH_REPLY,route-gateway 10.242.2.1,route-gateway 10.242.2.1,topology subnet,ping 10,ping-restart 120,route 10.10.0.0 255.255.0.0,ifconfig 10.242.2.3 255.255.255.0'
Sun Apr 19 18:45:42 2020 OPTIONS IMPORT: timers and/or timeouts modified
Sun Apr 19 18:45:42 2020 OPTIONS IMPORT: --ifconfig/up options modified
Sun Apr 19 18:45:42 2020 OPTIONS IMPORT: route options modified
Sun Apr 19 18:45:42 2020 OPTIONS IMPORT: route-related options modified
Sun Apr 19 18:45:42 2020 Outgoing Data Channel: Cipher 'AES-128-CBC' initialized with 128 bit key
Sun Apr 19 18:45:42 2020 Outgoing Data Channel: Using 256 bit message hash 'SHA256' for HMAC authentication
Sun Apr 19 18:45:42 2020 Incoming Data Channel: Cipher 'AES-128-CBC' initialized with 128 bit key
Sun Apr 19 18:45:42 2020 Incoming Data Channel: Using 256 bit message hash 'SHA256' for HMAC authentication
Sun Apr 19 18:45:42 2020 ROUTE_GATEWAY 10.0.2.2/255.255.255.0 IFACE=eth0 HWADDR=aa:bb:cc:dd:ee:ff
Sun Apr 19 18:45:42 2020 TUN/TAP device tun0 opened
Sun Apr 19 18:45:42 2020 TUN/TAP TX queue length set to 100
Sun Apr 19 18:45:42 2020 /sbin/ip link set dev tun0 up mtu 1500
Sun Apr 19 18:45:42 2020 /sbin/ip addr add dev tun0 10.242.2.3/24 broadcast 10.242.2.255
Sun Apr 19 18:45:46 2020 /sbin/ip route add 123.123.123.123/32 via 10.0.2.2
Sun Apr 19 18:45:46 2020 /sbin/ip route add 10.10.0.0/16 via 10.242.2.1
Sun Apr 19 18:45:46 2020 Initialization Sequence Completed
$
Maximalausprägung:
$ sudo openvpn --config connection.ovpn
Sun Apr 19 18:56:09 2020 us=663067 Current Parameter Settings:
Sun Apr 19 18:56:09 2020 us=663157 config = '/vagrant/sti.ovpn'
Sun Apr 19 18:56:09 2020 us=663171 mode = 0
Sun Apr 19 18:56:09 2020 us=663181 persist_config = DISABLED
Sun Apr 19 18:56:09 2020 us=663190 persist_mode = 1
Sun Apr 19 18:56:09 2020 us=663199 show_ciphers = DISABLED
Sun Apr 19 18:56:09 2020 us=663272 show_digests = DISABLED
Sun Apr 19 18:56:09 2020 us=663285 show_engines = DISABLED
Sun Apr 19 18:56:09 2020 us=663294 genkey = DISABLED
Sun Apr 19 18:56:09 2020 us=663303 key_pass_file = '[UNDEF]'
Sun Apr 19 18:56:09 2020 us=663313 show_tls_ciphers = DISABLED
Sun Apr 19 18:56:09 2020 us=663322 connect_retry_max = 0
Sun Apr 19 18:56:09 2020 us=663331 Connection profiles [0]:
Sun Apr 19 18:56:09 2020 us=663341 proto = tcp-client
Sun Apr 19 18:56:09 2020 us=663350 local = '[UNDEF]'
Sun Apr 19 18:56:09 2020 us=663360 local_port = '[UNDEF]'
Sun Apr 19 18:56:09 2020 us=663369 remote = '123.123.123.123'
Sun Apr 19 18:56:09 2020 us=663378 remote_port = '443'
Sun Apr 19 18:56:09 2020 us=663387 remote_float = DISABLED
Sun Apr 19 18:56:09 2020 us=663396 bind_defined = DISABLED
Sun Apr 19 18:56:09 2020 us=663405 bind_local = DISABLED
Sun Apr 19 18:56:09 2020 us=663414 bind_ipv6_only = DISABLED
Sun Apr 19 18:56:09 2020 us=663424 connect_retry_seconds = 5
Sun Apr 19 18:56:09 2020 us=663433 connect_timeout = 120
Sun Apr 19 18:56:09 2020 us=663442 socks_proxy_server = '[UNDEF]'
Sun Apr 19 18:56:09 2020 us=663451 socks_proxy_port = '[UNDEF]'
Sun Apr 19 18:56:09 2020 us=663461 tun_mtu = 1500
Sun Apr 19 18:56:09 2020 us=663470 tun_mtu_defined = ENABLED
Sun Apr 19 18:56:09 2020 us=663479 link_mtu = 1500
Sun Apr 19 18:56:09 2020 us=663488 link_mtu_defined = DISABLED
Sun Apr 19 18:56:09 2020 us=663497 tun_mtu_extra = 0
Sun Apr 19 18:56:09 2020 us=663506 tun_mtu_extra_defined = DISABLED
Sun Apr 19 18:56:09 2020 us=663515 mtu_discover_type = -1
Sun Apr 19 18:56:09 2020 us=663525 fragment = 0
Sun Apr 19 18:56:09 2020 us=663534 mssfix = 1450
Sun Apr 19 18:56:09 2020 us=663543 explicit_exit_notification = 0
Sun Apr 19 18:56:09 2020 us=663552 Connection profiles END
Sun Apr 19 18:56:09 2020 us=663561 remote_random = DISABLED
Sun Apr 19 18:56:09 2020 us=663570 ipchange = '[UNDEF]'
Sun Apr 19 18:56:09 2020 us=663579 dev = 'tun'
Sun Apr 19 18:56:09 2020 us=663588 dev_type = '[UNDEF]'
Sun Apr 19 18:56:09 2020 us=663597 dev_node = '[UNDEF]'
Sun Apr 19 18:56:09 2020 us=663606 lladdr = '[UNDEF]'
Sun Apr 19 18:56:09 2020 us=663615 topology = 1
Sun Apr 19 18:56:09 2020 us=663624 ifconfig_local = '[UNDEF]'
Sun Apr 19 18:56:09 2020 us=663633 ifconfig_remote_netmask = '[UNDEF]'
Sun Apr 19 18:56:09 2020 us=663642 ifconfig_noexec = DISABLED
Sun Apr 19 18:56:09 2020 us=663650 ifconfig_nowarn = DISABLED
Sun Apr 19 18:56:09 2020 us=663659 ifconfig_ipv6_local = '[UNDEF]'
Sun Apr 19 18:56:09 2020 us=663673 ifconfig_ipv6_netbits = 0
Sun Apr 19 18:56:09 2020 us=663683 ifconfig_ipv6_remote = '[UNDEF]'
Sun Apr 19 18:56:09 2020 us=663692 shaper = 0
Sun Apr 19 18:56:09 2020 us=663701 mtu_test = 0
Sun Apr 19 18:56:09 2020 us=663710 mlock = DISABLED
Sun Apr 19 18:56:09 2020 us=663719 keepalive_ping = 0
Sun Apr 19 18:56:09 2020 us=663728 keepalive_timeout = 0
Sun Apr 19 18:56:09 2020 us=663737 inactivity_timeout = 0
Sun Apr 19 18:56:09 2020 us=663746 ping_send_timeout = 0
Sun Apr 19 18:56:09 2020 us=663755 ping_rec_timeout = 0
Sun Apr 19 18:56:09 2020 us=663764 ping_rec_timeout_action = 0
Sun Apr 19 18:56:09 2020 us=663773 ping_timer_remote = DISABLED
Sun Apr 19 18:56:09 2020 us=663782 remap_sigusr1 = 0
Sun Apr 19 18:56:09 2020 us=663791 persist_tun = ENABLED
Sun Apr 19 18:56:09 2020 us=663800 persist_local_ip = DISABLED
Sun Apr 19 18:56:09 2020 us=663809 persist_remote_ip = DISABLED
Sun Apr 19 18:56:09 2020 us=663818 persist_key = ENABLED
Sun Apr 19 18:56:09 2020 us=663827 passtos = DISABLED
Sun Apr 19 18:56:09 2020 us=663836 resolve_retry_seconds = 1000000000
Sun Apr 19 18:56:09 2020 us=663845 resolve_in_advance = DISABLED
Sun Apr 19 18:56:09 2020 us=663862 username = '[UNDEF]'
Sun Apr 19 18:56:09 2020 us=663872 groupname = '[UNDEF]'
Sun Apr 19 18:56:09 2020 us=663881 chroot_dir = '[UNDEF]'
Sun Apr 19 18:56:09 2020 us=663890 cd_dir = '[UNDEF]'
Sun Apr 19 18:56:09 2020 us=663899 writepid = '[UNDEF]'
Sun Apr 19 18:56:09 2020 us=663907 up_script = '[UNDEF]'
Sun Apr 19 18:56:09 2020 us=663916 down_script = '[UNDEF]'
Sun Apr 19 18:56:09 2020 us=663925 down_pre = DISABLED
Sun Apr 19 18:56:09 2020 us=663934 up_restart = DISABLED
Sun Apr 19 18:56:09 2020 us=663943 up_delay = DISABLED
Sun Apr 19 18:56:09 2020 us=663952 daemon = DISABLED
Sun Apr 19 18:56:09 2020 us=663961 inetd = 0
Sun Apr 19 18:56:09 2020 us=663970 log = DISABLED
Sun Apr 19 18:56:09 2020 us=663979 suppress_timestamps = DISABLED
Sun Apr 19 18:56:09 2020 us=663988 machine_readable_output = DISABLED
Sun Apr 19 18:56:09 2020 us=663996 nice = 0
Sun Apr 19 18:56:09 2020 us=664005 verbosity = 4
Sun Apr 19 18:56:09 2020 us=664014 mute = 0
Sun Apr 19 18:56:09 2020 us=664023 gremlin = 0
Sun Apr 19 18:56:09 2020 us=664032 status_file = '[UNDEF]'
Sun Apr 19 18:56:09 2020 us=664041 status_file_version = 1
Sun Apr 19 18:56:09 2020 us=664050 status_file_update_freq = 60
Sun Apr 19 18:56:09 2020 us=664059 occ = ENABLED
Sun Apr 19 18:56:09 2020 us=664068 rcvbuf = 0
Sun Apr 19 18:56:09 2020 us=664077 sndbuf = 0
Sun Apr 19 18:56:09 2020 us=664085 mark = 0
Sun Apr 19 18:56:09 2020 us=664094 sockflags = 0
Sun Apr 19 18:56:09 2020 us=664103 fast_io = DISABLED
Sun Apr 19 18:56:09 2020 us=664112 comp.alg = 2
Sun Apr 19 18:56:09 2020 us=664121 comp.flags = 1
Sun Apr 19 18:56:09 2020 us=664130 route_script = '[UNDEF]'
Sun Apr 19 18:56:09 2020 us=664139 route_default_gateway = '[UNDEF]'
Sun Apr 19 18:56:09 2020 us=664148 route_default_metric = 0
Sun Apr 19 18:56:09 2020 us=664157 route_noexec = DISABLED
Sun Apr 19 18:56:09 2020 us=664166 route_delay = 4
Sun Apr 19 18:56:09 2020 us=664175 route_delay_window = 30
Sun Apr 19 18:56:09 2020 us=664184 route_delay_defined = ENABLED
Sun Apr 19 18:56:09 2020 us=664193 route_nopull = DISABLED
Sun Apr 19 18:56:09 2020 us=664202 route_gateway_via_dhcp = DISABLED
Sun Apr 19 18:56:09 2020 us=664211 allow_pull_fqdn = DISABLED
Sun Apr 19 18:56:09 2020 us=664220 route remote_host/255.255.255.255/net_gateway/default (not set)
Sun Apr 19 18:56:09 2020 us=664229 management_addr = '[UNDEF]'
Sun Apr 19 18:56:09 2020 us=664239 management_port = '[UNDEF]'
Sun Apr 19 18:56:09 2020 us=664248 management_user_pass = '[UNDEF]'
Sun Apr 19 18:56:09 2020 us=664257 management_log_history_cache = 250
Sun Apr 19 18:56:09 2020 us=664266 management_echo_buffer_size = 100
Sun Apr 19 18:56:09 2020 us=664275 management_write_peer_info_file = '[UNDEF]'
Sun Apr 19 18:56:09 2020 us=664284 management_client_user = '[UNDEF]'
Sun Apr 19 18:56:09 2020 us=664293 management_client_group = '[UNDEF]'
Sun Apr 19 18:56:09 2020 us=664303 management_flags = 0
Sun Apr 19 18:56:09 2020 us=664312 shared_secret_file = '[UNDEF]'
Sun Apr 19 18:56:09 2020 us=664321 key_direction = not set
Sun Apr 19 18:56:09 2020 us=664330 ciphername = 'AES-128-CBC'
Sun Apr 19 18:56:09 2020 us=664340 ncp_enabled = ENABLED
Sun Apr 19 18:56:09 2020 us=664349 ncp_ciphers = 'AES-256-GCM:AES-128-GCM'
Sun Apr 19 18:56:09 2020 us=664358 authname = 'SHA256'
Sun Apr 19 18:56:09 2020 us=664368 prng_hash = 'SHA1'
Sun Apr 19 18:56:09 2020 us=664377 prng_nonce_secret_len = 16
Sun Apr 19 18:56:09 2020 us=664387 keysize = 0
Sun Apr 19 18:56:09 2020 us=664396 engine = DISABLED
Sun Apr 19 18:56:09 2020 us=664406 replay = ENABLED
Sun Apr 19 18:56:09 2020 us=664415 mute_replay_warnings = DISABLED
Sun Apr 19 18:56:09 2020 us=664424 replay_window = 64
Sun Apr 19 18:56:09 2020 us=664434 replay_time = 15
Sun Apr 19 18:56:09 2020 us=664443 packet_id_file = '[UNDEF]'
Sun Apr 19 18:56:09 2020 us=664452 use_iv = ENABLED
Sun Apr 19 18:56:09 2020 us=664461 test_crypto = DISABLED
Sun Apr 19 18:56:09 2020 us=664471 tls_server = DISABLED
Sun Apr 19 18:56:09 2020 us=664485 tls_client = ENABLED
Sun Apr 19 18:56:09 2020 us=664496 key_method = 2
Sun Apr 19 18:56:09 2020 us=664505 ca_file = '[[INLINE]]'
Sun Apr 19 18:56:09 2020 us=664515 ca_path = '[UNDEF]'
Sun Apr 19 18:56:09 2020 us=664524 dh_file = '[UNDEF]'
Sun Apr 19 18:56:09 2020 us=664533 cert_file = '[[INLINE]]'
Sun Apr 19 18:56:09 2020 us=664543 extra_certs_file = '[UNDEF]'
Sun Apr 19 18:56:09 2020 us=664552 priv_key_file = '[[INLINE]]'
Sun Apr 19 18:56:09 2020 us=664561 pkcs12_file = '[UNDEF]'
Sun Apr 19 18:56:09 2020 us=664571 cipher_list = '[UNDEF]'
Sun Apr 19 18:56:09 2020 us=664580 cipher_list_tls13 = '[UNDEF]'
Sun Apr 19 18:56:09 2020 us=664589 tls_cert_profile = '[UNDEF]'
Sun Apr 19 18:56:09 2020 us=664598 tls_verify = '[UNDEF]'
Sun Apr 19 18:56:09 2020 us=664607 tls_export_cert = '[UNDEF]'
Sun Apr 19 18:56:09 2020 us=664616 verify_x509_type = 1
Sun Apr 19 18:56:09 2020 us=664626 verify_x509_name = 'C=de, L=Stadt, O=Land, CN=Fluss, emailAddress=Flüsschen'
Sun Apr 19 18:56:09 2020 us=664636 crl_file = '[UNDEF]'
Sun Apr 19 18:56:09 2020 us=664645 ns_cert_type = 0
Sun Apr 19 18:56:09 2020 us=664654 remote_cert_ku[i] = 0
Sun Apr 19 18:56:09 2020 us=664663 remote_cert_ku[i] = 0
Sun Apr 19 18:56:09 2020 us=664673 remote_cert_ku[i] = 0
Sun Apr 19 18:56:09 2020 us=664682 remote_cert_ku[i] = 0
Sun Apr 19 18:56:09 2020 us=664691 remote_cert_ku[i] = 0
Sun Apr 19 18:56:09 2020 us=664701 remote_cert_ku[i] = 0
Sun Apr 19 18:56:09 2020 us=664710 remote_cert_ku[i] = 0
Sun Apr 19 18:56:09 2020 us=664719 remote_cert_ku[i] = 0
Sun Apr 19 18:56:09 2020 us=664728 remote_cert_ku[i] = 0
Sun Apr 19 18:56:09 2020 us=664738 remote_cert_ku[i] = 0
Sun Apr 19 18:56:09 2020 us=664747 remote_cert_ku[i] = 0
Sun Apr 19 18:56:09 2020 us=664756 remote_cert_ku[i] = 0
Sun Apr 19 18:56:09 2020 us=664766 remote_cert_ku[i] = 0
Sun Apr 19 18:56:09 2020 us=664775 remote_cert_ku[i] = 0
Sun Apr 19 18:56:09 2020 us=664784 remote_cert_ku[i] = 0
Sun Apr 19 18:56:09 2020 us=664793 remote_cert_ku[i] = 0
Sun Apr 19 18:56:09 2020 us=664803 remote_cert_eku = '[UNDEF]'
Sun Apr 19 18:56:09 2020 us=664812 ssl_flags = 0
Sun Apr 19 18:56:09 2020 us=664821 tls_timeout = 2
Sun Apr 19 18:56:09 2020 us=664831 renegotiate_bytes = -1
Sun Apr 19 18:56:09 2020 us=664840 renegotiate_packets = 0
Sun Apr 19 18:56:09 2020 us=664850 renegotiate_seconds = 0
Sun Apr 19 18:56:09 2020 us=664859 handshake_window = 60
Sun Apr 19 18:56:09 2020 us=664868 transition_window = 3600
Sun Apr 19 18:56:09 2020 us=664877 single_session = DISABLED
Sun Apr 19 18:56:09 2020 us=664887 push_peer_info = DISABLED
Sun Apr 19 18:56:09 2020 us=664896 tls_exit = DISABLED
Sun Apr 19 18:56:09 2020 us=664905 tls_auth_file = '[UNDEF]'
Sun Apr 19 18:56:09 2020 us=664914 tls_crypt_file = '[UNDEF]'
Sun Apr 19 18:56:09 2020 us=664924 pkcs11_protected_authentication = DISABLED
Sun Apr 19 18:56:09 2020 us=664933 pkcs11_protected_authentication = DISABLED
Sun Apr 19 18:56:09 2020 us=664942 pkcs11_protected_authentication = DISABLED
Sun Apr 19 18:56:09 2020 us=664951 pkcs11_protected_authentication = DISABLED
Sun Apr 19 18:56:09 2020 us=664961 pkcs11_protected_authentication = DISABLED
Sun Apr 19 18:56:09 2020 us=664970 pkcs11_protected_authentication = DISABLED
Sun Apr 19 18:56:09 2020 us=664979 pkcs11_protected_authentication = DISABLED
Sun Apr 19 18:56:09 2020 us=664988 pkcs11_protected_authentication = DISABLED
Sun Apr 19 18:56:09 2020 us=664997 pkcs11_protected_authentication = DISABLED
Sun Apr 19 18:56:09 2020 us=665007 pkcs11_protected_authentication = DISABLED
Sun Apr 19 18:56:09 2020 us=665016 pkcs11_protected_authentication = DISABLED
Sun Apr 19 18:56:09 2020 us=665025 pkcs11_protected_authentication = DISABLED
Sun Apr 19 18:56:09 2020 us=665034 pkcs11_protected_authentication = DISABLED
Sun Apr 19 18:56:09 2020 us=665043 pkcs11_protected_authentication = DISABLED
Sun Apr 19 18:56:09 2020 us=665053 pkcs11_protected_authentication = DISABLED
Sun Apr 19 18:56:09 2020 us=665067 pkcs11_protected_authentication = DISABLED
Sun Apr 19 18:56:09 2020 us=665077 pkcs11_private_mode = 00000000
Sun Apr 19 18:56:09 2020 us=665087 pkcs11_private_mode = 00000000
Sun Apr 19 18:56:09 2020 us=665096 pkcs11_private_mode = 00000000
Sun Apr 19 18:56:09 2020 us=665105 pkcs11_private_mode = 00000000
Sun Apr 19 18:56:09 2020 us=665115 pkcs11_private_mode = 00000000
Sun Apr 19 18:56:09 2020 us=665124 pkcs11_private_mode = 00000000
Sun Apr 19 18:56:09 2020 us=665133 pkcs11_private_mode = 00000000
Sun Apr 19 18:56:09 2020 us=665142 pkcs11_private_mode = 00000000
Sun Apr 19 18:56:09 2020 us=665151 pkcs11_private_mode = 00000000
Sun Apr 19 18:56:09 2020 us=665160 pkcs11_private_mode = 00000000
Sun Apr 19 18:56:09 2020 us=665170 pkcs11_private_mode = 00000000
Sun Apr 19 18:56:09 2020 us=665179 pkcs11_private_mode = 00000000
Sun Apr 19 18:56:09 2020 us=665188 pkcs11_private_mode = 00000000
Sun Apr 19 18:56:09 2020 us=665197 pkcs11_private_mode = 00000000
Sun Apr 19 18:56:09 2020 us=665206 pkcs11_private_mode = 00000000
Sun Apr 19 18:56:09 2020 us=665249 pkcs11_private_mode = 00000000
Sun Apr 19 18:56:09 2020 us=665262 pkcs11_cert_private = DISABLED
Sun Apr 19 18:56:09 2020 us=665272 pkcs11_cert_private = DISABLED
Sun Apr 19 18:56:09 2020 us=665281 pkcs11_cert_private = DISABLED
Sun Apr 19 18:56:09 2020 us=665290 pkcs11_cert_private = DISABLED
Sun Apr 19 18:56:09 2020 us=665299 pkcs11_cert_private = DISABLED
Sun Apr 19 18:56:09 2020 us=665308 pkcs11_cert_private = DISABLED
Sun Apr 19 18:56:09 2020 us=665318 pkcs11_cert_private = DISABLED
Sun Apr 19 18:56:09 2020 us=665327 pkcs11_cert_private = DISABLED
Sun Apr 19 18:56:09 2020 us=665336 pkcs11_cert_private = DISABLED
Sun Apr 19 18:56:09 2020 us=665345 pkcs11_cert_private = DISABLED
Sun Apr 19 18:56:09 2020 us=665355 pkcs11_cert_private = DISABLED
Sun Apr 19 18:56:09 2020 us=665364 pkcs11_cert_private = DISABLED
Sun Apr 19 18:56:09 2020 us=665373 pkcs11_cert_private = DISABLED
Sun Apr 19 18:56:09 2020 us=665382 pkcs11_cert_private = DISABLED
Sun Apr 19 18:56:09 2020 us=665392 pkcs11_cert_private = DISABLED
Sun Apr 19 18:56:09 2020 us=665401 pkcs11_cert_private = DISABLED
Sun Apr 19 18:56:09 2020 us=665410 pkcs11_pin_cache_period = -1
Sun Apr 19 18:56:09 2020 us=665419 pkcs11_id = '[UNDEF]'
Sun Apr 19 18:56:09 2020 us=665429 pkcs11_id_management = DISABLED
Sun Apr 19 18:56:09 2020 us=665439 server_network = 0.0.0.0
Sun Apr 19 18:56:09 2020 us=665449 server_netmask = 0.0.0.0
Sun Apr 19 18:56:09 2020 us=665465 server_network_ipv6 = ::
Sun Apr 19 18:56:09 2020 us=665475 server_netbits_ipv6 = 0
Sun Apr 19 18:56:09 2020 us=665484 server_bridge_ip = 0.0.0.0
Sun Apr 19 18:56:09 2020 us=665494 server_bridge_netmask = 0.0.0.0
Sun Apr 19 18:56:09 2020 us=665507 server_bridge_pool_start = 0.0.0.0
Sun Apr 19 18:56:09 2020 us=665519 server_bridge_pool_end = 0.0.0.0
Sun Apr 19 18:56:09 2020 us=665528 ifconfig_pool_defined = DISABLED
Sun Apr 19 18:56:09 2020 us=665538 ifconfig_pool_start = 0.0.0.0
Sun Apr 19 18:56:09 2020 us=665548 ifconfig_pool_end = 0.0.0.0
Sun Apr 19 18:56:09 2020 us=665557 ifconfig_pool_netmask = 0.0.0.0
Sun Apr 19 18:56:09 2020 us=665566 ifconfig_pool_persist_filename = '[UNDEF]'
Sun Apr 19 18:56:09 2020 us=665576 ifconfig_pool_persist_refresh_freq = 600
Sun Apr 19 18:56:09 2020 us=665585 ifconfig_ipv6_pool_defined = DISABLED
Sun Apr 19 18:56:09 2020 us=665595 ifconfig_ipv6_pool_base = ::
Sun Apr 19 18:56:09 2020 us=665604 ifconfig_ipv6_pool_netbits = 0
Sun Apr 19 18:56:09 2020 us=665614 n_bcast_buf = 256
Sun Apr 19 18:56:09 2020 us=665623 tcp_queue_limit = 64
Sun Apr 19 18:56:09 2020 us=665633 real_hash_size = 256
Sun Apr 19 18:56:09 2020 us=665642 virtual_hash_size = 256
Sun Apr 19 18:56:09 2020 us=665651 client_connect_script = '[UNDEF]'
Sun Apr 19 18:56:09 2020 us=665661 learn_address_script = '[UNDEF]'
Sun Apr 19 18:56:09 2020 us=665670 client_disconnect_script = '[UNDEF]'
Sun Apr 19 18:56:09 2020 us=665685 client_config_dir = '[UNDEF]'
Sun Apr 19 18:56:09 2020 us=665695 ccd_exclusive = DISABLED
Sun Apr 19 18:56:09 2020 us=665704 tmp_dir = '/tmp'
Sun Apr 19 18:56:09 2020 us=665798 push_ifconfig_defined = DISABLED
Sun Apr 19 18:56:09 2020 us=665809 push_ifconfig_local = 0.0.0.0
Sun Apr 19 18:56:09 2020 us=665819 push_ifconfig_remote_netmask = 0.0.0.0
Sun Apr 19 18:56:09 2020 us=665828 push_ifconfig_ipv6_defined = DISABLED
Sun Apr 19 18:56:09 2020 us=665838 push_ifconfig_ipv6_local = ::/0
Sun Apr 19 18:56:09 2020 us=665847 push_ifconfig_ipv6_remote = ::
Sun Apr 19 18:56:09 2020 us=665856 enable_c2c = DISABLED
Sun Apr 19 18:56:09 2020 us=665865 duplicate_cn = DISABLED
Sun Apr 19 18:56:09 2020 us=665875 cf_max = 0
Sun Apr 19 18:56:09 2020 us=665884 cf_per = 0
Sun Apr 19 18:56:09 2020 us=665893 max_clients = 1024
Sun Apr 19 18:56:09 2020 us=665902 max_routes_per_client = 256
Sun Apr 19 18:56:09 2020 us=665911 auth_user_pass_verify_script = '[UNDEF]'
Sun Apr 19 18:56:09 2020 us=665920 auth_user_pass_verify_script_via_file = DISABLED
Sun Apr 19 18:56:09 2020 us=665929 auth_token_generate = DISABLED
Sun Apr 19 18:56:09 2020 us=665938 auth_token_lifetime = 0
Sun Apr 19 18:56:09 2020 us=665948 port_share_host = '[UNDEF]'
Sun Apr 19 18:56:09 2020 us=665957 port_share_port = '[UNDEF]'
Sun Apr 19 18:56:09 2020 us=665966 client = ENABLED
Sun Apr 19 18:56:09 2020 us=665975 pull = ENABLED
Sun Apr 19 18:56:09 2020 us=665984 auth_user_pass_file = 'stdin'
Sun Apr 19 18:56:09 2020 us=665994 OpenVPN 2.4.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Sep 5 2019
Sun Apr 19 18:56:09 2020 us=666010 library versions: OpenSSL 1.1.1c 28 May 2019, LZO 2.10
Enter Auth Username: Ben Utzer
Enter Auth Password: ************************************************************
Sun Apr 19 18:56:17 2020 us=831243 LZO compression initializing
Sun Apr 19 18:56:17 2020 us=831414 Control Channel MTU parms [ L:1624 D:1210 EF:40 EB:0 ET:0 EL:3 ]
Sun Apr 19 18:56:17 2020 us=831456 Data Channel MTU parms [ L:1624 D:1450 EF:124 EB:406 ET:0 EL:3 ]
Sun Apr 19 18:56:17 2020 us=831489 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1572,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,cipher AES-128-CBC,auth SHA256,keysize 128,key-method 2,tls-client'
Sun Apr 19 18:56:17 2020 us=831504 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1572,tun-mtu 1500,proto TCPv4_SERVER,comp-lzo,cipher AES-128-CBC,auth SHA256,keysize 128,key-method 2,tls-server'
Sun Apr 19 18:56:17 2020 us=831533 TCP/UDP: Preserving recently used remote address: [AF_INET]123.123.123.123:443
Sun Apr 19 18:56:17 2020 us=831583 Socket Buffers: R=[131072->131072] S=[16384->16384]
Sun Apr 19 18:56:17 2020 us=831601 Attempting to establish TCP connection with [AF_INET]123.123.123.123:443 [nonblock]
Sun Apr 19 18:56:18 2020 us=833104 TCP connection established with [AF_INET]123.123.123.123:443
Sun Apr 19 18:56:18 2020 us=833186 TCP_CLIENT link local: (not bound)
Sun Apr 19 18:56:18 2020 us=833214 TCP_CLIENT link remote: [AF_INET]123.123.123.123:443
Sun Apr 19 18:56:18 2020 us=843899 TLS: Initial packet from [AF_INET]123.123.123.123:443, sid=d526e1bd b91a3ffd
Sun Apr 19 18:56:18 2020 us=844054 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Sun Apr 19 18:56:18 2020 us=877379 VERIFY OK: depth=1, C=de, L=Stadt, O=Land, CN=Land VPN CA, emailAddress=Flüsschen
Sun Apr 19 18:56:18 2020 us=877753 VERIFY X509NAME OK: C=de, L=Stadt, O=Land, CN=Fluss, emailAddress=Flüsschen
Sun Apr 19 18:56:18 2020 us=877779 VERIFY OK: depth=0, C=de, L=Stadt, O=Land, CN=Fluss, emailAddress=Flüsschen
Sun Apr 19 18:56:18 2020 us=940651 Control Channel: TLSv1.2, cipher TLSv1.2 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Sun Apr 19 18:56:18 2020 us=941008 [Fluss] Peer Connection Initiated with [AF_INET]123.123.123.123:443
Sun Apr 19 18:56:19 2020 us=950435 SENT CONTROL [Fluss]: 'PUSH_REQUEST' (status=1)
Sun Apr 19 18:56:24 2020 us=969739 SENT CONTROL [Fluss]: 'PUSH_REQUEST' (status=1)
Sun Apr 19 18:56:24 2020 us=986004 PUSH: Received control message: 'PUSH_REPLY,route-gateway 10.242.2.1,route-gateway 10.242.2.1,topology subnet,ping 10,ping-restart 120,route 10.10.0.0 255.255.0.0,ifconfig 10.242.2.3 255.255.255.0'
Sun Apr 19 18:56:24 2020 us=986197 OPTIONS IMPORT: timers and/or timeouts modified
Sun Apr 19 18:56:24 2020 us=986218 OPTIONS IMPORT: --ifconfig/up options modified
Sun Apr 19 18:56:24 2020 us=986231 OPTIONS IMPORT: route options modified
Sun Apr 19 18:56:24 2020 us=986242 OPTIONS IMPORT: route-related options modified
Sun Apr 19 18:56:24 2020 us=986266 Data Channel MTU parms [ L:1572 D:1450 EF:72 EB:406 ET:0 EL:3 ]
Sun Apr 19 18:56:24 2020 us=986360 Outgoing Data Channel: Cipher 'AES-128-CBC' initialized with 128 bit key
Sun Apr 19 18:56:24 2020 us=986379 Outgoing Data Channel: Using 256 bit message hash 'SHA256' for HMAC authentication
Sun Apr 19 18:56:24 2020 us=986395 Incoming Data Channel: Cipher 'AES-128-CBC' initialized with 128 bit key
Sun Apr 19 18:56:24 2020 us=986411 Incoming Data Channel: Using 256 bit message hash 'SHA256' for HMAC authentication
Sun Apr 19 18:56:24 2020 us=986591 ROUTE_GATEWAY 10.0.2.2/255.255.255.0 IFACE=eth0 HWADDR=aa:bb:cc:dd:ee:ff
Sun Apr 19 18:56:24 2020 us=989968 TUN/TAP device tun0 opened
Sun Apr 19 18:56:24 2020 us=990120 TUN/TAP TX queue length set to 100
Sun Apr 19 18:56:24 2020 us=990151 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Sun Apr 19 18:56:24 2020 us=990172 /sbin/ip link set dev tun0 up mtu 1500
Sun Apr 19 18:56:25 2020 us=3174 /sbin/ip addr add dev tun0 10.242.2.3/24 broadcast 10.242.2.255
Sun Apr 19 18:56:29 2020 us=985062 /sbin/ip route add 123.123.123.123/32 via 10.0.2.2
Sun Apr 19 18:56:29 2020 us=987540 /sbin/ip route add 10.10.0.0/16 via 10.242.2.1
Sun Apr 19 18:56:29 2020 us=989690 Initialization Sequence Completed
Sun Apr 19 18:57:02 2020 us=669265 event_wait : Interrupted system call (code=4)
Sun Apr 19 18:57:02 2020 us=669536 TCP/UDP: Closing socket
Sun Apr 19 18:57:02 2020 us=669730 /sbin/ip route del 123.123.123.123/32
Sun Apr 19 18:57:02 2020 us=672039 /sbin/ip route del 10.10.0.0/16
Sun Apr 19 18:57:02 2020 us=673743 Closing TUN/TAP interface
Sun Apr 19 18:57:02 2020 us=673799 /sbin/ip addr del dev tun0 10.242.2.3/24
Sun Apr 19 18:57:02 2020 us=692125 SIGINT[hard,] received, process exiting
$