Hi Gert, Actually, I was testing Samuli's 2.5-beta2 installer from the link below: Note sure if it's with the patch for data-ciphers but I guess so. I'll pull the 2.5-beta2 code and build it in order to check if it's working properly.
https://build.openvpn.net/downloads/releases/OpenVPN-2.5-beta2-I601-amd64.msi Moreover, please see the comments inline... Please let me know if you need anything else. BR Gava On Sat, Aug 29, 2020 at 4:47 PM Gert Doering <g...@greenie.muc.de> wrote: > Hi, > > On Sat, Aug 29, 2020 at 04:19:07PM -0300, Rafael Gava wrote: > > This thread has a could days but I'm testing the version 2.5-beta2 and > I'm > > getting the following error: > > > > 2020-08-29 16:02:53 us=643016 OPTIONS ERROR: failed to negotiate cipher > > with server. Add the server's cipher ('BF-CBC') to --data-ciphers > > (currently 'BF-CBC') if you want to connect to this server. > > Which combination of client/server is this exactly? 2.5-beta2 on > the client, what is on the server? Can we have some more log file, > including the "PUSH_REPLY", please? > > The server version is 2.3.18. The client: 2020-08-29 16:02:50 us=235805 OpenVPN 2.5_beta2 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Aug 27 2020 2020-08-29 16:02:50 us=235805 Windows version 10.0 (Windows 10 or greater) 64bit 2020-08-29 16:02:50 us=235805 library versions: OpenSSL 1.1.1g 21 Apr 2020, LZO 2.10 And, if this is on windows, please make sure it's really "beta2" - the > installer will not replace openvpn.exe when going from beta1 to beta2, > so you might run an 2.5_beta1 openvpn.exe. > > [..] > > I know that you guys are trying to get rid of the BF-CBC but my question > > is, should it still work if we set these parameters in the config file or > > am I missing or doing something wrong? :-) > > It definitely should work. > > It does work for my test bed, but I am not testing "2.5 client against > 'some old server'" yet - only the other way round, 2.2/2.3/2.4/2.5 client > against 2.5 server. It needs "data-ciphers BF-CBC" (or "cipher BF-CBC") > to be added to the config for non-NCP combinations, but afterwards > it works. > > I falled back to the 2.5-beta1 using the same configuration and it worked. Attached are both logs and the client config. > gert > -- > "If was one thing all people took for granted, was conviction that if you > feed honest figures into a computer, honest figures come out. Never > doubted > it myself till I met a computer with a sense of humor." > Robert A. Heinlein, The Moon is a Harsh > Mistress > > Gert Doering - Munich, Germany > g...@greenie.muc.de >
2020-08-29 16:02:50 us=235805 WARNING: Ignoring option 'dh' in tls-client mode, please only include this in your server configuration 2020-08-29 16:02:50 us=235805 Current Parameter Settings: 2020-08-29 16:02:50 us=235805 config = 'Test.ovpn' 2020-08-29 16:02:50 us=235805 mode = 0 2020-08-29 16:02:50 us=235805 show_ciphers = DISABLED 2020-08-29 16:02:50 us=235805 show_digests = DISABLED 2020-08-29 16:02:50 us=235805 show_engines = DISABLED 2020-08-29 16:02:50 us=235805 genkey = DISABLED 2020-08-29 16:02:50 us=235805 genkey_filename = '[UNDEF]' 2020-08-29 16:02:50 us=235805 key_pass_file = '[UNDEF]' 2020-08-29 16:02:50 us=235805 show_tls_ciphers = DISABLED 2020-08-29 16:02:50 us=235805 connect_retry_max = 0 2020-08-29 16:02:50 us=235805 Connection profiles [0]: 2020-08-29 16:02:50 us=235805 proto = tcp-client 2020-08-29 16:02:50 us=235805 local = '[UNDEF]' 2020-08-29 16:02:50 us=235805 local_port = '[UNDEF]' 2020-08-29 16:02:50 us=235805 remote = '192.168.1.1' 2020-08-29 16:02:50 us=235805 remote_port = '443' 2020-08-29 16:02:50 us=235805 remote_float = DISABLED 2020-08-29 16:02:50 us=235805 bind_defined = DISABLED 2020-08-29 16:02:50 us=235805 bind_local = DISABLED 2020-08-29 16:02:50 us=235805 bind_ipv6_only = DISABLED 2020-08-29 16:02:50 us=235805 connect_retry_seconds = 5 2020-08-29 16:02:50 us=235805 connect_timeout = 120 2020-08-29 16:02:50 us=235805 socks_proxy_server = '[UNDEF]' 2020-08-29 16:02:50 us=235805 socks_proxy_port = '[UNDEF]' 2020-08-29 16:02:50 us=235805 tun_mtu = 1500 2020-08-29 16:02:50 us=235805 tun_mtu_defined = ENABLED 2020-08-29 16:02:50 us=235805 link_mtu = 1500 2020-08-29 16:02:50 us=235805 link_mtu_defined = DISABLED 2020-08-29 16:02:50 us=235805 tun_mtu_extra = 0 2020-08-29 16:02:50 us=235805 tun_mtu_extra_defined = DISABLED 2020-08-29 16:02:50 us=235805 mtu_discover_type = -1 2020-08-29 16:02:50 us=235805 fragment = 0 2020-08-29 16:02:50 us=235805 mssfix = 1450 2020-08-29 16:02:50 us=235805 explicit_exit_notification = 0 2020-08-29 16:02:50 us=235805 tls_auth_file = '[INLINE]' 2020-08-29 16:02:50 us=235805 key_direction = 1 2020-08-29 16:02:50 us=235805 tls_crypt_file = '[UNDEF]' 2020-08-29 16:02:50 us=235805 tls_crypt_v2_file = '[UNDEF]' 2020-08-29 16:02:50 us=235805 Connection profiles END 2020-08-29 16:02:50 us=235805 remote_random = DISABLED 2020-08-29 16:02:50 us=235805 ipchange = '[UNDEF]' 2020-08-29 16:02:50 us=235805 dev = 'tun' 2020-08-29 16:02:50 us=235805 dev_type = '[UNDEF]' 2020-08-29 16:02:50 us=235805 dev_node = '[UNDEF]' 2020-08-29 16:02:50 us=235805 lladdr = '[UNDEF]' 2020-08-29 16:02:50 us=235805 topology = 1 2020-08-29 16:02:50 us=235805 ifconfig_local = '[UNDEF]' 2020-08-29 16:02:50 us=235805 ifconfig_remote_netmask = '[UNDEF]' 2020-08-29 16:02:50 us=235805 ifconfig_noexec = DISABLED 2020-08-29 16:02:50 us=235805 ifconfig_nowarn = DISABLED 2020-08-29 16:02:50 us=235805 ifconfig_ipv6_local = '[UNDEF]' 2020-08-29 16:02:50 us=235805 ifconfig_ipv6_netbits = 0 2020-08-29 16:02:50 us=235805 ifconfig_ipv6_remote = '[UNDEF]' 2020-08-29 16:02:50 us=235805 shaper = 0 2020-08-29 16:02:50 us=235805 mtu_test = 0 2020-08-29 16:02:50 us=235805 mlock = DISABLED 2020-08-29 16:02:50 us=235805 keepalive_ping = 30 2020-08-29 16:02:50 us=235805 keepalive_timeout = 120 2020-08-29 16:02:50 us=235805 inactivity_timeout = 0 2020-08-29 16:02:50 us=235805 ping_send_timeout = 30 2020-08-29 16:02:50 us=235805 ping_rec_timeout = 120 2020-08-29 16:02:50 us=235805 ping_rec_timeout_action = 2 2020-08-29 16:02:50 us=235805 ping_timer_remote = DISABLED 2020-08-29 16:02:50 us=235805 remap_sigusr1 = 15 2020-08-29 16:02:50 us=235805 persist_tun = ENABLED 2020-08-29 16:02:50 us=235805 persist_local_ip = DISABLED 2020-08-29 16:02:50 us=235805 persist_remote_ip = DISABLED 2020-08-29 16:02:50 us=235805 persist_key = ENABLED 2020-08-29 16:02:50 us=235805 passtos = DISABLED 2020-08-29 16:02:50 us=235805 resolve_retry_seconds = 1000000000 2020-08-29 16:02:50 us=235805 resolve_in_advance = DISABLED 2020-08-29 16:02:50 us=235805 username = '[UNDEF]' 2020-08-29 16:02:50 us=235805 groupname = '[UNDEF]' 2020-08-29 16:02:50 us=235805 chroot_dir = '[UNDEF]' 2020-08-29 16:02:50 us=235805 cd_dir = '[UNDEF]' 2020-08-29 16:02:50 us=235805 writepid = '[UNDEF]' 2020-08-29 16:02:50 us=235805 up_script = '[UNDEF]' 2020-08-29 16:02:50 us=235805 down_script = '[UNDEF]' 2020-08-29 16:02:50 us=235805 down_pre = DISABLED 2020-08-29 16:02:50 us=235805 up_restart = DISABLED 2020-08-29 16:02:50 us=235805 up_delay = DISABLED 2020-08-29 16:02:50 us=235805 daemon = DISABLED 2020-08-29 16:02:50 us=235805 inetd = 0 2020-08-29 16:02:50 us=235805 log = ENABLED 2020-08-29 16:02:50 us=235805 suppress_timestamps = DISABLED 2020-08-29 16:02:50 us=235805 machine_readable_output = DISABLED 2020-08-29 16:02:50 us=235805 nice = 0 2020-08-29 16:02:50 us=235805 verbosity = 4 2020-08-29 16:02:50 us=235805 mute = 0 2020-08-29 16:02:50 us=235805 gremlin = 0 2020-08-29 16:02:50 us=235805 status_file = 'openvpn-status.log' 2020-08-29 16:02:50 us=235805 status_file_version = 1 2020-08-29 16:02:50 us=235805 status_file_update_freq = 60 2020-08-29 16:02:50 us=235805 occ = ENABLED 2020-08-29 16:02:50 us=235805 rcvbuf = 0 2020-08-29 16:02:50 us=235805 sndbuf = 0 2020-08-29 16:02:50 us=235805 sockflags = 0 2020-08-29 16:02:50 us=235805 fast_io = DISABLED 2020-08-29 16:02:50 us=235805 comp.alg = 1 2020-08-29 16:02:50 us=235805 comp.flags = 0 2020-08-29 16:02:50 us=235805 route_script = '[UNDEF]' 2020-08-29 16:02:50 us=235805 route_default_gateway = '[UNDEF]' 2020-08-29 16:02:50 us=235805 route_default_metric = 0 2020-08-29 16:02:50 us=235805 route_noexec = DISABLED 2020-08-29 16:02:50 us=235805 route_delay = 2 2020-08-29 16:02:50 us=235805 route_delay_window = 30 2020-08-29 16:02:50 us=235805 route_delay_defined = ENABLED 2020-08-29 16:02:50 us=235805 route_nopull = DISABLED 2020-08-29 16:02:50 us=235805 route_gateway_via_dhcp = DISABLED 2020-08-29 16:02:50 us=235805 allow_pull_fqdn = DISABLED 2020-08-29 16:02:50 us=235805 Pull filters: 2020-08-29 16:02:50 us=235805 ignore "route-method" 2020-08-29 16:02:50 us=235805 management_addr = '127.0.0.1' 2020-08-29 16:02:50 us=235805 management_port = '25340' 2020-08-29 16:02:50 us=235805 management_user_pass = 'stdin' 2020-08-29 16:02:50 us=235805 management_log_history_cache = 250 2020-08-29 16:02:50 us=235805 management_echo_buffer_size = 100 2020-08-29 16:02:50 us=235805 management_write_peer_info_file = '[UNDEF]' 2020-08-29 16:02:50 us=235805 management_client_user = '[UNDEF]' 2020-08-29 16:02:50 us=235805 management_client_group = '[UNDEF]' 2020-08-29 16:02:50 us=235805 management_flags = 6 2020-08-29 16:02:50 us=235805 shared_secret_file = '[UNDEF]' 2020-08-29 16:02:50 us=235805 key_direction = 1 2020-08-29 16:02:50 us=235805 ciphername = 'BF-CBC' 2020-08-29 16:02:50 us=235805 ncp_enabled = ENABLED 2020-08-29 16:02:50 us=235805 ncp_ciphers = 'BF-CBC' 2020-08-29 16:02:50 us=235805 authname = 'SHA1' 2020-08-29 16:02:50 us=235805 prng_hash = 'SHA1' 2020-08-29 16:02:50 us=235805 prng_nonce_secret_len = 16 2020-08-29 16:02:50 us=235805 keysize = 0 2020-08-29 16:02:50 us=235805 engine = DISABLED 2020-08-29 16:02:50 us=235805 replay = ENABLED 2020-08-29 16:02:50 us=235805 mute_replay_warnings = DISABLED 2020-08-29 16:02:50 us=235805 replay_window = 64 2020-08-29 16:02:50 us=235805 replay_time = 15 2020-08-29 16:02:50 us=235805 packet_id_file = '[UNDEF]' 2020-08-29 16:02:50 us=235805 test_crypto = DISABLED 2020-08-29 16:02:50 us=235805 tls_server = DISABLED 2020-08-29 16:02:50 us=235805 tls_client = ENABLED 2020-08-29 16:02:50 us=235805 ca_file = '[INLINE]' 2020-08-29 16:02:50 us=235805 ca_path = '[UNDEF]' 2020-08-29 16:02:50 us=235805 dh_file = '[UNDEF]' 2020-08-29 16:02:50 us=235805 cert_file = '[INLINE]' 2020-08-29 16:02:50 us=235805 extra_certs_file = '[UNDEF]' 2020-08-29 16:02:50 us=235805 priv_key_file = '[INLINE]' 2020-08-29 16:02:50 us=235805 pkcs12_file = '[UNDEF]' 2020-08-29 16:02:50 us=235805 cryptoapi_cert = '[UNDEF]' 2020-08-29 16:02:50 us=235805 cipher_list = '[UNDEF]' 2020-08-29 16:02:50 us=235805 cipher_list_tls13 = '[UNDEF]' 2020-08-29 16:02:50 us=235805 tls_cert_profile = '[UNDEF]' 2020-08-29 16:02:50 us=235805 tls_verify = '[UNDEF]' 2020-08-29 16:02:50 us=235805 tls_export_cert = '[UNDEF]' 2020-08-29 16:02:50 us=235805 verify_x509_type = 0 2020-08-29 16:02:50 us=235805 verify_x509_name = '[UNDEF]' 2020-08-29 16:02:50 us=235805 crl_file = '[UNDEF]' 2020-08-29 16:02:50 us=235805 ns_cert_type = 0 2020-08-29 16:02:50 us=235805 remote_cert_ku[i] = 65535 2020-08-29 16:02:50 us=235805 remote_cert_ku[i] = 0 2020-08-29 16:02:50 us=235805 remote_cert_ku[i] = 0 2020-08-29 16:02:50 us=235805 remote_cert_ku[i] = 0 2020-08-29 16:02:50 us=235805 remote_cert_ku[i] = 0 2020-08-29 16:02:50 us=235805 remote_cert_ku[i] = 0 2020-08-29 16:02:50 us=235805 remote_cert_ku[i] = 0 2020-08-29 16:02:50 us=235805 remote_cert_ku[i] = 0 2020-08-29 16:02:50 us=235805 remote_cert_ku[i] = 0 2020-08-29 16:02:50 us=235805 remote_cert_ku[i] = 0 2020-08-29 16:02:50 us=235805 remote_cert_ku[i] = 0 2020-08-29 16:02:50 us=235805 remote_cert_ku[i] = 0 2020-08-29 16:02:50 us=235805 remote_cert_ku[i] = 0 2020-08-29 16:02:50 us=235805 remote_cert_ku[i] = 0 2020-08-29 16:02:50 us=235805 remote_cert_ku[i] = 0 2020-08-29 16:02:50 us=235805 remote_cert_ku[i] = 0 2020-08-29 16:02:50 us=235805 remote_cert_eku = 'TLS Web Server Authentication' 2020-08-29 16:02:50 us=235805 ssl_flags = 192 2020-08-29 16:02:50 us=235805 tls_timeout = 2 2020-08-29 16:02:50 us=235805 renegotiate_bytes = -1 2020-08-29 16:02:50 us=235805 renegotiate_packets = 0 2020-08-29 16:02:50 us=235805 renegotiate_seconds = 3600 2020-08-29 16:02:50 us=235805 handshake_window = 60 2020-08-29 16:02:50 us=235805 transition_window = 3600 2020-08-29 16:02:50 us=235805 single_session = DISABLED 2020-08-29 16:02:50 us=235805 push_peer_info = DISABLED 2020-08-29 16:02:50 us=235805 tls_exit = DISABLED 2020-08-29 16:02:50 us=235805 tls_crypt_v2_metadata = '[UNDEF]' 2020-08-29 16:02:50 us=235805 pkcs11_protected_authentication = DISABLED 2020-08-29 16:02:50 us=235805 pkcs11_protected_authentication = DISABLED 2020-08-29 16:02:50 us=235805 pkcs11_protected_authentication = DISABLED 2020-08-29 16:02:50 us=235805 pkcs11_protected_authentication = DISABLED 2020-08-29 16:02:50 us=235805 pkcs11_protected_authentication = DISABLED 2020-08-29 16:02:50 us=235805 pkcs11_protected_authentication = DISABLED 2020-08-29 16:02:50 us=235805 pkcs11_protected_authentication = DISABLED 2020-08-29 16:02:50 us=235805 pkcs11_protected_authentication = DISABLED 2020-08-29 16:02:50 us=235805 pkcs11_protected_authentication = DISABLED 2020-08-29 16:02:50 us=235805 pkcs11_protected_authentication = DISABLED 2020-08-29 16:02:50 us=235805 pkcs11_protected_authentication = DISABLED 2020-08-29 16:02:50 us=235805 pkcs11_protected_authentication = DISABLED 2020-08-29 16:02:50 us=235805 pkcs11_protected_authentication = DISABLED 2020-08-29 16:02:50 us=235805 pkcs11_protected_authentication = DISABLED 2020-08-29 16:02:50 us=235805 pkcs11_protected_authentication = DISABLED 2020-08-29 16:02:50 us=235805 pkcs11_protected_authentication = DISABLED 2020-08-29 16:02:50 us=235805 pkcs11_private_mode = 00000000 2020-08-29 16:02:50 us=235805 pkcs11_private_mode = 00000000 2020-08-29 16:02:50 us=235805 pkcs11_private_mode = 00000000 2020-08-29 16:02:50 us=235805 pkcs11_private_mode = 00000000 2020-08-29 16:02:50 us=235805 pkcs11_private_mode = 00000000 2020-08-29 16:02:50 us=235805 pkcs11_private_mode = 00000000 2020-08-29 16:02:50 us=235805 pkcs11_private_mode = 00000000 2020-08-29 16:02:50 us=235805 pkcs11_private_mode = 00000000 2020-08-29 16:02:50 us=235805 pkcs11_private_mode = 00000000 2020-08-29 16:02:50 us=235805 pkcs11_private_mode = 00000000 2020-08-29 16:02:50 us=235805 pkcs11_private_mode = 00000000 2020-08-29 16:02:50 us=235805 pkcs11_private_mode = 00000000 2020-08-29 16:02:50 us=235805 pkcs11_private_mode = 00000000 2020-08-29 16:02:50 us=235805 pkcs11_private_mode = 00000000 2020-08-29 16:02:50 us=235805 pkcs11_private_mode = 00000000 2020-08-29 16:02:50 us=235805 pkcs11_private_mode = 00000000 2020-08-29 16:02:50 us=235805 pkcs11_cert_private = DISABLED 2020-08-29 16:02:50 us=235805 pkcs11_cert_private = DISABLED 2020-08-29 16:02:50 us=235805 pkcs11_cert_private = DISABLED 2020-08-29 16:02:50 us=235805 pkcs11_cert_private = DISABLED 2020-08-29 16:02:50 us=235805 pkcs11_cert_private = DISABLED 2020-08-29 16:02:50 us=235805 pkcs11_cert_private = DISABLED 2020-08-29 16:02:50 us=235805 pkcs11_cert_private = DISABLED 2020-08-29 16:02:50 us=235805 pkcs11_cert_private = DISABLED 2020-08-29 16:02:50 us=235805 pkcs11_cert_private = DISABLED 2020-08-29 16:02:50 us=235805 pkcs11_cert_private = DISABLED 2020-08-29 16:02:50 us=235805 pkcs11_cert_private = DISABLED 2020-08-29 16:02:50 us=235805 pkcs11_cert_private = DISABLED 2020-08-29 16:02:50 us=235805 pkcs11_cert_private = DISABLED 2020-08-29 16:02:50 us=235805 pkcs11_cert_private = DISABLED 2020-08-29 16:02:50 us=235805 pkcs11_cert_private = DISABLED 2020-08-29 16:02:50 us=235805 pkcs11_cert_private = DISABLED 2020-08-29 16:02:50 us=235805 pkcs11_pin_cache_period = -1 2020-08-29 16:02:50 us=235805 pkcs11_id = '[UNDEF]' 2020-08-29 16:02:50 us=235805 pkcs11_id_management = DISABLED 2020-08-29 16:02:50 us=235805 server_network = 0.0.0.0 2020-08-29 16:02:50 us=235805 server_netmask = 0.0.0.0 2020-08-29 16:02:50 us=235805 server_network_ipv6 = :: 2020-08-29 16:02:50 us=235805 server_netbits_ipv6 = 0 2020-08-29 16:02:50 us=235805 server_bridge_ip = 0.0.0.0 2020-08-29 16:02:50 us=235805 server_bridge_netmask = 0.0.0.0 2020-08-29 16:02:50 us=235805 server_bridge_pool_start = 0.0.0.0 2020-08-29 16:02:50 us=235805 server_bridge_pool_end = 0.0.0.0 2020-08-29 16:02:50 us=235805 ifconfig_pool_defined = DISABLED 2020-08-29 16:02:50 us=235805 ifconfig_pool_start = 0.0.0.0 2020-08-29 16:02:50 us=235805 ifconfig_pool_end = 0.0.0.0 2020-08-29 16:02:50 us=235805 ifconfig_pool_netmask = 0.0.0.0 2020-08-29 16:02:50 us=235805 ifconfig_pool_persist_filename = '[UNDEF]' 2020-08-29 16:02:50 us=235805 ifconfig_pool_persist_refresh_freq = 600 2020-08-29 16:02:50 us=235805 ifconfig_ipv6_pool_defined = DISABLED 2020-08-29 16:02:50 us=235805 ifconfig_ipv6_pool_base = :: 2020-08-29 16:02:50 us=235805 ifconfig_ipv6_pool_netbits = 0 2020-08-29 16:02:50 us=235805 n_bcast_buf = 256 2020-08-29 16:02:50 us=235805 tcp_queue_limit = 64 2020-08-29 16:02:50 us=235805 real_hash_size = 256 2020-08-29 16:02:50 us=235805 virtual_hash_size = 256 2020-08-29 16:02:50 us=235805 client_connect_script = '[UNDEF]' 2020-08-29 16:02:50 us=235805 learn_address_script = '[UNDEF]' 2020-08-29 16:02:50 us=235805 client_disconnect_script = '[UNDEF]' 2020-08-29 16:02:50 us=235805 client_config_dir = '[UNDEF]' 2020-08-29 16:02:50 us=235805 ccd_exclusive = DISABLED 2020-08-29 16:02:50 us=235805 tmp_dir = 'C:\Users\User\AppData\Local\Temp\' 2020-08-29 16:02:50 us=235805 push_ifconfig_defined = DISABLED 2020-08-29 16:02:50 us=235805 push_ifconfig_local = 0.0.0.0 2020-08-29 16:02:50 us=235805 push_ifconfig_remote_netmask = 0.0.0.0 2020-08-29 16:02:50 us=235805 push_ifconfig_ipv6_defined = DISABLED 2020-08-29 16:02:50 us=235805 push_ifconfig_ipv6_local = ::/0 2020-08-29 16:02:50 us=235805 push_ifconfig_ipv6_remote = :: 2020-08-29 16:02:50 us=235805 enable_c2c = DISABLED 2020-08-29 16:02:50 us=235805 duplicate_cn = DISABLED 2020-08-29 16:02:50 us=235805 cf_max = 0 2020-08-29 16:02:50 us=235805 cf_per = 0 2020-08-29 16:02:50 us=235805 max_clients = 1024 2020-08-29 16:02:50 us=235805 max_routes_per_client = 256 2020-08-29 16:02:50 us=235805 auth_user_pass_verify_script = '[UNDEF]' 2020-08-29 16:02:50 us=235805 auth_user_pass_verify_script_via_file = DISABLED 2020-08-29 16:02:50 us=235805 auth_token_generate = DISABLED 2020-08-29 16:02:50 us=235805 auth_token_lifetime = 0 2020-08-29 16:02:50 us=235805 auth_token_secret_file = '[UNDEF]' 2020-08-29 16:02:50 us=235805 vlan_tagging = DISABLED 2020-08-29 16:02:50 us=235805 vlan_accept = all 2020-08-29 16:02:50 us=235805 vlan_pvid = 1 2020-08-29 16:02:50 us=235805 client = ENABLED 2020-08-29 16:02:50 us=235805 pull = ENABLED 2020-08-29 16:02:50 us=235805 auth_user_pass_file = '[UNDEF]' 2020-08-29 16:02:50 us=235805 show_net_up = DISABLED 2020-08-29 16:02:50 us=235805 route_method = 3 2020-08-29 16:02:50 us=235805 block_outside_dns = DISABLED 2020-08-29 16:02:50 us=235805 ip_win32_defined = DISABLED 2020-08-29 16:02:50 us=235805 ip_win32_type = 1 2020-08-29 16:02:50 us=235805 dhcp_masq_offset = 0 2020-08-29 16:02:50 us=235805 dhcp_lease_time = 31536000 2020-08-29 16:02:50 us=235805 tap_sleep = 0 2020-08-29 16:02:50 us=235805 dhcp_options = DISABLED 2020-08-29 16:02:50 us=235805 dhcp_renew = DISABLED 2020-08-29 16:02:50 us=235805 dhcp_pre_release = DISABLED 2020-08-29 16:02:50 us=235805 domain = '[UNDEF]' 2020-08-29 16:02:50 us=235805 netbios_scope = '[UNDEF]' 2020-08-29 16:02:50 us=235805 netbios_node_type = 0 2020-08-29 16:02:50 us=235805 disable_nbt = DISABLED 2020-08-29 16:02:50 us=235805 OpenVPN 2.5_beta2 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Aug 27 2020 2020-08-29 16:02:50 us=235805 Windows version 10.0 (Windows 10 or greater) 64bit 2020-08-29 16:02:50 us=235805 library versions: OpenSSL 1.1.1g 21 Apr 2020, LZO 2.10 Enter Management Password: 2020-08-29 16:02:50 us=235805 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340 2020-08-29 16:02:50 us=235805 Need hold release from management interface, waiting... 2020-08-29 16:02:50 us=516926 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340 2020-08-29 16:02:50 us=624763 MANAGEMENT: CMD 'state on' 2020-08-29 16:02:50 us=624763 MANAGEMENT: CMD 'log all on' 2020-08-29 16:02:50 us=848766 MANAGEMENT: CMD 'echo all on' 2020-08-29 16:02:50 us=850226 MANAGEMENT: CMD 'bytecount 5' 2020-08-29 16:02:50 us=852207 MANAGEMENT: CMD 'hold off' 2020-08-29 16:02:50 us=857100 MANAGEMENT: CMD 'hold release' 2020-08-29 16:02:50 us=858056 Note: cannot open openvpn-status.log for WRITE 2020-08-29 16:02:50 us=862941 WARNING: INSECURE cipher (BF-CBC) with block size less than 128 bit (64 bit). This allows attacks like SWEET32. Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC). Support for these insecure ciphers will be removed in OpenVPN 2.6. 2020-08-29 16:02:50 us=862941 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication 2020-08-29 16:02:50 us=862941 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication 2020-08-29 16:02:50 us=862941 Control Channel MTU parms [ L:1624 D:1182 EF:68 EB:0 ET:0 EL:3 ] 2020-08-29 16:02:50 us=862941 Data Channel MTU parms [ L:1624 D:1450 EF:124 EB:406 ET:0 EL:3 ] 2020-08-29 16:02:50 us=862941 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1544,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,keydir 1,cipher BF-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-client' 2020-08-29 16:02:50 us=862941 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1544,tun-mtu 1500,proto TCPv4_SERVER,comp-lzo,keydir 0,cipher BF-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-server' 2020-08-29 16:02:50 us=862941 TCP/UDP: Preserving recently used remote address: [AF_INET]192.168.1.1:443 2020-08-29 16:02:50 us=862941 Socket Buffers: R=[65536->65536] S=[65536->65536] 2020-08-29 16:02:50 us=862941 Attempting to establish TCP connection with [AF_INET]192.168.1.1:443 [nonblock] 2020-08-29 16:02:50 us=862941 MANAGEMENT: >STATE:1598727770,TCP_CONNECT,,,,,, 2020-08-29 16:02:51 us=924292 TCP connection established with [AF_INET]192.168.1.1:443 2020-08-29 16:02:51 us=924292 TCP_CLIENT link local: (not bound) 2020-08-29 16:02:51 us=924292 TCP_CLIENT link remote: [AF_INET]192.168.1.1:443 2020-08-29 16:02:51 us=924292 MANAGEMENT: >STATE:1598727771,WAIT,,,,,, 2020-08-29 16:02:51 us=939917 MANAGEMENT: >STATE:1598727771,AUTH,,,,,, 2020-08-29 16:02:51 us=939917 TLS: Initial packet from [AF_INET]192.168.1.1:443, sid=6429bf1d ea612b1e 2020-08-29 16:02:52 us=112198 VERIFY OK: depth=1, Removed 2020-08-29 16:02:52 us=112198 VERIFY KU OK 2020-08-29 16:02:52 us=112198 Validating certificate extended key usage 2020-08-29 16:02:52 us=112198 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication 2020-08-29 16:02:52 us=127317 VERIFY EKU OK 2020-08-29 16:02:52 us=127317 VERIFY OK: depth=0, Removed 2020-08-29 16:02:52 us=315262 Control Channel: TLSv1.2, cipher TLSv1.2 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA 2020-08-29 16:02:52 us=315262 [VenturusTMBconc] Peer Connection Initiated with [AF_INET]192.168.1.1:443 2020-08-29 16:02:53 us=627436 MANAGEMENT: >STATE:1598727773,GET_CONFIG,,,,,, 2020-08-29 16:02:53 us=627436 SENT CONTROL [VenturusTMBconc]: 'PUSH_REQUEST' (status=1) 2020-08-29 16:02:53 us=643016 PUSH: Received control message: 'PUSH_REPLY,route 194.145.17.0 255.255.255.0,route-gateway 20.20.0.1,topology subnet,ping 90,ping-restart 600,socket-flags TCP_NODELAY,ifconfig 20.20.0.2 255.255.0.0' 2020-08-29 16:02:53 us=643016 OPTIONS IMPORT: timers and/or timeouts modified 2020-08-29 16:02:53 us=643016 OPTIONS IMPORT: --socket-flags option modified 2020-08-29 16:02:53 us=643016 Socket flags: TCP_NODELAY=1 succeeded 2020-08-29 16:02:53 us=643016 OPTIONS IMPORT: --ifconfig/up options modified 2020-08-29 16:02:53 us=643016 OPTIONS IMPORT: route options modified 2020-08-29 16:02:53 us=643016 OPTIONS IMPORT: route-related options modified 2020-08-29 16:02:53 us=643016 OPTIONS ERROR: failed to negotiate cipher with server. Add the server's cipher ('BF-CBC') to --data-ciphers (currently 'BF-CBC') if you want to connect to this server. 2020-08-29 16:02:53 us=659181 ERROR: Failed to apply push options 2020-08-29 16:02:53 us=659181 Failed to open tun/tap interface 2020-08-29 16:02:53 us=659181 TCP/UDP: Closing socket 2020-08-29 16:02:53 us=659181 SIGTERM[soft,process-push-msg-failed] received, process exiting 2020-08-29 16:02:53 us=659181 MANAGEMENT: >STATE:1598727773,EXITING,process-push-msg-failed,,,,,
Test.ovpn
Description: Binary data
2020-08-29 21:08:10 us=91399 WARNING: Ignoring option 'dh' in tls-client mode, please only include this in your server configuration 2020-08-29 21:08:10 us=91399 Current Parameter Settings: 2020-08-29 21:08:10 us=91399 config = 'Test.ovpn' 2020-08-29 21:08:10 us=91399 mode = 0 2020-08-29 21:08:10 us=91399 show_ciphers = DISABLED 2020-08-29 21:08:10 us=91399 show_digests = DISABLED 2020-08-29 21:08:10 us=91399 show_engines = DISABLED 2020-08-29 21:08:10 us=91399 genkey = DISABLED 2020-08-29 21:08:10 us=91399 genkey_filename = '[UNDEF]' 2020-08-29 21:08:10 us=91399 key_pass_file = '[UNDEF]' 2020-08-29 21:08:10 us=91399 show_tls_ciphers = DISABLED 2020-08-29 21:08:10 us=91399 connect_retry_max = 0 2020-08-29 21:08:10 us=91399 Connection profiles [0]: 2020-08-29 21:08:10 us=91399 proto = tcp-client 2020-08-29 21:08:10 us=91399 local = '[UNDEF]' 2020-08-29 21:08:10 us=91399 local_port = '[UNDEF]' 2020-08-29 21:08:10 us=91399 remote = '192.168.1.1' 2020-08-29 21:08:10 us=91399 remote_port = '443' 2020-08-29 21:08:10 us=91399 remote_float = DISABLED 2020-08-29 21:08:10 us=91399 bind_defined = DISABLED 2020-08-29 21:08:10 us=91399 bind_local = DISABLED 2020-08-29 21:08:10 us=91399 bind_ipv6_only = DISABLED 2020-08-29 21:08:10 us=91399 connect_retry_seconds = 5 2020-08-29 21:08:10 us=91399 connect_timeout = 120 2020-08-29 21:08:10 us=91399 socks_proxy_server = '[UNDEF]' 2020-08-29 21:08:10 us=91399 socks_proxy_port = '[UNDEF]' 2020-08-29 21:08:10 us=91399 tun_mtu = 1500 2020-08-29 21:08:10 us=91399 tun_mtu_defined = ENABLED 2020-08-29 21:08:10 us=91399 link_mtu = 1500 2020-08-29 21:08:10 us=91399 link_mtu_defined = DISABLED 2020-08-29 21:08:10 us=91399 tun_mtu_extra = 0 2020-08-29 21:08:10 us=91399 tun_mtu_extra_defined = DISABLED 2020-08-29 21:08:10 us=91399 mtu_discover_type = -1 2020-08-29 21:08:10 us=91399 fragment = 0 2020-08-29 21:08:10 us=91399 mssfix = 1450 2020-08-29 21:08:10 us=91399 explicit_exit_notification = 0 2020-08-29 21:08:10 us=91399 tls_auth_file = '[INLINE]' 2020-08-29 21:08:10 us=91399 key_direction = 1 2020-08-29 21:08:10 us=91399 tls_crypt_file = '[UNDEF]' 2020-08-29 21:08:10 us=91399 tls_crypt_v2_file = '[UNDEF]' 2020-08-29 21:08:10 us=91399 Connection profiles END 2020-08-29 21:08:10 us=91399 remote_random = DISABLED 2020-08-29 21:08:10 us=91399 ipchange = '[UNDEF]' 2020-08-29 21:08:10 us=91399 dev = 'tun' 2020-08-29 21:08:10 us=91399 dev_type = '[UNDEF]' 2020-08-29 21:08:10 us=91399 dev_node = '[UNDEF]' 2020-08-29 21:08:10 us=91399 lladdr = '[UNDEF]' 2020-08-29 21:08:10 us=91399 topology = 1 2020-08-29 21:08:10 us=91399 ifconfig_local = '[UNDEF]' 2020-08-29 21:08:10 us=91399 ifconfig_remote_netmask = '[UNDEF]' 2020-08-29 21:08:10 us=91399 ifconfig_noexec = DISABLED 2020-08-29 21:08:10 us=91399 ifconfig_nowarn = DISABLED 2020-08-29 21:08:10 us=91399 ifconfig_ipv6_local = '[UNDEF]' 2020-08-29 21:08:10 us=91399 ifconfig_ipv6_netbits = 0 2020-08-29 21:08:10 us=91399 ifconfig_ipv6_remote = '[UNDEF]' 2020-08-29 21:08:10 us=91399 shaper = 0 2020-08-29 21:08:10 us=91399 mtu_test = 0 2020-08-29 21:08:10 us=91399 mlock = DISABLED 2020-08-29 21:08:10 us=91399 keepalive_ping = 30 2020-08-29 21:08:10 us=91399 keepalive_timeout = 120 2020-08-29 21:08:10 us=91399 inactivity_timeout = 0 2020-08-29 21:08:10 us=91399 ping_send_timeout = 30 2020-08-29 21:08:10 us=91399 ping_rec_timeout = 120 2020-08-29 21:08:10 us=91399 ping_rec_timeout_action = 2 2020-08-29 21:08:10 us=91399 ping_timer_remote = DISABLED 2020-08-29 21:08:10 us=91399 remap_sigusr1 = 15 2020-08-29 21:08:10 us=91399 persist_tun = ENABLED 2020-08-29 21:08:10 us=91399 persist_local_ip = DISABLED 2020-08-29 21:08:10 us=91399 persist_remote_ip = DISABLED 2020-08-29 21:08:10 us=91399 persist_key = ENABLED 2020-08-29 21:08:10 us=91399 passtos = DISABLED 2020-08-29 21:08:10 us=91399 resolve_retry_seconds = 1000000000 2020-08-29 21:08:10 us=91399 resolve_in_advance = DISABLED 2020-08-29 21:08:10 us=91399 username = '[UNDEF]' 2020-08-29 21:08:10 us=91399 groupname = '[UNDEF]' 2020-08-29 21:08:10 us=91399 chroot_dir = '[UNDEF]' 2020-08-29 21:08:10 us=91399 cd_dir = '[UNDEF]' 2020-08-29 21:08:10 us=91399 writepid = '[UNDEF]' 2020-08-29 21:08:10 us=91399 up_script = '[UNDEF]' 2020-08-29 21:08:10 us=91399 down_script = '[UNDEF]' 2020-08-29 21:08:10 us=91399 down_pre = DISABLED 2020-08-29 21:08:10 us=91399 up_restart = DISABLED 2020-08-29 21:08:10 us=91399 up_delay = DISABLED 2020-08-29 21:08:10 us=91399 daemon = DISABLED 2020-08-29 21:08:10 us=91399 inetd = 0 2020-08-29 21:08:10 us=91399 log = ENABLED 2020-08-29 21:08:10 us=91399 suppress_timestamps = DISABLED 2020-08-29 21:08:10 us=91399 machine_readable_output = DISABLED 2020-08-29 21:08:10 us=91399 nice = 0 2020-08-29 21:08:10 us=91399 verbosity = 4 2020-08-29 21:08:10 us=91399 mute = 0 2020-08-29 21:08:10 us=91399 gremlin = 0 2020-08-29 21:08:10 us=91399 status_file = 'openvpn-status.log' 2020-08-29 21:08:10 us=91399 status_file_version = 1 2020-08-29 21:08:10 us=91399 status_file_update_freq = 60 2020-08-29 21:08:10 us=91399 occ = ENABLED 2020-08-29 21:08:10 us=91399 rcvbuf = 0 2020-08-29 21:08:10 us=91399 sndbuf = 0 2020-08-29 21:08:10 us=91399 sockflags = 0 2020-08-29 21:08:10 us=91399 fast_io = DISABLED 2020-08-29 21:08:10 us=91399 comp.alg = 1 2020-08-29 21:08:10 us=91399 comp.flags = 0 2020-08-29 21:08:10 us=91399 route_script = '[UNDEF]' 2020-08-29 21:08:10 us=91399 route_default_gateway = '[UNDEF]' 2020-08-29 21:08:10 us=91399 route_default_metric = 0 2020-08-29 21:08:10 us=91399 route_noexec = DISABLED 2020-08-29 21:08:10 us=91399 route_delay = 2 2020-08-29 21:08:10 us=91399 route_delay_window = 30 2020-08-29 21:08:10 us=91399 route_delay_defined = ENABLED 2020-08-29 21:08:10 us=91399 route_nopull = DISABLED 2020-08-29 21:08:10 us=91399 route_gateway_via_dhcp = DISABLED 2020-08-29 21:08:10 us=91399 allow_pull_fqdn = DISABLED 2020-08-29 21:08:10 us=91399 Pull filters: 2020-08-29 21:08:10 us=91399 ignore "route-method" 2020-08-29 21:08:10 us=91399 management_addr = '127.0.0.1' 2020-08-29 21:08:10 us=91399 management_port = '25340' 2020-08-29 21:08:10 us=91399 management_user_pass = 'stdin' 2020-08-29 21:08:10 us=91399 management_log_history_cache = 250 2020-08-29 21:08:10 us=91399 management_echo_buffer_size = 100 2020-08-29 21:08:10 us=91399 management_write_peer_info_file = '[UNDEF]' 2020-08-29 21:08:10 us=91399 management_client_user = '[UNDEF]' 2020-08-29 21:08:10 us=91399 management_client_group = '[UNDEF]' 2020-08-29 21:08:10 us=91399 management_flags = 6 2020-08-29 21:08:10 us=91399 shared_secret_file = '[UNDEF]' 2020-08-29 21:08:10 us=91399 key_direction = 1 2020-08-29 21:08:10 us=91399 ciphername = 'BF-CBC' 2020-08-29 21:08:10 us=91399 ncp_enabled = ENABLED 2020-08-29 21:08:10 us=91399 ncp_ciphers = 'BF-CBC' 2020-08-29 21:08:10 us=91399 authname = 'SHA1' 2020-08-29 21:08:10 us=91399 prng_hash = 'SHA1' 2020-08-29 21:08:10 us=91399 prng_nonce_secret_len = 16 2020-08-29 21:08:10 us=91399 keysize = 0 2020-08-29 21:08:10 us=91399 engine = DISABLED 2020-08-29 21:08:10 us=91399 replay = ENABLED 2020-08-29 21:08:10 us=91399 mute_replay_warnings = DISABLED 2020-08-29 21:08:10 us=91399 replay_window = 64 2020-08-29 21:08:10 us=91399 replay_time = 15 2020-08-29 21:08:10 us=91399 packet_id_file = '[UNDEF]' 2020-08-29 21:08:10 us=91399 test_crypto = DISABLED 2020-08-29 21:08:10 us=91399 tls_server = DISABLED 2020-08-29 21:08:10 us=91399 tls_client = ENABLED 2020-08-29 21:08:10 us=91399 ca_file = '[INLINE]' 2020-08-29 21:08:10 us=91399 ca_path = '[UNDEF]' 2020-08-29 21:08:10 us=91399 dh_file = '[UNDEF]' 2020-08-29 21:08:10 us=91399 cert_file = '[INLINE]' 2020-08-29 21:08:10 us=91399 extra_certs_file = '[UNDEF]' 2020-08-29 21:08:10 us=91399 priv_key_file = '[INLINE]' 2020-08-29 21:08:10 us=91399 pkcs12_file = '[UNDEF]' 2020-08-29 21:08:10 us=91399 cryptoapi_cert = '[UNDEF]' 2020-08-29 21:08:10 us=91399 cipher_list = '[UNDEF]' 2020-08-29 21:08:10 us=91399 cipher_list_tls13 = '[UNDEF]' 2020-08-29 21:08:10 us=91399 tls_cert_profile = '[UNDEF]' 2020-08-29 21:08:10 us=91399 tls_verify = '[UNDEF]' 2020-08-29 21:08:10 us=91399 tls_export_cert = '[UNDEF]' 2020-08-29 21:08:10 us=91399 verify_x509_type = 0 2020-08-29 21:08:10 us=91399 verify_x509_name = '[UNDEF]' 2020-08-29 21:08:10 us=91399 crl_file = '[UNDEF]' 2020-08-29 21:08:10 us=91399 ns_cert_type = 0 2020-08-29 21:08:10 us=91399 remote_cert_ku[i] = 65535 2020-08-29 21:08:10 us=91399 remote_cert_ku[i] = 0 2020-08-29 21:08:10 us=91399 remote_cert_ku[i] = 0 2020-08-29 21:08:10 us=91399 remote_cert_ku[i] = 0 2020-08-29 21:08:10 us=91399 remote_cert_ku[i] = 0 2020-08-29 21:08:10 us=91399 remote_cert_ku[i] = 0 2020-08-29 21:08:10 us=91399 remote_cert_ku[i] = 0 2020-08-29 21:08:10 us=91399 remote_cert_ku[i] = 0 2020-08-29 21:08:10 us=91399 remote_cert_ku[i] = 0 2020-08-29 21:08:10 us=91399 remote_cert_ku[i] = 0 2020-08-29 21:08:10 us=91399 remote_cert_ku[i] = 0 2020-08-29 21:08:10 us=91399 remote_cert_ku[i] = 0 2020-08-29 21:08:10 us=91399 remote_cert_ku[i] = 0 2020-08-29 21:08:10 us=91399 remote_cert_ku[i] = 0 2020-08-29 21:08:10 us=91399 remote_cert_ku[i] = 0 2020-08-29 21:08:10 us=91399 remote_cert_ku[i] = 0 2020-08-29 21:08:10 us=91399 remote_cert_eku = 'TLS Web Server Authentication' 2020-08-29 21:08:10 us=91399 ssl_flags = 192 2020-08-29 21:08:10 us=91399 tls_timeout = 2 2020-08-29 21:08:10 us=91399 renegotiate_bytes = -1 2020-08-29 21:08:10 us=91399 renegotiate_packets = 0 2020-08-29 21:08:10 us=91399 renegotiate_seconds = 3600 2020-08-29 21:08:10 us=91399 handshake_window = 60 2020-08-29 21:08:10 us=91399 transition_window = 3600 2020-08-29 21:08:10 us=91399 single_session = DISABLED 2020-08-29 21:08:10 us=91399 push_peer_info = DISABLED 2020-08-29 21:08:10 us=91399 tls_exit = DISABLED 2020-08-29 21:08:10 us=91399 tls_crypt_v2_metadata = '[UNDEF]' 2020-08-29 21:08:10 us=91399 pkcs11_protected_authentication = DISABLED 2020-08-29 21:08:10 us=91399 pkcs11_protected_authentication = DISABLED 2020-08-29 21:08:10 us=91399 pkcs11_protected_authentication = DISABLED 2020-08-29 21:08:10 us=91399 pkcs11_protected_authentication = DISABLED 2020-08-29 21:08:10 us=91399 pkcs11_protected_authentication = DISABLED 2020-08-29 21:08:10 us=91399 pkcs11_protected_authentication = DISABLED 2020-08-29 21:08:10 us=91399 pkcs11_protected_authentication = DISABLED 2020-08-29 21:08:10 us=91399 pkcs11_protected_authentication = DISABLED 2020-08-29 21:08:10 us=91399 pkcs11_protected_authentication = DISABLED 2020-08-29 21:08:10 us=91399 pkcs11_protected_authentication = DISABLED 2020-08-29 21:08:10 us=91399 pkcs11_protected_authentication = DISABLED 2020-08-29 21:08:10 us=91399 pkcs11_protected_authentication = DISABLED 2020-08-29 21:08:10 us=91399 pkcs11_protected_authentication = DISABLED 2020-08-29 21:08:10 us=91399 pkcs11_protected_authentication = DISABLED 2020-08-29 21:08:10 us=91399 pkcs11_protected_authentication = DISABLED 2020-08-29 21:08:10 us=91399 pkcs11_protected_authentication = DISABLED 2020-08-29 21:08:10 us=91399 pkcs11_private_mode = 00000000 2020-08-29 21:08:10 us=91399 pkcs11_private_mode = 00000000 2020-08-29 21:08:10 us=91399 pkcs11_private_mode = 00000000 2020-08-29 21:08:10 us=91399 pkcs11_private_mode = 00000000 2020-08-29 21:08:10 us=91399 pkcs11_private_mode = 00000000 2020-08-29 21:08:10 us=91399 pkcs11_private_mode = 00000000 2020-08-29 21:08:10 us=91399 pkcs11_private_mode = 00000000 2020-08-29 21:08:10 us=91399 pkcs11_private_mode = 00000000 2020-08-29 21:08:10 us=91399 pkcs11_private_mode = 00000000 2020-08-29 21:08:10 us=91399 pkcs11_private_mode = 00000000 2020-08-29 21:08:10 us=91399 pkcs11_private_mode = 00000000 2020-08-29 21:08:10 us=91399 pkcs11_private_mode = 00000000 2020-08-29 21:08:10 us=91399 pkcs11_private_mode = 00000000 2020-08-29 21:08:10 us=91399 pkcs11_private_mode = 00000000 2020-08-29 21:08:10 us=91399 pkcs11_private_mode = 00000000 2020-08-29 21:08:10 us=91399 pkcs11_private_mode = 00000000 2020-08-29 21:08:10 us=91399 pkcs11_cert_private = DISABLED 2020-08-29 21:08:10 us=91399 pkcs11_cert_private = DISABLED 2020-08-29 21:08:10 us=91399 pkcs11_cert_private = DISABLED 2020-08-29 21:08:10 us=91399 pkcs11_cert_private = DISABLED 2020-08-29 21:08:10 us=91399 pkcs11_cert_private = DISABLED 2020-08-29 21:08:10 us=91399 pkcs11_cert_private = DISABLED 2020-08-29 21:08:10 us=91399 pkcs11_cert_private = DISABLED 2020-08-29 21:08:10 us=91399 pkcs11_cert_private = DISABLED 2020-08-29 21:08:10 us=91399 pkcs11_cert_private = DISABLED 2020-08-29 21:08:10 us=91399 pkcs11_cert_private = DISABLED 2020-08-29 21:08:10 us=91399 pkcs11_cert_private = DISABLED 2020-08-29 21:08:10 us=91399 pkcs11_cert_private = DISABLED 2020-08-29 21:08:10 us=91399 pkcs11_cert_private = DISABLED 2020-08-29 21:08:10 us=91399 pkcs11_cert_private = DISABLED 2020-08-29 21:08:10 us=91399 pkcs11_cert_private = DISABLED 2020-08-29 21:08:10 us=91399 pkcs11_cert_private = DISABLED 2020-08-29 21:08:10 us=91399 pkcs11_pin_cache_period = -1 2020-08-29 21:08:10 us=91399 pkcs11_id = '[UNDEF]' 2020-08-29 21:08:10 us=91399 pkcs11_id_management = DISABLED 2020-08-29 21:08:10 us=91399 server_network = 0.0.0.0 2020-08-29 21:08:10 us=91399 server_netmask = 0.0.0.0 2020-08-29 21:08:10 us=91399 server_network_ipv6 = :: 2020-08-29 21:08:10 us=91399 server_netbits_ipv6 = 0 2020-08-29 21:08:10 us=91399 server_bridge_ip = 0.0.0.0 2020-08-29 21:08:10 us=91399 server_bridge_netmask = 0.0.0.0 2020-08-29 21:08:10 us=91399 server_bridge_pool_start = 0.0.0.0 2020-08-29 21:08:10 us=91399 server_bridge_pool_end = 0.0.0.0 2020-08-29 21:08:10 us=91399 ifconfig_pool_defined = DISABLED 2020-08-29 21:08:10 us=91399 ifconfig_pool_start = 0.0.0.0 2020-08-29 21:08:10 us=91399 ifconfig_pool_end = 0.0.0.0 2020-08-29 21:08:10 us=91399 ifconfig_pool_netmask = 0.0.0.0 2020-08-29 21:08:10 us=91399 ifconfig_pool_persist_filename = '[UNDEF]' 2020-08-29 21:08:10 us=91399 ifconfig_pool_persist_refresh_freq = 600 2020-08-29 21:08:10 us=91399 ifconfig_ipv6_pool_defined = DISABLED 2020-08-29 21:08:10 us=91399 ifconfig_ipv6_pool_base = :: 2020-08-29 21:08:10 us=91399 ifconfig_ipv6_pool_netbits = 0 2020-08-29 21:08:10 us=91399 n_bcast_buf = 256 2020-08-29 21:08:10 us=91399 tcp_queue_limit = 64 2020-08-29 21:08:10 us=91399 real_hash_size = 256 2020-08-29 21:08:10 us=91399 virtual_hash_size = 256 2020-08-29 21:08:10 us=91399 client_connect_script = '[UNDEF]' 2020-08-29 21:08:10 us=91399 learn_address_script = '[UNDEF]' 2020-08-29 21:08:10 us=91399 client_disconnect_script = '[UNDEF]' 2020-08-29 21:08:10 us=91399 client_config_dir = '[UNDEF]' 2020-08-29 21:08:10 us=91399 ccd_exclusive = DISABLED 2020-08-29 21:08:10 us=91399 tmp_dir = 'C:\Users\User\AppData\Local\Temp\' 2020-08-29 21:08:10 us=91399 push_ifconfig_defined = DISABLED 2020-08-29 21:08:10 us=91399 push_ifconfig_local = 0.0.0.0 2020-08-29 21:08:10 us=91399 push_ifconfig_remote_netmask = 0.0.0.0 2020-08-29 21:08:10 us=91399 push_ifconfig_ipv6_defined = DISABLED 2020-08-29 21:08:10 us=91399 push_ifconfig_ipv6_local = ::/0 2020-08-29 21:08:10 us=91399 push_ifconfig_ipv6_remote = :: 2020-08-29 21:08:10 us=91399 enable_c2c = DISABLED 2020-08-29 21:08:10 us=91399 duplicate_cn = DISABLED 2020-08-29 21:08:10 us=91399 cf_max = 0 2020-08-29 21:08:10 us=91399 cf_per = 0 2020-08-29 21:08:10 us=91399 max_clients = 1024 2020-08-29 21:08:10 us=91399 max_routes_per_client = 256 2020-08-29 21:08:10 us=91399 auth_user_pass_verify_script = '[UNDEF]' 2020-08-29 21:08:10 us=91399 auth_user_pass_verify_script_via_file = DISABLED 2020-08-29 21:08:10 us=91399 auth_token_generate = DISABLED 2020-08-29 21:08:10 us=91399 auth_token_lifetime = 0 2020-08-29 21:08:10 us=91399 auth_token_secret_file = '[UNDEF]' 2020-08-29 21:08:10 us=91399 vlan_tagging = DISABLED 2020-08-29 21:08:10 us=91399 vlan_accept = all 2020-08-29 21:08:10 us=91399 vlan_pvid = 1 2020-08-29 21:08:10 us=91399 client = ENABLED 2020-08-29 21:08:10 us=91399 pull = ENABLED 2020-08-29 21:08:10 us=91399 auth_user_pass_file = '[UNDEF]' 2020-08-29 21:08:10 us=91399 show_net_up = DISABLED 2020-08-29 21:08:10 us=91399 route_method = 3 2020-08-29 21:08:10 us=91399 block_outside_dns = DISABLED 2020-08-29 21:08:10 us=91399 ip_win32_defined = DISABLED 2020-08-29 21:08:10 us=91399 ip_win32_type = 1 2020-08-29 21:08:10 us=91399 dhcp_masq_offset = 0 2020-08-29 21:08:10 us=91399 dhcp_lease_time = 31536000 2020-08-29 21:08:10 us=91399 tap_sleep = 0 2020-08-29 21:08:10 us=91399 dhcp_options = DISABLED 2020-08-29 21:08:10 us=91399 dhcp_renew = DISABLED 2020-08-29 21:08:10 us=91399 dhcp_pre_release = DISABLED 2020-08-29 21:08:10 us=91399 domain = '[UNDEF]' 2020-08-29 21:08:10 us=91399 netbios_scope = '[UNDEF]' 2020-08-29 21:08:10 us=91399 netbios_node_type = 0 2020-08-29 21:08:10 us=91399 disable_nbt = DISABLED 2020-08-29 21:08:10 us=91399 OpenVPN 2.5_beta1 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Aug 14 2020 2020-08-29 21:08:10 us=91399 Windows version 10.0 (Windows 10 or greater) 64bit 2020-08-29 21:08:10 us=91399 library versions: OpenSSL 1.1.1g 21 Apr 2020, LZO 2.10 Enter Management Password: 2020-08-29 21:08:10 us=91399 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340 2020-08-29 21:08:10 us=91399 Need hold release from management interface, waiting... 2020-08-29 21:08:10 us=597127 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340 2020-08-29 21:08:10 us=721347 MANAGEMENT: CMD 'state on' 2020-08-29 21:08:10 us=721347 MANAGEMENT: CMD 'log all on' 2020-08-29 21:08:10 us=871425 MANAGEMENT: CMD 'echo all on' 2020-08-29 21:08:10 us=871425 MANAGEMENT: CMD 'bytecount 5' 2020-08-29 21:08:10 us=871425 MANAGEMENT: CMD 'hold off' 2020-08-29 21:08:10 us=889797 MANAGEMENT: CMD 'hold release' 2020-08-29 21:08:10 us=889797 Note: cannot open openvpn-status.log for WRITE 2020-08-29 21:08:10 us=889797 WARNING: INSECURE cipher (BF-CBC) with block size less than 128 bit (64 bit). This allows attacks like SWEET32. Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC). Support for these insecure ciphers will be removed in OpenVPN 2.6. 2020-08-29 21:08:10 us=889797 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication 2020-08-29 21:08:10 us=889797 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication 2020-08-29 21:08:10 us=889797 Control Channel MTU parms [ L:1624 D:1182 EF:68 EB:0 ET:0 EL:3 ] 2020-08-29 21:08:10 us=889797 Data Channel MTU parms [ L:1624 D:1450 EF:124 EB:406 ET:0 EL:3 ] 2020-08-29 21:08:10 us=889797 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1544,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,keydir 1,cipher BF-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-client' 2020-08-29 21:08:10 us=889797 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1544,tun-mtu 1500,proto TCPv4_SERVER,comp-lzo,keydir 0,cipher BF-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-server' 2020-08-29 21:08:10 us=889797 TCP/UDP: Preserving recently used remote address: [AF_INET]192.168.1.1:443 2020-08-29 21:08:10 us=889797 Socket Buffers: R=[65536->65536] S=[65536->65536] 2020-08-29 21:08:10 us=889797 Attempting to establish TCP connection with [AF_INET]192.168.1.1:443 [nonblock] 2020-08-29 21:08:10 us=889797 MANAGEMENT: >STATE:1598746090,TCP_CONNECT,,,,,, 2020-08-29 21:08:12 us=70744 TCP connection established with [AF_INET]192.168.1.1:443 2020-08-29 21:08:12 us=70744 TCP_CLIENT link local: (not bound) 2020-08-29 21:08:12 us=70744 TCP_CLIENT link remote: [AF_INET]192.168.1.1:443 2020-08-29 21:08:12 us=70744 MANAGEMENT: >STATE:1598746092,WAIT,,,,,, 2020-08-29 21:08:12 us=87341 MANAGEMENT: >STATE:1598746092,AUTH,,,,,, 2020-08-29 21:08:12 us=87341 TLS: Initial packet from [AF_INET]192.168.1.1:443, sid=32ea48bc 3e35a40f 2020-08-29 21:08:12 us=297516 VERIFY OK: depth=1, Removed 2020-08-29 21:08:12 us=297516 VERIFY KU OK 2020-08-29 21:08:12 us=297516 Validating certificate extended key usage 2020-08-29 21:08:12 us=297516 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication 2020-08-29 21:08:12 us=297516 VERIFY EKU OK 2020-08-29 21:08:12 us=297516 VERIFY OK: depth=0, Removed 2020-08-29 21:08:12 us=459102 Control Channel: TLSv1.2, cipher TLSv1.2 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA 2020-08-29 21:08:12 us=459102 [VenturusTMBconc] Peer Connection Initiated with [AF_INET]192.168.1.1:443 2020-08-29 21:08:13 us=663219 MANAGEMENT: >STATE:1598746093,GET_CONFIG,,,,,, 2020-08-29 21:08:13 us=663219 SENT CONTROL [VenturusTMBconc]: 'PUSH_REQUEST' (status=1) 2020-08-29 21:08:13 us=679932 PUSH: Received control message: 'PUSH_REPLY,route 194.145.17.0 255.255.255.0,route-gateway 20.20.0.1,topology subnet,ping 90,ping-restart 600,socket-flags TCP_NODELAY,ifconfig 20.20.0.2 255.255.0.0' 2020-08-29 21:08:13 us=679932 OPTIONS IMPORT: timers and/or timeouts modified 2020-08-29 21:08:13 us=679932 OPTIONS IMPORT: --socket-flags option modified 2020-08-29 21:08:13 us=679932 Socket flags: TCP_NODELAY=1 succeeded 2020-08-29 21:08:13 us=679932 OPTIONS IMPORT: --ifconfig/up options modified 2020-08-29 21:08:13 us=679932 OPTIONS IMPORT: route options modified 2020-08-29 21:08:13 us=679932 OPTIONS IMPORT: route-related options modified 2020-08-29 21:08:13 us=679932 Outgoing Data Channel: Cipher 'BF-CBC' initialized with 128 bit key 2020-08-29 21:08:13 us=679932 WARNING: INSECURE cipher (BF-CBC) with block size less than 128 bit (64 bit). This allows attacks like SWEET32. Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC). Support for these insecure ciphers will be removed in OpenVPN 2.6. 2020-08-29 21:08:13 us=679932 Outgoing Data Channel: Using 160 bit message hash 'SHA1' for HMAC authentication 2020-08-29 21:08:13 us=704131 Incoming Data Channel: Cipher 'BF-CBC' initialized with 128 bit key 2020-08-29 21:08:13 us=704131 WARNING: INSECURE cipher (BF-CBC) with block size less than 128 bit (64 bit). This allows attacks like SWEET32. Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC). Support for these insecure ciphers will be removed in OpenVPN 2.6. 2020-08-29 21:08:13 us=704131 Incoming Data Channel: Using 160 bit message hash 'SHA1' for HMAC authentication 2020-08-29 21:08:13 us=704131 WARNING: cipher with small block size in use, reducing reneg-bytes to 64MB to mitigate SWEET32 attacks. 2020-08-29 21:08:13 us=704131 interactive service msg_channel=556 2020-08-29 21:08:13 us=718428 ROUTE_GATEWAY 192.168.100.1/255.255.255.0 I=14 HWADDR=08:00:27:ab:ee:ad 2020-08-29 21:08:13 us=718428 open_tun 2020-08-29 21:08:13 us=734327 Ring buffers registered via service 2020-08-29 21:08:13 us=734327 wintun device [OpenVPN Wintun] opened 2020-08-29 21:08:13 us=734327 do_ifconfig, ipv4=1, ipv6=0 2020-08-29 21:08:13 us=734327 MANAGEMENT: >STATE:1598746093,ASSIGN_IP,,20.20.0.2,,,, 2020-08-29 21:08:13 us=734327 IPv4 MTU set to 1500 on interface 25 using service 2020-08-29 21:08:15 us=119935 TEST ROUTES: 1/1 succeeded len=1 ret=1 a=0 u/d=up 2020-08-29 21:08:15 us=119935 MANAGEMENT: >STATE:1598746095,ADD_ROUTES,,,,,, 2020-08-29 21:08:15 us=133749 C:\Windows\system32\route.exe ADD 194.145.17.0 MASK 255.255.255.0 20.20.0.1 2020-08-29 21:08:15 us=151818 Route addition via service succeeded 2020-08-29 21:08:15 us=151818 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this 2020-08-29 21:08:15 us=151818 Initialization Sequence Completed 2020-08-29 21:08:15 us=151818 MANAGEMENT: >STATE:1598746095,CONNECTED,SUCCESS,20.20.0.2,192.168.1.1,443,192.168.100.106,54911 2020-08-29 21:08:28 us=292163 TCP/UDP: Closing socket 2020-08-29 21:08:28 us=292163 C:\Windows\system32\route.exe DELETE 194.145.17.0 MASK 255.255.255.0 20.20.0.1 2020-08-29 21:08:28 us=292163 Route deletion via service succeeded 2020-08-29 21:08:28 us=292163 Closing TUN/TAP interface 2020-08-29 21:08:28 us=292163 Deleting IPv4 dns servers on 'OpenVPN Wintun' (if_index = 25) using service 2020-08-29 21:08:28 us=492870 IPv4 dns servers deleted using service 2020-08-29 21:08:28 us=516105 SIGTERM[hard,] received, process exiting 2020-08-29 21:08:28 us=516105 MANAGEMENT: >STATE:1598746108,EXITING,SIGTERM,,,,,
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel