ovpn log:
Sat Jun 30 00:05:17 2018 OpenVPN 2.4.6 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Apr 26 2018
Sat Jun 30 00:05:17 2018 Windows version 6.2 (Windows 8 or greater) 64bit
Sat Jun 30 00:05:17 2018 library versions: OpenSSL 1.1.0h 27 Mar 2018, LZO 2.10
Enter Management Password:
Sat Jun 30 00:05:17 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]107.182.231.79:1197
Sat Jun 30 00:05:17 2018 UDP link local: (not bound)
Sat Jun 30 00:05:17 2018 UDP link remote: [AF_INET]107.182.231.79:1197
Sat Jun 30 00:05:18 2018 [e139dafe9702261606c50313497b829c] Peer Connection Initiated with [AF_INET]107.182.231.79:1197
Sat Jun 30 00:05:19 2018 auth-token received, disabling auth-nocache for the authentication token
Sat Jun 30 00:05:19 2018 open_tun
Sat Jun 30 00:05:19 2018 TAP-WIN32 device [Ethernet 2] opened: \.Global{86ACEA81-E061-4917-A3DD-D4D6F12E414F}.tap
Sat Jun 30 00:05:19 2018 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.15.10.6/255.255.255.252 on interface {86ACEA81-E061-4917-A3DD-D4D6F12E414F} [DHCP-serv: 10.15.10.5, lease-time: 31536000]
Sat Jun 30 00:05:19 2018 Successful ARP Flush on interface [9] {86ACEA81-E061-4917-A3DD-D4D6F12E414F}
Sat Jun 30 00:05:19 2018 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Sat Jun 30 00:05:19 2018 write UDP: Unknown error (code=10065)
Sat Jun 30 00:05:19 2018 write UDP: Unknown error (code=10065)
Sat Jun 30 00:05:24 2018 Initialization Sequence Completed
Sat Jun 30 01:32:33 2018 SIGHUP[hard,] received, process restarting
Sat Jun 30 01:32:33 2018 us=722754 Current Parameter Settings:
Sat Jun 30 01:32:33 2018 us=722754 config = 'NYC.ovpn'
Sat Jun 30 01:32:33 2018 us=722754 mode = 0
Sat Jun 30 01:32:33 2018 us=722754 show_ciphers = DISABLED
Sat Jun 30 01:32:33 2018 us=722754 show_digests = DISABLED
Sat Jun 30 01:32:33 2018 us=722754 show_engines = DISABLED
Sat Jun 30 01:32:33 2018 us=722754 genkey = DISABLED
Sat Jun 30 01:32:33 2018 us=722754 key_pass_file = '[UNDEF]'
Sat Jun 30 01:32:33 2018 us=722754 show_tls_ciphers = DISABLED
Sat Jun 30 01:32:33 2018 us=722754 connect_retry_max = 0
Sat Jun 30 01:32:33 2018 us=722754 Connection profiles [0]:
Sat Jun 30 01:32:33 2018 us=722754 proto = udp
Sat Jun 30 01:32:33 2018 us=722754 local = '[UNDEF]'
Sat Jun 30 01:32:33 2018 us=722754 local_port = '[UNDEF]'
Sat Jun 30 01:32:33 2018 us=722754 remote = 'us-newyorkcity.privateinternetaccess.com'
Sat Jun 30 01:32:33 2018 us=722754 remote_port = '1197'
Sat Jun 30 01:32:33 2018 us=722754 remote_float = DISABLED
Sat Jun 30 01:32:33 2018 us=722754 bind_defined = DISABLED
Sat Jun 30 01:32:33 2018 us=722754 bind_local = DISABLED
Sat Jun 30 01:32:33 2018 us=722754 bind_ipv6_only = DISABLED
Sat Jun 30 01:32:33 2018 us=722754 connect_retry_seconds = 5
Sat Jun 30 01:32:33 2018 us=722754 connect_timeout = 120
Sat Jun 30 01:32:33 2018 us=722754 socks_proxy_server = '[UNDEF]'
Sat Jun 30 01:32:33 2018 us=722754 socks_proxy_port = '[UNDEF]'
Sat Jun 30 01:32:33 2018 us=722754 tun_mtu = 1500
Sat Jun 30 01:32:33 2018 us=722754 tun_mtu_defined = ENABLED
Sat Jun 30 01:32:33 2018 us=722754 link_mtu = 1500
Sat Jun 30 01:32:33 2018 us=722754 link_mtu_defined = DISABLED
Sat Jun 30 01:32:33 2018 us=722754 tun_mtu_extra = 0
Sat Jun 30 01:32:33 2018 us=722754 tun_mtu_extra_defined = DISABLED
Sat Jun 30 01:32:33 2018 us=722754 mtu_discover_type = -1
Sat Jun 30 01:32:33 2018 us=722754 fragment = 0
Sat Jun 30 01:32:33 2018 us=722754 mssfix = 1450
Sat Jun 30 01:32:33 2018 us=722754 explicit_exit_notification = 0
Sat Jun 30 01:32:33 2018 us=722754 Connection profiles END
Sat Jun 30 01:32:33 2018 us=722754 remote_random = DISABLED
Sat Jun 30 01:32:33 2018 us=722754 ipchange = '[UNDEF]'
Sat Jun 30 01:32:33 2018 us=722754 dev = 'tun'
Sat Jun 30 01:32:33 2018 us=722754 dev_type = '[UNDEF]'
Sat Jun 30 01:32:33 2018 us=722754 dev_node = '[UNDEF]'
Sat Jun 30 01:32:33 2018 us=722754 lladdr = '[UNDEF]'
Sat Jun 30 01:32:33 2018 us=722754 topology = 1
Sat Jun 30 01:32:33 2018 us=722754 ifconfig_local = '[UNDEF]'
Sat Jun 30 01:32:33 2018 us=722754 ifconfig_remote_netmask = '[UNDEF]'
Sat Jun 30 01:32:33 2018 us=722754 ifconfig_noexec = DISABLED
Sat Jun 30 01:32:33 2018 us=722754 ifconfig_nowarn = DISABLED
Sat Jun 30 01:32:33 2018 us=722754 ifconfig_ipv6_local = '[UNDEF]'
Sat Jun 30 01:32:33 2018 us=722754 ifconfig_ipv6_netbits = 0
Sat Jun 30 01:32:33 2018 us=722754 ifconfig_ipv6_remote = '[UNDEF]'
Sat Jun 30 01:32:33 2018 us=722754 shaper = 0
Sat Jun 30 01:32:33 2018 us=722754 mtu_test = 0
Sat Jun 30 01:32:33 2018 us=722754 mlock = DISABLED
Sat Jun 30 01:32:33 2018 us=722754 keepalive_ping = 0
Sat Jun 30 01:32:33 2018 us=722754 keepalive_timeout = 0
Sat Jun 30 01:32:33 2018 us=722754 inactivity_timeout = 0
Sat Jun 30 01:32:33 2018 us=722754 ping_send_timeout = 0
Sat Jun 30 01:32:33 2018 us=722754 ping_rec_timeout = 0
Sat Jun 30 01:32:33 2018 us=722754 ping_rec_timeout_action = 0
Sat Jun 30 01:32:33 2018 us=722754 ping_timer_remote = DISABLED
Sat Jun 30 01:32:33 2018 us=722754 remap_sigusr1 = 0
Sat Jun 30 01:32:33 2018 us=722754 persist_tun = ENABLED
Sat Jun 30 01:32:33 2018 us=722754 persist_local_ip = DISABLED
Sat Jun 30 01:32:33 2018 us=722754 persist_remote_ip = DISABLED
Sat Jun 30 01:32:33 2018 us=722754 persist_key = ENABLED
Sat Jun 30 01:32:33 2018 us=722754 passtos = DISABLED
Sat Jun 30 01:32:33 2018 us=722754 resolve_retry_seconds = 1000000000
Sat Jun 30 01:32:33 2018 us=722754 resolve_in_advance = DISABLED
Sat Jun 30 01:32:33 2018 us=722754 username = '[UNDEF]'
Sat Jun 30 01:32:33 2018 us=722754 groupname = '[UNDEF]'
Sat Jun 30 01:32:33 2018 us=722754 chroot_dir = '[UNDEF]'
Sat Jun 30 01:32:33 2018 us=722754 cd_dir = '[UNDEF]'
Sat Jun 30 01:32:33 2018 us=722754 writepid = '[UNDEF]'
Sat Jun 30 01:32:33 2018 us=722754 up_script = '[UNDEF]'
Sat Jun 30 01:32:33 2018 us=722754 down_script = '[UNDEF]'
Sat Jun 30 01:32:33 2018 us=722754 down_pre = DISABLED
Sat Jun 30 01:32:33 2018 us=722754 up_restart = DISABLED
Sat Jun 30 01:32:33 2018 us=722754 up_delay = DISABLED
Sat Jun 30 01:32:33 2018 us=722754 daemon = DISABLED
Sat Jun 30 01:32:33 2018 us=722754 inetd = 0
Sat Jun 30 01:32:33 2018 us=722754 log = ENABLED
Sat Jun 30 01:32:33 2018 us=722754 suppress_timestamps = DISABLED
Sat Jun 30 01:32:33 2018 us=722754 machine_readable_output = DISABLED
Sat Jun 30 01:32:33 2018 us=722754 nice = 0
Sat Jun 30 01:32:33 2018 us=722754 verbosity = 4
Sat Jun 30 01:32:33 2018 us=722754 mute = 0
Sat Jun 30 01:32:33 2018 us=722754 gremlin = 0
Sat Jun 30 01:32:33 2018 us=722754 status_file = '[UNDEF]'
Sat Jun 30 01:32:33 2018 us=722754 status_file_version = 1
Sat Jun 30 01:32:33 2018 us=722754 status_file_update_freq = 60
Sat Jun 30 01:32:33 2018 us=722754 occ = DISABLED
Sat Jun 30 01:32:33 2018 us=722754 rcvbuf = 0
Sat Jun 30 01:32:33 2018 us=722754 sndbuf = 0
Sat Jun 30 01:32:33 2018 us=722754 sockflags = 0
Sat Jun 30 01:32:33 2018 us=722754 fast_io = DISABLED
Sat Jun 30 01:32:33 2018 us=722754 comp.alg = 2
Sat Jun 30 01:32:33 2018 us=722754 comp.flags = 1
Sat Jun 30 01:32:33 2018 us=722754 route_script = '[UNDEF]'
Sat Jun 30 01:32:33 2018 us=722754 route_default_gateway = '[UNDEF]'
Sat Jun 30 01:32:33 2018 us=722754 route_default_metric = 0
Sat Jun 30 01:32:33 2018 us=722754 route_noexec = DISABLED
Sat Jun 30 01:32:33 2018 us=722754 route_delay = 5
Sat Jun 30 01:32:33 2018 us=722754 route_delay_window = 30
Sat Jun 30 01:32:33 2018 us=722754 route_delay_defined = ENABLED
Sat Jun 30 01:32:33 2018 us=722754 route_nopull = DISABLED
Sat Jun 30 01:32:33 2018 us=722754 route_gateway_via_dhcp = DISABLED
Sat Jun 30 01:32:33 2018 us=722754 allow_pull_fqdn = DISABLED
Sat Jun 30 01:32:33 2018 us=722754 Pull filters:
Sat Jun 30 01:32:33 2018 us=722754 ignore "dhcp-option DNS"
Sat Jun 30 01:32:33 2018 us=722754 route 192.168.0.0/255.255.0.0/192.168.1.1/default (not set)
Sat Jun 30 01:32:33 2018 us=722754 route plex.tv/255.255.255.255/192.168.1.1/default (not set)
Sat Jun 30 01:32:33 2018 us=722754 management_addr = '127.0.0.1'
Sat Jun 30 01:32:33 2018 us=722754 management_port = '25340'
Sat Jun 30 01:32:33 2018 us=722754 management_user_pass = 'stdin'
Sat Jun 30 01:32:33 2018 us=722754 management_log_history_cache = 250
Sat Jun 30 01:32:33 2018 us=722754 management_echo_buffer_size = 100
Sat Jun 30 01:32:33 2018 us=722754 management_write_peer_info_file = '[UNDEF]'
Sat Jun 30 01:32:33 2018 us=722754 management_client_user = '[UNDEF]'
Sat Jun 30 01:32:33 2018 us=722754 management_client_group = '[UNDEF]'
Sat Jun 30 01:32:33 2018 us=722754 management_flags = 6
Sat Jun 30 01:32:33 2018 us=722754 shared_secret_file = '[UNDEF]'
Sat Jun 30 01:32:33 2018 us=738375 key_direction = not set
Sat Jun 30 01:32:33 2018 us=738375 ciphername = 'aes-256-cbc'
Sat Jun 30 01:32:33 2018 us=738375 ncp_enabled = ENABLED
Sat Jun 30 01:32:33 2018 us=738375 ncp_ciphers = 'AES-256-GCM:AES-128-GCM'
Sat Jun 30 01:32:33 2018 us=738375 authname = 'sha256'
Sat Jun 30 01:32:33 2018 us=738375 prng_hash = 'SHA1'
Sat Jun 30 01:32:33 2018 us=738375 prng_nonce_secret_len = 16
Sat Jun 30 01:32:33 2018 us=738375 keysize = 0
Sat Jun 30 01:32:33 2018 us=738375 engine = DISABLED
Sat Jun 30 01:32:33 2018 us=738375 replay = ENABLED
Sat Jun 30 01:32:33 2018 us=738375 mute_replay_warnings = ENABLED
Sat Jun 30 01:32:33 2018 us=738375 replay_window = 64
Sat Jun 30 01:32:33 2018 us=738375 replay_time = 15
Sat Jun 30 01:32:33 2018 us=738375 packet_id_file = '[UNDEF]'
Sat Jun 30 01:32:33 2018 us=738375 use_iv = ENABLED
Sat Jun 30 01:32:33 2018 us=738375 test_crypto = DISABLED
Sat Jun 30 01:32:33 2018 us=738375 tls_server = DISABLED
Sat Jun 30 01:32:33 2018 us=738375 tls_client = ENABLED
Sat Jun 30 01:32:33 2018 us=738375 key_method = 2
Sat Jun 30 01:32:33 2018 us=738375 ca_file = 'ca.rsa.4096.crt'
Sat Jun 30 01:32:33 2018 us=739062 ca_path = '[UNDEF]'
Sat Jun 30 01:32:33 2018 us=739062 dh_file = '[UNDEF]'
Sat Jun 30 01:32:33 2018 us=739062 cert_file = '[UNDEF]'
Sat Jun 30 01:32:33 2018 us=739062 extra_certs_file = '[UNDEF]'
Sat Jun 30 01:32:33 2018 us=739062 priv_key_file = '[UNDEF]'
Sat Jun 30 01:32:33 2018 us=739062 pkcs12_file = '[UNDEF]'
Sat Jun 30 01:32:33 2018 us=739062 cryptoapi_cert = '[UNDEF]'
Sat Jun 30 01:32:33 2018 us=739062 cipher_list = '[UNDEF]'
Sat Jun 30 01:32:33 2018 us=739062 tls_cert_profile = '[UNDEF]'
Sat Jun 30 01:32:33 2018 us=739062 tls_verify = '[UNDEF]'
Sat Jun 30 01:32:33 2018 us=739062 tls_export_cert = '[UNDEF]'
Sat Jun 30 01:32:33 2018 us=739062 verify_x509_type = 0
Sat Jun 30 01:32:33 2018 us=739062 verify_x509_name = '[UNDEF]'
Sat Jun 30 01:32:33 2018 us=739062 crl_file = 'crl.rsa.4096.pem'
Sat Jun 30 01:32:33 2018 us=739062 ns_cert_type = 0
Sat Jun 30 01:32:33 2018 us=739062 remote_cert_ku[i] = 65535
Sat Jun 30 01:32:33 2018 us=739062 remote_cert_ku[i] = 0
Sat Jun 30 01:32:33 2018 us=739062 remote_cert_ku[i] = 0
Sat Jun 30 01:32:33 2018 us=739062 remote_cert_ku[i] = 0
Sat Jun 30 01:32:33 2018 us=739062 remote_cert_ku[i] = 0
Sat Jun 30 01:32:33 2018 us=739062 remote_cert_ku[i] = 0
Sat Jun 30 01:32:33 2018 us=739062 remote_cert_ku[i] = 0
Sat Jun 30 01:32:33 2018 us=739062 remote_cert_ku[i] = 0
Sat Jun 30 01:32:33 2018 us=739062 remote_cert_ku[i] = 0
Sat Jun 30 01:32:33 2018 us=739062 remote_cert_ku[i] = 0
Sat Jun 30 01:32:33 2018 us=739062 remote_cert_ku[i] = 0
Sat Jun 30 01:32:33 2018 us=739062 remote_cert_ku[i] = 0
Sat Jun 30 01:32:33 2018 us=739062 remote_cert_ku[i] = 0
Sat Jun 30 01:32:33 2018 us=740058 remote_cert_ku[i] = 0
Sat Jun 30 01:32:33 2018 us=740058 remote_cert_ku[i] = 0
Sat Jun 30 01:32:33 2018 us=740058 remote_cert_ku[i] = 0
Sat Jun 30 01:32:33 2018 us=740058 remote_cert_eku = 'TLS Web Server Authentication'
Sat Jun 30 01:32:33 2018 us=740058 ssl_flags = 0
Sat Jun 30 01:32:33 2018 us=740058 tls_timeout = 2
Sat Jun 30 01:32:33 2018 us=740058 renegotiate_bytes = -1
Sat Jun 30 01:32:33 2018 us=740058 renegotiate_packets = 0
Sat Jun 30 01:32:33 2018 us=740058 renegotiate_seconds = 0
Sat Jun 30 01:32:33 2018 us=740058 handshake_window = 60
Sat Jun 30 01:32:33 2018 us=740058 transition_window = 3600
Sat Jun 30 01:32:33 2018 us=740058 single_session = DISABLED
Sat Jun 30 01:32:33 2018 us=740058 push_peer_info = DISABLED
Sat Jun 30 01:32:33 2018 us=740058 tls_exit = DISABLED
Sat Jun 30 01:32:33 2018 us=740058 tls_auth_file = '[UNDEF]'
Sat Jun 30 01:32:33 2018 us=740058 tls_crypt_file = '[UNDEF]'
Sat Jun 30 01:32:33 2018 us=740058 pkcs11_protected_authentication = DISABLED
Sat Jun 30 01:32:33 2018 us=740058 pkcs11_protected_authentication = DISABLED
Sat Jun 30 01:32:33 2018 us=740058 pkcs11_protected_authentication = DISABLED
Sat Jun 30 01:32:33 2018 us=740058 pkcs11_protected_authentication = DISABLED
Sat Jun 30 01:32:33 2018 us=740058 pkcs11_protected_authentication = DISABLED
Sat Jun 30 01:32:33 2018 us=740058 pkcs11_protected_authentication = DISABLED
Sat Jun 30 01:32:33 2018 us=740058 pkcs11_protected_authentication = DISABLED
Sat Jun 30 01:32:33 2018 us=740058 pkcs11_protected_authentication = DISABLED
Sat Jun 30 01:32:33 2018 us=740058 pkcs11_protected_authentication = DISABLED
Sat Jun 30 01:32:33 2018 us=740058 pkcs11_protected_authentication = DISABLED
Sat Jun 30 01:32:33 2018 us=740058 pkcs11_protected_authentication = DISABLED
Sat Jun 30 01:32:33 2018 us=741055 pkcs11_protected_authentication = DISABLED
Sat Jun 30 01:32:33 2018 us=741055 pkcs11_protected_authentication = DISABLED
Sat Jun 30 01:32:33 2018 us=741055 pkcs11_protected_authentication = DISABLED
Sat Jun 30 01:32:33 2018 us=741055 pkcs11_protected_authentication = DISABLED
Sat Jun 30 01:32:33 2018 us=741055 pkcs11_protected_authentication = DISABLED
Sat Jun 30 01:32:33 2018 us=741055 pkcs11_private_mode = 00000000
Sat Jun 30 01:32:33 2018 us=741055 pkcs11_private_mode = 00000000
Sat Jun 30 01:32:33 2018 us=741055 pkcs11_private_mode = 00000000
Sat Jun 30 01:32:33 2018 us=741055 pkcs11_private_mode = 00000000
Sat Jun 30 01:32:33 2018 us=741055 pkcs11_private_mode = 00000000
Sat Jun 30 01:32:33 2018 us=741055 pkcs11_private_mode = 00000000
Sat Jun 30 01:32:33 2018 us=741055 pkcs11_private_mode = 00000000
Sat Jun 30 01:32:33 2018 us=741055 pkcs11_private_mode = 00000000
Sat Jun 30 01:32:33 2018 us=741055 pkcs11_private_mode = 00000000
Sat Jun 30 01:32:33 2018 us=741055 pkcs11_private_mode = 00000000
Sat Jun 30 01:32:33 2018 us=741055 pkcs11_private_mode = 00000000
Sat Jun 30 01:32:33 2018 us=741055 pkcs11_private_mode = 00000000
Sat Jun 30 01:32:33 2018 us=741055 pkcs11_private_mode = 00000000
Sat Jun 30 01:32:33 2018 us=741055 pkcs11_private_mode = 00000000
Sat Jun 30 01:32:33 2018 us=741055 pkcs11_private_mode = 00000000
Sat Jun 30 01:32:33 2018 us=741055 pkcs11_private_mode = 00000000
Sat Jun 30 01:32:33 2018 us=741055 pkcs11_cert_private = DISABLED
Sat Jun 30 01:32:33 2018 us=741055 pkcs11_cert_private = DISABLED
Sat Jun 30 01:32:33 2018 us=741055 pkcs11_cert_private = DISABLED
Sat Jun 30 01:32:33 2018 us=741055 pkcs11_cert_private = DISABLED
Sat Jun 30 01:32:33 2018 us=741055 pkcs11_cert_private = DISABLED
Sat Jun 30 01:32:33 2018 us=741055 pkcs11_cert_private = DISABLED
Sat Jun 30 01:32:33 2018 us=741055 pkcs11_cert_private = DISABLED
Sat Jun 30 01:32:33 2018 us=741055 pkcs11_cert_private = DISABLED
Sat Jun 30 01:32:33 2018 us=742052 pkcs11_cert_private = DISABLED
Sat Jun 30 01:32:33 2018 us=742052 pkcs11_cert_private = DISABLED
Sat Jun 30 01:32:33 2018 us=742052 pkcs11_cert_private = DISABLED
Sat Jun 30 01:32:33 2018 us=742052 pkcs11_cert_private = DISABLED
Sat Jun 30 01:32:33 2018 us=742052 pkcs11_cert_private = DISABLED
Sat Jun 30 01:32:33 2018 us=742052 pkcs11_cert_private = DISABLED
Sat Jun 30 01:32:33 2018 us=742052 pkcs11_cert_private = DISABLED
Sat Jun 30 01:32:33 2018 us=742052 pkcs11_cert_private = DISABLED
Sat Jun 30 01:32:33 2018 us=742052 pkcs11_pin_cache_period = -1
Sat Jun 30 01:32:33 2018 us=742052 pkcs11_id = '[UNDEF]'
Sat Jun 30 01:32:33 2018 us=742052 pkcs11_id_management = DISABLED
Sat Jun 30 01:32:33 2018 us=742052 server_network = 0.0.0.0
Sat Jun 30 01:32:33 2018 us=742052 server_netmask = 0.0.0.0
Sat Jun 30 01:32:33 2018 us=742052 server_network_ipv6 = ::
Sat Jun 30 01:32:33 2018 us=742052 server_netbits_ipv6 = 0
Sat Jun 30 01:32:33 2018 us=742052 server_bridge_ip = 0.0.0.0
Sat Jun 30 01:32:33 2018 us=742052 server_bridge_netmask = 0.0.0.0
Sat Jun 30 01:32:33 2018 us=742052 server_bridge_pool_start = 0.0.0.0
Sat Jun 30 01:32:33 2018 us=742052 server_bridge_pool_end = 0.0.0.0
Sat Jun 30 01:32:33 2018 us=742052 ifconfig_pool_defined = DISABLED
Sat Jun 30 01:32:33 2018 us=742052 ifconfig_pool_start = 0.0.0.0
Sat Jun 30 01:32:33 2018 us=742052 ifconfig_pool_end = 0.0.0.0
Sat Jun 30 01:32:33 2018 us=742052 ifconfig_pool_netmask = 0.0.0.0
Sat Jun 30 01:32:33 2018 us=742052 ifconfig_pool_persist_filename = '[UNDEF]'
Sat Jun 30 01:32:33 2018 us=742052 ifconfig_pool_persist_refresh_freq = 600
Sat Jun 30 01:32:33 2018 us=742052 ifconfig_ipv6_pool_defined = DISABLED
Sat Jun 30 01:32:33 2018 us=742052 ifconfig_ipv6_pool_base = ::
Sat Jun 30 01:32:33 2018 us=742052 ifconfig_ipv6_pool_netbits = 0
Sat Jun 30 01:32:33 2018 us=742052 n_bcast_buf = 256
Sat Jun 30 01:32:33 2018 us=742052 tcp_queue_limit = 64
Sat Jun 30 01:32:33 2018 us=743050 real_hash_size = 256
Sat Jun 30 01:32:33 2018 us=743050 virtual_hash_size = 256
Sat Jun 30 01:32:33 2018 us=743050 client_connect_script = '[UNDEF]'
Sat Jun 30 01:32:33 2018 us=743050 learn_address_script = '[UNDEF]'
Sat Jun 30 01:32:33 2018 us=743050 client_disconnect_script = '[UNDEF]'
Sat Jun 30 01:32:33 2018 us=743050 client_config_dir = '[UNDEF]'
Sat Jun 30 01:32:33 2018 us=743050 ccd_exclusive = DISABLED
Sat Jun 30 01:32:33 2018 us=743050 tmp_dir = 'C:UsersTamAppDataLocalTemp'
Sat Jun 30 01:32:33 2018 us=743050 push_ifconfig_defined = DISABLED
Sat Jun 30 01:32:33 2018 us=743050 push_ifconfig_local = 0.0.0.0
Sat Jun 30 01:32:33 2018 us=743050 push_ifconfig_remote_netmask = 0.0.0.0
Sat Jun 30 01:32:33 2018 us=743050 push_ifconfig_ipv6_defined = DISABLED
Sat Jun 30 01:32:33 2018 us=743050 push_ifconfig_ipv6_local = ::/0
Sat Jun 30 01:32:33 2018 us=743050 push_ifconfig_ipv6_remote = ::
Sat Jun 30 01:32:33 2018 us=743050 enable_c2c = DISABLED
Sat Jun 30 01:32:33 2018 us=743050 duplicate_cn = DISABLED
Sat Jun 30 01:32:33 2018 us=743050 cf_max = 0
Sat Jun 30 01:32:33 2018 us=743050 cf_per = 0
Sat Jun 30 01:32:33 2018 us=743050 max_clients = 1024
Sat Jun 30 01:32:33 2018 us=743050 max_routes_per_client = 256
Sat Jun 30 01:32:33 2018 us=743050 auth_user_pass_verify_script = '[UNDEF]'
Sat Jun 30 01:32:33 2018 us=743050 auth_user_pass_verify_script_via_file = DISABLED
Sat Jun 30 01:32:33 2018 us=743050 auth_token_generate = DISABLED
Sat Jun 30 01:32:33 2018 us=743050 auth_token_lifetime = 0
Sat Jun 30 01:32:33 2018 us=743050 client = ENABLED
Sat Jun 30 01:32:33 2018 us=743050 pull = ENABLED
Sat Jun 30 01:32:33 2018 us=743050 auth_user_pass_file = 'passwd.txt'
Sat Jun 30 01:32:33 2018 us=743050 show_net_up = DISABLED
Sat Jun 30 01:32:33 2018 us=743050 route_method = 3
Sat Jun 30 01:32:33 2018 us=743050 block_outside_dns = DISABLED
Sat Jun 30 01:32:33 2018 us=744047 ip_win32_defined = DISABLED
Sat Jun 30 01:32:33 2018 us=744047 ip_win32_type = 3
Sat Jun 30 01:32:33 2018 us=744047 dhcp_masq_offset = 0
Sat Jun 30 01:32:33 2018 us=744047 dhcp_lease_time = 31536000
Sat Jun 30 01:32:33 2018 us=744047 tap_sleep = 0
Sat Jun 30 01:32:33 2018 us=744047 dhcp_options = DISABLED
Sat Jun 30 01:32:33 2018 us=744047 dhcp_renew = DISABLED
Sat Jun 30 01:32:33 2018 us=744047 dhcp_pre_release = DISABLED
Sat Jun 30 01:32:33 2018 us=744047 domain = '[UNDEF]'
Sat Jun 30 01:32:33 2018 us=744047 netbios_scope = '[UNDEF]'
Sat Jun 30 01:32:33 2018 us=744047 netbios_node_type = 0
Sat Jun 30 01:32:33 2018 us=744047 disable_nbt = DISABLED
Sat Jun 30 01:32:33 2018 us=744047 OpenVPN 2.4.6 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Apr 26 2018
Sat Jun 30 01:32:33 2018 us=744047 Windows version 6.2 (Windows 8 or greater) 64bit
Sat Jun 30 01:32:33 2018 us=744047 library versions: OpenSSL 1.1.0h 27 Mar 2018, LZO 2.10
Sat Jun 30 01:32:33 2018 us=744047 Restart pause, 5 second(s)
Sat Jun 30 01:32:38 2018 us=783086 LZO compression initializing
Sat Jun 30 01:32:38 2018 us=783086 Control Channel MTU parms [ L:1622 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Sat Jun 30 01:32:38 2018 us=783086 MANAGEMENT: >STATE:1530336758,RESOLVE,,,,,,
Sat Jun 30 01:32:38 2018 us=783086 Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
Sat Jun 30 01:32:38 2018 us=783086 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1570,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-256-CBC,auth SHA256,keysize 256,key-method 2,tls-client'
Sat Jun 30 01:32:38 2018 us=783086 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1570,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-256-CBC,auth SHA256,keysize 256,key-method 2,tls-server'
Sat Jun 30 01:32:38 2018 us=783086 TCP/UDP: Preserving recently used remote address: [AF_INET]107.182.231.79:1197
Sat Jun 30 01:32:38 2018 us=783086 Socket Buffers: R=[65536->65536] S=[65536->65536]
Sat Jun 30 01:32:38 2018 us=783086 UDP link local: (not bound)
Sat Jun 30 01:32:38 2018 us=783086 UDP link remote: [AF_INET]107.182.231.79:1197
Sat Jun 30 01:32:38 2018 us=783086 MANAGEMENT: >STATE:1530336758,WAIT,,,,,,
Sat Jun 30 01:32:38 2018 us=798655 MANAGEMENT: >STATE:1530336758,AUTH,,,,,,
Sat Jun 30 01:32:38 2018 us=798655 TLS: Initial packet from [AF_INET]107.182.231.79:1197, sid=675a3fd6 be2fc259
Sat Jun 30 01:32:38 2018 us=864547 VERIFY OK: depth=1, C=US, ST=CA, L=LosAngeles, O=Private Internet Access, OU=Private Internet Access, CN=Private Internet Access, name=Private Internet Access, emailAddress=secure@privateinternetaccess.com
Sat Jun 30 01:32:38 2018 us=864547 VERIFY KU OK
Sat Jun 30 01:32:38 2018 us=864547 Validating certificate extended key usage
Sat Jun 30 01:32:38 2018 us=864547 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Sat Jun 30 01:32:38 2018 us=864547 VERIFY EKU OK
Sat Jun 30 01:32:38 2018 us=864547 VERIFY OK: depth=0, C=US, ST=CA, L=LosAngeles, O=Private Internet Access, OU=Private Internet Access, CN=e139dafe9702261606c50313497b829c, name=e139dafe9702261606c50313497b829c
Sat Jun 30 01:32:38 2018 us=942702 Control Channel: TLSv1.2, cipher TLSv1.2 DHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
Sat Jun 30 01:32:38 2018 us=942702 [e139dafe9702261606c50313497b829c] Peer Connection Initiated with [AF_INET]107.182.231.79:1197
Sat Jun 30 01:32:40 2018 us=84250 MANAGEMENT: >STATE:1530336760,GET_CONFIG,,,,,,
Sat Jun 30 01:32:40 2018 us=84250 SENT CONTROL [e139dafe9702261606c50313497b829c]: 'PUSH_REQUEST' (status=1)
Sat Jun 30 01:32:40 2018 us=103076 AUTH: Received control message: AUTH_FAILED
Sat Jun 30 01:32:40 2018 us=103076 TCP/UDP: Closing socket
Sat Jun 30 01:32:40 2018 us=103076 SIGUSR1[soft,auth-failure] received, process restarting
Sat Jun 30 01:32:40 2018 us=103076 MANAGEMENT: >STATE:1530336760,RECONNECTING,auth-failure,,,,,
Sat Jun 30 01:32:40 2018 us=103076 Restart pause, 5 second(s)
Sat Jun 30 01:32:45 2018 us=153152 Re-using SSL/TLS context
Sat Jun 30 01:32:45 2018 us=153152 LZO compression initializing
Sat Jun 30 01:32:45 2018 us=153152 Control Channel MTU parms [ L:1622 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Sat Jun 30 01:32:45 2018 us=153152 Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
Sat Jun 30 01:32:45 2018 us=153152 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1570,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-256-CBC,auth SHA256,keysize 256,key-method 2,tls-client'
Sat Jun 30 01:32:45 2018 us=153152 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1570,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-256-CBC,auth SHA256,keysize 256,key-method 2,tls-server'
Sat Jun 30 01:32:45 2018 us=153152 TCP/UDP: Preserving recently used remote address: [AF_INET]107.182.231.79:1197
Sat Jun 30 01:32:45 2018 us=153152 Socket Buffers: R=[65536->65536] S=[65536->65536]
Sat Jun 30 01:32:45 2018 us=153152 UDP link local: (not bound)
Sat Jun 30 01:32:45 2018 us=153152 UDP link remote: [AF_INET]107.182.231.79:1197
Sat Jun 30 01:32:45 2018 us=153152 MANAGEMENT: >STATE:1530336765,WAIT,,,,,,
Sat Jun 30 01:32:45 2018 us=168774 MANAGEMENT: >STATE:1530336765,AUTH,,,,,,
Sat Jun 30 01:32:45 2018 us=168774 TLS: Initial packet from [AF_INET]107.182.231.79:1197, sid=76ae5b00 ce33b3f6
Sat Jun 30 01:32:45 2018 us=231262 VERIFY OK: depth=1, C=US, ST=CA, L=LosAngeles, O=Private Internet Access, OU=Private Internet Access, CN=Private Internet Access, name=Private Internet Access, emailAddress=secure@privateinternetaccess.com
Sat Jun 30 01:32:45 2018 us=231262 VERIFY KU OK
Sat Jun 30 01:32:45 2018 us=231262 Validating certificate extended key usage
Sat Jun 30 01:32:45 2018 us=231262 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Sat Jun 30 01:32:45 2018 us=231262 VERIFY EKU OK
Sat Jun 30 01:32:45 2018 us=231262 VERIFY OK: depth=0, C=US, ST=CA, L=LosAngeles, O=Private Internet Access, OU=Private Internet Access, CN=e139dafe9702261606c50313497b829c, name=e139dafe9702261606c50313497b829c
Sat Jun 30 01:32:45 2018 us=337991 Control Channel: TLSv1.2, cipher TLSv1.2 DHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
Sat Jun 30 01:32:45 2018 us=337991 [e139dafe9702261606c50313497b829c] Peer Connection Initiated with [AF_INET]107.182.231.79:1197
Sat Jun 30 01:32:46 2018 us=397707 MANAGEMENT: >STATE:1530336766,GET_CONFIG,,,,,,
Sat Jun 30 01:32:46 2018 us=397707 SENT CONTROL [e139dafe9702261606c50313497b829c]: 'PUSH_REQUEST' (status=1)
Sat Jun 30 01:32:46 2018 us=397707 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 209.222.18.222,dhcp-option DNS 209.222.18.218,ping 10,comp-lzo no,route 10.55.10.1,topology net30,ifconfig 10.55.10.6 10.55.10.5,auth-token'
Sat Jun 30 01:32:46 2018 us=397707 Pushed option removed by filter: 'dhcp-option DNS 209.222.18.222'
Sat Jun 30 01:32:46 2018 us=397707 Pushed option removed by filter: 'dhcp-option DNS 209.222.18.218'
Sat Jun 30 01:32:46 2018 us=397707 auth-token received, disabling auth-nocache for the authentication token
Sat Jun 30 01:32:46 2018 us=397707 OPTIONS IMPORT: timers and/or timeouts modified
Sat Jun 30 01:32:46 2018 us=397707 OPTIONS IMPORT: compression parms modified
Sat Jun 30 01:32:46 2018 us=397707 OPTIONS IMPORT: --ifconfig/up options modified
Sat Jun 30 01:32:46 2018 us=397707 OPTIONS IMPORT: route options modified
Sat Jun 30 01:32:46 2018 us=397707 Data Channel MTU parms [ L:1570 D:1450 EF:70 EB:406 ET:0 EL:3 ]
Sat Jun 30 01:32:46 2018 us=397707 Outgoing Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
Sat Jun 30 01:32:46 2018 us=397707 Outgoing Data Channel: Using 256 bit message hash 'SHA256' for HMAC authentication
Sat Jun 30 01:32:46 2018 us=397707 Incoming Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
Sat Jun 30 01:32:46 2018 us=397707 Incoming Data Channel: Using 256 bit message hash 'SHA256' for HMAC authentication
Sat Jun 30 01:32:46 2018 us=397707 interactive service msg_channel=880
Sat Jun 30 01:32:46 2018 us=397707 ROUTE_GATEWAY 192.168.1.1/255.255.255.0 I=15 HWADDR=70:85:c2:6c:0d:ea
Sat Jun 30 01:32:46 2018 us=428901 open_tun
Sat Jun 30 01:32:46 2018 us=428901 TAP-WIN32 device [Ethernet 2] opened: \.Global{86ACEA81-E061-4917-A3DD-D4D6F12E414F}.tap
Sat Jun 30 01:32:46 2018 us=428901 TAP-Windows Driver Version 9.21
Sat Jun 30 01:32:46 2018 us=428901 TAP-Windows MTU=1500
Sat Jun 30 01:32:46 2018 us=428901 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.55.10.6/255.255.255.252 on interface {86ACEA81-E061-4917-A3DD-D4D6F12E414F} [DHCP-serv: 10.55.10.5, lease-time: 31536000]
Sat Jun 30 01:32:46 2018 us=428901 Successful ARP Flush on interface [9] {86ACEA81-E061-4917-A3DD-D4D6F12E414F}
Sat Jun 30 01:32:46 2018 us=444498 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Sat Jun 30 01:32:46 2018 us=444498 MANAGEMENT: >STATE:1530336766,ASSIGN_IP,,10.55.10.6,,,,
Sat Jun 30 01:32:46 2018 us=444498 write UDP: Unknown error (code=10065)
Sat Jun 30 01:32:46 2018 us=460120 write UDP: Unknown error (code=10065)
Sat Jun 30 01:32:52 2018 us=40548 TEST ROUTES: 11/11 succeeded len=10 ret=1 a=0 u/d=up
Sat Jun 30 01:32:52 2018 us=40548 C:WINDOWSsystem32route.exe ADD 107.182.231.79 MASK 255.255.255.255 192.168.1.1
Sat Jun 30 01:32:52 2018 us=40548 Route addition via service succeeded
Sat Jun 30 01:32:52 2018 us=40548 C:WINDOWSsystem32route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.55.10.5
Sat Jun 30 01:32:52 2018 us=40548 Route addition via service succeeded
Sat Jun 30 01:32:52 2018 us=40548 C:WINDOWSsystem32route.exe ADD 128.0.0.0 MASK 128.0.0.0 10.55.10.5
Sat Jun 30 01:32:52 2018 us=40548 Route addition via service succeeded
Sat Jun 30 01:32:52 2018 us=40548 MANAGEMENT: >STATE:1530336772,ADD_ROUTES,,,,,,
Sat Jun 30 01:32:52 2018 us=40548 C:WINDOWSsystem32route.exe ADD 52.208.108.2 MASK 255.255.255.255 192.168.1.1
Sat Jun 30 01:32:52 2018 us=40548 Route addition via service succeeded
Sat Jun 30 01:32:52 2018 us=40548 C:WINDOWSsystem32route.exe ADD 52.210.134.93 MASK 255.255.255.255 192.168.1.1
Sat Jun 30 01:32:52 2018 us=40548 Route addition via service succeeded
Sat Jun 30 01:32:52 2018 us=40548 C:WINDOWSsystem32route.exe ADD 34.249.151.238 MASK 255.255.255.255 192.168.1.1
Sat Jun 30 01:32:52 2018 us=40548 Route addition via service succeeded
Sat Jun 30 01:32:52 2018 us=40548 C:WINDOWSsystem32route.exe ADD 52.18.234.21 MASK 255.255.255.255 192.168.1.1
Sat Jun 30 01:32:52 2018 us=40548 Route addition via service succeeded
Sat Jun 30 01:32:52 2018 us=40548 C:WINDOWSsystem32route.exe ADD 52.211.233.249 MASK 255.255.255.255 192.168.1.1
Sat Jun 30 01:32:52 2018 us=40548 Route addition via service succeeded
Sat Jun 30 01:32:52 2018 us=40548 C:WINDOWSsystem32route.exe ADD 34.248.194.188 MASK 255.255.255.255 192.168.1.1
Sat Jun 30 01:32:52 2018 us=40548 Route addition via service succeeded
Sat Jun 30 01:32:52 2018 us=40548 C:WINDOWSsystem32route.exe ADD 34.246.147.206 MASK 255.255.255.255 192.168.1.1
Sat Jun 30 01:32:52 2018 us=40548 Route addition via service succeeded
Sat Jun 30 01:32:52 2018 us=40548 C:WINDOWSsystem32route.exe ADD 54.77.87.2 MASK 255.255.255.255 192.168.1.1
Sat Jun 30 01:32:52 2018 us=56124 Route addition via service succeeded
Sat Jun 30 01:32:52 2018 us=56124 C:WINDOWSsystem32route.exe ADD 192.168.0.0 MASK 255.255.0.0 192.168.1.1
Sat Jun 30 01:32:52 2018 us=56124 Route addition via service succeeded
Sat Jun 30 01:32:52 2018 us=56124 C:WINDOWSsystem32route.exe ADD 10.55.10.1 MASK 255.255.255.255 10.55.10.5
Sat Jun 30 01:32:52 2018 us=56124 Route addition via service succeeded
Sat Jun 30 01:32:52 2018 us=56124 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Sat Jun 30 01:32:52 2018 us=56124 Initialization Sequence Completed
Sat Jun 30 01:32:52 2018 us=56124 MANAGEMENT: >STATE:1530336772,CONNECTED,SUCCESS,10.55.10.6,107.182.231.79,1197,,
ipconfig
Microsoft Windows [Version 10.0.17134.112]
(c) 2018 Microsoft Corporation. All rights reserved.
C:UsersTam>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : BADASSMACHINEV3
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Ethernet 4:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : ASIX AX88179 USB 3.0 to Gigabit Ethernet Adapter
Physical Address. . . . . . . . . : 8C-AE-4C-F4-FA-A8
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Ethernet adapter Ethernet 3:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) Ethernet Connection (2) I219-V
Physical Address. . . . . . . . . : 70-85-C2-6C-0D-EA
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::619f:97f6:45ad:6d5%15(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.3(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, June 29, 2018 12:23:24 AM
Lease Expires . . . . . . . . . . : Saturday, June 30, 2018 11:24:47 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 208700866
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-22-7E-CA-47-70-85-C2-6C-0D-EA
DNS Servers . . . . . . . . . . . : 192.168.1.12
192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Ethernet adapter Ethernet 2:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : TAP-Windows Adapter V9
Physical Address. . . . . . . . . : 00-FF-86-AC-EA-81
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::864:b419:207f:66f1%9(Preferred)
IPv4 Address. . . . . . . . . . . : 10.55.10.6(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.252
Lease Obtained. . . . . . . . . . : Saturday, June 30, 2018 1:32:46 AM
Lease Expires . . . . . . . . . . : Sunday, June 30, 2019 1:32:45 AM
Default Gateway . . . . . . . . . :
DHCP Server . . . . . . . . . . . : 10.55.10.5
DHCPv6 IAID . . . . . . . . . . . : 151060358
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-22-7E-CA-47-70-85-C2-6C-0D-EA
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled
C:UsersTam>
route
Microsoft Windows [Version 10.0.17134.112]
(c) 2018 Microsoft Corporation. All rights reserved.
C:UsersTam>route print
===========================================================================
Interface List
16...8c ae 4c f4 fa a8 ......ASIX AX88179 USB 3.0 to Gigabit Ethernet Adapter
15...70 85 c2 6c 0d ea ......Intel(R) Ethernet Connection (2) I219-V
9...00 ff 86 ac ea 81 ......TAP-Windows Adapter V9
1...........................Software Loopback Interface 1
===========================================================================
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.3 25
0.0.0.0 128.0.0.0 10.30.1.17 10.55.10.6 35
0.0.0.0 128.0.0.0 10.30.1.13 10.55.10.6 35
0.0.0.0 128.0.0.0 10.30.1.5 10.55.10.6 35
0.0.0.0 128.0.0.0 10.55.10.5 10.55.10.6 291
10.30.1.1 255.255.255.255 10.30.1.17 10.55.10.6 35
10.30.1.1 255.255.255.255 10.30.1.13 10.55.10.6 35
10.30.1.1 255.255.255.255 10.30.1.5 10.55.10.6 35
10.55.10.1 255.255.255.255 10.55.10.5 10.55.10.6 291
10.55.10.4 255.255.255.252 On-link 10.55.10.6 291
10.55.10.6 255.255.255.255 On-link 10.55.10.6 291
10.55.10.7 255.255.255.255 On-link 10.55.10.6 291
34.246.147.206 255.255.255.255 192.168.1.1 192.168.1.3 281
34.248.194.188 255.255.255.255 192.168.1.1 192.168.1.3 281
34.249.151.238 255.255.255.255 192.168.1.1 192.168.1.3 281
52.18.234.21 255.255.255.255 192.168.1.1 192.168.1.3 281
52.208.108.2 255.255.255.255 192.168.1.1 192.168.1.3 281
52.210.134.93 255.255.255.255 192.168.1.1 192.168.1.3 281
52.211.233.249 255.255.255.255 192.168.1.1 192.168.1.3 281
54.77.87.2 255.255.255.255 192.168.1.1 192.168.1.3 281
107.182.231.79 255.255.255.255 192.168.1.1 192.168.1.3 281
127.0.0.0 255.0.0.0 On-link 127.0.0.1 331
127.0.0.1 255.255.255.255 On-link 127.0.0.1 331
127.255.255.255 255.255.255.255 On-link 127.0.0.1 331
128.0.0.0 128.0.0.0 10.30.1.17 10.55.10.6 35
128.0.0.0 128.0.0.0 10.30.1.13 10.55.10.6 35
128.0.0.0 128.0.0.0 10.30.1.5 10.55.10.6 35
128.0.0.0 128.0.0.0 10.55.10.5 10.55.10.6 291
192.168.0.0 255.255.0.0 192.168.1.1 192.168.1.3 281
192.168.1.0 255.255.255.0 On-link 192.168.1.3 281
192.168.1.3 255.255.255.255 On-link 192.168.1.3 281
192.168.1.255 255.255.255.255 On-link 192.168.1.3 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 331
224.0.0.0 240.0.0.0 On-link 10.55.10.6 291
224.0.0.0 240.0.0.0 On-link 192.168.1.3 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 331
255.255.255.255 255.255.255.255 On-link 10.55.10.6 291
255.255.255.255 255.255.255.255 On-link 192.168.1.3 281
===========================================================================
Persistent Routes:
None
IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 331 ::1/128 On-link
9 291 fe80::/64 On-link
15 281 fe80::/64 On-link
9 291 fe80::864:b419:207f:66f1/128
On-link
15 281 fe80::619f:97f6:45ad:6d5/128
On-link
1 331 ff00::/8 On-link
9 291 ff00::/8 On-link
15 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
C:UsersTam>
-
kovacg
- OpenVpn Newbie
- Posts: 7
- Joined: Wed Feb 21, 2018 4:47 pm
Unknown Error (Code=10054)
Hello,
i set up VPN connection on win7 due to manual. I was trying to connect with client, but there is problem.
Wed Feb 21 17:41:08 2018 OpenVPN 2.4.4 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Sep 26 2017
Wed Feb 21 17:41:08 2018 Windows version 6.1 (Windows 7) 64bit
Wed Feb 21 17:41:08 2018 library versions: OpenSSL 1.0.2l 25 May 2017, LZO 2.10
Wed Feb 21 17:41:08 2018 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Wed Feb 21 17:41:08 2018 Need hold release from management interface, waiting…
Wed Feb 21 17:41:09 2018 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Wed Feb 21 17:41:09 2018 MANAGEMENT: CMD ‘state on’
Wed Feb 21 17:41:09 2018 MANAGEMENT: CMD ‘log all on’
Wed Feb 21 17:41:09 2018 MANAGEMENT: CMD ‘echo all on’
Wed Feb 21 17:41:09 2018 MANAGEMENT: CMD ‘hold off’
Wed Feb 21 17:41:09 2018 MANAGEMENT: CMD ‘hold release’
Wed Feb 21 17:41:09 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]185.167.xxx.xxxx:1194
Wed Feb 21 17:41:09 2018 Socket Buffers: R=[8192->8192] S=[8192->8192]
Wed Feb 21 17:41:09 2018 UDP link local: (not bound)
Wed Feb 21 17:41:09 2018 UDP link remote: [AF_INET]185.167.xxx.xxx:1194
Wed Feb 21 17:41:09 2018 MANAGEMENT: >STATE:1519231269,WAIT,,,,,,
Wed Feb 21 17:41:09 2018 read UDP: Unknown error (code=10054)
Wed Feb 21 17:41:11 2018 read UDP: Unknown error (code=10054)
Wed Feb 21 17:41:15 2018 read UDP: Unknown error (code=10054)
Wed Feb 21 17:41:23 2018 read UDP: Unknown error (code=10054)
Wed Feb 21 17:41:39 2018 read UDP: Unknown error (code=10054)
Wed Feb 21 17:42:10 2018 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Wed Feb 21 17:42:10 2018 TLS Error: TLS handshake failed
My ISP can´t give me an private IP. So he forward port 1194 to my router. There I forward port 1194 to ip of my server.
Is that possible? Do you somebody know where could be a problem?
Thanks for your help and sorry for my bad english
-
TinCanTech
- OpenVPN Protagonist
- Posts: 11142
- Joined: Fri Jun 03, 2016 1:17 pm
Re: Unknown Error (Code=10054)
Post
by TinCanTech » Wed Feb 21, 2018 6:33 pm
Does your server show any connections from this client ?
-
kovacg
- OpenVpn Newbie
- Posts: 7
- Joined: Wed Feb 21, 2018 4:47 pm
Re: Unknown Error (Code=10054)
Post
by kovacg » Wed Feb 21, 2018 9:45 pm
I was tried make set up again. And now I have this error message: Connection reset by peer (WSAECONNRESET) (code=10054)
On the server, I can´t see anything.
Thank you
-
TinCanTech
- OpenVPN Protagonist
- Posts: 11142
- Joined: Fri Jun 03, 2016 1:17 pm
Re: Unknown Error (Code=10054)
Post
by TinCanTech » Wed Feb 21, 2018 10:05 pm
kovacg wrote: ↑
Wed Feb 21, 2018 9:45 pm
On the server, I can´t see anything.
Because the packets are not getting to your server.
kovacg wrote: ↑
Wed Feb 21, 2018 4:53 pm
My ISP can´t give me an private IP. So he forward port 1194 to my router. There I forward port 1194 to ip of my server.
Make sure the port is forwarded correctly .. maybe you can use DMZ on your router ?
-
kovacg
- OpenVpn Newbie
- Posts: 7
- Joined: Wed Feb 21, 2018 4:47 pm
Re: Unknown Error (Code=10054)
Post
by kovacg » Thu Feb 22, 2018 5:08 pm
I think ports are forwarded correctly.
This is forwarded from my ISP
this is forwarded from my Router
Routers IP is xxx.xxx.90.5 and server ip is xxx.xxx.5.254
I don´t know how to use DMZ.
-
TinCanTech
- OpenVPN Protagonist
- Posts: 11142
- Joined: Fri Jun 03, 2016 1:17 pm
Re: Unknown Error (Code=10054)
Post
by TinCanTech » Thu Feb 22, 2018 8:52 pm
kovacg wrote: ↑
Wed Feb 21, 2018 4:53 pm
read UDP: Unknown error (code=10054)
This Windows error message means the connection was reset .. which almost certainly means you have not got either port forwarded correctly or firewall configured correctly.
-
kovacg
- OpenVpn Newbie
- Posts: 7
- Joined: Wed Feb 21, 2018 4:47 pm
Re: Unknown Error (Code=10054)
Post
by kovacg » Thu Feb 22, 2018 10:36 pm
So it could be firewall problem?
-
RRGraphixGuy
- OpenVpn Newbie
- Posts: 1
- Joined: Wed Apr 01, 2020 2:23 pm
Re: Unknown Error (Code=10054)
Post
by RRGraphixGuy » Wed Apr 01, 2020 2:32 pm
kovacg wrote: ↑
Thu Feb 22, 2018 10:36 pm
So it could be firewall problem?
Not only Windows Firewall, but third-party anti-virus and/or anti-malware applications as well. I was very frustrated yesterday on a particular computer until I discovered Avast was installed on it and running its network and application shields. Simply add OpenVPN as exception, problem solved. 
OpenVPN greatly improves your online privacy. Often, OpenVPN clients do not work correctly and show up connection errors too.
One such error is “OpenVPN error 10054“. Unfortunately, it happens when the OpenVPN server connection gets a reset.
At Bobcares, we solve OpenVPN connection errors for our customers as part of our Managed VPN Services.
Today, we’ll see how our Support Engineers diagnose and fix “OpenVPN error 10054”.
What causes “OpenVPN error 10054”?
OpenVPN works on a client-server model. In simple words, the OpenVPN client initiates a connection to the OpenVPN server. Further, all communication happens via this channel. That’s how OpenVPN take care of the privacy of user data.
At times, when this connection is reset, it shows the error:
Jan 23 17:41:39 2019 read UDP: Unknown error (code=10054)
Jan 23 17:42:10 2019 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Jan 23 17:42:10 2019 TLS Error: TLS handshake failedThis errors shows that the UDP packets could not make it to the OpenVPN server.
Now, let’s see the top reasons that can cause this connection reset error.
1. Wrong firewall settings
Primarily, VPN connection reset can happen due to the wrong Firewall settings on the computer that runs the OpenVPN client. As the firewall blocks the connection, the data packets do not even reach the server.
Sometimes, even the firewall at the Internet Service Provider (ISP) also can cause OpenVPN error.
Recently, when a customer reported problems with OpenVPN error 10054, it was the ISP firewall affecting the connection. Here, the ISP router was assigning all the devices the same public IP address, which created conflict.
2. Wrong port forwarding
Whenever VPN uses Network Address Translation aka NAT firewall, then there is a need for remote port forwarding. Here, port forwarding forwards all incoming connections with a matching port number to the internal computer with specific address.
However, when there are wrong port forwarding rules set in the OpenVPN server, it can again result in “OpenVPN error 10054.”
How we fix “OpenVPN error 10054”
We just saw the typical causes for the error. Now, let’s take a look on how our Support Engineers fix the OpenVPN connection.
1. Check server connection
Firstly, we check the connection from the home computer to the OpenVPN server. For this, we use the telnet command in the format
telnet If the connection do not work properly, we then check on the server side to see if there are connections reaching the OpenVPN server from this particular client.
2. Disabling firewall
If connections are not even reaching the server, obviously the client computer firewall will have a role in it. To isolate this firewall dependency, our Dedicated Engineers suggest customers to completely turn off firewall and repeat the telnet check. For example, in case of Windows customers, we ask them to disable Windows Firewall completely and try connecting.
Again, if there are further error messages, it means there is something beyond the computer firewall.
3. Edit port forwarding rules
At this point, we check the port forwarding rules in the OpenVPN server. We look for typos in the rules and fix them. That solves the OpenVPN error 10054, and make OpenVPN work fine.
[Are you getting “OpenVPN error 10054“? Our VPN experts can easily fix it for you.]
Conclusion
In short, OpenVPN error 10054 happens mainly due to firewall settings or wrong port forwarding rules in the OpenVPN server. Today, we saw the typical reasons for the error and how our Support Engineers restore VPN connectivity.
PREVENT YOUR SERVER FROM CRASHING!
Never again lose customers to poor server speed! Let us help you.
Our server experts will monitor & maintain your server 24/7 so that it remains lightning fast and secure.
GET STARTED
var google_conversion_label = «owonCMyG5nEQ0aD71QM»;
Содержание
- How to quickly fix OpenVPN error 10054?
- What causes “OpenVPN error 10054”?
- 1. Wrong firewall settings
- 2. Wrong port forwarding
- How we fix “OpenVPN error 10054”
- 1. Check server connection
- 2. Disabling firewall
- 3. Edit port forwarding rules
- Conclusion
- PREVENT YOUR SERVER FROM CRASHING!
- 1 Comment
- Error when connect : read UDP: Unknown error (code=10054) #223
- Comments
- OpenVPN Support Forum
- TLS Error: TLS key negotiation failed — read UDP: Unknown error (code=10054)
- TLS Error: TLS key negotiation failed — read UDP: Unknown error (code=10054)
How to quickly fix OpenVPN error 10054?
by Sijin George | Feb 16, 2019
OpenVPN greatly improves your online privacy. Often, OpenVPN clients do not work correctly and show up connection errors too.
One such error is “OpenVPN error 10054“. Unfortunately, it happens when the OpenVPN server connection gets a reset.
At Bobcares, we solve OpenVPN connection errors for our customers as part of our Managed VPN Services.
Today, we’ll see how our Support Engineers diagnose and fix “OpenVPN error 10054”.
What causes “OpenVPN error 10054”?
OpenVPN works on a client-server model. In simple words, the OpenVPN client initiates a connection to the OpenVPN server. Further, all communication happens via this channel. That’s how OpenVPN take care of the privacy of user data.
At times, when this connection is reset, it shows the error:
This errors shows that the UDP packets could not make it to the OpenVPN server.
Now, let’s see the top reasons that can cause this connection reset error.
1. Wrong firewall settings
Primarily, VPN connection reset can happen due to the wrong Firewall settings on the computer that runs the OpenVPN client. As the firewall blocks the connection, the data packets do not even reach the server.
Sometimes, even the firewall at the Internet Service Provider (ISP) also can cause OpenVPN error.
Recently, when a customer reported problems with OpenVPN error 10054, it was the ISP firewall affecting the connection. Here, the ISP router was assigning all the devices the same public IP address, which created conflict.
2. Wrong port forwarding
Whenever VPN uses Network Address Translation aka NAT firewall, then there is a need for remote port forwarding. Here, port forwarding forwards a ll incoming connections with a matching port number to the internal computer with specific address.
However, when there are wrong port forwarding rules set in the OpenVPN server, it can again result in “OpenVPN error 10054.”
How we fix “OpenVPN error 10054”
We just saw the typical causes for the error. Now, let’s take a look on how our Support Engineers fix the OpenVPN connection.
1. Check server connection
Firstly, we check the connection from the home computer to the OpenVPN server. For this, we use the telnet command in the format
If the connection do not work properly, we then check on the server side to see if there are connections reaching the OpenVPN server from this particular client.
2. Disabling firewall
If connections are not even reaching the server, obviously the client computer firewall will have a role in it. To isolate this firewall dependency, our Dedicated Engineers suggest customers to completely turn off firewall and repeat the telnet check. For example, in case of Windows customers, we ask them to disable Windows Firewall completely and try connecting.
Again, if there are further error messages, it means there is something beyond the computer firewall.
3. Edit port forwarding rules
At this point, we check the port forwarding rules in the OpenVPN server. We look for typos in the rules and fix them. That solves the OpenVPN error 10054, and make OpenVPN work fine.
Conclusion
In short, OpenVPN error 10054 happens mainly due to firewall settings or wrong port forwarding rules in the OpenVPN server. Today, we saw the typical reasons for the error and how our Support Engineers restore VPN connectivity.
PREVENT YOUR SERVER FROM CRASHING!
Never again lose customers to poor server speed! Let us help you.
Our server experts will monitor & maintain your server 24/7 so that it remains lightning fast and secure.
Remember to check for any third-party anti-virus or anti-malware software you may be running, and not just Windows Firewall alone.
If those have web/network and application “shields”, etc. you should be able to whitelist OpenVPN or add as an exception.
Источник
Error when connect : read UDP: Unknown error (code=10054) #223
I got those message when I’m trying to connect on my VPN (host in a VPS with the autoscript)
And I don’t really find anything on google
Thu Feb 22 20:53:02 2018 SIGUSR1[soft,tls-error] received, process restarting Thu Feb 22 20:53:02 2018 MANAGEMENT: >STATE:1519329182,RECONNECTING,tls-error. Thu Feb 22 20:53:02 2018 Restart pause, 40 second(s) Thu Feb 22 20:53:42 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]5.135.102.7:1194 Thu Feb 22 20:53:42 2018 Socket Buffers: R=[65536->65536] S=[65536->65536] Thu Feb 22 20:53:42 2018 UDP link local: (not bound) Thu Feb 22 20:53:42 2018 UDP link remote: [AF_INET]XX.XX.XX.XX:1194 Thu Feb 22 20:53:42 2018 MANAGEMENT: >STATE:1519329222,WAIT. Thu Feb 22 20:53:42 2018 read UDP: Unknown error (code=10054) Thu Feb 22 20:53:44 2018 read UDP: Unknown error (code=10054) Thu Feb 22 20:53:48 2018 read UDP: Unknown error (code=10054)
The text was updated successfully, but these errors were encountered:
On windows, socket error 10054 means connection reset (as per msdn). Could be a temporary issue with your server. If the server is working fine (i.e other clients can connect and stay on), and the problem is persistent, then open a ticket in openvpn trac with any relevant info (OS, openvpn version and server/client configs etc.).
I’m having this issue too:
Winsocks error 10065 is host unreachable (in this case the direct link to the VPN server) which could happen if you lost the default route or the vpn network conflicts with your LAN IP etc.
Please post a verb = 4 log. To get such a log add «verb 4» (without quotes) to the config file and reconnect. The log file may be opened using the view log menu of the GUI. Also include the output of «ifconfig /all» and «route print» run from a command prompt.
Источник
OpenVPN Support Forum
Community Support Forum
TLS Error: TLS key negotiation failed — read UDP: Unknown error (code=10054)
TLS Error: TLS key negotiation failed — read UDP: Unknown error (code=10054)
Post by net.admin » Wed Oct 04, 2017 12:17 pm
This is my first non point to point openvpn and it’s doing my head in.
I’m using Win7 as the server, and Win10 as a client. This is a proof of concept test environment. N0 router or firewall (software or hardware) is in use. The client lives on the same subnet as the server and can ping it. The server address of 192.11.5.199 is the actual Win7 server address. Client machine is currently on 192.11.5.x.
In the below log I see two errors, the «unknown 10054» and the tls. I’m presuming one is causing the other, but that’s somewhat a guess also.
If someone could kindly take a look I’d appreciate a nudge in the right direction. I’m guessing I’ve missed something but I’m damned if I can see what.
client
dev tun
proto udp
remote 192.11.5.199 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca «C:\Program Files\OpenVPN\config\ca.crt»
cert «C:\Program Files\OpenVPN\config\markg.crt»
key «C:\Program Files\OpenVPN\config\markg.key»
tls-auth «C:\Program Files\OpenVPN\config\ta.key» 1
#################################################
# Sample OpenVPN 2.0 config file for #
# multi-client server. #
# #
# This file is for the server side #
# of a many-clients one-server #
# OpenVPN configuration. #
# #
# OpenVPN also supports #
# single-machine single-machine #
# configurations (See the Examples page #
# on the web site for more info). #
# #
# This config should work on Windows #
# or Linux/BSD systems. Remember on #
# Windows to quote pathnames and use #
# double backslashes, e.g.: #
# «C:\Program Files\OpenVPN\config\foo.key» #
# #
# Comments are preceded with ‘#’ or ‘;’ #
#################################################
# Which local IP address should OpenVPN
# listen on? (optional)
;local a.b.c.d
# Which TCP/UDP port should OpenVPN listen on?
# If you want to run multiple OpenVPN instances
# on the same machine, use a different port
# number for each one. You will need to
# open up this port on your firewall.
port 1194
# TCP or UDP server?
;proto tcp
proto udp
# «dev tun» will create a routed IP tunnel,
# «dev tap» will create an ethernet tunnel.
# Use «dev tap0» if you are ethernet bridging
# and have precreated a tap0 virtual interface
# and bridged it with your ethernet interface.
# If you want to control access policies
# over the VPN, you must create firewall
# rules for the the TUN/TAP interface.
# On non-Windows systems, you can give
# an explicit unit number, such as tun0.
# On Windows, use «dev-node» for this.
# On most systems, the VPN will not function
# unless you partially or fully disable
# the firewall for the TUN/TAP interface.
;dev tap
dev tun
# Windows needs the TAP-Win32 adapter name
# from the Network Connections panel if you
# have more than one. On XP SP2 or higher,
# you may need to selectively disable the
# Windows firewall for the TAP adapter.
# Non-Windows systems usually don’t need this.
;dev-node MyTap
# SSL/TLS root certificate (ca), certificate
# (cert), and private key (key). Each client
# and the server must have their own cert and
# key file. The server and all clients will
# use the same ca file.
#
# See the «easy-rsa» directory for a series
# of scripts for generating RSA certificates
# and private keys. Remember to use
# a unique Common Name for the server
# and each of the client certificates.
#
# Any X509 key management system can be used.
# OpenVPN can also use a PKCS #12 formatted key file
# (see «pkcs12» directive in man page).
ca «C:\Program Files\OpenVPN\config\ca.crt»
cert «C:\Program Files\OpenVPN\config\server.crt»
key «C:\Program Files\OpenVPN\config\server.key»
# This file should be kept secret
# Diffie hellman parameters.
# Generate your own with:
# openssl dhparam -out dh2048.pem 2048
dh «C:\Program Files\OpenVPN\config\dh4096.pem»
# Network topology
# Should be subnet (addressing via IP)
# unless Windows clients v2.0.9 and lower have to
# be supported (then net30, i.e. a /30 per client)
# Defaults to net30 (not recommended)
;topology subnet
# Configure server mode and supply a VPN subnet
# for OpenVPN to draw client addresses from.
# The server will take 10.8.0.1 for itself,
# the rest will be made available to clients.
# Each client will be able to reach the server
# on 10.8.0.1. Comment this line out if you are
# ethernet bridging. See the man page for more info.
server 10.8.0.0 255.255.255.0
# Maintain a record of client virtual IP address
# associations in this file. If OpenVPN goes down or
# is restarted, reconnecting clients can be assigned
# the same virtual IP address from the pool that was
# previously assigned.
ifconfig-pool-persist ipp.txt
# Configure server mode for ethernet bridging.
# You must first use your OS’s bridging capability
# to bridge the TAP interface with the ethernet
# NIC interface. Then you must manually set the
# IP/netmask on the bridge interface, here we
# assume 10.8.0.4/255.255.255.0. Finally we
# must set aside an IP range in this subnet
# (start=10.8.0.50 end=10.8.0.100) to allocate
# to connecting clients. Leave this line commented
# out unless you are ethernet bridging.
;server-bridge 10.8.0.4 255.255.255.0 10.8.0.50 10.8.0.100
# Configure server mode for ethernet bridging
# using a DHCP-proxy, where clients talk
# to the OpenVPN server-side DHCP server
# to receive their IP address allocation
# and DNS server addresses. You must first use
# your OS’s bridging capability to bridge the TAP
# interface with the ethernet NIC interface.
# Note: this mode only works on clients (such as
# Windows), where the client-side TAP adapter is
# bound to a DHCP client.
;server-bridge
# Push routes to the client to allow it
# to reach other private subnets behind
# the server. Remember that these
# private subnets will also need
# to know to route the OpenVPN client
# address pool (10.8.0.0/255.255.255.0)
# back to the OpenVPN server.
;push «route 192.168.10.0 255.255.255.0»
;push «route 192.168.20.0 255.255.255.0»
# To assign specific IP addresses to specific
# clients or if a connecting client has a private
# subnet behind it that should also have VPN access,
# use the subdirectory «ccd» for client-specific
# configuration files (see man page for more info).
# EXAMPLE: Suppose the client
# having the certificate common name «Thelonious»
# also has a small subnet behind his connecting
# machine, such as 192.168.40.128/255.255.255.248.
# First, uncomment out these lines:
;client-config-dir ccd
;route 192.168.40.128 255.255.255.248
# Then create a file ccd/Thelonious with this line:
# iroute 192.168.40.128 255.255.255.248
# This will allow Thelonious’ private subnet to
# access the VPN. This example will only work
# if you are routing, not bridging, i.e. you are
# using «dev tun» and «server» directives.
# EXAMPLE: Suppose you want to give
# Thelonious a fixed VPN IP address of 10.9.0.1.
# First uncomment out these lines:
;client-config-dir ccd
;route 10.9.0.0 255.255.255.252
# Then add this line to ccd/Thelonious:
# ifconfig-push 10.9.0.1 10.9.0.2
# Suppose that you want to enable different
# firewall access policies for different groups
# of clients. There are two methods:
# (1) Run multiple OpenVPN daemons, one for each
# group, and firewall the TUN/TAP interface
# for each group/daemon appropriately.
# (2) (Advanced) Create a script to dynamically
# modify the firewall in response to access
# from different clients. See man
# page for more info on learn-address script.
;learn-address ./script
# If enabled, this directive will configure
# all clients to redirect their default
# network gateway through the VPN, causing
# all IP traffic such as web browsing and
# and DNS lookups to go through the VPN
# (The OpenVPN server machine may need to NAT
# or bridge the TUN/TAP interface to the internet
# in order for this to work properly).
;push «redirect-gateway def1 bypass-dhcp»
# Certain Windows-specific network settings
# can be pushed to clients, such as DNS
# or WINS server addresses. CAVEAT:
# http://openvpn.net/faq.html#dhcpcaveats
# The addresses below refer to the public
# DNS servers provided by opendns.com.
;push «dhcp-option DNS 208.67.222.222»
;push «dhcp-option DNS 208.67.220.220»
# Uncomment this directive to allow different
# clients to be able to «see» each other.
# By default, clients will only see the server.
# To force clients to only see the server, you
# will also need to appropriately firewall the
# server’s TUN/TAP interface.
;client-to-client
# Uncomment this directive if multiple clients
# might connect with the same certificate/key
# files or common names. This is recommended
# only for testing purposes. For production use,
# each client should have its own certificate/key
# pair.
#
# IF YOU HAVE NOT GENERATED INDIVIDUAL
# CERTIFICATE/KEY PAIRS FOR EACH CLIENT,
# EACH HAVING ITS OWN UNIQUE «COMMON NAME»,
# UNCOMMENT THIS LINE OUT.
;duplicate-cn
# The keepalive directive causes ping-like
# messages to be sent back and forth over
# the link so that each side knows when
# the other side has gone down.
# Ping every 10 seconds, assume that remote
# peer is down if no ping received during
# a 120 second time period.
keepalive 10 120
# For extra security beyond that provided
# by SSL/TLS, create an «HMAC firewall»
# to help block DoS attacks and UDP port flooding.
#
# Generate with:
# openvpn —genkey —secret ta.key
#
# The server and each client must have
# a copy of this key.
# The second parameter should be ‘0’
# on the server and ‘1’ on the clients.
tls-auth «C:\Program Files\OpenVPN\ta.key» 0
# This file is secret
# Select a cryptographic cipher.
# This config item must be copied to
# the client config file as well.
# Note that v2.4 client/server will automatically
# negotiate AES-256-GCM in TLS mode.
# See also the ncp-cipher option in the manpage
cipher AES-256-CBC
# Enable compression on the VPN link and push the
# option to the client (v2.4+ only, for earlier
# versions see below)
;compress lz4-v2
;push «compress lz4-v2»
# For compression compatible with older clients use comp-lzo
# If you enable it here, you must also
# enable it in the client config file.
;comp-lzo
# The maximum number of concurrently connected
# clients we want to allow.
;max-clients 100
# It’s a good idea to reduce the OpenVPN
# daemon’s privileges after initialization.
#
# You can uncomment this out on
# non-Windows systems.
;user nobody
;group nobody
# The persist options will try to avoid
# accessing certain resources on restart
# that may no longer be accessible because
# of the privilege downgrade.
persist-key
persist-tun
# Output a short status file showing
# current connections, truncated
# and rewritten every minute.
status openvpn-status.log
# By default, log messages will go to the syslog (or
# on Windows, if running as a service, they will go to
# the «Program FilesOpenVPNlog» directory).
# Use log or log-append to override this default.
# «log» will truncate the log file on OpenVPN startup,
# while «log-append» will append to it. Use one
# or the other (but not both).
;log openvpn.log
;log-append openvpn.log
# Set the appropriate level of log
# file verbosity.
#
# 0 is silent, except for fatal errors
# 4 is reasonable for general usage
# 5 and 6 can help to debug connection problems
# 9 is extremely verbose
verb 6
# Silence repeating messages. At most 20
# sequential messages of the same message
# category will be output to the log.
;mute 20
# Notify the client that when the server restarts so it
# can automatically reconnect.
explicit-exit-notify 1
Источник
Что не так проброшенонастроено?
конфиг сервера
spoiler
port 1194
;proto tcp
proto udp
;dev tap
dev tun
;dev-node MyTap
ca ca.crt
cert server.crt
key server.key
dh dh2048.pem
;topology subnet
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
;server-bridge 10.8.0.4 255.255.255.0 10.8.0.50 10.8.0.100
;server-bridge
;push «route 192.168.10.0 255.255.255.0»
;push «route 192.168.20.0 255.255.255.0»
;client-config-dir ccd
;route 192.168.40.128 255.255.255.248
;client-config-dir ccd
;route 10.9.0.0 255.255.255.252
;learn-address ./script
;push «redirect-gateway def1 bypass-dhcp»
;push «dhcp-option DNS 208.67.222.222»
;push «dhcp-option DNS 208.67.220.220»
;client-to-client
;duplicate-cn
keepalive 10 120
#tls-auth ta.key 0 # This file is secret
cipher AES-256-CBC
;compress lz4-v2
;push «compress lz4-v2»
;comp-lzo
;max-clients 100
;user nobody
;group nobody
persist-key
persist-tun
status openvpn-status.log
;log openvpn.log
;log-append openvpn.log
verb 3
;mute 20
explicit-exit-notify 1
На стороне сервера нет доступа к рутёру, но по моей просьбе пробросили UDP 1194 и 5194
Лог:
spoiler
Wed Jan 16 09:05:00 2019 OpenVPN 2.4.6 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Apr 26 2018
Wed Jan 16 09:05:00 2019 Windows version 6.2 (Windows 8 or greater) 64bit
Wed Jan 16 09:05:00 2019 library versions: OpenSSL 1.1.0h 27 Mar 2018, LZO 2.10
Wed Jan 16 09:05:00 2019 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Wed Jan 16 09:05:00 2019 Need hold release from management interface, waiting…
Wed Jan 16 09:05:01 2019 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Wed Jan 16 09:05:01 2019 MANAGEMENT: CMD ‘state on’
Wed Jan 16 09:05:01 2019 MANAGEMENT: CMD ‘log all on’
Wed Jan 16 09:05:01 2019 MANAGEMENT: CMD ‘echo all on’
Wed Jan 16 09:05:01 2019 MANAGEMENT: CMD ‘bytecount 5’
Wed Jan 16 09:05:01 2019 MANAGEMENT: CMD ‘hold off’
Wed Jan 16 09:05:01 2019 MANAGEMENT: CMD ‘hold release’
Wed Jan 16 09:05:01 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]79.122.152.6:1194
Wed Jan 16 09:05:01 2019 Socket Buffers: R=[65536->65536] S=[65536->65536]
Wed Jan 16 09:05:01 2019 UDP link local: (not bound)
Wed Jan 16 09:05:01 2019 UDP link remote: [AF_INET]79.122.152.6:1194
Wed Jan 16 09:05:01 2019 MANAGEMENT: >STATE:1547618701,WAIT,,,,,,
Wed Jan 16 09:05:01 2019 read UDP: Unknown error (code=10054)
I want to set up an OpenVPN Server on a CentOS 7 server. From my ISP, I only have public IPv6 address, the IPv4 is NAT-ed at the ISP, so I decided to configure my VPN to be based on IPv6.
I followed this tutorial, which means I used the downloaded script to set things up for me with IPv4, then alter the config to be IPv6 compatible. The result is:
port 1194
proto udp
dev tun
sndbuf 0
rcvbuf 0
ca ca.crt
cert server.crt
key server.key
dh dh.pem
auth SHA512
tls-auth ta.key 0
topology subnet
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 192.168.10.1"
keepalive 10 120
cipher AES-256-CBC
user nobody
group nobody
persist-key
persist-tun
status openvpn-status.log
verb 4
crl-verify crl.pem
log-append /var/log/openvpn.log
server-ipv6 2001:db8:0:123::/64
tun-ipv6
push tun-ipv6
ifconfig-ipv6 2001:db8:0:123::1 2001:db8:0:123::2
push "route-ipv6 2001:db8:0:abc::/64"
push "route-ipv6 2000::/3"
The server started up successfully, so I downloaded the client.ovpn file on the client, but I get Thu Jan 10 23:53:23 2019 read UDP: Unknown error (code=10054), which should mean that it failed to connect to the host, but I’m already connected to the target machine with SSH. I also have the port 1194 open on the firewall.
server log:
Thu Jan 10 22:55:02 2019 us=932367 event_wait : Interrupted system call (code=4)
Thu Jan 10 22:55:02 2019 us=933688 TCP/UDP: Closing socket
Thu Jan 10 22:55:02 2019 us=933822 Closing TUN/TAP interface
Thu Jan 10 22:55:02 2019 us=933907 /sbin/ip addr del dev tun0 10.8.0.1/24
RTNETLINK answers: Operation not permitted
Thu Jan 10 22:55:02 2019 us=943788 Linux ip addr del failed: external program exited with error status: 2
Thu Jan 10 22:55:02 2019 us=943944 /sbin/ip -6 addr del 2001:db8:0:123::1/64 dev tun0
RTNETLINK answers: Operation not permitted
Thu Jan 10 22:55:02 2019 us=948530 Linux ip -6 addr del failed: external program exited with error status: 2
Thu Jan 10 22:55:02 2019 us=963888 SIGTERM[hard,] received, process exiting
Thu Jan 10 22:55:03 2019 Note: option tun-ipv6 is ignored because modern operating systems do not need special IPv6 tun handling anymore.
Thu Jan 10 22:55:03 2019 us=23634 Current Parameter Settings:
Thu Jan 10 22:55:03 2019 us=23684 config = 'server.conf'
Thu Jan 10 22:55:03 2019 us=23720 mode = 1
Thu Jan 10 22:55:03 2019 us=23754 persist_config = DISABLED
Thu Jan 10 22:55:03 2019 us=23788 persist_mode = 1
Thu Jan 10 22:55:03 2019 us=23822 show_ciphers = DISABLED
Thu Jan 10 22:55:03 2019 us=23855 show_digests = DISABLED
Thu Jan 10 22:55:03 2019 us=23889 show_engines = DISABLED
Thu Jan 10 22:55:03 2019 us=23922 genkey = DISABLED
Thu Jan 10 22:55:03 2019 us=23955 key_pass_file = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=23989 show_tls_ciphers = DISABLED
Thu Jan 10 22:55:03 2019 us=24022 connect_retry_max = 0
Thu Jan 10 22:55:03 2019 us=24056 Connection profiles [0]:
Thu Jan 10 22:55:03 2019 us=24092 proto = udp
Thu Jan 10 22:55:03 2019 us=24126 local = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=24160 local_port = '1194'
Thu Jan 10 22:55:03 2019 us=24193 remote = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=24227 remote_port = '1194'
Thu Jan 10 22:55:03 2019 us=24279 remote_float = DISABLED
Thu Jan 10 22:55:03 2019 us=24313 bind_defined = DISABLED
Thu Jan 10 22:55:03 2019 us=24346 bind_local = ENABLED
Thu Jan 10 22:55:03 2019 us=24380 bind_ipv6_only = DISABLED
Thu Jan 10 22:55:03 2019 us=24413 connect_retry_seconds = 5
Thu Jan 10 22:55:03 2019 us=24447 connect_timeout = 120
Thu Jan 10 22:55:03 2019 us=24482 socks_proxy_server = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=24515 socks_proxy_port = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=24549 tun_mtu = 1500
Thu Jan 10 22:55:03 2019 us=24583 tun_mtu_defined = ENABLED
Thu Jan 10 22:55:03 2019 us=24616 link_mtu = 1500
Thu Jan 10 22:55:03 2019 us=24650 link_mtu_defined = DISABLED
Thu Jan 10 22:55:03 2019 us=24683 tun_mtu_extra = 0
Thu Jan 10 22:55:03 2019 us=24717 tun_mtu_extra_defined = DISABLED
Thu Jan 10 22:55:03 2019 us=24750 mtu_discover_type = -1
Thu Jan 10 22:55:03 2019 us=24784 fragment = 0
Thu Jan 10 22:55:03 2019 us=24818 mssfix = 1450
Thu Jan 10 22:55:03 2019 us=24854 explicit_exit_notification = 0
Thu Jan 10 22:55:03 2019 us=24887 Connection profiles END
Thu Jan 10 22:55:03 2019 us=24920 remote_random = DISABLED
Thu Jan 10 22:55:03 2019 us=24956 ipchange = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=24990 dev = 'tun'
Thu Jan 10 22:55:03 2019 us=25023 dev_type = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=25057 dev_node = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=25090 lladdr = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=25124 topology = 3
Thu Jan 10 22:55:03 2019 us=25157 ifconfig_local = '10.8.0.1'
Thu Jan 10 22:55:03 2019 us=25193 ifconfig_remote_netmask = '255.255.255.0'
Thu Jan 10 22:55:03 2019 us=25227 ifconfig_noexec = DISABLED
Thu Jan 10 22:55:03 2019 us=25274 ifconfig_nowarn = DISABLED
Thu Jan 10 22:55:03 2019 us=25307 ifconfig_ipv6_local = '2001:db8:0:123::1'
Thu Jan 10 22:55:03 2019 us=25341 ifconfig_ipv6_netbits = 64
Thu Jan 10 22:55:03 2019 us=25377 ifconfig_ipv6_remote = '2001:db8:0:123::2'
Thu Jan 10 22:55:03 2019 us=25411 shaper = 0
Thu Jan 10 22:55:03 2019 us=25445 mtu_test = 0
Thu Jan 10 22:55:03 2019 us=25478 mlock = DISABLED
Thu Jan 10 22:55:03 2019 us=25512 keepalive_ping = 10
Thu Jan 10 22:55:03 2019 us=25547 keepalive_timeout = 120
Thu Jan 10 22:55:03 2019 us=25581 inactivity_timeout = 0
Thu Jan 10 22:55:03 2019 us=25616 ping_send_timeout = 10
Thu Jan 10 22:55:03 2019 us=25650 ping_rec_timeout = 240
Thu Jan 10 22:55:03 2019 us=25685 ping_rec_timeout_action = 2
Thu Jan 10 22:55:03 2019 us=25720 ping_timer_remote = DISABLED
Thu Jan 10 22:55:03 2019 us=25755 remap_sigusr1 = 0
Thu Jan 10 22:55:03 2019 us=25789 persist_tun = ENABLED
Thu Jan 10 22:55:03 2019 us=25825 persist_local_ip = DISABLED
Thu Jan 10 22:55:03 2019 us=25861 persist_remote_ip = DISABLED
Thu Jan 10 22:55:03 2019 us=25894 persist_key = ENABLED
Thu Jan 10 22:55:03 2019 us=25940 passtos = DISABLED
Thu Jan 10 22:55:03 2019 us=25975 resolve_retry_seconds = 1000000000
Thu Jan 10 22:55:03 2019 us=26009 resolve_in_advance = DISABLED
Thu Jan 10 22:55:03 2019 us=26043 username = 'nobody'
Thu Jan 10 22:55:03 2019 us=26078 groupname = 'nobody'
Thu Jan 10 22:55:03 2019 us=26114 chroot_dir = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=26150 cd_dir = '/etc/openvpn/'
Thu Jan 10 22:55:03 2019 us=26183 selinux_context = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=26219 writepid = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=26278 up_script = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=26313 down_script = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=26347 down_pre = DISABLED
Thu Jan 10 22:55:03 2019 us=26381 up_restart = DISABLED
Thu Jan 10 22:55:03 2019 us=26415 up_delay = DISABLED
Thu Jan 10 22:55:03 2019 us=26450 daemon = DISABLED
Thu Jan 10 22:55:03 2019 us=26484 inetd = 0
Thu Jan 10 22:55:03 2019 us=26519 log = ENABLED
Thu Jan 10 22:55:03 2019 us=26555 suppress_timestamps = DISABLED
Thu Jan 10 22:55:03 2019 us=26591 machine_readable_output = DISABLED
Thu Jan 10 22:55:03 2019 us=26624 nice = 0
Thu Jan 10 22:55:03 2019 us=26660 verbosity = 4
Thu Jan 10 22:55:03 2019 us=26696 mute = 0
Thu Jan 10 22:55:03 2019 us=26729 gremlin = 0
Thu Jan 10 22:55:03 2019 us=26762 status_file = 'openvpn-status.log'
Thu Jan 10 22:55:03 2019 us=26796 status_file_version = 1
Thu Jan 10 22:55:03 2019 us=26829 status_file_update_freq = 60
Thu Jan 10 22:55:03 2019 us=26863 occ = ENABLED
Thu Jan 10 22:55:03 2019 us=26896 rcvbuf = 0
Thu Jan 10 22:55:03 2019 us=26929 sndbuf = 0
Thu Jan 10 22:55:03 2019 us=26962 mark = 0
Thu Jan 10 22:55:03 2019 us=26996 sockflags = 0
Thu Jan 10 22:55:03 2019 us=27029 fast_io = DISABLED
Thu Jan 10 22:55:03 2019 us=27062 comp.alg = 0
Thu Jan 10 22:55:03 2019 us=27098 comp.flags = 0
Thu Jan 10 22:55:03 2019 us=27132 route_script = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=27166 route_default_gateway = '10.8.0.2'
Thu Jan 10 22:55:03 2019 us=27200 route_default_metric = 0
Thu Jan 10 22:55:03 2019 us=27234 route_noexec = DISABLED
Thu Jan 10 22:55:03 2019 us=27295 route_delay = 0
Thu Jan 10 22:55:03 2019 us=27330 route_delay_window = 30
Thu Jan 10 22:55:03 2019 us=27366 route_delay_defined = DISABLED
Thu Jan 10 22:55:03 2019 us=27402 route_nopull = DISABLED
Thu Jan 10 22:55:03 2019 us=27438 route_gateway_via_dhcp = DISABLED
Thu Jan 10 22:55:03 2019 us=27472 allow_pull_fqdn = DISABLED
Thu Jan 10 22:55:03 2019 us=27507 management_addr = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=27544 management_port = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=27580 management_user_pass = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=27614 management_log_history_cache = 250
Thu Jan 10 22:55:03 2019 us=27651 management_echo_buffer_size = 100
Thu Jan 10 22:55:03 2019 us=27685 management_write_peer_info_file = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=27721 management_client_user = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=27755 management_client_group = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=27789 management_flags = 0
Thu Jan 10 22:55:03 2019 us=27826 shared_secret_file = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=27860 key_direction = 0
Thu Jan 10 22:55:03 2019 us=27896 ciphername = 'AES-256-CBC'
Thu Jan 10 22:55:03 2019 us=27930 ncp_enabled = ENABLED
Thu Jan 10 22:55:03 2019 us=27964 ncp_ciphers = 'AES-256-GCM:AES-128-GCM'
Thu Jan 10 22:55:03 2019 us=27998 authname = 'SHA512'
Thu Jan 10 22:55:03 2019 us=28034 prng_hash = 'SHA1'
Thu Jan 10 22:55:03 2019 us=28068 prng_nonce_secret_len = 16
Thu Jan 10 22:55:03 2019 us=28105 keysize = 0
Thu Jan 10 22:55:03 2019 us=28138 engine = DISABLED
Thu Jan 10 22:55:03 2019 us=28174 replay = ENABLED
Thu Jan 10 22:55:03 2019 us=28210 mute_replay_warnings = DISABLED
Thu Jan 10 22:55:03 2019 us=28260 replay_window = 64
Thu Jan 10 22:55:03 2019 us=28332 replay_time = 15
Thu Jan 10 22:55:03 2019 us=28377 packet_id_file = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=28422 use_iv = ENABLED
Thu Jan 10 22:55:03 2019 us=28476 test_crypto = DISABLED
Thu Jan 10 22:55:03 2019 us=28519 tls_server = ENABLED
Thu Jan 10 22:55:03 2019 us=28561 tls_client = DISABLED
Thu Jan 10 22:55:03 2019 us=28604 key_method = 2
Thu Jan 10 22:55:03 2019 us=28646 ca_file = 'ca.crt'
Thu Jan 10 22:55:03 2019 us=28689 ca_path = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=28731 dh_file = 'dh.pem'
Thu Jan 10 22:55:03 2019 us=28776 cert_file = 'server.crt'
Thu Jan 10 22:55:03 2019 us=28819 extra_certs_file = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=28864 priv_key_file = 'server.key'
Thu Jan 10 22:55:03 2019 us=28910 pkcs12_file = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=28952 cipher_list = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=28995 tls_cert_profile = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=29037 tls_verify = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=29080 tls_export_cert = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=29123 verify_x509_type = 0
Thu Jan 10 22:55:03 2019 us=29166 verify_x509_name = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=29208 crl_file = 'crl.pem'
Thu Jan 10 22:55:03 2019 us=29267 ns_cert_type = 0
Thu Jan 10 22:55:03 2019 us=29319 remote_cert_ku[i] = 0
Thu Jan 10 22:55:03 2019 us=29362 remote_cert_ku[i] = 0
Thu Jan 10 22:55:03 2019 us=29405 remote_cert_ku[i] = 0
Thu Jan 10 22:55:03 2019 us=29448 remote_cert_ku[i] = 0
Thu Jan 10 22:55:03 2019 us=29491 remote_cert_ku[i] = 0
Thu Jan 10 22:55:03 2019 us=29533 remote_cert_ku[i] = 0
Thu Jan 10 22:55:03 2019 us=29576 remote_cert_ku[i] = 0
Thu Jan 10 22:55:03 2019 us=29619 remote_cert_ku[i] = 0
Thu Jan 10 22:55:03 2019 us=29661 remote_cert_ku[i] = 0
Thu Jan 10 22:55:03 2019 us=29704 remote_cert_ku[i] = 0
Thu Jan 10 22:55:03 2019 us=29747 remote_cert_ku[i] = 0
Thu Jan 10 22:55:03 2019 us=29789 remote_cert_ku[i] = 0
Thu Jan 10 22:55:03 2019 us=29832 remote_cert_ku[i] = 0
Thu Jan 10 22:55:03 2019 us=29875 remote_cert_ku[i] = 0
Thu Jan 10 22:55:03 2019 us=29917 remote_cert_ku[i] = 0
Thu Jan 10 22:55:03 2019 us=29960 remote_cert_ku[i] = 0
Thu Jan 10 22:55:03 2019 us=30005 remote_cert_eku = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=30048 ssl_flags = 0
Thu Jan 10 22:55:03 2019 us=30091 tls_timeout = 2
Thu Jan 10 22:55:03 2019 us=30134 renegotiate_bytes = -1
Thu Jan 10 22:55:03 2019 us=30177 renegotiate_packets = 0
Thu Jan 10 22:55:03 2019 us=30220 renegotiate_seconds = 3600
Thu Jan 10 22:55:03 2019 us=30288 handshake_window = 60
Thu Jan 10 22:55:03 2019 us=30332 transition_window = 3600
Thu Jan 10 22:55:03 2019 us=30375 single_session = DISABLED
Thu Jan 10 22:55:03 2019 us=30417 push_peer_info = DISABLED
Thu Jan 10 22:55:03 2019 us=30460 tls_exit = DISABLED
Thu Jan 10 22:55:03 2019 us=30502 tls_auth_file = 'ta.key'
Thu Jan 10 22:55:03 2019 us=30545 tls_crypt_file = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=30588 pkcs11_protected_authentication = DISABLED
Thu Jan 10 22:55:03 2019 us=30631 pkcs11_protected_authentication = DISABLED
Thu Jan 10 22:55:03 2019 us=30673 pkcs11_protected_authentication = DISABLED
Thu Jan 10 22:55:03 2019 us=30716 pkcs11_protected_authentication = DISABLED
Thu Jan 10 22:55:03 2019 us=30759 pkcs11_protected_authentication = DISABLED
Thu Jan 10 22:55:03 2019 us=30801 pkcs11_protected_authentication = DISABLED
Thu Jan 10 22:55:03 2019 us=30844 pkcs11_protected_authentication = DISABLED
Thu Jan 10 22:55:03 2019 us=30889 pkcs11_protected_authentication = DISABLED
Thu Jan 10 22:55:03 2019 us=30931 pkcs11_protected_authentication = DISABLED
Thu Jan 10 22:55:03 2019 us=30974 pkcs11_protected_authentication = DISABLED
Thu Jan 10 22:55:03 2019 us=31016 pkcs11_protected_authentication = DISABLED
Thu Jan 10 22:55:03 2019 us=31059 pkcs11_protected_authentication = DISABLED
Thu Jan 10 22:55:03 2019 us=31102 pkcs11_protected_authentication = DISABLED
Thu Jan 10 22:55:03 2019 us=31144 pkcs11_protected_authentication = DISABLED
Thu Jan 10 22:55:03 2019 us=31187 pkcs11_protected_authentication = DISABLED
Thu Jan 10 22:55:03 2019 us=31229 pkcs11_protected_authentication = DISABLED
Thu Jan 10 22:55:03 2019 us=31299 pkcs11_private_mode = 00000000
Thu Jan 10 22:55:03 2019 us=31344 pkcs11_private_mode = 00000000
Thu Jan 10 22:55:03 2019 us=31387 pkcs11_private_mode = 00000000
Thu Jan 10 22:55:03 2019 us=31431 pkcs11_private_mode = 00000000
Thu Jan 10 22:55:03 2019 us=31474 pkcs11_private_mode = 00000000
Thu Jan 10 22:55:03 2019 us=31517 pkcs11_private_mode = 00000000
Thu Jan 10 22:55:03 2019 us=31560 pkcs11_private_mode = 00000000
Thu Jan 10 22:55:03 2019 us=31603 pkcs11_private_mode = 00000000
Thu Jan 10 22:55:03 2019 us=31646 pkcs11_private_mode = 00000000
Thu Jan 10 22:55:03 2019 us=31689 pkcs11_private_mode = 00000000
Thu Jan 10 22:55:03 2019 us=31733 pkcs11_private_mode = 00000000
Thu Jan 10 22:55:03 2019 us=31776 pkcs11_private_mode = 00000000
Thu Jan 10 22:55:03 2019 us=31819 pkcs11_private_mode = 00000000
Thu Jan 10 22:55:03 2019 us=31862 pkcs11_private_mode = 00000000
Thu Jan 10 22:55:03 2019 us=31905 pkcs11_private_mode = 00000000
Thu Jan 10 22:55:03 2019 us=31948 pkcs11_private_mode = 00000000
Thu Jan 10 22:55:03 2019 us=31993 pkcs11_cert_private = DISABLED
Thu Jan 10 22:55:03 2019 us=32035 pkcs11_cert_private = DISABLED
Thu Jan 10 22:55:03 2019 us=32078 pkcs11_cert_private = DISABLED
Thu Jan 10 22:55:03 2019 us=32120 pkcs11_cert_private = DISABLED
Thu Jan 10 22:55:03 2019 us=32163 pkcs11_cert_private = DISABLED
Thu Jan 10 22:55:03 2019 us=32205 pkcs11_cert_private = DISABLED
Thu Jan 10 22:55:03 2019 us=32260 pkcs11_cert_private = DISABLED
Thu Jan 10 22:55:03 2019 us=32309 pkcs11_cert_private = DISABLED
Thu Jan 10 22:55:03 2019 us=32351 pkcs11_cert_private = DISABLED
Thu Jan 10 22:55:03 2019 us=32394 pkcs11_cert_private = DISABLED
Thu Jan 10 22:55:03 2019 us=32437 pkcs11_cert_private = DISABLED
Thu Jan 10 22:55:03 2019 us=32479 pkcs11_cert_private = DISABLED
Thu Jan 10 22:55:03 2019 us=32522 pkcs11_cert_private = DISABLED
Thu Jan 10 22:55:03 2019 us=32565 pkcs11_cert_private = DISABLED
Thu Jan 10 22:55:03 2019 us=32607 pkcs11_cert_private = DISABLED
Thu Jan 10 22:55:03 2019 us=32650 pkcs11_cert_private = DISABLED
Thu Jan 10 22:55:03 2019 us=32703 pkcs11_pin_cache_period = -1
Thu Jan 10 22:55:03 2019 us=32746 pkcs11_id = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=32789 pkcs11_id_management = DISABLED
Thu Jan 10 22:55:03 2019 us=32837 server_network = 10.8.0.0
Thu Jan 10 22:55:03 2019 us=32883 server_netmask = 255.255.255.0
Thu Jan 10 22:55:03 2019 us=32931 server_network_ipv6 = 2001:db8:0:123::
Thu Jan 10 22:55:03 2019 us=32975 server_netbits_ipv6 = 64
Thu Jan 10 22:55:03 2019 us=33021 server_bridge_ip = 0.0.0.0
Thu Jan 10 22:55:03 2019 us=33067 server_bridge_netmask = 0.0.0.0
Thu Jan 10 22:55:03 2019 us=33114 server_bridge_pool_start = 0.0.0.0
Thu Jan 10 22:55:03 2019 us=33160 server_bridge_pool_end = 0.0.0.0
Thu Jan 10 22:55:03 2019 us=33203 push_entry = 'redirect-gateway def1 bypass-dhcp'
Thu Jan 10 22:55:03 2019 us=33258 push_entry = 'dhcp-option DNS 192.168.10.1'
Thu Jan 10 22:55:03 2019 us=33308 push_entry = 'tun-ipv6'
Thu Jan 10 22:55:03 2019 us=33351 push_entry = 'route-ipv6 2001:db8:0:abc::/64'
Thu Jan 10 22:55:03 2019 us=33393 push_entry = 'route-ipv6 2000::/3'
Thu Jan 10 22:55:03 2019 us=33436 push_entry = 'tun-ipv6'
Thu Jan 10 22:55:03 2019 us=33479 push_entry = 'route-gateway 10.8.0.1'
Thu Jan 10 22:55:03 2019 us=33521 push_entry = 'topology subnet'
Thu Jan 10 22:55:03 2019 us=33564 push_entry = 'ping 10'
Thu Jan 10 22:55:03 2019 us=33606 push_entry = 'ping-restart 120'
Thu Jan 10 22:55:03 2019 us=33649 ifconfig_pool_defined = ENABLED
Thu Jan 10 22:55:03 2019 us=33697 ifconfig_pool_start = 10.8.0.2
Thu Jan 10 22:55:03 2019 us=33742 ifconfig_pool_end = 10.8.0.253
Thu Jan 10 22:55:03 2019 us=33787 ifconfig_pool_netmask = 255.255.255.0
Thu Jan 10 22:55:03 2019 us=33830 ifconfig_pool_persist_filename = 'ipp.txt'
Thu Jan 10 22:55:03 2019 us=33873 ifconfig_pool_persist_refresh_freq = 600
Thu Jan 10 22:55:03 2019 us=33919 ifconfig_ipv6_pool_defined = ENABLED
Thu Jan 10 22:55:03 2019 us=33976 ifconfig_ipv6_pool_base = 2001:db8:0:123::1000
Thu Jan 10 22:55:03 2019 us=34020 ifconfig_ipv6_pool_netbits = 64
Thu Jan 10 22:55:03 2019 us=34065 n_bcast_buf = 256
Thu Jan 10 22:55:03 2019 us=34107 tcp_queue_limit = 64
Thu Jan 10 22:55:03 2019 us=34153 real_hash_size = 256
Thu Jan 10 22:55:03 2019 us=34196 virtual_hash_size = 256
Thu Jan 10 22:55:03 2019 us=34255 client_connect_script = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=34307 learn_address_script = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=34352 client_disconnect_script = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=34395 client_config_dir = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=34440 ccd_exclusive = DISABLED
Thu Jan 10 22:55:03 2019 us=34485 tmp_dir = '/tmp'
Thu Jan 10 22:55:03 2019 us=34530 push_ifconfig_defined = DISABLED
Thu Jan 10 22:55:03 2019 us=34577 push_ifconfig_local = 0.0.0.0
Thu Jan 10 22:55:03 2019 us=34622 push_ifconfig_remote_netmask = 0.0.0.0
Thu Jan 10 22:55:03 2019 us=34668 push_ifconfig_ipv6_defined = DISABLED
Thu Jan 10 22:55:03 2019 us=34715 push_ifconfig_ipv6_local = ::/0
Thu Jan 10 22:55:03 2019 us=34760 push_ifconfig_ipv6_remote = ::
Thu Jan 10 22:55:03 2019 us=34802 enable_c2c = DISABLED
Thu Jan 10 22:55:03 2019 us=34845 duplicate_cn = DISABLED
Thu Jan 10 22:55:03 2019 us=34887 cf_max = 0
Thu Jan 10 22:55:03 2019 us=34931 cf_per = 0
Thu Jan 10 22:55:03 2019 us=34974 max_clients = 1024
Thu Jan 10 22:55:03 2019 us=35017 max_routes_per_client = 256
Thu Jan 10 22:55:03 2019 us=35060 auth_user_pass_verify_script = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=35102 auth_user_pass_verify_script_via_file = DISABLED
Thu Jan 10 22:55:03 2019 us=35145 auth_token_generate = DISABLED
Thu Jan 10 22:55:03 2019 us=35188 auth_token_lifetime = 0
Thu Jan 10 22:55:03 2019 us=35231 port_share_host = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=35291 port_share_port = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=35334 client = DISABLED
Thu Jan 10 22:55:03 2019 us=35376 pull = DISABLED
Thu Jan 10 22:55:03 2019 us=35419 auth_user_pass_file = '[UNDEF]'
Thu Jan 10 22:55:03 2019 us=35475 OpenVPN 2.4.6 x86_64-redhat-linux-gnu [Fedora EPEL patched] [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Apr 26 2018
Thu Jan 10 22:55:03 2019 us=35542 library versions: OpenSSL 1.0.2k-fips 26 Jan 2017, LZO 2.06
Thu Jan 10 22:55:03 2019 us=40832 NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x. Be aware that this might create routing conflicts if you connect to the VPN server from public locations such as internet cafes that use the same subnet.
Thu Jan 10 22:55:03 2019 us=43372 Diffie-Hellman initialized with 2048 bit key
Thu Jan 10 22:55:03 2019 us=45102 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Thu Jan 10 22:55:03 2019 us=45176 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Thu Jan 10 22:55:03 2019 us=45273 TLS-Auth MTU parms [ L:1621 D:1140 EF:110 EB:0 ET:0 EL:3 ]
Thu Jan 10 22:55:03 2019 us=51203 TUN/TAP device tun0 opened
Thu Jan 10 22:55:03 2019 us=51391 TUN/TAP TX queue length set to 100
Thu Jan 10 22:55:03 2019 us=51480 do_ifconfig, tt->did_ifconfig_ipv6_setup=1
Thu Jan 10 22:55:03 2019 us=51564 /sbin/ip link set dev tun0 up mtu 1500
Thu Jan 10 22:55:03 2019 us=57581 /sbin/ip addr add dev tun0 10.8.0.1/24 broadcast 10.8.0.255
Thu Jan 10 22:55:03 2019 us=62748 /sbin/ip -6 addr add 2001:db8:0:123::1/64 dev tun0
Thu Jan 10 22:55:03 2019 us=69805 Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
Thu Jan 10 22:55:03 2019 us=71518 Could not determine IPv4/IPv6 protocol. Using AF_INET
Thu Jan 10 22:55:03 2019 us=71646 Socket Buffers: R=[212992->212992] S=[212992->212992]
Thu Jan 10 22:55:03 2019 us=71934 UDPv4 link local (bound): [AF_INET][undef]:1194
Thu Jan 10 22:55:03 2019 us=71981 UDPv4 link remote: [AF_UNSPEC]
Thu Jan 10 22:55:03 2019 us=72044 GID set to nobody
Thu Jan 10 22:55:03 2019 us=72105 UID set to nobody
Thu Jan 10 22:55:03 2019 us=72209 MULTI: multi_init called, r=256 v=256
Thu Jan 10 22:55:03 2019 us=72335 IFCONFIG POOL IPv6: (IPv4) size=252, size_ipv6=65536, netbits=64, base_ipv6=2001:db8:0:123::1000
Thu Jan 10 22:55:03 2019 us=72405 IFCONFIG POOL: base=10.8.0.2 size=252, ipv6=1
Thu Jan 10 22:55:03 2019 us=72477 IFCONFIG POOL LIST
Thu Jan 10 22:55:03 2019 us=72676 Initialization Sequence Completed
client log (SO wouldn’t let me paste it in here)
Anyone has any input on how to solve this issue?
Skip to forum content
Форум проекта FreeOpenVPN.Org
Бесплатный VPN-доступ без ограничений
You are not logged in. Please login or register.
Active topics Unanswered topics
Pages 1
You must login or register to post a reply
1 12.10.2019 21:50:56
- Dappy22
- Новичок
- Offline
- Registered: 12.10.2019
- Posts: 4
Topic: Не могу подключиться к серверам (Unknown error (code=10054))
Sat Oct 12 20:04:44 2019 DEPRECATED OPTION: —max-routes option ignored.The number of routes is unlimited as of OpenVPN 2.4. This option will be removed in a future version, please remove it from your configuration.
Sat Oct 12 20:04:44 2019 OpenVPN 2.4.6 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Apr 26 2018
Sat Oct 12 20:04:44 2019 Windows version 6.2 (Windows 8 or greater) 64bit
Sat Oct 12 20:04:44 2019 library versions: OpenSSL 1.1.0h 27 Mar 2018, LZO 2.10
Enter Management Password:
Sat Oct 12 20:04:46 2019 Outgoing Control Channel Authentication: Using 160 bit message hash ‘SHA1’ for HMAC authentication
Sat Oct 12 20:04:46 2019 Incoming Control Channel Authentication: Using 160 bit message hash ‘SHA1’ for HMAC authentication
Sat Oct 12 20:04:46 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]46.30.42.252:13339
Sat Oct 12 20:04:46 2019 UDP link local: (not bound)
Sat Oct 12 20:04:46 2019 UDP link remote: [AF_INET]46.30.42.252:13339
Sat Oct 12 20:04:46 2019 read UDP: Unknown error (code=10054)
Sat Oct 12 20:04:49 2019 read UDP: Unknown error (code=10054)
Sat Oct 12 20:04:50 2019 Server poll timeout, restarting
Sat Oct 12 20:04:50 2019 SIGUSR1[soft,server_poll] received, process restarting
Sat Oct 12 20:04:50 2019 Outgoing Control Channel Authentication: Using 160 bit message hash ‘SHA1’ for HMAC authentication
Sat Oct 12 20:04:50 2019 Incoming Control Channel Authentication: Using 160 bit message hash ‘SHA1’ for HMAC authentication
Sat Oct 12 20:04:50 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]46.30.42.252:13339
Sat Oct 12 20:04:50 2019 UDP link local: (not bound)
Sat Oct 12 20:04:50 2019 UDP link remote: [AF_INET]46.30.42.252:13339
Sat Oct 12 20:04:50 2019 read UDP: Unknown error (code=10054)
Sat Oct 12 20:04:50 2019 SIGTERM[hard,] received, process exiting
Подскажите как мне быть и что делать? Все былые проблемы решал переустановкой самого впн, теперь не получается.
2 Reply by Rino 12.10.2019 22:13:39
- Rino
- Moderator
- Offline
- Registered: 20.05.2016
- Posts: 518
Re: Не могу подключиться к серверам (Unknown error (code=10054))
Какая локация? У нас нет сервера с данным IP…
3 Reply by Dappy22 12.10.2019 22:20:29
- Dappy22
- Новичок
- Offline
- Registered: 12.10.2019
- Posts: 4
Re: Не могу подключиться к серверам (Unknown error (code=10054))
Rino wrote:
Какая локация? У нас нет сервера с данным IP…
Все сервера России
4 Reply by Rino 12.10.2019 22:57:05
- Rino
- Moderator
- Offline
- Registered: 20.05.2016
- Posts: 518
Re: Не могу подключиться к серверам (Unknown error (code=10054))
Dappy22 wrote:
Все сервера России
Какие именно? Премиум или частные?
5 Reply by Dappy22 13.10.2019 12:20:03
- Dappy22
- Новичок
- Offline
- Registered: 12.10.2019
- Posts: 4
Re: Не могу подключиться к серверам (Unknown error (code=10054))
Rino wrote:
Dappy22 wrote:
Все сервера России
Какие именно? Премиум или частные?
частные
6 Reply by Rino 13.10.2019 12:41:24
- Rino
- Moderator
- Offline
- Registered: 20.05.2016
- Posts: 518
Re: Не могу подключиться к серверам (Unknown error (code=10054))
Под списком частных серверов каждого из направлений (касательно вашего вопроса — это Россия), есть важное предупреждение для пользователей:
Файлы конфигурации к VPN-серверам в России предоставлены частными лицами на добровольной основе.
Стабильная работа данного направления находится исключительно в компетенции владельцев серверов.
Posts: 6
Pages 1
You must login or register to post a reply
When it comes down to OpenVPN, it is one of the preferred choices for everyone who needs extra security and protection layer. However, OpenVPN comes with various errors that the general public and user base have no idea about.
For instance, read UDP: connection reset by peer (wsaeconnreset) (code=10054) is one of them. So, let’s see how we can resolve this error!
1. TCP
If you are using OpenVPN on a Windows computer, you will need to ensure the optimal network connection, along with the streamlined conversation. To begin with, you need the settings for TCP. TCP is actually the control protocol that helps in establishing and maintaining the network conversation. In addition, it will streamline how your system is sending the data packets to other devices.
2. Re-Install
To be honest, the majority of such issues are caused by configuration issues. Likewise, these issues are too complex to be changed through settings. For this purpose, it’s advised that you delete OpenVPN from the system and restart the computer. Once the computer switches on again, re-install it with default settings, and it will work fine.
On the other hand, if you don’t want to delete OpenVPN from the system abruptly, rebooting is also an option. For rebooting OpenVPN, make sure you exit it properly and close down all the relevant files as well. However, once you exit OpenVPN, we suggest rebooting the computer before you open it again.
3. Keys
While using OpenVPN, one needs to have technical knowledge regarding the matter. With this being said, read UDP: connection reset by peer (wsaeconnreset) (code=10054) error asks for the recreation of keys and certificates on OpenVPN network connection. In addition, you will need to redo the server and client certificates as well. For this purpose, the users can opt for RSA Key Management available on the official OpenVPN website.
4. IP Tables
IP tables play an essential role in optimizing the functionality of OpenVPN. Similarly, if there is an error, we suggest that you tweak up the IP tables. Also, for tweaking the IP tables, you will need to allow the TCP connection for the ports. On the other hand, if you are using other ports or UDP, you need to variate the line. In addition, you need to allow TUN interface connections for forwarding through other interfaces. Once you add the suitable lines, restart the IP table, and you will be done!
5. Certificates
To begin with, you need to ensure that certificates are functioned properly to work with OpenVPN. With this being said, you can use OpenSSL. For instance, if there is a malformation in the certificates in the configuration setting, this error will incur. So, you will need to run the default settings as it streamlines the certificates.
6. Firewall
Be it the OpenVPN or the operating system; you need to be extremely mindful about the firewall settings. In case you are running the third-party malware software, make sure that you add OpenVPN executables to the exception list. Once the software is added to the list, the error will diminish on its own!