Topic: Issues following wiki how-to openvpn-streamlined-server-setup

The content of this topic has been archived on 19 Apr 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.

Page 1 of 1

Post #1

ssdnvv

24 Aug 2017, 12:27

Hi,

I followed exactly the instruction of this howto and when calling

openssl req -x509 -new -sha512 -days 3650 -newkey rsa:4096 -keyout ca/OpenWrt-CA.key.pem -out ca/OpenWrt-CA.crt.pem -config ./openssl.cnf -extensions v3_ca_openwrt

I get the following error

3069895344:error:0E065068:lib(14):func(101):reason(104):NA:0:line 68

Looking into openssl.cnf, line 68 shows

crlnumber                       = $CRLDIR\crlnumber

This file is in place as it has been created beforehand in the tutorial...

Any suggestions on how to solve this issue?

Best,
ssdnvv

(Last edited by ssdnvv on 24 Aug 2017, 16:42)

Post #2

mk24

24 Aug 2017, 16:04

Since you asked for a workaround, make the certificates on a desktop machine. I would think there are X.509 programs for Windows if that is what you have.

Post #3

ssdnvv

24 Aug 2017, 16:45

@mk24: Thanks for your reply. You're right - I could do those certificates on a windows machine. But as I like tutorials I'd like to help making this how-to working.
I therefore precised my request in the first topic.

Maybe JW0914 could help - as he wrote the tutorial and created the openssl.cnf file.

Post #4

ssdnvv

27 Aug 2017, 16:40

Has anyone yet followed the tutorial without running into errors?

Post #5

JW0914

12 Sep 2017, 02:45

@ssdnvv I'll echo what I just posted on GitHub:

First, I apologize for the extremely late reply.

I was about to post my reply when I noticed what I think may be the issue: I'm assuming you followed the prerequisite instructions in the bottom half of the config, issuing echo 01 > crlnumber?

If so, I forgot to update that specific instruction with the edits done to
[ CA_default ], organizing CRL files into their own crl directory, meaning crlnumber was created in the root of the directory openssl.cnf resides in, whereas openssl is looking for it at crl/crlnumber. I've corrected this with a8ba16a.

If this is not the issue, please post what distro you're utilizing so I can power up a VM and troubleshoot.

(Last edited by JW0914 on 12 Sep 2017, 14:46)

Post #6

ssdnvv

28 Jan 2018, 23:26

@JW0914:
It's been a while since I had the time to digg deeper into connection with your configuration.
When connecting I get the following warning inside client log:
"WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info."
When searching the web for remote-cert-eku, I came across your posts at https://www.v13.gr/blog/?p=386.
Looking at the configuration client-config has option

remote-cert-eku "TLS Web Server Authentication"

whereas server has no corresponding option. Adding server option

remote-cert-eku "TLS Web Client Authentication"

solved that problem.
I changed your how-to accordingly.

(Last edited by ssdnvv on 28 Jan 2018, 23:28)

Post #7

JW0914

29 Jan 2018, 01:03

That doesn't belong in the server config, as option tls_server 1 specifies the server is a TLS server. You either have something misconfigured or a malformed cert.

Please remove that from your server config, reconnect with the client, then please post both logs, removing WAN IP, DDNS, etc., as well as your server and client configs.

You will need to make the following changes to your server and client configs:

Server
- verb 5
- proto tcp
Client
- verb 7
- proto tcp

Please also post the output of the following command for both the server and client certs:

openssl x509 -text -noout -in <name_of_cert>

Remove WAN IP, DDNS, etc.

EDIT: I remembered why I never included that in the server config this morning... When I wrote that wiki 2+ yrs ago, OpenVPN 2.3 [server] would error out and crash if that option was added. It appears this was fixed in OpenVPN 2.4.

However, your client still shouldn't be throwing that error if the proper EKUs were set for the server and client certs, with the configs in the wiki. Prior to replying, I did connect to one of my OpenVPN servers utilizing the same configs and I couldn't get my client to duplicate that error, which is why those logs and configs will be interesting to look at.

(Last edited by JW0914 on 29 Jan 2018, 15:02)

Post #8

ssdnvv

3 Feb 2018, 22:16

I cannot reproduce the error - what actually is somehow weird, as the above mentioned mitm-warning got solved because of a typo I made...
When adding "option remote-cert-eku "TLS Web Client Authentication"" I made the typical syntax typo and didn't change "-" to "_". I only became aware of that when I today looked into luci openvpn gui where the uci syntax error was shown.
But when correcting that syntax error, the log shows, that your observation from 2 years ago is still valid - openwrt openvpn can't handle option remote_cert_eku and therefore crashs:

Options error: Unrecognized option or missing or extra parameter(s) in openvpn-TCP.conf:30: remote-cert-eku (2.4.4)

When now trying the connection again the mitm-warning never shows up again and it works seemlessly. So: my apologies for that false alarm. I already undid my changes to your wiki-howto.

The only thing I had to change by now:

* Running script '/etc/firewall.user'
iptables v1.6.1: Couldn't load match `state':No such file or directory

Try `iptables -h' or 'iptables --help' for more information.
iptables v1.6.1: Couldn't load match `state':No such file or directory

Try `iptables -h' or 'iptables --help' for more information.

According to https://github.com/nodogsplash/nodogsplash/issues/180

-m state --state

needs to be replaced with

-m conntrack --ctstate

in newer iptables-versions. After that change firewall restarts without issues.

(Last edited by ssdnvv on 3 Feb 2018, 22:52)

Post #9

ssdnvv

4 Feb 2018, 13:53

I have two more questions:
1) I've entered a custom rule to dnsmasq that would resolve 'sub.domain.tld' to 192.168.1.1 and configured my router to get an official certificate issued by let's encrypt authority.
When connecting via openvpn I can only access luci via 192.168.1.1 but not by sub.domain.tld.
Do you know how to solve that? Would be the final touch :-)
2) I've set up two OpenVPN servers on one router (one for performance with UDP on port 4719 and one for stricter firewalls with TCP on port 80). Normal setup works for both servers just fine.
When setting the servers up to redirect-gateway, the TCP-version works as expected but the UDP-version would only allow to connect to the server but not to www.
OpenVPN config:

config openvpn 'TCP'
    option port '80'
    option proto 'tcp'
    option dev 'tun'
    option dev 'tun0'
    option topology 'subnet'
    option comp_lzo 'yes'
    option ifconfig_pool_persist '/etc/openvpn/tun0-ipp.log'
    option status '/etc/openvpn/tun0-status.log'
    option log '/etc/openvpn/tun0.log'
    option tls_server '1'
    option tls_version_min '1.2'
    option tls_cipher  'TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384:TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256:TLS-ECDH-RSA-WITH-AES-256-GCM-SHA384:!aNULL:!eNULL:!LOW:!3DES:!MD5:!SHA:!EXP:!PSK:!SRP:!DSS:!RC4:!kRSA'
    option pkcs12 '/etc/openvpn/Router-OpenVPN.p12'
    option dh '/etc/openvpn/dh5120.pem'
    option tls_auth '/etc/openvpn/Router_ta.key 0'
    option cipher 'AES-256-CBC'
    option auth 'SHA512'
    option sndbuf '393216'
    option rcvbuf '393216'
    option fragment '0'
    option mssfix '0'
    option tun_mtu '48000'
    list push 'sndbuf 393216'
    list push 'rcvbuf 393216'
    option verb '5'
    option mute '20'
    option keepalive '10 120'
    option persist_key '1'
    option persist_tun '1'
    option user 'nobody'
    option group 'nogroup'
    option server '10.1.0.0 255.255.255.240'
    option ifconfig '10.1.0.1 255.255.255.240'
    list push 'route 192.168.1.0 255.255.255.0'
    list push 'dhcp-option DNS 192.168.1.1'
    list push 'dhcp-option WINS 192.168.1.1'
    list push 'dhcp-option DNS 10.1.0.1'
    list push 'dhcp-option NTP 192.53.103.108'
    option push 'redirect-gateway def1 local'
    option client_to_client '1'
    option enabled '1'

config openvpn 'UDP'
    option port '4719'
    option proto 'udp'
    option dev 'tun'
    option dev 'tun1'
    option topology 'subnet'
    option comp_lzo 'yes'
    option ifconfig_pool_persist '/etc/openvpn/tun0-ipp.log'
    option status '/etc/openvpn/tun0-status.log'
    option log '/etc/openvpn/tun0.log'
    option tls_server '1'
    option tls_version_min '1.2'
    option tls_cipher  'TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384:TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256:TLS-ECDH-RSA-WITH-AES-256-GCM-SHA384:!aNULL:!eNULL:!LOW:!3DES:!MD5:!SHA:!EXP:!PSK:!SRP:!DSS:!RC4:!kRSA'
    option pkcs12 '/etc/openvpn/Router-OpenVPN.p12'
    option dh '/etc/openvpn/dh5120.pem'
    option tls_auth '/etc/openvpn/Router_ta.key 0'
    option cipher 'AES-256-CBC'
    option auth 'SHA512'
    option sndbuf '393216'
    option rcvbuf '393216'
    option fragment '0'
    option mssfix '0'
    option tun_mtu '48000'
    list push 'sndbuf 393216'
    list push 'rcvbuf 393216'
    option verb '5'
    option mute '20'
    option keepalive '10 120'
    option persist_key '1'
    option persist_tun '1'
    option user 'nobody'
    option group 'nogroup'
    option server '10.1.1.0 255.255.255.240'
    option ifconfig '10.1.1.1 255.255.255.240'
    list push 'route 192.168.1.0 255.255.255.0'
    list push 'dhcp-option DNS 192.168.1.1'
    list push 'dhcp-option WINS 192.168.1.1'
    list push 'dhcp-option DNS 10.1.1.1'
#    list push 'dhcp-option DNS 208.67.222.123'
#    list push 'dhcp-option DNS 208.67.220.123'
    list push 'dhcp-option NTP 192.53.103.108'
    option push 'redirect-gateway def1 local'
    option client_to_client '1'
    option enabled '1'

Client config TCP

client 
dev tun
proto tcp
remote sub.domain.tld 80
mssfix 0
fragment 0
tun-mtu 48000
float 
nobind 
comp-lzo 
mute-replay-warnings mute 20  
persist-key 
persist-tun 
resolv-retry infinite 
auth SHA512 
auth-nocache 
cipher AES-256-CBC 
key-direction 1 
tls-version-min 1.2  
pkcs12 C:\\patch\\to\\Router_Client_1.p12 
remote-cert-eku "TLS Web Server Authentication" 
<tls-auth>
-----BEGIN OpenVPN Static key V1-----
…
-----END OpenVPN Static key V1-----
</tls-auth> verb 7

Client config UDP

client 
dev tun 
proto udp 
remote sub.domain.tld 4719 
mssfix 0 
fragment 0 
tun-mtu 48000 
float nobind 
comp-lzo 
mute-replay-warnings 
mute 20  
persist-key 
persist-tun 
resolv-retry infinite 
auth SHA512 
auth-nocache 
cipher AES-256-CBC 
key-direction 1 
tls-version-min 1.2  
pkcs12 c:\\path\\to\\Router_Client_1.p12 
remote-cert-eku "TLS Web Server Authentication"  
<tls-auth> 
-----BEGIN OpenVPN Static key V1----- 
...
-----END OpenVPN Static key V1----- </tls-auth> verb 7

/etc/config/network

config interface 'lan'
    option force_link '1'
    option ifname 'eth0'
    option type 'bridge'
    option proto 'static'
    option ipaddr '192.168.1.1'
    option netmask '255.255.255.0'
    option delegate '0'

config interface 'OpenVPN0'
    option ifname 'tun0'
    option proto 'none'
    option auto '1'

config interface 'OpenVPN1'
    option ifname 'tun1'
    option proto 'none'
    option auto '1'

/etc/config firewall

config zone
    option name 'lan'
    option input 'ACCEPT'
    option output 'ACCEPT'
    option forward 'DROP'
    option network 'lan'
    option masq '1'

config zone
    option name 'wan'
    option input 'REJECT'
    option output 'ACCEPT'
    option forward 'REJECT'
    option masq '1'
    option mtu_fix '1'
    option network 'wan wan6'

config forwarding
    option src 'lan'
    option dest 'wan'

config zone
    option name 'OpenVPN0'
    option input 'ACCEPT'
    option forward 'ACCEPT'
    option output 'ACCEPT'
    option network 'OpenVPN0'

config rule
    option name 'OpenVPN0 input'
    option src '*'
    option dest_port '80'
    option proto 'tcpudp'
    option target 'ACCEPT'

config forwarding
    option src 'OpenVPN0'
    option dest 'wan'

config forwarding
    option src 'OpenVPN0'
    option dest 'lan'

config forwarding
    option src 'lan'
    option dest 'OpenVPN0'

config zone
    option name 'OpenVPN1'
    option input 'ACCEPT'
    option forward 'ACCEPT'
    option output 'ACCEPT'
    option network 'OpenVPN1'

config rule
    option name 'OpenVPN1 input'
    option src '*'
    option dest_port '4719'
    option proto 'tcpudp'
    option target 'ACCEPT'

config forwarding
    option src 'OpenVPN1'
    option dest 'wan'

config forwarding
    option src 'OpenVPN1'
    option dest 'lan'

config forwarding
    option src 'lan'
    option dest 'OpenVPN1'

config forwarding
    option src 'OpenVPN1'
    option dest 'OpenVPN0'

config forwarding
    option src 'OpenVPN0'
    option dest 'OpenVPN1'

config rule
    option name 'Allow VPN0 -> LAN'
    option src '*'
    option src_ip '10.1.0.0/28'
    option proto 'tcpudp'
    option dest_ip '192.168.1.0/26'
    option target 'ACCEPT'

config rule
    option name 'Allow Forwarded VPN0 -> LAN'
    option src '*'
    option src_ip '10.1.0.0/28'
    option proto 'tcpudp'
    option dest '*'
    option dest_ip '192.168.1.0/26'
    option target 'ACCEPT'

config rule
    option name 'Allow VPN0 (ICMP) -> LAN'
    option src '*'
    option src_ip '10.1.0.0/28'
    option proto 'icmp'
    option dest 'lan'
    option target 'ACCEPT'

config rule
    option name 'Allow VPN0 (ICMP 8)'
    option src '*'
    option src_ip '10.1.0.0/28'
    option proto 'icmp'
    list icmp_type 'echo-request'
    option dest 'wan'
    option target 'ACCEPT'

config rule
    option name 'Allow VPN1 -> LAN'
    option src '*'
    option src_ip '10.1.1.0/28'
    option proto 'tcpudp'
    option dest_ip '192.168.1.0/26'
    option target 'ACCEPT'

config rule
    option name 'Allow Forwarded VPN1 -> LAN'
    option src '*'
    option src_ip '10.1.1.0/28'
    option proto 'tcpudp'
    option dest '*'
    option dest_ip '192.168.1.0/26'
    option target 'ACCEPT'

config rule
    option name 'Allow VPN1 (ICMP) -> LAN'
    option src '*'
    option src_ip '10.1.1.0/28'
    option proto 'icmp'
    option dest 'lan'
    option target 'ACCEPT'

config rule
    option name 'Allow VPN1 (ICMP 8)'
    option src '*'
    option src_ip '10.1.1.0/28'
    option proto 'icmp'
    list icmp_type 'echo-request'
    option dest 'wan'
    option target 'ACCEPT'

Server log TCP

Sun Feb  4 13:44:14 2018 us=664167 OpenVPN 2.4.4 arm-openwrt-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
Sun Feb  4 13:44:14 2018 us=664268 library versions: OpenSSL 1.0.2n  7 Dec 2017, LZO 2.08
Sun Feb  4 13:44:14 2018 us=665286 Diffie-Hellman initialized with 5120 bit key
Sun Feb  4 13:44:14 2018 us=665415 No valid translation found for TLS cipher '!aNULL'
Sun Feb  4 13:44:14 2018 us=665481 No valid translation found for TLS cipher '!eNULL'
Sun Feb  4 13:44:14 2018 us=665553 No valid translation found for TLS cipher '!3DES'
Sun Feb  4 13:44:14 2018 us=665609 No valid translation found for TLS cipher '!MD5'
Sun Feb  4 13:44:14 2018 us=665665 No valid translation found for TLS cipher '!SHA'
Sun Feb  4 13:44:14 2018 us=665734 No valid translation found for TLS cipher '!PSK'
Sun Feb  4 13:44:14 2018 us=665806 No valid translation found for TLS cipher '!DSS'
Sun Feb  4 13:44:14 2018 us=665861 No valid translation found for TLS cipher '!RC4'
Sun Feb  4 13:44:14 2018 us=695182 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Sun Feb  4 13:44:14 2018 us=695305 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Sun Feb  4 13:44:14 2018 us=695366 TLS-Auth MTU parms [ L:48124 D:1138 EF:112 EB:0 ET:0 EL:3 ]
Sun Feb  4 13:44:14 2018 us=699738 TUN/TAP device tun0 opened
Sun Feb  4 13:44:14 2018 us=700940 TUN/TAP TX queue length set to 100
Sun Feb  4 13:44:14 2018 us=701008 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Sun Feb  4 13:44:14 2018 us=701080 /sbin/ifconfig tun0 10.1.0.1 netmask 255.255.255.240 mtu 48000 broadcast 10.1.0.15
Sun Feb  4 13:44:14 2018 us=706152 Data Channel MTU parms [ L:48124 D:48124 EF:124 EB:8156 ET:0 EL:3 ]
Sun Feb  4 13:44:14 2018 us=706449 Could not determine IPv4/IPv6 protocol. Using AF_INET
Sun Feb  4 13:44:14 2018 us=706525 Socket Buffers: R=[87380->327680] S=[16384->327680]
Sun Feb  4 13:44:14 2018 us=706585 Listening for incoming TCP connection on [AF_INET][undef]:80
Sun Feb  4 13:44:14 2018 us=706638 TCPv4_SERVER link local (bound): [AF_INET][undef]:80
Sun Feb  4 13:44:14 2018 us=706680 TCPv4_SERVER link remote: [AF_UNSPEC]
Sun Feb  4 13:44:14 2018 us=706728 GID set to nogroup
Sun Feb  4 13:44:14 2018 us=706777 UID set to nobody
Sun Feb  4 13:44:14 2018 us=706824 MULTI: multi_init called, r=256 v=256
Sun Feb  4 13:44:14 2018 us=706889 IFCONFIG POOL: base=10.1.0.2 size=12, ipv6=0
Sun Feb  4 13:44:14 2018 us=706939 ifconfig_pool_read(), in='Router_Client_1,10.1.1.2', TODO: IPv6
Sun Feb  4 13:44:14 2018 us=706985 succeeded -> ifconfig_pool_set()
Sun Feb  4 13:44:14 2018 us=707026 IFCONFIG POOL LIST
Sun Feb  4 13:44:14 2018 us=707110 MULTI: TCP INIT maxclients=1024 maxevents=1028
Sun Feb  4 13:44:14 2018 us=707772 Initialization Sequence Completed
Sun Feb  4 13:44:34 2018 us=620635 MULTI: multi_create_instance called
Sun Feb  4 13:44:34 2018 us=620777 Re-using SSL/TLS context
Sun Feb  4 13:44:34 2018 us=620835 LZO compression initializing
Sun Feb  4 13:44:34 2018 us=622797 Control Channel MTU parms [ L:48124 D:1138 EF:112 EB:0 ET:0 EL:3 ]
Sun Feb  4 13:44:34 2018 us=623483 Data Channel MTU parms [ L:48124 D:48124 EF:124 EB:8156 ET:0 EL:3 ]
Sun Feb  4 13:44:34 2018 us=623714 TCP connection established with [AF_INET][public IP client]:26733
Sun Feb  4 13:44:34 2018 us=623768 TCPv4_SERVER link local: (not bound)
Sun Feb  4 13:44:34 2018 us=623815 TCPv4_SERVER link remote: [AF_INET][public IP client]:26733
RSun Feb  4 13:44:35 2018 us=613454 [public IP client]:26733 TLS: Initial packet from [AF_INET][public IP client]:26733, sid=e60558f8 90973dac
WRRWWWWRWRWRRRRWRWRSun Feb  4 13:44:36 2018 us=184669 [public IP client]:26733 VERIFY OK: depth=1, C=DE, ST=RlP, CN=OpenVPN-CA
Sun Feb  4 13:44:36 2018 us=188409 [public IP client]:26733 VERIFY OK: depth=0, C=DE, CN=Router_Client_1
WRWRSun Feb  4 13:44:36 2018 us=282785 [public IP client]:26733 peer info: IV_VER=2.4.4
Sun Feb  4 13:44:36 2018 us=282871 [public IP client]:26733 peer info: IV_PLAT=win
Sun Feb  4 13:44:36 2018 us=282920 [public IP client]:26733 peer info: IV_PROTO=2
Sun Feb  4 13:44:36 2018 us=282978 [public IP client]:26733 peer info: IV_NCP=2
Sun Feb  4 13:44:36 2018 us=283026 [public IP client]:26733 peer info: IV_LZ4=1
Sun Feb  4 13:44:36 2018 us=283069 [public IP client]:26733 peer info: IV_LZ4v2=1
Sun Feb  4 13:44:36 2018 us=283110 [public IP client]:26733 peer info: IV_LZO=1
Sun Feb  4 13:44:36 2018 us=283151 [public IP client]:26733 peer info: IV_COMP_STUB=1
Sun Feb  4 13:44:36 2018 us=283191 [public IP client]:26733 peer info: IV_COMP_STUBv2=1
Sun Feb  4 13:44:36 2018 us=283232 [public IP client]:26733 peer info: IV_TCPNL=1
Sun Feb  4 13:44:36 2018 us=283272 [public IP client]:26733 peer info: IV_GUI_VER=OpenVPN_GUI_11
WRSun Feb  4 13:44:36 2018 us=330659 [public IP client]:26733 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
Sun Feb  4 13:44:36 2018 us=330750 [public IP client]:26733 [Router_Client_1] Peer Connection Initiated with [AF_INET][public IP client]:26733
Sun Feb  4 13:44:36 2018 us=330829 Router_Client_1/[public IP client]:26733 MULTI_sva: pool returned IPv4=10.1.0.2, IPv6=(Not enabled)
Sun Feb  4 13:44:36 2018 us=330968 Router_Client_1/[public IP client]:26733 MULTI: Learn: 10.1.0.2 -> Router_Client_1/[public IP client]:26733
Sun Feb  4 13:44:36 2018 us=331018 Router_Client_1/[public IP client]:26733 MULTI: primary virtual IP for Router_Client_1/[public IP client]:26733: 10.1.0.2
RSun Feb  4 13:44:37 2018 us=430523 Router_Client_1/[public IP client]:26733 PUSH: Received control message: 'PUSH_REQUEST'
Sun Feb  4 13:44:37 2018 us=430670 Router_Client_1/[public IP client]:26733 SENT CONTROL [Router_Client_1]: 'PUSH_REPLY,redirect-gateway def1 local,route-gateway 10.1.0.1,topology subnet,ping 10,ping-restart 120,ifconfig 10.1.0.2 255.255.255.240,peer-id 0,cipher AES-256-GCM' (status=1)
Sun Feb  4 13:44:37 2018 us=430724 Router_Client_1/[public IP client]:26733 Data Channel: using negotiated cipher 'AES-256-GCM'
Sun Feb  4 13:44:37 2018 us=430785 Router_Client_1/[public IP client]:26733 Data Channel MTU parms [ L:48052 D:48052 EF:52 EB:8156 ET:0 EL:3 ]
Sun Feb  4 13:44:37 2018 us=431086 Router_Client_1/[public IP client]:26733 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Sun Feb  4 13:44:37 2018 us=431140 Router_Client_1/[public IP client]:26733 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
WWRRRRRRRRRRRSun Feb  4 13:44:37 2018 us=985688 Router_Client_1/[public IP client]:26733 MULTI: bad source address from client [::], packet dropped
RRRRRRRRRRRRRRRRRRRRRRwrWRRRRRRRRRRRRRSun Feb  4 13:44:49 2018 us=333727 Router_Client_1/[public IP client]:26733 Connection reset, restarting [-1]
Sun Feb  4 13:44:49 2018 us=333846 Router_Client_1/[public IP client]:26733 SIGUSR1[soft,connection-reset] received, client-instance restarting
Sun Feb  4 13:44:49 2018 us=334223 TCP/UDP: Closing socket

Client log TCP

Sun Feb 04 13:44:33 2018 us=507052 Current Parameter Settings:
Sun Feb 04 13:44:33 2018 us=507052   config = 'Router TCP (tun0) --redirect-gateway.ovpn'
Sun Feb 04 13:44:33 2018 us=507052   mode = 0
Sun Feb 04 13:44:33 2018 us=507052   show_ciphers = DISABLED
Sun Feb 04 13:44:33 2018 us=507052   show_digests = DISABLED
Sun Feb 04 13:44:33 2018 us=507052   show_engines = DISABLED
Sun Feb 04 13:44:33 2018 us=507052   genkey = DISABLED
Sun Feb 04 13:44:33 2018 us=507052   key_pass_file = '[UNDEF]'
Sun Feb 04 13:44:33 2018 us=507052   show_tls_ciphers = DISABLED
Sun Feb 04 13:44:33 2018 us=507052   connect_retry_max = 0
Sun Feb 04 13:44:33 2018 us=507052 Connection profiles [0]:
Sun Feb 04 13:44:33 2018 us=507052   proto = tcp-client
Sun Feb 04 13:44:33 2018 us=507052   local = '[UNDEF]'
Sun Feb 04 13:44:33 2018 us=507052   local_port = '[UNDEF]'
Sun Feb 04 13:44:33 2018 us=507052   remote = '[sub.domain.tld]'
Sun Feb 04 13:44:33 2018 us=507052   remote_port = '80'
Sun Feb 04 13:44:33 2018 us=507052   remote_float = ENABLED
Sun Feb 04 13:44:33 2018 us=507052   bind_defined = DISABLED
Sun Feb 04 13:44:33 2018 us=507052   bind_local = DISABLED
Sun Feb 04 13:44:33 2018 us=507052   bind_ipv6_only = DISABLED
Sun Feb 04 13:44:33 2018 us=507052 NOTE: --mute triggered...
Sun Feb 04 13:44:33 2018 us=507052 271 variation(s) on previous 20 message(s) suppressed by --mute
Sun Feb 04 13:44:33 2018 us=507052 OpenVPN 2.4.4 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Sep 26 2017
Sun Feb 04 13:44:33 2018 us=507052 Windows version 6.2 (Windows 8 or greater) 64bit
Sun Feb 04 13:44:33 2018 us=507052 library versions: OpenSSL 1.0.2l  25 May 2017, LZO 2.10
Enter Management Password:
Sun Feb 04 13:44:33 2018 us=508063 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25341
Sun Feb 04 13:44:33 2018 us=508063 Need hold release from management interface, waiting...
Sun Feb 04 13:44:33 2018 us=993060 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25341
Sun Feb 04 13:44:34 2018 us=94637 MANAGEMENT: CMD 'state on'
Sun Feb 04 13:44:34 2018 us=94637 MANAGEMENT: CMD 'log all on'
Sun Feb 04 13:44:34 2018 us=145612 MANAGEMENT: CMD 'echo all on'
Sun Feb 04 13:44:34 2018 us=146612 MANAGEMENT: CMD 'hold off'
Sun Feb 04 13:44:34 2018 us=147645 MANAGEMENT: CMD 'hold release'
Sun Feb 04 13:44:34 2018 us=232840 PRNG init md=SHA1 size=36
Sun Feb 04 13:44:34 2018 us=232840 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Sun Feb 04 13:44:34 2018 us=232840 Outgoing Control Channel Authentication: HMAC KEY: 8ee9cbdf a8887340 99ca7f9b a8c3dd83 87efc20d 2cada679 f4ed94f0 c91977e8 7bc25371 2fb93da0 6fa53c2a 4688cdff cd58dc1c 7cdfe0da 7268d4c6 e3522798
Sun Feb 04 13:44:34 2018 us=232840 Outgoing Control Channel Authentication: HMAC size=64 block_size=64
Sun Feb 04 13:44:34 2018 us=232840 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Sun Feb 04 13:44:34 2018 us=232840 Incoming Control Channel Authentication: HMAC KEY: 74fc7789 606c2f64 9cb71cc4 6dfd77d5 b3cc8f7b 78a4276e 9d36ac55 854acb90 03fa0900 11e7f14e fa439abd 4fe7a8d6 df1b1dca 39670f79 e6d87d30 8305d4eb
Sun Feb 04 13:44:34 2018 us=232840 Incoming Control Channel Authentication: HMAC size=64 block_size=64
Sun Feb 04 13:44:34 2018 us=232840 crypto_adjust_frame_parameters: Adjusting frame parameters for crypto by 72 bytes
Sun Feb 04 13:44:34 2018 us=232840 LZO compression initializing
Sun Feb 04 13:44:34 2018 us=232840 PID packet_id_init seq_backtrack=64 time_backtrack=15
Sun Feb 04 13:44:34 2018 us=233843 PID packet_id_init seq_backtrack=64 time_backtrack=15
Sun Feb 04 13:44:34 2018 us=233843 PID packet_id_init seq_backtrack=64 time_backtrack=15
Sun Feb 04 13:44:34 2018 us=233843 PID packet_id_init seq_backtrack=64 time_backtrack=15
Sun Feb 04 13:44:34 2018 us=233843 Control Channel MTU parms [ L:48124 D:1138 EF:112 EB:0 ET:0 EL:3 ]
Sun Feb 04 13:44:34 2018 us=233843 MANAGEMENT: >STATE:1517748274,RESOLVE,,,,,,
Sun Feb 04 13:44:34 2018 us=233843 GETADDRINFO flags=0x0101 ai_family=0 ai_socktype=1
Sun Feb 04 13:44:34 2018 us=345796 RESOLVE_REMOTE flags=0x0101 phase=1 rrs=0 sig=-1 status=0
Sun Feb 04 13:44:34 2018 us=345796 Data Channel MTU parms [ L:48124 D:48124 EF:124 EB:8156 ET:0 EL:3 ]
Sun Feb 04 13:44:34 2018 us=345796 crypto_adjust_frame_parameters: Adjusting frame parameters for crypto by 100 bytes
Sun Feb 04 13:44:34 2018 us=345796 calc_options_string_link_mtu: link-mtu 48124 -> 48104
Sun Feb 04 13:44:34 2018 us=345796 crypto_adjust_frame_parameters: Adjusting frame parameters for crypto by 100 bytes
Sun Feb 04 13:44:34 2018 us=345796 calc_options_string_link_mtu: link-mtu 48124 -> 48104
Sun Feb 04 13:44:34 2018 us=345796 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 48104,tun-mtu 48000,proto TCPv4_CLIENT,comp-lzo,keydir 1,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-client'
Sun Feb 04 13:44:34 2018 us=345796 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 48104,tun-mtu 48000,proto TCPv4_SERVER,comp-lzo,keydir 0,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-server'
Sun Feb 04 13:44:34 2018 us=345796 TCP/UDP: Preserving recently used remote address: [AF_INET][public router IP]:80
Sun Feb 04 13:44:34 2018 us=345796 Socket Buffers: R=[65536->65536] S=[65536->65536]
Sun Feb 04 13:44:34 2018 us=345796 Attempting to establish TCP connection with [AF_INET][public router IP]:80 [nonblock]
Sun Feb 04 13:44:34 2018 us=345796 MANAGEMENT: >STATE:1517748274,TCP_CONNECT,,,,,,
Sun Feb 04 13:44:35 2018 us=346179 TCP connection established with [AF_INET][public router IP]:80
Sun Feb 04 13:44:35 2018 us=346179 TCP_CLIENT link local: (not bound)
Sun Feb 04 13:44:35 2018 us=346179 TCP_CLIENT link remote: [AF_INET][public router IP]:80
Sun Feb 04 13:44:35 2018 us=346179 MANAGEMENT: >STATE:1517748275,WAIT,,,,,,
Sun Feb 04 13:44:35 2018 us=347054 TCP_CLIENT WRITE [86] to [AF_INET][public router IP]:80: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 pid=[ #1 ] [ ] pid=0 DATA len=0
Sun Feb 04 13:44:35 2018 us=408661 TCP_CLIENT READ [98] from [AF_INET][public router IP]:80: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 pid=[ #1 ] [ 0 ] pid=0 DATA len=0
Sun Feb 04 13:44:35 2018 us=408661 MANAGEMENT: >STATE:1517748275,AUTH,,,,,,
Sun Feb 04 13:44:35 2018 us=408661 TLS: Initial packet from [AF_INET][public router IP]:80, sid=cb0d6f1d 1893b192
Sun Feb 04 13:44:35 2018 us=408661 PID_TEST [0] [TLS_WRAP-0] [] 0:0 1517748275:1 t=1517748275[0] r=[0,64,15,0,1] sl=[0,0,64,528]
Sun Feb 04 13:44:35 2018 us=409550 TCP_CLIENT WRITE [94] to [AF_INET][public router IP]:80: P_ACK_V1 kid=0 pid=[ #2 ] [ 0 ]
Sun Feb 04 13:44:35 2018 us=409550 TCP_CLIENT WRITE [259] to [AF_INET][public router IP]:80: P_CONTROL_V1 kid=0 pid=[ #3 ] [ ] pid=1 DATA len=173
Sun Feb 04 13:44:35 2018 us=793835 TCP_CLIENT READ [1124] from [AF_INET][public router IP]:80: P_CONTROL_V1 kid=0 pid=[ #2 ] [ 1 ] pid=1 DATA len=1026
Sun Feb 04 13:44:35 2018 us=793835 PID_TEST [0] [TLS_WRAP-0] [0] 1517748275:1 1517748275:2 t=1517748275[0] r=[0,64,15,0,1] sl=[63,1,64,528]
Sun Feb 04 13:44:35 2018 us=794846 TCP_CLIENT WRITE [94] to [AF_INET][public router IP]:80: P_ACK_V1 kid=0 pid=[ #4 ] [ 1 ]
Sun Feb 04 13:44:35 2018 us=794846 TCP_CLIENT READ [1112] from [AF_INET][public router IP]:80: P_CONTROL_V1 kid=0 pid=[ #3 ] [ ] pid=2 DATA len=1026
Sun Feb 04 13:44:35 2018 us=794846 PID_TEST [0] [TLS_WRAP-0] [00] 1517748275:2 1517748275:3 t=1517748275[0] r=[0,64,15,0,1] sl=[62,2,64,528]
Sun Feb 04 13:44:35 2018 us=795840 TCP_CLIENT READ [1112] from [AF_INET][public router IP]:80: P_CONTROL_V1 kid=0 pid=[ #4 ] [ ] pid=3 DATA len=1026
Sun Feb 04 13:44:35 2018 us=795840 PID_TEST [0] [TLS_WRAP-0] [000] 1517748275:3 1517748275:4 t=1517748275[0] r=[0,64,15,0,1] sl=[61,3,64,528]
Sun Feb 04 13:44:35 2018 us=795840 TCP_CLIENT WRITE [94] to [AF_INET][public router IP]:80: P_ACK_V1 kid=0 pid=[ #5 ] [ 2 ]
Sun Feb 04 13:44:35 2018 us=795840 TCP_CLIENT WRITE [94] to [AF_INET][public router IP]:80: P_ACK_V1 kid=0 pid=[ #6 ] [ 3 ]
Sun Feb 04 13:44:35 2018 us=830918 TCP_CLIENT READ [1112] from [AF_INET][public router IP]:80: P_CONTROL_V1 kid=0 pid=[ #5 ] [ ] pid=4 DATA len=1026
Sun Feb 04 13:44:35 2018 us=830918 PID_TEST [0] [TLS_WRAP-0] [0000] 1517748275:4 1517748275:5 t=1517748275[0] r=[0,64,15,0,1] sl=[60,4,64,528]
Sun Feb 04 13:44:35 2018 us=830918 TCP_CLIENT WRITE [94] to [AF_INET][public router IP]:80: P_ACK_V1 kid=0 pid=[ #7 ] [ 4 ]
Sun Feb 04 13:44:35 2018 us=868499 TCP_CLIENT READ [1112] from [AF_INET][public router IP]:80: P_CONTROL_V1 kid=0 pid=[ #6 ] [ ] pid=5 DATA len=1026
Sun Feb 04 13:44:35 2018 us=868499 PID_TEST [0] [TLS_WRAP-0] [00000] 1517748275:5 1517748275:6 t=1517748275[0] r=[0,64,15,0,1] sl=[59,5,64,528]
Sun Feb 04 13:44:35 2018 us=868499 VERIFY OK: depth=2, C=DE, ST=RlP, CN=OpenVPN-CA
Sun Feb 04 13:44:35 2018 us=869537 VERIFY OK: depth=1, C=DE, ST=RlP, CN=OpenVPN-ICA
Sun Feb 04 13:44:35 2018 us=869537 Validating certificate extended key usage
Sun Feb 04 13:44:35 2018 us=869537 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Sun Feb 04 13:44:35 2018 us=869537 VERIFY EKU OK
Sun Feb 04 13:44:35 2018 us=869537 VERIFY OK: depth=0, C=DE, ST=RlP, L=KH, CN=[sub.domain.tld]
Sun Feb 04 13:44:35 2018 us=870507 TCP_CLIENT WRITE [94] to [AF_INET][public router IP]:80: P_ACK_V1 kid=0 pid=[ #8 ] [ 5 ]
Sun Feb 04 13:44:35 2018 us=898280 TCP_CLIENT READ [183] from [AF_INET][public router IP]:80: P_CONTROL_V1 kid=0 pid=[ #7 ] [ ] pid=6 DATA len=97
Sun Feb 04 13:44:35 2018 us=898280 PID_TEST [0] [TLS_WRAP-0] [000000] 1517748275:6 1517748275:7 t=1517748275[0] r=[0,64,15,0,1] sl=[58,6,64,528]
Sun Feb 04 13:44:35 2018 us=911309 TCP_CLIENT WRITE [1124] to [AF_INET][public router IP]:80: P_CONTROL_V1 kid=0 pid=[ #9 ] [ 6 ] pid=2 DATA len=1026
Sun Feb 04 13:44:35 2018 us=911309 TCP_CLIENT WRITE [1112] to [AF_INET][public router IP]:80: P_CONTROL_V1 kid=0 pid=[ #10 ] [ ] pid=3 DATA len=1026
Sun Feb 04 13:44:35 2018 us=911309 TCP_CLIENT WRITE [1112] to [AF_INET][public router IP]:80: P_CONTROL_V1 kid=0 pid=[ #11 ] [ ] pid=4 DATA len=1026
Sun Feb 04 13:44:35 2018 us=911309 TCP_CLIENT WRITE [623] to [AF_INET][public router IP]:80: P_CONTROL_V1 kid=0 pid=[ #12 ] [ ] pid=5 DATA len=537
Sun Feb 04 13:44:35 2018 us=911309 ACK output sequence broken: [6] 2 3 4 5
Sun Feb 04 13:44:35 2018 us=958121 TCP_CLIENT READ [94] from [AF_INET][public router IP]:80: P_ACK_V1 kid=0 pid=[ #8 ] [ 2 ]
Sun Feb 04 13:44:35 2018 us=958121 PID_TEST [0] [TLS_WRAP-0] [0000000] 1517748275:7 1517748275:8 t=1517748275[0] r=[0,64,15,0,1] sl=[57,7,64,528]
Sun Feb 04 13:44:36 2018 us=27568 TCP_CLIENT READ [94] from [AF_INET][public router IP]:80: P_ACK_V1 kid=0 pid=[ #9 ] [ 3 ]
Sun Feb 04 13:44:36 2018 us=27568 PID_TEST [0] [TLS_WRAP-0] [11111111] 1517748275:8 1517748275:9 t=1517748276[0] r=[-1,64,15,0,1] sl=[56,8,64,528]
Sun Feb 04 13:44:36 2018 us=27568 TCP_CLIENT READ [94] from [AF_INET][public router IP]:80: P_ACK_V1 kid=0 pid=[ #10 ] [ 4 ]
Sun Feb 04 13:44:36 2018 us=27568 PID_TEST [0] [TLS_WRAP-0] [011111111] 1517748275:9 1517748275:10 t=1517748276[0] r=[-1,64,15,0,1] sl=[55,9,64,528]
Sun Feb 04 13:44:36 2018 us=27568 TCP_CLIENT READ [149] from [AF_INET][public router IP]:80: P_CONTROL_V1 kid=0 pid=[ #11 ] [ 5 ] pid=7 DATA len=51
Sun Feb 04 13:44:36 2018 us=28563 PID_TEST [0] [TLS_WRAP-0] [0011111111] 1517748275:10 1517748275:11 t=1517748276[0] r=[-1,64,15,0,1] sl=[54,10,64,528]
Sun Feb 04 13:44:36 2018 us=28563 TCP_CLIENT WRITE [554] to [AF_INET][public router IP]:80: P_CONTROL_V1 kid=0 pid=[ #13 ] [ 7 ] pid=6 DATA len=456
Sun Feb 04 13:44:36 2018 us=72058 TCP_CLIENT READ [213] from [AF_INET][public router IP]:80: P_CONTROL_V1 kid=0 pid=[ #12 ] [ 6 ] pid=8 DATA len=115
Sun Feb 04 13:44:36 2018 us=72058 PID_TEST [0] [TLS_WRAP-0] [00011111111] 1517748275:11 1517748275:12 t=1517748276[0] r=[-1,64,15,0,1] sl=[53,11,64,528]
Sun Feb 04 13:44:36 2018 us=72058 NOTE: Options consistency check may be skewed by version differences
Sun Feb 04 13:44:36 2018 us=73092 WARNING: 'version' is used inconsistently, local='version V4', remote='version V0 UNDEF'
Sun Feb 04 13:44:36 2018 us=73092 WARNING: 'dev-type' is present in local config but missing in remote config, local='dev-type tun'
Sun Feb 04 13:44:36 2018 us=73092 WARNING: 'link-mtu' is present in local config but missing in remote config, local='link-mtu 48104'
Sun Feb 04 13:44:36 2018 us=73092 WARNING: 'tun-mtu' is present in local config but missing in remote config, local='tun-mtu 48000'
Sun Feb 04 13:44:36 2018 us=73092 WARNING: 'comp-lzo' is present in local config but missing in remote config, local='comp-lzo'
Sun Feb 04 13:44:36 2018 us=73092 WARNING: 'keydir' is present in local config but missing in remote config, local='keydir 0'
Sun Feb 04 13:44:36 2018 us=73092 WARNING: 'cipher' is present in local config but missing in remote config, local='cipher AES-256-CBC'
Sun Feb 04 13:44:36 2018 us=73092 WARNING: 'auth' is present in local config but missing in remote config, local='auth SHA512'
Sun Feb 04 13:44:36 2018 us=73092 WARNING: 'keysize' is present in local config but missing in remote config, local='keysize 256'
Sun Feb 04 13:44:36 2018 us=73092 WARNING: 'tls-auth' is present in local config but missing in remote config, local='tls-auth'
Sun Feb 04 13:44:36 2018 us=74094 WARNING: 'key-method' is present in local config but missing in remote config, local='key-method 2'
Sun Feb 04 13:44:36 2018 us=74094 WARNING: 'tls-server' is present in local config but missing in remote config, local='tls-server'
Sun Feb 04 13:44:36 2018 us=74094 TCP_CLIENT WRITE [94] to [AF_INET][public router IP]:80: P_ACK_V1 kid=0 pid=[ #14 ] [ 8 ]
Sun Feb 04 13:44:36 2018 us=74094 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
Sun Feb 04 13:44:36 2018 us=74094 [[sub.domain.tld]] Peer Connection Initiated with [AF_INET][public router IP]:80
Sun Feb 04 13:44:37 2018 us=102580 MANAGEMENT: >STATE:1517748277,GET_CONFIG,,,,,,
Sun Feb 04 13:44:37 2018 us=102580 SENT CONTROL [[sub.domain.tld]]: 'PUSH_REQUEST' (status=1)
Sun Feb 04 13:44:37 2018 us=103421 TCP_CLIENT WRITE [128] to [AF_INET][public router IP]:80: P_CONTROL_V1 kid=0 pid=[ #15 ] [ ] pid=7 DATA len=42
Sun Feb 04 13:44:37 2018 us=222289 TCP_CLIENT READ [94] from [AF_INET][public router IP]:80: P_ACK_V1 kid=0 pid=[ #13 ] [ 7 ]
Sun Feb 04 13:44:37 2018 us=222289 PID_TEST [0] [TLS_WRAP-0] [111122222222] 1517748275:12 1517748275:13 t=1517748277[0] r=[-2,64,15,0,1] sl=[52,12,64,528]
Sun Feb 04 13:44:37 2018 us=292224 TCP_CLIENT READ [281] from [AF_INET][public router IP]:80: P_CONTROL_V1 kid=0 pid=[ #14 ] [ ] pid=9 DATA len=195
Sun Feb 04 13:44:37 2018 us=292224 PID_TEST [0] [TLS_WRAP-0] [0111122222222] 1517748275:13 1517748275:14 t=1517748277[0] r=[-2,64,15,0,1] sl=[51,13,64,528]
Sun Feb 04 13:44:37 2018 us=293239 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 local,route-gateway 10.1.0.1,topology subnet,ping 10,ping-restart 120,ifconfig 10.1.0.2 255.255.255.240,peer-id 0,cipher AES-256-GCM'
Sun Feb 04 13:44:37 2018 us=293239 OPTIONS IMPORT: timers and/or timeouts modified
Sun Feb 04 13:44:37 2018 us=293239 OPTIONS IMPORT: --ifconfig/up options modified
Sun Feb 04 13:44:37 2018 us=293239 OPTIONS IMPORT: route options modified
Sun Feb 04 13:44:37 2018 us=293239 OPTIONS IMPORT: route-related options modified
Sun Feb 04 13:44:37 2018 us=293239 OPTIONS IMPORT: peer-id set
Sun Feb 04 13:44:37 2018 us=293239 OPTIONS IMPORT: adjusting link_mtu to 48127
Sun Feb 04 13:44:37 2018 us=294277 OPTIONS IMPORT: data channel crypto options modified
Sun Feb 04 13:44:37 2018 us=294277 Data Channel: using negotiated cipher 'AES-256-GCM'
Sun Feb 04 13:44:37 2018 us=294277 crypto_adjust_frame_parameters: Adjusting frame parameters for crypto by 48 bytes
Sun Feb 04 13:44:37 2018 us=294277 Data Channel MTU parms [ L:48055 D:48055 EF:55 EB:8156 ET:0 EL:3 ]
Sun Feb 04 13:44:37 2018 us=294277 Client pre_master: 6dce3ac3 69ce1085 ccb61c6a 356e7631 e6594372 8da0ff2d 3c3deadf 490c8b98 1919b2fb 3e3201ee 41bcf5f1 78be1d35
Sun Feb 04 13:44:37 2018 us=294277 Client random1: 34f5c789 76f9eb34 0e8b79ca d6d4f309 581ca5b5 8b3104ff 974297f5 90947a07
Sun Feb 04 13:44:37 2018 us=294277 Client random2: 2888dc88 a72464cb 9487a32e d4e40161 69fbbf95 9a409317 c647e0a5 b345f80b
Sun Feb 04 13:44:37 2018 us=295284 Server pre_master: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
Sun Feb 04 13:44:37 2018 us=295284 Server random1: 03daa26c 649961ab 5d6b33e7 0c886847 c2bd7f6e 06a451b4 c8609482 1b168fa5
Sun Feb 04 13:44:37 2018 us=295284 Server random2: b036446a 09af484f f25a793a efbe30ea 589d0ad9 5bfb851e b14d2640 0312e20b
Sun Feb 04 13:44:37 2018 us=295284 tls1_P_hash sec: 6dce3ac3 69ce1085 ccb61c6a 356e7631 e6594372 8da0ff2d
Sun Feb 04 13:44:37 2018 us=295284 tls1_P_hash seed: 4f70656e 56504e20 6d617374 65722073 65637265 7434f5c7 8976f9eb 340e8b79 cad6d4f3 09581ca5 b58b3104 ff974297 f590947a 0703daa2 6c649961 ab5d6b33 e70c8868 47c2bd7f 6e06a451 b4c86094 821b168f a5
Sun Feb 04 13:44:37 2018 us=296248 tls1_P_hash out: e473e842 dd2076a2 10aec457 0e0f8ed7 88e4f992 8a6440cb dbfba588 9b20e6fd 97238856 64ad3169 a3418df1 de7d4de5
Sun Feb 04 13:44:37 2018 us=296248 tls1_P_hash sec: 3c3deadf 490c8b98 1919b2fb 3e3201ee 41bcf5f1 78be1d35
Sun Feb 04 13:44:37 2018 us=296248 tls1_P_hash seed: 4f70656e 56504e20 6d617374 65722073 65637265 7434f5c7 8976f9eb 340e8b79 cad6d4f3 09581ca5 b58b3104 ff974297 f590947a 0703daa2 6c649961 ab5d6b33 e70c8868 47c2bd7f 6e06a451 b4c86094 821b168f a5
Sun Feb 04 13:44:37 2018 us=296248 tls1_P_hash out: fddc0bf2 34e0e55b 6239a927 57d17712 a8111d40 7f214918 f2153c8f 6107460c 97551703 0a23cdc8 afe5631e 6d1a3c72
Sun Feb 04 13:44:37 2018 us=296248 tls1_PRF out[48]: 19afe3b0 e9c093f9 72976d70 59def9c5 20f5e4d2 f54509d3 29ee9907 fa27a0f1 00769f55 6e8efca1 0ca4eeef b3677197
Sun Feb 04 13:44:37 2018 us=296248 tls1_P_hash sec: 19afe3b0 e9c093f9 72976d70 59def9c5 20f5e4d2 f54509d3
Sun Feb 04 13:44:37 2018 us=297289 tls1_P_hash seed: 4f70656e 56504e20 6b657920 65787061 6e73696f 6e2888dc 88a72464 cb9487a3 2ed4e401 6169fbbf 959a4093 17c647e0 a5b345f8 0bb03644 6a09af48 4ff25a79 3aefbe30 ea589d0a d95bfb85 1eb14d26 400312e2 0be60558 f890973d accb0d6f 1d1893b1 92
Sun Feb 04 13:44:37 2018 us=297289 tls1_P_hash out: 86ef41ae 5e305b54 1ccd19c2 e6db55bf 21fff089 7c52a18a d671add9 3e2b81d0 de3852d3 fbb170fb 5d758e14 82e56747 3876385b ce5b09ce 3b6a2aa2 a5314696 af56f201 0c079632 59746d7d b467ff08 54a81f91 52b585eb c8f1df93 ad7333bc 381ac445 7751c281 0598531d 62c8dbe4 7eebd7f3 47ba80f8 3de236dd 2442e2f4 43d25df9 b91e1698 517da943 4c150266 b792ff94 fe32f7e3 be99a511 bdb2fd54 32691749 ec04f650 9366ffa0 80689682 e25026e0 50542d76 5f59e4f5 d73e6574 f613a74c 7999c6e7 ca9a60f3 78ff4681 e307a3c8 e6cefef4 e724e335 1486257e af4681bd 743148b6 978db2cd 4ab3e9f7 2842324d 77a26327 158adbf7 637d4c63
Sun Feb 04 13:44:37 2018 us=297289 tls1_P_hash sec: 29ee9907 fa27a0f1 00769f55 6e8efca1 0ca4eeef b3677197
Sun Feb 04 13:44:37 2018 us=298266 tls1_P_hash seed: 4f70656e 56504e20 6b657920 65787061 6e73696f 6e2888dc 88a72464 cb9487a3 2ed4e401 6169fbbf 959a4093 17c647e0 a5b345f8 0bb03644 6a09af48 4ff25a79 3aefbe30 ea589d0a d95bfb85 1eb14d26 400312e2 0be60558 f890973d accb0d6f 1d1893b1 92
Sun Feb 04 13:44:37 2018 us=298266 tls1_P_hash out: 82deb9a6 a237935e e7835e2a 136e63eb 62078d9d 7e80b5b8 01b7601e e4433e9d 57f78f60 69c5f2a3 149136a7 70942025 572a65bf 94faf433 8a445194 baebefb1 aab63dc1 5c7f9b91 b451fbff 567c8876 ba96432c 9510996b 1f958b22 8a600657 44b07c83 4289ba4d 449df7ec 38210d73 a0f675b8 048e8b64 a6fdfa30 96173399 c9ce732a 37be0330 e4ba3b61 9cf6c9a1 35beb58c 95370f4a 4106552d cd8573f4 dda35e9b 8c14e9c5 ea15e26c 85dcebb0 f673ea2d ce219ceb 78ab214e ca2b6a36 7cda5a1e 06cc50c1 822dee53 443cd417 98cf00e7 f9e091fb f5286874 585e2ca8 2410b5e8 5dfadd7b 5bc4957a eaf92866 e06790a5 56a87d12 5c0c6cd6 9ece52a0
Sun Feb 04 13:44:37 2018 us=299253 tls1_PRF out[256]: 0431f808 fc07c80a fb4e47e8 f5b53654 43f87d14 02d21432 d7c6cdc7 da68bf4d 89cfddb3 92748258 49e4b8b3 f2714762 6f5c5de4 5aa1fdfd b12e7b36 1fdaa927 05e0cfc0 50780da3 ed259682 e21b777e ee3e5cbd c7a51c80 d76454b1 271335eb 7caab8c6 35d878cc 4105a4f1 5ae9d697 de1da24b 43340b9c 9b1fcced b255d16d 8a1c2ed3 8ea015a8 b5c79222 d0e3cbc7 822c4a18 6b05f8a9 ff9ff03c 70378ea0 efca49d2 60101f95 79731dcc 05b47d32 1423cccd 9e75b19d 27f2c5bb 1d150f42 8ac9fd52 7f559626 48b78ea0 3cc39296 7bc8a32f 1f2e6f0f 120c8b41 4cd809d6 8b563455 29cb95cd cc4927b7 a04ac191 c825a2e8 210a1e35 4986b721 fdb31ec3
Sun Feb 04 13:44:37 2018 us=299253 NOTE: --mute triggered...
Sun Feb 04 13:44:37 2018 us=299253 8 variation(s) on previous 20 message(s) suppressed by --mute
Sun Feb 04 13:44:37 2018 us=299253 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Sun Feb 04 13:44:37 2018 us=299253 Outgoing Data Channel: CIPHER KEY: 0431f808 fc07c80a fb4e47e8 f5b53654 43f87d14 02d21432 d7c6cdc7 da68bf4d
Sun Feb 04 13:44:37 2018 us=299253 Outgoing Data Channel: CIPHER block_size=16 iv_size=12
Sun Feb 04 13:44:37 2018 us=299253 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Sun Feb 04 13:44:37 2018 us=299253 Incoming Data Channel: CIPHER KEY: 8a1c2ed3 8ea015a8 b5c79222 d0e3cbc7 822c4a18 6b05f8a9 ff9ff03c 70378ea0
Sun Feb 04 13:44:37 2018 us=300256 Incoming Data Channel: CIPHER block_size=16 iv_size=12
Sun Feb 04 13:44:37 2018 us=300256 interactive service msg_channel=0
Sun Feb 04 13:44:37 2018 us=307315 GDGR: route[0] 0.0.0.0/0.0.0.0 i=2 m=55
Sun Feb 04 13:44:37 2018 us=307315 GDGR: route[1] 127.0.0.0/255.0.0.0 i=1 m=331
Sun Feb 04 13:44:37 2018 us=308285 GDGR: route[2] 127.0.0.1/255.255.255.255 i=1 m=331
Sun Feb 04 13:44:37 2018 us=308285 GDGR: route[3] 127.255.255.255/255.255.255.255 i=1 m=331
Sun Feb 04 13:44:37 2018 us=308285 GDGR: route[4] 192.168.43.0/255.255.255.0 i=2 m=311
Sun Feb 04 13:44:37 2018 us=308285 GDGR: route[5] 192.168.43.192/255.255.255.255 i=2 m=311
Sun Feb 04 13:44:37 2018 us=308285 GDGR: route[6] 192.168.43.255/255.255.255.255 i=2 m=311
Sun Feb 04 13:44:37 2018 us=308285 GDGR: route[7] 224.0.0.0/240.0.0.0 i=1 m=331
Sun Feb 04 13:44:37 2018 us=308285 GDGR: route[8] 224.0.0.0/240.0.0.0 i=2 m=311
Sun Feb 04 13:44:37 2018 us=308285 GDGR: route[9] 255.255.255.255/255.255.255.255 i=1 m=331
Sun Feb 04 13:44:37 2018 us=308285 GDGR: route[10] 255.255.255.255/255.255.255.255 i=2 m=311
Sun Feb 04 13:44:37 2018 us=308285 GDGR: best=0 lm=55
Sun Feb 04 13:44:37 2018 us=309321 DEBUG: IP Locate: ip=192.168.43.1 nm=255.255.255.0 index=2 count=-1
Sun Feb 04 13:44:37 2018 us=309321 ROUTE_GATEWAY 192.168.43.1/255.255.255.0 I=2 HWADDR=e4:70:b8:10:1c:0b
Sun Feb 04 13:44:37 2018 us=310282 GDGR: route[0] 0.0.0.0/0.0.0.0 i=2 m=55
Sun Feb 04 13:44:37 2018 us=310282 GDGR: route[1] 127.0.0.0/255.0.0.0 i=1 m=331
Sun Feb 04 13:44:37 2018 us=311287 GDGR: route[2] 127.0.0.1/255.255.255.255 i=1 m=331
Sun Feb 04 13:44:37 2018 us=311287 GDGR: route[3] 127.255.255.255/255.255.255.255 i=1 m=331
Sun Feb 04 13:44:37 2018 us=311287 GDGR: route[4] 192.168.43.0/255.255.255.0 i=2 m=311
Sun Feb 04 13:44:37 2018 us=311287 GDGR: route[5] 192.168.43.192/255.255.255.255 i=2 m=311
Sun Feb 04 13:44:37 2018 us=311287 GDGR: route[6] 192.168.43.255/255.255.255.255 i=2 m=311
Sun Feb 04 13:44:37 2018 us=311287 GDGR: route[7] 224.0.0.0/240.0.0.0 i=1 m=331
Sun Feb 04 13:44:37 2018 us=311287 GDGR: route[8] 224.0.0.0/240.0.0.0 i=2 m=311
Sun Feb 04 13:44:37 2018 us=311287 GDGR: route[9] 255.255.255.255/255.255.255.255 i=1 m=331
Sun Feb 04 13:44:37 2018 us=311287 GDGR: route[10] 255.255.255.255/255.255.255.255 i=2 m=311
Sun Feb 04 13:44:37 2018 us=311287 GDGR: best=0 lm=55
Sun Feb 04 13:44:37 2018 us=331332 open_tun
Sun Feb 04 13:44:37 2018 us=333416 TAP-WIN32 device [Ethernet 2] opened: \\.\Global\{C881E576-EF41-4747-8B8C-C11E7A62B46E}.tap
Sun Feb 04 13:44:37 2018 us=333416 TAP-Windows Driver Version 9.21 
Sun Feb 04 13:44:37 2018 us=333416 TAP-Windows MTU=1500
Sun Feb 04 13:44:37 2018 us=336348 Set TAP-Windows TUN subnet mode network/local/netmask = 10.1.0.0/10.1.0.2/255.255.255.240 [SUCCEEDED]
Sun Feb 04 13:44:37 2018 us=336348 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.1.0.2/255.255.255.240 on interface {C881E576-EF41-4747-8B8C-C11E7A62B46E} [DHCP-serv: 10.1.0.14, lease-time: 31536000]
Sun Feb 04 13:44:37 2018 us=337349 Successful ARP Flush on interface [18] {C881E576-EF41-4747-8B8C-C11E7A62B46E}
Sun Feb 04 13:44:37 2018 us=341361 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Sun Feb 04 13:44:37 2018 us=341361 MANAGEMENT: >STATE:1517748277,ASSIGN_IP,,10.1.0.2,,,,
Sun Feb 04 13:44:37 2018 us=342364 MTU DYNAMIC mtu=1500, flags=3, 48055 -> 1555
Sun Feb 04 13:44:37 2018 us=342364 TCP_CLIENT WRITE [94] to [AF_INET][public router IP]:80: P_ACK_V1 kid=0 pid=[ #16 ] [ 9 ]
Sun Feb 04 13:44:37 2018 us=356400 TUN READ [142]
Sun Feb 04 13:44:37 2018 us=356400 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:44:37 2018 us=356400 TCP_CLIENT WRITE [161] to [AF_INET][public router IP]:80: P_DATA_V2 kid=0 DATA len=160
Sun Feb 04 13:44:37 2018 us=369434 TUN READ [76]
Sun Feb 04 13:44:37 2018 us=370437 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:44:37 2018 us=370437 TCP_CLIENT WRITE [101] to [AF_INET][public router IP]:80: P_DATA_V2 kid=0 DATA len=100
Sun Feb 04 13:44:37 2018 us=370437 TUN READ [76]
Sun Feb 04 13:44:37 2018 us=370437 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:44:37 2018 us=370437 TCP_CLIENT WRITE [101] to [AF_INET][public router IP]:80: P_DATA_V2 kid=0 DATA len=100
Sun Feb 04 13:44:37 2018 us=376454 TUN READ [76]
Sun Feb 04 13:44:37 2018 us=376454 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:44:37 2018 us=376454 TCP_CLIENT WRITE [101] to [AF_INET][public router IP]:80: P_DATA_V2 kid=0 DATA len=100
Sun Feb 04 13:44:37 2018 us=378459 TUN READ [76]
Sun Feb 04 13:44:37 2018 us=378459 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:44:37 2018 us=379461 TCP_CLIENT WRITE [101] to [AF_INET][public router IP]:80: P_DATA_V2 kid=0 DATA len=100
Sun Feb 04 13:44:37 2018 us=379461 TUN READ [76]
Sun Feb 04 13:44:37 2018 us=379461 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:44:37 2018 us=379461 TCP_CLIENT WRITE [101] to [AF_INET][public router IP]:80: P_DATA_V2 kid=0 DATA len=100
Sun Feb 04 13:44:37 2018 us=382470 TUN READ [76]
Sun Feb 04 13:44:37 2018 us=382470 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:44:37 2018 us=382470 TCP_CLIENT WRITE [101] to [AF_INET][public router IP]:80: P_DATA_V2 kid=0 DATA len=100
Sun Feb 04 13:44:37 2018 us=389492 TUN READ [76]
Sun Feb 04 13:44:37 2018 us=389492 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:44:37 2018 us=389492 TCP_CLIENT WRITE [101] to [AF_INET][public router IP]:80: P_DATA_V2 kid=0 DATA len=100
Sun Feb 04 13:44:37 2018 us=399514 TUN READ [76]
Sun Feb 04 13:44:37 2018 us=399514 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:44:37 2018 us=399514 TCP_CLIENT WRITE [101] to [AF_INET][public router IP]:80: P_DATA_V2 kid=0 DATA len=100
Sun Feb 04 13:44:37 2018 us=724026 TUN READ [64]
Sun Feb 04 13:44:37 2018 us=724026 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:44:37 2018 us=725027 TCP_CLIENT WRITE [89] to [AF_INET][public router IP]:80: P_DATA_V2 kid=0 DATA len=88
Sun Feb 04 13:44:37 2018 us=725027 TUN READ [48]
Sun Feb 04 13:44:37 2018 us=725027 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:44:37 2018 us=725027 TCP_CLIENT WRITE [73] to [AF_INET][public router IP]:80: P_DATA_V2 kid=0 DATA len=72
Sun Feb 04 13:44:37 2018 us=725027 TUN READ [136]
Sun Feb 04 13:44:37 2018 us=725027 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:44:37 2018 us=726028 TCP_CLIENT WRITE [123] to [AF_INET][public router IP]:80: P_DATA_V2 kid=0 DATA len=122
Sun Feb 04 13:44:38 2018 us=222334 TUN READ [76]
Sun Feb 04 13:44:38 2018 us=222334 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:44:38 2018 us=223197 TCP_CLIENT WRITE [101] to [AF_INET][public router IP]:80: P_DATA_V2 kid=0 DATA len=100
Sun Feb 04 13:44:38 2018 us=356792 TUN READ [142]
Sun Feb 04 13:44:38 2018 us=356792 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:44:38 2018 us=357677 TCP_CLIENT WRITE [161] to [AF_INET][public router IP]:80: P_DATA_V2 kid=0 DATA len=160
Sun Feb 04 13:44:38 2018 us=722598 TUN READ [72]
Sun Feb 04 13:44:38 2018 us=723446 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:44:38 2018 us=723446 TCP_CLIENT WRITE [97] to [AF_INET][public router IP]:80: P_DATA_V2 kid=0 DATA len=96
Sun Feb 04 13:44:38 2018 us=724447 TUN READ [56]
Sun Feb 04 13:44:38 2018 us=724447 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:44:38 2018 us=725449 TCP_CLIENT WRITE [81] to [AF_INET][public router IP]:80: P_DATA_V2 kid=0 DATA len=80
Sun Feb 04 13:44:38 2018 us=725449 TUN READ [76]
Sun Feb 04 13:44:38 2018 us=725449 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:44:38 2018 us=725449 TCP_CLIENT WRITE [101] to [AF_INET][public router IP]:80: P_DATA_V2 kid=0 DATA len=100
Sun Feb 04 13:44:38 2018 us=725449 TUN READ [76]
Sun Feb 04 13:44:38 2018 us=726452 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:44:38 2018 us=726452 TCP_CLIENT WRITE [101] to [AF_INET][public router IP]:80: P_DATA_V2 kid=0 DATA len=100
Sun Feb 04 13:44:38 2018 us=735476 TUN READ [76]
Sun Feb 04 13:44:38 2018 us=735476 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:44:38 2018 us=735476 TCP_CLIENT WRITE [101] to [AF_INET][public router IP]:80: P_DATA_V2 kid=0 DATA len=100
Sun Feb 04 13:44:38 2018 us=735476 TUN READ [76]
Sun Feb 04 13:44:38 2018 us=735476 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:44:38 2018 us=736478 TCP_CLIENT WRITE [101] to [AF_INET][public router IP]:80: P_DATA_V2 kid=0 DATA len=100
Sun Feb 04 13:44:39 2018 us=222459 TUN READ [96]
Sun Feb 04 13:44:39 2018 us=223293 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:44:39 2018 us=223293 TCP_CLIENT WRITE [121] to [AF_INET][public router IP]:80: P_DATA_V2 kid=0 DATA len=120
Sun Feb 04 13:44:39 2018 us=357715 TUN READ [142]
Sun Feb 04 13:44:39 2018 us=357715 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:44:39 2018 us=358560 TCP_CLIENT WRITE [162] to [AF_INET][public router IP]:80: P_DATA_V2 kid=0 DATA len=161
Sun Feb 04 13:44:39 2018 us=722462 TUN READ [56]
Sun Feb 04 13:44:39 2018 us=722462 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:44:39 2018 us=722462 TCP_CLIENT WRITE [81] to [AF_INET][public router IP]:80: P_DATA_V2 kid=0 DATA len=80
Sun Feb 04 13:44:41 2018 us=357721 TUN READ [142]
Sun Feb 04 13:44:41 2018 us=357721 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:44:41 2018 us=357721 TCP_CLIENT WRITE [162] to [AF_INET][public router IP]:80: P_DATA_V2 kid=0 DATA len=161
Sun Feb 04 13:44:42 2018 us=392446 DEBUG: IP Locate: ip=10.1.0.1 nm=255.255.255.240 index=18 count=1
Sun Feb 04 13:44:42 2018 us=392446 TEST ROUTES: 1/1 succeeded len=0 ret=1 a=0 u/d=up
Sun Feb 04 13:44:42 2018 us=392446 C:\WINDOWS\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.1.0.1
Sun Feb 04 13:44:42 2018 us=397454 DEBUG: route find if: on_tun=1 count=1 index=18
Sun Feb 04 13:44:42 2018 us=399459 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=35 and dwForwardType=4
Sun Feb 04 13:44:42 2018 us=399459 Route addition via IPAPI succeeded [adaptive]
Sun Feb 04 13:44:42 2018 us=400463 C:\WINDOWS\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 10.1.0.1
Sun Feb 04 13:44:42 2018 us=405475 DEBUG: route find if: on_tun=1 count=1 index=18
Sun Feb 04 13:44:42 2018 us=407480 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=35 and dwForwardType=4
Sun Feb 04 13:44:42 2018 us=407480 Route addition via IPAPI succeeded [adaptive]
SYSTEM ROUTING TABLE
0.0.0.0 0.0.0.0 192.168.43.1 p=0 i=2 t=4 pr=3 a=16 h=0 m=55/0/0/0/0
0.0.0.0 128.0.0.0 10.1.0.1 p=0 i=18 t=4 pr=3 a=0 h=0 m=35/0/0/0/0
10.1.0.0 255.255.255.240 10.1.0.2 p=0 i=18 t=3 pr=2 a=5 h=0 m=291/0/0/0/0
10.1.0.2 255.255.255.255 10.1.0.2 p=0 i=18 t=3 pr=2 a=5 h=0 m=291/0/0/0/0
10.1.0.15 255.255.255.255 10.1.0.2 p=0 i=18 t=3 pr=2 a=5 h=0 m=291/0/0/0/0
127.0.0.0 255.0.0.0 127.0.0.1 p=0 i=1 t=3 pr=2 a=12707 h=0 m=331/0/0/0/0
127.0.0.1 255.255.255.255 127.0.0.1 p=0 i=1 t=3 pr=2 a=12707 h=0 m=331/0/0/0/0
127.255.255.255 255.255.255.255 127.0.0.1 p=0 i=1 t=3 pr=2 a=12707 h=0 m=331/0/0/0/0
128.0.0.0 128.0.0.0 10.1.0.1 p=0 i=18 t=4 pr=3 a=0 h=0 m=35/0/0/0/0
192.168.43.0 255.255.255.0 192.168.43.192 p=0 i=2 t=3 pr=2 a=16 h=0 m=311/0/0/0/0
192.168.43.192 255.255.255.255 192.168.43.192 p=0 i=2 t=3 pr=2 a=16 h=0 m=311/0/0/0/0
192.168.43.255 255.255.255.255 192.168.43.192 p=0 i=2 t=3 pr=2 a=16 h=0 m=311/0/0/0/0
224.0.0.0 240.0.0.0 127.0.0.1 p=0 i=1 t=3 pr=2 a=12707 h=0 m=331/0/0/0/0
224.0.0.0 240.0.0.0 10.1.0.2 p=0 i=18 t=3 pr=2 a=12703 h=0 m=291/0/0/0/0
224.0.0.0 240.0.0.0 192.168.43.192 p=0 i=2 t=3 pr=2 a=12696 h=0 m=311/0/0/0/0
255.255.255.255 255.255.255.255 127.0.0.1 p=0 i=1 t=3 pr=2 a=12707 h=0 m=331/0/0/0/0
255.255.255.255 255.255.255.255 10.1.0.2 p=0 i=18 t=3 pr=2 a=12703 h=0 m=291/0/0/0/0
255.255.255.255 255.255.255.255 192.168.43.192 p=0 i=2 t=3 pr=2 a=12696 h=0 m=311/0/0/0/0
SYSTEM ADAPTER LIST
Sun Feb 04 13:44:42 2018 us=444578 NOTE: --mute triggered...
Sun Feb 04 13:44:42 2018 us=472653 30 variation(s) on previous 20 message(s) suppressed by --mute
Sun Feb 04 13:44:42 2018 us=472653 Initialization Sequence Completed
Sun Feb 04 13:44:42 2018 us=472653 MANAGEMENT: >STATE:1517748282,CONNECTED,SUCCESS,10.1.0.2,[public router IP],80,192.168.43.192,51285
Sun Feb 04 13:44:42 2018 us=472653 TUN READ [76]
Sun Feb 04 13:44:42 2018 us=472653 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:44:42 2018 us=472653 TCP_CLIENT WRITE [101] to [AF_INET][public router IP]:80: P_DATA_V2 kid=0 DATA len=100
Sun Feb 04 13:44:42 2018 us=472653 TUN READ [76]
Sun Feb 04 13:44:42 2018 us=472653 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:44:42 2018 us=472653 TCP_CLIENT WRITE [101] to [AF_INET][public router IP]:80: P_DATA_V2 kid=0 DATA len=100
Sun Feb 04 13:44:42 2018 us=472653 TUN READ [76]
Sun Feb 04 13:44:42 2018 us=472653 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:44:42 2018 us=472653 TCP_CLIENT WRITE [101] to [AF_INET][public router IP]:80: P_DATA_V2 kid=0 DATA len=100
Sun Feb 04 13:44:42 2018 us=472653 TUN READ [76]
Sun Feb 04 13:44:42 2018 us=472653 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:44:42 2018 us=475660 TCP_CLIENT WRITE [101] to [AF_INET][public router IP]:80: P_DATA_V2 kid=0 DATA len=100
Sun Feb 04 13:44:42 2018 us=475660 TUN READ [80]
Sun Feb 04 13:44:42 2018 us=475660 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:44:42 2018 us=475660 TCP_CLIENT WRITE [105] to [AF_INET][public router IP]:80: P_DATA_V2 kid=0 DATA len=104
Sun Feb 04 13:44:42 2018 us=475660 TUN READ [76]
Sun Feb 04 13:44:42 2018 us=475660 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:44:42 2018 us=475660 TCP_CLIENT WRITE [101] to [AF_INET][public router IP]:80: P_DATA_V2 kid=0 DATA len=100
Sun Feb 04 13:44:42 2018 us=475660 TUN READ [76]
Sun Feb 04 13:44:42 2018 us=475660 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:44:42 2018 us=475660 TCP_CLIENT WRITE [101] to [AF_INET][public router IP]:80: P_DATA_V2 kid=0 DATA len=100
Sun Feb 04 13:44:42 2018 us=482679 TUN READ [106]
Sun Feb 04 13:44:42 2018 us=482679 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:44:42 2018 us=482679 TCP_CLIENT WRITE [131] to [AF_INET][public router IP]:80: P_DATA_V2 kid=0 DATA len=130
Sun Feb 04 13:44:42 2018 us=608813 TCP_CLIENT READ [78] from [AF_INET][public router IP]:80: P_DATA_V1 kid=0 DATA len=77
Sun Feb 04 13:44:42 2018 us=608813 TLS: tls_pre_decrypt, key_id=0, IP=[AF_INET][public router IP]:80
Sun Feb 04 13:44:42 2018 us=608813 PID_TEST [0] [SSL-0] [] 0:0 0:1 t=1517748282[0] r=[0,64,15,0,1] sl=[0,0,64,528]
Sun Feb 04 13:44:42 2018 us=608813 TUN WRITE [56]
Sun Feb 04 13:44:42 2018 us=724582 TUN READ [96]
Sun Feb 04 13:44:42 2018 us=724582 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:44:42 2018 us=724582 TCP_CLIENT WRITE [121] to [AF_INET][public router IP]:80: P_DATA_V2 kid=0 DATA len=120
Sun Feb 04 13:44:42 2018 us=725585 TUN READ [76]
Sun Feb 04 13:44:42 2018 us=727590 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:44:42 2018 us=727590 TCP_CLIENT WRITE [101] to [AF_INET][public router IP]:80: P_DATA_V2 kid=0 DATA len=100
Sun Feb 04 13:44:42 2018 us=739621 TUN READ [76]
Sun Feb 04 13:44:42 2018 us=739621 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:44:42 2018 us=740623 TCP_CLIENT WRITE [101] to [AF_INET][public router IP]:80: P_DATA_V2 kid=0 DATA len=100
Sun Feb 04 13:44:42 2018 us=753658 TUN READ [76]
Sun Feb 04 13:44:42 2018 us=753658 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:44:42 2018 us=754661 TCP_CLIENT WRITE [101] to [AF_INET][public router IP]:80: P_DATA_V2 kid=0 DATA len=100
Sun Feb 04 13:44:42 2018 us=760676 TUN READ [76]
Sun Feb 04 13:44:42 2018 us=761678 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:44:42 2018 us=761678 TCP_CLIENT WRITE [101] to [AF_INET][public router IP]:80: P_DATA_V2 kid=0 DATA len=100
Sun Feb 04 13:44:42 2018 us=841020 TUN READ [80]
Sun Feb 04 13:44:42 2018 us=841020 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:44:42 2018 us=841020 TCP_CLIENT WRITE [105] to [AF_INET][public router IP]:80: P_DATA_V2 kid=0 DATA len=104
Sun Feb 04 13:44:43 2018 us=222288 TUN READ [76]
Sun Feb 04 13:44:43 2018 us=222288 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:44:43 2018 us=223306 TCP_CLIENT WRITE [101] to [AF_INET][public router IP]:80: P_DATA_V2 kid=0 DATA len=100
Sun Feb 04 13:44:43 2018 us=252633 TUN READ [76]
Sun Feb 04 13:44:43 2018 us=252633 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:44:43 2018 us=253634 TCP_CLIENT WRITE [101] to [AF_INET][public router IP]:80: P_DATA_V2 kid=0 DATA len=100
Sun Feb 04 13:44:43 2018 us=253634 TUN READ [76]
Sun Feb 04 13:44:43 2018 us=253634 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:44:43 2018 us=253634 TCP_CLIENT WRITE [101] to [AF_INET][public router IP]:80: P_DATA_V2 kid=0 DATA len=100
Sun Feb 04 13:44:43 2018 us=256649 TUN READ [80]
Sun Feb 04 13:44:43 2018 us=256649 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:44:43 2018 us=257644 TCP_CLIENT WRITE [105] to [AF_INET][public router IP]:80: P_DATA_V2 kid=0 DATA len=104
Sun Feb 04 13:44:43 2018 us=667633 TUN READ [80]
Sun Feb 04 13:44:43 2018 us=667633 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:44:43 2018 us=667633 TCP_CLIENT WRITE [105] to [AF_INET][public router IP]:80: P_DATA_V2 kid=0 DATA len=104
Sun Feb 04 13:44:43 2018 us=722619 TUN READ [76]
Sun Feb 04 13:44:43 2018 us=723485 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:44:43 2018 us=723485 TCP_CLIENT WRITE [101] to [AF_INET][public router IP]:80: P_DATA_V2 kid=0 DATA len=100
Sun Feb 04 13:44:45 2018 us=357899 TUN READ [142]
Sun Feb 04 13:44:45 2018 us=357899 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:44:45 2018 us=358761 TCP_CLIENT WRITE [162] to [AF_INET][public router IP]:80: P_DATA_V2 kid=0 DATA len=161
Sun Feb 04 13:44:49 2018 us=72431 PID packet_id_free
Sun Feb 04 13:44:49 2018 us=73438 PID packet_id_free
Sun Feb 04 13:44:49 2018 us=73438 PID packet_id_free
Sun Feb 04 13:44:49 2018 us=73438 PID packet_id_free
Sun Feb 04 13:44:49 2018 us=73438 PID packet_id_free
Sun Feb 04 13:44:49 2018 us=73438 PID packet_id_free
Sun Feb 04 13:44:49 2018 us=73438 PID packet_id_free
Sun Feb 04 13:44:49 2018 us=73438 PID packet_id_free
Sun Feb 04 13:44:49 2018 us=73438 TCP/UDP: Closing socket
Sun Feb 04 13:44:49 2018 us=73438 C:\WINDOWS\system32\route.exe DELETE 0.0.0.0 MASK 128.0.0.0 10.1.0.1
Sun Feb 04 13:44:49 2018 us=75443 DEBUG: route find if: on_tun=1 count=1 index=18
Sun Feb 04 13:44:49 2018 us=75443 Route deletion via IPAPI succeeded [adaptive]
Sun Feb 04 13:44:49 2018 us=75443 C:\WINDOWS\system32\route.exe DELETE 128.0.0.0 MASK 128.0.0.0 10.1.0.1
Sun Feb 04 13:44:49 2018 us=76446 DEBUG: route find if: on_tun=1 count=1 index=18
Sun Feb 04 13:44:49 2018 us=76446 Route deletion via IPAPI succeeded [adaptive]
Sun Feb 04 13:44:49 2018 us=76446 Closing TUN/TAP interface
Sun Feb 04 13:44:49 2018 us=95496 TAP: DHCP address released
Sun Feb 04 13:44:49 2018 us=95496 Attempting CancelIO on TAP-Windows adapter
Sun Feb 04 13:44:49 2018 us=95496 Attempting close of overlapped read event on TAP-Windows adapter
Sun Feb 04 13:44:49 2018 us=95496 Attempting close of overlapped write event on TAP-Windows adapter
Sun Feb 04 13:44:49 2018 us=95496 Attempting CloseHandle on TAP-Windows adapter
Sun Feb 04 13:44:49 2018 us=95496 PID packet_id_free
Sun Feb 04 13:44:49 2018 us=95496 SIGTERM[hard,] received, process exiting
Sun Feb 04 13:44:49 2018 us=95496 MANAGEMENT: >STATE:1517748289,EXITING,SIGTERM,,,,,
Sun Feb 04 13:44:49 2018 us=95496 PKCS#11: Terminating openssl
Sun Feb 04 13:44:49 2018 us=95496 PKCS#11: Removing providers
Sun Feb 04 13:44:49 2018 us=95496 PKCS#11: Releasing sessions
Sun Feb 04 13:44:49 2018 us=95496 PKCS#11: Terminating slotevent
Sun Feb 04 13:44:49 2018 us=95496 PKCS#11: Marking as uninitialized

Server log UDP

Sun Feb  4 13:44:14 2018 us=669314 OpenVPN 2.4.4 arm-openwrt-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
Sun Feb  4 13:44:14 2018 us=669433 library versions: OpenSSL 1.0.2n  7 Dec 2017, LZO 2.08
Sun Feb  4 13:44:14 2018 us=670906 Diffie-Hellman initialized with 5120 bit key
Sun Feb  4 13:44:14 2018 us=671043 No valid translation found for TLS cipher '!aNULL'
Sun Feb  4 13:44:14 2018 us=671110 No valid translation found for TLS cipher '!eNULL'
Sun Feb  4 13:44:14 2018 us=671181 No valid translation found for TLS cipher '!3DES'
Sun Feb  4 13:44:14 2018 us=671237 No valid translation found for TLS cipher '!MD5'
Sun Feb  4 13:44:14 2018 us=671293 No valid translation found for TLS cipher '!SHA'
Sun Feb  4 13:44:14 2018 us=671362 No valid translation found for TLS cipher '!PSK'
Sun Feb  4 13:44:14 2018 us=671432 No valid translation found for TLS cipher '!DSS'
Sun Feb  4 13:44:14 2018 us=671487 No valid translation found for TLS cipher '!RC4'
Sun Feb  4 13:44:14 2018 us=711741 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Sun Feb  4 13:44:14 2018 us=711878 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Sun Feb  4 13:44:14 2018 us=711991 TLS-Auth MTU parms [ L:48122 D:1140 EF:110 EB:0 ET:0 EL:3 ]
Sun Feb  4 13:44:14 2018 us=716345 TUN/TAP device tun1 opened
Sun Feb  4 13:44:14 2018 us=718502 TUN/TAP TX queue length set to 100
Sun Feb  4 13:44:14 2018 us=718584 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Sun Feb  4 13:44:14 2018 us=718656 /sbin/ifconfig tun1 10.1.1.1 netmask 255.255.255.240 mtu 48000 broadcast 10.1.1.15
Sun Feb  4 13:44:14 2018 us=727303 Data Channel MTU parms [ L:48122 D:48122 EF:122 EB:8156 ET:0 EL:3 ]
Sun Feb  4 13:44:14 2018 us=727503 Could not determine IPv4/IPv6 protocol. Using AF_INET
Sun Feb  4 13:44:14 2018 us=727584 Socket Buffers: R=[163840->327680] S=[163840->327680]
Sun Feb  4 13:44:14 2018 us=727647 UDPv4 link local (bound): [AF_INET][undef]:4719
Sun Feb  4 13:44:14 2018 us=727693 UDPv4 link remote: [AF_UNSPEC]
Sun Feb  4 13:44:14 2018 us=727742 GID set to nogroup
Sun Feb  4 13:44:14 2018 us=727792 UID set to nobody
Sun Feb  4 13:44:14 2018 us=727883 MULTI: multi_init called, r=256 v=256
Sun Feb  4 13:44:14 2018 us=727970 IFCONFIG POOL: base=10.1.1.2 size=12, ipv6=0
Sun Feb  4 13:44:14 2018 us=728071 ifconfig_pool_read(), in='Router_Client_1,10.0.1.2', TODO: IPv6
Sun Feb  4 13:44:14 2018 us=728137 succeeded -> ifconfig_pool_set()
Sun Feb  4 13:44:14 2018 us=728228 IFCONFIG POOL LIST
Sun Feb  4 13:44:14 2018 us=729068 Initialization Sequence Completed
Sun Feb  4 13:45:04 2018 us=857427 MULTI: multi_create_instance called
Sun Feb  4 13:45:04 2018 us=857600 [public IP client]:28607 Re-using SSL/TLS context
Sun Feb  4 13:45:04 2018 us=857660 [public IP client]:28607 LZO compression initializing
Sun Feb  4 13:45:04 2018 us=859650 [public IP client]:28607 Control Channel MTU parms [ L:48122 D:1140 EF:110 EB:0 ET:0 EL:3 ]
Sun Feb  4 13:45:04 2018 us=859734 [public IP client]:28607 Data Channel MTU parms [ L:48122 D:48122 EF:122 EB:8156 ET:0 EL:3 ]
RSun Feb  4 13:45:04 2018 us=859842 [public IP client]:28607 TLS: Initial packet from [AF_INET][public IP client]:28607, sid=0a8bc9ab 3a38fabd
WRRWWWWRWRWRRRRWRWRSun Feb  4 13:45:05 2018 us=279380 [public IP client]:28607 VERIFY OK: depth=1, C=DE, ST=RlP, CN=OpenVPN-CA
Sun Feb  4 13:45:05 2018 us=283134 [public IP client]:28607 VERIFY OK: depth=0, C=DE, CN=Router_Client_1
WRWRSun Feb  4 13:45:05 2018 us=337729 [public IP client]:28607 peer info: IV_VER=2.4.4
Sun Feb  4 13:45:05 2018 us=337806 [public IP client]:28607 peer info: IV_PLAT=win
Sun Feb  4 13:45:05 2018 us=337854 [public IP client]:28607 peer info: IV_PROTO=2
Sun Feb  4 13:45:05 2018 us=337897 [public IP client]:28607 peer info: IV_NCP=2
Sun Feb  4 13:45:05 2018 us=337938 [public IP client]:28607 peer info: IV_LZ4=1
Sun Feb  4 13:45:05 2018 us=337980 [public IP client]:28607 peer info: IV_LZ4v2=1
Sun Feb  4 13:45:05 2018 us=338020 [public IP client]:28607 peer info: IV_LZO=1
Sun Feb  4 13:45:05 2018 us=338061 [public IP client]:28607 peer info: IV_COMP_STUB=1
Sun Feb  4 13:45:05 2018 us=338117 [public IP client]:28607 peer info: IV_COMP_STUBv2=1
Sun Feb  4 13:45:05 2018 us=338162 [public IP client]:28607 peer info: IV_TCPNL=1
Sun Feb  4 13:45:05 2018 us=338205 [public IP client]:28607 peer info: IV_GUI_VER=OpenVPN_GUI_11
WRSun Feb  4 13:45:05 2018 us=369448 [public IP client]:28607 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
Sun Feb  4 13:45:05 2018 us=369534 [public IP client]:28607 [Router_Client_1] Peer Connection Initiated with [AF_INET][public IP client]:28607
Sun Feb  4 13:45:05 2018 us=369620 Router_Client_1/[public IP client]:28607 MULTI_sva: pool returned IPv4=10.1.1.2, IPv6=(Not enabled)
Sun Feb  4 13:45:05 2018 us=369756 Router_Client_1/[public IP client]:28607 MULTI: Learn: 10.1.1.2 -> Router_Client_1/[public IP client]:28607
Sun Feb  4 13:45:05 2018 us=369806 Router_Client_1/[public IP client]:28607 MULTI: primary virtual IP for Router_Client_1/[public IP client]:28607: 10.1.1.2
RSun Feb  4 13:45:06 2018 us=623362 Router_Client_1/[public IP client]:28607 PUSH: Received control message: 'PUSH_REQUEST'
Sun Feb  4 13:45:06 2018 us=623530 Router_Client_1/[public IP client]:28607 SENT CONTROL [Router_Client_1]: 'PUSH_REPLY,sndbuf 393216,rcvbuf 393216,route 192.168.1.0 255.255.255.0,dhcp-option DNS 192.168.1.1,dhcp-option WINS 192.168.1.1,dhcp-option DNS 208.67.222.123,dhcp-option DNS 208.67.220.123,dhcp-option NTP 192.53.103.108,route-gateway 10.1.1.1,topology subnet,ping 10,ping-restart 120,ifconfig 10.1.1.2 255.255.255.240,peer-id 0,cipher AES-256-GCM' (status=1)
Sun Feb  4 13:45:06 2018 us=623585 Router_Client_1/[public IP client]:28607 Data Channel: using negotiated cipher 'AES-256-GCM'
Sun Feb  4 13:45:06 2018 us=623643 Router_Client_1/[public IP client]:28607 Data Channel MTU parms [ L:48050 D:48050 EF:50 EB:8156 ET:0 EL:3 ]
Sun Feb  4 13:45:06 2018 us=623945 Router_Client_1/[public IP client]:28607 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Sun Feb  4 13:45:06 2018 us=623999 Router_Client_1/[public IP client]:28607 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
WWRRRRRRRRRSun Feb  4 13:45:06 2018 us=975545 Router_Client_1/[public IP client]:28607 MULTI: bad source address from client [::], packet dropped
RRRRRRRRRRRRRRRRRRRRRRRwrWRwrWRwrWRwrWRwrWrWWWWWWWWrWWW

(Last edited by ssdnvv on 4 Feb 2018, 13:55)

Post #10

ssdnvv

4 Feb 2018, 13:54

Client log UDP

Sun Feb 04 13:45:03 2018 us=798505 Current Parameter Settings:
Sun Feb 04 13:45:03 2018 us=798505   config = 'Router UDP (tun1) --redirect-gateway.ovpn'
Sun Feb 04 13:45:03 2018 us=798505   mode = 0
Sun Feb 04 13:45:03 2018 us=798505   show_ciphers = DISABLED
Sun Feb 04 13:45:03 2018 us=798505   show_digests = DISABLED
Sun Feb 04 13:45:03 2018 us=798505   show_engines = DISABLED
Sun Feb 04 13:45:03 2018 us=798505   genkey = DISABLED
Sun Feb 04 13:45:03 2018 us=798505   key_pass_file = '[UNDEF]'
Sun Feb 04 13:45:03 2018 us=798505   show_tls_ciphers = DISABLED
Sun Feb 04 13:45:03 2018 us=798505   connect_retry_max = 0
Sun Feb 04 13:45:03 2018 us=798505 Connection profiles [0]:
Sun Feb 04 13:45:03 2018 us=798505   proto = udp
Sun Feb 04 13:45:03 2018 us=798505   local = '[UNDEF]'
Sun Feb 04 13:45:03 2018 us=798505   local_port = '[UNDEF]'
Sun Feb 04 13:45:03 2018 us=798505   remote = '[sub.domain.tld]'
Sun Feb 04 13:45:03 2018 us=798505   remote_port = '4719'
Sun Feb 04 13:45:03 2018 us=798505   remote_float = ENABLED
Sun Feb 04 13:45:03 2018 us=798505   bind_defined = DISABLED
Sun Feb 04 13:45:03 2018 us=798505   bind_local = DISABLED
Sun Feb 04 13:45:03 2018 us=798505   bind_ipv6_only = DISABLED
Sun Feb 04 13:45:03 2018 us=798505 NOTE: --mute triggered...
Sun Feb 04 13:45:03 2018 us=798505 271 variation(s) on previous 20 message(s) suppressed by --mute
Sun Feb 04 13:45:03 2018 us=798505 OpenVPN 2.4.4 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Sep 26 2017
Sun Feb 04 13:45:03 2018 us=798505 Windows version 6.2 (Windows 8 or greater) 64bit
Sun Feb 04 13:45:03 2018 us=798505 library versions: OpenSSL 1.0.2l  25 May 2017, LZO 2.10
Enter Management Password:
Sun Feb 04 13:45:03 2018 us=799508 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25343
Sun Feb 04 13:45:03 2018 us=799508 Need hold release from management interface, waiting...
Sun Feb 04 13:45:04 2018 us=281278 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25343
Sun Feb 04 13:45:04 2018 us=383015 MANAGEMENT: CMD 'state on'
Sun Feb 04 13:45:04 2018 us=383015 MANAGEMENT: CMD 'log all on'
Sun Feb 04 13:45:04 2018 us=447913 MANAGEMENT: CMD 'echo all on'
Sun Feb 04 13:45:04 2018 us=450029 MANAGEMENT: CMD 'hold off'
Sun Feb 04 13:45:04 2018 us=451031 MANAGEMENT: CMD 'hold release'
Sun Feb 04 13:45:04 2018 us=527233 PRNG init md=SHA1 size=36
Sun Feb 04 13:45:04 2018 us=527233 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Sun Feb 04 13:45:04 2018 us=527233 Outgoing Control Channel Authentication: HMAC KEY: 8ee9cbdf a8887340 99ca7f9b a8c3dd83 87efc20d 2cada679 f4ed94f0 c91977e8 7bc25371 2fb93da0 6fa53c2a 4688cdff cd58dc1c 7cdfe0da 7268d4c6 e3522798
Sun Feb 04 13:45:04 2018 us=527233 Outgoing Control Channel Authentication: HMAC size=64 block_size=64
Sun Feb 04 13:45:04 2018 us=527233 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Sun Feb 04 13:45:04 2018 us=527233 Incoming Control Channel Authentication: HMAC KEY: 74fc7789 606c2f64 9cb71cc4 6dfd77d5 b3cc8f7b 78a4276e 9d36ac55 854acb90 03fa0900 11e7f14e fa439abd 4fe7a8d6 df1b1dca 39670f79 e6d87d30 8305d4eb
Sun Feb 04 13:45:04 2018 us=527233 Incoming Control Channel Authentication: HMAC size=64 block_size=64
Sun Feb 04 13:45:04 2018 us=527233 crypto_adjust_frame_parameters: Adjusting frame parameters for crypto by 72 bytes
Sun Feb 04 13:45:04 2018 us=527233 LZO compression initializing
Sun Feb 04 13:45:04 2018 us=527233 PID packet_id_init seq_backtrack=64 time_backtrack=15
Sun Feb 04 13:45:04 2018 us=527233 PID packet_id_init seq_backtrack=64 time_backtrack=15
Sun Feb 04 13:45:04 2018 us=527233 PID packet_id_init seq_backtrack=64 time_backtrack=15
Sun Feb 04 13:45:04 2018 us=527233 PID packet_id_init seq_backtrack=64 time_backtrack=15
Sun Feb 04 13:45:04 2018 us=527233 Control Channel MTU parms [ L:48122 D:1140 EF:110 EB:0 ET:0 EL:3 ]
Sun Feb 04 13:45:04 2018 us=528236 MANAGEMENT: >STATE:1517748304,RESOLVE,,,,,,
Sun Feb 04 13:45:04 2018 us=528236 GETADDRINFO flags=0x0901 ai_family=0 ai_socktype=2
Sun Feb 04 13:45:04 2018 us=530242 RESOLVE_REMOTE flags=0x0901 phase=1 rrs=0 sig=-1 status=0
Sun Feb 04 13:45:04 2018 us=530242 Data Channel MTU parms [ L:48122 D:48122 EF:122 EB:8156 ET:0 EL:3 ]
Sun Feb 04 13:45:04 2018 us=530242 crypto_adjust_frame_parameters: Adjusting frame parameters for crypto by 100 bytes
Sun Feb 04 13:45:04 2018 us=530242 calc_options_string_link_mtu: link-mtu 48122 -> 48102
Sun Feb 04 13:45:04 2018 us=530242 crypto_adjust_frame_parameters: Adjusting frame parameters for crypto by 100 bytes
Sun Feb 04 13:45:04 2018 us=530242 calc_options_string_link_mtu: link-mtu 48122 -> 48102
Sun Feb 04 13:45:04 2018 us=530242 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 48102,tun-mtu 48000,proto UDPv4,comp-lzo,keydir 1,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-client'
Sun Feb 04 13:45:04 2018 us=530242 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 48102,tun-mtu 48000,proto UDPv4,comp-lzo,keydir 0,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-server'
Sun Feb 04 13:45:04 2018 us=530242 TCP/UDP: Preserving recently used remote address: [AF_INET][public router IP]:4719
Sun Feb 04 13:45:04 2018 us=530242 Socket Buffers: R=[65536->65536] S=[65536->65536]
Sun Feb 04 13:45:04 2018 us=530242 UDP link local: (not bound)
Sun Feb 04 13:45:04 2018 us=530242 UDP link remote: [AF_INET][public router IP]:4719
Sun Feb 04 13:45:04 2018 us=530242 MANAGEMENT: >STATE:1517748304,WAIT,,,,,,
Sun Feb 04 13:45:04 2018 us=530242 UDP WRITE [86] to [AF_INET][public router IP]:4719: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 pid=[ #1 ] [ ] pid=0 DATA len=0
Sun Feb 04 13:45:04 2018 us=530242 UDP READ [0] from [AF_UNSPEC]: DATA UNDEF len=-1
Sun Feb 04 13:45:04 2018 us=654015 UDP READ [98] from [AF_INET][public router IP]:4719: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 pid=[ #1 ] [ 0 ] pid=0 DATA len=0
Sun Feb 04 13:45:04 2018 us=654015 MANAGEMENT: >STATE:1517748304,AUTH,,,,,,
Sun Feb 04 13:45:04 2018 us=654015 TLS: Initial packet from [AF_INET][public router IP]:4719, sid=c5e0026b 54c749a1
Sun Feb 04 13:45:04 2018 us=654015 PID_TEST [0] [TLS_WRAP-0] [] 0:0 1517748304:1 t=1517748304[0] r=[0,64,15,0,1] sl=[0,0,64,528]
Sun Feb 04 13:45:04 2018 us=654842 UDP WRITE [94] to [AF_INET][public router IP]:4719: P_ACK_V1 kid=0 pid=[ #2 ] [ 0 ]
Sun Feb 04 13:45:04 2018 us=654842 UDP WRITE [259] to [AF_INET][public router IP]:4719: P_CONTROL_V1 kid=0 pid=[ #3 ] [ ] pid=1 DATA len=173
Sun Feb 04 13:45:04 2018 us=958556 UDP READ [1128] from [AF_INET][public router IP]:4719: P_CONTROL_V1 kid=0 pid=[ #2 ] [ 1 ] pid=1 DATA len=1030
Sun Feb 04 13:45:04 2018 us=958556 PID_TEST [0] [TLS_WRAP-0] [0] 1517748304:1 1517748304:2 t=1517748304[0] r=[0,64,15,0,1] sl=[63,1,64,528]
Sun Feb 04 13:45:04 2018 us=959569 UDP WRITE [94] to [AF_INET][public router IP]:4719: P_ACK_V1 kid=0 pid=[ #4 ] [ 1 ]
Sun Feb 04 13:45:04 2018 us=960570 UDP READ [1116] from [AF_INET][public router IP]:4719: P_CONTROL_V1 kid=0 pid=[ #3 ] [ ] pid=2 DATA len=1030
Sun Feb 04 13:45:04 2018 us=960570 PID_TEST [0] [TLS_WRAP-0] [00] 1517748304:2 1517748304:3 t=1517748304[0] r=[0,64,15,0,1] sl=[62,2,64,528]
Sun Feb 04 13:45:04 2018 us=960570 UDP WRITE [94] to [AF_INET][public router IP]:4719: P_ACK_V1 kid=0 pid=[ #5 ] [ 2 ]
Sun Feb 04 13:45:04 2018 us=961573 UDP READ [1116] from [AF_INET][public router IP]:4719: P_CONTROL_V1 kid=0 pid=[ #4 ] [ ] pid=3 DATA len=1030
Sun Feb 04 13:45:04 2018 us=961573 PID_TEST [0] [TLS_WRAP-0] [000] 1517748304:3 1517748304:4 t=1517748304[0] r=[0,64,15,0,1] sl=[61,3,64,528]
Sun Feb 04 13:45:04 2018 us=961573 UDP WRITE [94] to [AF_INET][public router IP]:4719: P_ACK_V1 kid=0 pid=[ #6 ] [ 3 ]
Sun Feb 04 13:45:04 2018 us=962575 UDP READ [1116] from [AF_INET][public router IP]:4719: P_CONTROL_V1 kid=0 pid=[ #5 ] [ ] pid=4 DATA len=1030
Sun Feb 04 13:45:04 2018 us=962575 PID_TEST [0] [TLS_WRAP-0] [0000] 1517748304:4 1517748304:5 t=1517748304[0] r=[0,64,15,0,1] sl=[60,4,64,528]
Sun Feb 04 13:45:04 2018 us=962575 UDP WRITE [94] to [AF_INET][public router IP]:4719: P_ACK_V1 kid=0 pid=[ #7 ] [ 4 ]
Sun Feb 04 13:45:04 2018 us=996326 UDP READ [1116] from [AF_INET][public router IP]:4719: P_CONTROL_V1 kid=0 pid=[ #6 ] [ ] pid=5 DATA len=1030
Sun Feb 04 13:45:04 2018 us=996326 PID_TEST [0] [TLS_WRAP-0] [00000] 1517748304:5 1517748304:6 t=1517748304[0] r=[0,64,15,0,1] sl=[59,5,64,528]
Sun Feb 04 13:45:04 2018 us=997334 VERIFY OK: depth=2, C=DE, ST=RlP, CN=OpenVPN-CA
Sun Feb 04 13:45:04 2018 us=997334 VERIFY OK: depth=1, C=DE, ST=RlP, CN=OpenVPN-ICA
Sun Feb 04 13:45:04 2018 us=998336 Validating certificate extended key usage
Sun Feb 04 13:45:04 2018 us=998336 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Sun Feb 04 13:45:04 2018 us=998336 VERIFY EKU OK
Sun Feb 04 13:45:04 2018 us=998336 VERIFY OK: depth=0, C=DE, ST=RlP, L=KH, CN=[sub.domain.tld]
Sun Feb 04 13:45:04 2018 us=998336 UDP WRITE [94] to [AF_INET][public router IP]:4719: P_ACK_V1 kid=0 pid=[ #8 ] [ 5 ]
Sun Feb 04 13:45:05 2018 us=3348 UDP READ [163] from [AF_INET][public router IP]:4719: P_CONTROL_V1 kid=0 pid=[ #7 ] [ ] pid=6 DATA len=77
Sun Feb 04 13:45:05 2018 us=3348 PID_TEST [0] [TLS_WRAP-0] [111111] 1517748304:6 1517748304:7 t=1517748305[0] r=[-1,64,15,0,1] sl=[58,6,64,528]
Sun Feb 04 13:45:05 2018 us=18389 UDP WRITE [1128] to [AF_INET][public router IP]:4719: P_CONTROL_V1 kid=0 pid=[ #9 ] [ 6 ] pid=2 DATA len=1030
Sun Feb 04 13:45:05 2018 us=18389 UDP WRITE [1116] to [AF_INET][public router IP]:4719: P_CONTROL_V1 kid=0 pid=[ #10 ] [ ] pid=3 DATA len=1030
Sun Feb 04 13:45:05 2018 us=18389 UDP WRITE [1116] to [AF_INET][public router IP]:4719: P_CONTROL_V1 kid=0 pid=[ #11 ] [ ] pid=4 DATA len=1030
Sun Feb 04 13:45:05 2018 us=18389 UDP WRITE [611] to [AF_INET][public router IP]:4719: P_CONTROL_V1 kid=0 pid=[ #12 ] [ ] pid=5 DATA len=525
Sun Feb 04 13:45:05 2018 us=18389 ACK output sequence broken: [6] 2 3 4 5
Sun Feb 04 13:45:05 2018 us=18389 ACK output sequence broken: [6] 2 3 4 5
Sun Feb 04 13:45:05 2018 us=19406 ACK output sequence broken: [6] 2 3 4 5
Sun Feb 04 13:45:05 2018 us=19406 ACK output sequence broken: [6] 2 3 4 5
Sun Feb 04 13:45:05 2018 us=19406 ACK output sequence broken: [6] 2 3 4 5
Sun Feb 04 13:45:05 2018 us=19406 ACK output sequence broken: [6] 2 3 4 5
Sun Feb 04 13:45:05 2018 us=19406 ACK output sequence broken: [6] 2 3 4 5
Sun Feb 04 13:45:05 2018 us=19406 ACK output sequence broken: [6] 2 3 4 5
Sun Feb 04 13:45:05 2018 us=19406 ACK output sequence broken: [6] 2 3 4 5
Sun Feb 04 13:45:05 2018 us=19406 ACK output sequence broken: [6] 2 3 4 5
Sun Feb 04 13:45:05 2018 us=19406 ACK output sequence broken: [6] 2 3 4 5
Sun Feb 04 13:45:05 2018 us=19406 ACK output sequence broken: [6] 2 3 4 5
Sun Feb 04 13:45:05 2018 us=19406 ACK output sequence broken: [6] 2 3 4 5
Sun Feb 04 13:45:05 2018 us=19406 ACK output sequence broken: [6] 2 3 4 5
Sun Feb 04 13:45:05 2018 us=19406 ACK output sequence broken: [6] 2 3 4 5
Sun Feb 04 13:45:05 2018 us=19406 ACK output sequence broken: [6] 2 3 4 5
Sun Feb 04 13:45:05 2018 us=19406 ACK output sequence broken: [6] 2 3 4 5
Sun Feb 04 13:45:05 2018 us=20393 ACK output sequence broken: [6] 2 3 4 5
Sun Feb 04 13:45:05 2018 us=20393 ACK output sequence broken: [6] 2 3 4 5
Sun Feb 04 13:45:05 2018 us=20393 ACK output sequence broken: [6] 2 3 4 5
Sun Feb 04 13:45:05 2018 us=20393 NOTE: --mute triggered...
Sun Feb 04 13:45:05 2018 us=57465 2 variation(s) on previous 20 message(s) suppressed by --mute
Sun Feb 04 13:45:05 2018 us=57465 UDP READ [94] from [AF_INET][public router IP]:4719: P_ACK_V1 kid=0 pid=[ #8 ] [ 2 ]
Sun Feb 04 13:45:05 2018 us=57465 PID_TEST [0] [TLS_WRAP-0] [0111111] 1517748304:7 1517748304:8 t=1517748305[0] r=[-1,64,15,0,1] sl=[57,7,64,528]
Sun Feb 04 13:45:05 2018 us=57465 UDP READ [94] from [AF_INET][public router IP]:4719: P_ACK_V1 kid=0 pid=[ #9 ] [ 3 ]
Sun Feb 04 13:45:05 2018 us=57465 PID_TEST [0] [TLS_WRAP-0] [00111111] 1517748304:8 1517748304:9 t=1517748305[0] r=[-1,64,15,0,1] sl=[56,8,64,528]
Sun Feb 04 13:45:05 2018 us=74544 UDP READ [94] from [AF_INET][public router IP]:4719: P_ACK_V1 kid=0 pid=[ #10 ] [ 4 ]
Sun Feb 04 13:45:05 2018 us=74544 PID_TEST [0] [TLS_WRAP-0] [000111111] 1517748304:9 1517748304:10 t=1517748305[0] r=[-1,64,15,0,1] sl=[55,9,64,528]
Sun Feb 04 13:45:05 2018 us=87543 UDP READ [149] from [AF_INET][public router IP]:4719: P_CONTROL_V1 kid=0 pid=[ #11 ] [ 5 ] pid=7 DATA len=51
Sun Feb 04 13:45:05 2018 us=87543 PID_TEST [0] [TLS_WRAP-0] [0000111111] 1517748304:10 1517748304:11 t=1517748305[0] r=[-1,64,15,0,1] sl=[54,10,64,528]
Sun Feb 04 13:45:05 2018 us=87543 UDP WRITE [547] to [AF_INET][public router IP]:4719: P_CONTROL_V1 kid=0 pid=[ #13 ] [ 7 ] pid=6 DATA len=449
Sun Feb 04 13:45:05 2018 us=125145 UDP READ [213] from [AF_INET][public router IP]:4719: P_CONTROL_V1 kid=0 pid=[ #12 ] [ 6 ] pid=8 DATA len=115
Sun Feb 04 13:45:05 2018 us=125145 PID_TEST [0] [TLS_WRAP-0] [00000111111] 1517748304:11 1517748304:12 t=1517748305[0] r=[-1,64,15,0,1] sl=[53,11,64,528]
Sun Feb 04 13:45:05 2018 us=126148 NOTE: Options consistency check may be skewed by version differences
Sun Feb 04 13:45:05 2018 us=126148 WARNING: 'version' is used inconsistently, local='version V4', remote='version V0 UNDEF'
Sun Feb 04 13:45:05 2018 us=126148 WARNING: 'dev-type' is present in local config but missing in remote config, local='dev-type tun'
Sun Feb 04 13:45:05 2018 us=126148 WARNING: 'link-mtu' is present in local config but missing in remote config, local='link-mtu 48102'
Sun Feb 04 13:45:05 2018 us=126148 WARNING: 'tun-mtu' is present in local config but missing in remote config, local='tun-mtu 48000'
Sun Feb 04 13:45:05 2018 us=126148 WARNING: 'comp-lzo' is present in local config but missing in remote config, local='comp-lzo'
Sun Feb 04 13:45:05 2018 us=126148 WARNING: 'keydir' is present in local config but missing in remote config, local='keydir 0'
Sun Feb 04 13:45:05 2018 us=126148 WARNING: 'cipher' is present in local config but missing in remote config, local='cipher AES-256-CBC'
Sun Feb 04 13:45:05 2018 us=126148 WARNING: 'auth' is present in local config but missing in remote config, local='auth SHA512'
Sun Feb 04 13:45:05 2018 us=126148 WARNING: 'keysize' is present in local config but missing in remote config, local='keysize 256'
Sun Feb 04 13:45:05 2018 us=126148 WARNING: 'tls-auth' is present in local config but missing in remote config, local='tls-auth'
Sun Feb 04 13:45:05 2018 us=126148 WARNING: 'key-method' is present in local config but missing in remote config, local='key-method 2'
Sun Feb 04 13:45:05 2018 us=126148 WARNING: 'tls-server' is present in local config but missing in remote config, local='tls-server'
Sun Feb 04 13:45:05 2018 us=126148 UDP WRITE [94] to [AF_INET][public router IP]:4719: P_ACK_V1 kid=0 pid=[ #14 ] [ 8 ]
Sun Feb 04 13:45:05 2018 us=126148 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
Sun Feb 04 13:45:05 2018 us=126148 [[sub.domain.tld]] Peer Connection Initiated with [AF_INET][public router IP]:4719
Sun Feb 04 13:45:06 2018 us=317237 MANAGEMENT: >STATE:1517748306,GET_CONFIG,,,,,,
Sun Feb 04 13:45:06 2018 us=317237 SENT CONTROL [[sub.domain.tld]]: 'PUSH_REQUEST' (status=1)
Sun Feb 04 13:45:06 2018 us=317237 UDP WRITE [128] to [AF_INET][public router IP]:4719: P_CONTROL_V1 kid=0 pid=[ #15 ] [ ] pid=7 DATA len=42
Sun Feb 04 13:45:06 2018 us=412099 UDP READ [94] from [AF_INET][public router IP]:4719: P_ACK_V1 kid=0 pid=[ #13 ] [ 7 ]
Sun Feb 04 13:45:06 2018 us=412099 PID_TEST [0] [TLS_WRAP-0] [111111222222] 1517748304:12 1517748304:13 t=1517748306[0] r=[-2,64,15,0,1] sl=[52,12,64,528]
Sun Feb 04 13:45:06 2018 us=412099 UDP READ [466] from [AF_INET][public router IP]:4719: P_CONTROL_V1 kid=0 pid=[ #14 ] [ ] pid=9 DATA len=380
Sun Feb 04 13:45:06 2018 us=413104 PID_TEST [0] [TLS_WRAP-0] [0111111222222] 1517748304:13 1517748304:14 t=1517748306[0] r=[-2,64,15,0,1] sl=[51,13,64,528]
Sun Feb 04 13:45:06 2018 us=413104 PUSH: Received control message: 'PUSH_REPLY,sndbuf 393216,rcvbuf 393216,route 192.168.1.0 255.255.255.0,dhcp-option DNS 192.168.1.1,dhcp-option WINS 192.168.1.1,dhcp-option DNS 208.67.222.123,dhcp-option DNS 208.67.220.123,dhcp-option NTP 192.53.103.108,route-gateway 10.1.1.1,topology subnet,ping 10,ping-restart 120,ifconfig 10.1.1.2 255.255.255.240,peer-id 0,cipher AES-256-GCM'
Sun Feb 04 13:45:06 2018 us=413104 OPTIONS IMPORT: timers and/or timeouts modified
Sun Feb 04 13:45:06 2018 us=413104 OPTIONS IMPORT: --sndbuf/--rcvbuf options modified
Sun Feb 04 13:45:06 2018 us=413104 Socket Buffers: R=[65536->393216] S=[65536->393216]
Sun Feb 04 13:45:06 2018 us=413104 OPTIONS IMPORT: --ifconfig/up options modified
Sun Feb 04 13:45:06 2018 us=413104 OPTIONS IMPORT: route options modified
Sun Feb 04 13:45:06 2018 us=413104 OPTIONS IMPORT: route-related options modified
Sun Feb 04 13:45:06 2018 us=413104 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Sun Feb 04 13:45:06 2018 us=413104 OPTIONS IMPORT: peer-id set
Sun Feb 04 13:45:06 2018 us=413104 OPTIONS IMPORT: adjusting link_mtu to 48125
Sun Feb 04 13:45:06 2018 us=413104 OPTIONS IMPORT: data channel crypto options modified
Sun Feb 04 13:45:06 2018 us=413104 Data Channel: using negotiated cipher 'AES-256-GCM'
Sun Feb 04 13:45:06 2018 us=413104 crypto_adjust_frame_parameters: Adjusting frame parameters for crypto by 48 bytes
Sun Feb 04 13:45:06 2018 us=413104 Data Channel MTU parms [ L:48053 D:48053 EF:53 EB:8156 ET:0 EL:3 ]
Sun Feb 04 13:45:06 2018 us=413104 Client pre_master: 9788c1a8 e738cd92 61652b84 a826eeae c56c922e 5714b3bc 26ac1e99 89d98da6 cdc989f1 4318dbb6 e247930f 7c7f60a4
Sun Feb 04 13:45:06 2018 us=413104 Client random1: 15c8365c 5bf04ee0 234870b2 54322101 4fda307e a93b676c 81969b81 9a95505f
Sun Feb 04 13:45:06 2018 us=413104 Client random2: de4844d3 2ce30860 21a5bca7 fc7df956 3cb97fc2 27bb9601 48217fea 707f5061
Sun Feb 04 13:45:06 2018 us=413104 Server pre_master: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
Sun Feb 04 13:45:06 2018 us=413104 Server random1: a3b27aba d358fbb0 111c9f5b cbc5a083 de77c1f4 2e965ab7 89350747 7c2e83ba
Sun Feb 04 13:45:06 2018 us=413104 Server random2: 4ae0b417 6e2b76c7 2deb3e20 01db6924 0de4533e b1547355 a19f614d e25cb7ae
Sun Feb 04 13:45:06 2018 us=413104 tls1_P_hash sec: 9788c1a8 e738cd92 61652b84 a826eeae c56c922e 5714b3bc
Sun Feb 04 13:45:06 2018 us=414104 tls1_P_hash seed: 4f70656e 56504e20 6d617374 65722073 65637265 7415c836 5c5bf04e e0234870 b2543221 014fda30 7ea93b67 6c81969b 819a9550 5fa3b27a bad358fb b0111c9f 5bcbc5a0 83de77c1 f42e965a b7893507 477c2e83 ba
Sun Feb 04 13:45:06 2018 us=414104 tls1_P_hash out: 06559427 e30034bc 2b0e7837 1c7caee2 9bfde101 03338dc5 92543416 13093955 abf6d2d8 8e008e49 47db099f c72d46ee
Sun Feb 04 13:45:06 2018 us=414104 tls1_P_hash sec: 26ac1e99 89d98da6 cdc989f1 4318dbb6 e247930f 7c7f60a4
Sun Feb 04 13:45:06 2018 us=414104 tls1_P_hash seed: 4f70656e 56504e20 6d617374 65722073 65637265 7415c836 5c5bf04e e0234870 b2543221 014fda30 7ea93b67 6c81969b 819a9550 5fa3b27a bad358fb b0111c9f 5bcbc5a0 83de77c1 f42e965a b7893507 477c2e83 ba
Sun Feb 04 13:45:06 2018 us=414104 tls1_P_hash out: 4236bed2 e70b3614 a61bca73 077725ef 37b04ac4 bd3563ae 96edeb10 52db03ce df1fdfe5 b1899d39 49d4babb 6e650fa1
Sun Feb 04 13:45:06 2018 us=414104 tls1_PRF out[48]: 44632af5 040b02a8 8d15b244 1b0b8b0d ac4dabc5 be06ee6b 04b9df06 41d23a9b 74e90d3d 3f891370 0e0fb324 a948494f
Sun Feb 04 13:45:06 2018 us=414104 tls1_P_hash sec: 44632af5 040b02a8 8d15b244 1b0b8b0d ac4dabc5 be06ee6b
Sun Feb 04 13:45:06 2018 us=414104 tls1_P_hash seed: 4f70656e 56504e20 6b657920 65787061 6e73696f 6ede4844 d32ce308 6021a5bc a7fc7df9 563cb97f c227bb96 0148217f ea707f50 614ae0b4 176e2b76 c72deb3e 2001db69 240de453 3eb15473 55a19f61 4de25cb7 ae0a8bc9 ab3a38fa bdc5e002 6b54c749 a1
Sun Feb 04 13:45:06 2018 us=414104 tls1_P_hash out: bf924f55 0eee6d44 4c07fde9 ed8beaeb 976889f7 49fa9ae0 025c7f21 90e13d5e 75e47109 3aa7cf3a 81520344 41d73c1c 8523bae4 6243713e 075eb989 b2da8f6a c23292d7 53d68a55 8beba25e aedff3ac b6d270a4 6dbce01b ac7a262b 75aa4914 6e375519 e04cbd08 65db2b10 45ba8f13 01cb4215 6b22fc60 3d717869 f6b3823f 530f1b26 1bf5cd25 f1666a4d 2cac7d5f 85b4603b 44dd2f7c 188641e6 73362b42 0cc6468f b3ac2a29 58cdac05 cdf402fc bc542b43 b7ef7586 7041a412 3b49893f 5cb5a136 7df05cd0 1b930d3c e8b1f2d2 3f7166bc 9dfb1a78 599b0866 1b24d723 f734be65 5cda8a0c faf8af57 ca716ae4 68abc675 cd54b58e 78831cf7 e4a49dd9
Sun Feb 04 13:45:06 2018 us=414104 tls1_P_hash sec: 04b9df06 41d23a9b 74e90d3d 3f891370 0e0fb324 a948494f
Sun Feb 04 13:45:06 2018 us=414104 tls1_P_hash seed: 4f70656e 56504e20 6b657920 65787061 6e73696f 6ede4844 d32ce308 6021a5bc a7fc7df9 563cb97f c227bb96 0148217f ea707f50 614ae0b4 176e2b76 c72deb3e 2001db69 240de453 3eb15473 55a19f61 4de25cb7 ae0a8bc9 ab3a38fa bdc5e002 6b54c749 a1
Sun Feb 04 13:45:06 2018 us=414104 tls1_P_hash out: a8ca9f36 a482cb79 eb34e4ad e5e1eb10 5a682c6d 93dacc68 f5c3ab9a 8d0f6fe9 7c501edc fb9e59b8 4a3258eb 8dc77413 b4f78319 37e348ba cc43b10b 11d5be93 5b077f5d 717168f5 f25e5f07 24b04946 231efe1b ba33981e 68f92112 b7a33d0e 32bc67c9 fbedd1f3 aecbb3ae 3fc41b5f a726ce2d 1e09fa99 8e546389 94ad24a3 2c480c18 2dac0d37 180de7be 0d133956 1f18bcb3 2e889896 191928ce 1ecdd19e bf54ee3f d9733f29 972c1df8 b7d2b55a a6633688 c597d690 198f79d2 ce185556 49b7a238 eabd8efa e2906162 a6d9308b 70d793ac 83da450c a6640316 ca7438e2 2f84bf24 70c0a44a b7b37407 5bb83651 57b7ae9d d86c1efe 258d634a c5c76c83
Sun Feb 04 13:45:06 2018 us=415106 tls1_PRF out[256]: 1758d063 aa6ca63d a7331944 086a01fb cd00a59a da205688 f79fd4bb 1dee52b7 09b46fd5 c1399682 cb605baf cc10480f 31d439fd 55a03984 cb1d0882 a30f31f9 9935ed8a 22a7e2a0 79b5fd59 8a6fbaea 95cc8ebf d78f7805 c4830739 c209741a 5c8b32d0 1ba16cfb cb1098be 7a7e944c a6ed8c38 752b06f9 b3251be0 621ea69c 7f47173e 3659c012 e96b8df3 21bf4409 9aacdc88 6a55b7ea 019f6928 6dfbfadc b392a8b0 6adf1500 cfe1b1fd 7a26b7a6 1a371dcb 7278a316 69ceddc0 f551dc69 1502030e 974dd22a f9036c5e 4e68c259 4fa6f510 1e215f74 ffff0b70 d150efc1 d8b00141 2c1a2e46 4d4bdb50 91c95cb5 3f1c68e8 1538ab70 5d0e7fbd 2163f15a
Sun Feb 04 13:45:06 2018 us=415106 NOTE: --mute triggered...
Sun Feb 04 13:45:06 2018 us=415106 8 variation(s) on previous 20 message(s) suppressed by --mute
Sun Feb 04 13:45:06 2018 us=415106 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Sun Feb 04 13:45:06 2018 us=415106 Outgoing Data Channel: CIPHER KEY: 1758d063 aa6ca63d a7331944 086a01fb cd00a59a da205688 f79fd4bb 1dee52b7
Sun Feb 04 13:45:06 2018 us=415106 Outgoing Data Channel: CIPHER block_size=16 iv_size=12
Sun Feb 04 13:45:06 2018 us=415106 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Sun Feb 04 13:45:06 2018 us=415106 Incoming Data Channel: CIPHER KEY: 7f47173e 3659c012 e96b8df3 21bf4409 9aacdc88 6a55b7ea 019f6928 6dfbfadc
Sun Feb 04 13:45:06 2018 us=415106 Incoming Data Channel: CIPHER block_size=16 iv_size=12
Sun Feb 04 13:45:06 2018 us=415106 interactive service msg_channel=0
Sun Feb 04 13:45:06 2018 us=418118 GDGR: route[0] 0.0.0.0/0.0.0.0 i=2 m=55
Sun Feb 04 13:45:06 2018 us=418118 GDGR: route[1] 127.0.0.0/255.0.0.0 i=1 m=331
Sun Feb 04 13:45:06 2018 us=418118 GDGR: route[2] 127.0.0.1/255.255.255.255 i=1 m=331
Sun Feb 04 13:45:06 2018 us=418118 GDGR: route[3] 127.255.255.255/255.255.255.255 i=1 m=331
Sun Feb 04 13:45:06 2018 us=418118 GDGR: route[4] 192.168.43.0/255.255.255.0 i=2 m=311
Sun Feb 04 13:45:06 2018 us=418118 GDGR: route[5] 192.168.43.192/255.255.255.255 i=2 m=311
Sun Feb 04 13:45:06 2018 us=418118 GDGR: route[6] 192.168.43.255/255.255.255.255 i=2 m=311
Sun Feb 04 13:45:06 2018 us=418118 GDGR: route[7] 224.0.0.0/240.0.0.0 i=1 m=331
Sun Feb 04 13:45:06 2018 us=418118 GDGR: route[8] 224.0.0.0/240.0.0.0 i=2 m=311
Sun Feb 04 13:45:06 2018 us=418118 GDGR: route[9] 255.255.255.255/255.255.255.255 i=1 m=331
Sun Feb 04 13:45:06 2018 us=418118 GDGR: route[10] 255.255.255.255/255.255.255.255 i=2 m=311
Sun Feb 04 13:45:06 2018 us=418118 GDGR: best=0 lm=55
Sun Feb 04 13:45:06 2018 us=419121 DEBUG: IP Locate: ip=192.168.43.1 nm=255.255.255.0 index=2 count=-1
Sun Feb 04 13:45:06 2018 us=419121 ROUTE_GATEWAY 192.168.43.1/255.255.255.0 I=2 HWADDR=e4:70:b8:10:1c:0b
Sun Feb 04 13:45:06 2018 us=419121 open_tun
Sun Feb 04 13:45:06 2018 us=421125 TAP-WIN32 device [Ethernet 2] opened: \\.\Global\{C881E576-EF41-4747-8B8C-C11E7A62B46E}.tap
Sun Feb 04 13:45:06 2018 us=421125 TAP-Windows Driver Version 9.21 
Sun Feb 04 13:45:06 2018 us=421125 TAP-Windows MTU=1500
Sun Feb 04 13:45:06 2018 us=424131 Set TAP-Windows TUN subnet mode network/local/netmask = 10.1.1.0/10.1.1.2/255.255.255.240 [SUCCEEDED]
Sun Feb 04 13:45:06 2018 us=424131 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.1.1.2/255.255.255.240 on interface {C881E576-EF41-4747-8B8C-C11E7A62B46E} [DHCP-serv: 10.1.1.14, lease-time: 31536000]
Sun Feb 04 13:45:06 2018 us=424131 DHCP option string: 060cc0a8 5401d043 de7bd043 dc7b2c04 c0a85401 2a04c035 676c
Sun Feb 04 13:45:06 2018 us=424131 Successful ARP Flush on interface [18] {C881E576-EF41-4747-8B8C-C11E7A62B46E}
Sun Feb 04 13:45:06 2018 us=436163 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Sun Feb 04 13:45:06 2018 us=436163 MANAGEMENT: >STATE:1517748306,ASSIGN_IP,,10.1.1.2,,,,
Sun Feb 04 13:45:06 2018 us=436163 MTU DYNAMIC mtu=1500, flags=3, 48053 -> 1553
Sun Feb 04 13:45:06 2018 us=436163 UDP WRITE [94] to [AF_INET][public router IP]:4719: P_ACK_V1 kid=0 pid=[ #16 ] [ 9 ]
Sun Feb 04 13:45:06 2018 us=464237 TUN READ [142]
Sun Feb 04 13:45:06 2018 us=464237 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:45:06 2018 us=465241 UDP WRITE [161] to [AF_INET][public router IP]:4719: P_DATA_V2 kid=0 DATA len=160
Sun Feb 04 13:45:06 2018 us=476268 TUN READ [76]
Sun Feb 04 13:45:06 2018 us=476268 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:45:06 2018 us=476268 UDP WRITE [101] to [AF_INET][public router IP]:4719: P_DATA_V2 kid=0 DATA len=100
Sun Feb 04 13:45:06 2018 us=480279 TUN READ [76]
Sun Feb 04 13:45:06 2018 us=481282 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:45:06 2018 us=481282 UDP WRITE [101] to [AF_INET][public router IP]:4719: P_DATA_V2 kid=0 DATA len=100
Sun Feb 04 13:45:06 2018 us=481282 TUN READ [76]
Sun Feb 04 13:45:06 2018 us=481282 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:45:06 2018 us=481282 UDP WRITE [101] to [AF_INET][public router IP]:4719: P_DATA_V2 kid=0 DATA len=100
Sun Feb 04 13:45:06 2018 us=482285 TUN READ [80]
Sun Feb 04 13:45:06 2018 us=482285 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:45:06 2018 us=482285 UDP WRITE [105] to [AF_INET][public router IP]:4719: P_DATA_V2 kid=0 DATA len=104
Sun Feb 04 13:45:06 2018 us=485293 TUN READ [76]
Sun Feb 04 13:45:06 2018 us=485293 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:45:06 2018 us=485293 UDP WRITE [101] to [AF_INET][public router IP]:4719: P_DATA_V2 kid=0 DATA len=100
Sun Feb 04 13:45:06 2018 us=493313 TUN READ [76]
Sun Feb 04 13:45:06 2018 us=493313 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:45:06 2018 us=493313 UDP WRITE [101] to [AF_INET][public router IP]:4719: P_DATA_V2 kid=0 DATA len=100
Sun Feb 04 13:45:06 2018 us=722384 TUN READ [64]
Sun Feb 04 13:45:06 2018 us=722384 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:45:06 2018 us=722384 UDP WRITE [89] to [AF_INET][public router IP]:4719: P_DATA_V2 kid=0 DATA len=88
Sun Feb 04 13:45:06 2018 us=722384 TUN READ [48]
Sun Feb 04 13:45:06 2018 us=722384 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:45:06 2018 us=722384 UDP WRITE [73] to [AF_INET][public router IP]:4719: P_DATA_V2 kid=0 DATA len=72
Sun Feb 04 13:45:06 2018 us=723392 TUN READ [136]
Sun Feb 04 13:45:06 2018 us=723392 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:45:06 2018 us=723392 UDP WRITE [123] to [AF_INET][public router IP]:4719: P_DATA_V2 kid=0 DATA len=122
Sun Feb 04 13:45:06 2018 us=894146 TUN READ [80]
Sun Feb 04 13:45:06 2018 us=894146 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:45:06 2018 us=894146 UDP WRITE [105] to [AF_INET][public router IP]:4719: P_DATA_V2 kid=0 DATA len=104
Sun Feb 04 13:45:07 2018 us=223365 TUN READ [76]
Sun Feb 04 13:45:07 2018 us=223365 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:45:07 2018 us=223365 UDP WRITE [101] to [AF_INET][public router IP]:4719: P_DATA_V2 kid=0 DATA len=100
Sun Feb 04 13:45:07 2018 us=305387 TUN READ [76]
Sun Feb 04 13:45:07 2018 us=305387 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:45:07 2018 us=305387 UDP WRITE [101] to [AF_INET][public router IP]:4719: P_DATA_V2 kid=0 DATA len=100
Sun Feb 04 13:45:07 2018 us=306386 TUN READ [76]
Sun Feb 04 13:45:07 2018 us=306386 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:45:07 2018 us=306386 UDP WRITE [101] to [AF_INET][public router IP]:4719: P_DATA_V2 kid=0 DATA len=100
Sun Feb 04 13:45:07 2018 us=308390 TUN READ [80]
Sun Feb 04 13:45:07 2018 us=309394 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:45:07 2018 us=309394 UDP WRITE [105] to [AF_INET][public router IP]:4719: P_DATA_V2 kid=0 DATA len=104
Sun Feb 04 13:45:07 2018 us=465370 TUN READ [142]
Sun Feb 04 13:45:07 2018 us=465370 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:45:07 2018 us=465370 UDP WRITE [162] to [AF_INET][public router IP]:4719: P_DATA_V2 kid=0 DATA len=161
Sun Feb 04 13:45:07 2018 us=721510 TUN READ [80]
Sun Feb 04 13:45:07 2018 us=721510 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:45:07 2018 us=722526 UDP WRITE [105] to [AF_INET][public router IP]:4719: P_DATA_V2 kid=0 DATA len=104
Sun Feb 04 13:45:07 2018 us=722526 TUN READ [72]
Sun Feb 04 13:45:07 2018 us=722526 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:45:07 2018 us=723525 UDP WRITE [97] to [AF_INET][public router IP]:4719: P_DATA_V2 kid=0 DATA len=96
Sun Feb 04 13:45:07 2018 us=724528 TUN READ [56]
Sun Feb 04 13:45:07 2018 us=724528 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:45:07 2018 us=724528 UDP WRITE [81] to [AF_INET][public router IP]:4719: P_DATA_V2 kid=0 DATA len=80
Sun Feb 04 13:45:07 2018 us=724528 TUN READ [76]
Sun Feb 04 13:45:07 2018 us=724528 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:45:07 2018 us=724528 UDP WRITE [101] to [AF_INET][public router IP]:4719: P_DATA_V2 kid=0 DATA len=100
Sun Feb 04 13:45:07 2018 us=725530 TUN READ [76]
Sun Feb 04 13:45:07 2018 us=725530 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:45:07 2018 us=725530 UDP WRITE [101] to [AF_INET][public router IP]:4719: P_DATA_V2 kid=0 DATA len=100
Sun Feb 04 13:45:07 2018 us=736558 TUN READ [76]
Sun Feb 04 13:45:07 2018 us=736558 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:45:07 2018 us=736558 UDP WRITE [101] to [AF_INET][public router IP]:4719: P_DATA_V2 kid=0 DATA len=100
Sun Feb 04 13:45:08 2018 us=136202 TUN READ [76]
Sun Feb 04 13:45:08 2018 us=136202 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:45:08 2018 us=137215 UDP WRITE [101] to [AF_INET][public router IP]:4719: P_DATA_V2 kid=0 DATA len=100
Sun Feb 04 13:45:08 2018 us=137215 TUN READ [76]
Sun Feb 04 13:45:08 2018 us=137215 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:45:08 2018 us=138217 UDP WRITE [101] to [AF_INET][public router IP]:4719: P_DATA_V2 kid=0 DATA len=100
Sun Feb 04 13:45:08 2018 us=141229 TUN READ [80]
Sun Feb 04 13:45:08 2018 us=141229 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:45:08 2018 us=141229 UDP WRITE [105] to [AF_INET][public router IP]:4719: P_DATA_V2 kid=0 DATA len=104
Sun Feb 04 13:45:08 2018 us=222457 TUN READ [96]
Sun Feb 04 13:45:08 2018 us=222457 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:45:08 2018 us=222457 UDP WRITE [121] to [AF_INET][public router IP]:4719: P_DATA_V2 kid=0 DATA len=120
Sun Feb 04 13:45:08 2018 us=551601 TUN READ [80]
Sun Feb 04 13:45:08 2018 us=551601 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:45:08 2018 us=551601 UDP WRITE [105] to [AF_INET][public router IP]:4719: P_DATA_V2 kid=0 DATA len=104
Sun Feb 04 13:45:08 2018 us=722462 TUN READ [56]
Sun Feb 04 13:45:08 2018 us=722462 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:45:08 2018 us=722462 UDP WRITE [81] to [AF_INET][public router IP]:4719: P_DATA_V2 kid=0 DATA len=80
Sun Feb 04 13:45:09 2018 us=465423 TUN READ [142]
Sun Feb 04 13:45:09 2018 us=465423 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:45:09 2018 us=465423 UDP WRITE [162] to [AF_INET][public router IP]:4719: P_DATA_V2 kid=0 DATA len=161
Sun Feb 04 13:45:11 2018 us=853747 DEBUG: IP Locate: ip=10.1.1.1 nm=255.255.255.240 index=18 count=1
Sun Feb 04 13:45:11 2018 us=853747 TEST ROUTES: 1/1 succeeded len=1 ret=1 a=0 u/d=up
Sun Feb 04 13:45:11 2018 us=853747 MANAGEMENT: >STATE:1517748311,ADD_ROUTES,,,,,,
Sun Feb 04 13:45:11 2018 us=854791 C:\WINDOWS\system32\route.exe ADD 192.168.1.0 MASK 255.255.255.0 10.1.1.1
Sun Feb 04 13:45:11 2018 us=859801 DEBUG: route find if: on_tun=1 count=1 index=18
Sun Feb 04 13:45:11 2018 us=861815 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=35 and dwForwardType=4
Sun Feb 04 13:45:11 2018 us=861815 Route addition via IPAPI succeeded [adaptive]
SYSTEM ROUTING TABLE
0.0.0.0 0.0.0.0 192.168.43.1 p=0 i=2 t=4 pr=3 a=46 h=0 m=55/0/0/0/0
10.1.1.0 255.255.255.240 10.1.1.2 p=0 i=18 t=3 pr=2 a=5 h=0 m=291/0/0/0/0
10.1.1.2 255.255.255.255 10.1.1.2 p=0 i=18 t=3 pr=2 a=5 h=0 m=291/0/0/0/0
10.1.1.15 255.255.255.255 10.1.1.2 p=0 i=18 t=3 pr=2 a=5 h=0 m=291/0/0/0/0
127.0.0.0 255.0.0.0 127.0.0.1 p=0 i=1 t=3 pr=2 a=12737 h=0 m=331/0/0/0/0
127.0.0.1 255.255.255.255 127.0.0.1 p=0 i=1 t=3 pr=2 a=12737 h=0 m=331/0/0/0/0
127.255.255.255 255.255.255.255 127.0.0.1 p=0 i=1 t=3 pr=2 a=12737 h=0 m=331/0/0/0/0
192.168.43.0 255.255.255.0 192.168.43.192 p=0 i=2 t=3 pr=2 a=46 h=0 m=311/0/0/0/0
192.168.43.192 255.255.255.255 192.168.43.192 p=0 i=2 t=3 pr=2 a=46 h=0 m=311/0/0/0/0
192.168.43.255 255.255.255.255 192.168.43.192 p=0 i=2 t=3 pr=2 a=46 h=0 m=311/0/0/0/0
192.168.1.0 255.255.255.0 10.1.1.1 p=0 i=18 t=4 pr=3 a=0 h=0 m=35/0/0/0/0
224.0.0.0 240.0.0.0 127.0.0.1 p=0 i=1 t=3 pr=2 a=12737 h=0 m=331/0/0/0/0
224.0.0.0 240.0.0.0 10.1.1.2 p=0 i=18 t=3 pr=2 a=12733 h=0 m=291/0/0/0/0
224.0.0.0 240.0.0.0 192.168.43.192 p=0 i=2 t=3 pr=2 a=12726 h=0 m=311/0/0/0/0
255.255.255.255 255.255.255.255 127.0.0.1 p=0 i=1 t=3 pr=2 a=12737 h=0 m=331/0/0/0/0
255.255.255.255 255.255.255.255 10.1.1.2 p=0 i=18 t=3 pr=2 a=12733 h=0 m=291/0/0/0/0
255.255.255.255 255.255.255.255 192.168.43.192 p=0 i=2 t=3 pr=2 a=12726 h=0 m=311/0/0/0/0
SYSTEM ADAPTER LIST
TAP-Windows Adapter V9
Sun Feb 04 13:45:11 2018 us=867828 NOTE: --mute triggered...
Sun Feb 04 13:45:11 2018 us=899873 31 variation(s) on previous 20 message(s) suppressed by --mute
Sun Feb 04 13:45:11 2018 us=899873 Initialization Sequence Completed
Sun Feb 04 13:45:11 2018 us=899873 MANAGEMENT: >STATE:1517748311,CONNECTED,SUCCESS,10.1.1.2,[public router IP],4719,,
Sun Feb 04 13:45:13 2018 us=466206 TUN READ [142]
Sun Feb 04 13:45:13 2018 us=466206 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:45:13 2018 us=466206 UDP WRITE [162] to [AF_INET][public router IP]:4719: P_DATA_V2 kid=0 DATA len=161
Sun Feb 04 13:45:14 2018 us=90009 TUN READ [96]
Sun Feb 04 13:45:14 2018 us=90009 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:45:14 2018 us=91011 UDP WRITE [121] to [AF_INET][public router IP]:4719: P_DATA_V2 kid=0 DATA len=120
Sun Feb 04 13:45:14 2018 us=112065 TUN READ [72]
Sun Feb 04 13:45:14 2018 us=112065 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:45:14 2018 us=112065 UDP WRITE [97] to [AF_INET][public router IP]:4719: P_DATA_V2 kid=0 DATA len=96
Sun Feb 04 13:45:14 2018 us=147765 UDP READ [146] from [AF_INET][public router IP]:4719: P_DATA_V1 kid=0 DATA len=145
Sun Feb 04 13:45:14 2018 us=147765 TLS: tls_pre_decrypt, key_id=0, IP=[AF_INET][public router IP]:4719
Sun Feb 04 13:45:14 2018 us=147765 PID_TEST [0] [SSL-0] [] 0:0 0:1 t=1517748314[0] r=[0,64,15,0,1] sl=[0,0,64,528]
Sun Feb 04 13:45:14 2018 us=147765 TUN WRITE [124]
Sun Feb 04 13:45:14 2018 us=157616 UDP READ [192] from [AF_INET][public router IP]:4719: P_DATA_V1 kid=0 DATA len=191
Sun Feb 04 13:45:14 2018 us=157616 TLS: tls_pre_decrypt, key_id=0, IP=[AF_INET][public router IP]:4719
Sun Feb 04 13:45:14 2018 us=157616 PID_TEST [0] [SSL-0] [0] 0:1 0:2 t=1517748314[0] r=[0,64,15,0,1] sl=[63,1,64,528]
Sun Feb 04 13:45:14 2018 us=157616 TUN WRITE [170]
Sun Feb 04 13:45:15 2018 us=113228 TUN READ [72]
Sun Feb 04 13:45:15 2018 us=113228 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:45:15 2018 us=113228 UDP WRITE [97] to [AF_INET][public router IP]:4719: P_DATA_V2 kid=0 DATA len=96
Sun Feb 04 13:45:15 2018 us=213042 UDP READ [192] from [AF_INET][public router IP]:4719: P_DATA_V1 kid=0 DATA len=191
Sun Feb 04 13:45:15 2018 us=213042 TLS: tls_pre_decrypt, key_id=0, IP=[AF_INET][public router IP]:4719
Sun Feb 04 13:45:15 2018 us=213042 PID_TEST [0] [SSL-0] [11] 0:2 0:3 t=1517748315[0] r=[-1,64,15,0,1] sl=[62,2,64,528]
Sun Feb 04 13:45:15 2018 us=214064 TUN WRITE [170]
Sun Feb 04 13:45:15 2018 us=589687 TUN READ [96]
Sun Feb 04 13:45:15 2018 us=589687 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:45:15 2018 us=589687 UDP WRITE [121] to [AF_INET][public router IP]:4719: P_DATA_V2 kid=0 DATA len=120
Sun Feb 04 13:45:15 2018 us=648461 UDP READ [146] from [AF_INET][public router IP]:4719: P_DATA_V1 kid=0 DATA len=145
Sun Feb 04 13:45:15 2018 us=648461 TLS: tls_pre_decrypt, key_id=0, IP=[AF_INET][public router IP]:4719
Sun Feb 04 13:45:15 2018 us=648461 PID_TEST [0] [SSL-0] [011] 0:3 0:4 t=1517748315[0] r=[-1,64,15,0,1] sl=[61,3,64,528]
Sun Feb 04 13:45:15 2018 us=648461 TUN WRITE [124]
Sun Feb 04 13:45:16 2018 us=113748 TUN READ [72]
Sun Feb 04 13:45:16 2018 us=113748 TLS: tls_pre_encrypt: key_id=0
Sun Feb 04 13:45:16 2018 us=113748 UDP WRITE [97] to [AF_INET][public router IP]:4719: P_DATA_V2 kid=0 DATA len=96
Sun Feb 04 13:45:16 2018 us=163355 UDP READ [192] from [AF_INET][public router IP]:4719: P_DATA_V1 kid=0 DATA len=191
Sun Feb 04 13:45:16 2018 us=163355 TLS: tls_pre_decrypt, key_id=0, IP=[AF_INET][public router IP]:4719
Sun Feb 04 13:45:16 2018 us=163355 PID_TEST [0] [SSL-0] [1122] 0:4 0:5 t=1517748316[0] r=[-2,64,15,0,1] sl=[60,4,64,528]
Sun Feb 04 13:45:16 2018 us=163355 TUN WRITE [170]
Sun Feb 04 13:45:16 2018 us=804864 PID packet_id_free
Sun Feb 04 13:45:16 2018 us=804864 PID packet_id_free
Sun Feb 04 13:45:16 2018 us=804864 PID packet_id_free
Sun Feb 04 13:45:16 2018 us=804864 PID packet_id_free
Sun Feb 04 13:45:16 2018 us=804864 PID packet_id_free
Sun Feb 04 13:45:16 2018 us=804864 PID packet_id_free
Sun Feb 04 13:45:16 2018 us=804864 PID packet_id_free
Sun Feb 04 13:45:16 2018 us=804864 PID packet_id_free
Sun Feb 04 13:45:16 2018 us=804864 TCP/UDP: Closing socket
Sun Feb 04 13:45:16 2018 us=804864 C:\WINDOWS\system32\route.exe DELETE 192.168.1.0 MASK 255.255.255.0 10.1.1.1
Sun Feb 04 13:45:16 2018 us=806869 DEBUG: route find if: on_tun=1 count=1 index=18
Sun Feb 04 13:45:16 2018 us=806869 Route deletion via IPAPI succeeded [adaptive]
Sun Feb 04 13:45:16 2018 us=806869 Closing TUN/TAP interface
Sun Feb 04 13:45:16 2018 us=816897 TAP: DHCP address released
Sun Feb 04 13:45:16 2018 us=816897 Attempting CancelIO on TAP-Windows adapter
Sun Feb 04 13:45:16 2018 us=816897 Attempting close of overlapped read event on TAP-Windows adapter
Sun Feb 04 13:45:16 2018 us=816897 Attempting close of overlapped write event on TAP-Windows adapter
Sun Feb 04 13:45:16 2018 us=816897 Attempting CloseHandle on TAP-Windows adapter
Sun Feb 04 13:45:16 2018 us=817899 PID packet_id_free
Sun Feb 04 13:45:16 2018 us=817899 SIGTERM[hard,] received, process exiting
Sun Feb 04 13:45:16 2018 us=817899 MANAGEMENT: >STATE:1517748316,EXITING,SIGTERM,,,,,
Sun Feb 04 13:45:16 2018 us=817899 PKCS#11: Terminating openssl
Sun Feb 04 13:45:16 2018 us=817899 PKCS#11: Removing providers
Sun Feb 04 13:45:16 2018 us=817899 PKCS#11: Releasing sessions
Sun Feb 04 13:45:16 2018 us=817899 PKCS#11: Terminating slotevent
Sun Feb 04 13:45:16 2018 us=817899 PKCS#11: Marking as uninitialized

(Last edited by ssdnvv on 4 Feb 2018, 13:54)

Post #11

JW0914

5 Feb 2018, 05:30

LuCI should never be accessible from WAN
- If you want it remotely accessible, create a tunnel through ssh via: Local Source Port (say 10001) to remote address (say 192.168.1.1:443). With the SSH session open, navigate to https://127.0.0.1:10001
  - This is why I always recommend creating web server certs with the loopback IP specified in the SAN, as it will prevent cert errors when tunnelling over ssh to the web server's address.
There are only two use cases for utilizing TCP with OpenVPN
- Troubleshooting
  OR
- High packet loss when utilizing UDP.

All OpenVPN traffic is TCP and TCP cannot efficiently encapsulate itself (i.e. when utilizing UDP, OpenVPN encapsulates it's TCP packets within UDP packets).
- Rather than getting into the weeds on why this is, if you're curious, you should be able to find an in depth explanation via google.

I only had time to glance at your logs, and the UDP server log looks normal, except for

Sun Feb  4 13:45:06 2018 us=975545 Router_Client_1/[public IP client]:28607 MULTI: bad source address from client [::], packet dropped

There's a really simple reason why this error occurs and it's easily fixable, however I can't recall what the reason is. I do know google will return a fix in the first few search results, as I had this same error a while back.

Please elaborate on "but the UDP-version would only allow to connect to the server but not to www."

Just a general FYI, there's no reason to utilize 4096bit keys as 2048bit will remain uncrackable until around 2030. If you're super paranoid, simply have key renegotiation occur in a small window (30 - 60 min). Utilzing 4096bit keys serves no other purpose but to stress the client and server CPUs and massively slow throughput.

(Last edited by JW0914 on 5 Feb 2018, 05:41)

Post #12

loplo

27 Mar 2018, 20:47

I'm having a similar issue.

openssl ca -gencrl -keyfile ca/OpenWrt-CA.key.pem -cert ca/OpenWrt-CA.crt.pem -out crl/OpenWrt-CA.crl.pem -config ./openssl.cnf

returns

Using configuration from ./openssl.cnf
Enter pass phrase for ca/OpenWrt-CA.key.pem:
.\index: No such file or directory
unable to open '.\index'
2004503860:error:02001002:lib(2):func(1):reason(2):NA:0:fopen('.\index','r')
2004503860:error:20074002:lib(32):func(116):reason(2):NA:0:

Strange thing, my folder contains the necessary files, I assume

root@swrt:/etc/ssl# ls -l
drwxr-xr-x    3 root     root             0 Mar 27 18:51 ca
drwxr-xr-x    2 root     root             0 Mar 27 15:14 certs
drwxr-xr-x    2 root     root             0 Mar 27 19:08 crl
-rw-r--r--    1 root     root             3 Mar 27 19:28 crlnumber
-rw-r--r--    1 root     root             1 Mar 27 19:35 index
-rw-r--r--    1 root     root         39315 Mar 27 19:43 openssl.cnf
drwxr-xr-x    3 root     root             0 Mar 27 18:45 openvpn
drwx------    2 root     root             0 Mar 27 15:14 private
-rw-r--r--    1 root     root             1 Mar 27 19:35 rand
-rw-r--r--    1 root     root             3 Mar 27 19:35 serial

Post #13

JW0914

28 Mar 2018, 03:00

You didn't read the the comments in the first couple of lines in the openssl.cnf =]

You need to convert all backslashes (Windows) to forward slashes (Linux).

I'd also recommend following the updated version of the streamlined wiki, as I've added updated info in the new version.

I'm in the process of revamping the newer version so it falls in line with the new wiki guidelines.

(Last edited by JW0914 on 28 Mar 2018, 13:56)

Post #14

loplo

31 Mar 2018, 23:03

Ups, that was my mistake.
Now, a few steps later, I'm getting

Error Loading extension section v3_vpn_server

while executing

openssl req -out ca/csr/vpn-server.csr -new -days 3650 -sha512 -newkey rsa:2048 \
    -keyout openvpn/vpn-server.key.pem -config ./openssl.cnf -extensions v3_vpn_server1 -nodes

The discussion might have continued from here.

Page 1 of 1