OpenVPN Server Connection Error - RC-3 30 June



  • I am having problem connecting to my OpenVPN Server. I did a complete fresh installation of amd64 snapshot 30 june.
    I do not havy any syslog logs (I posted in another thread) so I could not post any OpenVPN errors/log.

    If I connect with my Windows OpenVPN Client I got this error:

    Fri Jul 01 22:59:35 2011 OpenVPN 2.2.0 Win32-MSVC++ [SSL] [LZO2] built on Apr 26 2011
    Fri Jul 01 22:59:35 2011 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA.  OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
    Fri Jul 01 22:59:35 2011 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
    Fri Jul 01 22:59:35 2011 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
    Fri Jul 01 22:59:35 2011 Control Channel Authentication: using 'OVPN-Server-01-RBS.key' as a OpenVPN static key file
    Fri Jul 01 22:59:35 2011 LZO compression initialized
    Fri Jul 01 22:59:35 2011 UDPv4 link local (bound): [undef]:1194
    Fri Jul 01 22:59:35 2011 UDPv4 link remote: 11.22.33.44:1194
    Fri Jul 01 23:00:35 2011 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
    Fri Jul 01 23:00:35 2011 TLS Error: TLS handshake failed
    

    Before connection with my client, the OpenVPN service is running.
    After I try to connect with the client, the service stops and I got this error message (picture) on the dashboard (remember, no syslogs till now).

    PS: The TLS error comes after 1 minute - I double checked the TLS key in the OpenVPN server config and the Client (SYSTEM - USer Manager). In the past, if there was an error with this key, the error appeard faster.




  • Still having the problem with actual snapshot:

    2.0-RC3 (amd64) built on Sun Jul 3 04:02:48 EDT 2011

    Sun Jul 03 16:27:25 2011 us=208000 Current Parameter Settings:
    Sun Jul 03 16:27:25 2011 us=208000   config = 'OVPN-Server-01-RBS.ovpn'
    Sun Jul 03 16:27:25 2011 us=208000   mode = 0
    Sun Jul 03 16:27:25 2011 us=208000   show_ciphers = DISABLED
    Sun Jul 03 16:27:25 2011 us=208000   show_digests = DISABLED
    Sun Jul 03 16:27:25 2011 us=208000   show_engines = DISABLED
    Sun Jul 03 16:27:25 2011 us=208000   genkey = DISABLED
    Sun Jul 03 16:27:25 2011 us=208000   key_pass_file = '[UNDEF]'
    Sun Jul 03 16:27:25 2011 us=208000   show_tls_ciphers = DISABLED
    Sun Jul 03 16:27:25 2011 us=208000 Connection profiles [default]:
    Sun Jul 03 16:27:25 2011 us=208000   proto = udp
    Sun Jul 03 16:27:25 2011 us=208000   local = '[UNDEF]'
    Sun Jul 03 16:27:25 2011 us=208000   local_port = 1194
    Sun Jul 03 16:27:25 2011 us=208000   remote = '[UNDEF]'
    Sun Jul 03 16:27:25 2011 us=208000   remote_port = 1194
    Sun Jul 03 16:27:25 2011 us=208000   remote_float = DISABLED
    Sun Jul 03 16:27:25 2011 us=208000   bind_defined = DISABLED
    Sun Jul 03 16:27:25 2011 us=208000   bind_local = ENABLED
    Sun Jul 03 16:27:25 2011 us=208000   connect_retry_seconds = 5
    Sun Jul 03 16:27:25 2011 us=208000   connect_timeout = 10
    Sun Jul 03 16:27:25 2011 us=208000   connect_retry_max = 0
    Sun Jul 03 16:27:25 2011 us=208000   socks_proxy_server = '[UNDEF]'
    Sun Jul 03 16:27:25 2011 us=208000   socks_proxy_port = 0
    Sun Jul 03 16:27:25 2011 us=208000   socks_proxy_retry = DISABLED
    Sun Jul 03 16:27:25 2011 us=208000 Connection profiles [0]:
    Sun Jul 03 16:27:25 2011 us=208000   proto = udp
    Sun Jul 03 16:27:25 2011 us=208000   local = '[UNDEF]'
    Sun Jul 03 16:27:25 2011 us=208000   local_port = 1194
    Sun Jul 03 16:27:25 2011 us=208000   remote = 'hpa1.myftp.org'
    Sun Jul 03 16:27:25 2011 us=208000   remote_port = 1194
    Sun Jul 03 16:27:25 2011 us=208000   remote_float = DISABLED
    Sun Jul 03 16:27:25 2011 us=208000   bind_defined = DISABLED
    Sun Jul 03 16:27:25 2011 us=208000   bind_local = ENABLED
    Sun Jul 03 16:27:25 2011 us=208000   connect_retry_seconds = 5
    Sun Jul 03 16:27:25 2011 us=208000   connect_timeout = 10
    Sun Jul 03 16:27:25 2011 us=208000   connect_retry_max = 0
    Sun Jul 03 16:27:25 2011 us=208000   socks_proxy_server = '[UNDEF]'
    Sun Jul 03 16:27:25 2011 us=208000   socks_proxy_port = 0
    Sun Jul 03 16:27:25 2011 us=208000   socks_proxy_retry = DISABLED
    Sun Jul 03 16:27:25 2011 us=208000 Connection profiles [1]:
    Sun Jul 03 16:27:25 2011 us=208000   proto = udp
    Sun Jul 03 16:27:25 2011 us=208000   local = '[UNDEF]'
    Sun Jul 03 16:27:25 2011 us=208000   local_port = 1194
    Sun Jul 03 16:27:25 2011 us=208000   remote = 'hpa2.myftp.org'
    Sun Jul 03 16:27:25 2011 us=208000   remote_port = 1194
    Sun Jul 03 16:27:25 2011 us=208000   remote_float = DISABLED
    Sun Jul 03 16:27:25 2011 us=208000   bind_defined = DISABLED
    Sun Jul 03 16:27:25 2011 us=208000   bind_local = ENABLED
    Sun Jul 03 16:27:25 2011 us=208000   connect_retry_seconds = 5
    Sun Jul 03 16:27:25 2011 us=208000   connect_timeout = 10
    Sun Jul 03 16:27:25 2011 us=208000   connect_retry_max = 0
    Sun Jul 03 16:27:25 2011 us=208000   socks_proxy_server = '[UNDEF]'
    Sun Jul 03 16:27:25 2011 us=208000   socks_proxy_port = 0
    Sun Jul 03 16:27:25 2011 us=208000   socks_proxy_retry = DISABLED
    Sun Jul 03 16:27:25 2011 us=208000 Connection profiles END
    Sun Jul 03 16:27:25 2011 us=208000   remote_random = ENABLED
    Sun Jul 03 16:27:25 2011 us=208000   ipchange = '[UNDEF]'
    Sun Jul 03 16:27:25 2011 us=208000   dev = 'tun'
    Sun Jul 03 16:27:25 2011 us=208000   dev_type = '[UNDEF]'
    Sun Jul 03 16:27:25 2011 us=208000   dev_node = '[UNDEF]'
    Sun Jul 03 16:27:25 2011 us=208000   lladdr = '[UNDEF]'
    Sun Jul 03 16:27:25 2011 us=208000   topology = 1
    Sun Jul 03 16:27:25 2011 us=208000   tun_ipv6 = DISABLED
    Sun Jul 03 16:27:25 2011 us=208000   ifconfig_local = '[UNDEF]'
    Sun Jul 03 16:27:25 2011 us=208000   ifconfig_remote_netmask = '[UNDEF]'
    Sun Jul 03 16:27:25 2011 us=208000   ifconfig_noexec = DISABLED
    Sun Jul 03 16:27:25 2011 us=208000   ifconfig_nowarn = DISABLED
    Sun Jul 03 16:27:25 2011 us=208000   shaper = 0
    Sun Jul 03 16:27:25 2011 us=427000   tun_mtu = 1500
    Sun Jul 03 16:27:25 2011 us=427000   tun_mtu_defined = ENABLED
    Sun Jul 03 16:27:25 2011 us=427000   link_mtu = 1500
    Sun Jul 03 16:27:25 2011 us=427000   link_mtu_defined = DISABLED
    Sun Jul 03 16:27:25 2011 us=427000   tun_mtu_extra = 0
    Sun Jul 03 16:27:25 2011 us=427000   tun_mtu_extra_defined = DISABLED
    Sun Jul 03 16:27:25 2011 us=427000   fragment = 0
    Sun Jul 03 16:27:25 2011 us=427000   mtu_discover_type = -1
    Sun Jul 03 16:27:25 2011 us=427000   mtu_test = 0
    Sun Jul 03 16:27:25 2011 us=427000   mlock = DISABLED
    Sun Jul 03 16:27:25 2011 us=427000   keepalive_ping = 15
    Sun Jul 03 16:27:25 2011 us=427000   keepalive_timeout = 60
    Sun Jul 03 16:27:25 2011 us=427000   inactivity_timeout = 0
    Sun Jul 03 16:27:25 2011 us=427000   ping_send_timeout = 15
    Sun Jul 03 16:27:25 2011 us=427000   ping_rec_timeout = 60
    Sun Jul 03 16:27:25 2011 us=427000   ping_rec_timeout_action = 2
    Sun Jul 03 16:27:25 2011 us=427000   ping_timer_remote = DISABLED
    Sun Jul 03 16:27:25 2011 us=427000   remap_sigusr1 = 0
    Sun Jul 03 16:27:25 2011 us=442000   explicit_exit_notification = 0
    Sun Jul 03 16:27:25 2011 us=442000   persist_tun = ENABLED
    Sun Jul 03 16:27:25 2011 us=442000   persist_local_ip = DISABLED
    Sun Jul 03 16:27:25 2011 us=442000   persist_remote_ip = DISABLED
    Sun Jul 03 16:27:25 2011 us=442000   persist_key = ENABLED
    Sun Jul 03 16:27:25 2011 us=442000   mssfix = 1450
    Sun Jul 03 16:27:25 2011 us=442000   resolve_retry_seconds = 1000000000
    Sun Jul 03 16:27:25 2011 us=442000   username = '[UNDEF]'
    Sun Jul 03 16:27:25 2011 us=442000   groupname = '[UNDEF]'
    Sun Jul 03 16:27:25 2011 us=442000   chroot_dir = '[UNDEF]'
    Sun Jul 03 16:27:25 2011 us=442000   cd_dir = '[UNDEF]'
    Sun Jul 03 16:27:25 2011 us=442000   writepid = '[UNDEF]'
    Sun Jul 03 16:27:25 2011 us=442000   up_script = '[UNDEF]'
    Sun Jul 03 16:27:25 2011 us=442000   down_script = '[UNDEF]'
    Sun Jul 03 16:27:25 2011 us=442000   down_pre = DISABLED
    Sun Jul 03 16:27:25 2011 us=442000   up_restart = DISABLED
    Sun Jul 03 16:27:25 2011 us=458000   up_delay = DISABLED
    Sun Jul 03 16:27:25 2011 us=458000   daemon = DISABLED
    Sun Jul 03 16:27:25 2011 us=458000   inetd = 0
    Sun Jul 03 16:27:25 2011 us=458000   log = DISABLED
    Sun Jul 03 16:27:25 2011 us=458000   suppress_timestamps = DISABLED
    Sun Jul 03 16:27:25 2011 us=458000   nice = 0
    Sun Jul 03 16:27:25 2011 us=458000   verbosity = 4
    Sun Jul 03 16:27:25 2011 us=458000   mute = 0
    Sun Jul 03 16:27:25 2011 us=458000   gremlin = 0
    Sun Jul 03 16:27:25 2011 us=458000   status_file = '[UNDEF]'
    Sun Jul 03 16:27:25 2011 us=458000   status_file_version = 1
    Sun Jul 03 16:27:25 2011 us=458000   status_file_update_freq = 60
    Sun Jul 03 16:27:25 2011 us=458000   occ = ENABLED
    Sun Jul 03 16:27:25 2011 us=458000   rcvbuf = 0
    Sun Jul 03 16:27:25 2011 us=458000   sndbuf = 0
    Sun Jul 03 16:27:25 2011 us=458000   sockflags = 0
    Sun Jul 03 16:27:25 2011 us=458000   fast_io = DISABLED
    Sun Jul 03 16:27:25 2011 us=458000   lzo = 7
    Sun Jul 03 16:27:25 2011 us=473000   route_script = '[UNDEF]'
    Sun Jul 03 16:27:25 2011 us=473000   route_default_gateway = '[UNDEF]'
    Sun Jul 03 16:27:25 2011 us=473000   route_default_metric = 0
    Sun Jul 03 16:27:25 2011 us=473000   route_noexec = DISABLED
    Sun Jul 03 16:27:25 2011 us=473000   route_delay = 5
    Sun Jul 03 16:27:25 2011 us=473000   route_delay_window = 30
    Sun Jul 03 16:27:25 2011 us=473000   route_delay_defined = ENABLED
    Sun Jul 03 16:27:25 2011 us=473000   route_nopull = DISABLED
    Sun Jul 03 16:27:25 2011 us=473000   route_gateway_via_dhcp = DISABLED
    Sun Jul 03 16:27:25 2011 us=473000   max_routes = 100
    Sun Jul 03 16:27:25 2011 us=473000   allow_pull_fqdn = DISABLED
    Sun Jul 03 16:27:25 2011 us=473000   management_addr = '[UNDEF]'
    Sun Jul 03 16:27:25 2011 us=473000   management_port = 0
    Sun Jul 03 16:27:25 2011 us=473000   management_user_pass = '[UNDEF]'
    Sun Jul 03 16:27:25 2011 us=473000   management_log_history_cache = 250
    Sun Jul 03 16:27:25 2011 us=473000   management_echo_buffer_size = 100
    Sun Jul 03 16:27:25 2011 us=473000   management_write_peer_info_file = '[UNDEF]'
    Sun Jul 03 16:27:25 2011 us=473000   management_client_user = '[UNDEF]'
    Sun Jul 03 16:27:25 2011 us=473000   management_client_group = '[UNDEF]'
    Sun Jul 03 16:27:25 2011 us=473000   management_flags = 0
    Sun Jul 03 16:27:25 2011 us=473000   shared_secret_file = '[UNDEF]'
    Sun Jul 03 16:27:25 2011 us=473000   key_direction = 2
    Sun Jul 03 16:27:25 2011 us=473000   ciphername_defined = ENABLED
    Sun Jul 03 16:27:25 2011 us=473000   ciphername = 'AES-256-CBC'
    Sun Jul 03 16:27:25 2011 us=473000   authname_defined = ENABLED
    Sun Jul 03 16:27:25 2011 us=473000   authname = 'SHA1'
    Sun Jul 03 16:27:25 2011 us=473000   prng_hash = 'SHA1'
    Sun Jul 03 16:27:25 2011 us=473000   prng_nonce_secret_len = 16
    Sun Jul 03 16:27:25 2011 us=473000   keysize = 0
    Sun Jul 03 16:27:25 2011 us=473000   engine = DISABLED
    Sun Jul 03 16:27:25 2011 us=489000   replay = ENABLED
    Sun Jul 03 16:27:25 2011 us=489000   mute_replay_warnings = DISABLED
    Sun Jul 03 16:27:25 2011 us=489000   replay_window = 64
    Sun Jul 03 16:27:25 2011 us=489000   replay_time = 15
    Sun Jul 03 16:27:25 2011 us=489000   packet_id_file = '[UNDEF]'
    Sun Jul 03 16:27:25 2011 us=489000   use_iv = ENABLED
    Sun Jul 03 16:27:25 2011 us=489000   test_crypto = DISABLED
    Sun Jul 03 16:27:25 2011 us=489000   tls_server = DISABLED
    Sun Jul 03 16:27:25 2011 us=489000   tls_client = ENABLED
    Sun Jul 03 16:27:25 2011 us=489000   key_method = 2
    Sun Jul 03 16:27:25 2011 us=489000   ca_file = '[UNDEF]'
    Sun Jul 03 16:27:25 2011 us=489000   ca_path = '[UNDEF]'
    Sun Jul 03 16:27:25 2011 us=489000   dh_file = '[UNDEF]'
    Sun Jul 03 16:27:25 2011 us=489000   cert_file = '[UNDEF]'
    Sun Jul 03 16:27:25 2011 us=489000   priv_key_file = '[UNDEF]'
    Sun Jul 03 16:27:25 2011 us=489000   pkcs12_file = 'OVPN-Server-01-RBS.p12'
    Sun Jul 03 16:27:25 2011 us=489000   cryptoapi_cert = '[UNDEF]'
    Sun Jul 03 16:27:25 2011 us=505000   cipher_list = '[UNDEF]'
    Sun Jul 03 16:27:25 2011 us=505000   tls_verify = '[UNDEF]'
    Sun Jul 03 16:27:25 2011 us=505000   tls_export_cert = '[UNDEF]'
    Sun Jul 03 16:27:25 2011 us=505000   tls_remote = '[UNDEF]'
    Sun Jul 03 16:27:25 2011 us=505000   crl_file = '[UNDEF]'
    Sun Jul 03 16:27:25 2011 us=505000   ns_cert_type = 0
    Sun Jul 03 16:27:25 2011 us=505000   remote_cert_ku[i] = 0
    Sun Jul 03 16:27:25 2011 us=505000   remote_cert_ku[i] = 0
    Sun Jul 03 16:27:25 2011 us=505000   remote_cert_ku[i] = 0
    Sun Jul 03 16:27:25 2011 us=505000   remote_cert_ku[i] = 0
    Sun Jul 03 16:27:25 2011 us=505000   remote_cert_ku[i] = 0
    Sun Jul 03 16:27:25 2011 us=505000   remote_cert_ku[i] = 0
    Sun Jul 03 16:27:25 2011 us=505000   remote_cert_ku[i] = 0
    Sun Jul 03 16:27:25 2011 us=505000   remote_cert_ku[i] = 0
    Sun Jul 03 16:27:25 2011 us=505000   remote_cert_ku[i] = 0
    Sun Jul 03 16:27:25 2011 us=505000   remote_cert_ku[i] = 0
    Sun Jul 03 16:27:25 2011 us=520000   remote_cert_ku[i] = 0
    Sun Jul 03 16:27:25 2011 us=520000   remote_cert_ku[i] = 0
    Sun Jul 03 16:27:25 2011 us=520000   remote_cert_ku[i] = 0
    Sun Jul 03 16:27:25 2011 us=520000   remote_cert_ku[i] = 0
    Sun Jul 03 16:27:25 2011 us=520000   remote_cert_ku[i] = 0
    Sun Jul 03 16:27:25 2011 us=520000   remote_cert_ku[i] = 0
    Sun Jul 03 16:27:25 2011 us=520000   remote_cert_eku = '[UNDEF]'
    Sun Jul 03 16:27:25 2011 us=520000   tls_timeout = 2
    Sun Jul 03 16:27:25 2011 us=520000   renegotiate_bytes = 0
    Sun Jul 03 16:27:25 2011 us=520000   renegotiate_packets = 0
    Sun Jul 03 16:27:25 2011 us=520000   renegotiate_seconds = 3600
    Sun Jul 03 16:27:25 2011 us=520000   handshake_window = 60
    Sun Jul 03 16:27:25 2011 us=520000   transition_window = 3600
    Sun Jul 03 16:27:25 2011 us=520000   single_session = DISABLED
    Sun Jul 03 16:27:25 2011 us=520000   push_peer_info = DISABLED
    Sun Jul 03 16:27:25 2011 us=520000   tls_exit = DISABLED
    Sun Jul 03 16:27:25 2011 us=520000   tls_auth_file = 'OVPN-Server-01-RBS.key'
    Sun Jul 03 16:27:25 2011 us=520000   server_network = 0.0.0.0
    Sun Jul 03 16:27:25 2011 us=520000   server_netmask = 0.0.0.0
    Sun Jul 03 16:27:25 2011 us=520000   server_bridge_ip = 0.0.0.0
    Sun Jul 03 16:27:25 2011 us=520000   server_bridge_netmask = 0.0.0.0
    Sun Jul 03 16:27:25 2011 us=520000   server_bridge_pool_start = 0.0.0.0
    Sun Jul 03 16:27:25 2011 us=520000   server_bridge_pool_end = 0.0.0.0
    Sun Jul 03 16:27:25 2011 us=520000   ifconfig_pool_defined = DISABLED
    Sun Jul 03 16:27:25 2011 us=520000   ifconfig_pool_start = 0.0.0.0
    Sun Jul 03 16:27:25 2011 us=520000   ifconfig_pool_end = 0.0.0.0
    Sun Jul 03 16:27:25 2011 us=520000   ifconfig_pool_netmask = 0.0.0.0
    Sun Jul 03 16:27:25 2011 us=520000   ifconfig_pool_persist_filename = '[UNDEF]'
    Sun Jul 03 16:27:25 2011 us=520000   ifconfig_pool_persist_refresh_freq = 600
    Sun Jul 03 16:27:25 2011 us=520000   n_bcast_buf = 256
    Sun Jul 03 16:27:25 2011 us=520000   tcp_queue_limit = 64
    Sun Jul 03 16:27:25 2011 us=536000   real_hash_size = 256
    Sun Jul 03 16:27:25 2011 us=536000   virtual_hash_size = 256
    Sun Jul 03 16:27:25 2011 us=536000   client_connect_script = '[UNDEF]'
    Sun Jul 03 16:27:25 2011 us=536000   learn_address_script = '[UNDEF]'
    Sun Jul 03 16:27:25 2011 us=536000   client_disconnect_script = '[UNDEF]'
    Sun Jul 03 16:27:25 2011 us=536000   client_config_dir = '[UNDEF]'
    Sun Jul 03 16:27:25 2011 us=536000   ccd_exclusive = DISABLED
    Sun Jul 03 16:27:25 2011 us=536000   tmp_dir = 'C:\Windows\Temp\'
    Sun Jul 03 16:27:25 2011 us=536000   push_ifconfig_defined = DISABLED
    Sun Jul 03 16:27:25 2011 us=536000   push_ifconfig_local = 0.0.0.0
    Sun Jul 03 16:27:25 2011 us=536000   push_ifconfig_remote_netmask = 0.0.0.0
    Sun Jul 03 16:27:25 2011 us=536000   enable_c2c = DISABLED
    Sun Jul 03 16:27:25 2011 us=536000   duplicate_cn = DISABLED
    Sun Jul 03 16:27:25 2011 us=536000   cf_max = 0
    Sun Jul 03 16:27:25 2011 us=536000   cf_per = 0
    Sun Jul 03 16:27:25 2011 us=551000   max_clients = 1024
    Sun Jul 03 16:27:25 2011 us=551000   max_routes_per_client = 256
    Sun Jul 03 16:27:25 2011 us=551000   auth_user_pass_verify_script = '[UNDEF]'
    Sun Jul 03 16:27:25 2011 us=551000   auth_user_pass_verify_script_via_file = DISABLED
    Sun Jul 03 16:27:25 2011 us=551000   ssl_flags = 0
    Sun Jul 03 16:27:25 2011 us=551000   client = ENABLED
    Sun Jul 03 16:27:25 2011 us=551000   pull = ENABLED
    Sun Jul 03 16:27:25 2011 us=551000   auth_user_pass_file = '[UNDEF]'
    Sun Jul 03 16:27:25 2011 us=551000   show_net_up = DISABLED
    Sun Jul 03 16:27:25 2011 us=551000   route_method = 0
    Sun Jul 03 16:27:25 2011 us=551000   ip_win32_defined = DISABLED
    Sun Jul 03 16:27:25 2011 us=551000   ip_win32_type = 3
    Sun Jul 03 16:27:25 2011 us=551000   dhcp_masq_offset = 0
    Sun Jul 03 16:27:25 2011 us=551000   dhcp_lease_time = 31536000
    Sun Jul 03 16:27:25 2011 us=551000   tap_sleep = 0
    Sun Jul 03 16:27:25 2011 us=551000   dhcp_options = DISABLED
    Sun Jul 03 16:27:25 2011 us=567000   dhcp_renew = DISABLED
    Sun Jul 03 16:27:25 2011 us=567000   dhcp_pre_release = DISABLED
    Sun Jul 03 16:27:25 2011 us=567000   dhcp_release = DISABLED
    Sun Jul 03 16:27:25 2011 us=567000   domain = '[UNDEF]'
    Sun Jul 03 16:27:25 2011 us=567000   netbios_scope = '[UNDEF]'
    Sun Jul 03 16:27:25 2011 us=567000   netbios_node_type = 0
    Sun Jul 03 16:27:25 2011 us=567000   disable_nbt = DISABLED
    Sun Jul 03 16:27:25 2011 us=567000 OpenVPN 2.2.0 Win32-MSVC++ [SSL] [LZO2] built on Apr 26 2011
    Sun Jul 03 16:27:25 2011 us=692000 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA.  OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
    Sun Jul 03 16:27:25 2011 us=692000 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
    Sun Jul 03 16:27:25 2011 us=692000 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
    Sun Jul 03 16:27:25 2011 us=707000 Control Channel Authentication: using 'OVPN-Server-01-RBS.key' as a OpenVPN static key file
    Sun Jul 03 16:27:25 2011 us=707000 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
    Sun Jul 03 16:27:25 2011 us=707000 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
    Sun Jul 03 16:27:25 2011 us=707000 LZO compression initialized
    Sun Jul 03 16:27:25 2011 us=707000 Control Channel MTU parms [ L:1558 D:166 EF:66 EB:0 ET:0 EL:0 ]
    Sun Jul 03 16:27:25 2011 us=707000 Socket Buffers: R=[8192->8192] S=[8192->8192]
    Sun Jul 03 16:27:25 2011 us=895000 Data Channel MTU parms [ L:1558 D:1450 EF:58 EB:135 ET:0 EL:0 AF:3/1 ]
    Sun Jul 03 16:27:25 2011 us=895000 Local Options String: 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-client'
    Sun Jul 03 16:27:25 2011 us=895000 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 0,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-server'
    Sun Jul 03 16:27:25 2011 us=895000 Local Options hash (VER=V4): '9e7066d2'
    Sun Jul 03 16:27:25 2011 us=895000 Expected Remote Options hash (VER=V4): '162b04de'
    Sun Jul 03 16:27:25 2011 us=895000 UDPv4 link local (bound): [undef]:1194
    Sun Jul 03 16:27:25 2011 us=895000 UDPv4 link remote: 11.22.33.44:1194
    Sun Jul 03 16:27:25 2011 us=941000 TLS: Initial packet from 11.22.33.44:1194, sid=0d2cd837 43899167
    Sun Jul 03 16:27:26 2011 us=300000 VERIFY OK: depth=1, XXX
    Sun Jul 03 16:27:26 2011 us=300000 VERIFY OK: depth=0, YYY
    [/i][/i][/i][/i][/i][/i][/i][/i][/i][/i][/i][/i][/i][/i][/i][/i]
    


  • Related to this topic and thread:

    http://forum.pfsense.org/index.php/topic,36414.0.html


Locked