I have a fresh install of 17.2 x64 on a thinkpad x61
I'm trying to connect to my previously configured and functional OpenVPN instance at home (no-ip DDNS). I have various windows machines that connect to the VPN just fine from work and out in the world.
On the thinkpad I've attempted to connect via terminal with
Code: Select all
sudo openvpn --config client.ovpn
Connection Log from thinkpad
Code: Select all
priuser@ThinkPad-X61 ~/incoming/OpenVPN/config $ sudo openvpn --config client.ovpn
[sudo] password for priuser:
Thu Nov 5 15:49:04 2015 OpenVPN 2.3.2 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6] built on Dec 1 2014
Enter Private Key Password:
Thu Nov 5 15:49:08 2015 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Thu Nov 5 15:49:08 2015 WARNING: file '/home/priuser/incoming/OpenVPN/config/client.key' is group or others accessible
Thu Nov 5 15:49:08 2015 Socket Buffers: R=[212992->131072] S=[212992->131072]
Thu Nov 5 15:49:08 2015 NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
Thu Nov 5 15:49:08 2015 UDPv4 link local: [undef]
Thu Nov 5 15:49:08 2015 UDPv4 link remote: [AF_INET]154.5.209.145:1194
Thu Nov 5 15:49:08 2015 TLS: Initial packet from [AF_INET]154.5.209.145:1194, sid=9a9d8b6a 2176ecc4
Thu Nov 5 15:49:13 2015 VERIFY OK: depth=1, *redacted*
Thu Nov 5 15:49:13 2015 Validating certificate key usage
Thu Nov 5 15:49:13 2015 ++ Certificate has key usage 00a0, expects 00a0
Thu Nov 5 15:49:13 2015 VERIFY KU OK
Thu Nov 5 15:49:13 2015 Validating certificate extended key usage
Thu Nov 5 15:49:13 2015 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Thu Nov 5 15:49:13 2015 VERIFY EKU OK
Thu Nov 5 15:49:13 2015 VERIFY OK: depth=0, *redacted*
Thu Nov 5 15:49:19 2015 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Nov 5 15:49:19 2015 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Nov 5 15:49:19 2015 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Nov 5 15:49:19 2015 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Nov 5 15:49:22 2015 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Thu Nov 5 15:49:22 2015 [server] Peer Connection Initiated with [AF_INET]*redacted*:1194
Thu Nov 5 15:49:24 2015 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Thu Nov 5 15:49:24 2015 PUSH: Received control message: 'PUSH_REPLY,route-gateway dhcp,ping 10,ping-restart 120'
Thu Nov 5 15:49:24 2015 OPTIONS IMPORT: timers and/or timeouts modified
Thu Nov 5 15:49:24 2015 OPTIONS IMPORT: route-related options modified
Thu Nov 5 15:49:24 2015 TUN/TAP device tap1 opened
Thu Nov 5 15:49:24 2015 TUN/TAP TX queue length set to 100
Thu Nov 5 15:49:24 2015 GID set to users
Thu Nov 5 15:49:24 2015 UID set to priuser
Thu Nov 5 15:49:24 2015 Initialization Sequence Completed
Code: Select all
Thu Nov 05 14:10:59 2015 OpenVPN 2.3.8 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on Aug 4 2015
Thu Nov 05 14:10:59 2015 library versions: OpenSSL 1.0.1p 9 Jul 2015, LZO 2.08
Enter Management Password:
Thu Nov 05 14:10:59 2015 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Thu Nov 05 14:10:59 2015 Need hold release from management interface, waiting...
Thu Nov 05 14:10:59 2015 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Thu Nov 05 14:10:59 2015 MANAGEMENT: CMD 'state on'
Thu Nov 05 14:10:59 2015 MANAGEMENT: CMD 'log all on'
Thu Nov 05 14:10:59 2015 MANAGEMENT: CMD 'hold off'
Thu Nov 05 14:10:59 2015 MANAGEMENT: CMD 'hold release'
Thu Nov 05 14:11:03 2015 MANAGEMENT: CMD 'password [...]'
Thu Nov 05 14:11:03 2015 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Thu Nov 05 14:11:03 2015 Socket Buffers: R=[8192->8192] S=[8192->8192]
Thu Nov 05 14:11:03 2015 MANAGEMENT: >STATE:1446761463,RESOLVE,,,
Thu Nov 05 14:11:03 2015 UDPv4 link local: [undef]
Thu Nov 05 14:11:03 2015 UDPv4 link remote: [AF_INET]*redacted*:1194
Thu Nov 05 14:11:03 2015 MANAGEMENT: >STATE:1446761463,WAIT,,,
Thu Nov 05 14:11:03 2015 MANAGEMENT: >STATE:1446761463,AUTH,,,
Thu Nov 05 14:11:03 2015 TLS: Initial packet from [AF_INET]*redacted*1194, sid=c74141bf 3c2545d3
Thu Nov 05 14:11:03 2015 VERIFY OK: depth=1, *redacted*
Thu Nov 05 14:11:03 2015 Validating certificate key usage
Thu Nov 05 14:11:03 2015 ++ Certificate has key usage 00a0, expects 00a0
Thu Nov 05 14:11:03 2015 VERIFY KU OK
Thu Nov 05 14:11:03 2015 Validating certificate extended key usage
Thu Nov 05 14:11:03 2015 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Thu Nov 05 14:11:03 2015 VERIFY EKU OK
Thu Nov 05 14:11:03 2015 VERIFY OK: depth=0, *redacted*
Thu Nov 05 14:11:09 2015 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Nov 05 14:11:09 2015 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Nov 05 14:11:09 2015 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Nov 05 14:11:09 2015 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Nov 05 14:11:09 2015 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Thu Nov 05 14:11:09 2015 [server] Peer Connection Initiated with [AF_INET]*redacted*:1194
Thu Nov 05 14:11:10 2015 MANAGEMENT: >STATE:1446761470,GET_CONFIG,,,
Thu Nov 05 14:11:11 2015 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Thu Nov 05 14:11:11 2015 PUSH: Received control message: 'PUSH_REPLY,route-gateway dhcp,ping 10,ping-restart 120'
Thu Nov 05 14:11:11 2015 OPTIONS IMPORT: timers and/or timeouts modified
Thu Nov 05 14:11:11 2015 OPTIONS IMPORT: route-related options modified
Thu Nov 05 14:11:11 2015 open_tun, tt->ipv6=0
Thu Nov 05 14:11:11 2015 TAP-WIN32 device [Local Area Connection 2] opened: \\.\Global\{CB09730A-6FF3-48C1-8E40-74780957A05A}.tap
Thu Nov 05 14:11:11 2015 TAP-Windows Driver Version 9.21
Thu Nov 05 14:11:11 2015 Successful ARP Flush on interface [35] {CB09730A-6FF3-48C1-8E40-74780957A05A}
Thu Nov 05 14:11:11 2015 Extracted DHCP router address: 192.168.10.254
Thu Nov 05 14:11:14 2015 Extracted DHCP router address: 192.168.10.254
Thu Nov 05 14:11:14 2015 Extracted DHCP router address: 192.168.10.254
Thu Nov 05 14:11:16 2015 TEST ROUTES: 0/0 succeeded len=0 ret=1 a=0 u/d=up
Thu Nov 05 14:11:16 2015 Initialization Sequence Completed
Thu Nov 05 14:11:16 2015 MANAGEMENT: >STATE:1446761476,CONNECTED,SUCCESS,,154.5.209.145
Thu Nov 05 14:12:35 2015 Extracted DHCP router address: 192.168.10.254
Thu Nov 05 14:12:35 2015 Extracted DHCP router address: 192.168.10.254
Thu Nov 05 14:14:01 2015 Extracted DHCP router address: 192.168.10.254
Thu Nov 05 14:14:01 2015 Extracted DHCP router address: 192.168.10.254
Thu Nov 05 14:15:22 2015 Extracted DHCP router address: 192.168.10.254