A
A
Arthur Arthur2013-11-21 18:01:47
openvpn
Arthur Arthur, 2013-11-21 18:01:47

OpenVPN client reconnect when a second client connects

Good day to all. I am a relatively young admin, but it became necessary to raise a VPN tunnel between the office and the client from the outside, so that the client had access to the corporate terminal that is on the internal network. OpenVPN was chosen. So, the OpenVPN server is installed and configured on Windows server 2008 r2, RRAS is installed. server config
dev tun
dev-node "vpn"
proto tcp-server
port 8888
tls-server
server 172.16.0.0 255.255.255.0
push route-gateway 172.16.0.1
push route 10.0.0.0 255.0.0.0
topology subnet
comp-lzo
dh c:\ \OpenVPN\\ssl\\dh1024.pem
ca c:\\OpenVPN\\ssl\\ca.crt
cert c:\\OpenVPN\\ssl\\dc.crt
key c:\\OpenVPN\\ssl\\dc .key
persist-tun
persist-key
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
keepalive 10 120
status c:\\OpenVPN\\log\\openvpn-status.log
log c:\\OpenVPN\\log\\openvpn. log
verb 3
Client_1 config
dev tun
proto tcp
remote 30.30.30.30 8888
client
ca c:\\OpenVPN\\ssl\\ca.crt
cert c:\\OpenVPN\\ssl\\cl-1.crt
key c:\\ OpenVPN\\ssl\\cl-1.key
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
status c:\\OpenVPN\\log\\openvpn-status.log
log c:\\OpenVPN\\log\\ openvpn.log
verb 3
Client_2 config
dev tun
proto tcp
remote 30.30.30.30 8888
client
ca c:\\OpenVPN\\ssl\\ca.crt
cert c:\\OpenVPN\\ssl\\cl-2.crt
key c:\\OpenVPN\\ssl\\cl-2 .key
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
status c:\\OpenVPN\\log\\openvpn-status.log
log c:\\OpenVPN\\log\\openvpn.log
verb 3
Everything is installed on a Hyper-v VM. 2 windows 7 clients, 3 windows server 2008r2, one has the role of a domain controller with white addresses (supposedly), the second has the role of a terminal server, and the third as the default gateway between clients and DC. That is, clients connect through the default gateway on which RRAS is deployed. The server with clients pings normally, the tunnel rises, but as soon as the second client connects to the OpenVPN server, the first one breaks, the second one connects (the connection lasts for 5 seconds) while the first one reconnected and the second one disconnected, all this continues indefinitely, the struggle is for the address 172.16.0.2 . I do not understand why they receive one address.
OpenVPN Version 2.1.1

Answer the question

In order to leave comments, you need to log in

4 answer(s)
E
eisaev, 2013-11-21
@aptu_24

Try commenting out the following lines in the server config:

push route-gateway 172.16.0.1
push route 10.0.0.0 255.0.0.0
topology subnet

and add
push "route 10.0.0.0 255.0.0.0"

A
Arthur Arthur, 2013-11-21
@aptu_24

Log openvpn.log Logs correspond to actions, Server started, cl-1 connected, cl-2 connected, then "battle" then disabled the OpenVPNService service on cl-2
Thu Nov 21 20:42:39 2013 OpenVPN 2.1.1 i686-pc-mingw32 [SSL] [LZO2] [PKCS11] built on Dec 11 2009 Thu Nov 21
20:42:39 2013
:42:39 2013 Diffie-Hellman initialized with 1024 bit key
Thu Nov 21 20:42:39 2013 TLS-Auth MTU parms [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
Thu Nov 21 20:42:39 2013 TAP-WIN32 device [vpn] opened: \\.\Global\{21E34A5B-7387-4496-AA10-C2297C67A985}.tap
Thu Nov 21 20:42:39 2013 TAP-Win32 Driver Version 9.6
Thu Nov 21 20:42:39 2013 TAP-Win32 MTU=1500
Thu Nov 21 20:42:39 2013 Set TAP-Win32 TUN subnet mode network/local/netmask = 172.16.0.0/172.16.0.1/255.255.255.0 [SUCCEEDED]
Thu Nov 21 20:42:39 2013 Notified TAP-Win32 driver to set a DHCP IP/netmask of 172.16.0.1/255.255.255.0 on interface {21E34A5B-7387-4496-AA10-C2297C67A985} [DHCP-serv: 172.16.0.254, lease-time: 31536000]
Thu Nov 21 20:42: 39 2013 Sleeping for 10 seconds...
Thu Nov 21 20:42:49 2013 Successful ARP Flush on interface [16] {21E34A5B-7387-4496-AA10-C2297C67A985}
Thu Nov 21 20:42:49 2013 Data Channel MTU parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
Thu Nov 21 20:42:49 2013 Listening for incoming TCP connection on [undef]:8888
Thu Nov 21 20: 42:49 2013 Socket Buffers: R=[8192->8192] S=[8192->8192]
Thu Nov 21 20:42:49 2013 TCPv4_SERVER link local (bound): [undef]:8888
Thu Nov 21 20:42:49 2013 TCPv4_SERVER link remote: [undef]
Thu Nov 21 20:42:49 2013 MULTI: multi_init called , r=256 v=256
Thu Nov 21 20:42:49 2013 IFCONFIG POOL: base=172.16.0.2 size=252
Thu Nov 21 20:42:49 2013 MULTI: TCP INIT maxclients=60 maxevents=64
Thu Nov 21 20 :42:49 2013 Initialization Sequence Completed
Thu Nov 21 20:42:56 2013 MULTI: multi_create_instance called
Thu Nov 21 20:42:56 2013 Re-using SSL/TLS context
Thu Nov 21 20:42:56 2013 LZO compression initialized
Thu Nov 21 20:42:56 2013 Control Channel MTU parms [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
Thu Nov 21 20:42:56 2013 Data Channel MTU parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
Thu Nov 21 20:42:56 2013 Local Options hash (VER=V4): '77cf0943'
Thu Nov 21 20:42:56 2013 Expected Remote Options hash (VER=V4): '2547efd2' Thu
Nov 21 20:42:56 2013
Nov 21 20:42:56 2013 Socket Buffers: R=[8192->8192] S=[8192->8192]
Thu Nov 21 20:42:56 2013 TCPv4_SERVER link local: [undef]
Thu Nov 21 20:42: 56 2013 TCPv4_SERVER link remote: 192.168.1.10:49207
Thu Nov 21 20:42:56 2013 192.168.1.10:49207 TLS: Initial packet from 192.168.1.10:49207, sid=cc0d48bd ae4aa80b
Thu Nov 21 20:42:56 2013 192.168.1.10:49207 VERIFY OK: depth=1, /C=RU/ST=Mocsow/L=Moscow/O=OpenVPN/[email protected]
Thu Nov 21 20:42: 56 2013 192.168.1.10:49207 VERIFY OK: depth=0, /C=RU/ST=Mocsow/O=OpenVPN/CN=dc/[email protected]
Thu Nov 21 20:42:57 2013 192.168.1.10:49207 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Nov 21 20:42:57 2013 192.168.1.10:49207 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Nov 21 20:42 :57 2013 192.168.1.10:49207 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Nov 21 20:42:57 2013 192.168.1.10:49207 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Nov 21 20:42:57 2013 192.168.1.10:49207 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Thu Nov 21 20:42:57 2013 192.168.1.10:49207 [dc ] Peer Connection Initiated with 192.168.1.10:49207
Thu Nov 21 20:42:57 2013 dc/192.168.1.10:49207 MULTI: Learn: 172.16.0.2 -> dc/192.168.1.10:49207
Thu Nov 21 20:42:57 2013 dc/192.168.1.10:49207 MULTI: primary virtual IP for dc/192.168.1.10:49207: 172.16.0.2
Thu Nov 21 20:42:59 2013 dc/192.168.1.10:49207 PUSH: Received control message: 'PUSH_REQUEST'
Thu Nov 21 20:42:59 2013 dc/192.168.1.10:49207 SENT CONTROL [dc]: 'PUSH_REPLY,route-gateway 172.16.0.1,route 10.0.0.0 255.0.0.0,route-gateway 172.16.0.1,topology subnet, ping 10,ping-restart 120,ifconfig 172.16.0.2 255.255.255.0' (status=1)
Thu Nov 21 20:44:26 2013 MULTI: multi_create_instance called
Thu Nov 21 20:44:26 2013 Re-using SSL/TLS context
Thu Nov 21 20:44:26 2013 LZO compression initialized
Thu Nov 21 20:44:26 2013 Control Channel MTU parms [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
Thu Nov 21 20:44:26 2013 Data Channel MTU parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
Thu Nov 21 20:44:26 2013 Local Options hash (VER=V4): '77cf0943'
Thu Nov 21 20:44:26 2013 Expected Remote Options hash (VER=V4 ): '2547efd2'
Thu Nov 21 20:44:26 2013 TCP connection established with 192.168.2.20:49193
Thu Nov 21 20:44:26 2013 Socket Buffers: R=[8192->8192] S=[8192->8192 ]
Thu Nov 21 20:44:26 2013 TCPv4_SERVER link local: [undef]
Thu Nov 21 20:44:26 2013 TCPv4_SERVER link remote: 192.168.2.20:49193 Thu Nov
21 20:44:26 2013 192.168.2.20:49193 TLS: Initial packet from 192.168.2.20:49193, sid=1bdf361d2 5 Thube
20:44:26 2013 192.168.2.20:49193 VERIFY OK: depth=1, /C=RU/ST=Mocsow/L=Moscow/O=OpenVPN/[email protected]
Thu Nov 21 20:44:26 2013 192.168 .2.20:49193 VERIFY OK: depth=0, /C=RU/ST=Mocsow/O=OpenVPN/CN=dc/[email protected]
Thu Nov 21 20:44:27 2013 192.168.2.20:49193 Data Channel Encrypt : Cipher 'BF-CBC' initialized with 128 bit key
Thu Nov 21 20:44:27 2013 192.168.2.20:49193 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Nov 21 20:44:27 2013 192.168.2.20:49193 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Nov 21 20:44:27 2013 192.168.2.20:49193 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Nov 21 20:44:27 2013 192.168.2.20:49193 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Thu Nov 21 20:44:27 2013 192.168.2.20:49193 [dc] Peer Connection Initiated with 192.168.2.20:49193
Thu Nov 21 20:44:27 2013 dc/192.168.2.20:49193 TCP/UDP: Closing socket
Thu Nov 21 20:44:27 2013 MULTI: new connection by client 'dc' will cause previous active sessions by this client to be dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
Thu Nov 21 20:44:27 2013 MULTI: Learn: 172.16.0.2 -> dc/192.168.2.20:49193
Thu Nov 21 20:44:27 2013 MULTI: primary virtual IP for dc/192.168.2.20:49193: 172.16. 0.2
Thu Nov 21 20:44:30 2013 dc/192.168.2.20:49193 PUSH: Received control message: 'PUSH_REQUEST'
Thu Nov 21 20:44:30 2013 dc/192.168.2.20:49193 SENT CONTROL [dc]: 'PUSH_REPLY ,route-gateway 172.16.0.1,route 10.0.0.0 255.0.0.0,route-gateway 172.16.0.1,subnet topology,ping 10,ping-restart 120,ifconfig 172.16.0.2 255.255.255.0' (status=1)
Thu Nov 21 20:44:32 2013 MULTI: multi_create_instance called
Thu Nov 21 20:44:32 2013 Re-using SSL/TLS context
Thu Nov 21 20:44:32 2013 LZO compression initialized
Thu Nov 21 20:44:32 2013 Control Channel MTU parms [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
Thu Nov 21 20:44:32 2013 Data Channel MTU parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
Thu Nov 21 20:44:32 2013 Local Options hash (VER=V4): '77cf0943'
Thu Nov 21 20:44:32 2013 Expected Remote Options hash (VER=V4 ): '2547efd2'
Thu Nov 21 20:44:32 2013 TCP connection established with 192.168.1.10:49208
Thu Nov 21 20:44:32 2013 Socket Buffers: R=[8192->8192] S=[8192->8192 ]
Thu Nov 21 20:44:32 2013 TCPv4_SERVER link local: [undef]
Thu Nov 21 20:44:32 2013 TCPv4_SERVER link remote: 192.168.1.10:49208 Thu Nov
21 20:44:32 2013 192.168.1.10:49208 TLS: Initial packet from 192.168.1.10:49208, sid=1f06fa01 0a
20:44:33 2013 192.168.1.10:49208 VERIFY OK: depth=1, /C=RU/ST=Mocsow/L=Moscow/O=OpenVPN/[email protected]
Thu Nov 21 20:44:33 2013 192.168 .1.10:49208 VERIFY OK: depth=0, /C=RU/ST=Mocsow/O=OpenVPN/CN=dc/[email protected]
Thu Nov 21 20:44:33 2013 192.168.1.10:49208 Data Channel Encrypt : Cipher 'BF-CBC' initialized with 128 bit key
Thu Nov 21 20:44:33 2013 192.168.1.10:49208 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Nov 21 20:44:33 2013 192.168.1.10:49208 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Nov 21 20:44:33 2013 192.168.1.10:49208 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Nov 21 20:44:34 2013 192.168.1.10:49208 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Thu Nov 21 20:44:34 2013 192.168.1.10:49208 [dc] Peer Connection Initiated with 192.168.1.10:49208
Thu Nov 21 20:44:34 2013 dc/192.168.1.10:49208 TCP/UDP: Closing socket
Thu Nov 21 20:44:34 2013 MULTI: new connection by client 'dc' will cause previous active sessions by this client to be dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
Thu Nov 21 20:44:34 2013 MULTI: Learn: 172.16.0.2 -> dc/192.168.1.10:49208
Thu Nov 21 20:44:34 2013 MULTI: primary virtual IP for dc/192.168.1.10:49208: 172.16. 0.2
Thu Nov 21 20:44:36 2013 dc/192.168.1.10:49208 PUSH: Received control message: 'PUSH_REQUEST'
Thu Nov 21 20:44:36 2013 dc/192.168.1.10:49208 SENT CONTROL [dc]: 'PUSH_REPLY ,route-gateway 172.16.0.1,route 10.0.0.0 255.0.0.0,route-gateway 172.16.0.1,subnet topology,ping 10,ping-restart 120,ifconfig 172.16.0.2 255.255.255.0' (status=1)
Thu Nov 21 20:44:39 2013 MULTI: multi_create_instance called
Thu Nov 21 20:44:39 2013 Re-using SSL/TLS context
Thu Nov 21 20:44:39 2013 LZO compression initialized
Thu Nov 21 20:44:39 2013 Control Channel MTU parms [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
Thu Nov 21 20:44:39 2013 Data Channel MTU parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
Thu Nov 21 20:44:39 2013 Local Options hash (VER=V4): '77cf0943'
Thu Nov 21 20:44:39 2013 Expected Remote Options hash (VER=V4 ): '2547efd2'
Thu Nov 21 20:44:39 2013 TCP connection established with 192.168.2.20:49194
Thu Nov 21 20:44:39 2013 Socket Buffers: R=[8192->8192] S=[8192->8192 ]
Thu Nov 21 20:44:39 2013 TCPv4_SERVER link local: [undef]
Thu Nov 21 20:44:39 2013 TCPv4_SERVER link remote: 192.168.2.20:49194 Thu Nov
21 20:44:39 2013 192.168.2.20:49194 TLS: Initial packet from 192.168.2.20:49194, sid=56402b4d 5
20:44:39 2013 192.168.2.20:49194 VERIFY OK: depth=1, /C=RU/ST=Mocsow/L=Moscow/O=OpenVPN/[email protected]
Thu Nov 21 20:44:39 2013 192.168 .2.20:49194 VERIFY OK: depth=0, /C=RU/ST=Mocsow/O=OpenVPN/CN=dc/[email protected]
Thu Nov 21 20:44:40 2013 192.168.2.20:49194 Data Channel Encrypt : Cipher 'BF-CBC' initialized with 128 bit key
Thu Nov 21 20:44:40 2013 192.168.2.20:49194 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Nov 21 20:44:40 2013 192.168.2.20:49194 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Nov 21 20:44:40 2013 192.168.2.20:49194 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Nov 21 20:44:40 2013 192.168.2.20:49194 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Thu Nov 21 20:44:40 2013 192.168.2.20:49194 [dc] Peer Connection Initiated with 192.168.2.20:49194
Thu Nov 21 20:44:40 2013 dc/192.168.2.20:49194 TCP/UDP: Closing socket
Thu Nov 21 20:44:40 2013 MULTI: new connection by client 'dc' will cause previous active sessions by this client to be dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
Thu Nov 21 20:44:40 2013 MULTI: Learn: 172.16.0.2 -> dc/192.168.2.20:49194
Thu Nov 21 20:44:40 2013 MULTI: primary virtual IP for dc/192.168.2.20:49194: 172.16. 0.2
Thu Nov 21 20:44:42 2013 dc/192.168.2.20:49194 PUSH: Received control message: 'PUSH_REQUEST'
Thu Nov 21 20:44:42 2013 dc/192.168.2.20:49194 SENT CONTROL [dc]: 'PUSH_REPLY ,route-gateway 172.16.0.1,route 10.0.0.0 255.0.0.0,route-gateway 172.16.0.1,subnet topology,ping 10,ping-restart 120,ifconfig 172.16.0.2 255.255.255.0' (status=1)
Thu Nov 21 20:44:45 2013 MULTI: multi_create_instance called
Thu Nov 21 20:44:45 2013 Re-using SSL/TLS context
Thu Nov 21 20:44:45 2013 LZO compression initialized
Thu Nov 21 20:44:45 2013 Control Channel MTU parms [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
Thu Nov 21 20:44:45 2013 Data Channel MTU parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
Thu Nov 21 20:44:45 2013 Local Options hash (VER=V4): '77cf0943'
Thu Nov 21 20:44:45 2013 Expected Remote Options hash (VER=V4 ): '2547efd2'
Thu Nov 21 20:44:45 2013 TCP connection established with 192.168.1.10:49209
Thu Nov 21 20:44:45 2013 Socket Buffers: R=[8192->8192] S=[8192->8192 ]
Thu Nov 21 20:44:45 2013 TCPv4_SERVER link local: [undef]
Thu Nov 21 20:44:45 2013 TCPv4_SERVER link remote: 192.168.1.10:49209 Thu Nov
21 20:44:45 2013 192.168.1.10:49209 TLS: Initial packet from 192.168.1.10:49209, sid=a7b5c915 50
20:44:46 2013 192.168.1.10:49209 VERIFY OK: depth=1, /C=RU/ST=Mocsow/L=Moscow/O=OpenVPN/[email protected]
Thu Nov 21 20:44:46 2013 192.168 .1.10:49209 VERIFY OK: depth=0, /C=RU/ST=Mocsow/O=OpenVPN/CN=dc/[email protected]
Thu Nov 21 20:44:46 2013 192.168.1.10:49209 Data Channel Encrypt : Cipher 'BF-CBC' initialized with 128 bit key
Thu Nov 21 20:44:46 2013 192.168.1.10:49209 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Nov 21 20:44:46 2013 192.168.1.10:49209 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Nov 21 20:44:46 2013 192.168.1.10:49209 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Nov 21 20:44:47 2013 192.168.1.10:49209 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Thu Nov 21 20:44:47 2013 192.168.1.10:49209 [dc] Peer Connection Initiated with 192.168.1.10:49209
Thu Nov 21 20:44:47 2013 dc/192.168.1.10:49209 TCP/UDP: Closing socket
Thu Nov 21 20:44:47 2013 MULTI: new connection by client 'dc' will cause previous active sessions by this client to be dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
Thu Nov 21 20:44:47 2013 MULTI: Learn: 172.16.0.2 -> dc/192.168.1.10:49209
Thu Nov 21 20:44:47 2013 MULTI: primary virtual IP for dc/192.168.1.10:49209: 172.16. 0.2
Thu Nov 21 20:44:49 2013 dc/192.168.1.10:49209 PUSH: Received control message: 'PUSH_REQUEST'
Thu Nov 21 20:44:49 2013 dc/192.168.1.10:49209 SENT CONTROL [dc]: 'PUSH_REPLY ,route-gateway 172.16.0.1,route 10.0.0.0 255.0.0.0,route-gateway 172.16.0.1,subnet topology,ping 10,ping-restart 120,ifconfig 172.16.0.2 255.255.255.0' (status=1)
Thu Nov 21 20:44:52 2013 MULTI: multi_create_instance called
Thu Nov 21 20:44:52 2013 Re-using SSL/TLS context
Thu Nov 21 20:44:52 2013 LZO compression initialized
Thu Nov 21 20:44:52 2013 Control Channel MTU parms [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
Thu Nov 21 20:44:52 2013 Data Channel MTU parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
Thu Nov 21 20:44:52 2013 Local Options hash (VER=V4): '77cf0943'
Thu Nov 21 20:44:52 2013 Expected Remote Options hash (VER=V4 ): '2547efd2'
Thu Nov 21 20:44:52 2013 TCP connection established with 192.168.2.20:49195
Thu Nov 21 20:44:52 2013 Socket Buffers: R=[8192->8192] S=[8192->8192 ]
Thu Nov 21 20:44:52 2013 TCPv4_SERVER link local: [undef]
Thu Nov 21 20:44:52 2013 TCPv4_SERVER link remote: 192.168.2.20:49195 Thu Nov
21 20:44:52 2013 192.168.2.20:49195
20:44:52 2013 192.168.2.20:49195 VERIFY OK: depth=1, /C=RU/ST=Mocsow/L=Moscow/O=OpenVPN/[email protected]
Thu Nov 21 20:44:52 2013 192.168 .2.20:49195 VERIFY OK: depth=0, /C=RU/ST=Mocsow/O=OpenVPN/CN=dc/[email protected]
Thu Nov 21 20:44:53 2013 192.168.2.20:49195 Data Channel Encrypt : Cipher 'BF-CBC' initialized with 128 bit key
Thu Nov 21 20:44:53 2013 192.168.2.20:49195 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Nov 21 20:44:53 2013 192.168.2.20:49195 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Nov 21 20:44:53 2013 192.168.2.20:49195 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Nov 21 20:44:53 2013 192.168.2.20:49195 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Thu Nov 21 20:44:53 2013 192.168.2.20:49195 [dc] Peer Connection Initiated with 192.168.2.20:49195
Thu Nov 21 20:44:53 2013 dc/192.168.2.20:49195 TCP/UDP: Closing socket
Thu Nov 21 20:44:53 2013 MULTI: new connection by client 'dc' will cause previous active sessions by this client to be dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
Thu Nov 21 20:44:53 2013 MULTI: Learn: 172.16.0.2 -> dc/192.168.2.20:49195
Thu Nov 21 20:44:53 2013 MULTI: primary virtual IP for dc/192.168.2.20:49195: 172.16. 0.2
Thu Nov 21 20:44:55 2013 dc/192.168.2.20:49195 PUSH: Received control message: 'PUSH_REQUEST'
Thu Nov 21 20:44:55 2013 dc/192.168.2.20:49195 SENT CONTROL [dc]: 'PUSH_REPLY ,route-gateway 172.16.0.1,route 10.0.0.0 255.0.0.0,route-gateway 172.16.0.1,subnet topology,ping 10,ping-restart 120,ifconfig 172.16.0.2 255.255.255.0' (status=1)
Thu Nov 21 20:44:58 2013 MULTI: multi_create_instance called
Thu Nov 21 20:44:58 2013 Re-using SSL/TLS context
Thu Nov 21 20:44:58 2013 LZO compression initialized
Thu Nov 21 20:44:58 2013 Control Channel MTU parms [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
Thu Nov 21 20:44:58 2013 Data Channel MTU parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
Thu Nov 21 20:44:58 2013 Local Options hash (VER=V4): '77cf0943'
Thu Nov 21 20:44:58 2013 Expected Remote Options hash (VER=V4 ): '2547efd2'
Thu Nov 21 20:44:58 2013 TCP connection established with 192.168.1.10:49210
Thu Nov 21 20:44:58 2013 Socket Buffers: R=[8192->8192] S=[8192->8192 ]
Thu Nov 21 20:44:58 2013 TCPv4_SERVER link local: [undef]
Thu Nov 21 20:44:58 2013 TCPv4_SERVER link remote: 192.168.1.10:49210 Thu Nov
21 20:44:58 2013 192.168.1.10:49210 TLS: Initial packet from 192.168.1.10:49210, sid=6868a093 2dhu
20:44:59 2013 192.168.1.10:49210 VERIFY OK: depth=1, /C=RU/ST=Mocsow/L=Moscow/O=OpenVPN/[email protected]
Thu Nov 21 20:44:59 2013 192.168 .1.10:49210 VERIFY OK: depth=0, /C=RU/ST=Mocsow/O=OpenVPN/CN=dc/[email protected]
Thu Nov 21 20:44:59 2013 192.168.1.10:49210 Data Channel Encrypt : Cipher 'BF-CBC' initialized with 128 bit key
Thu Nov 21 20:44:59 2013 192.168.1.10:49210 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Nov 21 20:44:59 2013 192.168.1.10:49210 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Nov 21 20:44:59 2013 192.168.1.10:49210 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Nov 21 20:44:59 2013 192.168.1.10:49210 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Thu Nov 21 20:44:59 2013 192.168.1.10:49210 [dc] Peer Connection Initiated with 192.168.1.10:49210
Thu Nov 21 20:44:59 2013 dc/192.168.1.10:49210 TCP/UDP: Closing socket
Thu Nov 21 20:44:59 2013 MULTI: new connection by client 'dc' will cause previous active sessions by this client to be dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
Thu Nov 21 20:44:59 2013 MULTI: Learn: 172.16.0.2 -> dc/192.168.1.10:49210
Thu Nov 21 20:44:59 2013 MULTI: primary virtual IP for dc/192.168.1.10:49210: 172.16. 0.2
Thu Nov 21 20:45:02 2013 dc/192.168.1.10:49210 PUSH: Received control message: 'PUSH_REQUEST'
Thu Nov 21 20:45:02 2013 dc/192.168.1.10:49210 SENT CONTROL [dc]: 'PUSH_REPLY ,route-gateway 172.16.0.1,route 10.0.0.0 255.0.0.0,route-gateway 172.16.0.1,subnet topology,ping 10,ping-restart 120,ifconfig 172.16.0.2 255.255.255.0' (status=1)
Thu Nov 21 20:45:04 2013 MULTI: multi_create_instance called
Thu Nov 21 20:45:04 2013 Re-using SSL/TLS context
Thu Nov 21 20:45:04 2013 LZO compression initialized
Thu Nov 21 20:45:04 2013 Control Channel MTU parms [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
Thu Nov 21 20:45:04 2013 Data Channel MTU parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
Thu Nov 21 20:45:04 2013 Local Options hash (VER=V4): '77cf0943'
Thu Nov 21 20:45:04 2013 Expected Remote Options hash (VER=V4 ): '2547efd2'
Thu Nov 21 20:45:04 2013 TCP connection established with 192.168.2.20:49196
Thu Nov 21 20:45:04 2013 Socket Buffers: R=[8192->8192] S=[8192->8192 ]
Thu Nov 21 20:45:04 2013 TCPv4_SERVER link local: [undef]
Thu Nov 21 20:45:04 2013 TCPv4_SERVER link remote: 192.168.2.20:49196 Thu Nov
21 20:45:04 2013 192.168.2.20:49196
20:45:05 2013 192.168.2.20:49196 VERIFY OK: depth=1, /C=RU/ST=Mocsow/L=Moscow/O=OpenVPN/[email protected]
Thu Nov 21 20:45:05 2013 192.168 .2.20:49196 VERIFY OK: depth=0, /C=RU/ST=Mocsow/O=OpenVPN/CN=dc/[email protected]
Thu Nov 21 20:45:05 2013 192.168.2.20:49196 Data Channel Encrypt : Cipher 'BF-CBC' initialized with 128 bit key
Thu Nov 21 20:45:05 2013 192.168.2.20:49196 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Nov 21 20:45:05 2013 192.168.2.20:49196 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Nov 21 20:45:05 2013 192.168.2.20:49196 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Nov 21 20:45:06 2013 192.168.2.20:49196 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Thu Nov 21 20:45:06 2013 192.168.2.20:49196 [dc] Peer Connection Initiated with 192.168.2.20:49196
Thu Nov 21 20:45:06 2013 dc/192.168.2.20:49196 TCP/UDP: Closing socket
Thu Nov 21 20:45:06 2013 MULTI: new connection by client 'dc' will cause previous active sessions by this client to be dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
Thu Nov 21 20:45:06 2013 MULTI: Learn: 172.16.0.2 -> dc/192.168.2.20:49196
Thu Nov 21 20:45:06 2013 MULTI: primary virtual IP for dc/192.168.2.20:49196: 172.16. 0.2
Thu Nov 21 20:45:08 2013 dc/192.168.2.20:49196 PUSH: Received control message: 'PUSH_REQUEST'
Thu Nov 21 20:45:08 2013 dc/192.168.2.20:49196 SENT CONTROL [dc]: 'PUSH_REPLY ,route-gateway 172.16.0.1,route 10.0.0.0 255.0.0.0,route-gateway 172.16.0.1,subnet topology,ping 10,ping-restart 120,ifconfig 172.16.0.2 255.255.255.0' (status=1)
Thu Nov 21 20:45:11 2013 MULTI: multi_create_instance called
Thu Nov 21 20:45:11 2013 Re-using SSL/TLS context
Thu Nov 21 20:45:11 2013 LZO compression initialized
Thu Nov 21 20:45:11 2013 Control Channel MTU parms [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
Thu Nov 21 20:45:11 2013 Data Channel MTU parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
Thu Nov 21 20:45:11 2013 Local Options hash (VER=V4): '77cf0943'
Thu Nov 21 20:45:11 2013 Expected Remote Options hash (VER=V4 ): '2547efd2'
Thu Nov 21 20:45:11 2013 TCP connection established with 192.168.1.10:49211
Thu Nov 21 20:45:11 2013 Socket Buffers: R=[8192->8192] S=[8192->8192 ]
Thu Nov 21 20:45:11 2013 TCPv4_SERVER link local: [undef]
Thu Nov 21 20:45:11 2013 TCPv4_SERVER link remote: 192.168.1.10:49211
Thu Nov 21 20:45:11 2013 192.168.1.10:49211 TLS: Initial packet from 192.168.1.10:49211, sid=214ea847 c6Novce
21 20:45:11 2013 192.168.1.10:49211 VERIFY OK: depth=1, /C=RU/ST=Mocsow/L=Moscow/O=OpenVPN/[email protected]
Thu Nov 21 20:45:11 2013 192.168 .1.10:49211 VERIFY OK: depth=0, /C=RU/ST=Mocsow/O=OpenVPN/CN=dc/[email protected]
Thu Nov 21 20:45:12 2013 192.168.1.10:49211 Data Channel Encrypt : Cipher 'BF-CBC' initialized with 128 bit key
Thu Nov 21 20:45:12 2013 192.168.1.10:49211 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Nov 21 20:45:12 2013 192.168.1.10:49211 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Nov 21 20:45:12 2013 192.168.1.10:49211 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Nov 21 20:45:12 2013 192.168.1.10:49211 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Thu Nov 21 20:45:12 2013 192.168.1.10:49211 [dc] Peer Connection Initiated with 192.168.1.10:49211
Thu Nov 21 20:45:12 2013 dc/192.168.1.10:49211 TCP/UDP: Closing socket
Thu Nov 21 20:45:12 2013 MULTI: new connection by client 'dc' will cause previous active sessions by this client to be dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
Thu Nov 21 20:45:12 2013 MULTI: Learn: 172.16.0.2 -> dc/192.168.1.10:49211
Thu Nov 21 20:45:12 2013 MULTI: primary virtual IP for dc/192.168.1.10:49211: 172.16. 0.2
Thu Nov 21 20:45:14 2013 dc/192.168.1.10:49211 PUSH: Received control message: 'PUSH_REQUEST'
Thu Nov 21 20:45:14 2013 dc/192.168.1.10:49211 SENT CONTROL [dc]: 'PUSH_REPLY ,route-gateway 172.16.0.1,route 10.0.0.0 255.0.0.0,route-gateway 172.16.0.1,subnet topology,ping 10,ping-restart 120,ifconfig 172.16.0.2 255.255.255.0' (status=1)
Thu Nov 21 20:45:17 2013 MULTI: multi_create_instance called
Thu Nov 21 20:45:17 2013 Re-using SSL/TLS context
Thu Nov 21 20:45:17 2013 LZO compression initialized
Thu Nov 21 20:45:17 2013 Control Channel MTU parms [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
Thu Nov 21 20:45:17 2013 Data Channel MTU parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
Thu Nov 21 20:45:17 2013 Local Options hash (VER=V4): '77cf0943'
Thu Nov 21 20:45:17 2013 Expected Remote Options hash (VER=V4 ): '2547efd2'
Thu Nov 21 20:45:17 2013 TCP connection established with 192.168.2.20:49197
Thu Nov 21 20:45:17 2013 Socket Buffers: R=[8192->8192] S=[8192->8192 ]
Thu Nov 21 20:45:17 2013 TCPv4_SERVER link local: [undef]
Thu Nov 21 20:45:17 2013 TCPv4_SERVER link remote: 192.168.2.20:49197
Thu Nov 21 20:45:17 2013 192.168.2.20:49197 TLS: Initial packet from 192.168.2.20:49197, sid=2e1d2c31
Nov 20:45:18 2013 192.168.2.20:49197 VERIFY OK: depth=1, /C=RU/ST=Mocsow/L=Moscow/O=OpenVPN/[email protected]
Thu Nov 21 20:45:18 2013 192.168 .2.20:49197 VERIFY OK: depth=0, /C=RU/ST=Mocsow/O=OpenVPN/CN=dc/[email protected]
Thu Nov 21 20:45:18 2013 192.168.2.20:49197 Data Channel Encrypt : Cipher 'BF-CBC' initialized with 128 bit key
Thu Nov 21 20:45:18 2013 192.168.2.20:49197 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Nov 21 20:45:18 2013 192.168.2.20:49197 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Nov 21 20:45:18 2013 192.168.2.20:49197 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Nov 21 20:45:19 2013 192.168.2.20:49197 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Thu Nov 21 20:45:19 2013 192.168.2.20:49197 [dc] Peer Connection Initiated with 192.168.2.20:49197
Thu Nov 21 20:45:19 2013 dc/192.168.2.20:49197 TCP/UDP: Closing socket
Thu Nov 21 20:45:19 2013 MULTI: new connection by client 'dc' will cause previous active sessions by this client to be dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
Thu Nov 21 20:45:19 2013 MULTI: Learn: 172.16.0.2 -> dc/192.168.2.20:49197
Thu Nov 21 20:45:19 2013 MULTI: primary virtual IP for dc/192.168.2.20:49197: 172.16. 0.2
Thu Nov 21 20:45:21 2013 dc/192.168.2.20:49197 PUSH: Received control message: 'PUSH_REQUEST'
Thu Nov 21 20:45:21 2013 dc/192.168.2.20:49197 SENT CONTROL [dc]: 'PUSH_REPLY ,route-gateway 172.16.0.1,route 10.0.0.0 255.0.0.0,route-gateway 172.16.0.1,subnet topology,ping 10,ping-restart 120,ifconfig 172.16.0.2 255.255.255.0' (status=1)
Thu Nov 21 20:45:24 2013 MULTI: multi_create_instance called
Thu Nov 21 20:45:24 2013 Re-using SSL/TLS context
Thu Nov 21 20:45:24 2013 LZO compression initialized
Thu Nov 21 20:45:24 2013 Control Channel MTU parms [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
Thu Nov 21 20:45:24 2013 Data Channel MTU parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
Thu Nov 21 20:45:24 2013 Local Options hash (VER=V4): '77cf0943'
Thu Nov 21 20:45:24 2013 Expected Remote Options hash (VER=V4 ): '2547efd2'
Thu Nov 21 20:45:24 2013 TCP connection established with 192.168.1.10:49212
Thu Nov 21 20:45:24 2013 Socket Buffers: R=[8192->8192] S=[8192->8192 ]
Thu Nov 21 20:45:24 2013 TCPv4_SERVER link local: [undef]
Thu Nov 21 20:45:24 2013 TCPv4_SERVER link remote: 192.168.1.10:49212 Thu Nov
21 20:45:24 2013 192.168.1.10:49212 TLS: Initial packet from 192.168.1.10:49212, sid=963a68fa0 028
20:45:24 2013 192.168.1.10:49212 VERIFY OK: depth=1, /C=RU/ST=Mocsow/L=Moscow/O=OpenVPN/[email protected]
Thu Nov 21 20:45:24 2013 192.168 .1.10:49212 VERIFY OK: depth=0, /C=RU/ST=Mocsow/O=OpenVPN/CN=dc/[email protected]
Thu Nov 21 20:45:25 2013 192.168.1.10:49212 Data Channel Encrypt : Cipher 'BF-CBC' initialized with 128 bit key
Thu Nov 21 20:45:25 2013 192.168.1.10:49212 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Nov 21 20:45:25 2013 192.168.1.10:49212 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Nov 21 20:45:25 2013 192.168.1.10:49212 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Nov 21 20:45:25 2013 192.168.1.10:49212 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Thu Nov 21 20:45:25 2013 192.168.1.10:49212 [dc] Peer Connection Initiated with 192.168.1.10:49212
Thu Nov 21 20:45:25 2013 dc/192.168.1.10:49212 TCP/UDP: Closing socket
Thu Nov 21 20:45:25 2013 MULTI: new connection by client 'dc' will cause previous active sessions by this client to be dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
Thu Nov 21 20:45:25 2013 MULTI: Learn: 172.16.0.2 -> dc/192.168.1.10:49212
Thu Nov 21 20:45:25 2013 MULTI: primary virtual IP for dc/192.168.1.10:49212: 172.16. 0.2
Thu Nov 21 20:45:27 2013 dc/192.168.1.10:49212 PUSH: Received control message: 'PUSH_REQUEST'
Thu Nov 21 20:45:27 2013 dc/192.168.1.10:49212 SENT CONTROL [dc]: 'PUSH_REPLY ,route-gateway 172.16.0.1,route 10.0.0.0 255.0.0.0,route-gateway 172.16.0.1,subnet topology,ping 10,ping-restart 120,ifconfig 172.16.0.2 255.255.255.0' (status=1)
Thu Nov 21 20:45:30 2013 MULTI: multi_create_instance called
Thu Nov 21 20:45:30 2013 Re-using SSL/TLS context
Thu Nov 21 20:45:30 2013 LZO compression initialized
Thu Nov 21 20:45:30 2013 Control Channel MTU parms [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
Thu Nov 21 20:45:30 2013 Data Channel MTU parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
Thu Nov 21 20:45:30 2013 Local Options hash (VER=V4): '77cf0943'
Thu Nov 21 20:45:30 2013 Expected Remote Options hash (VER=V4 ): '2547efd2'
Thu Nov 21 20:45:30 2013 TCP connection established with 192.168.2.20:49198
Thu Nov 21 20:45:30 2013 Socket Buffers: R=[8192->8192] S=[8192->8192 ]
Thu Nov 21 20:45:30 2013 TCPv4_SERVER link local: [undef]
Thu Nov 21 20:45:30 2013 TCPv4_SERVER link remote: 192.168.2.20:49198 Thu Nov
21 20:45:30 2013 192.168.2.20:49198 TLS: Initial packet from 192.168.2.20:49198, sid=97d8eab 31 Novhud 99
20:45:31 2013 192.168.2.20:49198 VERIFY OK: depth=1, /C=RU/ST=Mocsow/L=Moscow/O=OpenVPN/[email protected]
Thu Nov 21 20:45:31 2013 192.168 .2.20:49198 VERIFY OK: depth=0, /C=RU/ST=Mocsow/O=OpenVPN/CN=dc/[email protected]
Thu Nov 21 20:45:31 2013 192.168.2.20:49198 Data Channel Encrypt : Cipher 'BF-CBC' initialized with 128 bit key
Thu Nov 21 20:45:31 2013 192.168.2.20:49198 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Nov 21 20:45:31 2013 192.168.2.20:49198 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Nov 21 20:45:31 2013 192.168.2.20:49198 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Nov 21 20:45:31 2013 192.168.2.20:49198 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Thu Nov 21 20:45:31 2013 192.168.2.20:49198 [dc] Peer Connection Initiated with 192.168.2.20:49198
Thu Nov 21 20:45:31 2013 dc/192.168.2.20:49198 TCP/UDP: Closing socket
Thu Nov 21 20:45:31 2013 MULTI: new connection by client 'dc' will cause previous active sessions by this client to be dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
Thu Nov 21 20:45:31 2013 MULTI: Learn: 172.16.0.2 -> dc/192.168.2.20:49198
Thu Nov 21 20:45:31 2013 MULTI: primary virtual IP for dc/192.168.2.20:49198: 172.16. 0.2
Thu Nov 21 20:45:33 2013 dc/192.168.2.20:49198 PUSH: Received control message: 'PUSH_REQUEST'
Thu Nov 21 20:45:33 2013 dc/192.168.2.20:49198 SENT CONTROL [dc]: 'PUSH_REPLY ,route-gateway 172.16.0.1,route 10.0.0.0 255.0.0.0,route-gateway 172.16.0.1,subnet topology,ping 10,ping-restart 120,ifconfig 172.16.0.2 255.255.255.0' (status=1)
Thu Nov 21 20:45:36 2013 MULTI: multi_create_instance called
Thu Nov 21 20:45:36 2013 Re-using SSL/TLS context
Thu Nov 21 20:45:36 2013 LZO compression initialized
Thu Nov 21 20:45:36 2013 Control Channel MTU parms [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
Thu Nov 21 20:45:36 2013 Data Channel MTU parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
Thu Nov 21 20:45:36 2013 Local Options hash (VER=V4): '77cf0943'
Thu Nov 21 20:45:36 2013 Expected Remote Options hash (VER=V4 ): '2547efd2'
Thu Nov 21 20:45:36 2013 TCP connection established with 192.168.1.10:49213
Thu Nov 21 20:45:36 2013 Socket Buffers: R=[8192->8192] S=[8192->8192 ]
Thu Nov 21 20:45:36 2013 TCPv4_SERVER link local: [undef]
Thu Nov 21 20:45:36 2013 TCPv4_SERVER link remote: 192.168.1.10:49213 Thu Nov
21 20:45:36 2013 192.168.1.10:49213 TLS: Initial packet from 192.168.1.10:49213, sid=0a92032f Novhu6
20:45:37 2013 192.168.1.10:49213 VERIFY OK: depth=1, /C=RU/ST=Mocsow/L=Moscow/O=OpenVPN/[email protected]
Thu Nov 21 20:45:37 2013 192.168 .1.10:49213 VERIFY OK: depth=0, /C=RU/ST=Mocsow/O=OpenVPN/CN=dc/[email protected]
Thu Nov 21 20:45:37 2013 192.168.1.10:49213 Data Channel Encrypt : Cipher 'BF-CBC' initialized with 128 bit key
Thu Nov 21 20:45:37 2013 192.168.1.10:49213 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Nov 21 20:45:37 2013 192.168.1.10:49213 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Nov 21 20:45:37 2013 192.168.1.10:49213 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Nov 21 20:45:38 2013 192.168.1.10:49213 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Thu Nov 21 20:45:38 2013 192.168.1.10:49213 [dc] Peer Connection Initiated with 192.168.1.10:49213
Thu Nov 21 20:45:38 2013 dc/192.168.1.10:49213 TCP/UDP: Closing socket
Thu Nov 21 20:45:38 2013 MULTI: new connection by client 'dc' will cause previous active sessions by this client to be dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
Thu Nov 21 20:45:38 2013 MULTI: Learn: 172.16.0.2 -> dc/192.168.1.10:49213
Thu Nov 21 20:45:38 2013 MULTI: primary virtual IP for dc/192.168.1.10:49213: 172.16. 0.2
Thu Nov 21 20:45:40 2013 dc/192.168.1.10:49213 PUSH: Received control message: 'PUSH_REQUEST'
Thu Nov 21 20:45:40 2013 dc/192.168.1.10:49213 SENT CONTROL [dc]: 'PUSH_REPLY ,route-gateway 172.16.0.1,route 10.0.0.0 255.0.0.0,route-gateway 172.16.0.1,subnet topology,ping 10,ping-restart 120,ifconfig 172.16.0.2 255.255.255.0' (status=1)
Thu Nov 21 20:45:43 2013 MULTI: multi_create_instance called
Thu Nov 21 20:45:43 2013 Re-using SSL/TLS context
Thu Nov 21 20:45:43 2013 LZO compression initialized
Thu Nov 21 20:45:43 2013 Control Channel MTU parms [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
Thu Nov 21 20:45:43 2013 Data Channel MTU parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
Thu Nov 21 20:45:43 2013 Local Options hash (VER=V4): '77cf0943'
Thu Nov 21 20:45:43 2013 Expected Remote Options hash (VER=V4 ): '2547efd2'
Thu Nov 21 20:45:43 2013 TCP connection established with 192.168.2.20:49199
Thu Nov 21 20:45:43 2013 Socket Buffers: R=[8192->8192] S=[8192->8192 ]
Thu Nov 21 20:45:43 2013 TCPv4_SERVER link local: [undef]
Thu Nov 21 20:45:43 2013 TCPv4_SERVER link remote: 192.168.2.20:49199 Thu Nov
21 20:45:43 2013 192.168.2.20:49199 TLS: Initial packet from 192.168.2.20:49199, sid=65acaba8 29
20:45:43 2013 192.168.2.20:49199 VERIFY OK: depth=1, /C=RU/ST=Mocsow/L=Moscow/O=OpenVPN/[email protected]
Thu Nov 21 20:45:43 2013 192.168 .2.20:49199 VERIFY OK: depth=0, /C=RU/ST=Mocsow/O=OpenVPN/CN=dc/[email protected]
Thu Nov 21 20:45:44 2013 192.168.2.20:49199 Data Channel Encrypt : Cipher 'BF-CBC' initialized with 128 bit key
Thu Nov 21 20:45:44 2013 192.168.2.20:49199 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Nov 21 20:45:44 2013 192.168.2.20:49199 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Nov 21 20:45:44 2013 192.168.2.20:49199 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Nov 21 20:45:44 2013 192.168.2.20:49199 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Thu Nov 21 20:45:44 2013 192.168.2.20:49199 [dc] Peer Connection Initiated with 192.168.2.20:49199
Thu Nov 21 20:45:44 2013 dc/192.168.2.20:49199 TCP/UDP: Closing socket
Thu Nov 21 20:45:44 2013 MULTI: new connection by client 'dc' will cause previous active sessions by this client to be dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
Thu Nov 21 20:45:44 2013 MULTI: Learn: 172.16.0.2 -> dc/192.168.2.20:49199
Thu Nov 21 20:45:44 2013 MULTI: primary virtual IP for dc/192.168.2.20:49199: 172.16. 0.2
Thu Nov 21 20:45:46 2013 dc/192.168.2.20:49199 PUSH: Received control message: 'PUSH_REQUEST'
Thu Nov 21 20:45:46 2013 dc/192.168.2.20:49199 SENT CONTROL [dc]: 'PUSH_REPLY ,route-gateway 172.16.0.1,route 10.0.0.0 255.0.0.0,route-gateway 172.16.0.1,subnet topology,ping 10,ping-restart 120,ifconfig 172.16.0.2 255.255.255.0' (status=1)
Thu Nov 21 20:45:49 2013 MULTI: multi_create_instance called
Thu Nov 21 20:45:49 2013 Re-using SSL/TLS context
Thu Nov 21 20:45:49 2013 LZO compression initialized
Thu Nov 21 20:45:49 2013 Control Channel MTU parms [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
Thu Nov 21 20:45:49 2013 Data Channel MTU parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
Thu Nov 21 20:45:49 2013 Local Options hash (VER=V4): '77cf0943'
Thu Nov 21 20:45:49 2013 Expected Remote Options hash (VER=V4 ): '2547efd2'
Thu Nov 21 20:45:49 2013 TCP connection established with 192.168.1.10:49214
Thu Nov 21 20:45:49 2013 Socket Buffers: R=[8192->8192] S=[8192->8192 ]
Thu Nov 21 20:45:49 2013 TCPv4_SERVER link local: [undef]
Thu Nov 21 20:45:49 2013 TCPv4_SERVER link remote: 192.168.1.10:49214 Thu Nov
21 20:45:49 2013 192.168.1.10:49214 TLS: Initial packet from 192.168.1.10:49214, sid=21e5c27
20:45:50 2013 dc/192.168.2.20:49199 Connection reset, restarting [-1]
Thu Nov 21 20:45:50 2013 dc/192.168.2.20:49199 SIGUSR1[soft,connection-reset] received, client-instance restarting
Thu Nov 21 20:45:50 2013 TCP/UDP: Closing socket
Thu Nov 21 20:45:50 2013 192.168.1.10:49214 VERIFY OK: depth=1, /C=RU/ST=Mocsow/L=Moscow/ O=OpenVPN/[email protected]
Thu Nov 21 20:45:50 2013 192.168.1.10:49214 VERIFY OK: depth=0, /C=RU/ST=Mocsow/O=OpenVPN/CN=dc/emailAddress=admin @localhost
Thu Nov 21 20:45:50 2013 192.168.1.10:49214 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Nov 21 20:45:50 2013 192.168.1.10:49214 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Nov 21 20:45:50 2013 192.168.1.10:49214 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Nov 21 20:45:50 2013 192.168.1.10: 49214 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Nov 21 20:45:51 2013 192.168.1.10:49214 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Thu Nov 21 20:45:51 2013 192.168.1.10:49214 [dc] Peer Connection Initiated with 192.168.1.10:49214
Thu Nov 21 20:45:51 2013 dc/192.168.1.10:49214 MULTI: Learn: 172.16.0.2 -> dc/192.168.1.10:49214
Thu Nov 21 20:45:51 2013 dc/192.168.1.10:49214 MULTI: dc/192.168.1.10:49214: 172.16.0.2
Thu Nov 21 20:45:53 2013 dc/192.168.1.10:49214 PUSH: Received control message: 'PUSH_REQUEST'
Thu Nov 21 20:45:53 2013 dc /192.168.1.10:49214 SENT CONTROL [dc]: 'PUSH_REPLY,route-gateway 172.16.0.1,route 10.0.0.0 255.0.0.0,route-gateway 172.16.0.1,topology subnet,ping 10,ping-restart 120,ifconfig 172.16 .0.2 255.255.255.0' (status=1)

P
paxlo, 2016-05-05
@paxlo

The server is yelling at you:
If you have 2 or more clients using the same key to connect, then this must be enabled in the server config with the duplicate-cn option. But it is better to generate separately for each client.

R
Roxa17, 2020-01-27
@Roxa17

Good evening everyone. I want to set up a Windows Server-Mikrotik client connection.
The server is all running with Windows the client connects. But with Mikrotik the following log comes out
Mon Jan 27 18:35:24 2020 us=698736
178.176.166.217:42205 initializing
Mon Jan 27 18:35:24 2020 us=698736 178.176.166.217:42205 Control Channel MTU parms [ L:1622 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Mon Jan 27 18:35:24 2020 us=698736 178.176.166.217:42205 Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
Mon Jan 27 18:35:24 2020 us=698736 178.176.166.217:42205 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo ,cipher DES-CBC,auth SHA1,keysize 64,key-method 2,tls-server'
Mon Jan 27 18:35:24 2020 us=698736 178.176.166.217:42205 Expected Remote Options String (VER=V4): 'V4 ,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher DES-CBC,auth SHA1,keysize 64,key-method 2,tls-client'
Mon Jan 27 18:35: 24 2020 US = 698736 178.176.166.2177:42205 TLS: Initial Packet From [Af_inet6] :: FFFF: 178.176.166.217: 42205, SID = A51D79F7 E16F297A MON JAN
27 18:35:25 2020 US = 587746 178.176.166.217:42205 Verify OK: depth=1, C=RU, ST=Sankt-Petersburg, L=Sankt-Petersburg, O=Organization, OU=DMOSK, CN=DMOSK, name=WIN-OOJVAP63PG8, [email protected]
Mon Jan 27 18:35:25 2020 us=587746 178.176.166.217:42205 VERIFY OK: depth=0, C=RU, ST=Sankt-Petersburg, L=Sankt-Petersburg, O=Organization, OU=DMOSK, CN= client1, name=WIN-OOJVAP63PG8, [email protected]
Mon Jan 27 18:35:25 2020 us=737788 178.176.166.217:42205 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1542 ', remote='link-mtu 1557'
Mon Jan 27 18:35:25 2020 us=737788 178.176.166.217:42205 WARNING: 'comp-lzo' is present in local config but missing in remote config, local='comp- lzo'
Mon Jan 27 18:35:25 2020 us=737788 178.176.166.217:42205 WARNING: 'cipher' is used inconsistently, local='cipher DES-CBC', remote='cipher AES-256-CBC'
Mon Jan 27 18:35:25 2020 us=737788 178.176.166.217:42205 WARNING: 'keysize' is used inconsistently, local='keysize 64', remote='keysize 256'
Mon Jan 27 18:35:25 2020 us= 897815 178.176.166.217:42205 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Mon Jan 27 18:35:25 2020 us=897815 178.176.166.217:4205 [client] Peer Connection Initiated with [AF_INET6]::ffff:178.176.166.217:42205
Mon Jan 27 18:35:25 2020 us=897815 MULTI: new connection by client 'client1' will cause previous active sessions by this client to be dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
Mon Jan 27 18:35:25 2020 us=897815 MULTI_sva: pool returned IPv4=172.16.10.6,
Mon Jan 27 18:35:25 2020 us=897815 MULTI: Learn: 172.16.10.6 -> client1/178.176.166.217:42205
Mon Jan 27 18:35:25 2020 us=897815 MULTI: primary virtual IP for client1/178.176. 166.217:42205: 172.16.10.6
Mon Jan 27 18:35:35 2020 us=901376 MULTI: multi_create_instance called

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question