Closed mygithub-one closed 1 year ago
port 1194 proto tcp dev tun mode server ca server/ca.crt cert openvpn.crt key openvpn.key dh dh.pem tls-auth ta.key
tmp-dir /etc/openvpn/tmp server 10.8.0.0 255.255.255.0 push "route 192.168.10.0 255.255.255.0" push "route 192.168.20.0 255.255.255.0" route 192.168.40.128 255.255.255.248 push "redirect-gateway def1 bypass-dhcp" push "dhcp-option DNS 208.67.222.222" push "dhcp-option DNS 208.67.220.220"
duplicate-cn keepalive 10 120 cipher AES-256-CBC comp-lzo
user root group root
persist-key persist-tun
status openvpn-status.log log openvpn.log verb 3
mute 20 script-security 3
client-crresponse /etc/openvpn/script/totpauth.py auth-user-pass-verify /etc/openvpn/script/totpauth.py via-file auth-user-pass-optional auth-gen-token 60 120
client remote 192.168.197.104 port 1194 proto tcp dev tun
keepalive 10 120
persist-key persist-tun cipher AES-256-CBC comp-lzo nobind verb 1
status client-status.log route-method exe route-delay 2
auth-user-pass
I think your report is a duplicate of #256. Can you try the linked patches in that issue to see if they resolve your issue?
server.log: 2023-03-14 00:53:17 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication 2023-03-14 00:53:17 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication 2023-03-14 00:53:17 TCP connection established with [AF_INET]192.168.197.151:52291 2023-03-14 00:53:17 192.168.197.151:52291 TLS: Initial packet from [AF_INET]192.168.197.151:52291, sid=7d22662c f324ce06 2023-03-14 00:53:17 192.168.197.151:52291 VERIFY OK: depth=1, CN=lgmcf 2023-03-14 00:53:17 192.168.197.151:52291 VERIFY OK: depth=0, CN=client 2023-03-14 00:53:17 192.168.197.151:52291 peer info: IV_VER=2.6.0 2023-03-14 00:53:17 192.168.197.151:52291 peer info: IV_PLAT=win 2023-03-14 00:53:17 192.168.197.151:52291 peer info: IV_TCPNL=1 2023-03-14 00:53:17 192.168.197.151:52291 peer info: IV_MTU=1600 2023-03-14 00:53:17 192.168.197.151:52291 peer info: IV_NCP=2 2023-03-14 00:53:17 192.168.197.151:52291 peer info: IV_CIPHERS=AES-256-GCM:AES-128-GCM 2023-03-14 00:53:17 192.168.197.151:52291 peer info: IV_PROTO=478 2023-03-14 00:53:17 192.168.197.151:52291 peer info: IV_LZ4=1 2023-03-14 00:53:17 192.168.197.151:52291 peer info: IV_LZ4v2=1 2023-03-14 00:53:17 192.168.197.151:52291 peer info: IV_LZO=1 2023-03-14 00:53:17 192.168.197.151:52291 peer info: IV_COMP_STUB=1 2023-03-14 00:53:17 192.168.197.151:52291 peer info: IV_COMP_STUBv2=1 2023-03-14 00:53:17 192.168.197.151:52291 peer info: IV_GUI_VER=OpenVPN_GUI_11 2023-03-14 00:53:17 192.168.197.151:52291 peer info: IV_SSO=openurl,webauth,crtext KeysView(environ({'auth_failed_reason_file': '/etc/openvpn/tmp/openvpn_afr_4e3e85d396b49b7d12d566989b14b234.tmp', 'auth_pending_file': '/etc/openvpn/tmp/openvpn_apf_64ee102e841c7be1763a80008ac449b3.tmp', 'auth_control_file': '/etc/openvpn/tmp/openvpn_acf_5b0f143d31ee95b0589fc940137e39a3.tmp', 'script_type': 'user-pass-verify', 'session_id': 'u5cee2SjkhiEnnCs', 'session_state': 'Initial', 'untrusted_port': '52291', 'untrusted_ip': '192.168.197.151', 'common_name': 'client', 'username': 'test', 'IV_SSO': 'openurl,webauth,crtext', 'IV_GUI_VER': 'OpenVPN_GUI_11', 'IV_COMP_STUBv2': '1', 'IV_COMP_STUB': '1', 'IV_LZO': '1', 'IV_LZ4v2': '1', 'IV_LZ4': '1', 'IV_PROTO': '478', 'IV_CIPHERS': 'AES-256-GCM:AES-128-GCM', 'IV_NCP': '2', 'IV_MTU': '1600', 'IV_TCPNL': '1', 'IV_PLAT': 'win', 'IV_VER': '2.6.0', 'tls_serial_hex_0': '38:1b:78:30:e4:e6:f9:c9:85:ea:9a:e8:9a:5e:a1:1a', 'tls_serial_0': '74579397542081782878200126148970455322', 'tls_digest_sha256_0': 'e8:1f:f2:5a:13:6e:dc:cb:d1:4f:da:ff:60:c7:b1:77:93:10:b9:dd:21:38:b7:1e:dc:a9:99:7f:b9:68:51:39', 'tls_digest_0': '5a:15:3e:1c:02:3e:46:35:5b:f6:4d:3a:cd:54:f2:83:cf:57:70:3e', 'tls_id_0': 'CN=client', 'X509_0_CN': 'client', 'tls_serial_hex_1': 'f3:a6:8c:54:b4:62:5f:eb', 'tls_serial_1': '17556874492781944811', 'tls_digest_sha256_1': 'd2:e5:5c:99:9f:58:78:a4:f1:a1:b3:01:64:e8:55:29:7c:49:eb:ee:fa:dc:f3:8b:3d:dc:1a:80:d5:d6:5e:09', 'tls_digest_1': '40:41:c8:6d:76:b1:cd:65:ea:3c:57:c4:0d:34:97:62:de:be:ca:fb', 'tls_id_1': 'CN=lgmcf', 'X509_1_CN': 'lgmcf', 'remote_port_1': '1194', 'local_port_1': '1194', 'proto_1': 'tcp-server', 'daemon_pid': '4992', 'daemon_start_time': '1678725979', 'daemon_log_redirect': '1', 'daemon': '0', 'verb': '3', 'config': 'server.conf', 'ifconfig_local': '10.8.0.1', 'ifconfig_remote': '10.8.0.2', 'route_net_gateway': '192.168.197.1', 'route_vpn_gateway': '10.8.0.2', 'route_network_1': '192.168.40.128', 'route_netmask_1': '255.255.255.248', 'route_gateway_1': '10.8.0.2', 'route_network_2': '10.8.0.0', 'route_netmask_2': '255.255.255.0', 'route_gateway_2': '10.8.0.2', 'script_context': 'init', 'tun_mtu': '1500', 'dev': 'tun0', 'dev_type': 'tun', 'redirect_gateway': '0'})) 2023-03-14 00:53:18 192.168.197.151:52291 SENT CONTROL [UNDEF]: 'AUTH_PENDING,timeout 300' (status=1) 2023-03-14 00:53:18 192.168.197.151:52291 SENT CONTROL [UNDEF]: 'INFO_PRE,CR_TEXT:E,R:Please enter your TOTP code!' (status=1) 2023-03-14 00:53:18 192.168.197.151:52291 TLS: Username/Password authentication deferred for username 'test' 2023-03-14 00:53:18 192.168.197.151:52291 TLS: move_session: dest=TM_ACTIVE src=TM_INITIAL reinit_src=1 2023-03-14 00:53:18 192.168.197.151:52291 TLS: tls_multi_process: initial untrusted session promoted to semi-trusted 2023-03-14 00:53:18 192.168.197.151:52291 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, peer certificate: 2048 bit RSA, signature: RSA-SHA256 2023-03-14 00:53:18 192.168.197.151:52291 [client] Peer Connection Initiated with [AF_INET]192.168.197.151:52291 2023-03-14 00:53:19 192.168.197.151:52291 PUSH: Received control message: 'PUSH_REQUEST' 2023-03-14 00:53:25 192.168.197.151:52291 PUSH: Received control message: 'PUSH_REQUEST' 2023-03-14 00:53:30 192.168.197.151:52291 PUSH: Received control message: 'PUSH_REQUEST' 2023-03-14 00:53:35 192.168.197.151:52291 PUSH: Received control message: 'PUSH_REQUEST' 2023-03-14 00:53:41 192.168.197.151:52291 PUSH: Received control message: 'PUSH_REQUEST' 2023-03-14 00:53:47 192.168.197.151:52291 PUSH: Received control message: 'PUSH_REQUEST' 2023-03-14 00:53:53 192.168.197.151:52291 NOTE: --mute triggered... 2023-03-14 00:54:20 192.168.197.151:52291 5 variation(s) on previous 20 message(s) suppressed by --mute 2023-03-14 00:54:20 192.168.197.151:52291 Delayed exit in 5 seconds 2023-03-14 00:54:20 192.168.197.151:52291 SENT CONTROL [client]: 'AUTH_FAILED' (status=1) 2023-03-14 00:54:20 192.168.197.151:52291 PUSH: Received control message: 'PUSH_REQUEST' 2023-03-14 00:54:20 192.168.197.151:52291 Connection reset, restarting [0] 2023-03-14 00:54:20 192.168.197.151:52291 SIGUSR1[soft,connection-reset] received, client-instance restarting