wfg
commented
3 years ago Can you bump VPN_LOG_LEVEL to at least 4 and then paste those logs here?
That's a strange "Killed" message though. I'm not sure it's actually coming from inside the container.
Closed HomebrewDotNET closed 3 years ago
wfg
commented
3 years ago Can you bump VPN_LOG_LEVEL to at least 4 and then paste those logs here?
That's a strange "Killed" message though. I'm not sure it's actually coming from inside the container.
HomebrewDotNET
commented
3 years ago Sure
I've been using other containers with integrated openvpn clients before and those work fine so it's pretty strange.
If it helps I'm deploying the stack using portainer 2.1.1 which is running on the docker engine in the Container Station app of my Qnap.
Here are the updated logs with log level 4:
---- Running with the following variables ----
Kill switch: on
HTTP proxy: on
SOCKS proxy: off
Allowing subnets: 192.168.1.0/24,1.1.1.0/24
Using configuration file: /data/vpn/vpn.conf
Using OpenVPN log level: 4
Creating /data/vpn/vpn.conf.modified and making required changes to that file.
Changes made.
Creating VPN kill switch and local routes.
Allowing established and related connections...
Allowing loopback connections...
Allowing Docker network connections...
Allowing specified subnets...
Allowing remote servers in configuration file...
Using:
pool-1.prd.nl.amsterdam.ovpn.com (IP: 185.157.162.10 PORT: 443)
pool-1.prd.nl.amsterdam.ovpn.com (IP: 185.157.162.6 PORT: 443)
pool-1.prd.nl.amsterdam.ovpn.com (IP: 185.157.162.7 PORT: 443)
pool-1.prd.nl.amsterdam.ovpn.com (IP: 185.157.162.9 PORT: 443)
pool-1.prd.nl.amsterdam.ovpn.com (IP: 185.157.162.8 PORT: 443)
Allowing connections over VPN interface...
Preventing anything else...
iptables rules created and routes configured.
Running OpenVPN client.
Running Tinyproxy HTTP proxy server.
2021-05-18 13:39:57 Note: Treating option '--ncp-ciphers' as '--data-ciphers' (renamed in OpenVPN 2.5).
2021-05-18 13:39:57 us=950078 DEPRECATED OPTION: --cipher set to 'aes-256-cbc' but missing in --data-ciphers (AES-256-GCM:AES-256-CBC:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'aes-256-cbc' to --data-ciphers or change --cipher 'aes-256-cbc' to --data-ciphers-fallback 'aes-256-cbc' to silence this warning.
2021-05-18 13:39:57 us=950709 WARNING: file 'login.auth' is group or others accessible
2021-05-18 13:39:57 us=950807 Current Parameter Settings:
2021-05-18 13:39:57 us=950832 config = '/data/vpn/vpn.conf.modified'
2021-05-18 13:39:57 us=950852 mode = 0
2021-05-18 13:39:57 us=950868 persist_config = DISABLED
2021-05-18 13:39:57 us=950884 persist_mode = 1
2021-05-18 13:39:57 us=950901 show_ciphers = DISABLED
2021-05-18 13:39:57 us=950916 show_digests = DISABLED
2021-05-18 13:39:57 us=950931 show_engines = DISABLED
2021-05-18 13:39:57 us=950946 genkey = DISABLED
2021-05-18 13:39:57 us=950961 genkey_filename = '[UNDEF]'
2021-05-18 13:39:57 us=950979 key_pass_file = '[UNDEF]'
2021-05-18 13:39:57 us=950996 show_tls_ciphers = DISABLED
2021-05-18 13:39:57 us=951015 connect_retry_max = 10
2021-05-18 13:39:57 us=951033 Connection profiles [0]:
2021-05-18 13:39:57 us=951052 proto = tcp4-client
2021-05-18 13:39:57 us=951069 local = '[UNDEF]'
2021-05-18 13:39:57 us=951085 local_port = '[UNDEF]'
2021-05-18 13:39:57 us=951103 remote = 'pool-1.prd.nl.amsterdam.ovpn.com'
2021-05-18 13:39:57 us=951121 remote_port = '443'
2021-05-18 13:39:57 us=951139 remote_float = DISABLED
2021-05-18 13:39:57 us=951155 bind_defined = DISABLED
2021-05-18 13:39:57 us=951174 bind_local = DISABLED
2021-05-18 13:39:57 us=951192 bind_ipv6_only = DISABLED
2021-05-18 13:39:57 us=951210 connect_retry_seconds = 5
2021-05-18 13:39:57 us=951229 connect_timeout = 120
2021-05-18 13:39:57 us=951248 socks_proxy_server = '[UNDEF]'
2021-05-18 13:39:57 us=951267 socks_proxy_port = '[UNDEF]'
2021-05-18 13:39:57 us=951285 tun_mtu = 1500
2021-05-18 13:39:57 us=951300 tun_mtu_defined = ENABLED
2021-05-18 13:39:57 us=951317 link_mtu = 1500
2021-05-18 13:39:57 us=951332 link_mtu_defined = DISABLED
2021-05-18 13:39:57 us=951348 tun_mtu_extra = 0
2021-05-18 13:39:57 us=951364 tun_mtu_extra_defined = DISABLED
2021-05-18 13:39:57 us=951380 mtu_discover_type = -1
2021-05-18 13:39:57 us=951396 fragment = 0
2021-05-18 13:39:57 us=951412 mssfix = 1450
2021-05-18 13:39:57 us=951431 explicit_exit_notification = 0
2021-05-18 13:39:57 us=951445 tls_auth_file = '[INLINE]'
2021-05-18 13:39:57 us=951460 key_direction = 1
2021-05-18 13:39:57 us=951476 tls_crypt_file = '[UNDEF]'
2021-05-18 13:39:57 us=951494 tls_crypt_v2_file = '[UNDEF]'
2021-05-18 13:39:57 us=951510 Connection profiles END
2021-05-18 13:39:57 us=951527 remote_random = DISABLED
2021-05-18 13:39:57 us=951545 ipchange = '[UNDEF]'
2021-05-18 13:39:57 us=951561 dev = 'tun'
2021-05-18 13:39:57 us=951579 dev_type = '[UNDEF]'
2021-05-18 13:39:57 us=951658 dev_node = '[UNDEF]'
2021-05-18 13:39:57 us=951681 lladdr = '[UNDEF]'
2021-05-18 13:39:57 us=951699 topology = 1
2021-05-18 13:39:57 us=951716 ifconfig_local = '[UNDEF]'
2021-05-18 13:39:57 us=951732 ifconfig_remote_netmask = '[UNDEF]'
2021-05-18 13:39:57 us=951748 ifconfig_noexec = DISABLED
2021-05-18 13:39:57 us=951764 ifconfig_nowarn = DISABLED
2021-05-18 13:39:57 us=951781 ifconfig_ipv6_local = '[UNDEF]'
2021-05-18 13:39:57 us=951795 ifconfig_ipv6_netbits = 0
2021-05-18 13:39:57 us=951811 ifconfig_ipv6_remote = '[UNDEF]'
2021-05-18 13:39:57 us=951831 shaper = 0
2021-05-18 13:39:57 us=951851 mtu_test = 0
2021-05-18 13:39:57 us=951866 mlock = DISABLED
2021-05-18 13:39:57 us=951881 keepalive_ping = 0
2021-05-18 13:39:57 us=951899 keepalive_timeout = 0
2021-05-18 13:39:57 us=951914 inactivity_timeout = 0
2021-05-18 13:39:57 us=951934 ping_send_timeout = 0
2021-05-18 13:39:57 us=951949 ping_rec_timeout = 0
2021-05-18 13:39:57 us=951967 ping_rec_timeout_action = 0
2021-05-18 13:39:57 us=951987 ping_timer_remote = DISABLED
2021-05-18 13:39:57 us=952003 remap_sigusr1 = 0
2021-05-18 13:39:57 us=952019 persist_tun = ENABLED
2021-05-18 13:39:57 us=952034 persist_local_ip = DISABLED
2021-05-18 13:39:57 us=952048 persist_remote_ip = DISABLED
2021-05-18 13:39:57 us=952063 persist_key = ENABLED
2021-05-18 13:39:57 us=952082 passtos = DISABLED
2021-05-18 13:39:57 us=952102 resolve_retry_seconds = 1000000000
2021-05-18 13:39:57 us=952118 resolve_in_advance = DISABLED
2021-05-18 13:39:57 us=952134 username = '[UNDEF]'
2021-05-18 13:39:57 us=952150 groupname = '[UNDEF]'
2021-05-18 13:39:57 us=952167 chroot_dir = '[UNDEF]'
2021-05-18 13:39:57 us=952183 cd_dir = '/data/vpn'
2021-05-18 13:39:57 us=952199 writepid = '[UNDEF]'
2021-05-18 13:39:57 us=952249 up_script = '[UNDEF]'
2021-05-18 13:39:57 us=952268 down_script = '[UNDEF]'
2021-05-18 13:39:57 us=952284 down_pre = DISABLED
2021-05-18 13:39:57 us=952300 up_restart = ENABLED
2021-05-18 13:39:57 us=952317 up_delay = DISABLED
2021-05-18 13:39:57 us=952332 daemon = DISABLED
2021-05-18 13:39:57 us=952352 inetd = 0
2021-05-18 13:39:57 us=952371 log = DISABLED
2021-05-18 13:39:57 us=952387 suppress_timestamps = DISABLED
2021-05-18 13:39:57 us=952403 machine_readable_output = DISABLED
2021-05-18 13:39:57 us=952422 nice = 0
2021-05-18 13:39:57 us=952437 verbosity = 4
2021-05-18 13:39:57 us=952455 mute = 0
2021-05-18 13:39:57 us=952474 gremlin = 0
2021-05-18 13:39:57 us=952490 status_file = '[UNDEF]'
2021-05-18 13:39:57 us=952505 status_file_version = 1
2021-05-18 13:39:57 us=952522 status_file_update_freq = 60
2021-05-18 13:39:57 us=952539 occ = ENABLED
2021-05-18 13:39:57 us=952555 rcvbuf = 0
2021-05-18 13:39:57 us=952569 sndbuf = 0
2021-05-18 13:39:57 us=952585 mark = 0
2021-05-18 13:39:57 us=952612 sockflags = 0
2021-05-18 13:39:57 us=952627 fast_io = DISABLED
2021-05-18 13:39:57 us=952643 comp.alg = 0
2021-05-18 13:39:57 us=952656 comp.flags = 0
2021-05-18 13:39:57 us=952676 route_script = '[UNDEF]'
2021-05-18 13:39:57 us=952691 route_default_gateway = '[UNDEF]'
2021-05-18 13:39:57 us=952707 route_default_metric = 0
2021-05-18 13:39:57 us=952723 route_noexec = DISABLED
2021-05-18 13:39:57 us=952737 route_delay = 0
2021-05-18 13:39:57 us=952752 route_delay_window = 30
2021-05-18 13:39:57 us=952769 route_delay_defined = DISABLED
2021-05-18 13:39:57 us=952785 route_nopull = DISABLED
2021-05-18 13:39:57 us=952803 route_gateway_via_dhcp = DISABLED
2021-05-18 13:39:57 us=952818 allow_pull_fqdn = DISABLED
2021-05-18 13:39:57 us=952833 Pull filters:
2021-05-18 13:39:57 us=952848 ignore "route-ipv6"
2021-05-18 13:39:57 us=952865 ignore "ifconfig-ipv6"
2021-05-18 13:39:57 us=952879 management_addr = '[UNDEF]'
2021-05-18 13:39:57 us=952893 management_port = '[UNDEF]'
2021-05-18 13:39:57 us=952907 management_user_pass = '[UNDEF]'
2021-05-18 13:39:57 us=952922 management_log_history_cache = 250
2021-05-18 13:39:57 us=952938 management_echo_buffer_size = 100
2021-05-18 13:39:57 us=952985 management_write_peer_info_file = '[UNDEF]'
2021-05-18 13:39:57 us=953004 management_client_user = '[UNDEF]'
2021-05-18 13:39:57 us=953019 management_client_group = '[UNDEF]'
2021-05-18 13:39:57 us=953070 management_flags = 0
2021-05-18 13:39:57 us=953091 shared_secret_file = '[UNDEF]'
2021-05-18 13:39:57 us=953135 key_direction = 1
2021-05-18 13:39:57 us=953188 ciphername = 'aes-256-cbc'
2021-05-18 13:39:57 us=953209 ncp_enabled = ENABLED
2021-05-18 13:39:57 us=953251 ncp_ciphers = 'AES-256-GCM:AES-256-CBC:AES-128-GCM:AES-256-CBC'
2021-05-18 13:39:57 us=953268 authname = 'SHA1'
2021-05-18 13:39:57 us=953282 prng_hash = 'SHA1'
2021-05-18 13:39:57 us=953301 prng_nonce_secret_len = 16
2021-05-18 13:39:57 us=953316 keysize = 0
2021-05-18 13:39:57 us=953332 engine = DISABLED
2021-05-18 13:39:57 us=953347 replay = ENABLED
2021-05-18 13:39:57 us=953365 mute_replay_warnings = DISABLED
2021-05-18 13:39:57 us=953380 replay_window = 64
2021-05-18 13:39:57 us=953399 replay_time = 15
2021-05-18 13:39:57 us=953419 packet_id_file = '[UNDEF]'
2021-05-18 13:39:57 us=953437 test_crypto = DISABLED
2021-05-18 13:39:57 us=953453 tls_server = DISABLED
2021-05-18 13:39:57 us=953470 tls_client = ENABLED
2021-05-18 13:39:57 us=953487 ca_file = 'ovpn-ca.crt'
2021-05-18 13:39:57 us=953503 ca_path = '[UNDEF]'
2021-05-18 13:39:57 us=953517 dh_file = '[UNDEF]'
2021-05-18 13:39:57 us=953535 cert_file = '[UNDEF]'
2021-05-18 13:39:57 us=953550 extra_certs_file = '[UNDEF]'
2021-05-18 13:39:57 us=953565 priv_key_file = '[UNDEF]'
2021-05-18 13:39:57 us=953583 pkcs12_file = '[UNDEF]'
2021-05-18 13:39:57 us=953612 cipher_list = '[UNDEF]'
2021-05-18 13:39:57 us=953629 cipher_list_tls13 = '[UNDEF]'
2021-05-18 13:39:57 us=953643 tls_cert_profile = '[UNDEF]'
2021-05-18 13:39:57 us=953657 tls_verify = '[UNDEF]'
2021-05-18 13:39:57 us=953674 tls_export_cert = '[UNDEF]'
2021-05-18 13:39:57 us=953690 verify_x509_type = 0
2021-05-18 13:39:57 us=953704 verify_x509_name = '[UNDEF]'
2021-05-18 13:39:57 us=953721 crl_file = '[UNDEF]'
2021-05-18 13:39:57 us=953735 ns_cert_type = 0
2021-05-18 13:39:57 us=953751 remote_cert_ku[i] = 65535
2021-05-18 13:39:57 us=953768 remote_cert_ku[i] = 0
2021-05-18 13:39:57 us=953782 remote_cert_ku[i] = 0
2021-05-18 13:39:57 us=953799 remote_cert_ku[i] = 0
2021-05-18 13:39:57 us=953819 remote_cert_ku[i] = 0
2021-05-18 13:39:57 us=953835 remote_cert_ku[i] = 0
2021-05-18 13:39:57 us=953852 remote_cert_ku[i] = 0
2021-05-18 13:39:57 us=953868 remote_cert_ku[i] = 0
2021-05-18 13:39:57 us=953882 remote_cert_ku[i] = 0
2021-05-18 13:39:57 us=953898 remote_cert_ku[i] = 0
2021-05-18 13:39:57 us=953913 remote_cert_ku[i] = 0
2021-05-18 13:39:57 us=953929 remote_cert_ku[i] = 0
2021-05-18 13:39:57 us=953943 remote_cert_ku[i] = 0
2021-05-18 13:39:57 us=953958 remote_cert_ku[i] = 0
2021-05-18 13:39:57 us=953974 remote_cert_ku[i] = 0
2021-05-18 13:39:57 us=953988 remote_cert_ku[i] = 0
2021-05-18 13:39:57 us=954002 remote_cert_eku = 'TLS Web Server Authentication'
2021-05-18 13:39:57 us=954018 ssl_flags = 0
2021-05-18 13:39:57 us=954032 tls_timeout = 2
2021-05-18 13:39:57 us=954048 renegotiate_bytes = -1
2021-05-18 13:39:57 us=954064 renegotiate_packets = 0
2021-05-18 13:39:57 us=954082 renegotiate_seconds = 0
2021-05-18 13:39:57 us=954103 handshake_window = 60
2021-05-18 13:39:57 us=954118 transition_window = 3600
2021-05-18 13:39:57 us=954132 single_session = DISABLED
2021-05-18 13:39:57 us=954149 push_peer_info = DISABLED
2021-05-18 13:39:57 us=954164 tls_exit = DISABLED
2021-05-18 13:39:57 us=954187 tls_crypt_v2_metadata = '[UNDEF]'
2021-05-18 13:39:57 us=954246 server_network = 0.0.0.0
2021-05-18 13:39:57 us=954269 server_netmask = 0.0.0.0
2021-05-18 13:39:57 us=954297 server_network_ipv6 = ::
2021-05-18 13:39:57 us=954317 server_netbits_ipv6 = 0
2021-05-18 13:39:57 us=954335 server_bridge_ip = 0.0.0.0
2021-05-18 13:39:57 us=954354 server_bridge_netmask = 0.0.0.0
2021-05-18 13:39:57 us=954375 server_bridge_pool_start = 0.0.0.0
2021-05-18 13:39:57 us=954396 server_bridge_pool_end = 0.0.0.0
2021-05-18 13:39:57 us=954415 ifconfig_pool_defined = DISABLED
2021-05-18 13:39:57 us=954434 ifconfig_pool_start = 0.0.0.0
2021-05-18 13:39:57 us=954455 ifconfig_pool_end = 0.0.0.0
2021-05-18 13:39:57 us=954475 ifconfig_pool_netmask = 0.0.0.0
2021-05-18 13:39:57 us=954493 ifconfig_pool_persist_filename = '[UNDEF]'
2021-05-18 13:39:57 us=954508 ifconfig_pool_persist_refresh_freq = 600
2021-05-18 13:39:57 us=954527 ifconfig_ipv6_pool_defined = DISABLED
2021-05-18 13:39:57 us=954549 ifconfig_ipv6_pool_base = ::
2021-05-18 13:39:57 us=954567 ifconfig_ipv6_pool_netbits = 0
2021-05-18 13:39:57 us=954583 n_bcast_buf = 256
2021-05-18 13:39:57 us=954614 tcp_queue_limit = 64
2021-05-18 13:39:57 us=954632 real_hash_size = 256
2021-05-18 13:39:57 us=954649 virtual_hash_size = 256
2021-05-18 13:39:57 us=954666 client_connect_script = '[UNDEF]'
2021-05-18 13:39:57 us=954682 learn_address_script = '[UNDEF]'
2021-05-18 13:39:57 us=954699 client_disconnect_script = '[UNDEF]'
2021-05-18 13:39:57 us=954716 client_config_dir = '[UNDEF]'
2021-05-18 13:39:57 us=954733 ccd_exclusive = DISABLED
2021-05-18 13:39:57 us=954752 tmp_dir = '/tmp'
2021-05-18 13:39:57 us=954768 push_ifconfig_defined = DISABLED
2021-05-18 13:39:57 us=954786 push_ifconfig_local = 0.0.0.0
2021-05-18 13:39:57 us=954806 push_ifconfig_remote_netmask = 0.0.0.0
2021-05-18 13:39:57 us=954824 push_ifconfig_ipv6_defined = DISABLED
2021-05-18 13:39:57 us=954847 push_ifconfig_ipv6_local = ::/0
2021-05-18 13:39:57 us=954868 push_ifconfig_ipv6_remote = ::
2021-05-18 13:39:57 us=954917 enable_c2c = DISABLED
2021-05-18 13:39:57 us=954937 duplicate_cn = DISABLED
2021-05-18 13:39:57 us=954957 cf_max = 0
2021-05-18 13:39:57 us=954973 cf_per = 0
2021-05-18 13:39:57 us=954992 max_clients = 1024
2021-05-18 13:39:57 us=955009 max_routes_per_client = 256
2021-05-18 13:39:57 us=955024 auth_user_pass_verify_script = '[UNDEF]'
2021-05-18 13:39:57 us=955038 auth_user_pass_verify_script_via_file = DISABLED
2021-05-18 13:39:57 us=955054 auth_token_generate = DISABLED
2021-05-18 13:39:57 us=955070 auth_token_lifetime = 0
2021-05-18 13:39:57 us=955086 auth_token_secret_file = '[UNDEF]'
2021-05-18 13:39:57 us=955102 port_share_host = '[UNDEF]'
2021-05-18 13:39:57 us=955118 port_share_port = '[UNDEF]'
2021-05-18 13:39:57 us=955133 vlan_tagging = DISABLED
2021-05-18 13:39:57 us=955149 vlan_accept = all
2021-05-18 13:39:57 us=955164 vlan_pvid = 1
2021-05-18 13:39:57 us=955179 client = ENABLED
2021-05-18 13:39:57 us=955194 pull = ENABLED
2021-05-18 13:39:57 us=955210 auth_user_pass_file = 'login.auth'
2021-05-18 13:39:57 us=955230 OpenVPN 2.5.0 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Dec 26 2020
2021-05-18 13:39:57 us=955277 library versions: OpenSSL 1.1.1k 25 Mar 2021, LZO 2.10
2021-05-18 13:39:57 us=957748 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2021-05-18 13:39:57 us=957789 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2021-05-18 13:39:57 us=958113 Control Channel MTU parms [ L:1623 D:1182 EF:68 EB:0 ET:0 EL:3 ]
2021-05-18 13:39:57 us=987225 Data Channel MTU parms [ L:1623 D:1450 EF:123 EB:406 ET:0 EL:3 ]
2021-05-18 13:39:57 us=987360 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1559,tun-mtu 1500,proto TCPv4_CLIENT,keydir 1,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-client'
2021-05-18 13:39:57 us=987374 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1559,tun-mtu 1500,proto TCPv4_SERVER,keydir 0,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-server'
2021-05-18 13:39:57 us=987405 TCP/UDP: Preserving recently used remote address: [AF_INET]185.157.162.10:443
2021-05-18 13:39:57 us=987434 Socket Buffers: R=[16777216->16777216] S=[16777216->16777216]
2021-05-18 13:39:57 us=987468 Attempting to establish TCP connection with [AF_INET]185.157.162.10:443 [nonblock]
2021-05-18 13:39:58 us=30681 TCP connection established with [AF_INET]185.157.162.10:443
2021-05-18 13:39:58 us=30767 TCPv4_CLIENT link local: (not bound)
2021-05-18 13:39:58 us=30782 TCPv4_CLIENT link remote: [AF_INET]185.157.162.10:443
2021-05-18 13:39:58 us=81965 TLS: Initial packet from [AF_INET]185.157.162.10:443, sid=14d5f79e 0e1eec98
2021-05-18 13:39:58 us=215728 VERIFY OK: depth=1, C=SE, ST=Stockholm, L=Stockholm, OU=Firma David Wibergh, CN=ovpn.se ca, emailAddress=info@ovpn.se
2021-05-18 13:39:58 us=216213 VERIFY KU OK
2021-05-18 13:39:58 us=216242 Validating certificate extended key usage
2021-05-18 13:39:58 us=216258 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2021-05-18 13:39:58 us=216277 VERIFY EKU OK
2021-05-18 13:39:58 us=216298 VERIFY OK: depth=0, CN=vpn36.prd.amsterdam.ovpn.com
2021-05-18 13:39:58 us=303698 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1559', remote='link-mtu 1560'
2021-05-18 13:39:58 us=303841 WARNING: 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
2021-05-18 13:39:58 us=304060 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, 4096 bit RSA
2021-05-18 13:39:58 us=304110 [vpn36.prd.amsterdam.ovpn.com] Peer Connection Initiated with [AF_INET]185.157.162.10:443
2021-05-18 13:39:59 us=174545 SENT CONTROL [vpn36.prd.amsterdam.ovpn.com]: 'PUSH_REQUEST' (status=1)
2021-05-18 13:39:59 us=174667 PUSH: Received control message: 'PUSH_REPLY,ping 10,ping-restart 60,persist-key,redirect-gateway def1,explicit-exit-notify 2,route-gateway 10.134.0.1,topology subnet,compress ,dhcp-option DNS 46.227.67.134,dhcp-option DNS 192.165.9.158,ifconfig 10.134.1.218 255.255.252.0,peer-id 0,cipher AES-256-GCM'
2021-05-18 13:39:59 us=174872 OPTIONS IMPORT: timers and/or timeouts modified
2021-05-18 13:39:59 us=174901 OPTIONS IMPORT: --explicit-exit-notify can only be used with --proto udp
2021-05-18 13:39:59 us=174923 OPTIONS IMPORT: compression parms modified
2021-05-18 13:39:59 us=174946 OPTIONS IMPORT: --persist options modified
2021-05-18 13:39:59 us=174965 OPTIONS IMPORT: --ifconfig/up options modified
2021-05-18 13:39:59 us=174986 OPTIONS IMPORT: route options modified
2021-05-18 13:39:59 us=175006 OPTIONS IMPORT: route-related options modified
2021-05-18 13:39:59 us=175026 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
2021-05-18 13:39:59 us=175046 OPTIONS IMPORT: peer-id set
2021-05-18 13:39:59 us=175066 OPTIONS IMPORT: adjusting link_mtu to 1626
2021-05-18 13:39:59 us=175087 OPTIONS IMPORT: data channel crypto options modified
2021-05-18 13:39:59 us=175108 Data Channel: using negotiated cipher 'AES-256-GCM'
2021-05-18 13:39:59 us=175152 Data Channel MTU parms [ L:1554 D:1450 EF:54 EB:406 ET:0 EL:3 ]
2021-05-18 13:39:59 us=175403 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2021-05-18 13:39:59 us=175439 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2021-05-18 13:39:59 us=175712 ROUTE_GATEWAY 172.29.40.1/255.255.252.0 IFACE=eth0 HWADDR=02:42:ac:1d:28:02
2021-05-18 13:39:59 us=176208 TUN/TAP device tun0 opened
2021-05-18 13:39:59 us=176242 do_ifconfig, ipv4=1, ipv6=0
2021-05-18 13:39:59 us=176283 /sbin/ip link set dev tun0 up mtu 1500
2021-05-18 13:39:59 us=177434 /sbin/ip link set dev tun0 up
2021-05-18 13:39:59 us=178355 /sbin/ip addr add dev tun0 10.134.1.218/22
2021-05-18 13:39:59 us=179722 /sbin/ip route add 185.157.162.10/32 via 172.29.40.1
2021-05-18 13:39:59 us=180579 /sbin/ip route add 0.0.0.0/1 via 10.134.0.1
2021-05-18 13:39:59 us=181738 /sbin/ip route add 128.0.0.0/1 via 10.134.0.1
2021-05-18 13:39:59 us=182702 Initialization Sequence Completed
Killed
---- Running with the following variables ----
Kill switch: on
HTTP proxy: onSo small update.
Considering your comment how it seemed it wasn't the containers fault. You were right.
I found this thread: https://forum.qnap.com/viewtopic.php?t=146127 Some Qnap process keeps killing other openvpn processes. (even containerized ones) I deployed the stack on my game server and low and behold it works right away.
Good thing I'm building my own freeNas server this week so I can get rid of the qnaps.
So sorry for any wasted time!
I've been trying to get this container working but for some reason it never starts up properly. It gets to Initialization Sequence Completed and then kills itself a second later and keeps looping like this.
My docker compose (other services omitted):
My vpn conf:
Log snippet: