Hello! I tried to set up OpenVPN, but I have some problem.
server log: Jan 8 10:03:23 ubuntu-2gb-hel1-1 openvpn[1969]: 83.209.208.165:50071 TLS: Initial packet from [AF_INET]83.209.208.165:50071, sid=4123a399 61634224 Jan 8 10:03:23 ubuntu-2gb-hel1-1 openvpn[1969]: 83.209.208.165:50071 VERIFY OK: depth=1, C=KG, ST=NA, L=BISHKEK, O=OpenVPN-TEST, emailAddress=per.gunnars...@lappstockholm.se Jan 8 10:03:23 ubuntu-2gb-hel1-1 openvpn[1969]: 83.209.208.165:50071 VERIFY OK: depth=0, C=KG, ST=NA, O=OpenVPN-TEST, CN=Test-Client, emailAddress=hemma@gmail,com Jan 8 10:03:23 ubuntu-2gb-hel1-1 openvpn[1969]: 83.209.208.165:50071 peer info: IV_VER=2.4.7 Jan 8 10:03:23 ubuntu-2gb-hel1-1 openvpn[1969]: 83.209.208.165:50071 peer info: IV_PLAT=linux Jan 8 10:03:23 ubuntu-2gb-hel1-1 openvpn[1969]: 83.209.208.165:50071 peer info: IV_PROTO=2 Jan 8 10:03:23 ubuntu-2gb-hel1-1 openvpn[1969]: 83.209.208.165:50071 peer info: IV_NCP=2 Jan 8 10:03:23 ubuntu-2gb-hel1-1 openvpn[1969]: 83.209.208.165:50071 peer info: IV_LZ4=1 Jan 8 10:03:23 ubuntu-2gb-hel1-1 openvpn[1969]: 83.209.208.165:50071 peer info: IV_LZ4v2=1 Jan 8 10:03:23 ubuntu-2gb-hel1-1 openvpn[1969]: 83.209.208.165:50071 peer info: IV_LZO=1 Jan 8 10:03:23 ubuntu-2gb-hel1-1 openvpn[1969]: 83.209.208.165:50071 peer info: IV_COMP_STUB=1 Jan 8 10:03:23 ubuntu-2gb-hel1-1 openvpn[1969]: 83.209.208.165:50071 peer info: IV_COMP_STUBv2=1 Jan 8 10:03:23 ubuntu-2gb-hel1-1 openvpn[1969]: 83.209.208.165:50071 peer info: IV_TCPNL=1 Jan 8 10:03:23 ubuntu-2gb-hel1-1 openvpn[1969]: 83.209.208.165:50071 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, 2048 bit RSA Jan 8 10:03:23 ubuntu-2gb-hel1-1 openvpn[1969]: 83.209.208.165:50071 [Test-Client] Peer Connection Initiated with [AF_INET]83.209.208.165:50071 Jan 8 10:03:23 ubuntu-2gb-hel1-1 openvpn[1969]: MULTI: new connection by client 'Test-Client' will cause previous active sessions by this client to be dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect. Jan 8 10:03:23 ubuntu-2gb-hel1-1 openvpn[1969]: MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=(Not enabled) Jan 8 10:03:23 ubuntu-2gb-hel1-1 openvpn[1969]: MULTI: Learn: 10.8.0.6 -> Test-Client/83.209.208.165:50071 Jan 8 10:03:23 ubuntu-2gb-hel1-1 openvpn[1969]: MULTI: primary virtual IP for Test-Client/83.209.208.165:50071: 10.8.0.6 Jan 8 10:03:24 ubuntu-2gb-hel1-1 openvpn[1969]: Test-Client/83.209.208.165:50071 PUSH: Received control message: 'PUSH_REQUEST' Jan 8 10:03:24 ubuntu-2gb-hel1-1 openvpn[1969]: Test-Client/83.209.208.165:50071 SENT CONTROL [Test-Client]: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5,peer-id 1,cipher AES-256-GCM' (status=1) Jan 8 10:03:24 ubuntu-2gb-hel1-1 openvpn[1969]: Test-Client/83.209.208.165:50071 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key Jan 8 10:03:24 ubuntu-2gb-hel1-1 openvpn[1969]: Test-Client/83.209.208.165:50071 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key Jan 8 10:03:32 ubuntu-2gb-hel1-1 openvpn[1969]: AEAD Decrypt error: cipher final failed Jan 8 10:04:23 ubuntu-2gb-hel1-1 openvpn[1969]: message repeated 5 times: [ AEAD Decrypt error: cipher final failed] client log: Jan 8 10:02:34 konjak ovpn-client[3451]: Restart pause, 5 second(s) Jan 8 10:02:39 konjak ovpn-client[3451]: TCP/UDP: Preserving recently used remote address: [AF_INET]95.216.184.255:1194 Jan 8 10:02:39 konjak ovpn-client[3451]: Socket Buffers: R=[212992->212992] S=[212992->212992] Jan 8 10:02:39 konjak ovpn-client[3451]: UDP link local: (not bound) Jan 8 10:02:39 konjak ovpn-client[3451]: UDP link remote: [AF_INET]95.216.184.255:1194 Jan 8 10:02:39 konjak ovpn-client[3451]: TLS: Initial packet from [AF_INET]95.216.184.255:1194, sid=b9bf835b ae4779d2 Jan 8 10:02:39 konjak ovpn-client[3451]: VERIFY OK: depth=1, C=KG, ST=NA, L=BISHKEK, O=OpenVPN-TEST, emailAddress=per.gunnars...@lappstockholm.se Jan 8 10:02:39 konjak ovpn-client[3451]: VERIFY KU OK Jan 8 10:02:39 konjak ovpn-client[3451]: Validating certificate extended key usage Jan 8 10:02:39 konjak ovpn-client[3451]: ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication Jan 8 10:02:39 konjak ovpn-client[3451]: VERIFY EKU OK Jan 8 10:02:39 konjak ovpn-client[3451]: VERIFY OK: depth=0, C=KG, ST=NA, O=OpenVPN-TEST, CN=Test-Server, emailAddress=per.gunnars...@lappstockholm.se Jan 8 10:02:39 konjak ovpn-client[3451]: Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, 2048 bit RSA Jan 8 10:02:39 konjak ovpn-client[3451]: [Test-Server] Peer Connection Initiated with [AF_INET]95.216.184.255:1194 Jan 8 10:02:40 konjak ovpn-client[3451]: SENT CONTROL [Test-Server]: 'PUSH_REQUEST' (status=1) Jan 8 10:02:40 konjak ovpn-client[3451]: PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5,peer-id 0,cipher AES-256-GCM' Jan 8 10:02:40 konjak ovpn-client[3451]: OPTIONS IMPORT: timers and/or timeouts modified Jan 8 10:02:40 konjak ovpn-client[3451]: OPTIONS IMPORT: --ifconfig/up options modified Jan 8 10:02:40 konjak ovpn-client[3451]: OPTIONS IMPORT: route options modified Jan 8 10:02:40 konjak ovpn-client[3451]: OPTIONS IMPORT: peer-id set Jan 8 10:02:40 konjak ovpn-client[3451]: OPTIONS IMPORT: adjusting link_mtu to 1624 Jan 8 10:02:40 konjak ovpn-client[3451]: OPTIONS IMPORT: data channel crypto options modified Jan 8 10:02:40 konjak ovpn-client[3451]: Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key Jan 8 10:02:40 konjak ovpn-client[3451]: Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key Jan 8 10:02:40 konjak ovpn-client[3451]: Preserving previous TUN/TAP instance: tun2 Jan 8 10:02:40 konjak ovpn-client[3451]: Initialization Sequence Completed Jan 8 10:03:18 konjak openvpn[3365]: [Test-Server] Inactivity timeout (--ping-restart), restarting Jan 8 10:03:18 konjak openvpn[3365]: SIGUSR1[soft,ping-restart] received, process restarting Jan 8 10:03:18 konjak openvpn[3365]: Restart pause, 5 second(s) _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
