Menu
What's new
By:
Filters Better Search

VPN says "connected" but no connections are responsive

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

C

calculon

Occasional Visitor
I have an ASUS RT-N66U (Client) and an ASUS AC88U (Server). Both are running 380.65_2. After upgrading to that specific version on the client and leaving the server at ~380.64, I noticed that there were issues were the client would would say that it was still connected to the VPN but any attempt at trying to ping 10.10.10.254 (network on the server side) would state "Request timed out." This happens on multiple devices and not just one.

It isn't specific to just that one IP Address, if I try to connect to the Server using it's IP address, it also fails with the the inability to ping or connect to the router's webserver. In the system log. all I see are a Packet Drops (because I have a high filter for NAT/Firewall packet logging - I have disabled it to diagnose for the next day). The below stuff is when it doesn't work.
Mar 29 20:37:51 kernel: DROP <4>DROP IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:d8:30:62:5d:cd:3b:08:00 <1>SRC=10.0.1.27 DST=10.0.1.255 <1>LEN=49 TOS=0x00 PREC=0x00 TTL=64 ID=24900 PROTO=UDP <1>SPT=61910 DPT=32414 LEN=29
Mar 29 20:38:01 kernel: DROP <4>DROP IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:d8:30:62:5d:cd:3b:08:00 <1>SRC=10.0.1.27 DST=10.0.1.255 <1>LEN=49 TOS=0x00 PREC=0x00 TTL=64 ID=35242 PROTO=UDP <1>SPT=64236 DPT=32412 LEN=29
Mar 29 20:38:01 kernel: DROP <4>DROP IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:d8:30:62:5d:cd:3b:08:00 <1>SRC=10.0.1.27 DST=10.0.1.255 <1>LEN=49 TOS=0x00 PREC=0x00 TTL=64 ID=35883 PROTO=UDP <1>SPT=61910 DPT=32414 LEN=29
Mar 29 20:38:01 kernel: DROP <4>DROP IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:d8:30:62:5d:cd:3b:08:00 <1>SRC=10.0.1.27 DST=255.255.255.255 <1>LEN=212 TOS=0x00 PREC=0x00 TTL=64 ID=27753 PROTO=UDP <1>SPT=17500 DPT=17500 LEN=192
Mar 29 20:38:01 kernel: DROP <4>DROP IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:d8:30:62:5d:cd:3b:08:00 <1>SRC=10.0.1.27 DST=10.0.1.255 <1>LEN=212 TOS=0x00 PREC=0x00 TTL=64 ID=37541 PROTO=UDP <1>SPT=17500 DPT=17500 LEN=192
Mar 29 20:38:06 kernel: DROP <4>DROP IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:d8:30:62:5d:cd:3b:08:00 <1>SRC=10.0.1.27 DST=10.0.1.255 <1>LEN=49 TOS=0x00 PREC=0x00 TTL=64 ID=53590 PROTO=UDP <1>SPT=64236 DPT=32412 LEN=29
Mar 29 20:38:06 kernel: DROP <4>DROP IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:d8:30:62:5d:cd:3b:08:00 <1>SRC=10.0.1.27 DST=10.0.1.255 <1>LEN=49 TOS=0x00 PREC=0x00 TTL=64 ID=27836 PROTO=UDP <1>SPT=61910 DPT=32414 LEN=29
Mar 29 20:38:16 kernel: DROP <4>DROP IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:d8:30:62:5d:cd:3b:08:00 <1>SRC=10.0.1.27 DST=10.0.1.255 <1>LEN=49 TOS=0x00 PREC=0x00 TTL=64 ID=53028 PROTO=UDP <1>SPT=64236 DPT=32412 LEN=29
Mar 29 20:38:16 kernel: DROP <4>DROP IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:d8:30:62:5d:cd:3b:08:00 <1>SRC=10.0.1.27 DST=10.0.1.255 <1>LEN=49 TOS=0x00 PREC=0x00 TTL=64 ID=20805 PROTO=UDP <1>SPT=61910 DPT=32414 LEN=29
Mar 29 20:38:21 kernel: DROP <4>DROP IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:d8:30:62:5d:cd:3b:08:00 <1>SRC=10.0.1.27 DST=10.0.1.255 <1>LEN=49 TOS=0x00 PREC=0x00 TTL=64 ID=7467 PROTO=UDP <1>SPT=64236 DPT=32412 LEN=29
Mar 29 20:38:21 kernel: DROP <4>DROP IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:d8:30:62:5d:cd:3b:08:00 <1>SRC=10.0.1.27 DST=10.0.1.255 <1>LEN=49 TOS=0x00 PREC=0x00 TTL=64 ID=45479 PROTO=UDP <1>SPT=61910 DPT=32414 LEN=29
Mar 29 20:38:31 kernel: DROP <4>DROP IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:d8:30:62:5d:cd:3b:08:00 <1>SRC=10.0.1.27 DST=10.0.1.255 <1>LEN=49 TOS=0x00 PREC=0x00 TTL=64 ID=22826 PROTO=UDP <1>SPT=64236 DPT=32412 LEN=29
Mar 29 20:38:31 kernel: DROP <4>DROP IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:d8:30:62:5d:cd:3b:08:00 <1>SRC=10.0.1.27 DST=10.0.1.255 <1>LEN=49 TOS=0x00 PREC=0x00 TTL=64 ID=8797 PROTO=UDP <1>SPT=61910 DPT=32414 LEN=29
Mar 29 20:38:31 kernel: DROP <4>DROP IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:d8:30:62:5d:cd:3b:08:00 <1>SRC=10.0.1.27 DST=255.255.255.255 <1>LEN=212 TOS=0x00 PREC=0x00 TTL=64 ID=27433 PROTO=UDP <1>SPT=17500 DPT=17500 LEN=192
Mar 29 20:38:31 kernel: DROP <4>DROP IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:d8:30:62:5d:cd:3b:08:00 <1>SRC=10.0.1.27 DST=10.0.1.255 <1>LEN=212 TOS=0x00 PREC=0x00 TTL=64 ID=18490 PROTO=UDP <1>SPT=17500 DPT=17500 LEN=192
Mar 29 20:38:36 kernel: DROP <4>DROP IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:d8:30:62:5d:cd:3b:08:00 <1>SRC=10.0.1.27 DST=10.0.1.255 <1>LEN=49 TOS=0x00 PREC=0x00 TTL=64 ID=15137 PROTO=UDP <1>SPT=64236 DPT=32412 LEN=29
Mar 29 20:38:36 kernel: DROP <4>DROP IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:d8:30:62:5d:cd:3b:08:00 <1>SRC=10.0.1.27 DST=10.0.1.255 <1>LEN=49 TOS=0x00 PREC=0x00 TTL=64 ID=35152 PROTO=UDP <1>SPT=61910 DPT=32414 LEN=29
Click to expand...

The routing table on the client
Code: 
IPv4 Routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.0.1.1 * 255.255.255.255 UH 0 0 0 WAN
10.0.1.0 * 255.255.255.0 U 0 0 0 WAN
10.8.0.0 * 255.255.255.0 U 0 0 0 tun11
192.168.1.0 * 255.255.255.0 U 0 0 0 LAN
10.10.10.0 10.8.0.1 255.255.255.0 UG 0 0 0 tun11
default 10.0.1.1 0.0.0.0 UG 0 0 0 WAN

Routing Table on an Endpoint:
Code: 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1     192.168.1.30     35
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    331
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    331
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    331
      192.168.1.0    255.255.255.0         On-link      192.168.1.30    291
     192.168.1.30  255.255.255.255         On-link      192.168.1.30    291
    192.168.1.255  255.255.255.255         On-link      192.168.1.30    291
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    331
        224.0.0.0        240.0.0.0         On-link      192.168.1.30    291
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    331
  255.255.255.255  255.255.255.255         On-link      192.168.1.30    291
===========================================================================

VPN status on server
Code: 
Clients
Common Name
Username    Real Address    Virtual Address
Virtual IPv6 Address    MBytes Received    MBytes Sent    Connected Since
user
user    Omit    10.8.0.2
0.89    0.23    Wed Mar 29 02:28:16 2017

Routes
Virtual Address    Common Name    Real Address    Last Ref
10.8.0.2    user


After turning the VPN client off, and then on again, I am able to ping and receive responses from across the VPN - same with connecting to the server.

Would really appreciate some help, as this is super broken, and I don't want to have to setup the VPN again.
 
Actually not shortly after posting this thread, it failed again after flipping the service off and on, and using ping to test connectivity.

After ~7 minutes it stopped responding again.

Full log from the client below:
Mar 29 20:44:21 openvpn[4266]: OpenVPN 2.4.0 mipsel-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Mar 10 2017
Mar 29 20:44:21 openvpn[4266]: library versions: OpenSSL 1.0.2k 26 Jan 2017, LZO 2.08
Mar 29 20:44:21 openvpn[4268]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Mar 29 20:44:21 openvpn[4268]: Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Mar 29 20:44:21 openvpn[4268]: Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Mar 29 20:44:22 openvpn[4268]: TCP/UDP: Preserving recently used remote address: [AF_INET]ser.ver.ip.add:11194
Mar 29 20:44:22 openvpn[4268]: Socket Buffers: R=[118784->118784] S=[118784->118784]
Mar 29 20:44:22 openvpn[4268]: UDP link local: (not bound)
Mar 29 20:44:22 openvpn[4268]: UDP link remote: [AF_INET]ser.ver.ip.add:11194
Mar 29 20:44:22 openvpn[4268]: TLS: Initial packet from [AF_INET]ser.ver.ip.add:11194, sid=05fefa6f 01e55c16
Mar 29 20:44:22 openvpn[4268]: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Mar 29 20:44:22 openvpn[4268]: VERIFY OK: depth=1, C=TW, ST=TW, L=Taipei, O=ASUS, CN=RT-AC88U, emailAddress=me@myhost.mydomain
Mar 29 20:44:22 openvpn[4268]: VERIFY OK: nsCertType=SERVER
Mar 29 20:44:22 openvpn[4268]: VERIFY OK: depth=0, C=TW, ST=TW, L=Taipei, O=ASUS, CN=RT-AC88U, emailAddress=me@myhost.mydomain
Mar 29 20:44:22 openvpn[4268]: Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
Mar 29 20:44:22 openvpn[4268]: [RT-AC88U] Peer Connection Initiated with [AF_INET]ser.ver.ip.add:11194
Mar 29 20:44:23 openvpn[4268]: SENT CONTROL [RT-AC88U]: 'PUSH_REQUEST' (status=1)
Mar 29 20:44:23 openvpn[4268]: PUSH: Received control message: 'PUSH_REPLY,route 10.10.10.0 255.255.255.0,dhcp-option DNS 10.10.10.1,route-gateway 10.8.0.1,topology subnet,ping 15,ping-restart 60,ifconfig 10.8.0.3 255.255.255.0,peer-id 1,cipher AES-128-GCM'
Mar 29 20:44:23 openvpn[4268]: OPTIONS IMPORT: timers and/or timeouts modified
Mar 29 20:44:23 openvpn[4268]: OPTIONS IMPORT: --ifconfig/up options modified
Mar 29 20:44:23 openvpn[4268]: OPTIONS IMPORT: route options modified
Mar 29 20:44:23 openvpn[4268]: OPTIONS IMPORT: route-related options modified
Mar 29 20:44:23 openvpn[4268]: OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Mar 29 20:44:23 openvpn[4268]: OPTIONS IMPORT: peer-id set
Mar 29 20:44:23 openvpn[4268]: OPTIONS IMPORT: adjusting link_mtu to 1625
Mar 29 20:44:23 openvpn[4268]: OPTIONS IMPORT: data channel crypto options modified
Mar 29 20:44:23 openvpn[4268]: Data Channel Encrypt: Cipher 'AES-128-GCM' initialized with 128 bit key
Mar 29 20:44:23 openvpn[4268]: Data Channel Decrypt: Cipher 'AES-128-GCM' initialized with 128 bit key
Mar 29 20:44:23 openvpn[4268]: TUN/TAP device tun11 opened
Mar 29 20:44:23 openvpn[4268]: TUN/TAP TX queue length set to 100
Mar 29 20:44:23 openvpn[4268]: do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Mar 29 20:44:23 openvpn[4268]: /usr/sbin/ip link set dev tun11 up mtu 1500
Mar 29 20:44:23 openvpn[4268]: /usr/sbin/ip addr add dev tun11 10.8.0.3/24 broadcast 10.8.0.255
Mar 29 20:44:25 openvpn[4268]: /usr/sbin/ip route add 10.10.10.0/24 via 10.8.0.1
Mar 29 20:44:25 openvpn-routing: Skipping, client 1 not in routing policy mode
Mar 29 20:44:25 openvpn[4268]: Initialization Sequence Completed
Mar 29 20:45:09 dnsmasq-dhcp[441]: DHCPREQUEST(br0) 192.168.1.30 1c:87:2c:b6:cb:a9
Mar 29 20:45:09 dnsmasq-dhcp[441]: DHCPACK(br0) 192.168.1.30 1c:87:2c:b6:cb:a9 DESKTOP-DGPJ1RT
Mar 29 20:51:07 openvpn[4268]: [RT-AC88U] Inactivity timeout (--ping-restart), restarting
Mar 29 20:51:07 openvpn[4268]: SIGUSR1[soft,ping-restart] received, process restarting
Mar 29 20:51:07 openvpn[4268]: Restart pause, 5 second(s)
Mar 29 20:51:12 openvpn[4268]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Mar 29 20:51:12 openvpn[4268]: TCP/UDP: Preserving recently used remote address: [AF_INET]ser.ver.ip.add:11194
Mar 29 20:51:12 openvpn[4268]: Socket Buffers: R=[118784->118784] S=[118784->118784]
Mar 29 20:51:12 openvpn[4268]: UDP link local: (not bound)
Mar 29 20:51:12 openvpn[4268]: UDP link remote: [AF_INET]ser.ver.ip.add:11194
Mar 29 20:51:12 openvpn[4268]: TLS: Initial packet from [AF_INET]ser.ver.ip.add:11194, sid=b009d030 11d1bc5e
Mar 29 20:51:13 openvpn[4268]: VERIFY OK: depth=1, C=TW, ST=TW, L=Taipei, O=ASUS, CN=RT-AC88U, emailAddress=me@myhost.mydomain
Mar 29 20:51:13 openvpn[4268]: VERIFY OK: nsCertType=SERVER
Mar 29 20:51:13 openvpn[4268]: VERIFY OK: depth=0, C=TW, ST=TW, L=Taipei, O=ASUS, CN=RT-AC88U, emailAddress=me@myhost.mydomain
Mar 29 20:51:13 openvpn[4268]: Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
Mar 29 20:51:13 openvpn[4268]: [RT-AC88U] Peer Connection Initiated with [AF_INET]ser.ver.ip.add:11194
Mar 29 20:51:14 openvpn[4268]: SENT CONTROL [RT-AC88U]: 'PUSH_REQUEST' (status=1)
Mar 29 20:51:14 openvpn[4268]: PUSH: Received control message: 'PUSH_REPLY,route 10.10.10.0 255.255.255.0,dhcp-option DNS 10.10.10.1,route-gateway 10.8.0.1,topology subnet,ping 15,ping-restart 60,ifconfig 10.8.0.2 255.255.255.0,peer-id 0,cipher AES-128-GCM'
Mar 29 20:51:14 openvpn[4268]: OPTIONS IMPORT: timers and/or timeouts modified
Mar 29 20:51:14 openvpn[4268]: OPTIONS IMPORT: --ifconfig/up options modified
Mar 29 20:51:14 openvpn[4268]: OPTIONS IMPORT: route options modified
Mar 29 20:51:14 openvpn[4268]: OPTIONS IMPORT: route-related options modified
Mar 29 20:51:14 openvpn[4268]: OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Mar 29 20:51:14 openvpn[4268]: OPTIONS IMPORT: peer-id set
Mar 29 20:51:14 openvpn[4268]: OPTIONS IMPORT: adjusting link_mtu to 1625
Mar 29 20:51:14 openvpn[4268]: OPTIONS IMPORT: data channel crypto options modified
Mar 29 20:51:14 openvpn[4268]: Data Channel Encrypt: Cipher 'AES-128-GCM' initialized with 128 bit key
Click to expand...
 
From the server, had to post this in multiple posts to get it to fit in the 10000 character limit
Mar 29 22:50:07 openvpn[1255]: event_wait : Interrupted system call (code=4)
Mar 29 22:50:07 openvpn[1255]: Closing TUN/TAP interface
Mar 29 22:50:07 openvpn[1255]: /usr/sbin/ip addr del dev tun21 10.8.0.1/24
Mar 29 22:50:07 openvpn[1255]: PLUGIN_CLOSE: /usr/lib/openvpn-plugin-auth-pam.so
Mar 29 22:50:07 openvpn[1255]: SIGTERM[hard,] received, process exiting
Mar 29 22:50:09 openvpn[24891]: NOTE: debug verbosity (--verb 8) is enabled but this build lacks debug support.
Mar 29 22:50:09 openvpn[24891]: WARNING: POTENTIALLY DANGEROUS OPTION --verify-client-cert none|optional (or --client-cert-not-required) may accept clients which do not present a certificate
Mar 29 22:50:09 openvpn[24891]: Current Parameter Settings:
have to omit some info to cut down the post to length
Mar 29 22:50:09 openvpn[24891]: auth_user_pass_file = '[UNDEF]'
Mar 29 22:50:09 openvpn[24891]: OpenVPN 2.4.0 arm-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Mar 10 2017
Mar 29 22:50:09 openvpn[24891]: library versions: OpenSSL 1.0.2k 26 Jan 2017, LZO 2.08
omit
Mar 29 22:50:09 openvpn[24892]: Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Mar 29 22:50:09 openvpn[24892]: Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Mar 29 22:50:09 openvpn[24892]: crypto_adjust_frame_parameters: Adjusting frame parameters for crypto by 72 bytes
Mar 29 22:50:09 openvpn[24892]: TLS-Auth MTU parms [ L:1622 D:1140 EF:110 EB:0 ET:0 EL:3 ]
Mar 29 22:50:09 openvpn[24892]: TUN/TAP device tun21 opened
Mar 29 22:50:09 openvpn[24892]: TUN/TAP TX queue length set to 100
Mar 29 22:50:09 openvpn[24892]: do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Mar 29 22:50:09 openvpn[24892]: /usr/sbin/ip link set dev tun21 up mtu 1500
Mar 29 22:50:09 openvpn[24892]: /usr/sbin/ip addr add dev tun21 10.8.0.1/24 broadcast 10.8.0.255
Mar 29 22:50:09 openvpn[24892]: Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
Mar 29 22:50:09 openvpn[24892]: Could not determine IPv4/IPv6 protocol. Using AF_INET6
Mar 29 22:50:09 openvpn[24892]: Socket Buffers: R=[122880->122880] S=[122880->122880]
Mar 29 22:50:09 openvpn[24892]: setsockopt(IPV6_V6ONLY=0)
Mar 29 22:50:09 openvpn[24892]: UDPv6 link local (bound): [AF_INET6][undef]:11194
Mar 29 22:50:09 openvpn[24892]: UDPv6 link remote: [AF_UNSPEC]
Mar 29 22:50:09 openvpn[24892]: MULTI: multi_init called, r=256 v=256
Mar 29 22:50:09 openvpn[24892]: IFCONFIG POOL: base=10.8.0.2 size=252, ipv6=0
Mar 29 22:50:09 openvpn[24892]: Initialization Sequence Completed
Mar 29 22:51:12 openvpn[24892]: MULTI: multi_create_instance called
Mar 29 22:51:12 openvpn[24892]: cli.ent.ip.add Re-using SSL/TLS context
Mar 29 22:51:12 openvpn[24892]: cli.ent.ip.add crypto_adjust_frame_parameters: Adjusting frame parameters for crypto by 72 bytes
Mar 29 22:51:12 openvpn[24892]: cli.ent.ip.add LZO compression initializing
Mar 29 22:51:12 openvpn[24892]: cli.ent.ip.add Control Channel MTU parms [ L:1622 D:1140 EF:110 EB:0 ET:0 EL:3 ]
Mar 29 22:51:12 openvpn[24892]: cli.ent.ip.add Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
Mar 29 22:51:12 openvpn[24892]: cli.ent.ip.add crypto_adjust_frame_parameters: Adjusting frame parameters for crypto by 100 bytes
Mar 29 22:51:12 openvpn[24892]: cli.ent.ip.add calc_options_string_link_mtu: link-mtu 1622 -> 1602
Mar 29 22:51:12 openvpn[24892]: cli.ent.ip.add crypto_adjust_frame_parameters: Adjusting frame parameters for crypto by 100 bytes
Mar 29 22:51:12 openvpn[24892]: cli.ent.ip.add calc_options_string_link_mtu: link-mtu 1622 -> 1602
Mar 29 22:51:12 openvpn[24892]: cli.ent.ip.add Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1602,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-server'
Mar 29 22:51:12 openvpn[24892]: cli.ent.ip.add Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1602,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-client'
Mar 29 22:51:12 openvpn[24892]: cli.ent.ip.add UDPv6 READ [86] from [AF_INET6]::ffff:cli.ent.ip.add:34614: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 pid=[ #1 ] [ ] pid=0 DATA len=0
Mar 29 22:51:12 openvpn[24892]: cli.ent.ip.add TLS: Initial packet from [AF_INET6]::ffff:cli.ent.ip.add:34614, sid=3b0a591d 06fd09e6
Mar 29 22:51:12 openvpn[24892]: cli.ent.ip.add UDPv6 WRITE [98] to [AF_INET6]::ffff:cli.ent.ip.add:34614: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 pid=[ #1 ] [ 0 ] pid=0 DATA len=0
Mar 29 22:51:12 openvpn[24892]: cli.ent.ip.add UDPv6 READ [94] from [AF_INET6]::ffff:cli.ent.ip.add:34614: P_ACK_V1 kid=0 pid=[ #2 ] [ 0 ]
Mar 29 22:51:12 openvpn[24892]: cli.ent.ip.add UDPv6 READ [259] from [AF_INET6]::ffff:cli.ent.ip.add:34614: P_CONTROL_V1 kid=0 pid=[ #3 ] [ ] pid=1 DATA len=173
Mar 29 22:51:12 openvpn[24892]: cli.ent.ip.add UDPv6 WRITE [1128] to [AF_INET6]::ffff:cli.ent.ip.add:34614: P_CONTROL_V1 kid=0 pid=[ #2 ] [ 1 ] pid=1 DATA len=1030
Mar 29 22:51:12 openvpn[24892]: cli.ent.ip.add UDPv6 WRITE [1106] to [AF_INET6]::ffff:cli.ent.ip.add:34614: P_CONTROL_V1 kid=0 pid=[ #3 ] [ ] pid=2 DATA len=1020
Mar 29 22:51:12 openvpn[24892]: cli.ent.ip.add UDPv6 READ [94] from [AF_INET6]::ffff:cli.ent.ip.add:34614: P_ACK_V1 kid=0 pid=[ #4 ] [ 1 ]
Mar 29 22:51:12 openvpn[24892]: cli.ent.ip.add UDPv6 READ [224] from [AF_INET6]::ffff:cli.ent.ip.add:34614: P_CONTROL_V1 kid=0 pid=[ #5 ] [ 2 ] pid=2 DATA len=126
Mar 29 22:51:12 openvpn[24892]: cli.ent.ip.add UDPv6 WRITE [149] to [AF_INET6]::ffff:cli.ent.ip.add:34614: P_CONTROL_V1 kid=0 pid=[ #4 ] [ 2 ] pid=3 DATA len=51
Mar 29 22:51:12 openvpn[24892]: cli.ent.ip.add UDPv6 READ [526] from [AF_INET6]::ffff:cli.ent.ip.add:34614: P_CONTROL_V1 kid=0 pid=[ #6 ] [ 3 ] pid=3 DATA len=428
Mar 29 22:51:12 openvpn[24892]: cli.ent.ip.add peer info: IV_VER=2.4.0
Mar 29 22:51:12 openvpn[24892]: cli.ent.ip.add peer info: IV_PLAT=linux
Mar 29 22:51:12 openvpn[24892]: cli.ent.ip.add peer info: IV_PROTO=2
Mar 29 22:51:12 openvpn[24892]: cli.ent.ip.add peer info: IV_NCP=2
Mar 29 22:51:12 openvpn[24892]: cli.ent.ip.add peer info: IV_LZ4=1
Mar 29 22:51:12 openvpn[24892]: cli.ent.ip.add peer info: IV_LZ4v2=1
Mar 29 22:51:12 openvpn[24892]: cli.ent.ip.add peer info: IV_LZO=1
Mar 29 22:51:12 openvpn[24892]: cli.ent.ip.add peer info: IV_COMP_STUB=1
Mar 29 22:51:12 openvpn[24892]: cli.ent.ip.add peer info: IV_COMP_STUBv2=1
Mar 29 22:51:12 openvpn[24892]: cli.ent.ip.add peer info: IV_TCPNL=1
omit some more info to cut it down - seems to be client info
Mar 29 22:51:13 openvpn[24892]: cli.ent.ip.add PLUGIN_CALL: POST /usr/lib/openvpn-plugin-auth-pam.so/PLUGIN_AUTH_USER_PASS_VERIFY status=0
Mar 29 22:51:13 openvpn[24892]: cli.ent.ip.add TLS: Username/Password authentication succeeded for username 'user' [CN SET]
Mar 29 22:51:13 openvpn[24892]: cli.ent.ip.add UDPv6 WRITE [344] to [AF_INET6]::ffff:cli.ent.ip.add:34614: P_CONTROL_V1 kid=0 pid=[ #5 ] [ 3 ] pid=4 DATA len=246
Mar 29 22:51:13 openvpn[24892]: cli.ent.ip.add UDPv6 READ [94] from [AF_INET6]::ffff:cli.ent.ip.add:34614: P_ACK_V1 kid=0 pid=[ #7 ] [ 4 ]
Mar 29 22:51:13 openvpn[24892]: cli.ent.ip.add Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384
Mar 29 22:51:13 openvpn[24892]: cli.ent.ip.add [user] Peer Connection Initiated with [AF_INET6]::ffff:cli.ent.ip.add:34614
Mar 29 22:51:13 openvpn[24892]: user/cli.ent.ip.add MULTI_sva: pool returned IPv4=10.8.0.2, IPv6=(Not enabled)
Mar 29 22:51:13 openvpn[24892]: user/cli.ent.ip.add MULTI: Learn: 10.8.0.2 -> user/cli.ent.ip.add
Mar 29 22:51:13 openvpn[24892]: user/cli.ent.ip.add MULTI: primary virtual IP for user/cli.ent.ip.add: 10.8.0.2
Mar 29 22:51:14 openvpn[24892]: user/cli.ent.ip.add UDPv6 READ [128] from [AF_INET6]::ffff:cli.ent.ip.add:34614: P_CONTROL_V1 kid=0 pid=[ #8 ] [ ] pid=4 DATA len=42
Mar 29 22:51:14 openvpn[24892]: user/cli.ent.ip.add PUSH: Received control message: 'PUSH_REQUEST'
Mar 29 22:51:14 openvpn[24892]: user/cli.ent.ip.add SENT CONTROL [user]: 'PUSH_REPLY,route 10.10.10.0 255.255.255.0,dhcp-option DNS 10.10.10.1,route-gateway 10.8.0.1,topology subnet,ping 15,ping-restart 60,ifconfig 10.8.0.2 255.255.255.0,peer-id 0,cipher AES-128-GCM' (status=1)
Mar 29 22:51:14 openvpn[24892]: user/cli.ent.ip.add crypto_adjust_frame_parameters: Adjusting frame parameters for crypto by 48 bytes
Mar 29 22:51:14 openvpn[24892]: user/cli.ent.ip.add Data Channel MTU parms [ L:1550 D:1450 EF:50 EB:406 ET:0 EL:3 ]
Mar 29 22:51:14 openvpn[24892]: user/cli.ent.ip.add Data Channel Decrypt: Cipher 'AES-128-GCM' initialized with 128 bit key
dupl line
Mar 29 22:51:14 openvpn[24892]: user/cli.ent.ip.add UDPv6 WRITE [94] to [AF_INET6]::ffff:cli.ent.ip.add:34614: P_ACK_V1 kid=0 pid=[ #6 ] [ 4 ]
Mar 29 22:51:14 openvpn[24892]: user/cli.ent.ip.add UDPv6 WRITE [308] to [AF_INET6]::ffff:cli.ent.ip.add:34614: P_CONTROL_V1 kid=0 pid=[ #7 ] [ ] pid=5 DATA len=222
Mar 29 22:51:14 openvpn[24892]: user/cli.ent.ip.add UDPv6 READ [94] from [AF_INET6]::ffff:cli.ent.ip.add:34614: P_ACK_V1 kid=0 pid=[ #9 ] [ 5 ]
Mar 29 22:51:14 openvpn[24892]: user/cli.ent.ip.add UDPv6 READ [77] from [AF_INET6]::ffff:cli.ent.ip.add:34614: P_DATA_V2 kid=0 DATA len=76
Mar 29 22:51:14 openvpn[24892]: user/cli.ent.ip.add MULTI: bad source address from client [10.8.0.3], packet dropped
Mar 29 22:51:15 openvpn[24892]: user/cli.ent.ip.add UDPv6 READ [77] from [AF_INET6]::ffff:cli.ent.ip.add:34614: P_DATA_V2 kid=0 DATA len=76
Mar 29 22:51:15 openvpn[24892]: user/cli.ent.ip.add MULTI: bad source address from client [10.8.0.3], packet dropped
Mar 29 22:51:16 openvpn[24892]: user/cli.ent.ip.add UDPv6 READ [73] from [AF_INET6]::ffff:cli.ent.ip.add:34614: P_DATA_V2 kid=0 DATA len=72
goes on like this for 300 lines
Click to expand...
 
You must log in or register to reply here.

Similar threads

B
Skynet Outbound blocks
Replies
1
Views
490
BeachGuy
B
J
Skynet Skynet - Blocked outbounds coming from the router itself?
Replies
12
Views
915
JuanGF
J
D
[ASUS AX86U Merlin] Blink Sync Module does not connect (connects to iphone hotspot)
Replies
0
Views
957
dasusm
D
J
AX86U constantly blocking repeated inbound connections
Replies
7
Views
2K
Tech9
Tech9
E
Need help with system log interpretation
Replies
1
Views
1K
Tech9
Tech9
Similar threads
Thread starter Title Forum Replies Date
P Accessing remotly Server While Using VPN on Asus Router with Merlin Firmware Asuswrt-Merlin 9
G Using VPN Director to route only torrent traffic through VPN Asuswrt-Merlin 9
B Unable to establish VPN connection to my PiVPN (ovpn) from my Asus RT-AC86U running Asuswrt-Merlin 386.14 Asuswrt-Merlin 1
T Wireguard Client VPN not using DNS Asuswrt-Merlin 14
S Wireguard VPN doesn't work, buyer beware Asuswrt-Merlin 6
G VPN director configuration for qBittorrent Asuswrt-Merlin 7
J ASUS GT-AXE16000 CPU usage with VPN on lan machine Asuswrt-Merlin 25
I Wireguard VPN client does not autostart after reboot Asuswrt-Merlin 2
Z Sudden VPN client issues with RX-AX82U Asuswrt-Merlin 5
D VPN director issue on RT-AC86U (386.14 Merlin FW) Asuswrt-Merlin 9

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 796 (members: 24, guests: 772)
Top