Re: We have a winner!

#54088

DrmCa
Participant

Just for testing I set VPN up to use cert+password and created a certificate for the vpn0 user – it did not exist previously – then exported that certificate in pem format.
Once stored in the OpenVPN config folder and pointed at in the zeroshell.ovpn config file, VPN finally connected! Yahoo! Thanks again, redfive!
The VPN allocated a correct IP address 10.10.10.180 from the specified range to the connected client machine.
Still I was not able to ping the lan IP from the client machine, guess I need to set something up for that?
Also there was an unexpected side effect once disconnected from OpenVPN: I could no longer access any other VPNs (this is an office machine that normally connects to 1-2 other VPNs) until rebooted.
After a while a password dialog popped up again, not sure why. Here’s the full log from connect to disconnect:

Wed Apr 20 09:55:27 2016 OpenVPN 2.3.10 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on Feb 1 2016
Wed Apr 20 09:55:27 2016 Windows version 6.1 (Windows 7)
Wed Apr 20 09:55:27 2016 library versions: OpenSSL 1.0.1r 28 Jan 2016, LZO 2.09
Enter Management Password:
Wed Apr 20 09:55:27 2016 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Wed Apr 20 09:55:27 2016 Need hold release from management interface, waiting…
Wed Apr 20 09:55:28 2016 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Wed Apr 20 09:55:28 2016 MANAGEMENT: CMD ‘state on’
Wed Apr 20 09:55:28 2016 MANAGEMENT: CMD ‘log all on’
Wed Apr 20 09:55:28 2016 MANAGEMENT: CMD ‘hold off’
Wed Apr 20 09:55:28 2016 MANAGEMENT: CMD ‘hold release’
Wed Apr 20 09:55:37 2016 MANAGEMENT: CMD ‘username “Auth” “vpnuser0″‘
Wed Apr 20 09:55:37 2016 MANAGEMENT: CMD ‘password […]’
Wed Apr 20 09:55:38 2016 Socket Buffers: R=[8192->8192] S=[8192->8192]
Wed Apr 20 09:55:38 2016 MANAGEMENT: >STATE:1461160538,RESOLVE,,,
Wed Apr 20 09:55:38 2016 Attempting to establish TCP connection with [AF_INET]216.162.65.24:1194 [nonblock]
Wed Apr 20 09:55:38 2016 MANAGEMENT: >STATE:1461160538,TCP_CONNECT,,,
Wed Apr 20 09:55:39 2016 TCP connection established with [AF_INET]216.162.65.24:1194
Wed Apr 20 09:55:39 2016 TCPv4_CLIENT link local: [undef]
Wed Apr 20 09:55:39 2016 TCPv4_CLIENT link remote: [AF_INET]216.162.65.24:1194
Wed Apr 20 09:55:39 2016 MANAGEMENT: >STATE:1461160539,WAIT,,,
Wed Apr 20 09:55:39 2016 MANAGEMENT: >STATE:1461160539,AUTH,,,
Wed Apr 20 09:55:39 2016 TLS: Initial packet from [AF_INET]216.162.65.24:1194, sid=888072a4 f1bcde6c
Wed Apr 20 09:55:39 2016 VERIFY OK: depth=1, C=IT, O=Zeroshell.net, OU=Example, CN=ZeroShell Example CA, emailAddress=Fulvio.Ricciardi@zeroshell.net
Wed Apr 20 09:55:39 2016 VERIFY X509NAME OK: OU=Hosts, CN=router.earthlovesme.ca
Wed Apr 20 09:55:39 2016 VERIFY OK: depth=0, OU=Hosts, CN=router.earthlovesme.ca
Wed Apr 20 09:55:40 2016 Data Channel Encrypt: Cipher ‘BF-CBC’ initialized with 128 bit key
Wed Apr 20 09:55:40 2016 Data Channel Encrypt: Using 160 bit message hash ‘SHA1’ for HMAC authentication
Wed Apr 20 09:55:40 2016 Data Channel Decrypt: Cipher ‘BF-CBC’ initialized with 128 bit key
Wed Apr 20 09:55:40 2016 Data Channel Decrypt: Using 160 bit message hash ‘SHA1’ for HMAC authentication
Wed Apr 20 09:55:40 2016 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Wed Apr 20 09:55:40 2016 [router.earthlovesme.ca] Peer Connection Initiated with [AF_INET]216.162.65.24:1194
Wed Apr 20 09:55:41 2016 MANAGEMENT: >STATE:1461160541,GET_CONFIG,,,
Wed Apr 20 09:55:42 2016 SENT CONTROL [router.earthlovesme.ca]: ‘PUSH_REQUEST’ (status=1)
Wed Apr 20 09:55:42 2016 PUSH: Received control message: ‘PUSH_REPLY,route-gateway 10.10.10.1,redirect-gateway,dhcp-option DNS 10.10.10.1,,ping 5,ping-restart 60,ifconfig 10.10.10.180 255.255.255.0’
Wed Apr 20 09:55:42 2016 OPTIONS IMPORT: timers and/or timeouts modified
Wed Apr 20 09:55:42 2016 OPTIONS IMPORT: –ifconfig/up options modified
Wed Apr 20 09:55:42 2016 OPTIONS IMPORT: route options modified
Wed Apr 20 09:55:42 2016 OPTIONS IMPORT: route-related options modified
Wed Apr 20 09:55:42 2016 OPTIONS IMPORT: –ip-win32 and/or –dhcp-option options modified
Wed Apr 20 09:55:42 2016 ROUTE_GATEWAY 172.16.12.1/255.255.255.0 I=11 HWADDR=d4:be:d9:91:9e:53
Wed Apr 20 09:55:42 2016 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Wed Apr 20 09:55:42 2016 MANAGEMENT: >STATE:1461160542,ASSIGN_IP,,10.10.10.180,
Wed Apr 20 09:55:42 2016 open_tun, tt->ipv6=0
Wed Apr 20 09:55:42 2016 TAP-WIN32 device [Local Area Connection 5] opened: \.Global{E4BB7804-B41F-4569-9898-C57AD86C462E}.tap
Wed Apr 20 09:55:42 2016 TAP-Windows Driver Version 9.9
Wed Apr 20 09:55:42 2016 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.10.10.180/255.255.255.0 on interface {E4BB7804-B41F-4569-9898-C57AD86C462E} [DHCP-serv: 10.10.10.0, lease-time: 31536000]
Wed Apr 20 09:55:42 2016 Successful ARP Flush on interface [51] {E4BB7804-B41F-4569-9898-C57AD86C462E}
Wed Apr 20 09:55:47 2016 TEST ROUTES: 1/1 succeeded len=0 ret=1 a=0 u/d=up
Wed Apr 20 09:55:47 2016 C:Windowssystem32route.exe ADD 216.162.65.24 MASK 255.255.255.255 172.16.12.1
Wed Apr 20 09:55:47 2016 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=10 and dwForwardType=4
Wed Apr 20 09:55:47 2016 Route addition via IPAPI succeeded [adaptive]
Wed Apr 20 09:55:47 2016 C:Windowssystem32route.exe DELETE 0.0.0.0 MASK 0.0.0.0 172.16.12.1
Wed Apr 20 09:55:47 2016 Route deletion via IPAPI succeeded [adaptive]
Wed Apr 20 09:55:47 2016 C:Windowssystem32route.exe ADD 0.0.0.0 MASK 0.0.0.0 10.10.10.1
Wed Apr 20 09:55:47 2016 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4
Wed Apr 20 09:55:47 2016 Route addition via IPAPI succeeded [adaptive]
Wed Apr 20 09:55:47 2016 Initialization Sequence Completed
Wed Apr 20 09:55:47 2016 MANAGEMENT: >STATE:1461160547,CONNECTED,SUCCESS,10.10.10.180,216.162.65.24
Wed Apr 20 09:56:06 2016 write TCPv4_CLIENT: Connection reset by peer (WSAECONNRESET) (code=10054)
Wed Apr 20 09:56:06 2016 read TCPv4_CLIENT: Connection timed out (WSAETIMEDOUT) (code=10060)
Wed Apr 20 09:56:06 2016 Connection reset, restarting [-1]
Wed Apr 20 09:56:06 2016 SIGUSR1[soft,connection-reset] received, process restarting
Wed Apr 20 09:56:06 2016 MANAGEMENT: >STATE:1461160566,RECONNECTING,connection-reset,,
Wed Apr 20 09:56:06 2016 Restart pause, 5 second(s)
Wed Apr 20 09:56:16 2016 MANAGEMENT: Client disconnected
Wed Apr 20 09:56:16 2016 ERROR: could not read Auth username/password/ok/string from management interface
Wed Apr 20 09:56:16 2016 Exiting due to fatal error
Wed Apr 20 09:56:16 2016 Assertion failed at misc.c:785 (es)
Wed Apr 20 09:56:16 2016 Exiting due to fatal error