[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] openvpn


  • Subject: Re: [Openvpn-users] openvpn
  • From: Peter Leinen <peter@xxxxxxxxxxxxx>
  • Date: Tue, 5 Jun 2007 19:58:30 +0200

I got openvpn to work over udp with the following options
tun-mtu 1500
fragment 1400
mssfix

best regards 
  Peter

On Sunday 03 June 2007 21:41, Peter Leinen wrote:
> Hi all,
>
> I have set up a openvpn connection beetwen my linux box at home and my
> machine at work, which is also based on linux. Everythink seems fine, even
> a nfs mount was succesful (this is what I would like to do)
> But after a while I run into a inactivity-restart, independent on the
> traffic over the tun interface.
>
> Networkproblem? I used ssh connection with no problem over the last two
> years and also a ssh connection in parallel to a vpn connection is possible
> without any problem.
>
> The host at home is behind a fritz-box dsl-router and is for testing marked
> as a exposed host and has for the same reason at the moment no firewall
> running. ip_forward is on.
>
> The host at work is reachable over udp only and openend for tcp only for
> the ssh-port (afaik). So no answer to ping, for example. This is done at a
> central level, not on a personal firewall.
>
> As I said already, start and use for a short period is ok.
> But then a restart occurs and a second device tun1 is configured.
>
> Any configuration issues? (the configuration files are from the example
> session)
>
> Has anybody a look on the information below?
> More information needed?
>
> Best regards
>   Peter
>
> ## the version at the box in the office
> 	[leinen@<host-at-work>:~]$ openvpn --version
> 	OpenVPN 2.0.6 i686-pc-linux-gnu [SSL] [LZO] [EPOLL] built on May 29 2007
> 	Developed by James Yonan
> 	Copyright (C) 2002-2005 OpenVPN Solutions LLC <info@xxxxxxxxxxx>
>
> ## openvpn.conf on the server side
> 	port 1194
> 	proto udp
> 	dev tun
> 	ca /etc/openvpn/easy-rsa/keys/ca.crt
> 	cert /etc/openvpn/easy-rsa/keys/server.crt
> 	key /etc/openvpn/easy-rsa/keys/server.key  # This file should be kept
> secret dh /etc/openvpn/easy-rsa/keys/dh1024.pem
> 	erver 10.27.27.0 255.255.255.0
> 	ifconfig-pool-persist ipp.txt
> 	keepalive 10 120
> 	comp-lzo
> 	persist-key
> 	persist-tun
> 	status openvpn-status.log
> 	verb 3
>
> ## the version of openvpn at home
> 	[root@peter:~]# openvpn --version
> 	OpenVPN 2.1_rc2 i386-redhat-linux-gnu [SSL] [LZO1] [EPOLL] built on Mar  5
> 2007 Developed by James Yonan
> 	Copyright (C) 2002-2005 OpenVPN Solutions LLC <info@xxxxxxxxxxx>
>
> ## openvpn.conf on the client side
> 	client
> 	dev tun
> 	proto udp
> 	remote <fqn-of-host-at-work> 1194
> 	resolv-retry infinite
> 	nobind
> 	ca /etc/openvpn/easy-rsa/keys/ca.crt
> 	cert /etc/openvpn/easy-rsa/keys/client.crt
> 	key /etc/openvpn/easy-rsa/keys/client.key
> 	comp-lzo
> 	persist-key
> 	persist-tun
> 	verb 3
>
> ## the routing setup at home
> ## seems fine, at least for me
> ## forget about the vmnet1/8
> 	[root@peter:/var/log]# netstat -rn
> 	Kernel IP routing table
> 	Destination     Gateway         Genmask         Flags   MSS Window  irtt
> Iface 10.27.27.5      0.0.0.0         255.255.255.255 UH        0 0        
>  0 tun0 10.27.27.1      10.27.27.5      255.255.255.255 UGH       0 0      
>    0 tun0 192.168.1.0     0.0.0.0         255.255.255.0   U         0 0    
>      0 eth0 192.168.49.0    0.0.0.0         255.255.255.0   U         0 0  
>        0 vmnet8 172.16.14.0     0.0.0.0         255.255.255.0   U         0
> 0          0 vmnet1 169.254.0.0     0.0.0.0         255.255.0.0     U      
>   0 0          0 eth0 0.0.0.0         192.168.1.254   0.0.0.0         UG   
>     0 0          0 eth0
>
> ## try to ping the server over tun0
> ## perfect !!!
> 	[root@peter:/var/log]# ping 10.27.27.1
> 	PING 10.27.27.1 (10.27.27.1) 56(84) bytes of data.
> 	64 bytes from 10.27.27.1: icmp_seq=1 ttl=64 time=61.1 ms
> 	64 bytes from 10.27.27.1: icmp_seq=2 ttl=64 time=62.9 ms
> 	64 bytes from 10.27.27.1: icmp_seq=3 ttl=64 time=60.5 ms
> 	64 bytes from 10.27.27.1: icmp_seq=4 ttl=64 time=63.4 ms
> 	64 bytes from 10.27.27.1: icmp_seq=5 ttl=64 time=62.6 ms
> 	64 bytes from 10.27.27.1: icmp_seq=6 ttl=64 time=60.6 ms
> 	64 bytes from 10.27.27.1: icmp_seq=7 ttl=64 time=63.4 ms
>
> 	--- 10.27.27.1 ping statistics ---
> 	7 packets transmitted, 7 received, 0% packet loss, time 5999ms
> 	rtt min/avg/max/mdev = 60.595/62.132/63.478/1.205 ms
>
> ## ssh over tun0 works fine, also a ping back to the box at home
> ## ping to the host at work from home over internet does not work!?
> 	[leinen@<host-at-work>:~]$ ping 10.27.27.6
> 	PING 10.27.27.6 (10.27.27.6) 56(84) bytes of data.
> 	64 bytes from 10.27.27.6: icmp_seq=1 ttl=64 time=69.9 ms
> 	64 bytes from 10.27.27.6: icmp_seq=2 ttl=64 time=62.7 ms
> 	64 bytes from 10.27.27.6: icmp_seq=3 ttl=64 time=61.2 ms
> 	64 bytes from 10.27.27.6: icmp_seq=4 ttl=64 time=61.6 ms
> 	64 bytes from 10.27.27.6: icmp_seq=5 ttl=64 time=62.6 ms
> 	64 bytes from 10.27.27.6: icmp_seq=6 ttl=64 time=72.8 ms
> 	64 bytes from 10.27.27.6: icmp_seq=7 ttl=64 time=62.2 ms
> 	64 bytes from 10.27.27.6: icmp_seq=8 ttl=64 time=61.2 ms
> 	64 bytes from 10.27.27.6: icmp_seq=9 ttl=64 time=62.0 ms
> 	64 bytes from 10.27.27.6: icmp_seq=10 ttl=64 time=60.9 ms
> 	64 bytes from 10.27.27.6: icmp_seq=11 ttl=64 time=61.6 ms
> 	64 bytes from 10.27.27.6: icmp_seq=12 ttl=64 time=61.5 ms
> 	64 bytes from 10.27.27.6: icmp_seq=13 ttl=64 time=62.1 ms
> 	64 bytes from 10.27.27.6: icmp_seq=14 ttl=64 time=61.2 ms
>
> 	--- 10.27.27.6 ping statistics ---
> 	14 packets transmitted, 14 received, 0% packet loss, time 13020ms
> 	rtt min/avg/max/mdev = 60.929/63.155/72.812/3.457 ms
>
> ## some log entries of the linux machine at work
> 	20:50:50 office[]: MULTI: multi_create_instance called
> 	20:50:50 office[]: <ip-of-host-at-home>:62779 Re-using SSL/TLS context
> 	20:50:50 office[]: <ip-of-host-at-home>:62779 LZO compression initialized
> 	20:50:50 office[]: <ip-of-host-at-home>:62779 Control Channel MTU parms [
> L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ] 20:50:50 office[]:
> <ip-of-host-at-home>:62779 Data Channel MTU parms [ L:1542 D:1450 EF:42
> EB:135 ET:0 EL:0 AF:3/1 ] 20:50:50 office[]: <ip-of-host-at-home>:62779
> Local Options hash (VER=V4): '530fdded' 20:50:50 office[]:
> <ip-of-host-at-home>:62779 Expected Remote Options hash (VER=V4):
> '41690919' 20:50:50 office[]: <ip-of-host-at-home>:62779 TLS: Initial
> packet from <ip-of-host-at-home>:62779, sid=ee54d1e9 d6f823b9 20:50:50
> office[]: MULTI: multi_create_instance called
> 	20:50:50 office[]: <ip-of-host-at-home>:62780 Re-using SSL/TLS context
> 	20:50:50 office[]: <ip-of-host-at-home>:62780 LZO compression initialized
> 	20:50:50 office[]: <ip-of-host-at-home>:62780 Control Channel MTU parms [
> L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ] 20:50:50 office[]:
> <ip-of-host-at-home>:62780 Data Channel MTU parms [ L:1542 D:1450 EF:42
> EB:135 ET:0 EL:0 AF:3/1 ] 20:50:50 office[]: <ip-of-host-at-home>:62780
> Local Options hash (VER=V4): '530fdded' 20:50:50 office[]:
> <ip-of-host-at-home>:62780 Expected Remote Options hash (VER=V4):
> '41690919' 20:50:50 office[]: <ip-of-host-at-home>:62780 TLS: Initial
> packet from <ip-of-host-at-home>:62780, sid=c1d9a78b c46f217b 20:50:51
> office[]: <ip-of-host-at-home>:62779 VERIFY OK: depth=1,
> /C=DE/ST=RLP/L=Trier/O=Leinen_VPN/CN=Leinen_VPN_CA/emailAddress=peter.leine
>n@ 20:50:51 office[]: <ip-of-host-at-home>:62779 VERIFY OK: depth=0,
> /C=DE/ST=RLP/L=Trier/O=Leinen_VPN/CN=peter/emailAddress=peter.leinen@uni-tr
>ie 20:50:51 office[]: <ip-of-host-at-home>:62780 VERIFY OK: depth=1,
> /C=DE/ST=RLP/L=Trier/O=Leinen_VPN/CN=Leinen_VPN_CA/emailAddress=peter.leine
>n@ 20:50:51 office[]: <ip-of-host-at-home>:62780 VERIFY OK: depth=0,
> /C=DE/ST=RLP/L=Trier/O=Leinen_VPN/CN=peter/emailAddress=peter.leinen@uni-tr
>ie 20:50:51 office[]: <ip-of-host-at-home>:62779 Data Channel Encrypt:
> Cipher 'BF-CBC' initialized with 128 bit key 20:50:51 office[]:
> <ip-of-host-at-home>:62779 Data Channel Encrypt: Using 160 bit message hash
> 'SHA1' for HMAC authentication 20:50:51 office[]:
> <ip-of-host-at-home>:62779 Data Channel Decrypt: Cipher 'BF-CBC'
> initialized with 128 bit key 20:50:51 office[]: <ip-of-host-at-home>:62779
> Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC
> authentication 20:50:51 office[]: <ip-of-host-at-home>:62780 Data Channel
> Encrypt: Cipher 'BF-CBC' initialized with 128 bit key 20:50:51 office[]:
> <ip-of-host-at-home>:62780 Data Channel Encrypt: Using 160 bit message hash
> 'SHA1' for HMAC authentication 20:50:51 office[]:
> <ip-of-host-at-home>:62780 Data Channel Decrypt: Cipher 'BF-CBC'
> initialized with 128 bit key 20:50:51 office[]: <ip-of-host-at-home>:62780
> Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC
> authentication 20:50:51 office[]: <ip-of-host-at-home>:62779 Control
> Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
> 20:50:51 office[]: <ip-of-host-at-home>:62779 [peter] Peer Connection
> Initiated with <ip-of-host-at-home>:62779 20:50:51 office[]: MULTI: new
> connection by client 'peter' will cause previous active sessions by this
> client to be dropped.  Remember 20:50:51 office[]: MULTI: Learn: 10.27.27.6
> -> peter/<ip-of-host-at-home>:62779 20:50:51 office[]: MULTI: primary
> virtual IP for peter/<ip-of-host-at-home>:62779: 10.27.27.6 20:50:52
> office[]: peter/<ip-of-host-at-home>:62779 PUSH: Received control message:
> 'PUSH_REQUEST' 20:50:52 office[]: peter/<ip-of-host-at-home>:62779 SENT
> CONTROL [peter]: 'PUSH_REPLY,route 10.27.27.1,ping 10,ping-restart
> 120,ifconfig 10.27. 20:52:20 office[]: MULTI: multi_create_instance called
> 	20:52:20 office[]: <ip-of-host-at-home>:62781 Re-using SSL/TLS context
> 	20:52:20 office[]: <ip-of-host-at-home>:62781 LZO compression initialized
> 	20:52:20 office[]: <ip-of-host-at-home>:62781 Control Channel MTU parms [
> L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ] 20:52:20 office[]:
> <ip-of-host-at-home>:62781 Data Channel MTU parms [ L:1542 D:1450 EF:42
> EB:135 ET:0 EL:0 AF:3/1 ] 20:52:20 office[]: <ip-of-host-at-home>:62781
> Local Options hash (VER=V4): '530fdded' 20:52:20 office[]:
> <ip-of-host-at-home>:62781 Expected Remote Options hash (VER=V4):
> '41690919' 20:52:20 office[]: <ip-of-host-at-home>:62781 TLS: Initial
> packet from <ip-of-host-at-home>:62781, sid=a3f880dc 1d615d3b
>
> ## log mesages of the home box
> ## start of the vpn service
> 	20:52:24 home[]: OpenVPN 2.1_rc2 i386-redhat-linux-gnu [SSL] [LZO1]
> [EPOLL] built on Mar  5 2007 20:52:24 home[]: WARNING: No server
> certificate verification method has been enabled.  See
> http://openvpn.net/howto.html#mitm for more info. 20:52:24 home[]: LZO
> compression initialized
> 	20:52:24 home[]: Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0
> EL:0 ] 20:52:24 home[]: Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135
> ET:0 EL:0 AF:3/1 ] 20:52:24 home[]: Local Options hash (VER=V4): '41690919'
> 	20:52:24 home[]: Expected Remote Options hash (VER=V4): '530fdded'
> 	20:52:24 home[]: Socket Buffers: R=[109568->131072] S=[109568->131072]
> 	20:52:24 home[]: UDPv4 link local: [undef]
> 	20:52:24 home[]: UDPv4 link remote: <ip-of-host-at-work>:1194
> 	20:52:24 home[]: OpenVPN 2.1_rc2 i386-redhat-linux-gnu [SSL] [LZO1]
> [EPOLL] built on Mar  5 2007 20:52:24 home[]: WARNING: No server
> certificate verification method has been enabled.  See
> http://openvpn.net/howto.html#mitm for more info. 20:52:24 home[]: LZO
> compression initialized
> 	20:52:24 home[]: Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0
> EL:0 ] 20:52:24 home[]: Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135
> ET:0 EL:0 AF:3/1 ] 20:52:24 home[]: Local Options hash (VER=V4): '41690919'
> 	20:52:24 home[]: Expected Remote Options hash (VER=V4): '530fdded'
> 	20:52:24 home[]: Socket Buffers: R=[109568->131072] S=[109568->131072]
> 	20:52:24 home[]: UDPv4 link local: [undef]
> 	20:52:24 home[]: UDPv4 link remote: <ip-of-host-at-work>:1194
> 	20:52:24 home[]: TLS: Initial packet from <ip-of-host-at-work>:1194,
> sid=9e794b89 3d7ef3fb 20:52:24 home[]: TLS: Initial packet from
> <ip-of-host-at-work>:1194, sid=030e332f e15fb86d 20:52:25 home[]: VERIFY
> OK: depth=1,
> /C=DE/ST=RLP/L=Trier/O=Leinen_VPN/CN=Leinen_VPN_CA/emailAddress=somebody@so
>mewhere 20:52:25 home[]: VERIFY OK: depth=0,
> /C=DE/ST=RLP/L=Trier/O=Leinen_VPN/CN=<host-at-work>/emailAddress=somebody@s
>omewhere 20:52:25 home[]: VERIFY OK: depth=1,
> /C=DE/ST=RLP/L=Trier/O=Leinen_VPN/CN=Leinen_VPN_CA/emailAddress=somebody@so
>mewhere 20:52:25 home[]: VERIFY OK: depth=0,
> /C=DE/ST=RLP/L=Trier/O=Leinen_VPN/CN=<host-at-work>/emailAddress=somebody@s
>omewhere 20:52:25 home[]: Data Channel Encrypt: Cipher 'BF-CBC' initialized
> with 128 bit key 20:52:25 home[]: Data Channel Encrypt: Using 160 bit
> message hash 'SHA1' for HMAC authentication 20:52:25 home[]: Data Channel
> Decrypt: Cipher 'BF-CBC' initialized with 128 bit key 20:52:25 home[]: Data
> Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
> 20:52:25 home[]: Control Channel: TLSv1, cipher TLSv1/SSLv3
> DHE-RSA-AES256-SHA, 1024 bit RSA 20:52:25 home[]: [<host-at-work>] Peer
> Connection Initiated with <ip-of-host-at-work>:1194 20:52:25 home[]: Data
> Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key 20:52:25
> home[]: Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC
> authentication 20:52:25 home[]: Data Channel Decrypt: Cipher 'BF-CBC'
> initialized with 128 bit key 20:52:25 home[]: Data Channel Decrypt: Using
> 160 bit message hash 'SHA1' for HMAC authentication 20:52:25 home[]:
> Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
> 20:52:25 home[]: [<host-at-work>] Peer Connection Initiated with
> <ip-of-host-at-work>:1194 20:52:26 home[]: SENT CONTROL [<host-at-work>]:
> 'PUSH_REQUEST' (status=1) 20:52:26 home[]: PUSH: Received control message:
> 'PUSH_REPLY,route 10.27.27.1,ping 10,ping-restart 120,ifconfig 10.27.27.6
> 10.27.27.5' 20:52:26 home[]: OPTIONS IMPORT: timers and/or timeouts
> modified
> 	20:52:26 home[]: OPTIONS IMPORT: --ifconfig/up options modified
> 	20:52:26 home[]: OPTIONS IMPORT: route options modified
> 	20:52:26 home[]: TUN/TAP device tun0 opened
> 	20:52:26 home[]: TUN/TAP TX queue length set to 100
> 	20:52:26 home[]: /sbin/ip link set dev tun0 up mtu 1500
> 	20:52:26 home[]: /sbin/ip addr add dev tun0 local 10.27.27.6 peer
> 10.27.27.5 20:52:26 home[]: /sbin/ip route add 10.27.27.1/32 via 10.27.27.5
> 	20:52:26 home[]: Initialization Sequence Completed
> 	20:52:26 home[]: SENT CONTROL [<host-at-work>]: 'PUSH_REQUEST' (status=1)
> 	20:52:41 home[]: SENT CONTROL [<host-at-work>]: 'PUSH_REQUEST' (status=1)
> 	20:52:47 home[]: SENT CONTROL [<host-at-work>]: 'PUSH_REQUEST' (status=1)
> 	20:52:52 home[]: SENT CONTROL [<host-at-work>]: 'PUSH_REQUEST' (status=1)
> 	20:52:57 home[]: SENT CONTROL [<host-at-work>]: 'PUSH_REQUEST' (status=1)
> 	20:53:02 home[]: SENT CONTROL [<host-at-work>]: 'PUSH_REQUEST' (status=1)
> 	20:53:07 home[]: SENT CONTROL [<host-at-work>]: 'PUSH_REQUEST' (status=1)
> 	20:53:13 home[]: SENT CONTROL [<host-at-work>]: 'PUSH_REQUEST' (status=1)
> 	20:53:18 home[]: SENT CONTROL [<host-at-work>]: 'PUSH_REQUEST' (status=1)
> 	20:53:23 home[]: SENT CONTROL [<host-at-work>]: 'PUSH_REQUEST' (status=1)
> 	20:53:29 home[]: SENT CONTROL [<host-at-work>]: 'PUSH_REQUEST' (status=1)
> 	20:53:34 home[]: SENT CONTROL [<host-at-work>]: 'PUSH_REQUEST' (status=1)
> 	20:53:39 home[]: SENT CONTROL [<host-at-work>]: 'PUSH_REQUEST' (status=1)
> 	20:53:44 home[]: SENT CONTROL [<host-at-work>]: 'PUSH_REQUEST' (status=1)
> 	20:53:49 home[]: SENT CONTROL [<host-at-work>]: 'PUSH_REQUEST' (status=1)
> 	20:53:54 home[]: SENT CONTROL [<host-at-work>]: 'PUSH_REQUEST' (status=1)
> 	20:53:59 home[]: SENT CONTROL [<host-at-work>]: 'PUSH_REQUEST' (status=1)
> 	20:54:05 home[]: SENT CONTROL [<host-at-work>]: 'PUSH_REQUEST' (status=1)
> 	20:54:10 home[]: SENT CONTROL [<host-at-work>]: 'PUSH_REQUEST' (status=1)
> 	20:54:15 home[]: SENT CONTROL [<host-at-work>]: 'PUSH_REQUEST' (status=1)
> 	20:54:21 home[]: SENT CONTROL [<host-at-work>]: 'PUSH_REQUEST' (status=1)
> 	20:54:25 home[]: [<host-at-work>] Inactivity timeout (--ping-restart),
> restarting 20:54:25 home[]: TCP/UDP: Closing socket
> 	20:54:25 home[]: SIGUSR1[soft,ping-restart] received, process restarting
> 	20:54:25 home[]: Restart pause, 2 second(s)
> 	20:54:27 home[]: WARNING: No server certificate verification method has
> been enabled.  See http://openvpn.net/howto.html#mitm for more info.
> 20:54:27 home[]: Re-using SSL/TLS context
> 	20:54:27 home[]: LZO compression initialized
> 	20:54:27 home[]: Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0
> EL:0 ] 20:54:27 home[]: Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135
> ET:0 EL:0 AF:3/1 ] 20:54:27 home[]: Local Options hash (VER=V4): '41690919'
> 	20:54:27 home[]: Expected Remote Options hash (VER=V4): '530fdded'
> 	20:54:27 home[]: Socket Buffers: R=[109568->131072] S=[109568->131072]
> 	20:54:27 home[]: UDPv4 link local: [undef]
> 	20:54:27 home[]: UDPv4 link remote: <ip-of-host-at-work>:1194
> 	20:54:27 home[]: TLS: Initial packet from <ip-of-host-at-work>:1194,
> sid=92eac5a8 3237068a 20:54:27 home[]: VERIFY OK: depth=1,
> /C=DE/ST=RLP/L=Trier/O=Leinen_VPN/CN=Leinen_VPN_CA/emailAddress=somebody@so
>mewhere 20:54:27 home[]: VERIFY OK: depth=0,
> /C=DE/ST=RLP/L=Trier/O=Leinen_VPN/CN=<host-at-work>/emailAddress=somebody@s
>omewhere 20:54:28 home[]: Data Channel Encrypt: Cipher 'BF-CBC' initialized
> with 128 bit key 20:54:28 home[]: Data Channel Encrypt: Using 160 bit
> message hash 'SHA1' for HMAC authentication 20:54:28 home[]: Data Channel
> Decrypt: Cipher 'BF-CBC' initialized with 128 bit key 20:54:28 home[]: Data
> Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
> 20:54:28 home[]: Control Channel: TLSv1, cipher TLSv1/SSLv3
> DHE-RSA-AES256-SHA, 1024 bit RSA 20:54:28 home[]: [<host-at-work>] Peer
> Connection Initiated with <ip-of-host-at-work>:1194 20:54:29 home[]: SENT
> CONTROL [<host-at-work>]: 'PUSH_REQUEST' (status=1) 20:54:29 home[]: PUSH:
> Received control message: 'PUSH_REPLY,route 10.27.27.1,ping 10,ping-restart
> 120,ifconfig 10.27.27.6 10.27.27.5' 20:54:29 home[]: OPTIONS IMPORT: timers
> and/or timeouts modified
> 	20:54:29 home[]: OPTIONS IMPORT: --ifconfig/up options modified
> 	20:54:29 home[]: OPTIONS IMPORT: route options modified
> 	20:54:29 home[]: TUN/TAP device tun1 opened
> 	20:54:29 home[]: TUN/TAP TX queue length set to 100
> 	20:54:29 home[]: /sbin/ip link set dev tun1 up mtu 1500
> 	20:54:29 home[]: /sbin/ip addr add dev tun1 local 10.27.27.6 peer
> 10.27.27.5 20:54:29 home[]: /sbin/ip route add 10.27.27.1/32 via 10.27.27.5
> 	20:54:29 home[]: ERROR: Linux route add command failed: shell command
> exited with error status: 2 20:54:29 home[]: Initialization Sequence
> Completed
> 	20:55:07 home[]: event_wait : Interrupted system call (code=4)______________________
OpenVPN mailing lists
https://lists.sourceforge.net/lists/listinfo/openvpn-users