FAQ o OpenWrt | Sprzedam różne routery | Oddam

djpuzia · 2025-07-16 10:09:18

djpuzia
Użytkownik
Nieaktywny

Zarejestrowany: 2017-08-21
Posty: 19

Temat: OpenWRT 24.10 jako klient OpenVPN

Witajcie,
Próbuje od kilku dni ustawić OpenWRT jako klienta sieci OpenVPN.
Dostałem od właściciela serwera VPN plik xxx.ovpn z parametrami połączenia oraz login i hasło.

Zawartość pliku ovpn:
dev tun
persist-tun
persist-key
auth SHA512
cipher AES-256-GCM
client
resolv-retry infinite
remote XXXXX 61941 udp
lport 0
verify-x509-name "C=PL" subject
remote-cert-tls server
auth-user-pass VPN.auth
<ca>... wartość certyfikatu ...</ca>
<cert>... wartość certyfikatu ...</cert>
<key>... wartość certyfikatu ...</key>

Zaimportowałem go do routera oraz wrzuciłem login i hasło do pliku "auth". Niestety za nic nie chce się połączyć... zrzuca błędami:

Wed Jul 16 10:54:56 2025 daemon.err openvpn(VPN)[412]: TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Wed Jul 16 10:54:56 2025 daemon.err openvpn(VPN)[412]: TLS Error: TLS handshake failed
Wed Jul 16 10:55:00 2025 daemon.err openvpn(VPN)[412]: VERIFY ERROR: could not extract CN from X509 subject string ('C=PL') -- note that the field length is limited to 64 characters
Wed Jul 16 10:55:00 2025 daemon.err openvpn(VPN)[412]: TLS_ERROR: read tls_read_plaintext error: X509 - Certificate verification failed, e.g. CRL, CA or signature check failed
Wed Jul 16 10:55:00 2025 daemon.err openvpn(VPN)[412]: TLS Error: TLS object -> incoming plaintext read error
Wed Jul 16 10:55:00 2025 daemon.err openvpn(VPN)[412]: TLS Error: TLS handshake failed

Ten sam profil "ovpn" zaimportowany na telefon z klientem OpenVPN, zestawia bez problemu połączenie.
Serwer podobno jest na OPNsense.

Czy może być tak, że OpenWRT nie obsługuje certyfikatów założonych przez OPNsense?
Co mogę zweryfikować żeby znaleźć przyczynę błędu połączenia?

Cezary · 2025-07-16 10:33:06

Cezary
...
Nieaktywny

Skąd: Warszawa
Zarejestrowany: 2006-02-25
Posty: 116,242

Odp: OpenWRT 24.10 jako klient OpenVPN

1. Nie auth-user-pass VPN.auth tylko konktenie np. auth-user-pass /etc/openvpn/VPN.auth. Podaj pełną ścieżkę do pliku i on ma się tak nazywać (dużymi literami skoro tak podałeś)
2. Wywal linię verify-x509-name "C=PL" subject
3. VERIFY ERROR: could not extract CN from X509 subject string ('C=PL') -- note that the field length is limited to 64 characters

Certyfikat w konfigu nie jest w jeden linii tylko odpowiednio "połamany". Jeżeli coś zrobiłeś z konfigiem i popsułeś to to po prostu nie potrafi przeczytać certyfikatu się się buntuje.

Masz niepotrzebny router, uszkodzony czy nie - chętnie przygarnę go.

djpuzia · 2025-07-16 11:25:58

djpuzia
Użytkownik
Nieaktywny

Zarejestrowany: 2017-08-21
Posty: 19

Odp: OpenWRT 24.10 jako klient OpenVPN

Zrobiłem teraz w pliku ovpn tak:

dev tun
persist-tun
persist-key
auth SHA512
cipher AES-256-GCM
client
resolv-retry infinite
remote XXXX 61941 udp
lport 0
remote-cert-tls server
auth-user-pass /etc/openvpn/client.auth
ca /etc/openvpn/ca.crt
cert /etc/openvpn/client.crt
key /etc/openvpn/client.key

i umieściłem odpowiednie wpisy certyfikatów w podanych plikach i niestety dalej te same błędy
Zastanawia mnie ten błąd o długości pola maks 64... czego on dotyczy?

Cezary · 2025-07-16 11:36:08

Cezary
...
Nieaktywny

Skąd: Warszawa
Zarejestrowany: 2006-02-25
Posty: 116,242

Odp: OpenWRT 24.10 jako klient OpenVPN

Zainstaluj openssl-utils czy jak się tam pakiet nazywa i zówn

openssl x509 -in /etc/openvpn/ca.crt -text -noout
openssl x509 -in /etc/openvpn/client.crt -text -noout
openssl rsa -in  /etc/openvpn/client.key -text -noout

I zobacz czy pliki się czytają.

Masz niepotrzebny router, uszkodzony czy nie - chętnie przygarnę go.

djpuzia · 2025-07-16 11:46:06

djpuzia
Użytkownik
Nieaktywny

Zarejestrowany: 2017-08-21
Posty: 19

Odp: OpenWRT 24.10 jako klient OpenVPN

Wygląda, że czyta poprawnie, bo pokazuje całą zawartość... nie wklejam tutaj całości, tylko początki:

root@OpenWrt:~# openssl x509 -in /etc/openvpn/ca.crt -text -noout
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 0 (0x0)
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C = PL
        Validity
            Not Before: Jul 16 07:57:22 2025 GMT
            Not After : Jul 14 07:57:22 2035 GMT
        Subject: C = PL
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:b7:89:e7:cf

root@OpenWrt:~# openssl x509 -in /etc/openvpn/client.crt -text -noout
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3 (0x3)
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C = PL
        Validity
            Not Before: Jul 16 08:03:44 2025 GMT
            Not After : Jul 14 08:03:44 2035 GMT
        Subject: C = PL, CN = pawel
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:a6:12:31:9f

root@OpenWrt:~# openssl rsa -in  /etc/openvpn/client.key -text -noout
Private-Key: (2048 bit, 2 primes)
modulus:
    00:a6:12:31:9f:7a:26:74:4f:4e:d6:a5:e1:69:f8:
    a2:87:15:ec:36:

Cezary · 2025-07-16 11:46:47

Cezary
...
Nieaktywny

Skąd: Warszawa
Zarejestrowany: 2006-02-25
Posty: 116,242

Odp: OpenWRT 24.10 jako klient OpenVPN

Ok to co masz teraz w logach przy połączeniu?

Masz niepotrzebny router, uszkodzony czy nie - chętnie przygarnę go.

djpuzia · 2025-07-16 11:51:12

djpuzia
Użytkownik
Nieaktywny

Zarejestrowany: 2017-08-21
Posty: 19

Odp: OpenWRT 24.10 jako klient OpenVPN

Bez zmian

Wed Jul 16 12:49:50 2025 daemon.warn openvpn(client)[17947]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Wed Jul 16 12:49:50 2025 daemon.notice openvpn(client)[17947]: TCP/UDP: Preserving recently used remote address: [AF_INET]xxx:61941
Wed Jul 16 12:49:50 2025 daemon.notice openvpn(client)[17947]: UDPv4 link local (bound): [AF_INET][undef]:0
Wed Jul 16 12:49:50 2025 daemon.notice openvpn(client)[17947]: UDPv4 link remote: [AF_INET]xxx:61941
Wed Jul 16 12:49:50 2025 daemon.err openvpn(client)[17947]: VERIFY ERROR: could not extract CN from X509 subject string ('C=PL') -- note that the field length is limited to 64 characters
Wed Jul 16 12:49:50 2025 daemon.err openvpn(client)[17947]: TLS_ERROR: read tls_read_plaintext error: X509 - Certificate verification failed, e.g. CRL, CA or signature check failed
Wed Jul 16 12:49:50 2025 daemon.err openvpn(client)[17947]: TLS Error: TLS object -> incoming plaintext read error
Wed Jul 16 12:49:50 2025 daemon.err openvpn(client)[17947]: TLS Error: TLS handshake failed
Wed Jul 16 12:49:50 2025 daemon.notice openvpn(client)[17947]: SIGUSR1[soft,tls-error] received, process restarting

Cezary · 2025-07-16 12:01:05

Cezary
...
Nieaktywny

Skąd: Warszawa
Zarejestrowany: 2006-02-25
Posty: 116,242

Odp: OpenWRT 24.10 jako klient OpenVPN

Wywaliłeś z configa to sprawdzanie? Bo ob nie powinien już wydobywać tego C=PL

Masz niepotrzebny router, uszkodzony czy nie - chętnie przygarnę go.

djpuzia · 2025-07-16 12:20:57

djpuzia
Użytkownik
Nieaktywny

Zarejestrowany: 2017-08-21
Posty: 19

Odp: OpenWRT 24.10 jako klient OpenVPN

Tak, zostawiłem wpisy w pliku jak z postu #3
Zrobiłem też restart OpenWRT... bez zmian, non stop te same błędy.

Zgrałem jeszcze logi z klienta OpenVPN na Android z tym samym profilem OVPN... może coś widzisz szczególnego?

[lip 16, 2025, 13:09:35] ----- OpenVPN Start -----
[lip 16, 2025, 13:09:35] EVENT: CORE_THREAD_ACTIVE
[lip 16, 2025, 13:09:35] OpenVPN core 3.11.1(3.git::fbda4753:RelWithDebInfo) android arm64 64-bit PT_PROXY
[lip 16, 2025, 13:09:35] Frame=512/2112/512 mssfix-ctrl=1250
[lip 16, 2025, 13:09:35] NOTE: This configuration contains options that were not used:
[lip 16, 2025, 13:09:35] Feature not implemented (option ignored)
[lip 16, 2025, 13:09:35] 0 [lport] [0]
[lip 16, 2025, 13:09:35] Unsupported option (ignored)
[lip 16, 2025, 13:09:35] 0 [persist-tun]
[lip 16, 2025, 13:09:35] 1 [persist-key]
[lip 16, 2025, 13:09:35] 2 [resolv-retry] [infinite]
[lip 16, 2025, 13:09:35] EVENT: RESOLVE
[lip 16, 2025, 13:09:35] Contacting xxx:61941 via UDP
[lip 16, 2025, 13:09:35] EVENT: WAIT
[lip 16, 2025, 13:09:35] Connecting to [xxx]:61941 (xxx) via UDP
[lip 16, 2025, 13:09:35] EVENT: CONNECTING
[lip 16, 2025, 13:09:35] Tunnel Options:V4,dev-type tun,link-mtu 1585,tun-mtu 1500,proto UDPv4,cipher BF-CBC,auth SHA512,keysize 128,key-method 2,tls-client
[lip 16, 2025, 13:09:35] Creds: Username/Password
[lip 16, 2025, 13:09:35] Sending Peer Info:
IV_VER=3.11.1
IV_PLAT=android
IV_NCP=2
IV_TCPNL=1
IV_PROTO=8094
IV_MTU=1600
IV_CIPHERS=AES-128-CBC:AES-192-CBC:AES-256-CBC:AES-128-GCM:AES-192-GCM:AES-256-GCM:CHACHA20-POLY1305
IV_GUI_VER=net.openvpn.connect.android_3.7.1-10568
IV_SSO=webauth,crtext
IV_BS64DL=1

[lip 16, 2025, 13:09:35] SSL Handshake: peer certificate: CN=, 2048 bit RSA, cipher: TLS_AES_256_GCM_SHA384         TLSv1.3 Kx=any      Au=any   Enc=AESGCM(256)            Mac=AEAD
[lip 16, 2025, 13:09:35] Session is ACTIVE
[lip 16, 2025, 13:09:35] Sending PUSH_REQUEST to server...
[lip 16, 2025, 13:09:35] EVENT: GET_CONFIG
[lip 16, 2025, 13:09:36] Sending PUSH_REQUEST to server...
[lip 16, 2025, 13:09:36] OPTIONS:
0 [redirect-gateway] [def1]
1 [block-outside-dns]
2 [register-dns]
3 [route] [192.168.1.0] [255.255.255.224]
4 [route-gateway] [10.1.0.1]
5 [topology] [subnet]
6 [ifconfig] [10.1.0.11] [255.255.255.240]
7 [peer-id] [1]
8 [cipher] [AES-256-GCM]
9 [protocol-flags] [cc-exit] [tls-ekm] [dyn-tls-crypt]
10 [tun-mtu] [1500]
11 [block-ipv6]
12 [block-ipv4]

[lip 16, 2025, 13:09:36] PROTOCOL OPTIONS:
  key-derivation: TLS Keying Material Exporter [RFC5705]
  control channel: dynamic tls-crypt enabled
  data channel: cipher AES-256-GCM, peer-id 1

[lip 16, 2025, 13:09:36] EVENT: ASSIGN_IP
[lip 16, 2025, 13:09:36] Connected via tun
[lip 16, 2025, 13:09:36] EVENT: CONNECTED info='pawel@xxx:61941 (xxx) via /UDP on tun/10.1.0.11/ gw=[10.1.0.1/] mtu=1500'

Cezary · 2025-07-16 12:27:58

Cezary
...
Nieaktywny

Skąd: Warszawa
Zarejestrowany: 2006-02-25
Posty: 116,242

Odp: OpenWRT 24.10 jako klient OpenVPN

Punkt 2 wywaliłes?

Masz niepotrzebny router, uszkodzony czy nie - chętnie przygarnę go.

djpuzia · 2025-07-16 12:35:11

djpuzia
Użytkownik
Nieaktywny

Zarejestrowany: 2017-08-21
Posty: 19

Odp: OpenWRT 24.10 jako klient OpenVPN

Tak... nie mam już w configu wpisu "verify-x509-name "C=PL" subject"

Cezary · 2025-07-16 12:37:03

Cezary
...
Nieaktywny

Skąd: Warszawa
Zarejestrowany: 2006-02-25
Posty: 116,242

Odp: OpenWRT 24.10 jako klient OpenVPN

To nie powinien się o to pytać. Zrestartuj cały router, bo może proces openvpn chodzi w tle.

Masz niepotrzebny router, uszkodzony czy nie - chętnie przygarnę go.

djpuzia · 2025-07-16 13:21:50

djpuzia
Użytkownik
Nieaktywny

Zarejestrowany: 2017-08-21
Posty: 19

Odp: OpenWRT 24.10 jako klient OpenVPN

Robiłem kilka razy restarty i dalej są te same błędy.
A może serwer wymuszać to po stronie klienta?

Dałem jeszcze na chwilę poziom "verb" na 11:

Wed Jul 16 14:13:13 2025 daemon.notice openvpn(client)[14765]: OpenVPN 2.6.14 x86_64-openwrt-linux-gnu [SSL (mbed TLS)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] [DCO]
Wed Jul 16 14:13:13 2025 daemon.notice openvpn(client)[14765]: library versions: mbed TLS 3.6.3, LZO 2.10
Wed Jul 16 14:13:13 2025 daemon.notice openvpn(client)[14765]: DCO version: N/A
Wed Jul 16 14:13:13 2025 daemon.warn openvpn(client)[14765]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Wed Jul 16 14:13:13 2025 daemon.notice openvpn(client)[14765]: MTU: adding 426 buffer tailroom for compression for 1768 bytes of payload
Wed Jul 16 14:13:13 2025 daemon.notice openvpn(client)[14765]: Control Channel MTU parms [ mss_fix:0 max_frag:0 tun_mtu:1250 tun_max_mtu:0 headroom:126 payload:1600 tailroom:126 ET:0 ]
Wed Jul 16 14:13:13 2025 daemon.notice openvpn(client)[14765]: Data Channel MTU parms [ mss_fix:0 max_frag:0 tun_mtu:1500 tun_max_mtu:1600 headroom:136 payload:1768 tailroom:562 ET:0 ]
Wed Jul 16 14:13:13 2025 daemon.notice openvpn(client)[14765]: Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1549,tun-mtu 1500,proto UDPv4,cipher AES-256-GCM,auth [null-digest],keysize 256,key-method 2,tls-client'
Wed Jul 16 14:13:13 2025 daemon.notice openvpn(client)[14765]: Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1549,tun-mtu 1500,proto UDPv4,cipher AES-256-GCM,auth [null-digest],keysize 256,key-method 2,tls-server'
Wed Jul 16 14:13:13 2025 daemon.notice openvpn(client)[14765]: TCP/UDP: Preserving recently used remote address: [AF_INET]XXXX:61941
Wed Jul 16 14:13:13 2025 daemon.notice openvpn(client)[14765]: Socket Buffers: R=[212992->212992] S=[212992->212992]
Wed Jul 16 14:13:13 2025 daemon.notice openvpn(client)[14765]: UDPv4 link local (bound): [AF_INET][undef]:0
Wed Jul 16 14:13:13 2025 daemon.notice openvpn(client)[14765]: UDPv4 link remote: [AF_INET]XXXX:61941
Wed Jul 16 14:13:13 2025 daemon.notice openvpn(client)[14765]: dco_get_peer_stats: peer-id -1
Wed Jul 16 14:13:13 2025 daemon.notice openvpn(client)[14765]: write_control_auth(): P_CONTROL_HARD_RESET_CLIENT_V2
Wed Jul 16 14:13:13 2025 daemon.notice openvpn(client)[14765]:  event_wait returned 1
Wed Jul 16 14:13:13 2025 daemon.notice openvpn(client)[14765]: UDPv4 WRITE [14] to [AF_INET]XXXX:61941: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=cbcd12d9 33a7eff6 [ ] pid=0 DATA
Wed Jul 16 14:13:13 2025 daemon.notice openvpn(client)[14765]: UDPv4 write returned 14
Wed Jul 16 14:13:13 2025 daemon.notice openvpn(client)[14765]:  event_wait returned 1
Wed Jul 16 14:13:13 2025 daemon.notice openvpn(client)[14765]: UDPv4 read returned 26
Wed Jul 16 14:13:13 2025 daemon.notice openvpn(client)[14765]: UDPv4 READ [26] from [AF_INET]XXXX:61941: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 sid=3009fd78 b0c915d1 [ 0 sid=cbcd12d9 33a7eff6 ] pid=0 DATA
Wed Jul 16 14:13:13 2025 daemon.notice openvpn(client)[14765]: TLS: Initial packet from [AF_INET]XXXX:61941, sid=3009fd78 b0c915d1
Wed Jul 16 14:13:13 2025 daemon.warn openvpn(client)[14765]: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Wed Jul 16 14:13:13 2025 daemon.notice openvpn(client)[14765]: write_control_auth(): P_CONTROL_V1
Wed Jul 16 14:13:13 2025 daemon.notice openvpn(client)[14765]:  event_wait returned 1
Wed Jul 16 14:13:13 2025 daemon.notice openvpn(client)[14765]: UDPv4 WRITE [156] to [AF_INET]XXXX:61941: P_CONTROL_V1 kid=0 sid=cbcd12d9 33a7eff6 [ 0 sid=3009fd78 b0c915d1 ] pid=1 DATA 16030300 7d010000 79030368 779759a9 b345f1c5 2f1ae583 a2f8faf6 66d87ce[more...]
Wed Jul 16 14:13:13 2025 daemon.notice openvpn(client)[14765]: UDPv4 write returned 156
Wed Jul 16 14:13:13 2025 daemon.notice openvpn(client)[14765]:  event_wait returned 1
Wed Jul 16 14:13:13 2025 daemon.notice openvpn(client)[14765]: UDPv4 read returned 1202
Wed Jul 16 14:13:13 2025 daemon.notice openvpn(client)[14765]: UDPv4 READ [1202] from [AF_INET]XXXX:61941: P_CONTROL_V1 kid=0 sid=3009fd78 b0c915d1 [ 1 sid=cbcd12d9 33a7eff6 ] pid=1 DATA 16030300 3d020000 390303db a1681d27 7f48cf0d ee0bc3b2 98cd0ed6 744518f[more...]
Wed Jul 16 14:13:13 2025 daemon.notice openvpn(client)[14765]: write_control_auth(): P_ACK_V1
Wed Jul 16 14:13:13 2025 daemon.notice openvpn(client)[14765]:  event_wait returned 1
Wed Jul 16 14:13:13 2025 daemon.notice openvpn(client)[14765]: UDPv4 WRITE [26] to [AF_INET]XXXX:61941: P_ACK_V1 kid=0 sid=cbcd12d9 33a7eff6 [ 1 0 sid=3009fd78 b0c915d1 ] DATA
Wed Jul 16 14:13:13 2025 daemon.notice openvpn(client)[14765]: UDPv4 write returned 26
Wed Jul 16 14:13:13 2025 daemon.notice openvpn(client)[14765]:  event_wait returned 1
Wed Jul 16 14:13:13 2025 daemon.notice openvpn(client)[14765]: UDPv4 read returned 1028
Wed Jul 16 14:13:13 2025 daemon.notice openvpn(client)[14765]: UDPv4 READ [1028] from [AF_INET]XXXX:61941: P_CONTROL_V1 kid=0 sid=3009fd78 b0c915d1 [ 1 sid=cbcd12d9 33a7eff6 ] pid=2 DATA 80d9cc79 335c0cce 27a18711 ab9fb449 780f8bd4 cc7d2177 855470c3 bef736d[more...]
Wed Jul 16 14:13:13 2025 daemon.notice openvpn(client)[14765]: VERIFY OK: depth=1, C=PL
Wed Jul 16 14:13:13 2025 daemon.err openvpn(client)[14765]: VERIFY ERROR: could not extract CN from X509 subject string ('C=PL') -- note that the field length is limited to 64 characters
Wed Jul 16 14:13:13 2025 daemon.err openvpn(client)[14765]: TLS_ERROR: read tls_read_plaintext error: X509 - Certificate verification failed, e.g. CRL, CA or signature check failed
Wed Jul 16 14:13:13 2025 daemon.err openvpn(client)[14765]: TLS Error: TLS object -> incoming plaintext read error
Wed Jul 16 14:13:13 2025 daemon.err openvpn(client)[14765]: TLS Error: TLS handshake failed
Wed Jul 16 14:13:13 2025 daemon.notice openvpn(client)[14765]: TCP/UDP: Closing socket
Wed Jul 16 14:13:13 2025 daemon.notice openvpn(client)[14765]: SIGUSR1[soft,tls-error] received, process restarting
Wed Jul 16 14:13:13 2025 daemon.notice openvpn(client)[14765]: Restart pause, 1 second(s)
Wed Jul 16 14:13:14 2025 daemon.warn openvpn(client)[14765]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Wed Jul 16 14:13:14 2025 daemon.notice openvpn(client)[14765]: Re-using SSL/TLS context
Wed Jul 16 14:13:14 2025 daemon.notice openvpn(client)[14765]: MTU: adding 426 buffer tailroom for compression for 1768 bytes of payload
Wed Jul 16 14:13:14 2025 daemon.notice openvpn(client)[14765]: Control Channel MTU parms [ mss_fix:0 max_frag:0 tun_mtu:1250 tun_max_mtu:0 headroom:126 payload:1600 tailroom:126 ET:0 ]
Wed Jul 16 14:13:14 2025 daemon.notice openvpn(client)[14765]: Data Channel MTU parms [ mss_fix:0 max_frag:0 tun_mtu:1500 tun_max_mtu:1600 headroom:136 payload:1768 tailroom:562 ET:0 ]
Wed Jul 16 14:13:14 2025 daemon.notice openvpn(client)[14765]: Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1549,tun-mtu 1500,proto UDPv4,cipher AES-256-GCM,auth [null-digest],keysize 256,key-method 2,tls-client'
Wed Jul 16 14:13:14 2025 daemon.notice openvpn(client)[14765]: Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1549,tun-mtu 1500,proto UDPv4,cipher AES-256-GCM,auth [null-digest],keysize 256,key-method 2,tls-server'
Wed Jul 16 14:13:14 2025 daemon.notice openvpn(client)[14765]: TCP/UDP: Preserving recently used remote address: [AF_INET]XXXX:61941
Wed Jul 16 14:13:14 2025 daemon.notice openvpn(client)[14765]: Socket Buffers: R=[212992->212992] S=[212992->212992]
Wed Jul 16 14:13:14 2025 daemon.notice openvpn(client)[14765]: UDPv4 link local (bound): [AF_INET][undef]:0
Wed Jul 16 14:13:14 2025 daemon.notice openvpn(client)[14765]: UDPv4 link remote: [AF_INET]XXXX:61941
Wed Jul 16 14:13:14 2025 daemon.notice openvpn(client)[14765]: write_control_auth(): P_CONTROL_HARD_RESET_CLIENT_V2
Wed Jul 16 14:13:14 2025 daemon.notice openvpn(client)[14765]:  event_wait returned 1
Wed Jul 16 14:13:14 2025 daemon.notice openvpn(client)[14765]: UDPv4 WRITE [14] to [AF_INET]XXXX:61941: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=66e98424 e7657206 [ ] pid=0 DATA
Wed Jul 16 14:13:14 2025 daemon.notice openvpn(client)[14765]: UDPv4 write returned 14
Wed Jul 16 14:13:14 2025 daemon.notice openvpn(client)[14765]:  event_wait returned 1
Wed Jul 16 14:13:14 2025 daemon.notice openvpn(client)[14765]: UDPv4 read returned 26
Wed Jul 16 14:13:14 2025 daemon.notice openvpn(client)[14765]: UDPv4 READ [26] from [AF_INET]XXXX:61941: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 sid=98aab766 d429c937 [ 0 sid=66e98424 e7657206 ] pid=0 DATA
Wed Jul 16 14:13:14 2025 daemon.notice openvpn(client)[14765]: TLS: Initial packet from [AF_INET]XXXX:61941, sid=98aab766 d429c937
Wed Jul 16 14:13:14 2025 daemon.notice openvpn(client)[14765]: write_control_auth(): P_CONTROL_V1
Wed Jul 16 14:13:14 2025 daemon.notice openvpn(client)[14765]:  event_wait returned 1
Wed Jul 16 14:13:14 2025 daemon.notice openvpn(client)[14765]: UDPv4 WRITE [156] to [AF_INET]XXXX:61941: P_CONTROL_V1 kid=0 sid=66e98424 e7657206 [ 0 sid=98aab766 d429c937 ] pid=1 DATA 16030300 7d010000 79030368 77975ab7 56dacdbb b77533de a9ba91f7 7d47503[more...]
Wed Jul 16 14:13:14 2025 daemon.notice openvpn(client)[14765]: UDPv4 write returned 156
Wed Jul 16 14:13:14 2025 daemon.notice openvpn(client)[14765]:  event_wait returned 1
Wed Jul 16 14:13:14 2025 daemon.notice openvpn(client)[14765]: UDPv4 read returned 1202
Wed Jul 16 14:13:14 2025 daemon.notice openvpn(client)[14765]: UDPv4 READ [1202] from [AF_INET]XXXX:61941: P_CONTROL_V1 kid=0 sid=98aab766 d429c937 [ 1 sid=66e98424 e7657206 ] pid=1 DATA 16030300 3d020000 39030399 aa910e81 0077e4ed e8edd2ea de2a8dd9 6ab44fd[more...]
Wed Jul 16 14:13:14 2025 daemon.notice openvpn(client)[14765]: write_control_auth(): P_ACK_V1
Wed Jul 16 14:13:14 2025 daemon.notice openvpn(client)[14765]:  event_wait returned 1
Wed Jul 16 14:13:14 2025 daemon.notice openvpn(client)[14765]: UDPv4 WRITE [26] to [AF_INET]XXXX:61941: P_ACK_V1 kid=0 sid=66e98424 e7657206 [ 1 0 sid=98aab766 d429c937 ] DATA
Wed Jul 16 14:13:14 2025 daemon.notice openvpn(client)[14765]: UDPv4 write returned 26
Wed Jul 16 14:13:14 2025 daemon.notice openvpn(client)[14765]:  event_wait returned 1
Wed Jul 16 14:13:14 2025 daemon.notice openvpn(client)[14765]: UDPv4 read returned 1028
Wed Jul 16 14:13:14 2025 daemon.notice openvpn(client)[14765]: UDPv4 READ [1028] from [AF_INET]XXXX:61941: P_CONTROL_V1 kid=0 sid=98aab766 d429c937 [ 1 sid=66e98424 e7657206 ] pid=2 DATA 80d9cc79 335c0cce 27a18711 ab9fb449 780f8bd4 cc7d2177 855470c3 bef736d[more...]
Wed Jul 16 14:13:14 2025 daemon.notice openvpn(client)[14765]: VERIFY OK: depth=1, C=PL
Wed Jul 16 14:13:14 2025 daemon.err openvpn(client)[14765]: VERIFY ERROR: could not extract CN from X509 subject string ('C=PL') -- note that the field length is limited to 64 characters
Wed Jul 16 14:13:14 2025 daemon.err openvpn(client)[14765]: TLS_ERROR: read tls_read_plaintext error: X509 - Certificate verification failed, e.g. CRL, CA or signature check failed
Wed Jul 16 14:13:14 2025 daemon.err openvpn(client)[14765]: TLS Error: TLS object -> incoming plaintext read error
Wed Jul 16 14:13:14 2025 daemon.err openvpn(client)[14765]: TLS Error: TLS handshake failed
Wed Jul 16 14:13:14 2025 daemon.notice openvpn(client)[14765]: TCP/UDP: Closing socket
Wed Jul 16 14:13:14 2025 daemon.notice openvpn(client)[14765]: SIGUSR1[soft,tls-error] received, process restarting
Wed Jul 16 14:13:14 2025 daemon.notice openvpn(client)[14765]: Restart pause, 1 second(s)
Wed Jul 16 14:13:15 2025 daemon.warn openvpn(client)[14765]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Wed Jul 16 14:13:15 2025 daemon.notice openvpn(client)[14765]: Re-using SSL/TLS context
Wed Jul 16 14:13:15 2025 daemon.notice openvpn(client)[14765]: MTU: adding 426 buffer tailroom for compression for 1768 bytes of payload
Wed Jul 16 14:13:15 2025 daemon.notice openvpn(client)[14765]: Control Channel MTU parms [ mss_fix:0 max_frag:0 tun_mtu:1250 tun_max_mtu:0 headroom:126 payload:1600 tailroom:126 ET:0 ]
Wed Jul 16 14:13:15 2025 daemon.notice openvpn(client)[14765]: Data Channel MTU parms [ mss_fix:0 max_frag:0 tun_mtu:1500 tun_max_mtu:1600 headroom:136 payload:1768 tailroom:562 ET:0 ]
Wed Jul 16 14:13:15 2025 daemon.notice openvpn(client)[14765]: Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1549,tun-mtu 1500,proto UDPv4,cipher AES-256-GCM,auth [null-digest],keysize 256,key-method 2,tls-client'
Wed Jul 16 14:13:15 2025 daemon.notice openvpn(client)[14765]: Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1549,tun-mtu 1500,proto UDPv4,cipher AES-256-GCM,auth [null-digest],keysize 256,key-method 2,tls-server'
Wed Jul 16 14:13:15 2025 daemon.notice openvpn(client)[14765]: TCP/UDP: Preserving recently used remote address: [AF_INET]XXXX:61941
Wed Jul 16 14:13:15 2025 daemon.notice openvpn(client)[14765]: Socket Buffers: R=[212992->212992] S=[212992->212992]
Wed Jul 16 14:13:15 2025 daemon.notice openvpn(client)[14765]: UDPv4 link local (bound): [AF_INET][undef]:0
Wed Jul 16 14:13:15 2025 daemon.notice openvpn(client)[14765]: UDPv4 link remote: [AF_INET]XXXX:61941
Wed Jul 16 14:13:15 2025 daemon.notice openvpn(client)[14765]: write_control_auth(): P_CONTROL_HARD_RESET_CLIENT_V2
Wed Jul 16 14:13:15 2025 daemon.notice openvpn(client)[14765]:  event_wait returned 1
Wed Jul 16 14:13:15 2025 daemon.notice openvpn(client)[14765]: UDPv4 WRITE [14] to [AF_INET]XXXX:61941: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=c48ae311 7f12f41d [ ] pid=0 DATA
Wed Jul 16 14:13:15 2025 daemon.notice openvpn(client)[14765]: UDPv4 write returned 14
Wed Jul 16 14:13:15 2025 daemon.notice openvpn(client)[14765]:  event_wait returned 1
Wed Jul 16 14:13:15 2025 daemon.notice openvpn(client)[14765]: UDPv4 read returned 26
Wed Jul 16 14:13:15 2025 daemon.notice openvpn(client)[14765]: UDPv4 READ [26] from [AF_INET]XXXX:61941: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 sid=07006523 da579563 [ 0 sid=c48ae311 7f12f41d ] pid=0 DATA
Wed Jul 16 14:13:15 2025 daemon.notice openvpn(client)[14765]: TLS: Initial packet from [AF_INET]XXXX:61941, sid=07006523 da579563
Wed Jul 16 14:13:15 2025 daemon.notice openvpn(client)[14765]: write_control_auth(): P_CONTROL_V1
Wed Jul 16 14:13:15 2025 daemon.notice openvpn(client)[14765]:  event_wait returned 1
Wed Jul 16 14:13:15 2025 daemon.notice openvpn(client)[14765]: UDPv4 WRITE [156] to [AF_INET]XXXX:61941: P_CONTROL_V1 kid=0 sid=c48ae311 7f12f41d [ 0 sid=07006523 da579563 ] pid=1 DATA 16030300 7d010000 79030368 77975bd9 66e24e2f 26fb44c7 a57cc389 47e2598[more...]
Wed Jul 16 14:13:15 2025 daemon.notice openvpn(client)[14765]: UDPv4 write returned 156
Wed Jul 16 14:13:15 2025 daemon.notice openvpn(client)[14765]:  event_wait returned 1
Wed Jul 16 14:13:15 2025 daemon.notice openvpn(client)[14765]: UDPv4 read returned 1202
Wed Jul 16 14:13:15 2025 daemon.notice openvpn(client)[14765]: UDPv4 READ [1202] from [AF_INET]XXXX:61941: P_CONTROL_V1 kid=0 sid=07006523 da579563 [ 1 sid=c48ae311 7f12f41d ] pid=1 DATA 16030300 3d020000 39030316 99033684 28a8336c 2f28389a 4330e440 48ddf72[more...]
Wed Jul 16 14:13:15 2025 daemon.notice openvpn(client)[14765]: write_control_auth(): P_ACK_V1
Wed Jul 16 14:13:15 2025 daemon.notice openvpn(client)[14765]:  event_wait returned 1
Wed Jul 16 14:13:15 2025 daemon.notice openvpn(client)[14765]: UDPv4 WRITE [26] to [AF_INET]XXXX:61941: P_ACK_V1 kid=0 sid=c48ae311 7f12f41d [ 1 0 sid=07006523 da579563 ] DATA
Wed Jul 16 14:13:15 2025 daemon.notice openvpn(client)[14765]: UDPv4 write returned 26
Wed Jul 16 14:13:15 2025 daemon.notice openvpn(client)[14765]:  event_wait returned 1
Wed Jul 16 14:13:15 2025 daemon.notice openvpn(client)[14765]: UDPv4 read returned 1028
Wed Jul 16 14:13:15 2025 daemon.notice openvpn(client)[14765]: UDPv4 READ [1028] from [AF_INET]XXXX:61941: P_CONTROL_V1 kid=0 sid=07006523 da579563 [ 1 sid=c48ae311 7f12f41d ] pid=2 DATA 80d9cc79 335c0cce 27a18711 ab9fb449 780f8bd4 cc7d2177 855470c3 bef736d[more...]
Wed Jul 16 14:13:15 2025 daemon.notice openvpn(client)[14765]: VERIFY OK: depth=1, C=PL
Wed Jul 16 14:13:15 2025 daemon.err openvpn(client)[14765]: VERIFY ERROR: could not extract CN from X509 subject string ('C=PL') -- note that the field length is limited to 64 characters
Wed Jul 16 14:13:15 2025 daemon.err openvpn(client)[14765]: TLS_ERROR: read tls_read_plaintext error: X509 - Certificate verification failed, e.g. CRL, CA or signature check failed
Wed Jul 16 14:13:15 2025 daemon.err openvpn(client)[14765]: TLS Error: TLS object -> incoming plaintext read error
Wed Jul 16 14:13:15 2025 daemon.err openvpn(client)[14765]: TLS Error: TLS handshake failed
Wed Jul 16 14:13:15 2025 daemon.notice openvpn(client)[14765]: TCP/UDP: Closing socket
Wed Jul 16 14:13:15 2025 daemon.notice openvpn(client)[14765]: SIGUSR1[soft,tls-error] received, process restarting
Wed Jul 16 14:13:15 2025 daemon.notice openvpn(client)[14765]: Restart pause, 1 second(s)
Wed Jul 16 14:13:16 2025 daemon.warn openvpn(client)[14765]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Wed Jul 16 14:13:16 2025 daemon.notice openvpn(client)[14765]: Re-using SSL/TLS context
Wed Jul 16 14:13:16 2025 daemon.notice openvpn(client)[14765]: MTU: adding 426 buffer tailroom for compression for 1768 bytes of payload
Wed Jul 16 14:13:16 2025 daemon.notice openvpn(client)[14765]: Control Channel MTU parms [ mss_fix:0 max_frag:0 tun_mtu:1250 tun_max_mtu:0 headroom:126 payload:1600 tailroom:126 ET:0 ]
Wed Jul 16 14:13:16 2025 daemon.notice openvpn(client)[14765]: Data Channel MTU parms [ mss_fix:0 max_frag:0 tun_mtu:1500 tun_max_mtu:1600 headroom:136 payload:1768 tailroom:562 ET:0 ]
Wed Jul 16 14:13:16 2025 daemon.notice openvpn(client)[14765]: Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1549,tun-mtu 1500,proto UDPv4,cipher AES-256-GCM,auth [null-digest],keysize 256,key-method 2,tls-client'
Wed Jul 16 14:13:16 2025 daemon.notice openvpn(client)[14765]: Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1549,tun-mtu 1500,proto UDPv4,cipher AES-256-GCM,auth [null-digest],keysize 256,key-method 2,tls-server'
Wed Jul 16 14:13:16 2025 daemon.notice openvpn(client)[14765]: TCP/UDP: Preserving recently used remote address: [AF_INET]XXXX:61941
Wed Jul 16 14:13:16 2025 daemon.notice openvpn(client)[14765]: Socket Buffers: R=[212992->212992] S=[212992->212992]
Wed Jul 16 14:13:16 2025 daemon.notice openvpn(client)[14765]: UDPv4 link local (bound): [AF_INET][undef]:0
Wed Jul 16 14:13:16 2025 daemon.notice openvpn(client)[14765]: UDPv4 link remote: [AF_INET]XXXX:61941
Wed Jul 16 14:13:16 2025 daemon.notice openvpn(client)[14765]: write_control_auth(): P_CONTROL_HARD_RESET_CLIENT_V2
Wed Jul 16 14:13:16 2025 daemon.notice openvpn(client)[14765]:  event_wait returned 1
Wed Jul 16 14:13:16 2025 daemon.notice openvpn(client)[14765]: UDPv4 WRITE [14] to [AF_INET]XXXX:61941: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=5f642231 c3340330 [ ] pid=0 DATA
Wed Jul 16 14:13:16 2025 daemon.notice openvpn(client)[14765]: UDPv4 write returned 14
Wed Jul 16 14:13:16 2025 daemon.notice openvpn(client)[14765]:  event_wait returned 1
Wed Jul 16 14:13:16 2025 daemon.notice openvpn(client)[14765]: UDPv4 read returned 26
Wed Jul 16 14:13:16 2025 daemon.notice openvpn(client)[14765]: UDPv4 READ [26] from [AF_INET]XXXX:61941: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 sid=79ad3645 f20130b1 [ 0 sid=5f642231 c3340330 ] pid=0 DATA
Wed Jul 16 14:13:16 2025 daemon.notice openvpn(client)[14765]: TLS: Initial packet from [AF_INET]XXXX:61941, sid=79ad3645 f20130b1
Wed Jul 16 14:13:16 2025 daemon.notice openvpn(client)[14765]: write_control_auth(): P_CONTROL_V1
Wed Jul 16 14:13:16 2025 daemon.notice openvpn(client)[14765]:  event_wait returned 1
Wed Jul 16 14:13:16 2025 daemon.notice openvpn(client)[14765]: UDPv4 WRITE [156] to [AF_INET]XXXX:61941: P_CONTROL_V1 kid=0 sid=5f642231 c3340330 [ 0 sid=79ad3645 f20130b1 ] pid=1 DATA 16030300 7d010000 79030368 77975cce b42bb426 a34ab9a9 45a0c709 61434b6[more...]
Wed Jul 16 14:13:16 2025 daemon.notice openvpn(client)[14765]: UDPv4 write returned 156
Wed Jul 16 14:13:16 2025 daemon.notice openvpn(client)[14765]:  event_wait returned 1
Wed Jul 16 14:13:16 2025 daemon.notice openvpn(client)[14765]: UDPv4 read returned 1202
Wed Jul 16 14:13:16 2025 daemon.notice openvpn(client)[14765]: UDPv4 READ [1202] from [AF_INET]XXXX:61941: P_CONTROL_V1 kid=0 sid=79ad3645 f20130b1 [ 1 sid=5f642231 c3340330 ] pid=1 DATA 16030300 3d020000 390303f4 6de67391 b4540032 b330b68a a590be49 98086b7[more...]
Wed Jul 16 14:13:16 2025 daemon.notice openvpn(client)[14765]: write_control_auth(): P_ACK_V1
Wed Jul 16 14:13:16 2025 daemon.notice openvpn(client)[14765]:  event_wait returned 1
Wed Jul 16 14:13:16 2025 daemon.notice openvpn(client)[14765]: UDPv4 WRITE [26] to [AF_INET]XXXX:61941: P_ACK_V1 kid=0 sid=5f642231 c3340330 [ 1 0 sid=79ad3645 f20130b1 ] DATA
Wed Jul 16 14:13:16 2025 daemon.notice openvpn(client)[14765]: UDPv4 write returned 26
Wed Jul 16 14:13:16 2025 daemon.notice openvpn(client)[14765]:  event_wait returned 1
Wed Jul 16 14:13:16 2025 daemon.notice openvpn(client)[14765]: UDPv4 read returned 1028
Wed Jul 16 14:13:16 2025 daemon.notice openvpn(client)[14765]: UDPv4 READ [1028] from [AF_INET]XXXX:61941: P_CONTROL_V1 kid=0 sid=79ad3645 f20130b1 [ 1 sid=5f642231 c3340330 ] pid=2 DATA 80d9cc79 335c0cce 27a18711 ab9fb449 780f8bd4 cc7d2177 855470c3 bef736d[more...]
Wed Jul 16 14:13:16 2025 daemon.notice openvpn(client)[14765]: VERIFY OK: depth=1, C=PL
Wed Jul 16 14:13:16 2025 daemon.err openvpn(client)[14765]: VERIFY ERROR: could not extract CN from X509 subject string ('C=PL') -- note that the field length is limited to 64 characters
Wed Jul 16 14:13:16 2025 daemon.err openvpn(client)[14765]: TLS_ERROR: read tls_read_plaintext error: X509 - Certificate verification failed, e.g. CRL, CA or signature check failed
Wed Jul 16 14:13:16 2025 daemon.err openvpn(client)[14765]: TLS Error: TLS object -> incoming plaintext read error
Wed Jul 16 14:13:16 2025 daemon.err openvpn(client)[14765]: TLS Error: TLS handshake failed
Wed Jul 16 14:13:16 2025 daemon.notice openvpn(client)[14765]: TCP/UDP: Closing socket
Wed Jul 16 14:13:16 2025 daemon.notice openvpn(client)[14765]: SIGUSR1[soft,tls-error] received, process restarting
Wed Jul 16 14:13:16 2025 daemon.notice openvpn(client)[14765]: Restart pause, 1 second(s)
Wed Jul 16 14:13:17 2025 daemon.warn openvpn(client)[14765]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Wed Jul 16 14:13:17 2025 daemon.notice openvpn(client)[14765]: Re-using SSL/TLS context
Wed Jul 16 14:13:17 2025 daemon.notice openvpn(client)[14765]: MTU: adding 426 buffer tailroom for compression for 1768 bytes of payload
Wed Jul 16 14:13:17 2025 daemon.notice openvpn(client)[14765]: Control Channel MTU parms [ mss_fix:0 max_frag:0 tun_mtu:1250 tun_max_mtu:0 headroom:126 payload:1600 tailroom:126 ET:0 ]
Wed Jul 16 14:13:17 2025 daemon.notice openvpn(client)[14765]: Data Channel MTU parms [ mss_fix:0 max_frag:0 tun_mtu:1500 tun_max_mtu:1600 headroom:136 payload:1768 tailroom:562 ET:0 ]
Wed Jul 16 14:13:17 2025 daemon.notice openvpn(client)[14765]: Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1549,tun-mtu 1500,proto UDPv4,cipher AES-256-GCM,auth [null-digest],keysize 256,key-method 2,tls-client'
Wed Jul 16 14:13:17 2025 daemon.notice openvpn(client)[14765]: Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1549,tun-mtu 1500,proto UDPv4,cipher AES-256-GCM,auth [null-digest],keysize 256,key-method 2,tls-server'
Wed Jul 16 14:13:17 2025 daemon.notice openvpn(client)[14765]: TCP/UDP: Preserving recently used remote address: [AF_INET]XXXX:61941
Wed Jul 16 14:13:17 2025 daemon.notice openvpn(client)[14765]: Socket Buffers: R=[212992->212992] S=[212992->212992]
Wed Jul 16 14:13:17 2025 daemon.notice openvpn(client)[14765]: UDPv4 link local (bound): [AF_INET][undef]:0
Wed Jul 16 14:13:17 2025 daemon.notice openvpn(client)[14765]: UDPv4 link remote: [AF_INET]XXXX:61941
Wed Jul 16 14:13:17 2025 daemon.notice openvpn(client)[14765]: write_control_auth(): P_CONTROL_HARD_RESET_CLIENT_V2
Wed Jul 16 14:13:17 2025 daemon.notice openvpn(client)[14765]:  event_wait returned 1
Wed Jul 16 14:13:17 2025 daemon.notice openvpn(client)[14765]: UDPv4 WRITE [14] to [AF_INET]XXXX:61941: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=e1ed1c87 e9f16adc [ ] pid=0 DATA
Wed Jul 16 14:13:17 2025 daemon.notice openvpn(client)[14765]: UDPv4 write returned 14
Wed Jul 16 14:13:17 2025 daemon.notice openvpn(client)[14765]:  event_wait returned 1
Wed Jul 16 14:13:17 2025 daemon.notice openvpn(client)[14765]: UDPv4 read returned 26
Wed Jul 16 14:13:17 2025 daemon.notice openvpn(client)[14765]: UDPv4 READ [26] from [AF_INET]XXXX:61941: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 sid=d59bf812 af834cf4 [ 0 sid=e1ed1c87 e9f16adc ] pid=0 DATA
Wed Jul 16 14:13:17 2025 daemon.notice openvpn(client)[14765]: TLS: Initial packet from [AF_INET]XXXX:61941, sid=d59bf812 af834cf4
Wed Jul 16 14:13:17 2025 daemon.notice openvpn(client)[14765]: write_control_auth(): P_CONTROL_V1
Wed Jul 16 14:13:17 2025 daemon.notice openvpn(client)[14765]:  event_wait returned 1
Wed Jul 16 14:13:17 2025 daemon.notice openvpn(client)[14765]: UDPv4 WRITE [156] to [AF_INET]XXXX:61941: P_CONTROL_V1 kid=0 sid=e1ed1c87 e9f16adc [ 0 sid=d59bf812 af834cf4 ] pid=1 DATA 16030300 7d010000 79030368 77975d00 9c277eb9 0670d497 0e83dd28 eddb351[more...]
Wed Jul 16 14:13:17 2025 daemon.notice openvpn(client)[14765]: UDPv4 write returned 156
Wed Jul 16 14:13:17 2025 daemon.notice openvpn(client)[14765]:  event_wait returned 1
Wed Jul 16 14:13:17 2025 daemon.notice openvpn(client)[14765]: UDPv4 read returned 1202
Wed Jul 16 14:13:17 2025 daemon.notice openvpn(client)[14765]: UDPv4 READ [1202] from [AF_INET]XXXX:61941: P_CONTROL_V1 kid=0 sid=d59bf812 af834cf4 [ 1 sid=e1ed1c87 e9f16adc ] pid=1 DATA 16030300 3d020000 390303fc 85aff314 5c855165 7203c7cd 1f062009 4d4e708[more...]
Wed Jul 16 14:13:17 2025 daemon.notice openvpn(client)[14765]: write_control_auth(): P_ACK_V1
Wed Jul 16 14:13:17 2025 daemon.notice openvpn(client)[14765]:  event_wait returned 1
Wed Jul 16 14:13:17 2025 daemon.notice openvpn(client)[14765]: UDPv4 WRITE [26] to [AF_INET]XXXX:61941: P_ACK_V1 kid=0 sid=e1ed1c87 e9f16adc [ 1 0 sid=d59bf812 af834cf4 ] DATA
Wed Jul 16 14:13:17 2025 daemon.notice openvpn(client)[14765]: UDPv4 write returned 26
Wed Jul 16 14:13:17 2025 daemon.notice openvpn(client)[14765]:  event_wait returned 1
Wed Jul 16 14:13:17 2025 daemon.notice openvpn(client)[14765]: UDPv4 read returned 1028
Wed Jul 16 14:13:17 2025 daemon.notice openvpn(client)[14765]: UDPv4 READ [1028] from [AF_INET]XXXX:61941: P_CONTROL_V1 kid=0 sid=d59bf812 af834cf4 [ 1 sid=e1ed1c87 e9f16adc ] pid=2 DATA 80d9cc79 335c0cce 27a18711 ab9fb449 780f8bd4 cc7d2177 855470c3 bef736d[more...]
Wed Jul 16 14:13:17 2025 daemon.notice openvpn(client)[14765]: VERIFY OK: depth=1, C=PL
Wed Jul 16 14:13:17 2025 daemon.err openvpn(client)[14765]: VERIFY ERROR: could not extract CN from X509 subject string ('C=PL') -- note that the field length is limited to 64 characters
Wed Jul 16 14:13:17 2025 daemon.err openvpn(client)[14765]: TLS_ERROR: read tls_read_plaintext error: X509 - Certificate verification failed, e.g. CRL, CA or signature check failed
Wed Jul 16 14:13:17 2025 daemon.err openvpn(client)[14765]: TLS Error: TLS object -> incoming plaintext read error
Wed Jul 16 14:13:17 2025 daemon.err openvpn(client)[14765]: TLS Error: TLS handshake failed
Wed Jul 16 14:13:17 2025 daemon.notice openvpn(client)[14765]: TCP/UDP: Closing socket
Wed Jul 16 14:13:17 2025 daemon.notice openvpn(client)[14765]: SIGUSR1[soft,tls-error] received, process restarting
Wed Jul 16 14:13:17 2025 daemon.notice openvpn(client)[14765]: Restart pause, 2 second(s)
Wed Jul 16 14:13:19 2025 daemon.warn openvpn(client)[14765]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Wed Jul 16 14:13:19 2025 daemon.notice openvpn(client)[14765]: Re-using SSL/TLS context
Wed Jul 16 14:13:19 2025 daemon.notice openvpn(client)[14765]: MTU: adding 426 buffer tailroom for compression for 1768 bytes of payload
Wed Jul 16 14:13:19 2025 daemon.notice openvpn(client)[14765]: Control Channel MTU parms [ mss_fix:0 max_frag:0 tun_mtu:1250 tun_max_mtu:0 headroom:126 payload:1600 tailroom:126 ET:0 ]
Wed Jul 16 14:13:19 2025 daemon.notice openvpn(client)[14765]: Data Channel MTU parms [ mss_fix:0 max_frag:0 tun_mtu:1500 tun_max_mtu:1600 headroom:136 payload:1768 tailroom:562 ET:0 ]
Wed Jul 16 14:13:19 2025 daemon.notice openvpn(client)[14765]: Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1549,tun-mtu 1500,proto UDPv4,cipher AES-256-GCM,auth [null-digest],keysize 256,key-method 2,tls-client'
Wed Jul 16 14:13:19 2025 daemon.notice openvpn(client)[14765]: Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1549,tun-mtu 1500,proto UDPv4,cipher AES-256-GCM,auth [null-digest],keysize 256,key-method 2,tls-server'
Wed Jul 16 14:13:19 2025 daemon.notice openvpn(client)[14765]: TCP/UDP: Preserving recently used remote address: [AF_INET]XXXX:61941
Wed Jul 16 14:13:19 2025 daemon.notice openvpn(client)[14765]: Socket Buffers: R=[212992->212992] S=[212992->212992]
Wed Jul 16 14:13:19 2025 daemon.notice openvpn(client)[14765]: UDPv4 link local (bound): [AF_INET][undef]:0
Wed Jul 16 14:13:19 2025 daemon.notice openvpn(client)[14765]: UDPv4 link remote: [AF_INET]XXXX:61941
Wed Jul 16 14:13:19 2025 daemon.notice openvpn(client)[14765]: write_control_auth(): P_CONTROL_HARD_RESET_CLIENT_V2
Wed Jul 16 14:13:19 2025 daemon.notice openvpn(client)[14765]:  event_wait returned 1
Wed Jul 16 14:13:19 2025 daemon.notice openvpn(client)[14765]: UDPv4 WRITE [14] to [AF_INET]XXXX:61941: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=757dbfa6 bcf9d350 [ ] pid=0 DATA
Wed Jul 16 14:13:19 2025 daemon.notice openvpn(client)[14765]: UDPv4 write returned 14
Wed Jul 16 14:13:19 2025 daemon.notice openvpn(client)[14765]:  event_wait returned 1
Wed Jul 16 14:13:19 2025 daemon.notice openvpn(client)[14765]: UDPv4 read returned 26
Wed Jul 16 14:13:19 2025 daemon.notice openvpn(client)[14765]: UDPv4 READ [26] from [AF_INET]XXXX:61941: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 sid=1ce2bb4f 936ee347 [ 0 sid=757dbfa6 bcf9d350 ] pid=0 DATA
Wed Jul 16 14:13:19 2025 daemon.notice openvpn(client)[14765]: TLS: Initial packet from [AF_INET]XXXX:61941, sid=1ce2bb4f 936ee347
Wed Jul 16 14:13:19 2025 daemon.notice openvpn(client)[14765]: write_control_auth(): P_CONTROL_V1
Wed Jul 16 14:13:19 2025 daemon.notice openvpn(client)[14765]:  event_wait returned 1
Wed Jul 16 14:13:19 2025 daemon.notice openvpn(client)[14765]: UDPv4 WRITE [156] to [AF_INET]XXXX:61941: P_CONTROL_V1 kid=0 sid=757dbfa6 bcf9d350 [ 0 sid=1ce2bb4f 936ee347 ] pid=1 DATA 16030300 7d010000 79030368 77975f5a c7619a86 8110eea2 c22a9d96 98ff8a7[more...]
Wed Jul 16 14:13:19 2025 daemon.notice openvpn(client)[14765]: UDPv4 write returned 156
Wed Jul 16 14:13:20 2025 daemon.notice openvpn(client)[14765]:  event_wait returned 0
Wed Jul 16 14:13:22 2025 daemon.notice openvpn(client)[14765]:  event_wait returned 0
Wed Jul 16 14:13:22 2025 daemon.notice openvpn(client)[14765]: write_control_auth(): P_CONTROL_V1
Wed Jul 16 14:13:22 2025 daemon.notice openvpn(client)[14765]:  event_wait returned 1
Wed Jul 16 14:13:22 2025 daemon.notice openvpn(client)[14765]: UDPv4 WRITE [156] to [AF_INET]XXXX:61941: P_CONTROL_V1 kid=0 sid=757dbfa6 bcf9d350 [ 0 sid=1ce2bb4f 936ee347 ] pid=1 DATA 16030300 7d010000 79030368 77975f5a c7619a86 8110eea2 c22a9d96 98ff8a7[more...]
Wed Jul 16 14:13:22 2025 daemon.notice openvpn(client)[14765]: UDPv4 write returned 156
Wed Jul 16 14:13:23 2025 daemon.notice openvpn(client)[14765]:  event_wait returned 0
Wed Jul 16 14:13:24 2025 daemon.notice openvpn(client)[14765]:  event_wait returned 0
Wed Jul 16 14:13:25 2025 daemon.notice openvpn(client)[14765]:  event_wait returned 0
Wed Jul 16 14:13:26 2025 daemon.notice openvpn(client)[14765]:  event_wait returned 0
Wed Jul 16 14:13:26 2025 daemon.notice openvpn(client)[14765]: write_control_auth(): P_CONTROL_V1
Wed Jul 16 14:13:26 2025 daemon.notice openvpn(client)[14765]:  event_wait returned 1
Wed Jul 16 14:13:26 2025 daemon.notice openvpn(client)[14765]: UDPv4 WRITE [156] to [AF_INET]XXXX:61941: P_CONTROL_V1 kid=0 sid=757dbfa6 bcf9d350 [ 0 sid=1ce2bb4f 936ee347 ] pid=1 DATA 16030300 7d010000 79030368 77975f5a c7619a86 8110eea2 c22a9d96 98ff8a7[more...]
Wed Jul 16 14:13:26 2025 daemon.notice openvpn(client)[14765]: UDPv4 write returned 156
Wed Jul 16 14:13:27 2025 daemon.notice openvpn(client)[14765]:  event_wait returned 0
Wed Jul 16 14:13:28 2025 daemon.notice openvpn(client)[14765]:  event_wait returned 0
Wed Jul 16 14:13:29 2025 daemon.notice openvpn(client)[14765]:  event_wait returned 0
Wed Jul 16 14:13:31 2025 daemon.notice openvpn(client)[14765]:  event_wait returned 0
Wed Jul 16 14:13:32 2025 daemon.notice openvpn(client)[14765]:  event_wait returned 0
Wed Jul 16 14:13:33 2025 daemon.notice openvpn(client)[14765]:  event_wait returned 0
Wed Jul 16 14:13:34 2025 daemon.notice openvpn(client)[14765]:  event_wait returned 0
Wed Jul 16 14:13:34 2025 daemon.notice openvpn(client)[14765]: write_control_auth(): P_CONTROL_V1
Wed Jul 16 14:13:34 2025 daemon.notice openvpn(client)[14765]:  event_wait returned 1
Wed Jul 16 14:13:34 2025 daemon.notice openvpn(client)[14765]: UDPv4 WRITE [156] to [AF_INET]XXXX:61941: P_CONTROL_V1 kid=0 sid=757dbfa6 bcf9d350 [ 0 sid=1ce2bb4f 936ee347 ] pid=1 DATA 16030300 7d010000 79030368 77975f5a c7619a86 8110eea2 c22a9d96 98ff8a7[more...]
Wed Jul 16 14:13:34 2025 daemon.notice openvpn(client)[14765]: UDPv4 write returned 156
Wed Jul 16 14:13:35 2025 daemon.notice openvpn(client)[14765]:  event_wait returned 0
Wed Jul 16 14:13:36 2025 daemon.notice openvpn(client)[14765]:  event_wait returned 0
Wed Jul 16 14:13:37 2025 daemon.notice openvpn(client)[14765]:  event_wait returned 0
Wed Jul 16 14:13:38 2025 daemon.notice openvpn(client)[14765]:  event_wait returned -1
Wed Jul 16 14:13:38 2025 daemon.err openvpn(client)[14765]: event_wait : Interrupted system call (fd=-1,code=4)
Wed Jul 16 14:13:38 2025 daemon.notice openvpn(client)[14765]: TCP/UDP: Closing socket
Wed Jul 16 14:13:38 2025 daemon.notice openvpn(client)[14765]: SIGTERM[hard,] received, process exiting

Cezary · 2025-07-16 13:40:36

Cezary
...
Nieaktywny

Skąd: Warszawa
Zarejestrowany: 2006-02-25
Posty: 116,242

Odp: OpenWRT 24.10 jako klient OpenVPN

Dojrzałem - tobie CN'a brakuje w certyfikacie, masz tylko C=PL (kraj) nie masz common name.

Masz niepotrzebny router, uszkodzony czy nie - chętnie przygarnę go.

djpuzia · 2025-07-18 13:35:27

djpuzia
Użytkownik
Nieaktywny

Zarejestrowany: 2017-08-21
Posty: 19

Odp: OpenWRT 24.10 jako klient OpenVPN

Cezary napisał/a:

Dojrzałem - tobie CN'a brakuje w certyfikacie, masz tylko C=PL (kraj) nie masz common name.

Wielkie dzięki... poprawił właściciel serwera certy i wszystko śmiga!
Ciekawe tylko dlaczego klient OVPN na android nie krzyczał o to

Cezary · 2025-07-18 13:57:12

Cezary
...
Nieaktywny

Skąd: Warszawa
Zarejestrowany: 2006-02-25
Posty: 116,242

Odp: OpenWRT 24.10 jako klient OpenVPN

Na "oryginalnym" openvpn mówią że musi być CN i kropka. Więc strzelam że na androdzie implementacja tego jest napisane inaczej/przez kogoś innego niż natywny zespół i dlatego dopuszcza bez.

Masz niepotrzebny router, uszkodzony czy nie - chętnie przygarnę go.

FAQ o OpenWrt | Sprzedam różne routery | Oddam

OpenWRT 24.10 jako klient OpenVPN

Posty: 16

1 Temat przez djpuzia 2025-07-16 10:09:18

Temat: OpenWRT 24.10 jako klient OpenVPN

2 Odpowiedź przez Cezary 2025-07-16 10:33:06

Odp: OpenWRT 24.10 jako klient OpenVPN

3 Odpowiedź przez djpuzia 2025-07-16 11:25:58 (edytowany przez djpuzia 2025-07-16 11:26:16)

Odp: OpenWRT 24.10 jako klient OpenVPN

4 Odpowiedź przez Cezary 2025-07-16 11:36:08

Odp: OpenWRT 24.10 jako klient OpenVPN

5 Odpowiedź przez djpuzia 2025-07-16 11:46:06

Odp: OpenWRT 24.10 jako klient OpenVPN

6 Odpowiedź przez Cezary 2025-07-16 11:46:47

Odp: OpenWRT 24.10 jako klient OpenVPN

7 Odpowiedź przez djpuzia 2025-07-16 11:51:12 (edytowany przez djpuzia 2025-07-16 11:51:44)

Odp: OpenWRT 24.10 jako klient OpenVPN

8 Odpowiedź przez Cezary 2025-07-16 12:01:05

Odp: OpenWRT 24.10 jako klient OpenVPN

9 Odpowiedź przez djpuzia 2025-07-16 12:20:57

Odp: OpenWRT 24.10 jako klient OpenVPN

10 Odpowiedź przez Cezary 2025-07-16 12:27:58

Odp: OpenWRT 24.10 jako klient OpenVPN

11 Odpowiedź przez djpuzia 2025-07-16 12:35:11

Odp: OpenWRT 24.10 jako klient OpenVPN

12 Odpowiedź przez Cezary 2025-07-16 12:37:03

Odp: OpenWRT 24.10 jako klient OpenVPN

13 Odpowiedź przez djpuzia 2025-07-16 13:21:50

Odp: OpenWRT 24.10 jako klient OpenVPN

14 Odpowiedź przez Cezary 2025-07-16 13:40:36

Odp: OpenWRT 24.10 jako klient OpenVPN

15 Odpowiedź przez djpuzia 2025-07-18 13:35:27

Odp: OpenWRT 24.10 jako klient OpenVPN

16 Odpowiedź przez Cezary 2025-07-18 13:57:12

Odp: OpenWRT 24.10 jako klient OpenVPN

Posty: 16