Hallo,
ich habe einen OpenVPN-Server der auf einem Raspberry läuft. Seit 5 Jahren absolut stabil. Mein Problem ist, seit ca. 2 Wochen bekomme ich mit meinem Handy als Client keine Verbindung mehr hin. Ich habe auf dem Handy OpenVPN von Arne Schwabe installiert.
Mein Dyddns Account ist erreichbar, die richtige IP wird übermittelt. Ich weiß nicht mehr weiter....
Könnte sich jemand das Logfile ansehen?
Config Server:
Vielen Dank
Gruß Rooki
ich habe einen OpenVPN-Server der auf einem Raspberry läuft. Seit 5 Jahren absolut stabil. Mein Problem ist, seit ca. 2 Wochen bekomme ich mit meinem Handy als Client keine Verbindung mehr hin. Ich habe auf dem Handy OpenVPN von Arne Schwabe installiert.
Mein Dyddns Account ist erreichbar, die richtige IP wird übermittelt. Ich weiß nicht mehr weiter....
Könnte sich jemand das Logfile ansehen?
2021-10-30 12:28:19 offizielle Version 0.7.16 läuft auf samsung SM-G985F (exynos990), Android 11 (RP1A.200720.012) API 30, ABI arm64-v8a, (samsung/y2seea/y2s:11/RP1A.200720.012/G985FXXUBDUI5:user/release-keys)
2021-10-30 12:28:19 Generiere OpenVPN-Konfiguration…
2021-10-30 12:28:19 MANAGEMENT: CMD 'signal SIGINT'
2021-10-30 12:28:19 SIGINT[hard,init_instance] received, process exiting
2021-10-30 12:28:19 MANAGEMENT: >STATE:1635589699,EXITING,init_instance,,,,,
2021-10-30 12:28:21 started Socket Thread
2021-10-30 12:28:21 Netzwerkstatus: CONNECTED to WIFI
2021-10-30 12:28:21 Debug state info: CONNECTED to WIFI , pause: userPause, shouldbeconnected: true, network: SHOULDBECONNECTED
2021-10-30 12:28:21 P:WARNING: linker: Warning: "/data/app/~~sHjABR7kgOvaK4UUtSSQOQ==/de.blinkt.openvpn-Zbh_Pe3V8MQBeyBjBy3qCA==/lib/arm64/libovpnexec.so" is not a directory (ignoring)
2021-10-30 12:28:21 Debug state info: CONNECTED to WIFI , pause: userPause, shouldbeconnected: true, network: SHOULDBECONNECTED
2021-10-30 12:28:21 WARNING: Compression enabled, Compression has been used in the past to break encryption. Enabling decompression of received packet only. Sent packets are not compressed.
2021-10-30 12:28:21 Current Parameter Settings:
2021-10-30 12:28:21 config = '/data/user/0/de.blinkt.openvpn/cache/android.conf'
2021-10-30 12:28:21 mode = 0
2021-10-30 12:28:21 show_ciphers = DISABLED
2021-10-30 12:28:21 show_digests = DISABLED
2021-10-30 12:28:21 show_engines = DISABLED
2021-10-30 12:28:21 genkey = DISABLED
2021-10-30 12:28:21 genkey_filename = '[UNDEF]'
2021-10-30 12:28:21 key_pass_file = '[UNDEF]'
2021-10-30 12:28:21 show_tls_ciphers = DISABLED
2021-10-30 12:28:21 connect_retry_max = 0
2021-10-30 12:28:21 Connection profiles [0]:
2021-10-30 12:28:21 proto = udp
2021-10-30 12:28:21 local = '[UNDEF]'
2021-10-30 12:28:21 local_port = '[UNDEF]'
2021-10-30 12:28:21 remote = 'xxx.dyndns.org'
2021-10-30 12:28:21 remote_port = '443'
2021-10-30 12:28:21 remote_float = DISABLED
2021-10-30 12:28:21 bind_defined = DISABLED
2021-10-30 12:28:21 bind_local = DISABLED
2021-10-30 12:28:21 bind_ipv6_only = DISABLED
2021-10-30 12:28:21 connect_retry_seconds = 2
2021-10-30 12:28:21 connect_timeout = 120
2021-10-30 12:28:21 socks_proxy_server = '[UNDEF]'
2021-10-30 12:28:21 socks_proxy_port = '[UNDEF]'
2021-10-30 12:28:21 tun_mtu = 1500
2021-10-30 12:28:21 tun_mtu_defined = ENABLED
2021-10-30 12:28:21 link_mtu = 1500
2021-10-30 12:28:21 link_mtu_defined = DISABLED
2021-10-30 12:28:21 tun_mtu_extra = 0
2021-10-30 12:28:21 tun_mtu_extra_defined = DISABLED
2021-10-30 12:28:21 mtu_discover_type = -1
2021-10-30 12:28:21 fragment = 0
2021-10-30 12:28:21 mssfix = 1450
2021-10-30 12:28:21 explicit_exit_notification = 0
2021-10-30 12:28:21 tls_auth_file = '[UNDEF]'
2021-10-30 12:28:21 key_direction = not set
2021-10-30 12:28:21 tls_crypt_file = '[UNDEF]'
2021-10-30 12:28:21 tls_crypt_v2_file = '[UNDEF]'
2021-10-30 12:28:21 Connection profiles END
2021-10-30 12:28:21 remote_random = DISABLED
2021-10-30 12:28:21 ipchange = '[UNDEF]'
2021-10-30 12:28:21 Warte 0s Sekunden zwischen zwei Verbindungsversuchen
2021-10-30 12:28:21 dev = 'tun'
2021-10-30 12:28:21 dev_type = '[UNDEF]'
2021-10-30 12:28:21 dev_node = '[UNDEF]'
2021-10-30 12:28:21 lladdr = '[UNDEF]'
2021-10-30 12:28:21 topology = 1
2021-10-30 12:28:21 ifconfig_local = '[UNDEF]'
2021-10-30 12:28:21 ifconfig_remote_netmask = '[UNDEF]'
2021-10-30 12:28:21 ifconfig_noexec = DISABLED
2021-10-30 12:28:21 ifconfig_nowarn = ENABLED
2021-10-30 12:28:21 ifconfig_ipv6_local = '[UNDEF]'
2021-10-30 12:28:21 ifconfig_ipv6_netbits = 0
2021-10-30 12:28:21 ifconfig_ipv6_remote = '[UNDEF]'
2021-10-30 12:28:21 shaper = 0
2021-10-30 12:28:21 mtu_test = 0
2021-10-30 12:28:21 mlock = DISABLED
2021-10-30 12:28:21 keepalive_ping = 0
2021-10-30 12:28:21 keepalive_timeout = 0
2021-10-30 12:28:21 inactivity_timeout = 0
2021-10-30 12:28:21 ping_send_timeout = 0
2021-10-30 12:28:21 ping_rec_timeout = 0
2021-10-30 12:28:21 ping_rec_timeout_action = 0
2021-10-30 12:28:21 ping_timer_remote = DISABLED
2021-10-30 12:28:21 remap_sigusr1 = 0
2021-10-30 12:28:21 persist_tun = ENABLED
2021-10-30 12:28:21 persist_local_ip = DISABLED
2021-10-30 12:28:21 persist_remote_ip = DISABLED
2021-10-30 12:28:21 persist_key = DISABLED
2021-10-30 12:28:21 passtos = DISABLED
2021-10-30 12:28:21 resolve_retry_seconds = 1000000000
2021-10-30 12:28:21 resolve_in_advance = ENABLED
2021-10-30 12:28:21 username = '[UNDEF]'
2021-10-30 12:28:21 groupname = '[UNDEF]'
2021-10-30 12:28:21 chroot_dir = '[UNDEF]'
2021-10-30 12:28:21 cd_dir = '[UNDEF]'
2021-10-30 12:28:21 writepid = '[UNDEF]'
2021-10-30 12:28:21 up_script = '[UNDEF]'
2021-10-30 12:28:21 down_script = '[UNDEF]'
2021-10-30 12:28:21 down_pre = DISABLED
2021-10-30 12:28:21 up_restart = DISABLED
2021-10-30 12:28:21 up_delay = DISABLED
2021-10-30 12:28:21 daemon = DISABLED
2021-10-30 12:28:21 inetd = 0
2021-10-30 12:28:21 log = DISABLED
2021-10-30 12:28:21 suppress_timestamps = DISABLED
2021-10-30 12:28:21 machine_readable_output = ENABLED
2021-10-30 12:28:21 nice = 0
2021-10-30 12:28:21 verbosity = 4
2021-10-30 12:28:21 mute = 0
2021-10-30 12:28:21 gremlin = 0
2021-10-30 12:28:21 status_file = '[UNDEF]'
2021-10-30 12:28:21 status_file_version = 1
2021-10-30 12:28:21 status_file_update_freq = 60
2021-10-30 12:28:21 occ = ENABLED
2021-10-30 12:28:21 rcvbuf = 0
2021-10-30 12:28:21 sndbuf = 0
2021-10-30 12:28:21 sockflags = 0
2021-10-30 12:28:21 fast_io = DISABLED
2021-10-30 12:28:21 comp.alg = 2
2021-10-30 12:28:21 comp.flags = 1
2021-10-30 12:28:21 route_script = '[UNDEF]'
2021-10-30 12:28:21 route_default_gateway = '[UNDEF]'
2021-10-30 12:28:21 route_default_metric = 0
2021-10-30 12:28:21 route_noexec = DISABLED
2021-10-30 12:28:21 route_delay = 0
2021-10-30 12:28:21 route_delay_window = 30
2021-10-30 12:28:21 route_delay_defined = DISABLED
2021-10-30 12:28:21 route_nopull = DISABLED
2021-10-30 12:28:21 route_gateway_via_dhcp = DISABLED
2021-10-30 12:28:21 allow_pull_fqdn = DISABLED
2021-10-30 12:28:21 management_addr = '/data/user/0/de.blinkt.openvpn/cache/mgmtsocket'
2021-10-30 12:28:21 management_port = 'unix'
2021-10-30 12:28:21 management_user_pass = '[UNDEF]'
2021-10-30 12:28:21 management_log_history_cache = 250
2021-10-30 12:28:21 management_echo_buffer_size = 100
2021-10-30 12:28:21 management_write_peer_info_file = '[UNDEF]'
2021-10-30 12:28:21 management_client_user = '[UNDEF]'
2021-10-30 12:28:21 management_client_group = '[UNDEF]'
2021-10-30 12:28:21 management_flags = 16678
2021-10-30 12:28:21 shared_secret_file = '[UNDEF]'
2021-10-30 12:28:21 key_direction = not set
2021-10-30 12:28:21 ciphername = 'BF-CBC'
2021-10-30 12:28:21 ncp_enabled = ENABLED
2021-10-30 12:28:21 ncp_ciphers = 'AES-256-GCM:AES-128-GCM'
2021-10-30 12:28:21 authname = 'SHA1'
2021-10-30 12:28:21 prng_hash = 'SHA1'
2021-10-30 12:28:21 prng_nonce_secret_len = 16
2021-10-30 12:28:21 keysize = 0
2021-10-30 12:28:21 engine = DISABLED
2021-10-30 12:28:21 replay = ENABLED
2021-10-30 12:28:21 mute_replay_warnings = DISABLED
2021-10-30 12:28:21 replay_window = 64
2021-10-30 12:28:21 replay_time = 15
2021-10-30 12:28:21 packet_id_file = '[UNDEF]'
2021-10-30 12:28:21 test_crypto = DISABLED
2021-10-30 12:28:21 tls_server = DISABLED
2021-10-30 12:28:21 tls_client = ENABLED
2021-10-30 12:28:21 key_method = 2
2021-10-30 12:28:21 ca_file = '[[INLINE]]'
2021-10-30 12:28:21 ca_path = '[UNDEF]'
2021-10-30 12:28:21 dh_file = '[UNDEF]'
2021-10-30 12:28:21 cert_file = '[[INLINE]]'
2021-10-30 12:28:21 extra_certs_file = '[UNDEF]'
2021-10-30 12:28:21 priv_key_file = '[[INLINE]]'
2021-10-30 12:28:21 pkcs12_file = '[UNDEF]'
2021-10-30 12:28:21 cipher_list = '[UNDEF]'
2021-10-30 12:28:21 cipher_list_tls13 = '[UNDEF]'
2021-10-30 12:28:21 tls_cert_profile = '[UNDEF]'
2021-10-30 12:28:21 tls_verify = '[UNDEF]'
2021-10-30 12:28:21 tls_export_cert = '[UNDEF]'
2021-10-30 12:28:21 verify_x509_type = 0
2021-10-30 12:28:21 verify_x509_name = '[UNDEF]'
2021-10-30 12:28:21 crl_file = '[UNDEF]'
2021-10-30 12:28:21 ns_cert_type = 0
2021-10-30 12:28:21 remote_cert_ku = 0
2021-10-30 12:28:21 remote_cert_ku = 0
2021-10-30 12:28:21 remote_cert_ku = 0
2021-10-30 12:28:21 remote_cert_ku = 0
2021-10-30 12:28:21 remote_cert_ku = 0
2021-10-30 12:28:21 remote_cert_ku = 0
2021-10-30 12:28:21 remote_cert_ku = 0
2021-10-30 12:28:21 remote_cert_ku = 0
2021-10-30 12:28:21 remote_cert_ku = 0
2021-10-30 12:28:21 remote_cert_ku = 0
2021-10-30 12:28:21 remote_cert_ku = 0
2021-10-30 12:28:21 remote_cert_ku = 0
2021-10-30 12:28:21 remote_cert_ku = 0
2021-10-30 12:28:21 remote_cert_ku = 0
2021-10-30 12:28:21 remote_cert_ku = 0
2021-10-30 12:28:21 remote_cert_ku = 0
2021-10-30 12:28:21 remote_cert_eku = '[UNDEF]'
2021-10-30 12:28:21 ssl_flags = 0
2021-10-30 12:28:21 tls_timeout = 2
2021-10-30 12:28:21 renegotiate_bytes = -1
2021-10-30 12:28:21 renegotiate_packets = 0
2021-10-30 12:28:21 renegotiate_seconds = 3600
2021-10-30 12:28:21 handshake_window = 60
2021-10-30 12:28:21 transition_window = 3600
2021-10-30 12:28:21 single_session = DISABLED
2021-10-30 12:28:21 push_peer_info = DISABLED
2021-10-30 12:28:21 tls_exit = DISABLED
2021-10-30 12:28:21 tls_crypt_v2_metadata = '[UNDEF]'
2021-10-30 12:28:21 client = ENABLED
2021-10-30 12:28:21 pull = ENABLED
2021-10-30 12:28:21 auth_user_pass_file = '[UNDEF]'
2021-10-30 12:28:21 OpenVPN 2.5-icsopenvpn [git:icsopenvpn/v0.7.16-0-ga0ab2fa3] arm64-v8a [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on May 6 2020
2021-10-30 12:28:21 library versions: OpenSSL 1.1.1g 21 Apr 2020, LZO 2.10
2021-10-30 12:28:21 MANAGEMENT: Connected to management server at /data/user/0/de.blinkt.openvpn/cache/mgmtsocket
2021-10-30 12:28:21 MANAGEMENT: CMD 'version 3'
2021-10-30 12:28:21 MANAGEMENT: CMD 'hold release'
2021-10-30 12:28:21 MANAGEMENT: CMD 'bytecount 2'
2021-10-30 12:28:21 MANAGEMENT: CMD 'state on'
2021-10-30 12:28:21 MANAGEMENT: >STATE:1635589701,RESOLVE,,,,,,
2021-10-30 12:28:21 MANAGEMENT: CMD 'proxy NONE'
2021-10-30 12:28:22 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
2021-10-30 12:28:22 WARNING: INSECURE cipher (BF-CBC) with block size less than 128 bit (64 bit). This allows attacks like SWEET32. Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
2021-10-30 12:28:22 LZO compression initializing
2021-10-30 12:28:22 Control Channel MTU parms [ L:1622 D:1212 EF:38 EB:0 ET:0 EL:3 ]
2021-10-30 12:28:22 Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
2021-10-30 12:28:22 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
2021-10-30 12:28:22 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
2021-10-30 12:28:22 TCP/UDP: Preserving recently used remote address: [AF_INET]2.202.xxx.232:443
2021-10-30 12:28:22 Socket Buffers: R=[245760->245760] S=[245760->245760]
2021-10-30 12:28:22 MANAGEMENT: CMD 'needok 'PROTECTFD' ok'
2021-10-30 12:28:22 UDP link local: (not bound)
2021-10-30 12:28:22 UDP link remote: [AF_INET]2.202.xxx.232:443
2021-10-30 12:28:22 MANAGEMENT: >STATE:1635589702,WAIT,,,,,,
Config Server:
Config Client:dev tun
proto udp
port 443
ca /etc/openvpn/easy-rsa/keys/ca.crt
cert /etc/openvpn/easy-rsa/keys/server.crt
key /etc/openvpn/easy-rsa/keys/server.key
dh /etc/openvpn/easy-rsa/keys/dh2048.pem
user nobody
group nogroup
tls-server
tls-auth /etc/openvpn/easy-rsa/keys/ta.key 0
cipher AES-128-CBC
ifconfig 10.8.0.1 255.255.255.0
push "route-gateway 10.8.0.1"
push "route 192.168.178.0 255.255.255.0"
max-clients 4
mode server
route 192.168.88.0 255.255.255.0 10.8.0.150
route 192.168.87.0 255.255.255.0 10.8.0.151
push "dhcp-option DOMAIN 10.8.0.1"
push "redirect-gateway"
tun-mtu 1500
mssfix
persist-key
persist-tun
status /var/log/openvpn-status.log
verb 3
client-to-client
push "topology subnet"
topology subnet
log-append /var/log/openvpn
comp-lzo
keepalive 10 120
client-config-dir ccd
dev tun
#tls-client
proto udp
remote XXX.dyndns.org 443
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert Handy_XXX.crt
key Handy_XXX.key
tls-auth ta.key 1
secret ta.key
comp-lzo
verb 3
Vielen Dank
Gruß Rooki