OpenVPN между Manjaro Linux и Windows Server 2016, VPN устанавливает, но трафик не проходит через

Question

У меня дома есть Windows Server, который в этом сценарии является сервером OpenVPN. Мой клиент - Manjaro Linux (Arch Distro) в новейшей версии. Я хотел простой VPN плюс толчок вариантов днс. Адрес домашней сети моего сервера - 192.168.69.200, а диапазон адресов для соединения OpenVPN - 10.69.0.0/24. Параметры DNS не передаются в мой resolv.conf (но это проблема NetworkManager). Маршрут к 192.168.69.0/24 успешно добавлен, и устройство tun создано и ему назначен правильный IP-адрес. Тем не менее, когда я пытаюсь пинговать 192.168.69.200, ничего. Вот моя конфигурация сервера:

port 1194
proto udp
dev tun
ca ca.crt
cert muxi-at.crt
key muxi-at.key
dh dh2048.pem
topology subnet
server 10.69.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "route 192.168.69.0 255.255.255.0"
push "dhcp-option DNS 192.168.69.200"
push "dhcp-option DOMAIN muxi.at"
keepalive 10 120
cipher AES-256-CBC
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 4
explicit-exit-notify 1

Вот мой конфиг клиента:

client
dev tun
proto udp
remote muxi.at 1194
resolv-retry infinite
nobind
user nobody
group nobody
persist-key
persist-tun
ca ca.crt
cert johann-pad.crt
key johann-pad.key
remote-cert-tls server
cipher AES-256-CBC
verb 4

А теперь несколько выходов журнала, чтобы все округлить:

Сервер:

Mon Jul 30 10:11:45 2018 us=238102 Current Parameter Settings:
Mon Jul 30 10:11:45 2018 us=238102   config = 'server.ovpn'
Mon Jul 30 10:11:45 2018 us=238102   mode = 1
Mon Jul 30 10:11:45 2018 us=238102   show_ciphers = DISABLED
Mon Jul 30 10:11:45 2018 us=238102   show_digests = DISABLED
Mon Jul 30 10:11:45 2018 us=238102   show_engines = DISABLED
Mon Jul 30 10:11:45 2018 us=238102   genkey = DISABLED
Mon Jul 30 10:11:45 2018 us=238102   key_pass_file = '[UNDEF]'
Mon Jul 30 10:11:45 2018 us=238102   show_tls_ciphers = DISABLED
Mon Jul 30 10:11:45 2018 us=238102   connect_retry_max = 0
Mon Jul 30 10:11:45 2018 us=238102 Connection profiles [0]:
Mon Jul 30 10:11:45 2018 us=238102   proto = udp
Mon Jul 30 10:11:45 2018 us=238102   local = '[UNDEF]'
Mon Jul 30 10:11:45 2018 us=238102   local_port = '1194'
Mon Jul 30 10:11:45 2018 us=238102   remote = '[UNDEF]'
Mon Jul 30 10:11:45 2018 us=239101   remote_port = '1194'
Mon Jul 30 10:11:45 2018 us=239101   remote_float = DISABLED
Mon Jul 30 10:11:45 2018 us=239101   bind_defined = DISABLED
Mon Jul 30 10:11:45 2018 us=239101   bind_local = ENABLED
Mon Jul 30 10:11:45 2018 us=239101   bind_ipv6_only = DISABLED
Mon Jul 30 10:11:45 2018 us=239101   connect_retry_seconds = 5
Mon Jul 30 10:11:45 2018 us=239101   connect_timeout = 120
Mon Jul 30 10:11:45 2018 us=239101   socks_proxy_server = '[UNDEF]'
Mon Jul 30 10:11:45 2018 us=239101   socks_proxy_port = '[UNDEF]'
Mon Jul 30 10:11:45 2018 us=239101   tun_mtu = 1500
Mon Jul 30 10:11:45 2018 us=241102   management_client_user = '[UNDEF]'
Mon Jul 30 10:11:45 2018 us=241102   management_client_group = '[UNDEF]'
Mon Jul 30 10:11:45 2018 us=241102   management_flags = 6
Mon Jul 30 10:11:45 2018 us=241102   shared_secret_file = '[UNDEF]'
Mon Jul 30 10:11:45 2018 us=241102   key_direction = not set
Mon Jul 30 10:11:45 2018 us=241102   ciphername = 'AES-256-CBC'
Mon Jul 30 10:11:45 2018 us=241102   ncp_enabled = ENABLED
Mon Jul 30 10:11:45 2018 us=241102   ncp_ciphers = 'AES-256-GCM:AES-128-
Mon Jul 30 10:11:45 2018 us=243102   tls_exit = DISABLED
Mon Jul 30 10:11:45 2018 us=243102   tls_auth_file = '[UNDEF]'
Mon Jul 30 10:11:45 2018 us=243102   tls_crypt_file = '[UNDEF]'
Mon Jul 30 10:11:45 2018 us=243102   pkcs11_protected_authentication = 
Mon Jul 30 10:11:45 2018 us=244102   server_network = 10.69.0.0
Mon Jul 30 10:11:45 2018 us=244102   server_netmask = 255.255.255.0
Mon Jul 30 10:11:45 2018 us=244102   server_network_ipv6 = ::
Mon Jul 30 10:11:45 2018 us=244102   server_netbits_ipv6 = 0
Mon Jul 30 10:11:45 2018 us=244102   server_bridge_ip = 0.0.0.0
Mon Jul 30 10:11:45 2018 us=244102   server_bridge_netmask = 0.0.0.0
Mon Jul 30 10:11:45 2018 us=244102   server_bridge_pool_start = 0.0.0.0
Mon Jul 30 10:11:45 2018 us=244102   server_bridge_pool_end = 0.0.0.0
Mon Jul 30 10:11:45 2018 us=244102   push_entry = 'route 192.168.69.0 255.255.255.0'
Mon Jul 30 10:11:45 2018 us=244102   push_entry = 'dhcp-option DNS 192.168.69.200'
Mon Jul 30 10:11:45 2018 us=244102   push_entry = 'dhcp-option DOMAIN muxi.at'
Mon Jul 30 10:11:45 2018 us=244102   push_entry = 'route-gateway 10.69.0.1'
Mon Jul 30 10:11:45 2018 us=244102   push_entry = 'topology subnet'
Mon Jul 30 10:11:45 2018 us=244102   push_entry = 'ping 10'
Mon Jul 30 10:11:45 2018 us=244102   push_entry = 'ping-restart 120'
Mon Jul 30 10:11:45 2018 us=245102   ifconfig_pool_defined = ENABLED
Mon Jul 30 10:11:45 2018 us=245102   ifconfig_pool_start = 10.69.0.2
Mon Jul 30 10:11:45 2018 us=245102   ifconfig_pool_end = 10.69.0.253
Mon Jul 30 10:11:45 2018 us=245102   ifconfig_pool_netmask = 255.255.255.0
Mon Jul 30 10:11:45 2018 us=245102   ifconfig_pool_persist_filename = 'ipp.txt'
Mon Jul 30 10:11:45 2018 us=245102   ifconfig_pool_persist_refresh_freq = 600
Mon Jul 30 10:11:45 2018 us=245102   ifconfig_ipv6_pool_defined = DISABLED
Mon Jul 30 10:11:45 2018 us=245102   ifconfig_ipv6_pool_base = ::
Mon Jul 30 10:11:45 2018 us=245102   ifconfig_ipv6_pool_netbits = 0
Mon Jul 30 10:11:45 2018 us=245102   n_bcast_buf = 256
Mon Jul 30 10:11:45 2018 us=245102   tcp_queue_limit = 64
Mon Jul 30 10:11:45 2018 us=245102   real_hash_size = 256
Mon Jul 30 10:11:45 2018 us=245102   virtual_hash_size = 256
Mon Jul 30 10:11:45 2018 us=245102   client_connect_script = '[UNDEF]'
Mon Jul 30 10:11:45 2018 us=245102   learn_address_script = '[UNDEF]'
Mon Jul 30 10:11:45 2018 us=245102   client_disconnect_script = '[UNDEF]'
Mon Jul 30 10:11:45 2018 us=245102   client_config_dir = '[UNDEF]'
Mon Jul 30 10:11:45 2018 us=245102   ccd_exclusive = DISABLED
Mon Jul 30 10:11:45 2018 us=245102   tmp_dir = 'C:\Users\ADMINI~1.MUX\AppData\Local\Temp\3\'
Mon Jul 30 10:11:45 2018 us=245102   push_ifconfig_defined = DISABLED
Mon Jul 30 10:11:45 2018 us=245102   push_ifconfig_local = 0.0.0.0
Mon Jul 30 10:11:45 2018 us=245102   push_ifconfig_remote_netmask = 0.0.0.0
Mon Jul 30 10:11:45 2018 us=245102   push_ifconfig_ipv6_defined = DISABLED
Mon Jul 30 10:11:45 2018 us=245102   push_ifconfig_ipv6_local = ::/0
Mon Jul 30 10:11:45 2018 us=245102   push_ifconfig_ipv6_remote = ::
Mon Jul 30 10:11:45 2018 us=245102   enable_c2c = ENABLED
Mon Jul 30 10:11:45 2018 us=245102   duplicate_cn = DISABLED
Mon Jul 30 10:11:45 2018 us=245102   cf_max = 0
Mon Jul 30 10:11:45 2018 us=245102   cf_per = 0
Mon Jul 30 10:11:45 2018 us=245102   max_clients = 1024
Mon Jul 30 10:11:45 2018 us=245102   max_routes_per_client = 256
Mon Jul 30 10:11:45 2018 us=245102   auth_user_pass_verify_script = '[UNDEF]'
Mon Jul 30 10:11:45 2018 us=245102   auth_user_pass_verify_script_via_file = DISABLED
Mon Jul 30 10:11:45 2018 us=245102   auth_token_generate = DISABLED
Mon Jul 30 10:11:45 2018 us=245102   auth_token_lifetime = 0
Mon Jul 30 10:11:45 2018 us=245102   client = DISABLED
Mon Jul 30 10:11:45 2018 us=246102   pull = DISABLED
Mon Jul 30 10:11:45 2018 us=246102   auth_user_pass_file = '[UNDEF]'
Mon Jul 30 10:11:45 2018 us=246102   show_net_up = DISABLED
Mon Jul 30 10:11:45 2018 us=246102   route_method = 0
Mon Jul 30 10:11:45 2018 us=246102   block_outside_dns = DISABLED
Mon Jul 30 10:11:45 2018 us=246102   ip_win32_defined = DISABLED
Mon Jul 30 10:11:45 2018 us=246102   ip_win32_type = 3
Mon Jul 30 10:11:45 2018 us=246102   dhcp_masq_offset = 0
Mon Jul 30 10:11:45 2018 us=246102   dhcp_lease_time = 31536000
Mon Jul 30 10:11:45 2018 us=246102   tap_sleep = 10
Mon Jul 30 10:11:45 2018 us=246102   dhcp_options = DISABLED
Mon Jul 30 10:11:45 2018 us=246102   dhcp_renew = DISABLED
Mon Jul 30 10:11:45 2018 us=246102   dhcp_pre_release = DISABLED
Mon Jul 30 10:11:45 2018 us=246102   domain = '[UNDEF]'
Mon Jul 30 10:11:45 2018 us=246102   netbios_scope = '[UNDEF]'
Mon Jul 30 10:11:45 2018 us=246102   netbios_node_type = 0
Mon Jul 30 10:11:45 2018 us=246102   disable_nbt = DISABLED
Mon Jul 30 10:11:45 2018 us=246102 OpenVPN 2.4.6 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Apr 26 2018
Mon Jul 30 10:11:45 2018 us=246102 Windows version 6.2 (Windows 8 or greater) 64bit
Mon Jul 30 10:11:45 2018 us=246102 library versions: OpenSSL 1.1.0h  27 Mar 2018, LZO 2.10
Enter Management Password:
Mon Jul 30 10:11:45 2018 us=248035 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Mon Jul 30 10:11:45 2018 us=248035 Need hold release from management interface, waiting...
Mon Jul 30 10:11:45 2018 us=677305 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Mon Jul 30 10:11:45 2018 us=778947 MANAGEMENT: CMD 'state on'
Mon Jul 30 10:11:45 2018 us=778947 MANAGEMENT: CMD 'log all on'
Mon Jul 30 10:11:46 2018 us=238888 MANAGEMENT: CMD 'echo all on'
Mon Jul 30 10:11:46 2018 us=244887 MANAGEMENT: CMD 'bytecount 5'
Mon Jul 30 10:11:46 2018 us=249887 MANAGEMENT: CMD 'hold off'
Mon Jul 30 10:11:46 2018 us=254887 MANAGEMENT: CMD 'hold release'
Mon Jul 30 10:11:46 2018 us=270889 Diffie-Hellman initialized with 2048 bit key
Mon Jul 30 10:11:46 2018 us=273892 TLS-Auth MTU parms [ L:1621 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Mon Jul 30 10:11:46 2018 us=274890 interactive service msg_channel=0
Mon Jul 30 10:11:46 2018 us=274890 open_tun
Mon Jul 30 10:11:46 2018 us=278892 TAP-WIN32 device [Ethernet 2] opened: \\.\Global\{370D5061-B8FA-492B-823B-51FBAF758728}.tap
Mon Jul 30 10:11:46 2018 us=279889 TAP-Windows Driver Version 9.21 
Mon Jul 30 10:11:46 2018 us=279889 TAP-Windows MTU=1500
Mon Jul 30 10:11:46 2018 us=285893 Set TAP-Windows TUN subnet mode network/local/netmask = 10.69.0.0/10.69.0.1/255.255.255.0 [SUCCEEDED]
Mon Jul 30 10:11:46 2018 us=285893 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.69.0.1/255.255.255.0 on interface {370D5061-B8FA-492B-823B-51FBAF758728} [DHCP-serv: 10.69.0.254, lease-time: 31536000]
Mon Jul 30 10:11:46 2018 us=286889 Sleeping for 10 seconds...
Mon Jul 30 10:11:56 2018 us=292720 Successful ARP Flush on interface [12] {370D5061-B8FA-492B-823B-51FBAF758728}
Mon Jul 30 10:11:56 2018 us=301641 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Mon Jul 30 10:11:56 2018 us=301641 MANAGEMENT: >STATE:1532938316,ASSIGN_IP,,10.69.0.1,,,,
Mon Jul 30 10:11:56 2018 us=302641 Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
Mon Jul 30 10:11:56 2018 us=302641 Could not determine IPv4/IPv6 protocol. Using AF_INET6
Mon Jul 30 10:11:56 2018 us=302641 Socket Buffers: R=[65536->65536] S=[65536->65536]
Mon Jul 30 10:11:56 2018 us=302641 setsockopt(IPV6_V6ONLY=0)
Mon Jul 30 10:11:56 2018 us=303641 UDPv6 link local (bound): [AF_INET6][undef]:1194
Mon Jul 30 10:11:56 2018 us=303641 UDPv6 link remote: [AF_UNSPEC]
Mon Jul 30 10:11:56 2018 us=303641 MULTI: multi_init called, r=256 v=256
Mon Jul 30 10:11:56 2018 us=303641 IFCONFIG POOL: base=10.69.0.2 size=252, ipv6=0
Mon Jul 30 10:11:56 2018 us=303641 ifconfig_pool_read(), in='johann-pad,10.69.0.2', TODO: IPv6
Mon Jul 30 10:11:56 2018 us=303641 succeeded -> ifconfig_pool_set()
Mon Jul 30 10:11:56 2018 us=304641 IFCONFIG POOL LIST
Mon Jul 30 10:11:56 2018 us=304641 johann-pad,10.69.0.2
Mon Jul 30 10:11:56 2018 us=304641 Initialization Sequence Completed
Mon Jul 30 10:11:56 2018 us=304641 MANAGEMENT: >STATE:1532938316,CONNECTED,SUCCESS,10.69.0.1,,,,
Mon Jul 30 10:16:37 2018 us=659163 MULTI: multi_create_instance called
Mon Jul 30 10:16:37 2018 us=659163 46.125.249.62 Re-using SSL/TLS context
Mon Jul 30 10:16:37 2018 us=659163 46.125.249.62 Control Channel MTU parms [ L:1621 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Mon Jul 30 10:16:37 2018 us=659163 46.125.249.62 Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
Mon Jul 30 10:16:37 2018 us=660086 46.125.249.62 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1557,tun-mtu 1500,proto UDPv4,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-server'
Mon Jul 30 10:16:37 2018 us=660086 46.125.249.62 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1557,tun-mtu 1500,proto UDPv4,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-client'
Mon Jul 30 10:16:37 2018 us=660086 46.125.249.62 TLS: Initial packet from [AF_INET6]::ffff:46.125.249.62:22475, sid=6682eaa3 bc5c637a
Mon Jul 30 10:16:37 2018 us=837153 46.125.249.62 VERIFY OK: depth=1, C=AT, ST=Vienna, L=Vienna, O=Privat, OU=OU, CN=muxi.at, name=Max Maier, emailAddress=kek
Mon Jul 30 10:16:37 2018 us=838153 46.125.249.62 VERIFY OK: depth=0, C=AT, ST=Vienna, L=Vienna, O=Privat, OU=OU, CN=johann-pad, name=Max Maier, emailAddress=kek
Mon Jul 30 10:16:37 2018 us=882235 46.125.249.62 peer info: IV_VER=2.4.6
Mon Jul 30 10:16:37 2018 us=882235 46.125.249.62 peer info: IV_PLAT=linux
Mon Jul 30 10:16:37 2018 us=882235 46.125.249.62 peer info: IV_PROTO=2
Mon Jul 30 10:16:37 2018 us=882235 46.125.249.62 peer info: IV_NCP=2
Mon Jul 30 10:16:37 2018 us=882235 46.125.249.62 peer info: IV_LZ4=1
Mon Jul 30 10:16:37 2018 us=882235 46.125.249.62 peer info: IV_LZ4v2=1
Mon Jul 30 10:16:37 2018 us=882235 46.125.249.62 peer info: IV_LZO=1
Mon Jul 30 10:16:37 2018 us=882235 46.125.249.62 peer info: IV_COMP_STUB=1
Mon Jul 30 10:16:37 2018 us=882235 46.125.249.62 peer info: IV_COMP_STUBv2=1
Mon Jul 30 10:16:37 2018 us=882235 46.125.249.62 peer info: IV_TCPNL=1
Mon Jul 30 10:16:37 2018 us=915237 46.125.249.62 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
Mon Jul 30 10:16:37 2018 us=915237 46.125.249.62 [johann-pad] Peer Connection Initiated with [AF_INET6]::ffff:46.125.249.62:22475
Mon Jul 30 10:16:37 2018 us=916156 johann-pad/46.125.249.62 MULTI_sva: pool returned IPv4=10.69.0.2, IPv6=(Not enabled)
Mon Jul 30 10:16:37 2018 us=916156 johann-pad/46.125.249.62 MULTI: Learn: 10.69.0.2 -> johann-pad/46.125.249.62
Mon Jul 30 10:16:37 2018 us=916156 johann-pad/46.125.249.62 MULTI: primary virtual IP for johann-pad/46.125.249.62: 10.69.0.2
Mon Jul 30 10:16:39 2018 us=70985 johann-pad/46.125.249.62 PUSH: Received control message: 'PUSH_REQUEST'
Mon Jul 30 10:16:39 2018 us=70985 johann-pad/46.125.249.62 SENT CONTROL [johann-pad]: 'PUSH_REPLY,route 192.168.69.0 255.255.255.0,dhcp-option DNS 192.168.69.200,dhcp-option DOMAIN muxi.at,route-gateway 10.69.0.1,topology subnet,ping 10,ping-restart 120,ifconfig 10.69.0.2 255.255.255.0,peer-id 0,cipher AES-256-GCM' (status=1)
Mon Jul 30 10:16:39 2018 us=70985 johann-pad/46.125.249.62 Data Channel: using negotiated cipher 'AES-256-GCM'
Mon Jul 30 10:16:39 2018 us=70985 johann-pad/46.125.249.62 Data Channel MTU parms [ L:1549 D:1450 EF:49 EB:406 ET:0 EL:3 ]
Mon Jul 30 10:16:39 2018 us=71986 johann-pad/46.125.249.62 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Mon Jul 30 10:16:39 2018 us=71986 johann-pad/46.125.249.62 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Mon Jul 30 10:21:25 2018 us=192651 johann-pad/46.125.249.62 [johann-pad] Inactivity timeout (--ping-restart), restarting
Mon Jul 30 10:21:25 2018 us=192651 johann-pad/46.125.249.62 SIGUSR1[soft,ping-restart] received, client-instance restarting
Mon Jul 30 10:22:23 2018 us=681125 MULTI: multi_create_instance called
Mon Jul 30 10:22:23 2018 us=681125 46.125.249.62 Re-using SSL/TLS context
Mon Jul 30 10:22:23 2018 us=681125 46.125.249.62 Control Channel MTU parms [ L:1621 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Mon Jul 30 10:22:23 2018 us=681125 46.125.249.62 Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
Mon Jul 30 10:22:23 2018 us=681125 46.125.249.62 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1557,tun-mtu 1500,proto UDPv4,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-server'
Mon Jul 30 10:22:23 2018 us=681125 46.125.249.62 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1557,tun-mtu 1500,proto UDPv4,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-client'
Mon Jul 30 10:22:23 2018 us=681125 46.125.249.62 TLS: Initial packet from [AF_INET6]::ffff:46.125.249.62:22476, sid=9a4e2a35 85429d9e
Mon Jul 30 10:22:23 2018 us=848831 46.125.249.62 VERIFY OK: depth=1, C=AT, ST=Vienna, L=Vienna, O=Privat, OU=OU, CN=muxi.at, name=Max Maier, emailAddress=kek
Mon Jul 30 10:22:23 2018 us=849830 46.125.249.62 VERIFY OK: depth=0, C=AT, ST=Vienna, L=Vienna, O=Privat, OU=OU, CN=johann-pad, name=Max Maier, emailAddress=kek
Mon Jul 30 10:22:23 2018 us=909473 46.125.249.62 peer info: IV_VER=2.4.6
Mon Jul 30 10:22:23 2018 us=909473 46.125.249.62 peer info: IV_PLAT=linux
Mon Jul 30 10:22:23 2018 us=909473 46.125.249.62 peer info: IV_PROTO=2
Mon Jul 30 10:22:23 2018 us=909473 46.125.249.62 peer info: IV_NCP=2
Mon Jul 30 10:22:23 2018 us=909473 46.125.249.62 peer info: IV_LZ4=1
Mon Jul 30 10:22:23 2018 us=909473 46.125.249.62 peer info: IV_LZ4v2=1
Mon Jul 30 10:22:23 2018 us=909473 46.125.249.62 peer info: IV_LZO=1
Mon Jul 30 10:22:23 2018 us=909473 46.125.249.62 peer info: IV_COMP_STUB=1
Mon Jul 30 10:22:23 2018 us=909473 46.125.249.62 peer info: IV_COMP_STUBv2=1
Mon Jul 30 10:22:23 2018 us=909473 46.125.249.62 peer info: IV_TCPNL=1
Mon Jul 30 10:22:23 2018 us=956686 46.125.249.62 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
Mon Jul 30 10:22:23 2018 us=956686 46.125.249.62 [johann-pad] Peer Connection Initiated with [AF_INET6]::ffff:46.125.249.62:22476
Mon Jul 30 10:22:23 2018 us=956686 johann-pad/46.125.249.62 MULTI_sva: pool returned IPv4=10.69.0.2, IPv6=(Not enabled)
Mon Jul 30 10:22:23 2018 us=957683 johann-pad/46.125.249.62 MULTI: Learn: 10.69.0.2 -> johann-pad/46.125.249.62
Mon Jul 30 10:22:23 2018 us=957683 johann-pad/46.125.249.62 MULTI: primary virtual IP for johann-pad/46.125.249.62: 10.69.0.2
Mon Jul 30 10:22:25 2018 us=108082 johann-pad/46.125.249.62 PUSH: Received control message: 'PUSH_REQUEST'
Mon Jul 30 10:22:25 2018 us=108082 johann-pad/46.125.249.62 SENT CONTROL [johann-pad]: 'PUSH_REPLY,route 192.168.69.0 255.255.255.0,dhcp-option DNS 192.168.69.200,dhcp-option DOMAIN muxi.at,route-gateway 10.69.0.1,topology subnet,ping 10,ping-restart 120,ifconfig 10.69.0.2 255.255.255.0,peer-id 0,cipher AES-256-GCM' (status=1)
Mon Jul 30 10:22:25 2018 us=108082 johann-pad/46.125.249.62 Data Channel: using negotiated cipher 'AES-256-GCM'
Mon Jul 30 10:22:25 2018 us=108082 johann-pad/46.125.249.62 Data Channel MTU parms [ L:1549 D:1450 EF:49 EB:406 ET:0 EL:3 ]
Mon Jul 30 10:22:25 2018 us=108082 johann-pad/46.125.249.62 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Mon Jul 30 10:22:25 2018 us=108082 johann-pad/46.125.249.62 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Mon Jul 30 10:23:45 2018 us=469757 MULTI: multi_create_instance called
Mon Jul 30 10:23:45 2018 us=469757 46.125.249.62 Re-using SSL/TLS context
Mon Jul 30 10:23:45 2018 us=469757 46.125.249.62 Control Channel MTU parms [ L:1621 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Mon Jul 30 10:23:45 2018 us=469757 46.125.249.62 Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
Mon Jul 30 10:23:45 2018 us=469757 46.125.249.62 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1557,tun-mtu 1500,proto UDPv4,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-server'
Mon Jul 30 10:23:45 2018 us=469757 46.125.249.62 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1557,tun-mtu 1500,proto UDPv4,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-client'
Mon Jul 30 10:23:45 2018 us=469757 46.125.249.62 TLS: Initial packet from [AF_INET6]::ffff:46.125.249.62:22477, sid=9c33023e 1518749c
Mon Jul 30 10:23:45 2018 us=641242 46.125.249.62 VERIFY OK: depth=1, C=AT, ST=Vienna, L=Vienna, O=Privat, OU=OU, CN=muxi.at, name=Max Maier, emailAddress=kek
Mon Jul 30 10:23:45 2018 us=642243 46.125.249.62 VERIFY OK: depth=0, C=AT, ST=Vienna, L=Vienna, O=Privat, OU=OU, CN=johann-pad, name=Max Maier, emailAddress=kek
Mon Jul 30 10:23:45 2018 us=691307 46.125.249.62 peer info: IV_VER=2.4.6
Mon Jul 30 10:23:45 2018 us=691307 46.125.249.62 peer info: IV_PLAT=linux
Mon Jul 30 10:23:45 2018 us=691307 46.125.249.62 peer info: IV_PROTO=2
Mon Jul 30 10:23:45 2018 us=691307 46.125.249.62 peer info: IV_NCP=2
Mon Jul 30 10:23:45 2018 us=691307 46.125.249.62 peer info: IV_LZ4=1
Mon Jul 30 10:23:45 2018 us=691307 46.125.249.62 peer info: IV_LZ4v2=1
Mon Jul 30 10:23:45 2018 us=691307 46.125.249.62 peer info: IV_LZO=1
Mon Jul 30 10:23:45 2018 us=691307 46.125.249.62 peer info: IV_COMP_STUB=1
Mon Jul 30 10:23:45 2018 us=691307 46.125.249.62 peer info: IV_COMP_STUBv2=1
Mon Jul 30 10:23:45 2018 us=691307 46.125.249.62 peer info: IV_TCPNL=1
Mon Jul 30 10:23:45 2018 us=724308 46.125.249.62 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
Mon Jul 30 10:23:45 2018 us=724308 46.125.249.62 [johann-pad] Peer Connection Initiated with [AF_INET6]::ffff:46.125.249.62:22477
Mon Jul 30 10:23:45 2018 us=724308 MULTI: new connection by client 'johann-pad' will cause previous active sessions by this client to be dropped.  Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
Mon Jul 30 10:23:45 2018 us=724308 MULTI_sva: pool returned IPv4=10.69.0.2, IPv6=(Not enabled)
Mon Jul 30 10:23:45 2018 us=724308 MULTI: Learn: 10.69.0.2 -> johann-pad/46.125.249.62
Mon Jul 30 10:23:45 2018 us=725244 MULTI: primary virtual IP for johann-pad/46.125.249.62: 10.69.0.2
Mon Jul 30 10:23:46 2018 us=808942 johann-pad/46.125.249.62 PUSH: Received control message: 'PUSH_REQUEST'
Mon Jul 30 10:23:46 2018 us=808942 johann-pad/46.125.249.62 SENT CONTROL [johann-pad]: 'PUSH_REPLY,route 192.168.69.0 255.255.255.0,dhcp-option DNS 192.168.69.200,dhcp-option DOMAIN muxi.at,route-gateway 10.69.0.1,topology subnet,ping 10,ping-restart 120,ifconfig 10.69.0.2 255.255.255.0,peer-id 1,cipher AES-256-GCM' (status=1)
Mon Jul 30 10:23:46 2018 us=808942 johann-pad/46.125.249.62 Data Channel: using negotiated cipher 'AES-256-GCM'
Mon Jul 30 10:23:46 2018 us=809861 johann-pad/46.125.249.62 Data Channel MTU parms [ L:1549 D:1450 EF:49 EB:406 ET:0 EL:3 ]
Mon Jul 30 10:23:46 2018 us=809861 johann-pad/46.125.249.62 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Mon Jul 30 10:23:46 2018 us=809861 johann-pad/46.125.249.62 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key

Клиент:

Mon Jul 30 10:23:45 2018 WARNING: file 'johann-pad.key' is group or others accessible
Mon Jul 30 10:23:45 2018 OpenVPN 2.4.6 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Apr 24 2018
Mon Jul 30 10:23:45 2018 library versions: OpenSSL 1.1.0h  27 Mar 2018, LZO 2.10
Mon Jul 30 10:23:45 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]84.113.131.29:1194
Mon Jul 30 10:23:45 2018 Socket Buffers: R=[212992->212992] S=[212992->212992]
Mon Jul 30 10:23:45 2018 UDP link local: (not bound)
Mon Jul 30 10:23:45 2018 UDP link remote: [AF_INET]84.113.131.29:1194
Mon Jul 30 10:23:45 2018 NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
Mon Jul 30 10:23:45 2018 TLS: Initial packet from [AF_INET]84.113.131.29:1194, sid=5a41de68 a1cf8ed2
Mon Jul 30 10:23:45 2018 VERIFY OK: depth=1, C=AT, ST=Vienna, L=Vienna, O=Privat, OU=OU, CN=muxi.at, name=Max Maier, emailAddress=kek
Mon Jul 30 10:23:45 2018 VERIFY KU OK
Mon Jul 30 10:23:45 2018 Validating certificate extended key usage
Mon Jul 30 10:23:45 2018 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Mon Jul 30 10:23:45 2018 VERIFY EKU OK
Mon Jul 30 10:23:45 2018 VERIFY OK: depth=0, C=AT, ST=Vienna, L=Vienna, O=Privat, OU=OU, CN=muxi.at, name=Max Maier, emailAddress=kek
Mon Jul 30 10:23:45 2018 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
Mon Jul 30 10:23:45 2018 [muxi.at] Peer Connection Initiated with [AF_INET]84.113.131.29:1194
Mon Jul 30 10:23:46 2018 SENT CONTROL [muxi.at]: 'PUSH_REQUEST' (status=1)
Mon Jul 30 10:23:46 2018 PUSH: Received control message: 'PUSH_REPLY,route 192.168.69.0 255.255.255.0,dhcp-option DNS 192.168.69.200,dhcp-option DOMAIN muxi.at,route-gateway 10.69.0.1,topology subnet,ping 10,ping-restart 120,ifconfig 10.69.0.2 255.255.255.0,peer-id 1,cipher AES-256-GCM'
Mon Jul 30 10:23:46 2018 OPTIONS IMPORT: timers and/or timeouts modified
Mon Jul 30 10:23:46 2018 OPTIONS IMPORT: --ifconfig/up options modified
Mon Jul 30 10:23:46 2018 OPTIONS IMPORT: route options modified
Mon Jul 30 10:23:46 2018 OPTIONS IMPORT: route-related options modified
Mon Jul 30 10:23:46 2018 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Mon Jul 30 10:23:46 2018 OPTIONS IMPORT: peer-id set
Mon Jul 30 10:23:46 2018 OPTIONS IMPORT: adjusting link_mtu to 1624
Mon Jul 30 10:23:46 2018 OPTIONS IMPORT: data channel crypto options modified
Mon Jul 30 10:23:46 2018 Data Channel: using negotiated cipher 'AES-256-GCM'
Mon Jul 30 10:23:46 2018 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Mon Jul 30 10:23:46 2018 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Mon Jul 30 10:23:46 2018 ROUTE_GATEWAY 192.168.43.1/255.255.255.0 IFACE=wlp5s0 HWADDR=f8:28:19:cc:26:ef
Mon Jul 30 10:23:46 2018 TUN/TAP device tun0 opened
Mon Jul 30 10:23:46 2018 TUN/TAP TX queue length set to 100
Mon Jul 30 10:23:46 2018 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Mon Jul 30 10:23:46 2018 /usr/bin/ip link set dev tun0 up mtu 1500
Mon Jul 30 10:23:46 2018 /usr/bin/ip addr add dev tun0 10.69.0.2/24 broadcast 10.69.0.255
Mon Jul 30 10:23:46 2018 /usr/bin/ip route add 192.168.69.0/24 via 10.69.0.1
Mon Jul 30 10:23:46 2018 GID set to nobody
Mon Jul 30 10:23:46 2018 UID set to nobody
Mon Jul 30 10:23:46 2018 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Mon Jul 30 10:23:46 2018 Initialization Sequence Completed

Вот некоторые результаты команды

ip a:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: enp4s0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc fq_codel state DOWN group default qlen 1000
    link/ether 54:e1:ad:91:aa:03 brd ff:ff:ff:ff:ff:ff
3: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
    link/ether 52:54:00:d2:90:f1 brd ff:ff:ff:ff:ff:ff
    inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
       valid_lft forever preferred_lft forever
4: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc fq_codel master virbr0 state DOWN group default qlen 1000
    link/ether 52:54:00:d2:90:f1 brd ff:ff:ff:ff:ff:ff
5: wlp5s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether f8:28:19:cc:26:ef brd ff:ff:ff:ff:ff:ff
    inet 192.168.43.204/24 brd 192.168.43.255 scope global dynamic noprefixroute wlp5s0
       valid_lft 2669sec preferred_lft 2669sec
    inet6 fe80::5993:8ec8:4639:a2a/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
14: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UNKNOWN group default qlen 100
    link/none 
    inet 10.69.0.2/24 brd 10.69.0.255 scope global tun0
       valid_lft forever preferred_lft forever
    inet6 fe80::e15e:1efc:7b76:1902/64 scope link stable-privacy 
       valid_lft forever preferred_lft forever

ip route show:

default via 192.168.43.1 dev wlp5s0 proto dhcp metric 600 
10.69.0.0/24 dev tun0 proto kernel scope link src 10.69.0.2 
192.168.43.0/24 dev wlp5s0 proto kernel scope link src 192.168.43.204 metric 600 
192.168.69.0/24 via 10.69.0.1 dev tun0 
192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1 linkdown

Мне пришлось пропустить некоторые выходные данные из журналов OpenVPN Server из-за ограничения по количеству символов, если отсутствует какая-либо важная информация, пожалуйста, дайте мне знать. Заранее спасибо.

OpenVPN между Manjaro Linux и Windows Server 2016, VPN устанавливает, но трафик не проходит через

0

Знаете кого-то, кто может ответить? Поделитесь ссылкой на этот вопрос по почте, через Твиттер или Facebook.

Похожие