Cannot connect to OpenVPN server

Software SW help
1

I have set up OpenVPN via LuCi, created a client and imported it in tunnelblick client on my Mac.
I get this loop in the tunnelblick log

2020-09-16 13:42:40.623910 MANAGEMENT: >STATE:1600256560,RESOLVE,

2020-09-16 13:42:40.653147 TCP/UDP: Preserving recently used remote address: [AF_INET]188.167.250.213:1194

2020-09-16 13:42:40.653231 Socket Buffers: R=[131072->131072] S=[131072->131072]

2020-09-16 13:42:40.653275 Attempting to establish TCP connection with [AF_INET]188.167.250.213:1194 [nonblock]

2020-09-16 13:42:40.653288 MANAGEMENT: >STATE:1600256560,TCP_CONNECT,

2020-09-16 13:42:41.728312 TCP connection established with [AF_INET]188.167.250.213:1194

2020-09-16 13:42:41.746522 TCP_CLIENT link local: (not bound)

2020-09-16 13:42:41.747123 TCP_CLIENT link remote: [AF_INET]188.167.250.213:1194

2020-09-16 13:42:41.775891 MANAGEMENT: >STATE:1600256561,WAIT,

2020-09-16 13:42:43.804207 Connection reset, restarting [-1]

2020-09-16 13:42:43.804423 SIGUSR1[soft,connection-reset] received, process restarting

2020-09-16 13:42:43.804478 MANAGEMENT: >STATE:1600256563,RECONNECTING,connection-reset,

2020-09-16 13:42:43.821515 MANAGEMENT: CMD ‘hold release’

and it won’t connect at all. What could be the problem please?

2

Have you tried to use UDP instead of TCP?

Please provide log records from your router (grep -e openvpn /var/log/messages); the last connect attempt would be enough.

3

yes, I have tried UDP as first thing, when it did not work I switched it to TCP.

Perhaps my nordvpn configuration is screwing things up? I followed this guide few days ago → https://support.nordvpn.com/Connectivity/Router/1047411192/OpenWRT-setup-with-NordVPN.htm

here are the logs from the command:

Sep 16 11:09:21 turris openvpn(nordvpn)[6340]: SENT CONTROL [xxxx]: ‘PUSH_REQUEST’ (status=1)

Sep 16 11:09:21 turris openvpn(nordvpn)[6340]: PUSH: Received control message: ‘PUSH_REPLY,redirect-gateway def1,dhcp-option DNS xxx.xxx.xxx.xxx,dhcp-option DNS xxx.xxx.xxx.xxx,sndbuf 524288,rcvbuf 524288,explicit-exit-notify,comp-lzo no,route-gateway 10.8.1.1,topology subnet,ping 60,ping-restart 180,ifconfig 10.8.1.3 255.255.255.0,peer-id 2,cipher AES-256-GCM’

Sep 16 11:09:21 turris openvpn(nordvpn)[6340]: OPTIONS IMPORT: timers and/or timeouts modified

Sep 16 11:09:21 turris openvpn(nordvpn)[6340]: OPTIONS IMPORT: explicit notify parm(s) modified

Sep 16 11:09:21 turris openvpn(nordvpn)[6340]: OPTIONS IMPORT: compression parms modified

Sep 16 11:09:21 turris openvpn(nordvpn)[6340]: OPTIONS IMPORT: --sndbuf/–rcvbuf options modified

Sep 16 11:09:21 turris openvpn(nordvpn)[6340]: Socket Buffers: R=[163840->327680] S=[163840->327680]

Sep 16 11:09:21 turris openvpn(nordvpn)[6340]: OPTIONS IMPORT: --ifconfig/up options modified

Sep 16 11:09:21 turris openvpn(nordvpn)[6340]: OPTIONS IMPORT: route options modified

Sep 16 11:09:21 turris openvpn(nordvpn)[6340]: OPTIONS IMPORT: route-related options modified

Sep 16 11:09:21 turris openvpn(nordvpn)[6340]: OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified

Sep 16 11:09:21 turris openvpn(nordvpn)[6340]: OPTIONS IMPORT: peer-id set

Sep 16 11:09:21 turris openvpn(nordvpn)[6340]: OPTIONS IMPORT: adjusting link_mtu to 1657

Sep 16 11:09:21 turris openvpn(nordvpn)[6340]: OPTIONS IMPORT: data channel crypto options modified

Sep 16 11:09:21 turris openvpn(nordvpn)[6340]: Data Channel: using negotiated cipher ‘AES-256-GCM’

Sep 16 11:09:21 turris openvpn(nordvpn)[6340]: Outgoing Data Channel: Cipher ‘AES-256-GCM’ initialized with 256 bit key

Sep 16 11:09:21 turris openvpn(nordvpn)[6340]: Incoming Data Channel: Cipher ‘AES-256-GCM’ initialized with 256 bit key

Sep 16 11:09:21 turris openvpn(nordvpn)[6340]: TUN/TAP device tun0 opened

Sep 16 11:09:21 turris openvpn(nordvpn)[6340]: TUN/TAP TX queue length set to 100

Sep 16 11:09:21 turris openvpn(nordvpn)[6340]: /sbin/ifconfig tun0 10.8.1.3 netmask 255.255.255.0 mtu 1500 broadcast 10.8.1.255

Sep 16 11:09:21 turris openvpn(nordvpn)[6340]: /usr/libexec/openvpn-hotplug up nordvpn tun0 1500 1585 10.8.1.3 255.255.255.0 init

Sep 16 11:09:21 turris openvpn(nordvpn)[6340]: /sbin/route add -net xxx.xxx.xxx.xxx netmask 255.255.255.255 gw 192.168.0.1

Sep 16 11:09:21 turris openvpn(nordvpn)[6340]: /sbin/route add -net 0.0.0.0 netmask 128.0.0.0 gw 10.8.1.1

Sep 16 11:09:21 turris openvpn(nordvpn)[6340]: /sbin/route add -net 128.0.0.0 netmask 128.0.0.0 gw 10.8.1.1

Sep 16 11:09:21 turris openvpn(nordvpn)[6340]: Initialization Sequence Completed

Sep 16 11:09:23 turris openvpn(nordvpn)[6340]: event_wait : Interrupted system call (code=4)

Sep 16 11:09:23 turris openvpn(nordvpn)[6340]: SIGTERM received, sending exit notification to peer

Sep 16 11:09:23 turris openvpn(server_turris)[6341]: /sbin/route del -net 10.111.111.0 netmask 255.255.255.0

Sep 16 11:09:23 turris openvpn(server_turris)[6341]: Closing TUN/TAP interface

Sep 16 11:09:23 turris openvpn(server_turris)[6341]: /sbin/ifconfig tun_turris 0.0.0.0

Sep 16 11:09:23 turris openvpn(server_turris)[6341]: /usr/libexec/openvpn-hotplug down server_turris tun_turris 1500 1623 10.111.111.1 10.111.111.2 init

Sep 16 11:09:23 turris openvpn(server_turris)[6341]: SIGTERM[hard,] received, process exiting

Sep 16 11:09:23 turris openvpn(server_turris)[7286]: OpenVPN 2.4.7 arm-openwrt-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]

Sep 16 11:09:23 turris openvpn(server_turris)[7286]: library versions: OpenSSL 1.1.1g 21 Apr 2020, LZO 2.10

Sep 16 11:09:23 turris openvpn(server_turris)[7286]: NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x. Be aware that this might create routing conflicts if you connect to the VPN server from public locations such as internet cafes that use the same subnet.

Sep 16 11:09:23 turris openvpn(server_turris)[7286]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

Sep 16 11:09:23 turris openvpn(server_turris)[7286]: Diffie-Hellman initialized with 2048 bit key

Sep 16 11:09:23 turris openvpn(server_turris)[7286]: TUN/TAP device tun_turris opened

Sep 16 11:09:23 turris openvpn(server_turris)[7286]: TUN/TAP TX queue length set to 100

Sep 16 11:09:23 turris openvpn(server_turris)[7286]: /sbin/ifconfig tun_turris 10.111.111.1 pointopoint 10.111.111.2 mtu 1500

Sep 16 11:09:23 turris openvpn(server_turris)[7286]: /usr/libexec/openvpn-hotplug up server_turris tun_turris 1500 1623 10.111.111.1 10.111.111.2 init

Sep 16 11:09:23 turris openvpn(server_turris)[7286]: /sbin/route add -net 10.111.111.0 netmask 255.255.255.0 gw 10.111.111.2

Sep 16 11:09:23 turris openvpn(server_turris)[7286]: Could not determine IPv4/IPv6 protocol. Using AF_INET

Sep 16 11:09:23 turris openvpn(server_turris)[7286]: Socket Buffers: R=[87380->87380] S=[16384->16384]

Sep 16 11:09:23 turris openvpn(server_turris)[7286]: Listening for incoming TCP connection on [AF_INET][undef]:1194

Sep 16 11:09:23 turris openvpn(server_turris)[7286]: TCPv4_SERVER link local (bound): [AF_INET][undef]:1194

Sep 16 11:09:23 turris openvpn(server_turris)[7286]: TCPv4_SERVER link remote: [AF_UNSPEC]

Sep 16 11:09:23 turris openvpn(server_turris)[7286]: MULTI: multi_init called, r=256 v=256

Sep 16 11:09:23 turris openvpn(server_turris)[7286]: IFCONFIG POOL: base=10.111.111.4 size=62, ipv6=0

Sep 16 11:09:23 turris openvpn(server_turris)[7286]: IFCONFIG POOL LIST

Sep 16 11:09:23 turris openvpn(server_turris)[7286]: MULTI: TCP INIT maxclients=1024 maxevents=1028

Sep 16 11:09:23 turris openvpn(server_turris)[7286]: Initialization Sequence Completed

Sep 16 11:09:24 turris openvpn(nordvpn)[6340]: /sbin/route del -net xxx.xxx.xxx.xxx netmask 255.255.255.255

Sep 16 11:09:24 turris openvpn(nordvpn)[6340]: /sbin/route del -net 0.0.0.0 netmask 128.0.0.0

Sep 16 11:09:24 turris openvpn(nordvpn)[6340]: /sbin/route del -net 128.0.0.0 netmask 128.0.0.0

Sep 16 11:09:24 turris openvpn(nordvpn)[6340]: Closing TUN/TAP interface

Sep 16 11:09:24 turris openvpn(nordvpn)[6340]: /sbin/ifconfig tun0 0.0.0.0

Sep 16 11:09:24 turris openvpn(nordvpn)[6340]: /usr/libexec/openvpn-hotplug down nordvpn tun0 1500 1585 10.8.1.3 255.255.255.0 init

Sep 16 11:09:24 turris openvpn(nordvpn)[6340]: SIGTERM[soft,exit-with-notification] received, process exiting

(Log redacted.)

4

Thank you for the log. It looks like something shots down the created sessions by sending SIGTERM signals. Please create a diagnostic file as described here: https://docs.turris.cz/basics/support/#getting-logs and send it to tech.support@turris.cz. We will look at it.

5

thank you, I have sent the logs to the team.

1 Like