> > Once I switch the 2.6.5 windows client (with DCO) to UDP mode, we > > still have fast downstream (measured on the client, 644Mbit/s) but > > only 0.76Mbit/s upstream. > > Interesting. We haven't seen this before.
Thought so, > > So it's some sort of DCO issue -- but only with UDP. Any ideas how we > > could examine it further? > > Anything interesting in server/client logs with verb 4? Attached are the verb 4 logs from the client mssfix 1400 makes no difference, though > Logs from the DCO driver could be helpful. I'll try that, but currently I have no elevated privileges on that machine. > Does it reproduce on different client machines? Not sure yet. -- Ralf Hildebrandt Charité - Universitätsmedizin Berlin Geschäftsbereich IT | Abteilung Netzwerk Campus Benjamin Franklin (CBF) Haus I | 1. OG | Raum 105 Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 ralf.hildebra...@charite.de https://www.charite.de
2023-08-14 12:54:38 us=859000 Current Parameter Settings: 2023-08-14 12:54:38 us=859000 config = 'chariteAD.ovpn' 2023-08-14 12:54:38 us=859000 mode = 0 2023-08-14 12:54:38 us=859000 show_ciphers = DISABLED 2023-08-14 12:54:38 us=859000 show_digests = DISABLED 2023-08-14 12:54:38 us=859000 show_engines = DISABLED 2023-08-14 12:54:38 us=859000 genkey = DISABLED 2023-08-14 12:54:38 us=859000 genkey_filename = '[UNDEF]' 2023-08-14 12:54:38 us=859000 key_pass_file = '[UNDEF]' 2023-08-14 12:54:38 us=859000 show_tls_ciphers = DISABLED 2023-08-14 12:54:38 us=859000 connect_retry_max = 0 2023-08-14 12:54:38 us=859000 Connection profiles [0]: 2023-08-14 12:54:38 us=859000 proto = udp 2023-08-14 12:54:38 us=859000 local = '[UNDEF]' 2023-08-14 12:54:38 us=859000 local_port = '[UNDEF]' 2023-08-14 12:54:38 us=859000 remote = '193.175.73.163' 2023-08-14 12:54:38 us=859000 remote_port = '1194' 2023-08-14 12:54:38 us=859000 remote_float = DISABLED 2023-08-14 12:54:38 us=859000 bind_defined = DISABLED 2023-08-14 12:54:38 us=859000 bind_local = DISABLED 2023-08-14 12:54:38 us=859000 bind_ipv6_only = DISABLED 2023-08-14 12:54:38 us=859000 connect_retry_seconds = 1 2023-08-14 12:54:38 us=859000 connect_timeout = 120 2023-08-14 12:54:38 us=859000 socks_proxy_server = '[UNDEF]' 2023-08-14 12:54:38 us=859000 socks_proxy_port = '[UNDEF]' 2023-08-14 12:54:38 us=859000 tun_mtu = 1500 2023-08-14 12:54:38 us=859000 tun_mtu_defined = ENABLED 2023-08-14 12:54:38 us=859000 link_mtu = 1500 2023-08-14 12:54:38 us=859000 link_mtu_defined = DISABLED 2023-08-14 12:54:38 us=859000 tun_mtu_extra = 0 2023-08-14 12:54:38 us=859000 tun_mtu_extra_defined = DISABLED 2023-08-14 12:54:38 us=859000 tls_mtu = 1250 2023-08-14 12:54:38 us=859000 mtu_discover_type = -1 2023-08-14 12:54:38 us=859000 fragment = 0 2023-08-14 12:54:38 us=859000 mssfix = 1400 2023-08-14 12:54:38 us=859000 mssfix_encap = DISABLED 2023-08-14 12:54:38 us=859000 mssfix_fixed = DISABLED 2023-08-14 12:54:38 us=859000 explicit_exit_notification = 1 2023-08-14 12:54:38 us=859000 tls_auth_file = '[UNDEF]' 2023-08-14 12:54:38 us=859000 key_direction = not set 2023-08-14 12:54:38 us=859000 tls_crypt_file = '[INLINE]' 2023-08-14 12:54:38 us=859000 tls_crypt_v2_file = '[UNDEF]' 2023-08-14 12:54:38 us=859000 Connection profiles END 2023-08-14 12:54:38 us=859000 remote_random = ENABLED 2023-08-14 12:54:38 us=859000 ipchange = '[UNDEF]' 2023-08-14 12:54:38 us=859000 dev = 'tun' 2023-08-14 12:54:38 us=859000 dev_type = '[UNDEF]' 2023-08-14 12:54:38 us=859000 dev_node = '[UNDEF]' 2023-08-14 12:54:38 us=859000 tuntap_options.disable_dco = DISABLED 2023-08-14 12:54:38 us=859000 lladdr = '[UNDEF]' 2023-08-14 12:54:38 us=859000 topology = 1 2023-08-14 12:54:38 us=859000 ifconfig_local = '[UNDEF]' 2023-08-14 12:54:38 us=859000 ifconfig_remote_netmask = '[UNDEF]' 2023-08-14 12:54:38 us=859000 ifconfig_noexec = DISABLED 2023-08-14 12:54:38 us=859000 ifconfig_nowarn = DISABLED 2023-08-14 12:54:38 us=859000 ifconfig_ipv6_local = '[UNDEF]' 2023-08-14 12:54:38 us=859000 ifconfig_ipv6_netbits = 0 2023-08-14 12:54:38 us=859000 ifconfig_ipv6_remote = '[UNDEF]' 2023-08-14 12:54:38 us=859000 shaper = 0 2023-08-14 12:54:38 us=859000 mtu_test = 0 2023-08-14 12:54:38 us=859000 mlock = DISABLED 2023-08-14 12:54:38 us=859000 keepalive_ping = 0 2023-08-14 12:54:38 us=859000 keepalive_timeout = 0 2023-08-14 12:54:38 us=859000 inactivity_timeout = 0 2023-08-14 12:54:38 us=859000 session_timeout = 0 2023-08-14 12:54:38 us=859000 inactivity_minimum_bytes = 0 2023-08-14 12:54:38 us=859000 ping_send_timeout = 0 2023-08-14 12:54:38 us=859000 ping_rec_timeout = 0 2023-08-14 12:54:38 us=859000 ping_rec_timeout_action = 0 2023-08-14 12:54:38 us=859000 ping_timer_remote = DISABLED 2023-08-14 12:54:38 us=859000 remap_sigusr1 = 0 2023-08-14 12:54:38 us=859000 persist_tun = ENABLED 2023-08-14 12:54:38 us=859000 persist_local_ip = DISABLED 2023-08-14 12:54:38 us=859000 persist_remote_ip = DISABLED 2023-08-14 12:54:38 us=859000 persist_key = ENABLED 2023-08-14 12:54:38 us=859000 passtos = DISABLED 2023-08-14 12:54:38 us=859000 resolve_retry_seconds = 1000000000 2023-08-14 12:54:38 us=859000 resolve_in_advance = DISABLED 2023-08-14 12:54:38 us=859000 username = '[UNDEF]' 2023-08-14 12:54:38 us=859000 groupname = '[UNDEF]' 2023-08-14 12:54:38 us=859000 chroot_dir = '[UNDEF]' 2023-08-14 12:54:38 us=859000 cd_dir = '[UNDEF]' 2023-08-14 12:54:38 us=859000 writepid = '[UNDEF]' 2023-08-14 12:54:38 us=859000 up_script = '[UNDEF]' 2023-08-14 12:54:38 us=859000 down_script = '[UNDEF]' 2023-08-14 12:54:38 us=859000 down_pre = DISABLED 2023-08-14 12:54:38 us=859000 up_restart = DISABLED 2023-08-14 12:54:38 us=859000 up_delay = DISABLED 2023-08-14 12:54:38 us=859000 daemon = DISABLED 2023-08-14 12:54:38 us=859000 log = ENABLED 2023-08-14 12:54:38 us=859000 suppress_timestamps = DISABLED 2023-08-14 12:54:38 us=859000 machine_readable_output = DISABLED 2023-08-14 12:54:38 us=859000 nice = 0 2023-08-14 12:54:38 us=859000 verbosity = 4 2023-08-14 12:54:38 us=859000 mute = 0 2023-08-14 12:54:38 us=859000 status_file = '[UNDEF]' 2023-08-14 12:54:38 us=859000 status_file_version = 1 2023-08-14 12:54:38 us=859000 status_file_update_freq = 60 2023-08-14 12:54:38 us=859000 occ = ENABLED 2023-08-14 12:54:38 us=859000 rcvbuf = 0 2023-08-14 12:54:38 us=859000 sndbuf = 0 2023-08-14 12:54:38 us=859000 sockflags = 0 2023-08-14 12:54:38 us=859000 fast_io = DISABLED 2023-08-14 12:54:38 us=859000 comp.alg = 0 2023-08-14 12:54:38 us=859000 comp.flags = 152 2023-08-14 12:54:38 us=859000 route_script = '[UNDEF]' 2023-08-14 12:54:38 us=859000 route_default_gateway = '[UNDEF]' 2023-08-14 12:54:38 us=859000 route_default_metric = 0 2023-08-14 12:54:38 us=859000 route_noexec = DISABLED 2023-08-14 12:54:38 us=859000 route_delay = 0 2023-08-14 12:54:38 us=859000 route_delay_window = 30 2023-08-14 12:54:38 us=859000 route_delay_defined = DISABLED 2023-08-14 12:54:38 us=859000 route_nopull = DISABLED 2023-08-14 12:54:38 us=859000 route_gateway_via_dhcp = DISABLED 2023-08-14 12:54:38 us=859000 allow_pull_fqdn = DISABLED 2023-08-14 12:54:38 us=859000 Pull filters: 2023-08-14 12:54:38 us=859000 ignore "route-method" 2023-08-14 12:54:38 us=859000 management_addr = '127.0.0.1' 2023-08-14 12:54:38 us=859000 management_port = '25341' 2023-08-14 12:54:38 us=859000 management_user_pass = 'stdin' 2023-08-14 12:54:38 us=859000 management_log_history_cache = 250 2023-08-14 12:54:38 us=859000 management_echo_buffer_size = 100 2023-08-14 12:54:38 us=859000 management_client_user = '[UNDEF]' 2023-08-14 12:54:38 us=859000 management_client_group = '[UNDEF]' 2023-08-14 12:54:38 us=859000 management_flags = 6 2023-08-14 12:54:38 us=859000 shared_secret_file = '[UNDEF]' 2023-08-14 12:54:38 us=859000 key_direction = not set 2023-08-14 12:54:38 us=859000 ciphername = 'AES-256-GCM' 2023-08-14 12:54:38 us=859000 ncp_ciphers = 'AES-256-GCM:AES-128-GCM' 2023-08-14 12:54:38 us=859000 authname = 'SHA256' 2023-08-14 12:54:38 us=859000 engine = DISABLED 2023-08-14 12:54:38 us=859000 replay = ENABLED 2023-08-14 12:54:38 us=859000 mute_replay_warnings = ENABLED 2023-08-14 12:54:38 us=859000 replay_window = 64 2023-08-14 12:54:38 us=859000 replay_time = 15 2023-08-14 12:54:38 us=859000 packet_id_file = '[UNDEF]' 2023-08-14 12:54:38 us=859000 test_crypto = DISABLED 2023-08-14 12:54:38 us=859000 tls_server = DISABLED 2023-08-14 12:54:38 us=859000 tls_client = ENABLED 2023-08-14 12:54:38 us=859000 ca_file = '[INLINE]' 2023-08-14 12:54:38 us=859000 ca_path = '[UNDEF]' 2023-08-14 12:54:38 us=859000 dh_file = '[UNDEF]' 2023-08-14 12:54:38 us=859000 cert_file = '[UNDEF]' 2023-08-14 12:54:38 us=859000 extra_certs_file = '[UNDEF]' 2023-08-14 12:54:38 us=859000 priv_key_file = '[UNDEF]' 2023-08-14 12:54:38 us=859000 pkcs12_file = '[UNDEF]' 2023-08-14 12:54:38 us=859000 cryptoapi_cert = 'ISSUER:Charite Zertifizierungsstelle' 2023-08-14 12:54:38 us=859000 cipher_list = '[UNDEF]' 2023-08-14 12:54:38 us=859000 cipher_list_tls13 = '[UNDEF]' 2023-08-14 12:54:38 us=859000 tls_cert_profile = '[UNDEF]' 2023-08-14 12:54:38 us=859000 tls_verify = '[UNDEF]' 2023-08-14 12:54:38 us=859000 tls_export_cert = '[UNDEF]' 2023-08-14 12:54:38 us=859000 verify_x509_type = 1 2023-08-14 12:54:38 us=859000 verify_x509_name = 'C=DE, ST=Berlin, L=Berlin, O=Charite - Universitaetsmedizin Berlin, OU=GB IT, CN=openvpn-managed.charite.de' 2023-08-14 12:54:38 us=859000 crl_file = '[UNDEF]' 2023-08-14 12:54:38 us=859000 ns_cert_type = 0 2023-08-14 12:54:38 us=859000 remote_cert_ku[i] = 0 2023-08-14 12:54:38 us=859000 remote_cert_ku[i] = 0 2023-08-14 12:54:38 us=859000 remote_cert_ku[i] = 0 2023-08-14 12:54:38 us=859000 remote_cert_ku[i] = 0 2023-08-14 12:54:38 us=859000 remote_cert_ku[i] = 0 2023-08-14 12:54:38 us=859000 remote_cert_ku[i] = 0 2023-08-14 12:54:38 us=859000 remote_cert_ku[i] = 0 2023-08-14 12:54:38 us=859000 remote_cert_ku[i] = 0 2023-08-14 12:54:38 us=859000 remote_cert_ku[i] = 0 2023-08-14 12:54:38 us=859000 remote_cert_ku[i] = 0 2023-08-14 12:54:38 us=859000 remote_cert_ku[i] = 0 2023-08-14 12:54:38 us=859000 remote_cert_ku[i] = 0 2023-08-14 12:54:38 us=859000 remote_cert_ku[i] = 0 2023-08-14 12:54:38 us=859000 remote_cert_ku[i] = 0 2023-08-14 12:54:38 us=859000 remote_cert_ku[i] = 0 2023-08-14 12:54:38 us=859000 remote_cert_ku[i] = 0 2023-08-14 12:54:38 us=859000 remote_cert_eku = 'TLS Web Server Authentication' 2023-08-14 12:54:38 us=859000 ssl_flags = 192 2023-08-14 12:54:38 us=859000 tls_timeout = 2 2023-08-14 12:54:38 us=859000 renegotiate_bytes = -1 2023-08-14 12:54:38 us=859000 renegotiate_packets = 0 2023-08-14 12:54:38 us=859000 renegotiate_seconds = 0 2023-08-14 12:54:38 us=859000 handshake_window = 10 2023-08-14 12:54:38 us=859000 transition_window = 3600 2023-08-14 12:54:38 us=859000 single_session = DISABLED 2023-08-14 12:54:38 us=859000 push_peer_info = DISABLED 2023-08-14 12:54:38 us=859000 tls_exit = DISABLED 2023-08-14 12:54:38 us=859000 tls_crypt_v2_metadata = '[UNDEF]' 2023-08-14 12:54:38 us=859000 pkcs11_protected_authentication = DISABLED 2023-08-14 12:54:38 us=859000 pkcs11_protected_authentication = DISABLED 2023-08-14 12:54:38 us=859000 pkcs11_protected_authentication = DISABLED 2023-08-14 12:54:38 us=859000 pkcs11_protected_authentication = DISABLED 2023-08-14 12:54:38 us=859000 pkcs11_protected_authentication = DISABLED 2023-08-14 12:54:38 us=859000 pkcs11_protected_authentication = DISABLED 2023-08-14 12:54:38 us=859000 pkcs11_protected_authentication = DISABLED 2023-08-14 12:54:38 us=859000 pkcs11_protected_authentication = DISABLED 2023-08-14 12:54:38 us=859000 pkcs11_protected_authentication = DISABLED 2023-08-14 12:54:38 us=859000 pkcs11_protected_authentication = DISABLED 2023-08-14 12:54:38 us=859000 pkcs11_protected_authentication = DISABLED 2023-08-14 12:54:38 us=859000 pkcs11_protected_authentication = DISABLED 2023-08-14 12:54:38 us=859000 pkcs11_protected_authentication = DISABLED 2023-08-14 12:54:38 us=859000 pkcs11_protected_authentication = DISABLED 2023-08-14 12:54:38 us=859000 pkcs11_protected_authentication = DISABLED 2023-08-14 12:54:38 us=859000 pkcs11_protected_authentication = DISABLED 2023-08-14 12:54:38 us=859000 pkcs11_private_mode = 00000000 2023-08-14 12:54:38 us=859000 pkcs11_private_mode = 00000000 2023-08-14 12:54:38 us=859000 pkcs11_private_mode = 00000000 2023-08-14 12:54:38 us=859000 pkcs11_private_mode = 00000000 2023-08-14 12:54:38 us=859000 pkcs11_private_mode = 00000000 2023-08-14 12:54:38 us=859000 pkcs11_private_mode = 00000000 2023-08-14 12:54:38 us=859000 pkcs11_private_mode = 00000000 2023-08-14 12:54:38 us=859000 pkcs11_private_mode = 00000000 2023-08-14 12:54:38 us=859000 pkcs11_private_mode = 00000000 2023-08-14 12:54:38 us=859000 pkcs11_private_mode = 00000000 2023-08-14 12:54:38 us=859000 pkcs11_private_mode = 00000000 2023-08-14 12:54:38 us=859000 pkcs11_private_mode = 00000000 2023-08-14 12:54:38 us=859000 pkcs11_private_mode = 00000000 2023-08-14 12:54:38 us=859000 pkcs11_private_mode = 00000000 2023-08-14 12:54:38 us=859000 pkcs11_private_mode = 00000000 2023-08-14 12:54:38 us=859000 pkcs11_private_mode = 00000000 2023-08-14 12:54:38 us=859000 pkcs11_cert_private = DISABLED 2023-08-14 12:54:38 us=859000 pkcs11_cert_private = DISABLED 2023-08-14 12:54:38 us=859000 pkcs11_cert_private = DISABLED 2023-08-14 12:54:38 us=859000 pkcs11_cert_private = DISABLED 2023-08-14 12:54:38 us=859000 pkcs11_cert_private = DISABLED 2023-08-14 12:54:38 us=859000 pkcs11_cert_private = DISABLED 2023-08-14 12:54:38 us=859000 pkcs11_cert_private = DISABLED 2023-08-14 12:54:38 us=859000 pkcs11_cert_private = DISABLED 2023-08-14 12:54:38 us=859000 pkcs11_cert_private = DISABLED 2023-08-14 12:54:38 us=859000 pkcs11_cert_private = DISABLED 2023-08-14 12:54:38 us=859000 pkcs11_cert_private = DISABLED 2023-08-14 12:54:38 us=859000 pkcs11_cert_private = DISABLED 2023-08-14 12:54:38 us=859000 pkcs11_cert_private = DISABLED 2023-08-14 12:54:38 us=859000 pkcs11_cert_private = DISABLED 2023-08-14 12:54:38 us=859000 pkcs11_cert_private = DISABLED 2023-08-14 12:54:38 us=859000 pkcs11_cert_private = DISABLED 2023-08-14 12:54:38 us=875000 pkcs11_pin_cache_period = -1 2023-08-14 12:54:38 us=875000 pkcs11_id = '[UNDEF]' 2023-08-14 12:54:38 us=875000 pkcs11_id_management = DISABLED 2023-08-14 12:54:38 us=875000 server_network = 0.0.0.0 2023-08-14 12:54:38 us=875000 server_netmask = 0.0.0.0 2023-08-14 12:54:38 us=875000 server_network_ipv6 = :: 2023-08-14 12:54:38 us=875000 server_netbits_ipv6 = 0 2023-08-14 12:54:38 us=875000 server_bridge_ip = 0.0.0.0 2023-08-14 12:54:38 us=875000 server_bridge_netmask = 0.0.0.0 2023-08-14 12:54:38 us=875000 server_bridge_pool_start = 0.0.0.0 2023-08-14 12:54:38 us=875000 server_bridge_pool_end = 0.0.0.0 2023-08-14 12:54:38 us=875000 ifconfig_pool_defined = DISABLED 2023-08-14 12:54:38 us=875000 ifconfig_pool_start = 0.0.0.0 2023-08-14 12:54:38 us=875000 ifconfig_pool_end = 0.0.0.0 2023-08-14 12:54:38 us=875000 ifconfig_pool_netmask = 0.0.0.0 2023-08-14 12:54:38 us=875000 ifconfig_pool_persist_filename = '[UNDEF]' 2023-08-14 12:54:38 us=875000 ifconfig_pool_persist_refresh_freq = 600 2023-08-14 12:54:38 us=875000 ifconfig_ipv6_pool_defined = DISABLED 2023-08-14 12:54:38 us=875000 ifconfig_ipv6_pool_base = :: 2023-08-14 12:54:38 us=875000 ifconfig_ipv6_pool_netbits = 0 2023-08-14 12:54:38 us=875000 n_bcast_buf = 256 2023-08-14 12:54:38 us=875000 tcp_queue_limit = 64 2023-08-14 12:54:38 us=875000 real_hash_size = 256 2023-08-14 12:54:38 us=875000 virtual_hash_size = 256 2023-08-14 12:54:38 us=875000 client_connect_script = '[UNDEF]' 2023-08-14 12:54:38 us=875000 learn_address_script = '[UNDEF]' 2023-08-14 12:54:38 us=875000 client_disconnect_script = '[UNDEF]' 2023-08-14 12:54:38 us=875000 client_crresponse_script = '[UNDEF]' 2023-08-14 12:54:38 us=875000 client_config_dir = '[UNDEF]' 2023-08-14 12:54:38 us=875000 ccd_exclusive = DISABLED 2023-08-14 12:54:38 us=875000 tmp_dir = 'C:\Users\hildeb\AppData\Local\Temp\' 2023-08-14 12:54:38 us=875000 push_ifconfig_defined = DISABLED 2023-08-14 12:54:38 us=875000 push_ifconfig_local = 0.0.0.0 2023-08-14 12:54:38 us=875000 push_ifconfig_remote_netmask = 0.0.0.0 2023-08-14 12:54:38 us=875000 push_ifconfig_ipv6_defined = DISABLED 2023-08-14 12:54:38 us=875000 push_ifconfig_ipv6_local = ::/0 2023-08-14 12:54:38 us=875000 push_ifconfig_ipv6_remote = :: 2023-08-14 12:54:38 us=875000 enable_c2c = DISABLED 2023-08-14 12:54:38 us=875000 duplicate_cn = DISABLED 2023-08-14 12:54:38 us=875000 cf_max = 0 2023-08-14 12:54:38 us=875000 cf_per = 0 2023-08-14 12:54:38 us=875000 cf_initial_max = 100 2023-08-14 12:54:38 us=875000 cf_initial_per = 10 2023-08-14 12:54:38 us=875000 max_clients = 1024 2023-08-14 12:54:38 us=875000 max_routes_per_client = 256 2023-08-14 12:54:38 us=875000 auth_user_pass_verify_script = '[UNDEF]' 2023-08-14 12:54:38 us=875000 auth_user_pass_verify_script_via_file = DISABLED 2023-08-14 12:54:38 us=875000 auth_token_generate = DISABLED 2023-08-14 12:54:38 us=875000 auth_token_lifetime = 0 2023-08-14 12:54:38 us=875000 auth_token_secret_file = '[UNDEF]' 2023-08-14 12:54:38 us=875000 vlan_tagging = DISABLED 2023-08-14 12:54:38 us=875000 vlan_accept = all 2023-08-14 12:54:38 us=875000 vlan_pvid = 1 2023-08-14 12:54:38 us=875000 client = ENABLED 2023-08-14 12:54:38 us=875000 pull = ENABLED 2023-08-14 12:54:38 us=875000 auth_user_pass_file = 'stdin' 2023-08-14 12:54:38 us=875000 show_net_up = DISABLED 2023-08-14 12:54:38 us=875000 route_method = 3 2023-08-14 12:54:38 us=875000 block_outside_dns = DISABLED 2023-08-14 12:54:38 us=875000 ip_win32_defined = DISABLED 2023-08-14 12:54:38 us=875000 ip_win32_type = 1 2023-08-14 12:54:38 us=875000 dhcp_masq_offset = 0 2023-08-14 12:54:38 us=875000 dhcp_lease_time = 31536000 2023-08-14 12:54:38 us=875000 tap_sleep = 0 2023-08-14 12:54:38 us=875000 dhcp_options = 0x00000000 2023-08-14 12:54:38 us=875000 dhcp_renew = DISABLED 2023-08-14 12:54:38 us=875000 dhcp_pre_release = DISABLED 2023-08-14 12:54:38 us=875000 domain = '[UNDEF]' 2023-08-14 12:54:38 us=875000 netbios_scope = '[UNDEF]' 2023-08-14 12:54:38 us=875000 netbios_node_type = 0 2023-08-14 12:54:38 us=875000 disable_nbt = DISABLED 2023-08-14 12:54:38 us=875000 OpenVPN 2.6.5 [git:v2.6.5/cbc9e0ce412e7b42] Windows-MSVC [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] [DCO] built on Jun 13 2023 2023-08-14 12:54:38 us=875000 Windows version 10.0 (Windows 10 or greater), amd64 executable 2023-08-14 12:54:38 us=875000 library versions: OpenSSL 3.1.1 30 May 2023, LZO 2.10 2023-08-14 12:54:38 us=875000 DCO version: v0 2023-08-14 12:54:38 us=875000 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25341 2023-08-14 12:54:38 us=875000 Need hold release from management interface, waiting... 2023-08-14 12:54:39 us=328000 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:58213 2023-08-14 12:54:39 us=453000 MANAGEMENT: CMD 'state on' 2023-08-14 12:54:39 us=453000 MANAGEMENT: CMD 'log on all' 2023-08-14 12:54:39 us=718000 MANAGEMENT: CMD 'echo on all' 2023-08-14 12:54:39 us=718000 MANAGEMENT: CMD 'bytecount 5' 2023-08-14 12:54:39 us=718000 MANAGEMENT: CMD 'state' 2023-08-14 12:54:39 us=718000 MANAGEMENT: CMD 'hold off' 2023-08-14 12:54:39 us=718000 MANAGEMENT: CMD 'hold release' 2023-08-14 12:54:42 us=93000 MANAGEMENT: CMD 'username "Auth" "hildeb"' 2023-08-14 12:54:42 us=109000 MANAGEMENT: CMD 'password [...]' 2023-08-14 12:54:42 us=125000 cryptapicert: using certificate with name <VSW-IT-CM-T12.charite.de> 2023-08-14 12:54:42 us=140000 Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key 2023-08-14 12:54:42 us=140000 Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication 2023-08-14 12:54:42 us=140000 Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key 2023-08-14 12:54:42 us=140000 Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication 2023-08-14 12:54:42 us=140000 Control Channel MTU parms [ mss_fix:0 max_frag:0 tun_mtu:1250 tun_max_mtu:0 headroom:126 payload:1600 tailroom:126 ET:0 ] 2023-08-14 12:54:42 us=140000 Data Channel MTU parms [ mss_fix:0 max_frag:0 tun_mtu:1500 tun_max_mtu:1600 headroom:136 payload:1768 tailroom:562 ET:0 ] 2023-08-14 12:54:42 us=140000 TCP/UDP: Preserving recently used remote address: [AF_INET]193.175.73.163:1194 2023-08-14 12:54:42 us=140000 ovpn-dco device [OpenVPN Data Channel Offload] opened 2023-08-14 12:54:42 us=140000 UDP link local: (not bound) 2023-08-14 12:54:42 us=140000 UDP link remote: [AF_INET]193.175.73.163:1194 2023-08-14 12:54:42 us=140000 MANAGEMENT: >STATE:1692010482,WAIT,,,,,, 2023-08-14 12:54:42 us=156000 MANAGEMENT: >STATE:1692010482,AUTH,,,,,, 2023-08-14 12:54:42 us=156000 TLS: Initial packet from [AF_INET]193.175.73.163:1194, sid=f830e203 89d41cc9 2023-08-14 12:54:42 us=156000 VERIFY OK: depth=1, DC=de, DC=charite, CN=Charite Zertifizierungsstelle 2023-08-14 12:54:42 us=156000 Validating certificate extended key usage 2023-08-14 12:54:42 us=156000 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication 2023-08-14 12:54:42 us=156000 VERIFY EKU OK 2023-08-14 12:54:42 us=156000 VERIFY X509NAME OK: C=DE, ST=Berlin, L=Berlin, O=Charite - Universitaetsmedizin Berlin, OU=GB IT, CN=openvpn-managed.charite.de 2023-08-14 12:54:42 us=156000 VERIFY OK: depth=0, C=DE, ST=Berlin, L=Berlin, O=Charite - Universitaetsmedizin Berlin, OU=GB IT, CN=openvpn-managed.charite.de 2023-08-14 12:54:42 us=156000 Signing using NCryptSignHash with PSS padding: hashalg <SHA256>, saltlen <32> 2023-08-14 12:54:42 us=187000 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 4096 bit RSA, signature: RSA-SHA256 2023-08-14 12:54:42 us=187000 [openvpn-managed.charite.de] Peer Connection Initiated with [AF_INET]193.175.73.163:1194 2023-08-14 12:54:42 us=187000 TLS: move_session: dest=TM_ACTIVE src=TM_INITIAL reinit_src=1 2023-08-14 12:54:42 us=187000 TLS: tls_multi_process: initial untrusted session promoted to trusted 2023-08-14 12:54:43 us=375000 MANAGEMENT: >STATE:1692010483,GET_CONFIG,,,,,, 2023-08-14 12:54:43 us=375000 SENT CONTROL [openvpn-managed.charite.de]: 'PUSH_REQUEST' (status=1) 2023-08-14 12:54:43 us=390000 PUSH: Received control message: 'PUSH_REPLY,dhcp-option DNS 141.42.1.1,dhcp-option DOMAIN charite.de,route-gateway 172.29.144.1,topology subnet,ping 10,ping-restart 30,route 10.27.0.0 255.255.0.0,route 10.28.0.0 255.254.0.0,route 10.32.0.0 255.224.0.0,route 172.16.0.0 255.254.0.0,route 172.18.0.0 255.255.224.0,route 192.168.120.0 255.255.254.0,route 192.168.192.0 255.255.192.0,route 141.42.0.0 255.255.0.0,route 193.175.72.0 255.255.255.0,route 193.175.74.0 255.255.254.0,route 193.175.174.0 255.255.255.192,route 172.19.252.0 255.255.255.224,route 194.94.4.0 255.255.254.0,register-dns,block-outside-dns,ifconfig 172.29.144.34 255.255.248.0,peer-id 32,cipher AES-256-GCM,protocol-flags cc-exit tls-ekm dyn-tls-crypt,tun-mtu 1500' 2023-08-14 12:54:43 us=390000 OPTIONS IMPORT: --ifconfig/up options modified 2023-08-14 12:54:43 us=390000 OPTIONS IMPORT: route options modified 2023-08-14 12:54:43 us=390000 OPTIONS IMPORT: route-related options modified 2023-08-14 12:54:43 us=390000 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified 2023-08-14 12:54:43 us=390000 OPTIONS IMPORT: tun-mtu set to 1500 2023-08-14 12:54:43 us=390000 interactive service msg_channel=876 2023-08-14 12:54:43 us=390000 do_ifconfig, ipv4=1, ipv6=0 2023-08-14 12:54:43 us=390000 MANAGEMENT: >STATE:1692010483,ASSIGN_IP,,172.29.144.34,,,, 2023-08-14 12:54:43 us=390000 INET address service: add 172.29.144.34/21 2023-08-14 12:54:43 us=390000 Setting IPv4 dns servers on 'OpenVPN Data Channel Offload' (if_index = 7) using service 2023-08-14 12:54:43 us=718000 IPv4 dns servers set using service 2023-08-14 12:54:43 us=718000 Setting dns domain on 'OpenVPN Data Channel Offload' (if_index = 7) using service 2023-08-14 12:54:44 DNS domain set using service 2023-08-14 12:54:44 IPv4 MTU set to 1500 on interface 7 using service 2023-08-14 12:54:44 Blocking outside dns using service succeeded. 2023-08-14 12:54:44 MANAGEMENT: >STATE:1692010484,ADD_ROUTES,,,,,, 2023-08-14 12:54:44 C:\Windows\system32\route.exe ADD 10.27.0.0 MASK 255.255.0.0 172.29.144.1 METRIC 200 2023-08-14 12:54:44 Route addition via service succeeded 2023-08-14 12:54:44 C:\Windows\system32\route.exe ADD 10.28.0.0 MASK 255.254.0.0 172.29.144.1 METRIC 200 2023-08-14 12:54:44 us=15000 Route addition via service succeeded 2023-08-14 12:54:44 us=15000 C:\Windows\system32\route.exe ADD 10.32.0.0 MASK 255.224.0.0 172.29.144.1 METRIC 200 2023-08-14 12:54:44 us=15000 Route addition via service succeeded 2023-08-14 12:54:44 us=15000 C:\Windows\system32\route.exe ADD 172.16.0.0 MASK 255.254.0.0 172.29.144.1 METRIC 200 2023-08-14 12:54:44 us=15000 Route addition via service succeeded 2023-08-14 12:54:44 us=15000 C:\Windows\system32\route.exe ADD 172.18.0.0 MASK 255.255.224.0 172.29.144.1 METRIC 200 2023-08-14 12:54:44 us=15000 Route addition via service succeeded 2023-08-14 12:54:44 us=15000 C:\Windows\system32\route.exe ADD 192.168.120.0 MASK 255.255.254.0 172.29.144.1 METRIC 200 2023-08-14 12:54:44 us=15000 Route addition via service succeeded 2023-08-14 12:54:44 us=15000 C:\Windows\system32\route.exe ADD 192.168.192.0 MASK 255.255.192.0 172.29.144.1 METRIC 200 2023-08-14 12:54:44 us=15000 Route addition via service succeeded 2023-08-14 12:54:44 us=15000 C:\Windows\system32\route.exe ADD 141.42.0.0 MASK 255.255.0.0 172.29.144.1 METRIC 200 2023-08-14 12:54:44 us=15000 Route addition via service succeeded 2023-08-14 12:54:44 us=15000 C:\Windows\system32\route.exe ADD 193.175.72.0 MASK 255.255.255.0 172.29.144.1 METRIC 200 2023-08-14 12:54:44 us=31000 Route addition via service succeeded 2023-08-14 12:54:44 us=31000 C:\Windows\system32\route.exe ADD 193.175.74.0 MASK 255.255.254.0 172.29.144.1 METRIC 200 2023-08-14 12:54:44 us=31000 Route addition via service succeeded 2023-08-14 12:54:44 us=31000 C:\Windows\system32\route.exe ADD 193.175.174.0 MASK 255.255.255.192 172.29.144.1 METRIC 200 2023-08-14 12:54:44 us=31000 Route addition via service succeeded 2023-08-14 12:54:44 us=31000 C:\Windows\system32\route.exe ADD 172.19.252.0 MASK 255.255.255.224 172.29.144.1 METRIC 200 2023-08-14 12:54:44 us=31000 Route addition via service succeeded 2023-08-14 12:54:44 us=31000 C:\Windows\system32\route.exe ADD 194.94.4.0 MASK 255.255.254.0 172.29.144.1 METRIC 200 2023-08-14 12:54:44 us=31000 Route addition via service succeeded 2023-08-14 12:54:44 us=31000 Data Channel MTU parms [ mss_fix:1336 max_frag:0 tun_mtu:1500 tun_max_mtu:1600 headroom:136 payload:1768 tailroom:562 ET:0 ] 2023-08-14 12:54:44 us=31000 Outgoing dynamic tls-crypt: Cipher 'AES-256-CTR' initialized with 256 bit key 2023-08-14 12:54:44 us=31000 Outgoing dynamic tls-crypt: Using 256 bit message hash 'SHA256' for HMAC authentication 2023-08-14 12:54:44 us=31000 Incoming dynamic tls-crypt: Cipher 'AES-256-CTR' initialized with 256 bit key 2023-08-14 12:54:44 us=31000 Incoming dynamic tls-crypt: Using 256 bit message hash 'SHA256' for HMAC authentication 2023-08-14 12:54:44 us=31000 Initialization Sequence Completed 2023-08-14 12:54:44 us=31000 Register_dns request sent to the service 2023-08-14 12:54:44 us=31000 MANAGEMENT: >STATE:1692010484,CONNECTED,SUCCESS,172.29.144.34,193.175.73.163,1194,, 2023-08-14 12:54:44 us=31000 Data Channel: cipher 'AES-256-GCM', peer-id: 32 2023-08-14 12:54:44 us=31000 Timers: ping 10, ping-restart 30 2023-08-14 12:54:44 us=31000 Protocol options: explicit-exit-notify 1, protocol-flags cc-exit tls-ekm dyn-tls-crypt
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
