Re: [Openvpn-users] management-auth breaks data-channel?

Hi Tom, Your last log showed MANAGEMENT: CMD 'client-auth 0 0' but no MANAGEMENT: CMD 'END' That's what I meant. Anyway, I have not been able to reproduce this. If you privately send me the server and client configs (remove the certs and keys), server and client logs in full at verb=4, and yo

Re: [Openvpn-users] management-auth breaks data-channel?

Hi Selva, I’m trying out things, so I changed the auth handler from ’client-auth-nt’ to ’client-auth’ + ’END’. To further elliminate possible causes I also disabled the usage of the external DHCP server and change ’server-brigde’ to ’server-bridge GW IP NETMASK’. Anyway, when I did the t

Re: [Openvpn-users] management-auth breaks data-channel?

Hi On Thu, Apr 2, 2020 at 4:38 PM Dajka Tamás wrote: > > Plugin part, when management-client is used: > > > > CLIENT_PUBLIC_IP:49712 TLS: Username/Password authentication deferred for > username 'mysecretuser' [CN SET] > > CLIENT_PUBLIC_IP:49712 TCPv4_SERVER WRITE [308] to > [AF_INET]CLIENT_PUBL

Re: [Openvpn-users] Openvpn 2.4.8 on Windows 10: TAP32 Adapter seems to be fubared

On Thu, Apr 02, 2020 at 21:16:48 +0300, Samuli Seppänen wrote: > The installer I extracted had a sha1sum of > > 9c3fa39b6dc1ca9a02bf940c0509cf58a13fdf7d > > That matches the sha1sum of openvpn-install-2.4.8-i602-Win10.exe's which > I just a few minutes ago downloaded from the official download pa

Re: [Openvpn-users] Openvpn 2.4.8 on Windows 10: TAP32 Adapter seems to be fubared

Hi again, Il 02/04/20 20:52, Samuli Seppänen ha scritto: > Il 02/04/20 20:43, Nathan Stratton Treadway ha scritto: >> On Thu, Apr 02, 2020 at 20:17:23 +0300, Samuli Seppänen wrote: >>> Il 02/04/20 19:22, Nathan Stratton Treadway ha scritto: On Thu, Apr 02, 2020 at 12:17:17 -0400, Nathan Strat

Re: [Openvpn-users] Openvpn 2.4.8 on Windows 10: TAP32 Adapter seems to be fubared

Il 02/04/20 20:43, Nathan Stratton Treadway ha scritto: > On Thu, Apr 02, 2020 at 20:17:23 +0300, Samuli Seppänen wrote: >> Il 02/04/20 19:22, Nathan Stratton Treadway ha scritto: >>> On Thu, Apr 02, 2020 at 12:17:17 -0400, Nathan Stratton Treadway wrote: On Thu, Apr 02, 2020 at 18:07:26 +0200

Re: [Openvpn-users] Openvpn 2.4.8 on Windows 10: TAP32 Adapter seems to be fubared

On Thu, Apr 02, 2020 at 20:17:23 +0300, Samuli Seppänen wrote: > Il 02/04/20 19:22, Nathan Stratton Treadway ha scritto: > > On Thu, Apr 02, 2020 at 12:17:17 -0400, Nathan Stratton Treadway wrote: > >> On Thu, Apr 02, 2020 at 18:07:26 +0200, Gert Doering wrote: > >>> Hi, > >>> > >>> On Thu, Apr 02,

Re: [Openvpn-users] Openvpn 2.4.8 on Windows 10: TAP32 Adapter seems to be fubared

Il 02/04/20 19:22, Nathan Stratton Treadway ha scritto: > On Thu, Apr 02, 2020 at 12:17:17 -0400, Nathan Stratton Treadway wrote: >> On Thu, Apr 02, 2020 at 18:07:26 +0200, Gert Doering wrote: >>> Hi, >>> >>> On Thu, Apr 02, 2020 at 11:48:14AM -0400, Nathan Stratton Treadway wrote: So it does

Re: [Openvpn-users] Openvpn 2.4.8 on Windows 10: TAP32 Adapter seems to be fubared

On Thu, Apr 02, 2020 at 12:17:17 -0400, Nathan Stratton Treadway wrote: > On Thu, Apr 02, 2020 at 18:07:26 +0200, Gert Doering wrote: > > Hi, > > > > On Thu, Apr 02, 2020 at 11:48:14AM -0400, Nathan Stratton Treadway wrote: > > > So it does seem like the driver is signed by OpenVPN (and not > > >

Re: [Openvpn-users] Openvpn 2.4.8 on Windows 10: TAP32 Adapter seems to be fubared

On Thu, Apr 02, 2020 at 18:07:26 +0200, Gert Doering wrote: > Hi, > > On Thu, Apr 02, 2020 at 11:48:14AM -0400, Nathan Stratton Treadway wrote: > > So it does seem like the driver is signed by OpenVPN (and not > > Microsoft)... but the version is 9.24. Does that mean it actually is > > the "tap09

Re: [Openvpn-users] Openvpn 2.4.8 on Windows 10: TAP32 Adapter seems to be fubared

Hi, On Thu, Apr 02, 2020 at 11:48:14AM -0400, Nathan Stratton Treadway wrote: > So it does seem like the driver is signed by OpenVPN (and not > Microsoft)... but the version is 9.24. Does that mean it actually is > the "tap0901" driver, or can the tap-windows6 driver also have a version > of 9.24

Re: [Openvpn-users] Openvpn 2.4.8 on Windows 10: TAP32 Adapter seems to be fubared

On Thu, Apr 02, 2020 at 08:47:57 +0300, Samuli Seppänen wrote: > I looked at Ralf's logs and they show that - for whatever reason - the > tap-windows installer chose to install the Windows 7 version of > tap-windows6 on those Windows 10 instances. The Digital signer in the > device properties shoul

Re: [Openvpn-users] Note on cert-error (already solved, but one question)

Hi Jan Thank you for your answer. Am 02.04.20 um 13:46 schrieb Jan Just Keijser: it is not a requirement , but it's often good practice to do so. And I guess it depends on the kind of client-side certificates ? I've not heard of a *requirement* to set 'remote-cert-tls server' before... ...bu

Re: [Openvpn-users] [ext] Re: Openvpn 2.4.8 on Windows 10: TAP32 Adapter seems to be fubared

* Nathan Stratton Treadway : > > Your problem seems to be the same as Ralf's (see my other email). The > > NSIS installer chose to install the Windows 7 version of tap-windows6 on > > this Windows 10 instance, and that will not work. > > > > WHQL = attestation signed > > Authenticode = cross-sign

Re: [Openvpn-users] Openvpn 2.4.8 on Windows 10: TAP32 Adapter seems to be fubared

On Thu, Apr 02, 2020 at 08:47:57 +0300, Samuli Seppänen wrote: > difference is. Or maybe something changed in Windows which causes this > misbehavior. Fully removing all traces of tap-windows6 from the system, > e.g. with Remote-Tapwindows.ps1: > >

Re: [Openvpn-users] Openvpn 2.4.8 on Windows 10: TAP32 Adapter seems to be fubared

On Thu, Apr 02, 2020 at 10:03:40 +0300, Samuli Seppänen wrote: > Hi, > > Il 02/04/20 08:33, Nathan Stratton Treadway ha scritto: > > On Wed, Apr 01, 2020 at 11:14:08 -0400, Nathan Stratton Treadway wrote: > >> I should be able to get the setupapi.dev.log files from both of the > >> machines if th

Re: [Openvpn-users] Openvpn 2.4.8 on Windows 10: TAP32 Adapter seems to be fubared

On Thu, Apr 02, 2020 at 12:14:07 +0100, tincanteksup wrote: > > > On 02/04/2020 06:47, Samuli Seppänen wrote: > >Hi, > > > > > > > > >I looked at Ralf's logs and they show that - for whatever reason - the > >tap-windows installer chose to install the Windows 7 version of > >tap-windows6 on tho

Re: [Openvpn-users] management-auth breaks data-channel?

Hi Selva, then I misunderstood it. I’m using just ’client-auth-nt’ from the beginning, but now I supply ’END’, not that it matters (the management-notes.txt was not that clear to me in this case). Yes, this is a bridged setup. Currently the openvpn server supplies the IP address. The se

Re: [Openvpn-users] Note on cert-error (already solved, but one question)

Hi, On 02/04/20 11:55, Thomas Luening wrote: $ lsb_release -a No LSB modules are available. Distributor ID:    Raspbian Description:    Raspbian GNU/Linux 10 (buster) Release:    10 Codename:    buster $ openvpn --version OpenVPN 2.4.8 armv7l-unknown-linux-gnueabihf [SSL (OpenSSL)] [LZO] [LZ4]

Re: [Openvpn-users] Openvpn 2.4.8 on Windows 10: TAP32 Adapter seems to be fubared

On 02/04/2020 06:47, Samuli Seppänen wrote: Hi, I looked at Ralf's logs and they show that - for whatever reason - the tap-windows installer chose to install the Windows 7 version of tap-windows6 on those Windows 10 instances. The Digital signer in the device properties should show "Mic

[Openvpn-users] Note on cert-error (already solved, but one question)

$ lsb_release -a No LSB modules are available. Distributor ID: Raspbian Description:Raspbian GNU/Linux 10 (buster) Release:10 Codename: buster $ openvpn --version OpenVPN 2.4.8 armv7l-unknown-linux-gnueabihf [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Mar 1

Re: [Openvpn-users] Openvpn 2.4.8 on Windows 10: TAP32 Adapter seems to be fubared

Hi, Il 02/04/20 08:33, Nathan Stratton Treadway ha scritto: > On Wed, Apr 01, 2020 at 11:14:08 -0400, Nathan Stratton Treadway wrote: >> I should be able to get the setupapi.dev.log files from both of the >> machines if that would be helpful. > > I extracted the section of the setupapi.dev.log f