I am trying to set up my router to use OpenVPN and have gotten quite far (I think), but something seems to be missing and I am not sure what.
Here is my configuration for the client:
client
dev tun
proto udp
remote ovpn.azirevpn.net 1194
remote-random
resolv-retry infinite
auth-user-pass /tmp/password.txt
nobind
persist-key
persist-tun
ca /tmp/AzireVPN.ca.crt
remote-cert-tls server
reneg-sec 0
verb 3
OpenVPN client log:
Nov 8 15:45:13 rc_service: httpd 15776:notify_rc start_vpnclient1
Nov 8 15:45:14 openvpn[27196]: OpenVPN 2.3.2 arm-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Nov 1 2013
Nov 8 15:45:14 openvpn[27196]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Nov 8 15:45:14 openvpn[27196]: Socket Buffers: R=[116736->131072] S=[116736->131072]
Nov 8 15:45:14 openvpn[27202]: UDPv4 link local: [undef]
Nov 8 15:45:14 openvpn[27202]: UDPv4 link remote: [AF_INET]178.132.75.14:1194
Nov 8 15:45:14 openvpn[27202]: TLS: Initial packet from [AF_INET]178.132.75.14:1194, sid=44d80db5 8b36adf9
Nov 8 15:45:14 openvpn[27202]: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Nov 8 15:45:14 openvpn[27202]: VERIFY OK: depth=1, C=RU, ST=Moscow, L=Moscow, O=Azire Networks, OU=VPN, CN=Azire Networks, name=Azire Networks,
[email protected]
Nov 8 15:45:14 openvpn[27202]: Validating certificate key usage
Nov 8 15:45:14 openvpn[27202]: ++ Certificate has key usage 00a0, expects 00a0
Nov 8 15:45:14 openvpn[27202]: VERIFY KU OK
Nov 8 15:45:14 openvpn[27202]: Validating certificate extended key usage
Nov 8 15:45:14 openvpn[27202]: ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Nov 8 15:45:14 openvpn[27202]: VERIFY EKU OK
Nov 8 15:45:14 openvpn[27202]: VERIFY OK: depth=0, C=RU, ST=Moscow, L=Moscow, O=AzireVPN, OU=VPN, CN=ovpn, name=ovpn,
[email protected]
Nov 8 15:45:15 openvpn[27202]: Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Nov 8 15:45:15 openvpn[27202]: Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Nov 8 15:45:15 openvpn[27202]: Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Nov 8 15:45:15 openvpn[27202]: Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Nov 8 15:45:15 openvpn[27202]: Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Nov 8 15:45:15 openvpn[27202]: [ovpn] Peer Connection Initiated with [AF_INET]178.132.75.14:1194
Nov 8 15:45:17 openvpn[27202]: SENT CONTROL [ovpn]: 'PUSH_REQUEST' (status=1)
Nov 8 15:45:17 openvpn[27202]: PUSH: Received control message: 'PUSH_REPLY,ifconfig-ipv6 2a03:8600:1001:4010::101f/64 2a03:8600:1001:4010::1,route-ipv6 2000::/3 2A03:8600:1001:4010::1,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 194.1.247.30,tun-ipv6,route-gateway 178.132.77.1,topology subnet,ping 3,ping-restart 15,ifconfig 178.132.77.33 255.255.255.192'
Nov 8 15:45:17 openvpn[27202]: OPTIONS IMPORT: timers and/or timeouts modified
Nov 8 15:45:17 openvpn[27202]: OPTIONS IMPORT: --ifconfig/up options modified
Nov 8 15:45:17 openvpn[27202]: OPTIONS IMPORT: route options modified
Nov 8 15:45:17 openvpn[27202]: OPTIONS IMPORT: route-related options modified
Nov 8 15:45:17 openvpn[27202]: OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Nov 8 15:45:17 openvpn[27202]: TUN/TAP device tun0 opened
Nov 8 15:45:17 openvpn[27202]: TUN/TAP TX queue length set to 100
Nov 8 15:45:17 openvpn[27202]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=1
Nov 8 15:45:17 openvpn[27202]: /usr/sbin/ip link set dev tun0 up mtu 1500
Nov 8 15:45:18 openvpn[27202]: /usr/sbin/ip addr add dev tun0 178.132.77.33/26
broadcast 178.132.77.63
Nov 8 15:45:18 openvpn[27202]: /usr/sbin/ip -6 addr add 2a03:8600:1001:4010::101f/64 dev tun0
Nov 8 15:45:18 openvpn[27202]: Linux ip -6 addr add failed: external program exited with error status: 254
Nov 8 15:45:18 openvpn[27202]: Exiting due to fatal error
Any ideas are most welcome!