Let me review how I extracted all of the keys, certs, CAs, and TLS keys: Using the stock config file client dev tun proto udp remote 208.84.155.44 1194 resolv-retry infinite remote-random nobind tun-mtu 1500 tun-mtu-extra 32 mssfix 1450 persist-key persist-tun ping 15 ping-restart 0 ping-timer-rem reneg-sec 0 comp-lzo no remote-cert-tls server auth-user-pass .secrets verb 3 pull fast-io

I believe you are missing a "push route" to the OpenVPN subnet, try adding that to your server.conf: push "route 10.8.0.0 255.255.255.0" Also, if you want OpenVPN clients to be able to establish connection to other machine in your LAN, then add another push like so (replace 10.10.1.0 with your LAN cidr): push "route 10.10.1.0 255.255.255.0" "openvpn --show-tls" displays the cipher and message authentication code (MAC) used during the SSL/TLS negotiation. They should not be confounded with the cipher and MAC used to secure the OpenVPN tunnel. IP ADDRESSES: Choose the IP addresses you want to use inside the tunnel. Static IP addresses: Copy all files to the OpenVPN configuration folder (by default C:/Program Files/OpenVPN/config/) and confirm the Windows security messages. 4 Click with right on the OpenVPN desktop icon, click on "Settings" and go to the tab "Compatibility". Config file included, secret.key is in C:\Program Files\OpenVPN\config # Specify that we are a client and that we # will be pulling certain config file directives # from the server. client # Use the same setting as you are using on # the server.

I then rm openvpn.log thinking of restarting a fresh log. But openvpn.log didn't get created and I now can't find the logs. Where has the log gone to now? I created a new openvpn.log but it remained at size 0. – Old Geezer Aug 20 '19 at 4:03

Feb 07, 2019 · The way OpenVPN allocates IP addresses is the same as for remote access clients. When using a Topology style of subnet , each client will obtain one IP address in a common subnet. When using a Topology style of net30 , each connecting client gets a /30 subnet to interconnect itself with the server.

I then rm openvpn.log thinking of restarting a fresh log. But openvpn.log didn't get created and I now can't find the logs. Where has the log gone to now? I created a new openvpn.log but it remained at size 0. – Old Geezer Aug 20 '19 at 4:03

Mar 07, 2019 · The OpenVPN configuration file will look like this: CLI: client dev tun proto udp remote sweden.privateinternetaccess.com 1198 resolv-retry infinite nobind persist-key persist-tun cipher aes-128-cbc auth sha1 tls-client remote-cert-tls server xxxxxx <--insert your login here xxxxxx <--insert your password here It seems that the OpenVPN Client on windows does not support TLS-Auth with a separate key file. So instead, you can paste your key contents in your openvpn client’s config file and use some thing like the following (inline ta.key): Setup OpenVPN Client. S-Series VoIP PBX supports 2 way to configure the OPVN Client: Manual Configuration and Upload OpenVPN Package. Manual Configuration. Before you start to set up the OpenVPN client, please check the description for OpenVPN client settings on Yeastar S-Series VoIP PBX. We have an example client.conf as the following figure Thu Jul 30 21:03:02 2015 OpenVPN 2.3.6 x86_64-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Dec 2 2014 Thu Jul 30 21:03:02 2015 library OpenVPN-2018-08-29-191206.crash (55.0 KB) - added by ZoRaC 23 months ago. OpenVPN-crashlog from iOS OpenVPN-2018-08-29-191158.crash (52.0 KB) - added by ZoRaC 23 months ago. Another OpenVPN-crashlog from iOS Download all attachments as: .zip OpenVPN checks the content of certificates following the values of remote-cert-tls which should be server on clients and client on the server (this is correct on your configuration). I believe you are missing a "push route" to the OpenVPN subnet, try adding that to your server.conf: push "route 10.8.0.0 255.255.255.0" Also, if you want OpenVPN clients to be able to establish connection to other machine in your LAN, then add another push like so (replace 10.10.1.0 with your LAN cidr): push "route 10.10.1.0 255.255.255.0"