sargarass@sargarass-pc: ~ » sudo openvpn --config /etc/openvpn/garda.conf                                                                                                                                                                                                                                                                                                             [14:22:44]
Fri Jul 19 14:22:45 2019 WARNING: file '/etc/openvpn/garda.pass' is group or others accessible
Fri Jul 19 14:22:45 2019 OpenVPN 2.4.6 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH/PKTINFO] [AEAD] built on Jul 19 2019
Fri Jul 19 14:22:45 2019 library versions: OpenSSL 1.0.2r  26 Feb 2019, LZO 2.10
Fri Jul 19 14:22:45 2019 Outgoing Control Channel Authentication: Using 128 bit message hash 'MD5' for HMAC authentication
Fri Jul 19 14:22:45 2019 Incoming Control Channel Authentication: Using 128 bit message hash 'MD5' for HMAC authentication
Fri Jul 19 14:22:45 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]192.162.88.135:443
Fri Jul 19 14:22:45 2019 Socket Buffers: R=[131072->131072] S=[16384->16384]
Fri Jul 19 14:22:45 2019 Attempting to establish TCP connection with [AF_INET]192.162.88.135:443 [nonblock]
Fri Jul 19 14:22:46 2019 TCP connection established with [AF_INET]192.162.88.135:443
Fri Jul 19 14:22:46 2019 TCP_CLIENT link local: (not bound)
Fri Jul 19 14:22:46 2019 TCP_CLIENT link remote: [AF_INET]192.162.88.135:443
Fri Jul 19 14:22:46 2019 TLS: Initial packet from [AF_INET]192.162.88.135:443, sid=a54a1d7c 6d8b39bc
Fri Jul 19 14:22:46 2019 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Fri Jul 19 14:22:46 2019 VERIFY OK: depth=1, CN=vpn-ext.gardatech.ru
Fri Jul 19 14:22:46 2019 VERIFY KU OK
Fri Jul 19 14:22:46 2019 Validating certificate extended key usage
Fri Jul 19 14:22:46 2019 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Fri Jul 19 14:22:46 2019 VERIFY EKU OK
Fri Jul 19 14:22:46 2019 VERIFY OK: depth=0, CN=server
Fri Jul 19 14:22:46 2019 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Fri Jul 19 14:22:46 2019 [server] Peer Connection Initiated with [AF_INET]192.162.88.135:443
Fri Jul 19 14:22:47 2019 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Fri Jul 19 14:22:47 2019 PUSH: Received control message: 'PUSH_REPLY,route 192.168.232.0 255.255.252.0,route 192.168.233.0 255.255.252.0,route 192.168.236.0 255.255.252.0,dhcp-option DOMAIN garda.local,dhcp-option DNS 192.168.232.8,route 172.20.20.1,topology net30,ping 10,ping-restart 120,ifconfig 172.20.20.6 172.20.20.5,peer-id 0,cipher AES-256-GCM'
Fri Jul 19 14:22:47 2019 OPTIONS IMPORT: timers and/or timeouts modified
Fri Jul 19 14:22:47 2019 OPTIONS IMPORT: --ifconfig/up options modified
Fri Jul 19 14:22:47 2019 OPTIONS IMPORT: route options modified
Fri Jul 19 14:22:47 2019 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Fri Jul 19 14:22:47 2019 OPTIONS IMPORT: peer-id set
Fri Jul 19 14:22:47 2019 OPTIONS IMPORT: adjusting link_mtu to 1627
Fri Jul 19 14:22:47 2019 OPTIONS IMPORT: data channel crypto options modified
Fri Jul 19 14:22:47 2019 Data Channel: using negotiated cipher 'AES-256-GCM'
Fri Jul 19 14:22:47 2019 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Fri Jul 19 14:22:47 2019 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Fri Jul 19 14:22:47 2019 ROUTE_GATEWAY 192.168.1.254/255.255.255.0 IFACE=eno1 HWADDR=70:85:c2:73:0b:79
Fri Jul 19 14:22:47 2019 TUN/TAP device tun0 opened
Fri Jul 19 14:22:47 2019 TUN/TAP TX queue length set to 100
Fri Jul 19 14:22:47 2019 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Fri Jul 19 14:22:47 2019 /bin/ifconfig tun0 172.20.20.6 pointopoint 172.20.20.5 mtu 1500
Fri Jul 19 14:22:50 2019 /bin/route add -net 192.168.232.0 netmask 255.255.252.0 gw 172.20.20.5
Fri Jul 19 14:22:50 2019 /bin/route add -net 192.168.233.0 netmask 255.255.252.0 gw 172.20.20.5
route: netmask doesn't match route address
Usage: inet_route [-vF] del {-host|-net} Target[/prefix] [gw Gw] [metric M] [[dev] If]
       inet_route [-vF] add {-host|-net} Target[/prefix] [gw Gw] [metric M]
                              [netmask N] [mss Mss] [window W] [irtt I]
                              [mod] [dyn] [reinstate] [[dev] If]
       inet_route [-vF] add {-host|-net} Target[/prefix] [metric M] reject
       inet_route [-FC] flush      NOT supported
Fri Jul 19 14:22:50 2019 ERROR: Linux route add command failed: external program exited with error status: 3
Fri Jul 19 14:22:50 2019 /bin/route add -net 192.168.236.0 netmask 255.255.252.0 gw 172.20.20.5
Fri Jul 19 14:22:50 2019 /bin/route add -net 172.20.20.1 netmask 255.255.255.255 gw 172.20.20.5
Fri Jul 19 14:22:50 2019 Initialization Sequence Completed
Fri Jul 19 14:22:53 2019 Connection reset, restarting [0]
Fri Jul 19 14:22:53 2019 SIGUSR1[soft,connection-reset] received, process restarting
Fri Jul 19 14:22:53 2019 Restart pause, 5 second(s)
Fri Jul 19 14:22:58 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]192.162.88.135:443
Fri Jul 19 14:22:58 2019 Socket Buffers: R=[131072->131072] S=[16384->16384]
Fri Jul 19 14:22:58 2019 Attempting to establish TCP connection with [AF_INET]192.162.88.135:443 [nonblock]
Fri Jul 19 14:22:59 2019 TCP connection established with [AF_INET]192.162.88.135:443
Fri Jul 19 14:22:59 2019 TCP_CLIENT link local: (not bound)
Fri Jul 19 14:22:59 2019 TCP_CLIENT link remote: [AF_INET]192.162.88.135:443
Fri Jul 19 14:22:59 2019 TLS: Initial packet from [AF_INET]192.162.88.135:443, sid=c7d1c7c1 28c16a73
Fri Jul 19 14:22:59 2019 VERIFY OK: depth=1, CN=vpn-ext.gardatech.ru
Fri Jul 19 14:22:59 2019 VERIFY KU OK
Fri Jul 19 14:22:59 2019 Validating certificate extended key usage
Fri Jul 19 14:22:59 2019 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Fri Jul 19 14:22:59 2019 VERIFY EKU OK
Fri Jul 19 14:22:59 2019 VERIFY OK: depth=0, CN=server
Fri Jul 19 14:22:59 2019 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Fri Jul 19 14:22:59 2019 [server] Peer Connection Initiated with [AF_INET]192.162.88.135:443
Fri Jul 19 14:23:00 2019 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Fri Jul 19 14:23:00 2019 PUSH: Received control message: 'PUSH_REPLY,route 192.168.232.0 255.255.252.0,route 192.168.233.0 255.255.252.0,route 192.168.236.0 255.255.252.0,dhcp-option DOMAIN garda.local,dhcp-option DNS 192.168.232.8,route 172.20.20.1,topology net30,ping 10,ping-restart 120,ifconfig 172.20.20.6 172.20.20.5,peer-id 0,cipher AES-256-GCM'
Fri Jul 19 14:23:00 2019 OPTIONS IMPORT: timers and/or timeouts modified
Fri Jul 19 14:23:00 2019 OPTIONS IMPORT: --ifconfig/up options modified
Fri Jul 19 14:23:00 2019 OPTIONS IMPORT: route options modified
Fri Jul 19 14:23:00 2019 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Fri Jul 19 14:23:00 2019 OPTIONS IMPORT: peer-id set
Fri Jul 19 14:23:00 2019 OPTIONS IMPORT: adjusting link_mtu to 1627
Fri Jul 19 14:23:00 2019 OPTIONS IMPORT: data channel crypto options modified
Fri Jul 19 14:23:00 2019 Data Channel: using negotiated cipher 'AES-256-GCM'
Fri Jul 19 14:23:00 2019 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Fri Jul 19 14:23:00 2019 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Fri Jul 19 14:23:00 2019 Preserving previous TUN/TAP instance: tun0
Fri Jul 19 14:23:00 2019 Initialization Sequence Completed
Fri Jul 19 14:23:06 2019 Connection reset, restarting [0]
Fri Jul 19 14:23:06 2019 SIGUSR1[soft,connection-reset] received, process restarting
Fri Jul 19 14:23:06 2019 Restart pause, 5 second(s)
Fri Jul 19 14:23:11 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]192.162.88.135:443
Fri Jul 19 14:23:11 2019 Socket Buffers: R=[131072->131072] S=[16384->16384]
Fri Jul 19 14:23:11 2019 Attempting to establish TCP connection with [AF_INET]192.162.88.135:443 [nonblock]
Fri Jul 19 14:23:12 2019 TCP connection established with [AF_INET]192.162.88.135:443
Fri Jul 19 14:23:12 2019 TCP_CLIENT link local: (not bound)
Fri Jul 19 14:23:12 2019 TCP_CLIENT link remote: [AF_INET]192.162.88.135:443
Fri Jul 19 14:23:12 2019 TLS: Initial packet from [AF_INET]192.162.88.135:443, sid=cec1bad1 9bb0e235
Fri Jul 19 14:23:12 2019 VERIFY OK: depth=1, CN=vpn-ext.gardatech.ru
Fri Jul 19 14:23:12 2019 VERIFY KU OK
Fri Jul 19 14:23:12 2019 Validating certificate extended key usage
Fri Jul 19 14:23:12 2019 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Fri Jul 19 14:23:12 2019 VERIFY EKU OK
Fri Jul 19 14:23:12 2019 VERIFY OK: depth=0, CN=server
Fri Jul 19 14:23:12 2019 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Fri Jul 19 14:23:12 2019 [server] Peer Connection Initiated with [AF_INET]192.162.88.135:443
Fri Jul 19 14:23:13 2019 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Fri Jul 19 14:23:13 2019 PUSH: Received control message: 'PUSH_REPLY,route 192.168.232.0 255.255.252.0,route 192.168.233.0 255.255.252.0,route 192.168.236.0 255.255.252.0,dhcp-option DOMAIN garda.local,dhcp-option DNS 192.168.232.8,route 172.20.20.1,topology net30,ping 10,ping-restart 120,ifconfig 172.20.20.6 172.20.20.5,peer-id 0,cipher AES-256-GCM'
Fri Jul 19 14:23:13 2019 OPTIONS IMPORT: timers and/or timeouts modified
Fri Jul 19 14:23:13 2019 OPTIONS IMPORT: --ifconfig/up options modified
Fri Jul 19 14:23:13 2019 OPTIONS IMPORT: route options modified
Fri Jul 19 14:23:13 2019 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Fri Jul 19 14:23:13 2019 OPTIONS IMPORT: peer-id set
Fri Jul 19 14:23:13 2019 OPTIONS IMPORT: adjusting link_mtu to 1627
Fri Jul 19 14:23:13 2019 OPTIONS IMPORT: data channel crypto options modified
Fri Jul 19 14:23:13 2019 Data Channel: using negotiated cipher 'AES-256-GCM'
Fri Jul 19 14:23:13 2019 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Fri Jul 19 14:23:13 2019 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Fri Jul 19 14:23:13 2019 Preserving previous TUN/TAP instance: tun0
Fri Jul 19 14:23:13 2019 Initialization Sequence Completed
Fri Jul 19 14:23:19 2019 Connection reset, restarting [0]
Fri Jul 19 14:23:19 2019 SIGUSR1[soft,connection-reset] received, process restarting
Fri Jul 19 14:23:19 2019 Restart pause, 5 second(s)
Fri Jul 19 14:23:24 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]192.162.88.135:443
Fri Jul 19 14:23:24 2019 Socket Buffers: R=[131072->131072] S=[16384->16384]
Fri Jul 19 14:23:24 2019 Attempting to establish TCP connection with [AF_INET]192.162.88.135:443 [nonblock]
Fri Jul 19 14:23:25 2019 TCP connection established with [AF_INET]192.162.88.135:443
Fri Jul 19 14:23:25 2019 TCP_CLIENT link local: (not bound)
Fri Jul 19 14:23:25 2019 TCP_CLIENT link remote: [AF_INET]192.162.88.135:443
Fri Jul 19 14:23:25 2019 TLS: Initial packet from [AF_INET]192.162.88.135:443, sid=7ef92bc1 0eb87931
Fri Jul 19 14:23:25 2019 VERIFY OK: depth=1, CN=vpn-ext.gardatech.ru
Fri Jul 19 14:23:25 2019 VERIFY KU OK
Fri Jul 19 14:23:25 2019 Validating certificate extended key usage
Fri Jul 19 14:23:25 2019 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Fri Jul 19 14:23:25 2019 VERIFY EKU OK
Fri Jul 19 14:23:25 2019 VERIFY OK: depth=0, CN=server
Fri Jul 19 14:23:25 2019 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Fri Jul 19 14:23:25 2019 [server] Peer Connection Initiated with [AF_INET]192.162.88.135:443
Fri Jul 19 14:23:26 2019 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Fri Jul 19 14:23:27 2019 PUSH: Received control message: 'PUSH_REPLY,route 192.168.232.0 255.255.252.0,route 192.168.233.0 255.255.252.0,route 192.168.236.0 255.255.252.0,dhcp-option DOMAIN garda.local,dhcp-option DNS 192.168.232.8,route 172.20.20.1,topology net30,ping 10,ping-restart 120,ifconfig 172.20.20.6 172.20.20.5,peer-id 0,cipher AES-256-GCM'
Fri Jul 19 14:23:27 2019 OPTIONS IMPORT: timers and/or timeouts modified
Fri Jul 19 14:23:27 2019 OPTIONS IMPORT: --ifconfig/up options modified
Fri Jul 19 14:23:27 2019 OPTIONS IMPORT: route options modified
Fri Jul 19 14:23:27 2019 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Fri Jul 19 14:23:27 2019 OPTIONS IMPORT: peer-id set
Fri Jul 19 14:23:27 2019 OPTIONS IMPORT: adjusting link_mtu to 1627
Fri Jul 19 14:23:27 2019 OPTIONS IMPORT: data channel crypto options modified
Fri Jul 19 14:23:27 2019 Data Channel: using negotiated cipher 'AES-256-GCM'
Fri Jul 19 14:23:27 2019 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Fri Jul 19 14:23:27 2019 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Fri Jul 19 14:23:27 2019 Preserving previous TUN/TAP instance: tun0
Fri Jul 19 14:23:27 2019 Initialization Sequence Completed
Fri Jul 19 14:23:32 2019 Connection reset, restarting [0]
Fri Jul 19 14:23:32 2019 SIGUSR1[soft,connection-reset] received, process restarting
Fri Jul 19 14:23:32 2019 Restart pause, 5 second(s)
Fri Jul 19 14:23:37 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]192.162.88.135:443
Fri Jul 19 14:23:37 2019 Socket Buffers: R=[131072->131072] S=[16384->16384]
Fri Jul 19 14:23:37 2019 Attempting to establish TCP connection with [AF_INET]192.162.88.135:443 [nonblock]
Fri Jul 19 14:23:38 2019 TCP connection established with [AF_INET]192.162.88.135:443
Fri Jul 19 14:23:38 2019 TCP_CLIENT link local: (not bound)
Fri Jul 19 14:23:38 2019 TCP_CLIENT link remote: [AF_INET]192.162.88.135:443
Fri Jul 19 14:23:38 2019 TLS: Initial packet from [AF_INET]192.162.88.135:443, sid=af2e0e08 9a6534b6
Fri Jul 19 14:23:38 2019 VERIFY OK: depth=1, CN=vpn-ext.gardatech.ru
Fri Jul 19 14:23:38 2019 VERIFY KU OK
Fri Jul 19 14:23:38 2019 Validating certificate extended key usage
Fri Jul 19 14:23:38 2019 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Fri Jul 19 14:23:38 2019 VERIFY EKU OK
Fri Jul 19 14:23:38 2019 VERIFY OK: depth=0, CN=server
Fri Jul 19 14:23:38 2019 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Fri Jul 19 14:23:38 2019 [server] Peer Connection Initiated with [AF_INET]192.162.88.135:443
Fri Jul 19 14:23:39 2019 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Fri Jul 19 14:23:39 2019 PUSH: Received control message: 'PUSH_REPLY,route 192.168.232.0 255.255.252.0,route 192.168.233.0 255.255.252.0,route 192.168.236.0 255.255.252.0,dhcp-option DOMAIN garda.local,dhcp-option DNS 192.168.232.8,route 172.20.20.1,topology net30,ping 10,ping-restart 120,ifconfig 172.20.20.6 172.20.20.5,peer-id 0,cipher AES-256-GCM'
Fri Jul 19 14:23:39 2019 OPTIONS IMPORT: timers and/or timeouts modified
Fri Jul 19 14:23:39 2019 OPTIONS IMPORT: --ifconfig/up options modified
Fri Jul 19 14:23:39 2019 OPTIONS IMPORT: route options modified
Fri Jul 19 14:23:39 2019 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Fri Jul 19 14:23:39 2019 OPTIONS IMPORT: peer-id set
Fri Jul 19 14:23:39 2019 OPTIONS IMPORT: adjusting link_mtu to 1627
Fri Jul 19 14:23:39 2019 OPTIONS IMPORT: data channel crypto options modified
Fri Jul 19 14:23:39 2019 Data Channel: using negotiated cipher 'AES-256-GCM'
Fri Jul 19 14:23:39 2019 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Fri Jul 19 14:23:39 2019 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Fri Jul 19 14:23:39 2019 Preserving previous TUN/TAP instance: tun0
Fri Jul 19 14:23:39 2019 Initialization Sequence Completed