# OpenVPN - very strange problem.



## Chuck (Jun 22, 2014)

I use this script to install OpenVPN on one of my idle VPS server:

https://github.com/Nyr/openvpn-install

Everything was fine. I can access the VPN. When I check the What Is My IP. I can see the VPN IP address.

Here is the problem.

*If I reboot the VPS server*, I can see traffic is still passing through the client IP (very very slow). Client machine doesn't show the VPN IP address even though the OpenVPN GUI shows CONNECTED SUCCESS. Can't access website. Any idea why?

I have tried many times. I also reinstall the OS. Doesn't fix.

VPS Debian 7 64bit.

OpenVPN Windows client run as administrator.


Sun Jun 22 02:21:04 2014 OpenVPN 2.3.4 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on Jun 5 2014
Sun Jun 22 02:21:04 2014 library versions: OpenSSL 1.0.1h 5 Jun 2014, LZO 2.05
Enter Management Password:
Sun Jun 22 02:21:04 2014 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Sun Jun 22 02:21:04 2014 Need hold release from management interface, waiting...
Sun Jun 22 02:21:05 2014 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Sun Jun 22 02:21:05 2014 MANAGEMENT: CMD 'state on'
Sun Jun 22 02:21:05 2014 MANAGEMENT: CMD 'log all on'
Sun Jun 22 02:21:05 2014 MANAGEMENT: CMD 'hold off'
Sun Jun 22 02:21:05 2014 MANAGEMENT: CMD 'hold release'
Sun Jun 22 02:21:12 2014 MANAGEMENT: CMD 'password [...]'
Sun Jun 22 02:21:12 2014 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Sun Jun 22 02:21:12 2014 Socket Buffers: R=[8192->8192] S=[8192->8192]
Sun Jun 22 02:21:12 2014 UDPv4 link local: [undef]
Sun Jun 22 02:21:12 2014 UDPv4 link remote: [AF_INET]167.XX.XX.XX:1194
Sun Jun 22 02:21:12 2014 MANAGEMENT: >STATE:1403428872,WAIT,,,
Sun Jun 22 02:21:12 2014 MANAGEMENT: >STATE:1403428872,AUTH,,,
Sun Jun 22 02:21:12 2014 TLS: Initial packet from [AF_INET]167.XX.XX.XX:1194, sid=a2f29ce1 6ebd4679
Sun Jun 22 02:21:22 2014 VERIFY OK: depth=1, C=US, ST=CA, L=SanFrancisco, O=Fort-Funston, OU=changeme, CN=changeme, name=changeme, [email protected]
Sun Jun 22 02:21:22 2014 VERIFY OK: nsCertType=SERVER
Sun Jun 22 02:21:22 2014 Validating certificate key usage
Sun Jun 22 02:21:22 2014 ++ Certificate has key usage 00a0, expects 00a0
Sun Jun 22 02:21:22 2014 VERIFY KU OK
Sun Jun 22 02:21:22 2014 Validating certificate extended key usage
Sun Jun 22 02:21:22 2014 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Sun Jun 22 02:21:22 2014 VERIFY EKU OK
Sun Jun 22 02:21:22 2014 VERIFY OK: depth=0, C=US, ST=CA, L=SanFrancisco, O=Fort-Funston, OU=changeme, CN=changeme, name=changeme, [email protected]
Sun Jun 22 02:21:29 2014 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sun Jun 22 02:21:29 2014 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sun Jun 22 02:21:29 2014 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sun Jun 22 02:21:29 2014 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sun Jun 22 02:21:29 2014 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Sun Jun 22 02:21:29 2014 [changeme] Peer Connection Initiated with [AF_INET]167.XX.XX.XX:1194
Sun Jun 22 02:21:30 2014 MANAGEMENT: >STATE:1403428890,GET_CONFIG,,,
Sun Jun 22 02:21:31 2014 SENT CONTROL [changeme]: 'PUSH_REQUEST' (status=1)
Sun Jun 22 02:21:31 2014 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 8.8.8.8,dhcp-option DNS 8.8.4.4,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5'
Sun Jun 22 02:21:31 2014 OPTIONS IMPORT: timers and/or timeouts modified
Sun Jun 22 02:21:31 2014 OPTIONS IMPORT: --ifconfig/up options modified
Sun Jun 22 02:21:31 2014 OPTIONS IMPORT: route options modified
Sun Jun 22 02:21:31 2014 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Sun Jun 22 02:21:31 2014 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Sun Jun 22 02:21:31 2014 MANAGEMENT: >STATE:1403428891,ASSIGN_IP,,10.8.0.6,
Sun Jun 22 02:21:31 2014 open_tun, tt->ipv6=0
Sun Jun 22 02:21:31 2014 TAP-WIN32 device [Local Area Connection 3] opened: \\.\Global\{963429AB-77DB-4D6C-B18E-8EE095511B80}.tap
Sun Jun 22 02:21:31 2014 TAP-Windows Driver Version 9.9 
Sun Jun 22 02:21:31 2014 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.8.0.6/255.255.255.252 on interface {963429AB-77DB-4D6C-B18E-8EE095511B80} [DHCP-serv: 10.8.0.5, lease-time: 31536000]
Sun Jun 22 02:21:31 2014 Successful ARP Flush on interface [18] {963429AB-77DB-4D6C-B18E-8EE095511B80}
Sun Jun 22 02:21:36 2014 TEST ROUTES: 2/2 succeeded len=1 ret=1 a=0 u/d=up
Sun Jun 22 02:21:36 2014 C:\Windows\system32\route.exe ADD 167.XX.XX.XX MASK 255.255.255.255 10.0.0.1
Sun Jun 22 02:21:36 2014 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=10 and dwForwardType=4
Sun Jun 22 02:21:36 2014 Route addition via IPAPI succeeded [adaptive]
Sun Jun 22 02:21:36 2014 C:\Windows\system32\route.exe ADD 10.0.0.1 MASK 255.255.255.255 10.0.0.1 IF 14
Sun Jun 22 02:21:36 2014 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=10 and dwForwardType=4
Sun Jun 22 02:21:36 2014 Route addition via IPAPI succeeded [adaptive]
Sun Jun 22 02:21:36 2014 C:\Windows\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.8.0.5
Sun Jun 22 02:21:36 2014 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4
Sun Jun 22 02:21:36 2014 Route addition via IPAPI succeeded [adaptive]
Sun Jun 22 02:21:36 2014 C:\Windows\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 10.8.0.5
Sun Jun 22 02:21:36 2014 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4
Sun Jun 22 02:21:36 2014 Route addition via IPAPI succeeded [adaptive]
Sun Jun 22 02:21:36 2014 MANAGEMENT: >STATE:1403428896,ADD_ROUTES,,,
Sun Jun 22 02:21:36 2014 C:\Windows\system32\route.exe ADD 10.8.0.1 MASK 255.255.255.255 10.8.0.5
Sun Jun 22 02:21:36 2014 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4
Sun Jun 22 02:21:36 2014 Route addition via IPAPI succeeded [adaptive]
Sun Jun 22 02:21:36 2014 Initialization Sequence Completed
Sun Jun 22 02:21:36 2014 MANAGEMENT: >STATE:1403428896,CONNECTED,SUCCESS,10.8.0.6,167.88.47.52
Sun Jun 22 02:23:11 2014 C:\Windows\system32\route.exe DELETE 10.8.0.1 MASK 255.255.255.255 10.8.0.5
Sun Jun 22 02:23:11 2014 Route deletion via IPAPI succeeded [adaptive]
Sun Jun 22 02:23:11 2014 C:\Windows\system32\route.exe DELETE 167.88.47.52 MASK 255.255.255.255 10.0.0.1
Sun Jun 22 02:23:11 2014 Route deletion via IPAPI succeeded [adaptive]
Sun Jun 22 02:23:11 2014 C:\Windows\system32\route.exe DELETE 10.0.0.1 MASK 255.255.255.255 10.0.0.1
Sun Jun 22 02:23:11 2014 Route deletion via IPAPI succeeded [adaptive]
Sun Jun 22 02:23:11 2014 C:\Windows\system32\route.exe DELETE 0.0.0.0 MASK 128.0.0.0 10.8.0.5
Sun Jun 22 02:23:11 2014 Route deletion via IPAPI succeeded [adaptive]
Sun Jun 22 02:23:11 2014 C:\Windows\system32\route.exe DELETE 128.0.0.0 MASK 128.0.0.0 10.8.0.5
Sun Jun 22 02:23:11 2014 Route deletion via IPAPI succeeded [adaptive]
Sun Jun 22 02:23:11 2014 Closing TUN/TAP interface
Sun Jun 22 02:23:11 2014 SIGTERM[hard,] received, process exiting
Sun Jun 22 02:23:11 2014 MANAGEMENT: >STATE:1403428991,EXITING,SIGTERM,,


Please help?


----------



## wlanboy (Jun 22, 2014)

Did you try to restart the client too after you restart the server?


----------



## Chuck (Jun 22, 2014)

wlanboy said:


> Did you try to restart the client too after you restart the server?


Yes, I did.

Like I said, as long as I don't reboot the VPS, I can use the VPN.

If I reboot the VPS, the client machine can't access website & client doesn't show the VPN IP address.


----------



## Cloudrck (Jun 23, 2014)

What virtualization? Have you tried connecting via a Linux client? I have never used VPN on Windows so I can't be of much help.


----------



## Chuck (Jun 23, 2014)

Cloudrck said:


> What virtualization? Have you tried connecting via a Linux client? I have never used VPN on Windows so I can't be of much help.



I'm using VPS from this:

http://cloudatcost.com/


----------



## Chuck (Jun 25, 2014)

I just tested it on my cousin computer. Diff address, Diff Internet service provider.

Same problem:

*If I reboot the VPS server*, I can see traffic is still passing through the client IP (very very slow). Client machine doesn't show the VPN IP address even though the OpenVPN GUI shows CONNECTED SUCCESS. Can't access website.

Wed Jun 25 12:20:19 2014 OpenVPN 2.3.4 x86_64-w64-mingw32 [sSL (OpenSSL)] [LZO] [PKCS11] [iPv6] built on Jun  5 2014
Wed Jun 25 12:20:19 2014 library versions: OpenSSL 1.0.1h 5 Jun 2014, LZO 2.05
Enter Management Password:
Wed Jun 25 12:20:19 2014 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25358
Wed Jun 25 12:20:19 2014 Need hold release from management interface, waiting...
Wed Jun 25 12:20:20 2014 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25358
Wed Jun 25 12:20:20 2014 MANAGEMENT: CMD 'state on'
Wed Jun 25 12:20:20 2014 MANAGEMENT: CMD 'log all on'
Wed Jun 25 12:20:20 2014 MANAGEMENT: CMD 'hold off'
Wed Jun 25 12:20:20 2014 MANAGEMENT: CMD 'hold release'
Wed Jun 25 12:20:24 2014 MANAGEMENT: CMD 'password [...]'
Wed Jun 25 12:20:24 2014 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Wed Jun 25 12:20:24 2014 Socket Buffers: R=[8192->8192] S=[8192->8192]
Wed Jun 25 12:20:24 2014 UDPv4 link local: [undef]
Wed Jun 25 12:20:24 2014 UDPv4 link remote: [AF_INET]167.xx.xx.xx:1194
Wed Jun 25 12:20:24 2014 MANAGEMENT: >STATE:1403724024,WAIT,,,
Wed Jun 25 12:20:24 2014 MANAGEMENT: >STATE:1403724024,AUTH,,,
Wed Jun 25 12:20:24 2014 TLS: Initial packet from [AF_INET]167.xx.xx.xx:1194, sid=a7665e4b eec3b7bc
Wed Jun 25 12:20:25 2014 VERIFY OK: depth=1, C=US, ST=CA, L=SanFrancisco, O=Fort-Funston, OU=changeme, CN=changeme, name=changeme, [email protected]
Wed Jun 25 12:20:25 2014 VERIFY OK: nsCertType=SERVER
Wed Jun 25 12:20:25 2014 Validating certificate key usage
Wed Jun 25 12:20:25 2014 ++ Certificate has key usage  00a0, expects 00a0
Wed Jun 25 12:20:25 2014 VERIFY KU OK
Wed Jun 25 12:20:25 2014 Validating certificate extended key usage
Wed Jun 25 12:20:25 2014 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Wed Jun 25 12:20:25 2014 VERIFY EKU OK
Wed Jun 25 12:20:25 2014 VERIFY OK: depth=0, C=US, ST=CA, L=SanFrancisco, O=Fort-Funston, OU=changeme, CN=changeme, name=changeme, [email protected]
Wed Jun 25 12:20:26 2014 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Jun 25 12:20:26 2014 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Jun 25 12:20:26 2014 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Jun 25 12:20:26 2014 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Jun 25 12:20:26 2014 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Wed Jun 25 12:20:26 2014 [changeme] Peer Connection Initiated with [AF_INET]167.xx.xx.xx:1194
Wed Jun 25 12:20:27 2014 MANAGEMENT: >STATE:1403724027,GET_CONFIG,,,
Wed Jun 25 12:20:29 2014 SENT CONTROL [changeme]: 'PUSH_REQUEST' (status=1)
Wed Jun 25 12:20:29 2014 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 8.8.8.8,dhcp-option DNS 8.8.4.4,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5'
Wed Jun 25 12:20:29 2014 OPTIONS IMPORT: timers and/or timeouts modified
Wed Jun 25 12:20:29 2014 OPTIONS IMPORT: --ifconfig/up options modified
Wed Jun 25 12:20:29 2014 OPTIONS IMPORT: route options modified
Wed Jun 25 12:20:29 2014 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Wed Jun 25 12:20:29 2014 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Wed Jun 25 12:20:29 2014 MANAGEMENT: >STATE:1403724029,ASSIGN_IP,,10.8.0.6,
Wed Jun 25 12:20:29 2014 open_tun, tt->ipv6=0
Wed Jun 25 12:20:29 2014 TAP-WIN32 device [Local Area Connection 2] opened: \\.\Global\{AAF4EB5C-7778-42F7-A002-233852EBA846}.tap
Wed Jun 25 12:20:29 2014 TAP-Windows Driver Version 9.9
Wed Jun 25 12:20:29 2014 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.8.0.6/255.255.255.252 on interface {AAF4EB5C-7778-42F7-A002-233852EBA846} [DHCP-serv: 10.8.0.5, lease-time: 31536000]
Wed Jun 25 12:20:29 2014 Successful ARP Flush on interface [21] {AAF4EB5C-7778-42F7-A002-233852EBA846}
Wed Jun 25 12:20:34 2014 TEST ROUTES: 2/2 succeeded len=1 ret=1 a=0 u/d=up
Wed Jun 25 12:20:34 2014 C:\Windows\system32\route.exe ADD 167.88.47.52 MASK 255.255.255.255 192.168.0.1
Wed Jun 25 12:20:34 2014 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=20 and dwForwardType=4
Wed Jun 25 12:20:34 2014 Route addition via IPAPI succeeded [adaptive]
Wed Jun 25 12:20:34 2014 C:\Windows\system32\route.exe ADD 192.168.0.1 MASK 255.255.255.255 192.168.0.1 IF 11
Wed Jun 25 12:20:34 2014 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=20 and dwForwardType=4
Wed Jun 25 12:20:34 2014 Route addition via IPAPI succeeded [adaptive]
Wed Jun 25 12:20:34 2014 C:\Windows\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.8.0.5
Wed Jun 25 12:20:34 2014 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4
Wed Jun 25 12:20:34 2014 Route addition via IPAPI succeeded [adaptive]
Wed Jun 25 12:20:34 2014 C:\Windows\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 10.8.0.5
Wed Jun 25 12:20:34 2014 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4
Wed Jun 25 12:20:34 2014 Route addition via IPAPI succeeded [adaptive]
Wed Jun 25 12:20:34 2014 MANAGEMENT: >STATE:1403724034,ADD_ROUTES,,,
Wed Jun 25 12:20:34 2014 C:\Windows\system32\route.exe ADD 10.8.0.1 MASK 255.255.255.255 10.8.0.5
Wed Jun 25 12:20:34 2014 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4
Wed Jun 25 12:20:34 2014 Route addition via IPAPI succeeded [adaptive]
Wed Jun 25 12:20:34 2014 Initialization Sequence Completed
Wed Jun 25 12:20:34 2014 MANAGEMENT: >STATE:1403724034,CONNECTED,SUCCESS,10.8.0.6,167.88.47.52
Wed Jun 25 12:21:51 2014 C:\Windows\system32\route.exe DELETE 10.8.0.1 MASK 255.255.255.255 10.8.0.5
Wed Jun 25 12:21:51 2014 Route deletion via IPAPI succeeded [adaptive]
Wed Jun 25 12:21:51 2014 C:\Windows\system32\route.exe DELETE 167.88.47.52 MASK 255.255.255.255 192.168.0.1
Wed Jun 25 12:21:51 2014 Route deletion via IPAPI succeeded [adaptive]
Wed Jun 25 12:21:51 2014 C:\Windows\system32\route.exe DELETE 192.168.0.1 MASK 255.255.255.255 192.168.0.1
Wed Jun 25 12:21:51 2014 Route deletion via IPAPI succeeded [adaptive]
Wed Jun 25 12:21:51 2014 C:\Windows\system32\route.exe DELETE 0.0.0.0 MASK 128.0.0.0 10.8.0.5
Wed Jun 25 12:21:51 2014 Route deletion via IPAPI succeeded [adaptive]
Wed Jun 25 12:21:51 2014 C:\Windows\system32\route.exe DELETE 128.0.0.0 MASK 128.0.0.0 10.8.0.5
Wed Jun 25 12:21:51 2014 Route deletion via IPAPI succeeded [adaptive]
Wed Jun 25 12:21:51 2014 Closing TUN/TAP interface
Wed Jun 25 12:21:51 2014 SIGTERM[hard,] received, process exiting
Wed Jun 25 12:21:51 2014 MANAGEMENT: >STATE:1403724111,EXITING,SIGTERM,,

Windows 7

VPS Debian 7 64bit.


----------

