Comments (11)
I think I have found the issue to this bug. If this is the same issue, it is related to the fix in commit 004a050
from openvpn3-linux.
Hey, and sorry for the delay. I've been out of office for a bit, so didn't have time to dig into this before now.
The log lines here which looks like is causing this issue is:
[...] net.openvpn.v3.netcfg[927]: Error while executing NetlinkRoute4(add: 1) ens33: -17
[...] net.openvpn.v3.sessions[927]: what(): Failed retrieving property value for 'device_path': The name :1.118 was not provided by any .service files
It would be good to ensure you're running the right versions of all the backend services required in OpenVPN 3 Linux. Can you please provide the output of:
sudo openvpn3-admin version --service
If all services uses the same v7_beta reference, that's a good starting point. Next then is to increase the log level:
sudo openvpn3-admin log-service --log-level 6
and then try again. And when failing, extract the log data like this:
sudo journalctl -u dbus --since today SYSLOG_IDENTIFIER=openvpn3-service-logger
And a final notice, you do not need to sudo
the openvpn2
and openvpn3
calls. OpenVPN 3 Linux allows unprivileged users to start VPN sessions and manager their own sessions. If you want root to be able to manage a session you started as an unprivileged user, have a look at openpvn3 session-acl
(1)
from openvpn3-linux.
I think I have found the issue to this bug. If this is the same issue, it is related to the fix in commit 004a050
@dsommers Wow it works!!
Sorry for delay and thank you so much for your work.
Finally I can connect my company's VPN with my linux laptop!!
from openvpn3-linux.
Good to hear this release works for you!
The v8_beta was released on just a few days ago with this fix, so I consider this issue resolved.
from openvpn3-linux.
Hi @dsommers, also sorry for delay. It was holiday on my country.
Output of sudo openvpn3-admin version --service
:
OpenVPN 3 D-Bus services:
- Client backend starter service
openvpn3-service-backendstart: v7_beta
- Configuration Service
openvpn3-service-configmgr: v7_beta
- Log Service
openvpn3-service-logger: v7_beta
- Network Configuration Service
openvpn3-service-netcfg: v7_beta
- Session Manager Service
openvpn3-service-sessionmgr: v7_beta
And because sudo journalctl -u dbus --since today SYSLOG_IDENTIFIER=openvpn3-service-logger
prints -- No entries --
,
I tried sudo journalctl -u dbus --since today SYSLOG_IDENTIFIER=net.openvpn.v3.log
and it prints
-- Logs begin at Mon 2020-01-20 00:06:04 KST, end at Tue 2020-01-28 23:59:57 KST. --
1월 28 23:45:51 bhyoo-virtual-machine net.openvpn.v3.log[989]: OpenVPN 3/Linux v7_beta (openvpn3-service-logger)
1월 28 23:45:51 bhyoo-virtual-machine net.openvpn.v3.log[989]: OpenVPN core 3.git:HEAD:1668f1cd linux x86_64 64-bit
1월 28 23:45:51 bhyoo-virtual-machine net.openvpn.v3.log[989]: Copyright (C) 2012-2017 OpenVPN Inc. All rights reserved.
1월 28 23:45:51 bhyoo-virtual-machine net.openvpn.v3.log[989]: Idle exit set to 10 minutes
1월 28 23:45:51 bhyoo-virtual-machine net.openvpn.v3.log[12189]: Logger VERB2: Attached: {tag:14774919844982071610} [:1.123/net.openvpn.v3.backends]
1월 28 23:45:52 bhyoo-virtual-machine net.openvpn.v3.log[12189]: Logger VERB2: Attached: {tag:6103691262343558561} [:1.125/net.openvpn.v3.configuration]
1월 28 23:45:53 bhyoo-virtual-machine net.openvpn.v3.log[12189]: Logger VERB2: Attached: {tag:14289632613223472912} [:1.126/net.openvpn.v3.netcfg]
1월 28 23:45:53 bhyoo-virtual-machine net.openvpn.v3.log[12189]: Logger VERB2: Attached: {tag:7660244428571076208} [:1.126/net.openvpn.v3.netcfg.core]
1월 28 23:45:53 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:14289632613223472912} Network Configuration VERB1: Redirect method: host-route
1월 28 23:45:54 bhyoo-virtual-machine net.openvpn.v3.log[12189]: Logger VERB2: Attached: {tag:5893166342581689704} [:1.127/net.openvpn.v3.sessions]
1월 28 23:45:57 bhyoo-virtual-machine net.openvpn.v3.log[12189]: Logger VERB2: Detached: {tag:14774919844982071610} [:1.123/net.openvpn.v3.backends]
1월 28 23:48:53 bhyoo-virtual-machine net.openvpn.v3.log[12189]: Logger VERB1: Log level changed to 6
1월 28 23:50:30 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:6103691262343558561} Config Manager INFO: Parsed single-use configuration 'client.ovpn', owner: root
1월 28 23:50:30 bhyoo-virtual-machine net.openvpn.v3.log[12189]: Logger VERB2: Attached: {tag:15067968577780944010} [:1.144/net.openvpn.v3.backends]
1월 28 23:50:30 bhyoo-virtual-machine net.openvpn.v3.log[12189]: Logger VERB2: Attached: {tag:4518311142645221373} [:1.145/net.openvpn.v3.backends]
1월 28 23:50:30 bhyoo-virtual-machine net.openvpn.v3.log[12189]: Logger VERB2: Attached: {tag:15989938200057676767} [:1.145/net.openvpn.v3.sessions]
1월 28 23:50:30 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:4518311142645221373} Client VERB1: Initializing VPN client session, token 58edd6b0tdae8t4aedtbfc3t5a23fcbf0a57
1월 28 23:50:30 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:4518311142645221373} Backend Session Process VERB2: Backend client process started as pid 19483 daemonized as pid 19484
1월 28 23:50:30 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:4518311142645221373} Backend Session Process DEBUG: BackendClientDBus registered on 'net.openvpn.v3.backends.be19484': /net/openvpn/v3/backends/session
1월 28 23:50:30 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:4518311142645221373} Client DEBUG: Registration confirmation: 58edd6b0tdae8t4aedtbfc3t5a23fcbf0a57 == 58edd6b0tdae8t4aedtbfc3t5a23fcbf0a57 => true
1월 28 23:50:30 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:4518311142645221373} Client VERB2: Retrieving configuration from /net/openvpn/v3/configuration/e26e1866x8eb0x4c39xafd7xe5f6b3bc8916
1월 28 23:50:36 bhyoo-virtual-machine net.openvpn.v3.log[12189]: Logger VERB2: Detached: {tag:15067968577780944010} [:1.144/net.openvpn.v3.backends]
1월 28 23:53:37 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:4518311142645221373} Client INFO: Starting connection
1월 28 23:53:37 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:4518311142645221373} Client VERB1: Username/password provided successfully for 'isac.yoo'
1월 28 23:53:37 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:4518311142645221373} Client DEBUG: OpenVPN core 3.git:HEAD:1668f1cd linux x86_64 64-bit
1월 28 23:53:37 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:4518311142645221373} Client DEBUG: Frame=512/2048/512 mssfix-ctrl=1250
1월 28 23:53:37 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:4518311142645221373} Client DEBUG: UNUSED OPTIONS
4 [nobind]
18 [sndbuf] [0]
19 [rcvbuf] [0]
23 [verb] [3]
1월 28 23:53:37 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:4518311142645221373} Client VERB2: Resolving
1월 28 23:53:37 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:4518311142645221373} Client DEBUG: Contacting 52.68.183.173:1194 via UDP
1월 28 23:53:37 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:4518311142645221373} Client VERB1: Waiting for server response
1월 28 23:53:37 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:14289632613223472912} Network Configuration DEBUG: CreateVirtualInterface('58edd6b0tdae8t4aedtbfc3t5a23fcbf0a57')
1월 28 23:53:37 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:14289632613223472912} Network Configuration VERB2: Network device '58edd6b0tdae8t4aedtbfc3t5a23fcbf0a57' prepared
1월 28 23:53:37 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:14289632613223472912} Network Configuration INFO: Virtual device '58edd6b0tdae8t4aedtbfc3t5a23fcbf0a57' registered on /net/openvpn/v3/netcfg/19484_58edd6b0tdae8t4aedtbfc3t5a23fcbf0a57 (owner uid 122)
1월 28 23:53:37 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:7660244428571076208} Network Configuration DEBUG: [Core] net_route_best_gw query IPv4: 52.68.183.173/32
1월 28 23:53:37 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:7660244428571076208} Network Configuration DEBUG: [Core] sitnl_route_best_gw result: via 192.168.10.2 dev ens33
1월 28 23:53:37 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:7660244428571076208} Network Configuration DEBUG: [Core] net_route_add: 52.68.183.173/32 via 192.168.10.2 dev ens33 table 0 metric 0
1월 28 23:53:37 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:14289632613223472912} Network Configuration INFO: Add bypass route to 52.68.183.173 ipv6: no
1월 28 23:53:37 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:4518311142645221373} Client DEBUG: Connecting to [52.68.183.173]:1194 (52.68.183.173) via UDPv4
1월 28 23:53:37 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:4518311142645221373} Client INFO: Connecting
1월 28 23:53:37 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:4518311142645221373} Client DEBUG: Tunnel Options:V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-client
1월 28 23:53:37 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:4518311142645221373} Client DEBUG: Creds: Username/Password
1월 28 23:53:37 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:4518311142645221373} Client DEBUG: Peer Info:
IV_VER=3.git:HEAD:1668f1cd
IV_PLAT=linux
IV_NCP=2
IV_TCPNL=1
IV_PROTO=2
IV_LZO_STUB=1
IV_COMP_STUB=1
IV_COMP_STUBv2=1
IV_GUI_VER=OpenVPN 3/Linux v7_beta/3.git:HEAD:1668f1cd linux x86_64 64-bit
IV_SSL=OpenSSL 1.1.1 11 Sep 2018
1월 28 23:53:37 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:4518311142645221373} Client DEBUG: VERIFY OK: depth=1, /CN=OpenVPN CA
1월 28 23:53:37 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:4518311142645221373} Client DEBUG: VERIFY OK: depth=0, /CN=OpenVPN Server
1월 28 23:53:37 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:4518311142645221373} Client DEBUG: SSL Handshake: CN=OpenVPN Server, TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
1월 28 23:53:37 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:4518311142645221373} Client DEBUG: Session is ACTIVE
1월 28 23:53:37 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:4518311142645221373} Client VERB2: Retrieving configuration from server
1월 28 23:53:37 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:4518311142645221373} Client DEBUG: Sending PUSH_REQUEST to server...
1월 28 23:53:38 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:4518311142645221373} Client DEBUG: Sending PUSH_REQUEST to server...
1월 28 23:53:38 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:4518311142645221373} Client DEBUG: AUTH_FAILED
1월 28 23:53:38 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:4518311142645221373} Client DEBUG: DYNAMIC_CHALLENGE: |CRV1:R,E:NK4+GZSqQCQmjAXax9Ul0HyPx81Qu1iu:aXNhYy55b28=:Enter Google Authenticator Code|
1월 28 23:54:52 bhyoo-virtual-machine net.openvpn.v3.log[12189]: Logger VERB2: Detached: {tag:6103691262343558561} [:1.125/net.openvpn.v3.configuration]
from openvpn3-linux.
1월 28 23:53:38 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:4518311142645221373} Client DEBUG: DYNAMIC_CHALLENGE: |CRV1:R,E:NK4+GZSqQCQmjAXax9Ul0HyPx81Qu1iu:aXNhYy55b28=:Enter Google Authenticator Code|
This looks like your server requires 2FA, which I think this client does not support yet.
from openvpn3-linux.
1월 28 23:53:38 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:4518311142645221373} Client DEBUG: DYNAMIC_CHALLENGE: |CRV1:R,E:NK4+GZSqQCQmjAXax9Ul0HyPx81Qu1iu:aXNhYy55b28=:Enter Google Authenticator Code|
This looks like your server requires 2FA, which I think this client does not support yet.
@schwabe If 2FA doesn't work, it's a regression. I'll retest this with my test server. But that should work.
@isac322 From the log entries you reported now (good job finding the other SYSLOG_IDENTIFIER
), it looks like everything is connecting as it should - and it is now the server rejecting the connection. The initial log had some more critical issues where one of the backend services (openvpn3-service-*
processes), so unless that appears again - then I have a hunch it was some old versions of one or more of the openvpn3 services running - but you probably rebooted since last time, so that environment is long gone. By the way, is it an Access Server you are trying to connect to?
from openvpn3-linux.
@dsommers When I set SYSLOG_IDENTIFIER
to net.openvpn.v3.sessions
, it still prints:
1월 28 23:45:54 bhyoo-virtual-machine net.openvpn.v3.sessions[989]: OpenVPN 3/Linux v7_beta (openvpn3-service-sessionmgr)
1월 28 23:45:54 bhyoo-virtual-machine net.openvpn.v3.sessions[989]: OpenVPN core 3.git:HEAD:1668f1cd linux x86_64 64-bit
1월 28 23:45:54 bhyoo-virtual-machine net.openvpn.v3.sessions[989]: Copyright (C) 2012-2017 OpenVPN Inc. All rights reserved.
1월 28 23:53:43 bhyoo-virtual-machine net.openvpn.v3.sessions[989]: terminate called after throwing an instance of 'openvpn::DBusException'
1월 28 23:53:43 bhyoo-virtual-machine net.openvpn.v3.sessions[989]: what(): Failed retrieving property value for 'device_path': The name :1.145 was not provided by any .service files
(FYI. as you can see in timestamp, it is related with the last log that I post, not a separated one)
Because I paused the VM after the first issue instead of reboot, I guess the environment still exists and let me know if you need those.
Yeap I'm trying to connect Access Server and its version is 2.6.1.
I guess this is full log of openvpn3 session-start --config client.ovpn
1월 29 21:14:29 bhyoo-virtual-machine dbus-daemon[989]: [system] Activating service name='net.openvpn.v3.configuration' requested by ':1.215' (uid=1000 pid=24013 comm="openvpn3 session-start --config client.ovpn " label="unconfined") (using servicehelper)
1월 29 21:14:29 bhyoo-virtual-machine net.openvpn.v3.configuration[989]: OpenVPN 3/Linux v7_beta (openvpn3-service-configmgr)
1월 29 21:14:29 bhyoo-virtual-machine net.openvpn.v3.configuration[989]: OpenVPN core 3.git:HEAD:1668f1cd linux x86_64 64-bit
1월 29 21:14:29 bhyoo-virtual-machine net.openvpn.v3.configuration[989]: Copyright (C) 2012-2017 OpenVPN Inc. All rights reserved.
1월 29 21:14:29 bhyoo-virtual-machine net.openvpn.v3.log[12189]: Logger VERB2: Attached: {tag:10038039409484995346} [:1.216/net.openvpn.v3.configuration]
1월 29 21:14:29 bhyoo-virtual-machine dbus-daemon[989]: [system] Successfully activated service 'net.openvpn.v3.configuration'
1월 29 21:14:30 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:10038039409484995346} Config Manager INFO: Parsed single-use configuration 'client.ovpn', owner: bhyoo
1월 29 21:14:30 bhyoo-virtual-machine dbus-daemon[989]: [system] Activating service name='net.openvpn.v3.backends' requested by ':1.207' (uid=122 pid=23015 comm="/usr/lib/x86_64-linux-gnu/openvpn3-linux/openvpn3-" label="unconfined") (using servicehelper)
1월 29 21:14:30 bhyoo-virtual-machine net.openvpn.v3.backends[989]: OpenVPN 3/Linux v7_beta (openvpn3-service-backendstart)
1월 29 21:14:30 bhyoo-virtual-machine net.openvpn.v3.backends[989]: OpenVPN core 3.git:HEAD:1668f1cd linux x86_64 64-bit
1월 29 21:14:30 bhyoo-virtual-machine net.openvpn.v3.backends[989]: Copyright (C) 2012-2017 OpenVPN Inc. All rights reserved.
1월 29 21:14:30 bhyoo-virtual-machine net.openvpn.v3.log[12189]: Logger VERB2: Attached: {tag:13500574870050280773} [:1.217/net.openvpn.v3.backends]
1월 29 21:14:30 bhyoo-virtual-machine dbus-daemon[989]: [system] Successfully activated service 'net.openvpn.v3.backends'
1월 29 21:14:30 bhyoo-virtual-machine net.openvpn.v3.backends[989]: Re-initiated process from pid 24026 to backend process pid 24027
1월 29 21:14:30 bhyoo-virtual-machine net.openvpn.v3.backends[989]: OpenVPN 3/Linux v7_beta (openvpn3-service-client)
1월 29 21:14:30 bhyoo-virtual-machine net.openvpn.v3.backends[989]: OpenVPN core 3.git:HEAD:1668f1cd linux x86_64 64-bit
1월 29 21:14:30 bhyoo-virtual-machine net.openvpn.v3.backends[989]: Copyright (C) 2012-2017 OpenVPN Inc. All rights reserved.
1월 29 21:14:30 bhyoo-virtual-machine net.openvpn.v3.log[12189]: Logger VERB2: Attached: {tag:8869862730241784378} [:1.218/net.openvpn.v3.backends]
1월 29 21:14:30 bhyoo-virtual-machine net.openvpn.v3.log[12189]: Logger VERB2: Attached: {tag:17348333048130766432} [:1.218/net.openvpn.v3.sessions]
1월 29 21:14:30 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:8869862730241784378} Client VERB1: Initializing VPN client session, token 89baf630tc22at426dta617t05695ee5f257
1월 29 21:14:30 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:8869862730241784378} Backend Session Process VERB2: Backend client process started as pid 24026 daemonized as pid 24027
1월 29 21:14:30 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:8869862730241784378} Backend Session Process DEBUG: BackendClientDBus registered on 'net.openvpn.v3.backends.be24027': /net/openvpn/v3/backends/session
1월 29 21:14:30 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:8869862730241784378} Client DEBUG: Registration confirmation: 89baf630tc22at426dta617t05695ee5f257 == 89baf630tc22at426dta617t05695ee5f257 => true
1월 29 21:14:30 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:8869862730241784378} Client VERB2: Retrieving configuration from /net/openvpn/v3/configuration/fecfd7bdx6d7dx4f81xb722xca867324580a
1월 29 21:14:31 bhyoo-virtual-machine openvpn3-servic[24027]: g_object_unref: assertion 'G_IS_OBJECT (object)' failed
1월 29 21:14:31 bhyoo-virtual-machine dbus-daemon[989]: [system] Rejected send message, 0 matched rules; type="method_return", sender=":1.218" (uid=122 pid=24027 comm="/usr/lib/x86_64-linux-gnu/openvpn3-linux/openvpn3-" label="unconfined") interface="(unset)" member="(unset)" error name="(unset)" requested_reply="0" destination=":1.207" (uid=122 pid=23015 comm="/usr/lib/x86_64-linux-gnu/openvpn3-linux/openvpn3-" label="unconfined")
1월 29 21:14:33 bhyoo-virtual-machine openvpn3-servic[24027]: g_object_unref: assertion 'G_IS_OBJECT (object)' failed
1월 29 21:14:33 bhyoo-virtual-machine dbus-daemon[989]: [system] Rejected send message, 0 matched rules; type="method_return", sender=":1.218" (uid=122 pid=24027 comm="/usr/lib/x86_64-linux-gnu/openvpn3-linux/openvpn3-" label="unconfined") interface="(unset)" member="(unset)" error name="(unset)" requested_reply="0" destination=":1.207" (uid=122 pid=23015 comm="/usr/lib/x86_64-linux-gnu/openvpn3-linux/openvpn3-" label="unconfined")
1월 29 21:14:36 bhyoo-virtual-machine net.openvpn.v3.log[12189]: Logger VERB2: Detached: {tag:13500574870050280773} [:1.217/net.openvpn.v3.backends]
1월 29 21:14:40 bhyoo-virtual-machine openvpn3-servic[24027]: g_object_unref: assertion 'G_IS_OBJECT (object)' failed
1월 29 21:14:40 bhyoo-virtual-machine dbus-daemon[989]: [system] Rejected send message, 0 matched rules; type="method_return", sender=":1.218" (uid=122 pid=24027 comm="/usr/lib/x86_64-linux-gnu/openvpn3-linux/openvpn3-" label="unconfined") interface="(unset)" member="(unset)" error name="(unset)" requested_reply="0" destination=":1.207" (uid=122 pid=23015 comm="/usr/lib/x86_64-linux-gnu/openvpn3-linux/openvpn3-" label="unconfined")
1월 29 21:14:40 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:8869862730241784378} Client INFO: Starting connection
1월 29 21:14:40 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:8869862730241784378} Client VERB1: Username/password provided successfully for 'isac.yoo'
1월 29 21:14:40 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:8869862730241784378} Client DEBUG: OpenVPN core 3.git:HEAD:1668f1cd linux x86_64 64-bit
1월 29 21:14:40 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:8869862730241784378} Client DEBUG: Frame=512/2048/512 mssfix-ctrl=1250
1월 29 21:14:40 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:8869862730241784378} Client DEBUG: UNUSED OPTIONS
4 [nobind]
18 [sndbuf] [0]
19 [rcvbuf] [0]
23 [verb] [3]
1월 29 21:14:40 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:8869862730241784378} Client VERB2: Resolving
1월 29 21:14:40 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:8869862730241784378} Client DEBUG: Contacting 52.68.183.173:1194 via UDP
1월 29 21:14:40 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:8869862730241784378} Client VERB1: Waiting for server response
1월 29 21:14:40 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:14289632613223472912} Network Configuration DEBUG: CreateVirtualInterface('89baf630tc22at426dta617t05695ee5f257')
1월 29 21:14:40 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:14289632613223472912} Network Configuration VERB2: Network device '89baf630tc22at426dta617t05695ee5f257' prepared
1월 29 21:14:40 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:14289632613223472912} Network Configuration INFO: Virtual device '89baf630tc22at426dta617t05695ee5f257' registered on /net/openvpn/v3/netcfg/24027_89baf630tc22at426dta617t05695ee5f257 (owner uid 122)
1월 29 21:14:40 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:7660244428571076208} Network Configuration DEBUG: [Core] net_route_best_gw query IPv4: 52.68.183.173/32
1월 29 21:14:40 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:7660244428571076208} Network Configuration DEBUG: [Core] sitnl_route_best_gw result: via 192.168.10.2 dev ens33
1월 29 21:14:40 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:7660244428571076208} Network Configuration DEBUG: [Core] net_route_add: 52.68.183.173/32 via 192.168.10.2 dev ens33 table 0 metric 0
1월 29 21:14:40 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:14289632613223472912} Network Configuration INFO: Add bypass route to 52.68.183.173 ipv6: no
1월 29 21:14:40 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:8869862730241784378} Client DEBUG: Connecting to [52.68.183.173]:1194 (52.68.183.173) via UDPv4
1월 29 21:14:40 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:8869862730241784378} Client INFO: Connecting
1월 29 21:14:40 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:8869862730241784378} Client DEBUG: Tunnel Options:V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-client
1월 29 21:14:40 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:8869862730241784378} Client DEBUG: Creds: Username/Password
1월 29 21:14:40 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:8869862730241784378} Client DEBUG: Peer Info:
IV_VER=3.git:HEAD:1668f1cd
IV_PLAT=linux
IV_NCP=2
IV_TCPNL=1
IV_PROTO=2
IV_LZO_STUB=1
IV_COMP_STUB=1
IV_COMP_STUBv2=1
IV_GUI_VER=OpenVPN 3/Linux v7_beta/3.git:HEAD:1668f1cd linux x86_64 64-bit
IV_SSL=OpenSSL 1.1.1 11 Sep 2018
1월 29 21:14:40 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:8869862730241784378} Client DEBUG: VERIFY OK: depth=1, /CN=OpenVPN CA
1월 29 21:14:40 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:8869862730241784378} Client DEBUG: VERIFY OK: depth=0, /CN=OpenVPN Server
1월 29 21:14:40 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:8869862730241784378} Client DEBUG: SSL Handshake: CN=OpenVPN Server, TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
1월 29 21:14:40 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:8869862730241784378} Client DEBUG: Session is ACTIVE
1월 29 21:14:40 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:8869862730241784378} Client VERB2: Retrieving configuration from server
1월 29 21:14:40 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:8869862730241784378} Client DEBUG: Sending PUSH_REQUEST to server...
1월 29 21:14:41 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:8869862730241784378} Client DEBUG: Sending PUSH_REQUEST to server...
1월 29 21:14:41 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:8869862730241784378} Client DEBUG: AUTH_FAILED
1월 29 21:14:41 bhyoo-virtual-machine net.openvpn.v3.log[12189]: {tag:8869862730241784378} Client DEBUG: DYNAMIC_CHALLENGE: |CRV1:R,E:HrZgBYQ6S/0/HASPXyNKeI6PahHmdJBM:aXNhYy55b28=:Enter Google Authenticator Code|
1월 29 21:14:41 bhyoo-virtual-machine openvpn3-servic[24027]: g_object_unref: assertion 'G_IS_OBJECT (object)' failed
1월 29 21:14:41 bhyoo-virtual-machine dbus-daemon[989]: [system] Rejected send message, 0 matched rules; type="method_return", sender=":1.218" (uid=122 pid=24027 comm="/usr/lib/x86_64-linux-gnu/openvpn3-linux/openvpn3-" label="unconfined") interface="(unset)" member="(unset)" error name="(unset)" requested_reply="0" destination=":1.207" (uid=122 pid=23015 comm="/usr/lib/x86_64-linux-gnu/openvpn3-linux/openvpn3-" label="unconfined")
1월 29 21:14:47 bhyoo-virtual-machine openvpn3-servic[24027]: g_object_unref: assertion 'G_IS_OBJECT (object)' failed
1월 29 21:14:47 bhyoo-virtual-machine dbus-daemon[989]: [system] Rejected send message, 0 matched rules; type="method_return", sender=":1.218" (uid=122 pid=24027 comm="/usr/lib/x86_64-linux-gnu/openvpn3-linux/openvpn3-" label="unconfined") interface="(unset)" member="(unset)" error name="(unset)" requested_reply="0" destination=":1.207" (uid=122 pid=23015 comm="/usr/lib/x86_64-linux-gnu/openvpn3-linux/openvpn3-" label="unconfined")
1월 29 21:14:47 bhyoo-virtual-machine kernel: openvpn3-servic[24027]: segfault at 18 ip 0000559ddc3fe81b sp 00007ffee4a1f6a0 error 4 in openvpn3-service-client[559ddc3bf000+147000]
1월 29 21:14:47 bhyoo-virtual-machine kernel: Code: 48 8b 7d 00 48 85 ff 74 0f 48 89 44 24 08 e8 8c 50 ff ff 48 8b 44 24 08 48 89 45 00 48 89 45 08 48 05 40 02 00 00 48 89 45 10 <48> 8b 43 18 0f b6 90 e9 03 00 00 84 d2 74 76 4c 8b a8 c8 01 00 00
1월 29 21:14:47 bhyoo-virtual-machine net.openvpn.v3.sessions[989]: terminate called after throwing an instance of 'openvpn::DBusException'
1월 29 21:14:47 bhyoo-virtual-machine net.openvpn.v3.sessions[989]: what(): Failed retrieving property value for 'device_path': The name :1.218 was not provided by any .service files
from openvpn3-linux.
Can you, please, also provide the logs for SYSLOG_IDENTIFIER=net.openvpn.v3.netcfg
?
from openvpn3-linux.
Sure!
1월 28 23:45:53 bhyoo-virtual-machine net.openvpn.v3.netcfg[989]: OpenVPN 3/Linux v7_beta (openvpn3-service-netcfg)
1월 28 23:45:53 bhyoo-virtual-machine net.openvpn.v3.netcfg[989]: OpenVPN core 3.git:HEAD:1668f1cd linux x86_64 64-bit
1월 28 23:45:53 bhyoo-virtual-machine net.openvpn.v3.netcfg[989]: Copyright (C) 2012-2017 OpenVPN Inc. All rights reserved.
1월 29 21:05:52 bhyoo-virtual-machine net.openvpn.v3.netcfg[989]: Error while executing NetlinkRoute4(add: 1) ens33: -17
from openvpn3-linux.
Thanks, even though this process looks tedious, it gives information about these lines from our initial log:
1월 20 00:23:21 bhyoo-virtual-machine dbus-daemon[927]: [system] Rejected send message, 0 matched rules; type="method_return", sender=":1.118" (uid=122 pid=5818 comm="/usr/lib/x86_64-linux-gnu/openvpn3-linux/op
1월 20 00:23:26 bhyoo-virtual-machine net.openvpn.v3.log[4958]: Logger VERB2: Detached: {tag:3185898936652274477} [:1.117/net.openvpn.v3.backends]
1월 20 00:23:27 bhyoo-virtual-machine openvpn3-servic[5818]: g_object_unref: assertion 'G_IS_OBJECT (object)' failed
1월 20 00:23:27 bhyoo-virtual-machine dbus-daemon[927]: [system] Rejected send message, 0 matched rules; type="method_return", sender=":1.118" (uid=122 pid=5818 comm="/usr/lib/x86_64-linux-gnu/openvpn3-linux/op
1월 20 00:23:32 bhyoo-virtual-machine openvpn3-servic[5818]: g_object_unref: assertion 'G_IS_OBJECT (object)' failed
1월 20 00:23:32 bhyoo-virtual-machine dbus-daemon[927]: [system] Rejected send message, 0 matched rules; type="method_return", sender=":1.118" (uid=122 pid=5818 comm="/usr/lib/x86_64-linux-gnu/openvpn3-linux/op
I am now fairly confident these comes from the openvpn3-service-client
process, and this is the most tricky part to get a core dump out of. And I believe this process crashes/dies; due to this error by the session manager:
Failed retrieving property value for 'device_path': The name :1.145 was not provided by any .service files
To get further, without fighting whatever coredump setup you have on your Linux distro ... lets start this process step by step via Python. This will be a "quick debugging with GDB crash course". First, ensure you have gdb installed on your system, then import the VPN configuration profile into the configuration manager unless you have done so already:
$ openvpn3 config-import --config client.ovpn
Since you connect against an Access Server, you can also do it this way:
$ openvpn3-as https://as.example.com/
where the https://as.example.com/
is the proper URL to your Access Server.
To see already imported configuration profiles, use openvpn3 configs-list
This returns a Configuration path
which we will use next. The Python script below is needed:
import dbus
import sys
import time
import getpass
if len(sys.argv) != 2:
print "Usage: %s <config path>" % (sys.argv[0])
sys.exit(1);
configpath = sys.argv[1]
# Get a connection to the system bus
bus = dbus.SystemBus()
# Retrieve the main session manager object
manager_object = bus.get_object('net.openvpn.v3.sessions',
'/net/openvpn/v3/sessions')
# Retireve access to the proper interface in the object
sessions_interface = dbus.Interface(manager_object,
dbus_interface='net.openvpn.v3.sessions')
# Start a new tunnel session
session_path = sessions_interface.NewTunnel(dbus.ObjectPath(configpath))
print("Session path: " + session_path)
time.sleep(1.2)
session_obj = bus.get_object('net.openvpn.v3.sessions', session_path);
sessinterface = dbus.Interface(session_obj, dbus_interface='net.openvpn.v3.sessions')
done = False
while not done:
try:
sessinterface.Ready()
try:
input("Press enter to call Connect() ...")
except:
pass
sessinterface.Connect()
time.sleep(5)
try:
input("Press enter to call Ready() ...")
except:
pass
sessinterface.Ready()
try:
input("Press enter to call Disconnect() ...")
except:
pass
sessinterface.Disconnect()
done = True
except dbus.exceptions.DBusException, excep:
if str(excep).find(' Missing user credentials') > 0:
print("Credentials needed")
for qgrp in (1,3):
for id in sessinterface.UserInputQueueCheck(1, qgrp):
uiq = sessinterface.UserInputQueueFetch(1, qgrp, id)
if uiq[5] == False:
response = raw_input(uiq[4] + ": ")
else:
response = getpass.getpass(uiq[4] + ": ")
sessinterface.UserInputProvide(1, qgrp, id, response)
else:
print excep
done = True
Start this script like this: $ python3 debug-vpn.py /net/openvpn/v3/configuration/.......
The line above is the line where you use the configuration path from the openvpn3 config-import
.
When this script starts, you will see something like this:
Session path: /net/openvpn/v3/sessions/3869ec90s37cbs49aasb5fbsd47c036f11e3
Press enter to call Connect() ...
Do not "press enter" just yet. Run the openvpn3 sessions-list
command, where you will see a PID value. Use this one and attach GDB to it. If the sessions-list says your session runs with PID: 1234
, then your command line will be gdb --pid 1234
. The gdb
command needs to be run as root.
Once gdb has started, type cont
and hit enter in the gdb window. Now you can hit enter in the the window of the Python script, which will take it one step further. You will probably need to enter your user credentials and hit enter a few more times before you see the crash in the GDB window.
When the a crash (segfault, abort, etc) happens in the GDB window, you will ge the gdb prompt. Now type: thread apply all bt
(hit enter until you're back to the gdb command prompt) and please provide the output from gdb. This will help me understand where and hopefully why openvpn3-service-client
crashed.
from openvpn3-linux.
Related Issues (20)
- TLS Error with openvpn3 HOT 14
- Route metrics HOT 2
- non-interactive auth-user-pass mode with dummy data HOT 6
- ** ERROR ** Configuration profile name "CloudConnexa" already exists HOT 9
- StatusManagerEvent signal is sent before backend client service is ready HOT 14
- Provided script for connector installation failed HOT 1
- OpenVPN3 v21, U 23.10 and CloudConnexa DIVE HOT 1
- Failed to start session with CloudConnexa on Fedora Linux HOT 3
- D-Bus API: requests for improvements HOT 2
- OpenVPN3 doesn't set back previous DNS after disconnect using systemd-resolved in stub mode HOT 1
- Support Synology DSM? HOT 2
- Can't access sites via domain only via ip
- <connection> profiles are non-functional + unkown/unsupported option details are lacking HOT 11
- Error after ArchLinux upgrade HOT 1
- Add support for resolvconf interface HOT 1
- Support for ubuntu 24.04 HOT 6
- How to check the encryption protocol used when connecting to openvpn HOT 1
- openvpn3 config-import --persistent doesn't persist over reboot HOT 12
- Can't install openvpn3 (Fedora 37) HOT 2
- openvpn3 session-start using config file fails to start on first attempt, works on second attempt HOT 7
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from openvpn3-linux.