Hello everybody, I want to connect to a openvpn client with a .ovpn profile as follows:
I get the following messages and everything seems fine but openvpn does not work and I can't open the websites blocked by the government (There is no problem in android):
What do you suggest? Thanks.
sudo openvpn ~/Downloads/openvpn_servers.ovpn
I get the following messages and everything seems fine but openvpn does not work and I can't open the websites blocked by the government (There is no problem in android):
Code:
2023-03-12 18:14:34 Unrecognized option or missing or extra parameter(s) in /home/hbsd/Downloads/openvpn_servers.ovpn:14: block-outside-dns (2.6_rc2)
2023-03-12 18:14:34 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305). OpenVPN ignores --cipher for cipher negotiations.
2023-03-12 18:14:34 OpenVPN 2.6_rc2 [git:480ad2a84e2983e8a1b61d537cf82da5c5141853] amd64-portbld-freebsd13.1 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Feb 20 2023
2023-03-12 18:14:34 library versions: OpenSSL 1.1.1o-freebsd 3 May 2022, LZO 2.10
Enter Auth Username:myusername
Enter Auth Password:
2023-03-12 18:14:55 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
2023-03-12 18:14:55 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
2023-03-12 18:14:55 TCP/UDP: Preserving recently used remote address: [AF_INET]185.97.117.224:80
2023-03-12 18:14:55 Socket Buffers: R=[65536->65536] S=[32768->32768]
2023-03-12 18:14:55 Attempting to establish TCP connection with [AF_INET]185.97.117.224:80
2023-03-12 18:14:55 TCP connection established with [AF_INET]185.97.117.224:80
2023-03-12 18:14:55 TCPv4_CLIENT link local: (not bound)
2023-03-12 18:14:55 TCPv4_CLIENT link remote: [AF_INET]185.97.117.224:80
2023-03-12 18:14:55 TLS: Initial packet from [AF_INET]185.97.117.224:80, sid=076d5e6d eb8688e3
2023-03-12 18:14:55 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2023-03-12 18:14:55 VERIFY OK: depth=1, CN=ChangeMe
2023-03-12 18:14:55 VERIFY KU OK
2023-03-12 18:14:55 Validating certificate extended key usage
2023-03-12 18:14:55 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2023-03-12 18:14:55 VERIFY EKU OK
2023-03-12 18:14:55 VERIFY OK: depth=0, CN=server
2023-03-12 18:14:56 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, peer certificate: 2048 bit RSA, signature: RSA-SHA256
2023-03-12 18:14:56 [server] Peer Connection Initiated with [AF_INET]185.97.117.224:80
2023-03-12 18:14:56 TLS: move_session: dest=TM_ACTIVE src=TM_INITIAL reinit_src=1
2023-03-12 18:14:56 TLS: tls_multi_process: initial untrusted session promoted to trusted
2023-03-12 18:14:57 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
2023-03-12 18:14:57 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 8.8.8.8,dhcp-option DNS 8.8.4.4,route-gateway 10.8.0.1,topology subnet,ping 10,ping-restart 120,ifconfig 10.8.0.114 255.255.255.0,peer-id 0,cipher AES-256-GCM'
2023-03-12 18:14:57 OPTIONS IMPORT: timers and/or timeouts modified
2023-03-12 18:14:57 OPTIONS IMPORT: --ifconfig/up options modified
2023-03-12 18:14:57 OPTIONS IMPORT: route options modified
2023-03-12 18:14:57 OPTIONS IMPORT: route-related options modified
2023-03-12 18:14:57 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
2023-03-12 18:14:57 OPTIONS IMPORT: peer-id set
2023-03-12 18:14:57 OPTIONS IMPORT: data channel crypto options modified
2023-03-12 18:14:57 ROUTE_GATEWAY 192.168.1.1/255.255.255.0 IFACE=re0 HWADDR=40:8d:5c:a4:33:76
2023-03-12 18:14:57 TUN/TAP device /dev/tun0 opened
2023-03-12 18:14:57 /sbin/ifconfig tun0 10.8.0.114/24 mtu 1500 up
2023-03-12 18:14:57 /sbin/route add -net 185.97.117.224 192.168.1.1 255.255.255.255
add net 185.97.117.224: gateway 192.168.1.1
2023-03-12 18:14:57 /sbin/route add -net 0.0.0.0 10.8.0.1 128.0.0.0
add net 0.0.0.0: gateway 10.8.0.1
2023-03-12 18:14:57 /sbin/route add -net 128.0.0.0 10.8.0.1 128.0.0.0
add net 128.0.0.0: gateway 10.8.0.1
2023-03-12 18:14:57 Data Channel: using negotiated cipher 'AES-256-GCM'
2023-03-12 18:14:57 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2023-03-12 18:14:57 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2023-03-12 18:14:57 Initialization Sequence Completed
What do you suggest? Thanks.