OpenVPN server na windows 10

Nekoliko dana već pokušavam da napravim OpenVPN server na windows 10 mašini na koju bi se povezivali kljijenti sa windows 7, 10, androida... Želim da server i klijent mogu da se "vide" međusobno sa mogućnošću da mogu da vidim share na server mašini ali a da, kada se konektujem sa klijenta, mogu da pristupam normalno intenetu a da mi bude vidljiva IP adresa servera.

Serverski .ovpn file izgleda ovako:

local 192.168.143.11
port 1194
proto udp4
dev tun
dev-node "server"
ca "C:\\Program Files\\OpenVPN\\config\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\config\\server.crt"
key "C:\\Program Files\\OpenVPN\\config\\server.key"
dh "C:\\Program Files\\OpenVPN\\config\\dh2048.pem"
ifconfig 10.10.10.1 10.10.10.2
server 10.10.10.0 255.255.255.0
topology subnet
push "topology subnet"
dhcp-option DNS 10.10.10.1
route 10.10.10.1 255.255.255.0
push "route 10.10.10.0 255.255.255.0"
push "route 10.10.10.1 255.255.255.0"
push "route 10.10.10.2 255.255.255.0"
push "route 192.168.143.11 255.255.255.0"
push "route 192.168.143.0 255.255.255.0"
# push "dhcp-option DNS 10.10.10.1"
push "dhcp-option DNS 1.1.1.1"
push "dhcp-option DNS 208.67.222.222"
# push "redirect-gateway def1"
push "route-gateway 10.10.10.1"
keepalive 10 120
ifconfig-pool-persist ipp.txt
keepalive 10 120
cipher AES-256-GCM
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 4
tls-auth ta.key 0
status openvpn-status.log 20
log openvpn.log
explicit-exit-notify 1

Klijentski .ovpn ovako:

client
dev tun
proto udp4
# dev-node "leakbusters"
redirect-gateway def1
remote 5.57.x.x 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca "C:\\Program Files\\OpenVPN\\config\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\config\\leakbuster-naissus.crt"
key "C:\\Program Files\\OpenVPN\\config\\leakbuster-naissus.key"
remote-cert-tls server
tls-auth "C:\\Program Files\\OpenVPN\\config\\ta.key"
comp-lzo
key-direction 1
cipher AES-256-GCM
verb 4
key-direction 1
explicit-exit-notify 1

Log sa klijenta:

Mon Aug 13 09:09:06 2018 OpenVPN 2.4.4 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Sep 26 2017
Mon Aug 13 09:09:06 2018 Windows version 6.1 (Windows 7) 64bit
Mon Aug 13 09:09:06 2018 library versions: OpenSSL 1.0.2l 25 May 2017, LZO 2.10
Enter Management Password:
Mon Aug 13 09:09:06 2018 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Mon Aug 13 09:09:06 2018 Need hold release from management interface, waiting...
Mon Aug 13 09:09:06 2018 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Mon Aug 13 09:09:06 2018 MANAGEMENT: CMD 'state on'
Mon Aug 13 09:09:06 2018 MANAGEMENT: CMD 'log all on'
Mon Aug 13 09:09:06 2018 MANAGEMENT: CMD 'echo all on'
Mon Aug 13 09:09:06 2018 MANAGEMENT: CMD 'hold off'
Mon Aug 13 09:09:06 2018 MANAGEMENT: CMD 'hold release'
Mon Aug 13 09:09:07 2018 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Aug 13 09:09:07 2018 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Aug 13 09:09:07 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]5.57.x.x:1194
Mon Aug 13 09:09:07 2018 Socket Buffers: R=[8192->8192] S=[8192->8192]
Mon Aug 13 09:09:07 2018 UDPv4 link local: (not bound)
Mon Aug 13 09:09:07 2018 UDPv4 link remote: [AF_INET]5.57.x.x:1194
Mon Aug 13 09:09:07 2018 MANAGEMENT: >STATE:1534144147,WAIT,,,,,,
Mon Aug 13 09:09:08 2018 MANAGEMENT: >STATE:1534144148,AUTH,,,,,,
Mon Aug 13 09:09:08 2018 TLS: Initial packet from [AF_INET]5.57.x.x:1194, sid=eed0c317 e65f73af
Mon Aug 13 09:09:08 2018 VERIFY OK: depth=1, C=RS, ST=RS, L=Nis, O=Leakbusters, OU=Leakbusters, CN=5.57.x.x, name=Leakbuster, [email protected]
Mon Aug 13 09:09:08 2018 VERIFY KU OK
Mon Aug 13 09:09:08 2018 Validating certificate extended key usage
Mon Aug 13 09:09:08 2018 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Mon Aug 13 09:09:08 2018 VERIFY EKU OK
Mon Aug 13 09:09:08 2018 VERIFY OK: depth=0, C=RS, ST=RS, L=Nis, O=Leakbusters, OU=Leakbusters, CN=Leakbusters, name=Leakbuster, [email protected]
Mon Aug 13 09:09:09 2018 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
Mon Aug 13 09:09:09 2018 [Leakbusters] Peer Connection Initiated with [AF_INET]5.57.x.x:1194
Mon Aug 13 09:09:10 2018 MANAGEMENT: >STATE:1534144150,GET_CONFIG,,,,,,
Mon Aug 13 09:09:10 2018 SENT CONTROL [Leakbusters]: 'PUSH_REQUEST' (status=1)
Mon Aug 13 09:09:10 2018 PUSH: Received control message: 'PUSH_REPLY,topology subnet,route 10.10.10.0 255.255.255.0,route 10.10.10.1 255.255.255.0,route 10.10.10.2 255.255.255.0,route 192.168.143.11 255.255.255.0,route 192.168.143.0 255.255.255.0,dhcp-option DNS 10.10.10.1,route-gateway 10.10.10.1,route-gateway 10.10.10.1,topology subnet,ping 10,ping-restart 120,ifconfig 10.10.10.4 255.255.255.0,peer-id 0,cipher AES-256-GCM'
Mon Aug 13 09:09:10 2018 OPTIONS IMPORT: timers and/or timeouts modified
Mon Aug 13 09:09:10 2018 OPTIONS IMPORT: --ifconfig/up options modified
Mon Aug 13 09:09:10 2018 OPTIONS IMPORT: route options modified
Mon Aug 13 09:09:10 2018 OPTIONS IMPORT: route-related options modified
Mon Aug 13 09:09:10 2018 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Mon Aug 13 09:09:10 2018 OPTIONS IMPORT: peer-id set
Mon Aug 13 09:09:10 2018 OPTIONS IMPORT: adjusting link_mtu to 1625
Mon Aug 13 09:09:10 2018 OPTIONS IMPORT: data channel crypto options modified
Mon Aug 13 09:09:10 2018 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Mon Aug 13 09:09:10 2018 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Mon Aug 13 09:09:10 2018 interactive service msg_channel=464
Mon Aug 13 09:09:10 2018 ROUTE_GATEWAY 192.168.110.254/255.255.255.0 I=29 HWADDR=e8:39:35:54:d6:98
Mon Aug 13 09:09:10 2018 open_tun
Mon Aug 13 09:09:10 2018 TAP-WIN32 device [Local Area Connection] opened: \\.\Global\{5FAFCCB4-03D0-4A10-9169-C4F7932C5471}.tap
Mon Aug 13 09:09:10 2018 TAP-Windows Driver Version 9.21
Mon Aug 13 09:09:10 2018 Set TAP-Windows TUN subnet mode network/local/netmask = 10.10.10.0/10.10.10.4/255.255.255.0 [SUCCEEDED]
Mon Aug 13 09:09:10 2018 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.10.10.4/255.255.255.0 on interface {5FAFCCB4-03D0-4A10-9169-C4F7932C5471} [DHCP-serv: 10.10.10.254, lease-time: 31536000]
Mon Aug 13 09:09:10 2018 Successful ARP Flush on interface [25] {5FAFCCB4-03D0-4A10-9169-C4F7932C5471}
Mon Aug 13 09:09:10 2018 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Mon Aug 13 09:09:10 2018 MANAGEMENT: >STATE:1534144150,ASSIGN_IP,,10.10.10.4,,,,
Mon Aug 13 09:09:15 2018 TEST ROUTES: 6/6 succeeded len=5 ret=1 a=0 u/d=up
Mon Aug 13 09:09:15 2018 C:\Windows\system32\route.exe ADD 5.57.x.x MASK 255.255.255.255 192.168.110.254
Mon Aug 13 09:09:15 2018 Route addition via service succeeded
Mon Aug 13 09:09:15 2018 C:\Windows\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.10.10.1
Mon Aug 13 09:09:15 2018 Route addition via service succeeded
Mon Aug 13 09:09:15 2018 C:\Windows\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 10.10.10.1
Mon Aug 13 09:09:15 2018 Route addition via service succeeded
Mon Aug 13 09:09:15 2018 MANAGEMENT: >STATE:1534144155,ADD_ROUTES,,,,,,
Mon Aug 13 09:09:15 2018 C:\Windows\system32\route.exe ADD 10.10.10.0 MASK 255.255.255.0 10.10.10.1
Mon Aug 13 09:09:15 2018 Route addition via service succeeded
Mon Aug 13 09:09:15 2018 C:\Windows\system32\route.exe ADD 10.10.10.1 MASK 255.255.255.0 10.10.10.1
Mon Aug 13 09:09:15 2018 ROUTE: route addition failed using service: The parameter is incorrect. [status=87 if_index=25]
Mon Aug 13 09:09:15 2018 Route addition via service failed
Mon Aug 13 09:09:15 2018 C:\Windows\system32\route.exe ADD 10.10.10.2 MASK 255.255.255.0 10.10.10.1
Mon Aug 13 09:09:15 2018 ROUTE: route addition failed using service: The parameter is incorrect. [status=87 if_index=25]
Mon Aug 13 09:09:15 2018 Route addition via service failed
Mon Aug 13 09:09:15 2018 C:\Windows\system32\route.exe ADD 192.168.143.11 MASK 255.255.255.0 10.10.10.1
Mon Aug 13 09:09:15 2018 ROUTE: route addition failed using service: The parameter is incorrect. [status=87 if_index=25]
Mon Aug 13 09:09:15 2018 Route addition via service failed
Mon Aug 13 09:09:15 2018 C:\Windows\system32\route.exe ADD 192.168.143.0 MASK 255.255.255.0 10.10.10.1
Mon Aug 13 09:09:15 2018 Route addition via service succeeded
Mon Aug 13 09:09:15 2018 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Mon Aug 13 09:09:15 2018 Initialization Sequence Completed
Mon Aug 13 09:09:15 2018 MANAGEMENT: >STATE:1534144155,CONNECTED,SUCCESS,10.10.10.4,5.57.x.x,1194,,

Konekcija se uspostavi, ali niti se IP adresa klijenta promeni, niti mogu da vidim mrežu i šerove na serveru.

Gde grešim?

Evo i ruta, mada se vide i iz log fajla:

C:\Windows\system32>route print -4
===========================================================================
Interface List
35...00 ff 40 4f 9d ec ......TAP-Windows Adapter V9 #2
25...00 ff 5f af cc b4 ......TAP-Windows Adapter V9
44...00 ff 3e 91 e1 bf ......TAP-ProtonVPN Windows Adapter V9 #2
41...00 ff 5e dd c9 43 ......TAP-ProtonVPN Windows Adapter V9
29...e8 39 35 54 d6 98 ......Intel(R) 82579LM Gigabit Network Connection
1...........................Software Loopback Interface 1
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
24...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
28...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #6
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.110.254 192.168.110.1 20
0.0.0.0 128.0.0.0 10.10.10.1 10.10.10.4 276
5.57.xx.xx 255.255.255.255 192.168.110.254 192.168.110.1 276
10.10.10.0 255.255.255.0 On-link 10.10.10.4 276
10.10.10.0 255.255.255.0 10.10.10.1 10.10.10.4 276
10.10.10.4 255.255.255.255 On-link 10.10.10.4 276
10.10.10.255 255.255.255.255 On-link 10.10.10.4 276
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
128.0.0.0 128.0.0.0 10.10.10.1 10.10.10.4 276
192.168.110.0 255.255.255.0 On-link 192.168.110.1 276
192.168.110.1 255.255.255.255 On-link 192.168.110.1 276
192.168.110.255 255.255.255.255 On-link 192.168.110.1 276
192.168.143.0 255.255.255.0 10.10.10.1 10.10.10.4 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.110.1 276
224.0.0.0 240.0.0.0 On-link 10.10.10.4 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.110.1 276
255.255.255.255 255.255.255.255 On-link 10.10.10.4 276
===========================================================================
Persistent Routes:
None

.ovpn fajl ubuduće stavljaj u spoiler, a ne ovako. Ipak je ovo forum.

joj. mnogo stvari ti ovde ne valja

ti sa ovim


u client.ovpn, vršiš redirekciju kompletnog oglaznog saobraćaja preko OpenVPN linka. posle ovoga, klijenu nije potrebna nikakva dodatna ruta da bi video subnet u kome se nalazi server. klijent će svaki saobraćaj, koji nije namenjen nekom uređaju unutart lokalnog subneta, da pošalje preko OVPN linka pa tako i i saobraćaj prema subnetu u kome se nalazi server i saobraćaj prema drugim klijentskim subnetima

u logu, to je ovaj deo ovde

i ove dve rute u klijentskoj route tabeli


sa druge strane, treba ti sa klijentske strane da radiš advertise lokalnog subneta sa (mislim)


treba negde u server.ovpn da daš statement

nisam baš najbolje razumeo tvoju namere u ovom delu ovde
ovo vrv treba da izbaciš

na kraju balade, server treba da ima rute
1. 255.255.255.0 (/24) za rutiranje saobraćaja unutar OVPN "mreže" (kod tebe to su adrese 10.10.10.0/24) ili 255.255.255.252 (/30) prema serveru i svakom klijentu, GW je OVPN adresa servera. neznam dal je na OVPN podržano, ovo zadnje mogu biti i /31 parovi adresa (255.255.255.254)
2. 255.255.255.0 rutu prema svakom klijentskom subnetu preko GW koji je OVPN adresa klijenta

klijent treba da ima

1 rutu za trutiraje saobraćaja unutar OVPN mreže sa GW koji je OVPN server
2. ili redirekciju def-gw prema OVPN linku ili rute prema serverskom subnetu i svakom subnetu koji želiš da se vidi međ klijentima

Klijentski.ovpn

client
dev tun
proto udp4
redirect-gateway def1 bypass-dhcp
remote 5.57.74.80 1194
resolv-retry infinite
nobind
cipher AES-256-GCM
auth SHA256
comp-lzo
verb 3
persist-key
persist-tun
ping 15
ping-restart 0
ping-timer-rem
reneg-sec 0
ca "C:\\Program Files\\OpenVPN\\config\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\config\\leakbuster-naissus.crt"
key "C:\\Program Files\\OpenVPN\\config\\leakbuster-naissus.key"
tls-auth "C:\\Program Files\\OpenVPN\\config\\ta.key" 1
comp-lzo
verb 3
explicit-exit-notify 1

Kliknite za proširenje...

Route print sa klijenta:

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.110.254 192.168.110.1 20
0.0.0.0 128.0.0.0 10.10.10.1 10.10.10.4 276
5.57.x.x 255.255.255.255 192.168.110.254 192.168.110.1 276
10.10.10.0 255.255.255.0 On-link 10.10.10.4 276
10.10.10.4 255.255.255.255 On-link 10.10.10.4 276
10.10.10.255 255.255.255.255 On-link 10.10.10.4 276
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
128.0.0.0 128.0.0.0 10.10.10.1 10.10.10.4 276
192.168.11.11 255.255.255.255 192.168.110.254 192.168.110.1 276
192.168.110.0 255.255.255.0 On-link 192.168.110.1 276
192.168.110.1 255.255.255.255 On-link 192.168.110.1 276
192.168.110.255 255.255.255.255 On-link 192.168.110.1 276
192.168.143.0 255.255.255.0 10.10.10.1 10.10.10.4 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.110.1 276
224.0.0.0 240.0.0.0 On-link 10.10.10.4 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.110.1 276
255.255.255.255 255.255.255.255 On-link 10.10.10.4 276
===========================================================================
Persistent Routes:
None

Kliknite za proširenje...

Tracert ka 8.8.8.8:

C:\Users\xxxxx>tracert 8.8.8.8

Tracing route to 8.8.8.8 over a maximum of 30 hops

1 19 ms 15 ms 16 ms SAINTGEORGE [10.10.1
2 * * * Request timed out.
3 * * * Request timed out.
4 * * * Request timed out.
5 * * * Request timed out.
6 * * * Request timed out.
7 * * * Request timed out.
8 * * * Request timed out.
9 * * * Request timed out.
10 * * * Request timed out.
11 * * * Request timed out.
12 * * * Request timed out.
13 * * * Request timed out.
14 * * * Request timed out.
15 * * * Request timed out.
16 * * * Request timed out.
17 * * * Request timed out.
18 * * * Request timed out.
19 * * * Request timed out.
20 * * * Request timed out.
21 * * * Request timed out.
22 * * * Request timed out.
23 * * * Request timed out.
24 * * * Request timed out.
25 * * * Request timed out.
26 * * * Request timed out.
27 * * * Request timed out.
28 * * * Request timed out.
29 * * * Request timed out.
30 * * * Request timed out.

Trace complete.

Kliknite za proširenje...

Log sa klijenta:

Thu Aug 16 07:03:45 2018 OpenVPN 2.4.4 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Sep 26 2017
Thu Aug 16 07:03:45 2018 Windows version 6.1 (Windows 7) 64bit
Thu Aug 16 07:03:45 2018 library versions: OpenSSL 1.0.2l 25 May 2017, LZO 2.10
Enter Management Password:
Thu Aug 16 07:03:45 2018 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Thu Aug 16 07:03:45 2018 Need hold release from management interface, waiting...
Thu Aug 16 07:03:45 2018 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Thu Aug 16 07:03:45 2018 MANAGEMENT: CMD 'state on'
Thu Aug 16 07:03:45 2018 MANAGEMENT: CMD 'log all on'
Thu Aug 16 07:03:45 2018 MANAGEMENT: CMD 'echo all on'
Thu Aug 16 07:03:45 2018 MANAGEMENT: CMD 'hold off'
Thu Aug 16 07:03:45 2018 MANAGEMENT: CMD 'hold release'
Thu Aug 16 07:03:45 2018 WARNING: --ping should normally be used with --ping-restart or --ping-exit
Thu Aug 16 07:03:45 2018 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Thu Aug 16 07:03:45 2018 Outgoing Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Thu Aug 16 07:03:45 2018 Incoming Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Thu Aug 16 07:03:45 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]5.57.x.x:1194
Thu Aug 16 07:03:45 2018 Socket Buffers: R=[8192->8192] S=[8192->8192]
Thu Aug 16 07:03:45 2018 UDPv4 link local: (not bound)
Thu Aug 16 07:03:45 2018 UDPv4 link remote: [AF_INET]5.57.74.x.x:1194
Thu Aug 16 07:03:45 2018 MANAGEMENT: >STATE:1534395825,WAIT,,,,,,
Thu Aug 16 07:03:45 2018 MANAGEMENT: >STATE:1534395825,AUTH,,,,,,
Thu Aug 16 07:03:45 2018 TLS: Initial packet from [AF_INET]5.57.x.x:1194, sid=8c9f7315 6eb4682f
Thu Aug 16 07:03:45 2018 VERIFY OK: depth=1, C=RS, ST=RS, L=Nis, O=Leakbusters, OU=Leakbusters, CN=5.57.x.x, name=Leakbuster, [email protected]
Thu Aug 16 07:03:45 2018 VERIFY OK: depth=0, C=RS, ST=RS, L=Nis, O=Leakbusters, OU=Leakbusters, CN=Leakbusters, name=Leakbuster, [email protected]
Thu Aug 16 07:03:45 2018 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
Thu Aug 16 07:03:45 2018 [Leakbusters] Peer Connection Initiated with [AF_INET]5.57.x.x:1194
Thu Aug 16 07:03:47 2018 MANAGEMENT: >STATE:1534395827,GET_CONFIG,,,,,,
Thu Aug 16 07:03:47 2018 SENT CONTROL [Leakbusters]: 'PUSH_REQUEST' (status=1)
Thu Aug 16 07:03:47 2018 PUSH: Received control message: 'PUSH_REPLY,topology subnet,route 192.168.143.0 255.255.255.0,dhcp-option DNS 1.1.1.1,dhcp-option DNS 208.67.222.222,route-gateway 10.10.10.1,topology subnet,ping 10,ping-restart 120,ifconfig 10.10.10.4 255.255.255.0,peer-id 0,cipher AES-256-GCM'
Thu Aug 16 07:03:47 2018 OPTIONS IMPORT: timers and/or timeouts modified
Thu Aug 16 07:03:47 2018 OPTIONS IMPORT: --ifconfig/up options modified
Thu Aug 16 07:03:47 2018 OPTIONS IMPORT: route options modified
Thu Aug 16 07:03:47 2018 OPTIONS IMPORT: route-related options modified
Thu Aug 16 07:03:47 2018 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Thu Aug 16 07:03:47 2018 OPTIONS IMPORT: peer-id set
Thu Aug 16 07:03:47 2018 OPTIONS IMPORT: adjusting link_mtu to 1625
Thu Aug 16 07:03:47 2018 OPTIONS IMPORT: data channel crypto options modified
Thu Aug 16 07:03:47 2018 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Thu Aug 16 07:03:47 2018 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Thu Aug 16 07:03:47 2018 interactive service msg_channel=352
Thu Aug 16 07:03:47 2018 ROUTE_GATEWAY 192.168.110.254/255.255.255.0 I=26 HWADDR=e8:39:35:54:d6:98
Thu Aug 16 07:03:47 2018 ROUTE: bypass_host_route[0]=192.168.11.11
Thu Aug 16 07:03:47 2018 open_tun
Thu Aug 16 07:03:47 2018 TAP-WIN32 device [Local Area Connection] opened: \\.\Global\{5FAFCCB4-03D0-4A10-9169-C4F7932C5471}.tap
Thu Aug 16 07:03:47 2018 TAP-Windows Driver Version 9.21
Thu Aug 16 07:03:47 2018 Set TAP-Windows TUN subnet mode network/local/netmask = 10.10.10.0/10.10.10.4/255.255.255.0 [SUCCEEDED]
Thu Aug 16 07:03:47 2018 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.10.10.4/255.255.255.0 on interface {5FAFCCB4-03D0-4A10-9169-C4F7932C5471} [DHCP-serv: 10.10.10.254, lease-time: 31536000]
Thu Aug 16 07:03:47 2018 Successful ARP Flush on interface [29] {5FAFCCB4-03D0-4A10-9169-C4F7932C5471}
Thu Aug 16 07:03:47 2018 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Thu Aug 16 07:03:47 2018 MANAGEMENT: >STATE:1534395827,ASSIGN_IP,,10.10.10.4,,,,
Thu Aug 16 07:03:52 2018 TEST ROUTES: 2/2 succeeded len=1 ret=1 a=0 u/d=up
Thu Aug 16 07:03:52 2018 C:\Windows\system32\route.exe ADD 5.57.x.x MASK 255.255.255.255 192.168.110.254
Thu Aug 16 07:03:52 2018 Route addition via service succeeded
Thu Aug 16 07:03:52 2018 C:\Windows\system32\route.exe ADD 192.168.11.11 MASK 255.255.255.255 192.168.110.254
Thu Aug 16 07:03:52 2018 Route addition via service succeeded
Thu Aug 16 07:03:52 2018 C:\Windows\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.10.10.1
Thu Aug 16 07:03:52 2018 Route addition via service succeeded
Thu Aug 16 07:03:52 2018 C:\Windows\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 10.10.10.1
Thu Aug 16 07:03:52 2018 Route addition via service succeeded
Thu Aug 16 07:03:52 2018 MANAGEMENT: >STATE:1534395832,ADD_ROUTES,,,,,,
Thu Aug 16 07:03:52 2018 C:\Windows\system32\route.exe ADD 192.168.143.0 MASK 255.255.255.0 10.10.10.1
Thu Aug 16 07:03:52 2018 Route addition via service succeeded
Thu Aug 16 07:03:52 2018 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Thu Aug 16 07:03:52 2018 Initialization Sequence Completed
Thu Aug 16 07:03:52 2018 MANAGEMENT: >STATE:1534395832,CONNECTED,SUCCESS,10.10.10.4,5.57.x.x,1194,,

Kliknite za proširenje...

Uredno pingujem i vidim šerove na serverskoj strani, ali uopšte nemam pristup internetu.

problem ti je na serveru. nije na klijentu.

probaj da uradiš Internet Connection Sharing na serveru. Šeruj LAN konekciju prema TUN adapteru

U serverskoj konfiguraciji izbaci

push "route-gateway 10.10.10.1"

Ovo ti na klijentu prebacuje default gw na OVPN server, a to ti ne treba.
Ti na klijentu imas net, i klijent samo treba da zna koja mu je ruta za server i mrezu iza njega........