OpenVPN from mikrotik to Sophos

stefan601 · July 23, 2018, 8:02am

Hi at all!

I want to configure a mikrotik with 4G as a openvpn Client to a sophos UTM 110. The same constellation worked earlier with a openWRT to Sophos openvpn. But now I want to replace the openwrt with a mikrotik hAP AC lite. The 4G Connection worked very good - no Problems. All devices have the actual stable Firmware installed. For openvpn I use the following Settings:

AES128 with SHA1, no compression, 1024bit Keysize, 28800 keylifetime

The MT starts the openvpn tunnel to the sophos. Than the MT gets all routes pushed from sophos. The vpn is established and the connection between both sides worked. But after some hours the traffic stoped but vpn is show up as established. When I locally connect with winbox I can see that all routes from the vpn are missing. When I recconect again the MT gets the routes again and it’s all ok. I have created a script to restart the vpn every 3hours. But that’s not the solution. The Internet link over 4G is stable. That’s not the problem. I have tested to set manually the vpn routes. But no luck.

What can be the reason for that? Today at evening I can create the logs from both devices.

best regards
Stefan

sindy · July 23, 2018, 8:43am

A very similar topic was here a few weeks ago. Is your firmware version aligned with your RouterOS version, i.e. what does /system routerboard print show regarding current-firmware and upgrade-firmware? Because a firmware upgrade was the solution of that topics.

stefan601 · July 25, 2018, 2:21pm

Yes, there was a difference between firmware and routerboard. I have updated this to same version. But the problem still exist. The traffic disconnects afters some hours. I have tested with after encryption but no luck. When the traffic is down and when I take some config changes on the sophos (to example adjust the keysize from 1024 to 2048) the vpn tunnel comes directly up with the correct routes and it works.

Here is the log from sophos from last night. The MT disconnect at 1:04. And at 13.37 the openvpn is successfuly connected with the right routes. Before that there is only the tunnel up, without routes:

2018:07:25-00:00:13 sophos-gue openvpn[13095]: MANAGEMENT: Client connected from /var/run/openvpn_mgmt
2018:07:25-00:00:13 sophos-gue openvpn[13095]: MANAGEMENT: CMD ‘status -1’
2018:07:25-00:00:23 sophos-gue openvpn[13095]: MANAGEMENT: Client disconnected
2018:07:25-00:09:05 sophos-gue openvpn[13095]: MANAGEMENT: Client connected from /var/run/openvpn_mgmt
2018:07:25-00:09:05 sophos-gue openvpn[13095]: MANAGEMENT: CMD ‘status -1’
2018:07:25-00:09:07 sophos-gue openvpn[13095]: MANAGEMENT: CMD ‘status -1’
2018:07:25-00:09:17 sophos-gue openvpn[13095]: MANAGEMENT: Client disconnected
2018:07:25-00:09:35 sophos-gue openvpn[13095]: MANAGEMENT: Client connected from /var/run/openvpn_mgmt
2018:07:25-00:09:35 sophos-gue openvpn[13095]: MANAGEMENT: CMD ‘status -1’
2018:07:25-00:09:45 sophos-gue openvpn[13095]: MANAGEMENT: Client disconnected
2018:07:25-00:24:05 sophos-gue openvpn[13095]: MANAGEMENT: Client connected from /var/run/openvpn_mgmt
2018:07:25-00:24:05 sophos-gue openvpn[13095]: MANAGEMENT: CMD ‘status -1’
2018:07:25-00:24:06 sophos-gue openvpn[13095]: MANAGEMENT: CMD ‘status -1’
2018:07:25-00:24:16 sophos-gue openvpn[13095]: MANAGEMENT: Client disconnected
2018:07:25-00:39:05 sophos-gue openvpn[13095]: MANAGEMENT: Client connected from /var/run/openvpn_mgmt
2018:07:25-00:39:05 sophos-gue openvpn[13095]: MANAGEMENT: CMD ‘status -1’
2018:07:25-00:39:06 sophos-gue openvpn[13095]: MANAGEMENT: CMD ‘status -1’
2018:07:25-00:39:16 sophos-gue openvpn[13095]: MANAGEMENT: Client disconnected
2018:07:25-00:54:05 sophos-gue openvpn[13095]: MANAGEMENT: Client connected from /var/run/openvpn_mgmt
2018:07:25-00:54:05 sophos-gue openvpn[13095]: MANAGEMENT: CMD ‘status -1’
2018:07:25-00:54:08 sophos-gue openvpn[13095]: MANAGEMENT: CMD ‘status -1’
2018:07:25-00:54:18 sophos-gue openvpn[13095]: MANAGEMENT: Client disconnected
2018:07:25-01:00:08 sophos-gue openvpn[13095]: MANAGEMENT: Client connected from /var/run/openvpn_mgmt
2018:07:25-01:00:08 sophos-gue openvpn[13095]: MANAGEMENT: CMD ‘status -1’
2018:07:25-01:00:18 sophos-gue openvpn[13095]: MANAGEMENT: Client disconnected
2018:07:25-01:00:20 sophos-gue openvpn[13095]: MANAGEMENT: Client connected from /var/run/openvpn_mgmt
2018:07:25-01:00:20 sophos-gue openvpn[13095]: MANAGEMENT: CMD ‘status -1’
2018:07:25-01:00:30 sophos-gue openvpn[13095]: MANAGEMENT: Client disconnected
2018:07:25-01:04:02 sophos-gue openvpn[13095]: REF_AaaUse2/109.41.3.45:21246 [REF_AaaUse2] Inactivity timeout (–ping-restart), restarting
2018:07:25-01:04:02 sophos-gue openvpn[13095]: REF_AaaUse2/109.41.3.45:21246 SIGUSR1[soft,ping-restart] received, client-instance restarting
2018:07:25-01:04:02 sophos-gue openvpn[13095]: id=“2204” severity=“info” sys=“SecureNet” sub=“vpn” event=“Site-to-site VPN down” variant=“ssl” connection=“REF_SslSerGaragemikr” address=“80.135.199.197”
2018:07:25-01:04:02 sophos-gue openvpn[13095]: PLUGIN_CALL: POST /usr/lib/openvpn/plugins/openvpn-plugin-utm.so/PLUGIN_CLIENT_DISCONNECT status=0
2018:07:25-01:09:05 sophos-gue openvpn[13095]: MANAGEMENT: Client connected from /var/run/openvpn_mgmt
2018:07:25-01:09:05 sophos-gue openvpn[13095]: MANAGEMENT: CMD ‘status -1’
2018:07:25-01:09:07 sophos-gue openvpn[13095]: MANAGEMENT: CMD ‘status -1’
2018:07:25-01:09:17 sophos-gue openvpn[13095]: MANAGEMENT: Client disconnected
2018:07:25-01:09:37 sophos-gue openvpn[13095]: MANAGEMENT: Client connected from /var/run/openvpn_mgmt
2018:07:25-01:09:37 sophos-gue openvpn[13095]: MANAGEMENT: CMD ‘status -1’
2018:07:25-01:09:47 sophos-gue openvpn[13095]: MANAGEMENT: Client disconnected
2018:07:25-01:17:05 sophos-gue openvpn[13095]: TCP connection established with [AF_INET]109.41.3.45:14025 (via [AF_INET]80.135.202.225:1194)
2018:07:25-01:17:05 sophos-gue openvpn[13095]: 109.41.3.45:14025 TLS: Initial packet from [AF_INET]109.41.3.45:14025 (via [AF_INET]80.135.202.225:1194), sid=0d8823f6 b03b8fad
2018:07:25-01:17:06 sophos-gue openvpn[13095]: 109.41.3.45:14025 VERIFY OK: depth=0, C=de, L=home, O=home, CN=REF_SslSerGaragemikr
2018:07:25-01:17:06 sophos-gue openvpn[13095]: 109.41.3.45:14025 VERIFY OK: depth=1, C=de, L=home, O=home, CN=home VPN CA, emailAddress=xxxxxxx@online.de
2018:07:25-01:17:06 sophos-gue openvpn[13095]: 109.41.3.45:14025 VERIFY OK: depth=1, C=de, L=home, O=home, CN=home VPN CA, emailAddress=xxxxxxx@online.de
2018:07:25-01:17:06 sophos-gue openvpn[13095]: 109.41.3.45:14025 VERIFY OK: depth=0, C=de, L=home, O=home, CN=REF_SslSerGaragemikr
2018:07:25-01:17:06 sophos-gue openvpn[13095]: 109.41.3.45:14025 PLUGIN_CALL: POST /usr/lib/openvpn/plugins/openvpn-plugin-utm.so/PLUGIN_AUTH_USER_PASS_VERIFY status=2
2018:07:25-01:17:06 sophos-gue openvpn[13095]: 109.41.3.45:14025 TLS: Username/Password authentication deferred for username ‘REF_AaaUse2’ [CN SET]
2018:07:25-01:17:06 sophos-gue openvpn[13095]: 109.41.3.45:14025 WARNING: ‘link-mtu’ is used inconsistently, local=‘link-mtu 1544’, remote=‘link-mtu 1443’
2018:07:25-01:17:06 sophos-gue openvpn[13095]: 109.41.3.45:14025 WARNING: ‘tun-mtu’ is used inconsistently, local=‘tun-mtu 1500’, remote=‘tun-mtu 1400’
2018:07:25-01:17:06 sophos-gue openvpn[13095]: 109.41.3.45:14025 WARNING: ‘comp-lzo’ is present in local config but missing in remote config, local=‘comp-lzo’
2018:07:25-01:17:06 sophos-gue openvpn[13095]: 109.41.3.45:14025 Downgrading LZO - client does not send compression headers
2018:07:25-01:17:06 sophos-gue openvpn[13095]: 109.41.3.45:14025 Data Channel Encrypt: Cipher ‘BF-CBC’ initialized with 128 bit key
2018:07:25-01:17:06 sophos-gue openvpn[13095]: 109.41.3.45:14025 Data Channel Encrypt: Using 160 bit message hash ‘SHA1’ for HMAC authentication
2018:07:25-01:17:06 sophos-gue openvpn[13095]: 109.41.3.45:14025 Data Channel Decrypt: Cipher ‘BF-CBC’ initialized with 128 bit key
2018:07:25-01:17:06 sophos-gue openvpn[13095]: 109.41.3.45:14025 Data Channel Decrypt: Using 160 bit message hash ‘SHA1’ for HMAC authentication
2018:07:25-01:17:06 sophos-gue openvpn[13095]: 109.41.3.45:14025 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
2018:07:25-01:17:06 sophos-gue openvpn[13095]: 109.41.3.45:14025 [REF_AaaUse2] Peer Connection Initiated with [AF_INET]109.41.3.45:14025 (via [AF_INET]80.135.202.225:1194)
2018:07:25-01:17:06 sophos-gue openvpn[13095]: 109.41.3.45:14025 PUSH: Received control message: ‘PUSH_REQUEST’
2018:07:25-01:17:08 sophos-gue openvpn[13095]: REF_AaaUse2/109.41.3.45:14025 OPTIONS IMPORT: reading client specific options from: /etc/openvpn/conf.d/REF_AaaUse2
2018:07:25-01:17:08 sophos-gue openvpn[13095]: REF_AaaUse2/109.41.3.45:14025 MULTI_sva: pool returned IPv4=192.168.99.2, IPv6=(Not enabled)
2018:07:25-01:17:08 sophos-gue openvpn[13095]: id=“2203” severity=“info” sys=“SecureNet” sub=“vpn” event=“Site-to-site VPN up” variant=“ssl” connection=“REF_SslSerGaragemikr” address=“80.135.202.225”
2018:07:25-01:17:08 sophos-gue openvpn[13095]: REF_AaaUse2/109.41.3.45:14025 PLUGIN_CALL: POST /usr/lib/openvpn/plugins/openvpn-plugin-utm.so/PLUGIN_CLIENT_CONNECT status=0
2018:07:25-01:17:08 sophos-gue openvpn[13095]: REF_AaaUse2/109.41.3.45:14025 OPTIONS IMPORT: reading client specific options from: /tmp/openvpn_cc_a63af316f076f96c494eb51f392cec34.tmp
2018:07:25-01:17:08 sophos-gue openvpn[13095]: REF_AaaUse2/109.41.3.45:14025 MULTI: Learn: 192.168.99.2 → REF_AaaUse2/109.41.3.45:14025
2018:07:25-01:17:08 sophos-gue openvpn[13095]: REF_AaaUse2/109.41.3.45:14025 MULTI: primary virtual IP for REF_AaaUse2/109.41.3.45:14025: 192.168.99.2
2018:07:25-01:17:08 sophos-gue openvpn[13095]: REF_AaaUse2/109.41.3.45:14025 MULTI: internal route 192.168.51.0/24 → REF_AaaUse2/109.41.3.45:14025
2018:07:25-01:17:08 sophos-gue openvpn[13095]: REF_AaaUse2/109.41.3.45:14025 MULTI: Learn: 192.168.51.0/24 → REF_AaaUse2/109.41.3.45:14025
2018:07:25-01:17:08 sophos-gue openvpn[13095]: MULTI: Learn: 192.168.51.1 → REF_AaaUse2/109.41.3.45:14025
2018:07:25-01:17:08 sophos-gue openvpn[13095]: MULTI: Learn: 192.168.51.5 → REF_AaaUse2/109.41.3.45:14025
2018:07:25-01:24:05 sophos-gue openvpn[13095]: MANAGEMENT: Client connected from /var/run/openvpn_mgmt
2018:07:25-01:24:05 sophos-gue openvpn[13095]: MANAGEMENT: CMD ‘status -1’
2018:07:25-01:24:07 sophos-gue openvpn[13095]: MANAGEMENT: CMD ‘status -1’
2018:07:25-01:24:17 sophos-gue openvpn[13095]: MANAGEMENT: Client disconnected
2018:07:25-01:39:06 sophos-gue openvpn[13095]: MANAGEMENT: Client connected from /var/run/openvpn_mgmt
2018:07:25-01:39:06 sophos-gue openvpn[13095]: MANAGEMENT: CMD ‘status -1’
2018:07:25-01:39:07 sophos-gue openvpn[13095]: MANAGEMENT: CMD ‘status -1’
2018:07:25-01:39:17 sophos-gue openvpn[13095]: MANAGEMENT: Client disconnected
2018:07:25-01:54:13 sophos-gue openvpn[13095]: MANAGEMENT: Client connected from /var/run/openvpn_mgmt
2018:07:25-01:54:13 sophos-gue openvpn[13095]: MANAGEMENT: CMD ‘status -1’

2018:07:25-12:24:05 sophos-gue openvpn[13095]: MANAGEMENT: CMD ‘status -1’
2018:07:25-12:24:06 sophos-gue openvpn[13095]: MANAGEMENT: CMD ‘status -1’
2018:07:25-12:24:16 sophos-gue openvpn[13095]: MANAGEMENT: Client disconnected
2018:07:25-12:39:06 sophos-gue openvpn[13095]: MANAGEMENT: Client connected from /var/run/openvpn_mgmt
2018:07:25-12:39:06 sophos-gue openvpn[13095]: MANAGEMENT: CMD ‘status -1’
2018:07:25-12:39:07 sophos-gue openvpn[13095]: MANAGEMENT: CMD ‘status -1’
2018:07:25-12:39:17 sophos-gue openvpn[13095]: MANAGEMENT: Client disconnected
2018:07:25-12:54:06 sophos-gue openvpn[13095]: MANAGEMENT: Client connected from /var/run/openvpn_mgmt
2018:07:25-12:54:06 sophos-gue openvpn[13095]: MANAGEMENT: CMD ‘status -1’
2018:07:25-12:54:07 sophos-gue openvpn[13095]: MANAGEMENT: CMD ‘status -1’
2018:07:25-12:54:17 sophos-gue openvpn[13095]: MANAGEMENT: Client disconnected
2018:07:25-13:09:05 sophos-gue openvpn[13095]: MANAGEMENT: Client connected from /var/run/openvpn_mgmt
2018:07:25-13:09:05 sophos-gue openvpn[13095]: MANAGEMENT: CMD ‘status -1’
2018:07:25-13:09:07 sophos-gue openvpn[13095]: MANAGEMENT: CMD ‘status -1’
2018:07:25-13:09:17 sophos-gue openvpn[13095]: MANAGEMENT: Client disconnected
2018:07:25-13:09:38 sophos-gue openvpn[13095]: MANAGEMENT: Client connected from /var/run/openvpn_mgmt
2018:07:25-13:09:38 sophos-gue openvpn[13095]: MANAGEMENT: CMD ‘status -1’
2018:07:25-13:09:48 sophos-gue openvpn[13095]: MANAGEMENT: Client disconnected
2018:07:25-13:24:14 sophos-gue openvpn[13095]: MANAGEMENT: Client connected from /var/run/openvpn_mgmt
2018:07:25-13:24:14 sophos-gue openvpn[13095]: MANAGEMENT: CMD ‘status -1’
2018:07:25-13:24:16 sophos-gue openvpn[13095]: MANAGEMENT: CMD ‘status -1’
2018:07:25-13:24:26 sophos-gue openvpn[13095]: MANAGEMENT: Client disconnected
2018:07:25-13:27:38 sophos-gue openvpn[13095]: MANAGEMENT: Client connected from /var/run/openvpn_mgmt
2018:07:25-13:27:38 sophos-gue openvpn[13095]: MANAGEMENT: CMD ‘status -1’
2018:07:25-13:27:45 sophos-gue openvpn[13095]: MANAGEMENT: CMD ‘status -1’
2018:07:25-13:27:51 sophos-gue openvpn[13095]: MANAGEMENT: CMD ‘status -1’
2018:07:25-13:27:54 sophos-gue openvpn[13095]: MANAGEMENT: CMD ‘status -1’
2018:07:25-13:27:55 sophos-gue openvpn[13095]: MANAGEMENT: CMD ‘status -1’
2018:07:25-13:28:05 sophos-gue openvpn[13095]: MANAGEMENT: Client disconnected
2018:07:25-13:28:26 sophos-gue openvpn[13095]: id=“2204” severity=“info” sys=“SecureNet” sub=“vpn” event=“Site-to-site VPN down” variant=“ssl” connection=“REF_SslSerGaragemikr” address=“80.135.202.225”
2018:07:25-13:28:26 sophos-gue openvpn[13095]: PLUGIN_CALL: POST /usr/lib/openvpn/plugins/openvpn-plugin-utm.so/PLUGIN_CLIENT_DISCONNECT status=0
2018:07:25-13:28:26 sophos-gue openvpn[13095]: SIGTERM[hard,] received, process exiting
2018:07:25-13:28:26 sophos-gue openvpn[13095]: /bin/ip route del 192.168.51.0/24
2018:07:25-13:28:26 sophos-gue openvpn[13095]: PLUGIN_CALL: POST ??[ /PLUGIN_DOWN status=0
2018:07:25-13:28:26 sophos-gue openvpn[13095]: Closing TUN/TAP interface
2018:07:25-13:28:26 sophos-gue openvpn[13095]: /bin/ip addr del dev tun0 192.168.99.1/24
2018:07:25-13:28:29 sophos-gue openvpn[1015]: OpenVPN 2.3.10 i686-suse-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Jun 29 2017
2018:07:25-13:28:29 sophos-gue openvpn[1015]: library versions: OpenSSL 1.0.2j-fips 26 Sep 2016, LZO 2.09
2018:07:25-13:28:29 sophos-gue openvpn[1027]: MANAGEMENT: client_uid=0
2018:07:25-13:28:29 sophos-gue openvpn[1027]: MANAGEMENT: client_gid=0
2018:07:25-13:28:29 sophos-gue openvpn[1027]: MANAGEMENT: unix domain socket listening on /var/run/openvpn_mgmt
2018:07:25-13:28:29 sophos-gue openvpn[1027]: PLUGIN_INIT: POST /usr/lib/openvpn/plugins/openvpn-plugin-utm.so ‘[/usr/lib/openvpn/plugins/openvpn-plugin-utm.so]’ intercepted=PLUGIN_UP|PLUGIN_DOWN|PLUGIN_AUTH_USER_PASS_VERIFY|PLUGIN_CLIENT_CONNECT|PLUGIN_CLIENT_DISCONNECT
2018:07:25-13:28:29 sophos-gue openvpn[1027]: Diffie-Hellman initialized with 2048 bit key
2018:07:25-13:28:29 sophos-gue openvpn[1027]: WARNING: experimental option --capath /etc/openvpn/ca.d
2018:07:25-13:28:29 sophos-gue openvpn[1027]: Socket Buffers: R=[87380->87380] S=[16384->16384]
2018:07:25-13:28:29 sophos-gue openvpn[1027]: ROUTE_GATEWAY 62.155.240.227
2018:07:25-13:28:29 sophos-gue openvpn[1027]: TUN/TAP device tun0 opened
2018:07:25-13:28:29 sophos-gue openvpn[1027]: TUN/TAP TX queue length set to 100
2018:07:25-13:28:29 sophos-gue openvpn[1027]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0
2018:07:25-13:28:29 sophos-gue openvpn[1027]: /bin/ip link set dev tun0 up mtu 1500
2018:07:25-13:28:29 sophos-gue openvpn[1027]: /bin/ip addr add dev tun0 192.168.99.1/24 broadcast 192.168.99.255
2018:07:25-13:28:29 sophos-gue openvpn[1027]: PLUGIN_CALL: POST /usr/lib/openvpn/plugins/openvpn-plugin-utm.so/PLUGIN_UP status=0
2018:07:25-13:28:29 sophos-gue openvpn[1027]: /bin/ip route add 192.168.51.0/24 dev tun0 via 192.168.99.1
2018:07:25-13:28:29 sophos-gue openvpn[1027]: Listening for incoming TCP connection on [undef]
2018:07:25-13:28:29 sophos-gue openvpn[1027]: TCPv4_SERVER link local (bound): [undef]
2018:07:25-13:28:29 sophos-gue openvpn[1027]: TCPv4_SERVER link remote: [undef]
2018:07:25-13:28:29 sophos-gue openvpn[1027]: MULTI: multi_init called, r=256 v=256
2018:07:25-13:28:29 sophos-gue openvpn[1027]: IFCONFIG POOL: base=192.168.99.2 size=252, ipv6=0
2018:07:25-13:28:29 sophos-gue openvpn[1027]: ifconfig_pool_read(), in=‘REF_AaaUse2,192.168.99.2’, TODO: IPv6
2018:07:25-13:28:29 sophos-gue openvpn[1027]: succeeded → ifconfig_pool_set()
2018:07:25-13:28:29 sophos-gue openvpn[1027]: IFCONFIG POOL LIST
2018:07:25-13:28:29 sophos-gue openvpn[1027]: REF_AaaUse2,192.168.99.2
2018:07:25-13:28:29 sophos-gue openvpn[1027]: MULTI: TCP INIT maxclients=1024 maxevents=1028
2018:07:25-13:28:29 sophos-gue openvpn[1027]: Initialization Sequence Completed
2018:07:25-13:28:30 sophos-gue openvpn[1027]: TCP connection established with [AF_INET]109.41.3.45:4999 (via [AF_INET]80.135.202.225:1194)
2018:07:25-13:28:30 sophos-gue openvpn[1027]: 109.41.3.45:4999 TLS: Initial packet from [AF_INET]109.41.3.45:4999 (via [AF_INET]80.135.202.225:1194), sid=b436cdac 836f2291
2018:07:25-13:28:33 sophos-gue openvpn[1027]: 109.41.3.45:4999 VERIFY OK: depth=0, C=de, L=home, O=home, CN=REF_SslSerGaragemikr
2018:07:25-13:28:33 sophos-gue openvpn[1027]: 109.41.3.45:4999 VERIFY OK: depth=1, C=de, L=home, O=home, CN=home VPN CA, emailAddress=xxxxxxx@online.de
2018:07:25-13:28:33 sophos-gue openvpn[1027]: 109.41.3.45:4999 VERIFY OK: depth=1, C=de, L=home, O=home, CN=home VPN CA, emailAddress=xxxxxxx@online.de
2018:07:25-13:28:33 sophos-gue openvpn[1027]: 109.41.3.45:4999 VERIFY OK: depth=0, C=de, L=home, O=home, CN=REF_SslSerGaragemikr
2018:07:25-13:28:34 sophos-gue openvpn[1027]: 109.41.3.45:4999 PLUGIN_CALL: POST /usr/lib/openvpn/plugins/openvpn-plugin-utm.so/PLUGIN_AUTH_USER_PASS_VERIFY status=2
2018:07:25-13:28:34 sophos-gue openvpn[1027]: 109.41.3.45:4999 TLS: Username/Password authentication deferred for username ‘REF_AaaUse2’ [CN SET]
2018:07:25-13:28:34 sophos-gue openvpn[1027]: 109.41.3.45:4999 WARNING: ‘link-mtu’ is used inconsistently, local=‘link-mtu 1544’, remote=‘link-mtu 1443’
2018:07:25-13:28:34 sophos-gue openvpn[1027]: 109.41.3.45:4999 WARNING: ‘tun-mtu’ is used inconsistently, local=‘tun-mtu 1500’, remote=‘tun-mtu 1400’
2018:07:25-13:28:34 sophos-gue openvpn[1027]: 109.41.3.45:4999 WARNING: ‘comp-lzo’ is present in local config but missing in remote config, local=‘comp-lzo’
2018:07:25-13:28:34 sophos-gue openvpn[1027]: 109.41.3.45:4999 Downgrading LZO - client does not send compression headers
2018:07:25-13:28:34 sophos-gue openvpn[1027]: 109.41.3.45:4999 Data Channel Encrypt: Cipher ‘BF-CBC’ initialized with 128 bit key
2018:07:25-13:28:34 sophos-gue openvpn[1027]: 109.41.3.45:4999 Data Channel Encrypt: Using 160 bit message hash ‘SHA1’ for HMAC authentication
2018:07:25-13:28:34 sophos-gue openvpn[1027]: 109.41.3.45:4999 Data Channel Decrypt: Cipher ‘BF-CBC’ initialized with 128 bit key
2018:07:25-13:28:34 sophos-gue openvpn[1027]: 109.41.3.45:4999 Data Channel Decrypt: Using 160 bit message hash ‘SHA1’ for HMAC authentication
2018:07:25-13:28:34 sophos-gue openvpn[1027]: 109.41.3.45:4999 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
2018:07:25-13:28:34 sophos-gue openvpn[1027]: 109.41.3.45:4999 [REF_AaaUse2] Peer Connection Initiated with [AF_INET]109.41.3.45:4999 (via [AF_INET]80.135.202.225:1194)
2018:07:25-13:28:34 sophos-gue openvpn[1027]: 109.41.3.45:4999 PUSH: Received control message: ‘PUSH_REQUEST’
2018:07:25-13:28:35 sophos-gue openvpn[1027]: REF_AaaUse2/109.41.3.45:4999 OPTIONS IMPORT: reading client specific options from: /etc/openvpn/conf.d/REF_AaaUse2
2018:07:25-13:28:35 sophos-gue openvpn[1027]: REF_AaaUse2/109.41.3.45:4999 MULTI_sva: pool returned IPv4=192.168.99.2, IPv6=(Not enabled)
2018:07:25-13:28:35 sophos-gue openvpn[1027]: id=“2203” severity=“info” sys=“SecureNet” sub=“vpn” event=“Site-to-site VPN up” variant=“ssl” connection=“REF_SslSerGaragemikr” address=“80.135.202.225”
2018:07:25-13:28:35 sophos-gue openvpn[1027]: REF_AaaUse2/109.41.3.45:4999 PLUGIN_CALL: POST /usr/lib/openvpn/plugins/openvpn-plugin-utm.so/PLUGIN_CLIENT_CONNECT status=0
2018:07:25-13:28:35 sophos-gue openvpn[1027]: REF_AaaUse2/109.41.3.45:4999 OPTIONS IMPORT: reading client specific options from: /tmp/openvpn_cc_eb7e3f6b55b6f6c5cd31f121b90c2177.tmp
2018:07:25-13:28:35 sophos-gue openvpn[1027]: REF_AaaUse2/109.41.3.45:4999 MULTI: Learn: 192.168.99.2 → REF_AaaUse2/109.41.3.45:4999
2018:07:25-13:28:35 sophos-gue openvpn[1027]: REF_AaaUse2/109.41.3.45:4999 MULTI: primary virtual IP for REF_AaaUse2/109.41.3.45:4999: 192.168.99.2
2018:07:25-13:28:35 sophos-gue openvpn[1027]: REF_AaaUse2/109.41.3.45:4999 MULTI: internal route 192.168.51.0/24 → REF_AaaUse2/109.41.3.45:4999
2018:07:25-13:28:35 sophos-gue openvpn[1027]: REF_AaaUse2/109.41.3.45:4999 MULTI: Learn: 192.168.51.0/24 → REF_AaaUse2/109.41.3.45:4999
2018:07:25-13:28:35 sophos-gue openvpn[1027]: MULTI: Learn: 192.168.51.1 → REF_AaaUse2/109.41.3.45:4999
2018:07:25-13:28:35 sophos-gue openvpn[1027]: MULTI: Learn: 192.168.51.5 → REF_AaaUse2/109.41.3.45:4999
2018:07:25-13:29:06 sophos-gue openvpn[1027]: MANAGEMENT: Client connected from /var/run/openvpn_mgmt
2018:07:25-13:29:06 sophos-gue openvpn[1027]: MANAGEMENT: CMD ‘status -1’
2018:07:25-13:29:07 sophos-gue openvpn[1027]: MANAGEMENT: CMD ‘kill REF_AaaUse2’
2018:07:25-13:29:07 sophos-gue openvpn[1027]: REF_AaaUse2/109.41.3.45:4999 SIGTERM[soft,] received, client-instance exiting
2018:07:25-13:29:07 sophos-gue openvpn[1027]: id=“2204” severity=“info” sys=“SecureNet” sub=“vpn” event=“Site-to-site VPN down” variant=“ssl” connection=“REF_SslSerGaragemikr” address=“80.135.202.225”
2018:07:25-13:29:07 sophos-gue openvpn[1027]: PLUGIN_CALL: POST /usr/lib/openvpn/plugins/openvpn-plugin-utm.so/PLUGIN_CLIENT_DISCONNECT status=0
2018:07:25-13:29:07 sophos-gue openvpn[1027]: SIGTERM[hard,] received, process exiting
2018:07:25-13:29:07 sophos-gue openvpn[1027]: /bin/ip route del 192.168.51.0/24
2018:07:25-13:29:07 sophos-gue openvpn[1027]: PLUGIN_CALL: POST /usr/lib/openvpn/plugins/openvpn-plugin-utm.so/PLUGIN_DOWN status=0
2018:07:25-13:29:07 sophos-gue openvpn[1027]: Closing TUN/TAP interface
2018:07:25-13:29:07 sophos-gue openvpn[1027]: /bin/ip addr del dev tun0 192.168.99.1/24
2018:07:25-13:29:10 sophos-gue openvpn[1245]: OpenVPN 2.3.10 i686-suse-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Jun 29 2017
2018:07:25-13:29:10 sophos-gue openvpn[1245]: library versions: OpenSSL 1.0.2j-fips 26 Sep 2016, LZO 2.09
2018:07:25-13:29:10 sophos-gue openvpn[1252]: MANAGEMENT: client_uid=0
2018:07:25-13:29:10 sophos-gue openvpn[1252]: MANAGEMENT: client_gid=0
2018:07:25-13:29:10 sophos-gue openvpn[1252]: MANAGEMENT: unix domain socket listening on /var/run/openvpn_mgmt
2018:07:25-13:29:10 sophos-gue openvpn[1252]: PLUGIN_INIT: POST /usr/lib/openvpn/plugins/openvpn-plugin-utm.so ‘[/usr/lib/openvpn/plugins/openvpn-plugin-utm.so]’ intercepted=PLUGIN_UP|PLUGIN_DOWN|PLUGIN_AUTH_USER_PASS_VERIFY|PLUGIN_CLIENT_CONNECT|PLUGIN_CLIENT_DISCONNECT
2018:07:25-13:29:10 sophos-gue openvpn[1252]: Diffie-Hellman initialized with 2048 bit key
2018:07:25-13:29:10 sophos-gue openvpn[1252]: WARNING: experimental option --capath /etc/openvpn/ca.d
2018:07:25-13:29:10 sophos-gue openvpn[1252]: Socket Buffers: R=[87380->87380] S=[16384->16384]
2018:07:25-13:29:10 sophos-gue openvpn[1252]: TUN/TAP device tun0 opened
2018:07:25-13:29:10 sophos-gue openvpn[1252]: TUN/TAP TX queue length set to 100
2018:07:25-13:29:10 sophos-gue openvpn[1252]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0
2018:07:25-13:29:10 sophos-gue openvpn[1252]: /bin/ip link set dev tun0 up mtu 1500
2018:07:25-13:29:10 sophos-gue openvpn[1252]: /bin/ip addr add dev tun0 192.168.99.1/24 broadcast 192.168.99.255
2018:07:25-13:29:10 sophos-gue openvpn[1252]: PLUGIN_CALL: POST /usr/lib/openvpn/plugins/openvpn-plugin-utm.so/PLUGIN_UP status=0
2018:07:25-13:29:10 sophos-gue openvpn[1252]: Listening for incoming TCP connection on [undef]
2018:07:25-13:29:10 sophos-gue openvpn[1252]: TCPv4_SERVER link local (bound): [undef]
2018:07:25-13:29:10 sophos-gue openvpn[1252]: TCPv4_SERVER link remote: [undef]
2018:07:25-13:29:10 sophos-gue openvpn[1252]: MULTI: multi_init called, r=256 v=256
2018:07:25-13:29:10 sophos-gue openvpn[1252]: IFCONFIG POOL: base=192.168.99.2 size=252, ipv6=0
2018:07:25-13:29:10 sophos-gue openvpn[1252]: ifconfig_pool_read(), in=‘REF_AaaUse2,192.168.99.2’, TODO: IPv6
2018:07:25-13:29:10 sophos-gue openvpn[1252]: succeeded → ifconfig_pool_set()
2018:07:25-13:29:10 sophos-gue openvpn[1252]: IFCONFIG POOL LIST
2018:07:25-13:29:10 sophos-gue openvpn[1252]: REF_AaaUse2,192.168.99.2
2018:07:25-13:29:10 sophos-gue openvpn[1252]: MULTI: TCP INIT maxclients=1024 maxevents=1028
2018:07:25-13:29:10 sophos-gue openvpn[1252]: Initialization Sequence Completed
2018:07:25-13:29:11 sophos-gue openvpn[1252]: TCP connection established with [AF_INET]109.41.3.45:25758 (via [AF_INET]80.135.202.225:1194)
2018:07:25-13:29:11 sophos-gue openvpn[1252]: 109.41.3.45:25758 TLS: Initial packet from [AF_INET]109.41.3.45:25758 (via [AF_INET]80.135.202.225:1194), sid=bf1ea9bd 9d9ac814
2018:07:25-13:29:14 sophos-gue openvpn[1252]: 109.41.3.45:25758 VERIFY OK: depth=0, C=de, L=home, O=home, CN=REF_SslSerGaragemikr
2018:07:25-13:29:14 sophos-gue openvpn[1252]: 109.41.3.45:25758 VERIFY OK: depth=1, C=de, L=home, O=home, CN=home VPN CA, emailAddress=xxxxxxx@online.de
2018:07:25-13:29:14 sophos-gue openvpn[1252]: 109.41.3.45:25758 VERIFY OK: depth=1, C=de, L=home, O=home, CN=home VPN CA, emailAddress=xxxxxxx@online.de
2018:07:25-13:29:14 sophos-gue openvpn[1252]: 109.41.3.45:25758 VERIFY OK: depth=0, C=de, L=home, O=home, CN=REF_SslSerGaragemikr
2018:07:25-13:29:15 sophos-gue openvpn[1252]: 109.41.3.45:25758 PLUGIN_CALL: POST /usr/lib/openvpn/plugins/openvpn-plugin-utm.so/PLUGIN_AUTH_USER_PASS_VERIFY status=2
2018:07:25-13:29:15 sophos-gue openvpn[1252]: 109.41.3.45:25758 TLS: Username/Password authentication deferred for username ‘REF_AaaUse2’ [CN SET]
2018:07:25-13:29:15 sophos-gue openvpn[1252]: 109.41.3.45:25758 WARNING: ‘link-mtu’ is used inconsistently, local=‘link-mtu 1544’, remote=‘link-mtu 1443’
2018:07:25-13:29:15 sophos-gue openvpn[1252]: 109.41.3.45:25758 WARNING: ‘tun-mtu’ is used inconsistently, local=‘tun-mtu 1500’, remote=‘tun-mtu 1400’
2018:07:25-13:29:15 sophos-gue openvpn[1252]: 109.41.3.45:25758 WARNING: ‘comp-lzo’ is present in local config but missing in remote config, local=‘comp-lzo’
2018:07:25-13:29:15 sophos-gue openvpn[1252]: 109.41.3.45:25758 Downgrading LZO - client does not send compression headers
2018:07:25-13:29:15 sophos-gue openvpn[1252]: 109.41.3.45:25758 Data Channel Encrypt: Cipher ‘BF-CBC’ initialized with 128 bit key
2018:07:25-13:29:15 sophos-gue openvpn[1252]: 109.41.3.45:25758 Data Channel Encrypt: Using 160 bit message hash ‘SHA1’ for HMAC authentication
2018:07:25-13:29:15 sophos-gue openvpn[1252]: 109.41.3.45:25758 Data Channel Decrypt: Cipher ‘BF-CBC’ initialized with 128 bit key
2018:07:25-13:29:15 sophos-gue openvpn[1252]: 109.41.3.45:25758 Data Channel Decrypt: Using 160 bit message hash ‘SHA1’ for HMAC authentication
2018:07:25-13:29:15 sophos-gue openvpn[1252]: 109.41.3.45:25758 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
2018:07:25-13:29:15 sophos-gue openvpn[1252]: 109.41.3.45:25758 [REF_AaaUse2] Peer Connection Initiated with [AF_INET]109.41.3.45:25758 (via [AF_INET]80.135.202.225:1194)
2018:07:25-13:29:15 sophos-gue openvpn[1252]: 109.41.3.45:25758 PUSH: Received control message: ‘PUSH_REQUEST’
2018:07:25-13:29:15 sophos-gue openvpn[1252]: 109.41.3.45:25758 Delayed exit in 5 seconds
2018:07:25-13:29:15 sophos-gue openvpn[1252]: 109.41.3.45:25758 SENT CONTROL [REF_AaaUse2]: ‘AUTH_FAILED’ (status=1)
2018:07:25-13:29:19 sophos-gue openvpn[1252]: MANAGEMENT: Client connected from /var/run/openvpn_mgmt
2018:07:25-13:29:19 sophos-gue openvpn[1252]: MANAGEMENT: CMD ‘status -1’
2018:07:25-13:29:20 sophos-gue openvpn[1252]: SIGTERM[hard,] received, process exiting
2018:07:25-13:29:20 sophos-gue openvpn[1252]: PLUGIN_CALL: POST /usr/lib/openvpn/plugins/openvpn-plugin-utm.?/PLUGIN_DOWN status=0
2018:07:25-13:29:20 sophos-gue openvpn[1252]: Closing TUN/TAP interface
2018:07:25-13:29:20 sophos-gue openvpn[1252]: /bin/ip addr del dev tun0 192.168.99.1/24
2018:07:25-13:29:22 sophos-gue openvpn[1347]: OpenVPN 2.3.10 i686-suse-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Jun 29 2017
2018:07:25-13:29:22 sophos-gue openvpn[1347]: library versions: OpenSSL 1.0.2j-fips 26 Sep 2016, LZO 2.09
2018:07:25-13:29:22 sophos-gue openvpn[1352]: MANAGEMENT: client_uid=0
2018:07:25-13:29:22 sophos-gue openvpn[1352]: MANAGEMENT: client_gid=0
2018:07:25-13:29:22 sophos-gue openvpn[1352]: MANAGEMENT: unix domain socket listening on /var/run/openvpn_mgmt
2018:07:25-13:29:22 sophos-gue openvpn[1352]: PLUGIN_INIT: POST /usr/lib/openvpn/plugins/openvpn-plugin-utm.so ‘[/usr/lib/openvpn/plugins/openvpn-plugin-utm.so]’ intercepted=PLUGIN_UP|PLUGIN_DOWN|PLUGIN_AUTH_USER_PASS_VERIFY|PLUGIN_CLIENT_CONNECT|PLUGIN_CLIENT_DISCONNECT
2018:07:25-13:29:22 sophos-gue openvpn[1352]: Diffie-Hellman initialized with 2048 bit key
2018:07:25-13:29:22 sophos-gue openvpn[1352]: WARNING: experimental option --capath /etc/openvpn/ca.d
2018:07:25-13:29:22 sophos-gue openvpn[1352]: Socket Buffers: R=[87380->87380] S=[16384->16384]
2018:07:25-13:29:22 sophos-gue openvpn[1352]: ROUTE_GATEWAY 62.155.240.227
2018:07:25-13:29:22 sophos-gue openvpn[1352]: TUN/TAP device tun0 opened
2018:07:25-13:29:22 sophos-gue openvpn[1352]: TUN/TAP TX queue length set to 100
2018:07:25-13:29:22 sophos-gue openvpn[1352]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0
2018:07:25-13:29:22 sophos-gue openvpn[1352]: /bin/ip link set dev tun0 up mtu 1500
2018:07:25-13:29:22 sophos-gue openvpn[1352]: /bin/ip addr add dev tun0 192.168.99.1/24 broadcast 192.168.99.255
2018:07:25-13:29:22 sophos-gue openvpn[1352]: PLUGIN_CALL: POST /usr/lib/openvpn/plugins/openvpn-plugin-utm.so/PLUGIN_UP status=0
2018:07:25-13:29:22 sophos-gue openvpn[1352]: /bin/ip route add 192.168.51.0/24 dev tun0 via 192.168.99.1
2018:07:25-13:29:22 sophos-gue openvpn[1352]: Listening for incoming TCP connection on [undef]
2018:07:25-13:29:22 sophos-gue openvpn[1352]: TCPv4_SERVER link local (bound): [undef]
2018:07:25-13:29:22 sophos-gue openvpn[1352]: TCPv4_SERVER link remote: [undef]
2018:07:25-13:29:22 sophos-gue openvpn[1352]: MULTI: multi_init called, r=256 v=256
2018:07:25-13:29:22 sophos-gue openvpn[1352]: IFCONFIG POOL: base=192.168.99.2 size=252, ipv6=0
2018:07:25-13:29:22 sophos-gue openvpn[1352]: ifconfig_pool_read(), in=‘REF_AaaUse2,192.168.99.2’, TODO: IPv6
2018:07:25-13:29:22 sophos-gue openvpn[1352]: succeeded → ifconfig_pool_set()
2018:07:25-13:29:22 sophos-gue openvpn[1352]: IFCONFIG POOL LIST
2018:07:25-13:29:22 sophos-gue openvpn[1352]: REF_AaaUse2,192.168.99.2
2018:07:25-13:29:22 sophos-gue openvpn[1352]: MULTI: TCP INIT maxclients=1024 maxevents=1028
2018:07:25-13:29:22 sophos-gue openvpn[1352]: Initialization Sequence Completed
2018:07:25-13:29:26 sophos-gue openvpn[1352]: TCP connection established with [AF_INET]109.41.3.45:27932 (via [AF_INET]80.135.202.225:1194)
2018:07:25-13:29:26 sophos-gue openvpn[1352]: 109.41.3.45:27932 TLS: Initial packet from [AF_INET]109.41.3.45:27932 (via [AF_INET]80.135.202.225:1194), sid=bcbc3964 340d4ecc
2018:07:25-13:29:29 sophos-gue openvpn[1352]: 109.41.3.45:27932 VERIFY OK: depth=0, C=de, L=home, O=home, CN=REF_SslSerGaragemikr
2018:07:25-13:29:29 sophos-gue openvpn[1352]: 109.41.3.45:27932 VERIFY OK: depth=1, C=de, L=home, O=home, CN=home VPN CA, emailAddress=xxxxxxx@online.de
2018:07:25-13:29:29 sophos-gue openvpn[1352]: 109.41.3.45:27932 VERIFY OK: depth=1, C=de, L=home, O=home, CN=home VPN CA, emailAddress=xxxxxxx@online.de
2018:07:25-13:29:29 sophos-gue openvpn[1352]: 109.41.3.45:27932 VERIFY OK: depth=0, C=de, L=home, O=home, CN=REF_SslSerGaragemikr
2018:07:25-13:29:30 sophos-gue openvpn[1352]: 109.41.3.45:27932 PLUGIN_CALL: POST /usr/lib/openvpn/plugins/openvpn-plugin-utm.so/PLUGIN_AUTH_USER_PASS_VERIFY status=2
2018:07:25-13:29:30 sophos-gue openvpn[1352]: 109.41.3.45:27932 TLS: Username/Password authentication deferred for username ‘REF_AaaUse2’ [CN SET]
2018:07:25-13:29:30 sophos-gue openvpn[1352]: 109.41.3.45:27932 WARNING: ‘link-mtu’ is used inconsistently, local=‘link-mtu 1544’, remote=‘link-mtu 1443’
2018:07:25-13:29:30 sophos-gue openvpn[1352]: 109.41.3.45:27932 WARNING: ‘tun-mtu’ is used inconsistently, local=‘tun-mtu 1500’, remote=‘tun-mtu 1400’
2018:07:25-13:29:30 sophos-gue openvpn[1352]: 109.41.3.45:27932 WARNING: ‘comp-lzo’ is present in local config but missing in remote config, local=‘comp-lzo’
2018:07:25-13:29:30 sophos-gue openvpn[1352]: 109.41.3.45:27932 Downgrading LZO - client does not send compression headers
2018:07:25-13:29:30 sophos-gue openvpn[1352]: 109.41.3.45:27932 Data Channel Encrypt: Cipher ‘BF-CBC’ initialized with 128 bit key
2018:07:25-13:29:30 sophos-gue openvpn[1352]: 109.41.3.45:27932 Data Channel Encrypt: Using 160 bit message hash ‘SHA1’ for HMAC authentication
2018:07:25-13:29:30 sophos-gue openvpn[1352]: 109.41.3.45:27932 Data Channel Decrypt: Cipher ‘BF-CBC’ initialized with 128 bit key
2018:07:25-13:29:30 sophos-gue openvpn[1352]: 109.41.3.45:27932 Data Channel Decrypt: Using 160 bit message hash ‘SHA1’ for HMAC authentication
2018:07:25-13:29:30 sophos-gue openvpn[1352]: 109.41.3.45:27932 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
2018:07:25-13:29:30 sophos-gue openvpn[1352]: 109.41.3.45:27932 [REF_AaaUse2] Peer Connection Initiated with [AF_INET]109.41.3.45:27932 (via [AF_INET]80.135.202.225:1194)
2018:07:25-13:29:30 sophos-gue openvpn[1352]: 109.41.3.45:27932 PUSH: Received control message: ‘PUSH_REQUEST’
2018:07:25-13:29:31 sophos-gue openvpn[1352]: REF_AaaUse2/109.41.3.45:27932 OPTIONS IMPORT: reading client specific options from: /etc/openvpn/conf.d/REF_AaaUse2
2018:07:25-13:29:31 sophos-gue openvpn[1352]: REF_AaaUse2/109.41.3.45:27932 MULTI_sva: pool returned IPv4=192.168.99.2, IPv6=(Not enabled)
2018:07:25-13:29:31 sophos-gue openvpn[1352]: id=“2203” severity=“info” sys=“SecureNet” sub=“vpn” event=“Site-to-site VPN up” variant=“ssl” connection=“REF_SslSerGaragemikr” address=“80.135.202.225”
2018:07:25-13:29:31 sophos-gue openvpn[1352]: REF_AaaUse2/109.41.3.45:27932 PLUGIN_CALL: POST /usr/lib/openvpn/plugins/openvpn-plugin-utm.so/PLUGIN_CLIENT_CONNECT status=0
2018:07:25-13:29:31 sophos-gue openvpn[1352]: REF_AaaUse2/109.41.3.45:27932 OPTIONS IMPORT: reading client specific options from: /tmp/openvpn_cc_1748c90e2e33a66cadc0fa6ac4486d38.tmp
2018:07:25-13:29:31 sophos-gue openvpn[1352]: REF_AaaUse2/109.41.3.45:27932 MULTI: Learn: 192.168.99.2 → REF_AaaUse2/109.41.3.45:27932
2018:07:25-13:29:31 sophos-gue openvpn[1352]: REF_AaaUse2/109.41.3.45:27932 MULTI: primary virtual IP for REF_AaaUse2/109.41.3.45:27932: 192.168.99.2
2018:07:25-13:29:31 sophos-gue openvpn[1352]: REF_AaaUse2/109.41.3.45:27932 MULTI: internal route 192.168.51.0/24 → REF_AaaUse2/109.41.3.45:27932
2018:07:25-13:29:31 sophos-gue openvpn[1352]: REF_AaaUse2/109.41.3.45:27932 MULTI: Learn: 192.168.51.0/24 → REF_AaaUse2/109.41.3.45:27932
2018:07:25-13:29:31 sophos-gue openvpn[1352]: MULTI: Learn: 192.168.51.1 → REF_AaaUse2/109.41.3.45:27932
2018:07:25-13:29:31 sophos-gue openvpn[1352]: MULTI: Learn: 192.168.51.5 → REF_AaaUse2/109.41.3.45:27932
2018:07:25-13:33:48 sophos-gue openvpn[1352]: MANAGEMENT: Client connected from /var/run/openvpn_mgmt
2018:07:25-13:33:48 sophos-gue openvpn[1352]: MANAGEMENT: CMD ‘kill REF_AaaUse2’
2018:07:25-13:33:48 sophos-gue openvpn[1352]: REF_AaaUse2/109.41.3.45:27932 SIGTERM[soft,] received, client-instance exiting
2018:07:25-13:33:48 sophos-gue openvpn[1352]: id=“2204” severity=“info” sys=“SecureNet” sub=“vpn” event=“Site-to-site VPN down” variant=“ssl” connection=“REF_SslSerGaragemikr” address=“80.135.202.225”
2018:07:25-13:33:48 sophos-gue openvpn[1352]: PLUGIN_CALL: POST /usr/lib/openvpn/plugins/openvpn-plugin-utm.so/PLUGIN_CLIENT_DISCONNECT status=0
2018:07:25-13:33:49 sophos-gue openvpn[1352]: SIGTERM[hard,] received, process exiting
2018:07:25-13:33:49 sophos-gue openvpn[1352]: /bin/ip route del 192.168.51.0/24
2018:07:25-13:33:49 sophos-gue openvpn[1352]: PLUGIN_CALL: POST /usr/lib/openvpn/plugins/openvpn-plugin-utm.so/PLUGIN_DOWN status=0
2018:07:25-13:33:49 sophos-gue openvpn[1352]: Closing TUN/TAP interface
2018:07:25-13:33:49 sophos-gue openvpn[1352]: /bin/ip addr del dev tun0 192.168.99.1/24
2018:07:25-13:33:53 sophos-gue openvpn[2372]: OpenVPN 2.3.10 i686-suse-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Jun 29 2017
2018:07:25-13:33:53 sophos-gue openvpn[2372]: library versions: OpenSSL 1.0.2j-fips 26 Sep 2016, LZO 2.09
2018:07:25-13:33:53 sophos-gue openvpn[2382]: MANAGEMENT: client_uid=0
2018:07:25-13:33:53 sophos-gue openvpn[2382]: MANAGEMENT: client_gid=0
2018:07:25-13:33:53 sophos-gue openvpn[2382]: MANAGEMENT: unix domain socket listening on /var/run/openvpn_mgmt
2018:07:25-13:33:53 sophos-gue openvpn[2382]: PLUGIN_INIT: POST /usr/lib/openvpn/plugins/openvpn-plugin-utm.so ‘[/usr/lib/openvpn/plugins/openvpn-plugin-utm.so]’ intercepted=PLUGIN_UP|PLUGIN_DOWN|PLUGIN_AUTH_USER_PASS_VERIFY|PLUGIN_CLIENT_CONNECT|PLUGIN_CLIENT_DISCONNECT
2018:07:25-13:33:53 sophos-gue openvpn[2382]: Diffie-Hellman initialized with 2048 bit key
2018:07:25-13:33:53 sophos-gue openvpn[2382]: WARNING: experimental option --capath /etc/openvpn/ca.d
2018:07:25-13:33:53 sophos-gue openvpn[2382]: Socket Buffers: R=[87380->87380] S=[16384->16384]
2018:07:25-13:33:53 sophos-gue openvpn[2382]: TUN/TAP device tun0 opened
2018:07:25-13:33:53 sophos-gue openvpn[2382]: TUN/TAP TX queue length set to 100
2018:07:25-13:33:53 sophos-gue openvpn[2382]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0
2018:07:25-13:33:53 sophos-gue openvpn[2382]: /bin/ip link set dev tun0 up mtu 1500
2018:07:25-13:33:53 sophos-gue openvpn[2382]: /bin/ip addr add dev tun0 192.168.99.1/24 broadcast 192.168.99.255
2018:07:25-13:33:53 sophos-gue openvpn[2382]: PLUGIN_CALL: POST /usr/lib/openvpn/plugins/openvpn-plugin-utm.so/PLUGIN_UP status=0
2018:07:25-13:33:53 sophos-gue openvpn[2382]: Listening for incoming TCP connection on [undef]
2018:07:25-13:33:53 sophos-gue openvpn[2382]: TCPv4_SERVER link local (bound): [undef]
2018:07:25-13:33:53 sophos-gue openvpn[2382]: TCPv4_SERVER link remote: [undef]
2018:07:25-13:33:53 sophos-gue openvpn[2382]: MULTI: multi_init called, r=256 v=256
2018:07:25-13:33:53 sophos-gue openvpn[2382]: IFCONFIG POOL: base=192.168.99.2 size=252, ipv6=0
2018:07:25-13:33:53 sophos-gue openvpn[2382]: ifconfig_pool_read(), in=‘REF_AaaUse2,192.168.99.2’, TODO: IPv6
2018:07:25-13:33:53 sophos-gue openvpn[2382]: succeeded → ifconfig_pool_set()
2018:07:25-13:33:53 sophos-gue openvpn[2382]: IFCONFIG POOL LIST
2018:07:25-13:33:53 sophos-gue openvpn[2382]: REF_AaaUse2,192.168.99.2
2018:07:25-13:33:53 sophos-gue openvpn[2382]: MULTI: TCP INIT maxclients=1024 maxevents=1028
2018:07:25-13:33:53 sophos-gue openvpn[2382]: Initialization Sequence Completed
2018:07:25-13:34:00 sophos-gue openvpn[2382]: TCP connection established with [AF_INET]109.41.3.45:19597 (via [AF_INET]80.135.202.225:1194)
2018:07:25-13:34:00 sophos-gue openvpn[2382]: 109.41.3.45:19597 TLS: Initial packet from [AF_INET]109.41.3.45:19597 (via [AF_INET]80.135.202.225:1194), sid=043e7f9c f9fc0abb
2018:07:25-13:34:01 sophos-gue openvpn[2382]: MANAGEMENT: Client connected from /var/run/openvpn_mgmt
2018:07:25-13:34:01 sophos-gue openvpn[2382]: MANAGEMENT: CMD ‘status -1’
2018:07:25-13:34:01 sophos-gue openvpn[2382]: SIGTERM[hard,] received, process exiting
2018:07:25-13:34:01 sophos-gue openvpn[2382]: PLUGIN_CALL: POST /usr/lib/openvpn/plugins/openvpn-plugin-utm.so/PLUGIN_DOWN status=0
2018:07:25-13:34:01 sophos-gue openvpn[2382]: Closing TUN/TAP interface
2018:07:25-13:34:01 sophos-gue openvpn[2382]: /bin/ip addr del dev tun0 192.168.99.1/24
2018:07:25-13:34:05 sophos-gue openvpn[2476]: OpenVPN 2.3.10 i686-suse-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Jun 29 2017
2018:07:25-13:34:05 sophos-gue openvpn[2476]: library versions: OpenSSL 1.0.2j-fips 26 Sep 2016, LZO 2.09
2018:07:25-13:34:05 sophos-gue openvpn[2486]: MANAGEMENT: client_uid=0
2018:07:25-13:34:05 sophos-gue openvpn[2486]: MANAGEMENT: client_gid=0
2018:07:25-13:34:05 sophos-gue openvpn[2486]: MANAGEMENT: unix domain socket listening on /var/run/openvpn_mgmt
2018:07:25-13:34:05 sophos-gue openvpn[2486]: PLUGIN_INIT: POST /usr/lib/openvpn/plugins/openvpn-plugin-utm.so ‘[/usr/lib/openvpn/plugins/openvpn-plugin-utm.so]’ intercepted=PLUGIN_UP|PLUGIN_DOWN|PLUGIN_AUTH_USER_PASS_VERIFY|PLUGIN_CLIENT_CONNECT|PLUGIN_CLIENT_DISCONNECT
2018:07:25-13:34:05 sophos-gue openvpn[2486]: Diffie-Hellman initialized with 2048 bit key
2018:07:25-13:34:05 sophos-gue openvpn[2486]: WARNING: experimental option --capath /etc/openvpn/ca.d
2018:07:25-13:34:05 sophos-gue openvpn[2486]: Socket Buffers: R=[87380->87380] S=[16384->16384]
2018:07:25-13:34:05 sophos-gue openvpn[2486]: ROUTE_GATEWAY 62.155.240.227
2018:07:25-13:34:05 sophos-gue openvpn[2486]: TUN/TAP device tun0 opened
2018:07:25-13:34:05 sophos-gue openvpn[2486]: TUN/TAP TX queue length set to 100
2018:07:25-13:34:05 sophos-gue openvpn[2486]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0
2018:07:25-13:34:05 sophos-gue openvpn[2486]: /bin/ip link set dev tun0 up mtu 1500
2018:07:25-13:34:05 sophos-gue openvpn[2486]: /bin/ip addr add dev tun0 192.168.99.1/24 broadcast 192.168.99.255
2018:07:25-13:34:05 sophos-gue openvpn[2486]: PLUGIN_CALL: POST /usr/lib/openvpn/plugins/openvpn-plugin-utm.so/PLUGIN_UP status=0
2018:07:25-13:34:05 sophos-gue openvpn[2486]: /bin/ip route add 192.168.51.0/24 dev tun0 via 192.168.99.1
2018:07:25-13:34:05 sophos-gue openvpn[2486]: Listening for incoming TCP connection on [undef]
2018:07:25-13:34:05 sophos-gue openvpn[2486]: TCPv4_SERVER link local (bound): [undef]
2018:07:25-13:34:05 sophos-gue openvpn[2486]: TCPv4_SERVER link remote: [undef]
2018:07:25-13:34:05 sophos-gue openvpn[2486]: MULTI: multi_init called, r=256 v=256
2018:07:25-13:34:05 sophos-gue openvpn[2486]: IFCONFIG POOL: base=192.168.99.2 size=252, ipv6=0
2018:07:25-13:34:05 sophos-gue openvpn[2486]: ifconfig_pool_read(), in=‘REF_AaaUse2,192.168.99.2’, TODO: IPv6
2018:07:25-13:34:05 sophos-gue openvpn[2486]: succeeded → ifconfig_pool_set()
2018:07:25-13:34:05 sophos-gue openvpn[2486]: IFCONFIG POOL LIST
2018:07:25-13:34:05 sophos-gue openvpn[2486]: REF_AaaUse2,192.168.99.2
2018:07:25-13:34:05 sophos-gue openvpn[2486]: MULTI: TCP INIT maxclients=1024 maxevents=1028
2018:07:25-13:34:05 sophos-gue openvpn[2486]: Initialization Sequence Completed
2018:07:25-13:34:11 sophos-gue openvpn[2486]: TCP connection established with [AF_INET]109.41.3.45:24431 (via [AF_INET]80.135.202.225:1194)
2018:07:25-13:34:11 sophos-gue openvpn[2486]: 109.41.3.45:24431 TLS: Initial packet from [AF_INET]109.41.3.45:24431 (via [AF_INET]80.135.202.225:1194), sid=51fb1856 ccf4eac4
2018:07:25-13:34:13 sophos-gue openvpn[2486]: 109.41.3.45:24431 VERIFY OK: depth=0, C=de, L=home, O=home, CN=REF_SslSerGaragemikr
2018:07:25-13:34:13 sophos-gue openvpn[2486]: 109.41.3.45:24431 VERIFY OK: depth=1, C=de, L=home, O=home, CN=home VPN CA, emailAddress=xxxxxxx@online.de
2018:07:25-13:34:13 sophos-gue openvpn[2486]: 109.41.3.45:24431 VERIFY OK: depth=1, C=de, L=home, O=home, CN=home VPN CA, emailAddress=xxxxxxx@online.de
2018:07:25-13:34:13 sophos-gue openvpn[2486]: 109.41.3.45:24431 VERIFY OK: depth=0, C=de, L=home, O=home, CN=REF_SslSerGaragemikr
2018:07:25-13:34:14 sophos-gue openvpn[2486]: 109.41.3.45:24431 PLUGIN_CALL: POST /usr/lib/openvpn/plugins/openvpn-plugin-utm.so/PLUGIN_AUTH_USER_PASS_VERIFY status=2
2018:07:25-13:34:14 sophos-gue openvpn[2486]: 109.41.3.45:24431 TLS: Username/Password authentication deferred for username ‘REF_AaaUse2’ [CN SET]
2018:07:25-13:34:14 sophos-gue openvpn[2486]: 109.41.3.45:24431 WARNING: ‘link-mtu’ is used inconsistently, local=‘link-mtu 1544’, remote=‘link-mtu 1443’
2018:07:25-13:34:14 sophos-gue openvpn[2486]: 109.41.3.45:24431 WARNING: ‘tun-mtu’ is used inconsistently, local=‘tun-mtu 1500’, remote=‘tun-mtu 1400’
2018:07:25-13:34:14 sophos-gue openvpn[2486]: 109.41.3.45:24431 WARNING: ‘comp-lzo’ is present in local config but missing in remote config, local=‘comp-lzo’
2018:07:25-13:34:14 sophos-gue openvpn[2486]: 109.41.3.45:24431 Downgrading LZO - client does not send compression headers
2018:07:25-13:34:14 sophos-gue openvpn[2486]: 109.41.3.45:24431 Data Channel Encrypt: Cipher ‘BF-CBC’ initialized with 128 bit key
2018:07:25-13:34:14 sophos-gue openvpn[2486]: 109.41.3.45:24431 Data Channel Encrypt: Using 160 bit message hash ‘SHA1’ for HMAC authentication
2018:07:25-13:34:14 sophos-gue openvpn[2486]: 109.41.3.45:24431 Data Channel Decrypt: Cipher ‘BF-CBC’ initialized with 128 bit key
2018:07:25-13:34:14 sophos-gue openvpn[2486]: 109.41.3.45:24431 Data Channel Decrypt: Using 160 bit message hash ‘SHA1’ for HMAC authentication
2018:07:25-13:34:14 sophos-gue openvpn[2486]: 109.41.3.45:24431 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
2018:07:25-13:34:14 sophos-gue openvpn[2486]: 109.41.3.45:24431 [REF_AaaUse2] Peer Connection Initiated with [AF_INET]109.41.3.45:24431 (via [AF_INET]80.135.202.225:1194)
2018:07:25-13:34:14 sophos-gue openvpn[2486]: 109.41.3.45:24431 PUSH: Received control message: ‘PUSH_REQUEST’
2018:07:25-13:34:15 sophos-gue openvpn[2486]: REF_AaaUse2/109.41.3.45:24431 OPTIONS IMPORT: reading client specific options from: /etc/openvpn/conf.d/REF_AaaUse2
2018:07:25-13:34:15 sophos-gue openvpn[2486]: REF_AaaUse2/109.41.3.45:24431 MULTI_sva: pool returned IPv4=192.168.99.2, IPv6=(Not enabled)
2018:07:25-13:34:15 sophos-gue openvpn[2486]: id=“2203” severity=“info” sys=“SecureNet” sub=“vpn” event=“Site-to-site VPN up” variant=“ssl” connection=“REF_SslSerGaragemikr” address=“80.135.202.225”
2018:07:25-13:34:15 sophos-gue openvpn[2486]: REF_AaaUse2/109.41.3.45:24431 PLUGIN_CALL: POST /usr/lib/openvpn/plugins/openvpn-plugin-utm.so/PLUGIN_CLIENT_CONNECT status=0
2018:07:25-13:34:15 sophos-gue openvpn[2486]: REF_AaaUse2/109.41.3.45:24431 OPTIONS IMPORT: reading client specific options from: /tmp/openvpn_cc_ba0ee6be5946e873c95023305a91bb83.tmp
2018:07:25-13:34:15 sophos-gue openvpn[2486]: REF_AaaUse2/109.41.3.45:24431 MULTI: Learn: 192.168.99.2 → REF_AaaUse2/109.41.3.45:24431
2018:07:25-13:34:15 sophos-gue openvpn[2486]: REF_AaaUse2/109.41.3.45:24431 MULTI: primary virtual IP for REF_AaaUse2/109.41.3.45:24431: 192.168.99.2
2018:07:25-13:34:15 sophos-gue openvpn[2486]: REF_AaaUse2/109.41.3.45:24431 MULTI: internal route 192.168.51.0/24 → REF_AaaUse2/109.41.3.45:24431
2018:07:25-13:34:15 sophos-gue openvpn[2486]: REF_AaaUse2/109.41.3.45:24431 MULTI: Learn: 192.168.51.0/24 → REF_AaaUse2/109.41.3.45:24431
2018:07:25-13:34:15 sophos-gue openvpn[2486]: MULTI: Learn: 192.168.51.1 → REF_AaaUse2/109.41.3.45:24431
2018:07:25-13:34:15 sophos-gue openvpn[2486]: MULTI: Learn: 192.168.51.5 → REF_AaaUse2/109.41.3.45:24431
2018:07:25-13:37:42 sophos-gue openvpn[2486]: id=“2204” severity=“info” sys=“SecureNet” sub=“vpn” event=“Site-to-site VPN down” variant=“ssl” connection=“REF_SslSerGaragemikr” address=“80.135.202.225”
2018:07:25-13:37:42 sophos-gue openvpn[2486]: PLUGIN_CALL: POST /usr/lib/openvpn/plugins/openvpn-plugin-utm.so/PLUGIN_CLIENT_DISCONNECT status=0
2018:07:25-13:37:42 sophos-gue openvpn[2486]: SIGTERM[hard,] received, process exiting
2018:07:25-13:37:42 sophos-gue openvpn[2486]: /bin/ip route del 192.168.51.0/24
2018:07:25-13:37:42 sophos-gue openvpn[2486]: PLUGIN_CALL: POST /PLUGIN_DOWN status=0
2018:07:25-13:37:42 sophos-gue openvpn[2486]: Closing TUN/TAP interface
2018:07:25-13:37:42 sophos-gue openvpn[2486]: /bin/ip addr del dev tun0 192.168.99.1/24
2018:07:25-13:37:46 sophos-gue openvpn[3245]: OpenVPN 2.3.10 i686-suse-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Jun 29 2017
2018:07:25-13:37:46 sophos-gue openvpn[3245]: library versions: OpenSSL 1.0.2j-fips 26 Sep 2016, LZO 2.09
2018:07:25-13:37:46 sophos-gue openvpn[3269]: MANAGEMENT: client_uid=0
2018:07:25-13:37:46 sophos-gue openvpn[3269]: MANAGEMENT: client_gid=0
2018:07:25-13:37:46 sophos-gue openvpn[3269]: MANAGEMENT: unix domain socket listening on /var/run/openvpn_mgmt
2018:07:25-13:37:46 sophos-gue openvpn[3269]: PLUGIN_INIT: POST /usr/lib/openvpn/plugins/openvpn-plugin-utm.so ‘[/usr/lib/openvpn/plugins/openvpn-plugin-utm.so]’ intercepted=PLUGIN_UP|PLUGIN_DOWN|PLUGIN_AUTH_USER_PASS_VERIFY|PLUGIN_CLIENT_CONNECT|PLUGIN_CLIENT_DISCONNECT
2018:07:25-13:37:46 sophos-gue openvpn[3269]: Diffie-Hellman initialized with 1024 bit key
2018:07:25-13:37:46 sophos-gue openvpn[3269]: WARNING: experimental option --capath /etc/openvpn/ca.d
2018:07:25-13:37:46 sophos-gue openvpn[3269]: Socket Buffers: R=[87380->87380] S=[16384->16384]
2018:07:25-13:37:46 sophos-gue openvpn[3269]: ROUTE_GATEWAY 62.155.240.227
2018:07:25-13:37:46 sophos-gue openvpn[3269]: TUN/TAP device tun0 opened
2018:07:25-13:37:46 sophos-gue openvpn[3269]: TUN/TAP TX queue length set to 100
2018:07:25-13:37:46 sophos-gue openvpn[3269]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0
2018:07:25-13:37:46 sophos-gue openvpn[3269]: /bin/ip link set dev tun0 up mtu 1500
2018:07:25-13:37:46 sophos-gue openvpn[3269]: /bin/ip addr add dev tun0 192.168.99.1/24 broadcast 192.168.99.255
2018:07:25-13:37:46 sophos-gue openvpn[3269]: PLUGIN_CALL: POST /usr/lib/openvpn/plugins/openvpn-plugin-utm.so/PLUGIN_UP status=0
2018:07:25-13:37:46 sophos-gue openvpn[3269]: /bin/ip route add 192.168.51.0/24 dev tun0 via 192.168.99.1
2018:07:25-13:37:46 sophos-gue openvpn[3269]: Listening for incoming TCP connection on [undef]
2018:07:25-13:37:46 sophos-gue openvpn[3269]: TCPv4_SERVER link local (bound): [undef]
2018:07:25-13:37:46 sophos-gue openvpn[3269]: TCPv4_SERVER link remote: [undef]
2018:07:25-13:37:46 sophos-gue openvpn[3269]: MULTI: multi_init called, r=256 v=256
2018:07:25-13:37:46 sophos-gue openvpn[3269]: IFCONFIG POOL: base=192.168.99.2 size=252, ipv6=0
2018:07:25-13:37:46 sophos-gue openvpn[3269]: ifconfig_pool_read(), in=‘REF_AaaUse2,192.168.99.2’, TODO: IPv6
2018:07:25-13:37:46 sophos-gue openvpn[3269]: succeeded → ifconfig_pool_set()
2018:07:25-13:37:46 sophos-gue openvpn[3269]: IFCONFIG POOL LIST
2018:07:25-13:37:46 sophos-gue openvpn[3269]: REF_AaaUse2,192.168.99.2
2018:07:25-13:37:46 sophos-gue openvpn[3269]: MULTI: TCP INIT maxclients=1024 maxevents=1028
2018:07:25-13:37:46 sophos-gue openvpn[3269]: Initialization Sequence Completed
2018:07:25-13:37:54 sophos-gue openvpn[3269]: TCP connection established with [AF_INET]109.41.3.45:12943 (via [AF_INET]80.135.202.225:1194)
2018:07:25-13:37:54 sophos-gue openvpn[3269]: 109.41.3.45:12943 TLS: Initial packet from [AF_INET]109.41.3.45:12943 (via [AF_INET]80.135.202.225:1194), sid=b76080cd 1c7051ec
2018:07:25-13:37:55 sophos-gue openvpn[3269]: 109.41.3.45:12943 VERIFY OK: depth=0, C=de, L=home, O=home, CN=REF_SslSerGaragemikr
2018:07:25-13:37:55 sophos-gue openvpn[3269]: 109.41.3.45:12943 VERIFY OK: depth=1, C=de, L=home, O=home, CN=home VPN CA, emailAddress=xxxxxxx@online.de
2018:07:25-13:37:55 sophos-gue openvpn[3269]: 109.41.3.45:12943 VERIFY OK: depth=1, C=de, L=home, O=home, CN=home VPN CA, emailAddress=xxxxxxx@online.de
2018:07:25-13:37:55 sophos-gue openvpn[3269]: 109.41.3.45:12943 VERIFY OK: depth=0, C=de, L=home, O=home, CN=REF_SslSerGaragemikr
2018:07:25-13:37:55 sophos-gue openvpn[3269]: 109.41.3.45:12943 PLUGIN_CALL: POST /usr/lib/openvpn/plugins/openvpn-plugin-utm.so/PLUGIN_AUTH_USER_PASS_VERIFY status=2
2018:07:25-13:37:55 sophos-gue openvpn[3269]: 109.41.3.45:12943 TLS: Username/Password authentication deferred for username ‘REF_AaaUse2’ [CN SET]
2018:07:25-13:37:55 sophos-gue openvpn[3269]: 109.41.3.45:12943 WARNING: ‘link-mtu’ is used inconsistently, local=‘link-mtu 1544’, remote=‘link-mtu 1443’
2018:07:25-13:37:55 sophos-gue openvpn[3269]: 109.41.3.45:12943 WARNING: ‘tun-mtu’ is used inconsistently, local=‘tun-mtu 1500’, remote=‘tun-mtu 1400’
2018:07:25-13:37:55 sophos-gue openvpn[3269]: 109.41.3.45:12943 WARNING: ‘comp-lzo’ is present in local config but missing in remote config, local=‘comp-lzo’
2018:07:25-13:37:55 sophos-gue openvpn[3269]: 109.41.3.45:12943 Downgrading LZO - client does not send compression headers
2018:07:25-13:37:55 sophos-gue openvpn[3269]: 109.41.3.45:12943 Data Channel Encrypt: Cipher ‘BF-CBC’ initialized with 128 bit key
2018:07:25-13:37:55 sophos-gue openvpn[3269]: 109.41.3.45:12943 Data Channel Encrypt: Using 160 bit message hash ‘SHA1’ for HMAC authentication
2018:07:25-13:37:55 sophos-gue openvpn[3269]: 109.41.3.45:12943 Data Channel Decrypt: Cipher ‘BF-CBC’ initialized with 128 bit key
2018:07:25-13:37:55 sophos-gue openvpn[3269]: 109.41.3.45:12943 Data Channel Decrypt: Using 160 bit message hash ‘SHA1’ for HMAC authentication
2018:07:25-13:37:55 sophos-gue openvpn[3269]: 109.41.3.45:12943 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
2018:07:25-13:37:55 sophos-gue openvpn[3269]: 109.41.3.45:12943 [REF_AaaUse2] Peer Connection Initiated with [AF_INET]109.41.3.45:12943 (via [AF_INET]80.135.202.225:1194)
2018:07:25-13:37:55 sophos-gue openvpn[3269]: REF_AaaUse2/109.41.3.45:12943 OPTIONS IMPORT: reading client specific options from: /etc/openvpn/conf.d/REF_AaaUse2
2018:07:25-13:37:55 sophos-gue openvpn[3269]: REF_AaaUse2/109.41.3.45:12943 MULTI_sva: pool returned IPv4=192.168.99.2, IPv6=(Not enabled)
2018:07:25-13:37:55 sophos-gue openvpn[3269]: id=“2203” severity=“info” sys=“SecureNet” sub=“vpn” event=“Site-to-site VPN up” variant=“ssl” connection=“REF_SslSerGaragemikr” address=“80.135.202.225”
2018:07:25-13:37:55 sophos-gue openvpn[3269]: REF_AaaUse2/109.41.3.45:12943 PLUGIN_CALL: POST /usr/lib/openvpn/plugins/openvpn-plugin-utm.so/PLUGIN_CLIENT_CONNECT status=0
2018:07:25-13:37:55 sophos-gue openvpn[3269]: REF_AaaUse2/109.41.3.45:12943 OPTIONS IMPORT: reading client specific options from: /tmp/openvpn_cc_83f30bcc49774c9bb938a4a9769e491d.tmp
2018:07:25-13:37:55 sophos-gue openvpn[3269]: REF_AaaUse2/109.41.3.45:12943 MULTI: Learn: 192.168.99.2 → REF_AaaUse2/109.41.3.45:12943
2018:07:25-13:37:55 sophos-gue openvpn[3269]: REF_AaaUse2/109.41.3.45:12943 MULTI: primary virtual IP for REF_AaaUse2/109.41.3.45:12943: 192.168.99.2
2018:07:25-13:37:55 sophos-gue openvpn[3269]: REF_AaaUse2/109.41.3.45:12943 MULTI: internal route 192.168.51.0/24 → REF_AaaUse2/109.41.3.45:12943
2018:07:25-13:37:55 sophos-gue openvpn[3269]: REF_AaaUse2/109.41.3.45:12943 MULTI: Learn: 192.168.51.0/24 → REF_AaaUse2/109.41.3.45:12943
2018:07:25-13:37:55 sophos-gue openvpn[3269]: MULTI: Learn: 192.168.51.1 → REF_AaaUse2/109.41.3.45:12943
2018:07:25-13:37:55 sophos-gue openvpn[3269]: REF_AaaUse2/109.41.3.45:12943 PUSH: Received control message: ‘PUSH_REQUEST’
2018:07:25-13:37:55 sophos-gue openvpn[3269]: REF_AaaUse2/109.41.3.45:12943 send_push_reply(): safe_cap=940
2018:07:25-13:37:55 sophos-gue openvpn[3269]: REF_AaaUse2/109.41.3.45:12943 SENT CONTROL [REF_AaaUse2]: ‘PUSH_REPLY,topology subnet,route-gateway 192.168.99.1,route 192.168.10.0 255.255.255.0,route 192.168.12.0 255.255.255.0,setenv-safe remote_network_1 192.168.10.0/24,setenv-safe remote_network_2 192.168.12.0/24,setenv-safe local_network_1 192.168.51.0/24,ifconfig 192.168.99.2 255.255.255.0’ (status=1)
2018:07:25-13:37:55 sophos-gue openvpn[3269]: MULTI: Learn: 192.168.51.5 → REF_AaaUse2/109.41.3.45:12943
2018:07:25-13:39:07 sophos-gue openvpn[3269]: MANAGEMENT: Client connected from /var/run/openvpn_mgmt
2018:07:25-13:39:07 sophos-gue openvpn[3269]: MANAGEMENT: CMD ‘status -1’
2018:07:25-13:39:09 sophos-gue openvpn[3269]: MANAGEMENT: CMD ‘status -1’
2018:07:25-13:39:19 sophos-gue openvpn[3269]: MANAGEMENT: Client disconnected
2018:07:25-13:54:06 sophos-gue openvpn[3269]: MANAGEMENT: Client connected from /var/run/openvpn_mgmt
2018:07:25-13:54:06 sophos-gue openvpn[3269]: MANAGEMENT: CMD ‘status -1’
2018:07:25-13:54:09 sophos-gue openvpn[3269]: MANAGEMENT: CMD ‘status -1’
2018:07:25-13:54:19 sophos-gue openvpn[3269]: MANAGEMENT: Client disconnected