Beantwortet: Verbindungsfehler mit Windows Firewall

Leichenhalle

Junior Member
Hallo,
mit OpenVPN bekomme ich gar keine Verbindung.
Da sieht das Log so aus:

05.05.2021 19:28:53 Debug Debug: config connect called
05.05.2021 19:28:53 Log DisconnectReason set to NoDisconnect in connect_thread
05.05.2021 19:28:53 Log Debug: connect_thread started
05.05.2021 19:28:54 Log State Change Event - Initializing
05.05.2021 19:28:54 Log Waiting for OpenVPN.exe to get ready
05.05.2021 19:28:54 Log OpenVPN.exe ready
05.05.2021 19:28:54 Log Checking firewall and DNS leak protection settings
05.05.2021 19:28:56 Log Waiting for network to get ready
05.05.2021 19:28:56 Debug Proxy: VpnServer: RemoteIp:82.199.134.162
05.05.2021 19:28:56 Debug Debug: Serviceconnection connect called
05.05.2021 19:28:57 Management Connecting to management interface 127.0.0.1:11335
05.05.2021 19:28:57 Log MANAGEMENT: CMD 'state on'
05.05.2021 19:28:57 Log MANAGEMENT: CMD 'hold release'
05.05.2021 19:28:57 Log MANAGEMENT: CMD 'username 'Auth' "<Username Removed>"'
05.05.2021 19:28:58 Log MANAGEMENT: CMD 'password [...]'
05.05.2021 19:28:58 Log NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
05.05.2021 19:28:58 Log Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
05.05.2021 19:28:58 Log Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
05.05.2021 19:28:58 Log Control Channel MTU parms [ L:1626 D:1140 EF:110 EB:0 ET:0 EL:3 ]
05.05.2021 19:28:58 Log Data Channel MTU parms [ L:1626 D:1300 EF:126 EB:407 ET:0 EL:3 ]
05.05.2021 19:28:58 Log Fragmentation MTU parms [ L:1626 D:1300 EF:125 EB:407 ET:1 EL:3 ]
05.05.2021 19:28:58 Log Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1606,tun-mtu 1500,proto UDPv4,comp-lzo,mtu-dynamic,keydir 1,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-client'
05.05.2021 19:28:58 Log Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1606,tun-mtu 1500,proto UDPv4,comp-lzo,mtu-dynamic,keydir 0,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-server'
05.05.2021 19:28:58 Log TCP/UDP: Preserving recently used remote address: [AF_INET]82.199.134.162:1151
05.05.2021 19:28:58 Log Socket Buffers: R=[65536->65536] S=[65536->65536]
05.05.2021 19:28:58 Log UDP link local: (not bound)
05.05.2021 19:28:58 Log UDP link remote: [AF_INET]82.199.134.162:1151
05.05.2021 19:28:58 Log MANAGEMENT: >STATE:1620235738,WAIT,,,,,,
05.05.2021 19:28:58 State WAIT
05.05.2021 19:28:58 Log MANAGEMENT: >STATE:1620235738,AUTH,,,,,,
05.05.2021 19:28:59 State AUTH
05.05.2021 19:28:59 Log TLS: Initial packet from [AF_INET]82.199.134.162:1151, sid=b151df7d a8f32efd
05.05.2021 19:28:59 Log WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
05.05.2021 19:28:59 Log PID_ERR replay-window backtrack occurred [3] [TLS_WRAP-0] [0___0] 1620235738:5 1620235738:2 t=1620235738[0] r=[0,64,15,3,1] sl=[59,5,64,528]
05.05.2021 19:28:59 Log VERIFY OK: depth=1, C=CH, ST=Zug, L=Zug, O=Perfect Privacy, CN=Perfect Privacy, emailAddress=admin@perfect-privacy.com
05.05.2021 19:28:59 Log VERIFY KU OK
05.05.2021 19:28:59 Log Validating certificate extended key usage
05.05.2021 19:28:59 Log ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
05.05.2021 19:28:59 Log VERIFY EKU OK
05.05.2021 19:28:59 Log VERIFY OK: depth=0, C=CH, ST=Zug, O=Perfect Privacy, CN=Server_basel.perfect-privacy.com, emailAddress=admin@perfect-privacy.com
05.05.2021 19:28:59 Log Control Channel: TLSv1.2, cipher TLSv1.2 DHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
05.05.2021 19:28:59 Log [Server_basel.perfect-privacy.com] Peer Connection Initiated with [AF_INET]82.199.134.162:1151
05.05.2021 19:29:00 Log MANAGEMENT: >STATE:1620235740,GET_CONFIG,,,,,,
05.05.2021 19:29:00 State GET_CONFIG
05.05.2021 19:29:00 Log SENT CONTROL [Server_basel.perfect-privacy.com]: 'PUSH_REQUEST' (status=1)
05.05.2021 19:29:00 Log PUSH: Received control message: 'PUSH_REPLY,topology subnet,redirect-gateway def1 ipv6,sndbuf 131072,rcvbuf 131072,route-ipv6 2000::/3,comp-lzo adaptive,route-gateway 10.0.84.1,ping 10,ping-restart 60,dhcp-option DNS 82.199.134.174,dhcp-option DNS 80.255.10.206,ifconfig-ipv6 fdbf:1d37:bbe0:0:5:4:0:39/112 fdbf:1d37:bbe0:0:5:4:0:1,ifconfig 10.0.84.57 255.255.255.0,peer-id 22'
05.05.2021 19:29:00 Log WARNING: You have specified redirect-gateway and redirect-private at the same time (or the same option multiple times). This is not well supported and may lead to unexpected results
05.05.2021 19:29:00 Log WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
05.05.2021 19:29:00 Log OPTIONS IMPORT: timers and/or timeouts modified
05.05.2021 19:29:00 Log OPTIONS IMPORT: compression parms modified
05.05.2021 19:29:00 Log LZO compression initializing
05.05.2021 19:29:00 Log OPTIONS IMPORT: --sndbuf/--rcvbuf options modified
05.05.2021 19:29:00 Log Socket Buffers: R=[65536->131072] S=[65536->131072]
05.05.2021 19:29:00 Log OPTIONS IMPORT: --ifconfig/up options modified
05.05.2021 19:29:00 Log OPTIONS IMPORT: route options modified
05.05.2021 19:29:00 Log OPTIONS IMPORT: route-related options modified
05.05.2021 19:29:00 Log OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
05.05.2021 19:29:00 Log OPTIONS IMPORT: peer-id set
05.05.2021 19:29:00 Log OPTIONS IMPORT: adjusting link_mtu to 1629
05.05.2021 19:29:00 Log Outgoing Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
05.05.2021 19:29:00 Log Outgoing Data Channel: Using 512 bit message hash 'SHA512' for HMAC authentication
05.05.2021 19:29:00 Log Incoming Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
05.05.2021 19:29:00 Log Incoming Data Channel: Using 512 bit message hash 'SHA512' for HMAC authentication
05.05.2021 19:29:00 Log interactive service msg_channel=0
05.05.2021 19:29:00 Log ROUTE_GATEWAY 192.168.2.1/255.255.255.0 I=11 HWADDR=04:d9:f5:d1:3d:df
05.05.2021 19:29:00 Log GDG6: remote_host_ipv6=n/a
05.05.2021 19:29:00 Log NOTE: GetBestInterfaceEx returned error: Element nicht gefunden. (code=1168)
05.05.2021 19:29:00 Log ROUTE6: default_gateway=UNDEF
05.05.2021 19:29:00 Log open_tun
05.05.2021 19:29:00 Log tap-windows6 device [LAN-Verbindung] opened
05.05.2021 19:29:00 Log TAP-Windows Driver Version 9.24
05.05.2021 19:29:00 Log TAP-Windows MTU=1500
05.05.2021 19:29:00 Log Set TAP-Windows TUN subnet mode network/local/netmask = 10.0.84.0/10.0.84.57/255.255.255.0 [SUCCEEDED]
05.05.2021 19:29:00 Log Notified TAP-Windows driver to set a DHCP IP/netmask of 10.0.84.57/255.255.255.0 on interface {772708BE-967C-44AD-AD57-6B3F307D0BFD} [DHCP-serv: 10.0.84.254, lease-time: 31536000]
05.05.2021 19:29:00 Log DHCP option string: 060852c7 86ae50ff 0ace
05.05.2021 19:29:00 Log Successful ARP Flush on interface [31] {772708BE-967C-44AD-AD57-6B3F307D0BFD}
05.05.2021 19:29:00 Log do_ifconfig, ipv4=1, ipv6=1
05.05.2021 19:29:00 Log MANAGEMENT: >STATE:1620235740,ASSIGN_IP,,10.0.84.57,,,,,fdbf:1d37:bbe0:0:5:4:0:39
05.05.2021 19:29:00 State ASSIGN_IP
...
Mit ausgeschalteter Windows Firewall funktioniert die Verbindung. Was muss ich einstellen, damit es funktioniert?
Habe schon versucht den VPN Client als auch OpenVPN in die Zugelassene Apps reinzupacken, ein Netzwerk Reset, eine Neuinstallation und den Appdata Ordner von PP löschen. Das hat jedoch alles nichts gebracht.
 

Leichenhalle

Junior Member
Log
...
05.05.2021 19:29:00 Log IPv4 MTU set to 1500 on interface 31 using SetIpInterfaceEntry()
05.05.2021 19:29:01 Log NETSH: C:\WINDOWS\system32\netsh.exe interface ipv6 set address interface=31 fdbf:1d37:bbe0:0:5:4:0:39/128 store=active
05.05.2021 19:29:01 Log add_route_ipv6(fdbf:1d37:bbe0:0:5:4::/112 -> fdbf:1d37:bbe0:0:5:4:0:39 metric 0) dev LAN-Verbindung
05.05.2021 19:29:01 Log C:\WINDOWS\system32\netsh.exe interface ipv6 add route fdbf:1d37:bbe0:0:5:4::/112 interface=31 fe80::8 store=active
05.05.2021 19:29:01 Log env_block: add PATH=C:\WINDOWS\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
05.05.2021 19:29:01 Log IPv6 MTU set to 1500 on interface 31 using SetIpInterfaceEntry()
05.05.2021 19:29:01 Log updown_v6.bat LAN-Verbindung 1500 1629 10.0.84.57 255.255.255.0 init
05.05.2021 19:29:01 Log env_block: add PATH=C:\WINDOWS\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
05.05.2021 19:29:03 Log TEST ROUTES: 0/0 succeeded len=-1 ret=0 a=0 u/d=down
05.05.2021 19:29:03 Log Route: Waiting for TUN/TAP interface to come up...
05.05.2021 19:29:05 Log TEST ROUTES: 0/0 succeeded len=-1 ret=0 a=0 u/d=down
05.05.2021 19:29:05 Log Route: Waiting for TUN/TAP interface to come up...
05.05.2021 19:29:06 Log TEST ROUTES: 0/0 succeeded len=-1 ret=0 a=0 u/d=down
05.05.2021 19:29:06 Log Route: Waiting for TUN/TAP interface to come up...
05.05.2021 19:29:07 Log TEST ROUTES: 0/0 succeeded len=-1 ret=0 a=0 u/d=down
05.05.2021 19:29:07 Log To many Tap Init errors, Disconnecting and reinstalling TAP Adapter
05.05.2021 19:29:07 Log Tunnel Basel1 Disconnect Called Reason:Error
05.05.2021 19:29:07 Debug Debug: Serviceconnection Disconnect called
05.05.2021 19:29:07 Log State Change Event - Stopping
05.05.2021 19:29:07 Log Route: Waiting for TUN/TAP interface to come up...
05.05.2021 19:29:07 Debug killConnection called
05.05.2021 19:29:07 Management Sending signal to close connection
05.05.2021 19:29:07 Log MANAGEMENT: CMD 'exit'
05.05.2021 19:29:07 Management Disconnecting from management interface
05.05.2021 19:29:07 Debug SendDisconnect done
05.05.2021 19:29:07 Management Disconnecting from management interface
05.05.2021 19:29:07 Debug DisconnectLogic done
05.05.2021 19:29:09 Log State Change Event - Stopped
05.05.2021 19:29:09 Log state changes to stoped, reason: Error
05.05.2021 19:29:09 Log Handle disconnect for reason Error error:WaitingForTapAdapters
05.05.2021 19:29:09 Error Tunnel Basel1 Disconnect Called Reason:WaitGlobalAction but disconnect reason already is Error
05.05.2021 19:29:12 Debug Debug: config connect called
...
 

Leichenhalle

Junior Member
Danke Daniel!
Ich weiß zwar nicht was dort falsch war, da ich mir die Firewall Regeln vorher angeschaut habe, aber jetzt tut es wieder.
Mal sehen was in Zukunft nicht richtig funktioniert. Bisher vermisse ich nichts.
 
Top