Page 1 of 1

HTTPS with Windows 10 Anniversary

Posted: Mon Dec 19, 2016 9:58 pm
by simonpaterson
Hi,

After the Windows 10 Anniversary update I can connect perfectly fine, however whenever I try to connect to a web page over the OpenVPN I get half a page, and then all traffic drops. I then have to manually disconnect and reconnect to restore traffic.

Re: HTTPS with Windows 10 Anniversary

Posted: Tue Dec 20, 2016 9:13 am
by Eric
Hi Simon,

Please try resetting your network stack. To do this, open a command prompt with Administrator rights, and then enter the following commands:

netsh winsock reset catalog
netsh int ipv4 reset
netsh int ipv6 reset

After this, restart your PC.

Regards,
Eric

Re: HTTPS with Windows 10 Anniversary

Posted: Tue Dec 20, 2016 8:18 pm
by simonpaterson
Hi,

I should probably clarify; I use OpenVPN for mainly SSH traffic, and the connection stays up and functional for hours at a time. As soon as I try and open any web page traffic drops, and I need to disconnect, and reconnect my OpenVPN connection. Resetting the network stack has no effect.

Re: HTTPS with Windows 10 Anniversary

Posted: Wed Dec 21, 2016 9:13 am
by Eric
Hi Simon,

If the tunnel is staying up but no traffic is parsing, and a reconnect resolves the issue, the most likely cause of the issue is a local firewall which is slow to react to the new connection, or the server is having some issues.

To see if you can find a specific cause of the problem, please run through the following - http://sparklabs.com/support/kb/article ... -problems/

Regards,
Eric

Re: HTTPS with Windows 10 Anniversary

Posted: Wed Dec 21, 2016 10:39 pm
by simonpaterson
Hi,

I've reviewed the information on your link, and can confirm that the ping and ping-restart settings are the same on both server and client. The issue started when my machine decided to upgrade to Anniversary Edition; the problem did not exist prior to this, and rolling back did not solve the issue. When I use the standard OpenVPN client with the exact same configuration I do not get drop offs, unlike the ones I now get with Viscosity. A test machine I was using experienced the exact same issue; it worked, then upgraded to Anniversary Edition, and now Web traffic kills traffic. When I run a trace on the server I see the traffic leaving the tunnel, and responses back down the tunnel to my client. When I get a drop off I still see the server sending traffic down the tunnel, but a trace at the client end does not see this traffic; the client thinks that it has a missing ACK, and retransmits.

Re: HTTPS with Windows 10 Anniversary

Posted: Thu Dec 22, 2016 9:42 am
by Eric
Hi Simon,

Could you please post a complete copy of your log after connecting, as well as an exported copy of your config.conf from Viscosity (you are welcome to censor any IPs or names) .- http://sparklabs.com/support/kb/article ... envpn-log/

Regards,
Eric

Re: HTTPS with Windows 10 Anniversary

Posted: Tue Jan 03, 2017 10:32 pm
by simonpaterson
Hi,

Traffic died @ 1125:

Jan 03 11:23:43: State changed to Connecting
Jan 03 11:23:43: Viscosity Windows 1.6.7 (1468)
Jan 03 11:23:43: Running on Microsoft Windows 10 Pro
Jan 03 11:23:43: Bringing up interface...
Jan 03 11:23:43: Checking reachability status of connection...
Jan 03 11:23:43: Connection is reachable. Starting connection attempt.
Jan 03 11:23:44: us=31000 Current Parameter Settings:
Jan 03 11:23:44: us=31000 config = 'C:\Program Files\Common Files\Viscosity\OpenVPNConfig\user\1\config.conf'
Jan 03 11:23:44: us=31000 mode = 0
Jan 03 11:23:44: us=31000 show_ciphers = DISABLED
Jan 03 11:23:44: us=31000 show_digests = DISABLED
Jan 03 11:23:44: us=31000 show_engines = DISABLED
Jan 03 11:23:44: us=31000 genkey = DISABLED
Jan 03 11:23:44: us=31000 key_pass_file = '[UNDEF]'
Jan 03 11:23:44: us=31000 show_tls_ciphers = DISABLED
Jan 03 11:23:44: us=31000 Connection profiles [default]:
Jan 03 11:23:44: us=31000 proto = udp
Jan 03 11:23:44: us=31000 local = '[UNDEF]'
Jan 03 11:23:44: us=31000 local_port = 0
Jan 03 11:23:44: us=31000 remote = 'vne.domainapn.com'
Jan 03 11:23:44: us=31000 remote_port = 1194
Jan 03 11:23:44: us=31000 remote_float = DISABLED
Jan 03 11:23:44: us=31000 bind_defined = DISABLED
Jan 03 11:23:44: us=31000 bind_local = DISABLED
Jan 03 11:23:44: us=31000 connect_retry_seconds = 5
Jan 03 11:23:44: us=31000 connect_timeout = 10
Jan 03 11:23:44: us=31000 connect_retry_max = 0
Jan 03 11:23:44: us=31000 socks_proxy_server = '[UNDEF]'
Jan 03 11:23:44: us=31000 socks_proxy_port = 0
Jan 03 11:23:44: us=31000 socks_proxy_retry = DISABLED
Jan 03 11:23:44: us=31000 tun_mtu = 1500
Jan 03 11:23:44: us=31000 tun_mtu_defined = ENABLED
Jan 03 11:23:44: us=31000 link_mtu = 1500
Jan 03 11:23:44: us=31000 link_mtu_defined = DISABLED
Jan 03 11:23:44: us=31000 tun_mtu_extra = 0
Jan 03 11:23:44: us=31000 tun_mtu_extra_defined = DISABLED
Jan 03 11:23:44: us=31000 mtu_discover_type = -1
Jan 03 11:23:44: us=31000 fragment = 0
Jan 03 11:23:44: us=31000 mssfix = 1450
Jan 03 11:23:44: us=31000 explicit_exit_notification = 0
Jan 03 11:23:44: us=31000 Connection profiles END
Jan 03 11:23:44: us=31000 remote_random = DISABLED
Jan 03 11:23:44: us=31000 ipchange = '[UNDEF]'
Jan 03 11:23:44: us=31000 dev = 'tun'
Jan 03 11:23:44: us=31000 dev_type = '[UNDEF]'
Jan 03 11:23:44: us=31000 dev_node = '{FA4BBEF8-88FB-4657-B623-0983BFA6303A}'
Jan 03 11:23:44: us=31000 lladdr = '[UNDEF]'
Jan 03 11:23:44: us=31000 topology = 1
Jan 03 11:23:44: us=31000 tun_ipv6 = DISABLED
Jan 03 11:23:44: us=31000 ifconfig_local = '192.168.123.2'
Jan 03 11:23:44: us=31000 ifconfig_remote_netmask = '192.168.123.1'
Jan 03 11:23:44: us=31000 ifconfig_noexec = DISABLED
Jan 03 11:23:44: us=31000 ifconfig_nowarn = DISABLED
Jan 03 11:23:44: us=31000 ifconfig_ipv6_local = '[UNDEF]'
Jan 03 11:23:44: us=31000 ifconfig_ipv6_netbits = 0
Jan 03 11:23:44: us=31000 ifconfig_ipv6_remote = '[UNDEF]'
Jan 03 11:23:44: us=31000 shaper = 0
Jan 03 11:23:44: us=31000 mtu_test = 0
Jan 03 11:23:44: us=31000 mlock = DISABLED
Jan 03 11:23:44: us=31000 keepalive_ping = 0
Jan 03 11:23:44: us=31000 keepalive_timeout = 0
Jan 03 11:23:44: us=31000 inactivity_timeout = 0
Jan 03 11:23:44: us=31000 ping_send_timeout = 15
Jan 03 11:23:44: us=31000 ping_rec_timeout = 76
Jan 03 11:23:44: us=31000 ping_rec_timeout_action = 2
Jan 03 11:23:44: us=31000 ping_timer_remote = DISABLED
Jan 03 11:23:44: us=31000 remap_sigusr1 = 0
Jan 03 11:23:44: us=31000 persist_tun = DISABLED
Jan 03 11:23:44: us=31000 persist_local_ip = DISABLED
Jan 03 11:23:44: us=31000 persist_remote_ip = DISABLED
Jan 03 11:23:44: us=31000 persist_key = ENABLED
Jan 03 11:23:44: us=31000 passtos = DISABLED
Jan 03 11:23:44: us=31000 resolve_retry_seconds = 1000000000
Jan 03 11:23:44: us=31000 username = '[UNDEF]'
Jan 03 11:23:44: us=31000 groupname = '[UNDEF]'
Jan 03 11:23:44: us=31000 chroot_dir = '[UNDEF]'
Jan 03 11:23:44: us=31000 cd_dir = '[UNDEF]'
Jan 03 11:23:44: us=31000 writepid = '[UNDEF]'
Jan 03 11:23:44: us=31000 up_script = '[UNDEF]'
Jan 03 11:23:44: us=31000 down_script = '[UNDEF]'
Jan 03 11:23:44: us=31000 down_pre = DISABLED
Jan 03 11:23:44: us=31000 up_restart = DISABLED
Jan 03 11:23:44: us=31000 up_delay = DISABLED
Jan 03 11:23:44: us=31000 daemon = DISABLED
Jan 03 11:23:44: us=31000 inetd = 0
Jan 03 11:23:44: us=31000 log = DISABLED
Jan 03 11:23:44: us=31000 suppress_timestamps = DISABLED
Jan 03 11:23:44: us=31000 nice = 0
Jan 03 11:23:44: us=31000 verbosity = 5
Jan 03 11:23:44: us=31000 mute = 0
Jan 03 11:23:44: us=31000 gremlin = 0
Jan 03 11:23:44: us=31000 status_file = '[UNDEF]'
Jan 03 11:23:44: us=31000 status_file_version = 1
Jan 03 11:23:44: us=31000 status_file_update_freq = 60
Jan 03 11:23:44: us=31000 occ = ENABLED
Jan 03 11:23:44: us=31000 rcvbuf = 0
Jan 03 11:23:44: us=31000 sndbuf = 0
Jan 03 11:23:44: us=31000 sockflags = 0
Jan 03 11:23:44: us=31000 fast_io = DISABLED
Jan 03 11:23:44: us=31000 lzo = 3
Jan 03 11:23:44: us=31000 route_script = '[UNDEF]'
Jan 03 11:23:44: us=31000 route_default_gateway = '192.168.123.1'
Jan 03 11:23:44: us=31000 route_default_metric = 0
Jan 03 11:23:44: us=31000 route_noexec = DISABLED
Jan 03 11:23:44: us=31000 route_delay = 5
Jan 03 11:23:44: us=31000 route_delay_window = 30
Jan 03 11:23:44: us=31000 route_delay_defined = ENABLED
Jan 03 11:23:44: us=31000 route_nopull = DISABLED
Jan 03 11:23:44: us=31000 route_gateway_via_dhcp = DISABLED
Jan 03 11:23:44: us=31000 max_routes = 100
Jan 03 11:23:44: us=31000 allow_pull_fqdn = DISABLED
Jan 03 11:23:44: us=31000 route 192.168.124.128/255.255.255.128/vpn_gateway/default
Jan 03 11:23:44: us=31000 route 192.168.134.0/255.255.255.0/vpn_gateway/default
Jan 03 11:23:44: us=31000 route 192.168.241.0/255.255.255.0/vpn_gateway/default
Jan 03 11:23:44: us=31000 route 192.168.240.0/255.255.255.0/vpn_gateway/default
Jan 03 11:23:44: us=31000 management_addr = '127.0.0.1'
Jan 03 11:23:44: us=31000 management_port = 49820
Jan 03 11:23:44: us=31000 management_user_pass = '[UNDEF]'
Jan 03 11:23:44: us=31000 management_log_history_cache = 250
Jan 03 11:23:44: us=31000 management_echo_buffer_size = 100
Jan 03 11:23:44: us=31000 management_write_peer_info_file = '[UNDEF]'
Jan 03 11:23:44: us=31000 management_client_user = '[UNDEF]'
Jan 03 11:23:44: us=31000 management_client_group = '[UNDEF]'
Jan 03 11:23:44: us=31000 management_flags = 6
Jan 03 11:23:44: us=31000 shared_secret_file = 'C:\Program Files\Common Files\Viscosity\OpenVPNConfig\user\1\secret.key'
Jan 03 11:23:44: us=31000 key_direction = 0
Jan 03 11:23:44: us=31000 ciphername_defined = ENABLED
Jan 03 11:23:44: us=31000 ciphername = 'BF-CBC'
Jan 03 11:23:44: us=31000 authname_defined = ENABLED
Jan 03 11:23:44: us=31000 authname = 'SHA1'
Jan 03 11:23:44: us=31000 prng_hash = 'SHA1'
Jan 03 11:23:44: us=31000 prng_nonce_secret_len = 16
Jan 03 11:23:44: us=31000 keysize = 0
Jan 03 11:23:44: us=31000 engine = DISABLED
Jan 03 11:23:44: us=31000 replay = ENABLED
Jan 03 11:23:44: us=31000 mute_replay_warnings = DISABLED
Jan 03 11:23:44: us=31000 replay_window = 64
Jan 03 11:23:44: us=31000 replay_time = 15
Jan 03 11:23:44: us=31000 packet_id_file = '[UNDEF]'
Jan 03 11:23:44: us=31000 use_iv = ENABLED
Jan 03 11:23:44: us=31000 test_crypto = DISABLED
Jan 03 11:23:44: us=31000 tls_server = DISABLED
Jan 03 11:23:44: us=31000 tls_client = DISABLED
Jan 03 11:23:44: us=31000 key_method = 2
Jan 03 11:23:44: us=31000 ca_file = '[UNDEF]'
Jan 03 11:23:44: us=31000 ca_path = '[UNDEF]'
Jan 03 11:23:44: us=31000 dh_file = '[UNDEF]'
Jan 03 11:23:44: us=31000 cert_file = '[UNDEF]'
Jan 03 11:23:44: us=31000 extra_certs_file = '[UNDEF]'
Jan 03 11:23:44: us=31000 priv_key_file = '[UNDEF]'
Jan 03 11:23:44: us=31000 pkcs12_file = '[UNDEF]'
Jan 03 11:23:44: us=31000 cryptoapi_cert = '[UNDEF]'
Jan 03 11:23:44: us=31000 cipher_list = '[UNDEF]'
Jan 03 11:23:44: us=31000 tls_verify = '[UNDEF]'
Jan 03 11:23:44: us=31000 tls_export_cert = '[UNDEF]'
Jan 03 11:23:44: us=31000 verify_x509_type = 0
Jan 03 11:23:44: us=31000 verify_x509_name = '[UNDEF]'
Jan 03 11:23:44: us=31000 crl_file = '[UNDEF]'
Jan 03 11:23:44: us=31000 ns_cert_type = 0
Jan 03 11:23:44: us=31000 remote_cert_ku = 0
Jan 03 11:23:44: us=31000 remote_cert_ku = 0
Jan 03 11:23:44: us=31000 remote_cert_ku = 0
Jan 03 11:23:44: us=31000 remote_cert_ku = 0
Jan 03 11:23:44: us=31000 remote_cert_ku = 0
Jan 03 11:23:44: us=31000 remote_cert_ku = 0
Jan 03 11:23:44: us=31000 remote_cert_ku = 0
Jan 03 11:23:44: us=31000 remote_cert_ku = 0
Jan 03 11:23:44: us=31000 remote_cert_ku = 0
Jan 03 11:23:44: us=31000 remote_cert_ku = 0
Jan 03 11:23:44: us=31000 remote_cert_ku[i] = 0
Jan 03 11:23:44: us=31000 remote_cert_ku[i] = 0
Jan 03 11:23:44: us=31000 remote_cert_ku[i] = 0
Jan 03 11:23:44: us=31000 remote_cert_ku[i] = 0
Jan 03 11:23:44: us=31000 remote_cert_ku[i] = 0
Jan 03 11:23:44: us=31000 remote_cert_ku[i] = 0
Jan 03 11:23:44: us=31000 remote_cert_eku = '[UNDEF]'
Jan 03 11:23:44: us=31000 ssl_flags = 0
Jan 03 11:23:44: us=31000 tls_timeout = 2
Jan 03 11:23:44: us=31000 renegotiate_bytes = -1
Jan 03 11:23:44: us=31000 renegotiate_packets = 0
Jan 03 11:23:44: us=31000 renegotiate_seconds = 3600
Jan 03 11:23:44: us=31000 handshake_window = 60
Jan 03 11:23:44: us=31000 transition_window = 3600
Jan 03 11:23:44: us=31000 single_session = DISABLED
Jan 03 11:23:44: us=31000 push_peer_info = DISABLED
Jan 03 11:23:44: us=31000 tls_exit = DISABLED
Jan 03 11:23:44: us=31000 tls_auth_file = '[UNDEF]'
Jan 03 11:23:44: us=31000 pkcs11_protected_authentication = DISABLED
Jan 03 11:23:44: us=31000 pkcs11_protected_authentication = DISABLED
Jan 03 11:23:44: us=31000 pkcs11_protected_authentication = DISABLED
Jan 03 11:23:44: us=31000 pkcs11_protected_authentication = DISABLED
Jan 03 11:23:44: us=31000 pkcs11_protected_authentication = DISABLED
Jan 03 11:23:44: us=31000 pkcs11_protected_authentication = DISABLED
Jan 03 11:23:44: us=31000 pkcs11_protected_authentication = DISABLED
Jan 03 11:23:44: us=31000 pkcs11_protected_authentication = DISABLED
Jan 03 11:23:44: us=31000 pkcs11_protected_authentication = DISABLED
Jan 03 11:23:44: us=31000 pkcs11_protected_authentication = DISABLED
Jan 03 11:23:44: us=31000 pkcs11_protected_authentication = DISABLED
Jan 03 11:23:44: us=31000 pkcs11_protected_authentication = DISABLED
Jan 03 11:23:44: us=31000 pkcs11_protected_authentication = DISABLED
Jan 03 11:23:44: us=31000 pkcs11_protected_authentication = DISABLED
Jan 03 11:23:44: us=31000 pkcs11_protected_authentication = DISABLED
Jan 03 11:23:44: us=31000 pkcs11_protected_authentication = DISABLED
Jan 03 11:23:44: us=31000 pkcs11_private_mode = 00000000
Jan 03 11:23:44: us=31000 pkcs11_private_mode = 00000000
Jan 03 11:23:44: us=31000 pkcs11_private_mode = 00000000
Jan 03 11:23:44: us=31000 pkcs11_private_mode = 00000000
Jan 03 11:23:44: us=31000 pkcs11_private_mode = 00000000
Jan 03 11:23:44: us=31000 pkcs11_private_mode = 00000000
Jan 03 11:23:44: us=31000 pkcs11_private_mode = 00000000
Jan 03 11:23:44: us=31000 pkcs11_private_mode = 00000000
Jan 03 11:23:44: us=31000 pkcs11_private_mode = 00000000
Jan 03 11:23:44: us=31000 pkcs11_private_mode = 00000000
Jan 03 11:23:44: us=31000 pkcs11_private_mode = 00000000
Jan 03 11:23:44: us=31000 pkcs11_private_mode = 00000000
Jan 03 11:23:44: us=31000 pkcs11_private_mode = 00000000
Jan 03 11:23:44: us=46000 pkcs11_private_mode = 00000000
Jan 03 11:23:44: us=46000 pkcs11_private_mode = 00000000
Jan 03 11:23:44: us=46000 pkcs11_private_mode = 00000000
Jan 03 11:23:44: us=46000 pkcs11_cert_private = DISABLED
Jan 03 11:23:44: us=46000 pkcs11_cert_private = DISABLED
Jan 03 11:23:44: us=46000 pkcs11_cert_private = DISABLED
Jan 03 11:23:44: us=46000 pkcs11_cert_private = DISABLED
Jan 03 11:23:44: us=46000 pkcs11_cert_private = DISABLED
Jan 03 11:23:44: us=46000 pkcs11_cert_private = DISABLED
Jan 03 11:23:44: us=46000 pkcs11_cert_private = DISABLED
Jan 03 11:23:44: us=46000 pkcs11_cert_private = DISABLED
Jan 03 11:23:44: us=46000 pkcs11_cert_private = DISABLED
Jan 03 11:23:44: us=46000 pkcs11_cert_private = DISABLED
Jan 03 11:23:44: us=46000 pkcs11_cert_private = DISABLED
Jan 03 11:23:44: us=46000 pkcs11_cert_private = DISABLED
Jan 03 11:23:44: us=46000 pkcs11_cert_private = DISABLED
Jan 03 11:23:44: us=46000 pkcs11_cert_private = DISABLED
Jan 03 11:23:44: us=46000 pkcs11_cert_private = DISABLED
Jan 03 11:23:44: us=46000 pkcs11_cert_private = DISABLED
Jan 03 11:23:44: us=46000 pkcs11_pin_cache_period = -1
Jan 03 11:23:44: us=46000 pkcs11_id = '[UNDEF]'
Jan 03 11:23:44: us=46000 pkcs11_id_management = DISABLED
Jan 03 11:23:44: us=46000 server_network = 0.0.0.0
Jan 03 11:23:44: us=46000 server_netmask = 0.0.0.0
Jan 03 11:23:44: us=46000 server_network_ipv6 = ::
Jan 03 11:23:44: us=46000 server_netbits_ipv6 = 0
Jan 03 11:23:44: us=46000 server_bridge_ip = 0.0.0.0
Jan 03 11:23:44: us=46000 server_bridge_netmask = 0.0.0.0
Jan 03 11:23:44: us=46000 server_bridge_pool_start = 0.0.0.0
Jan 03 11:23:44: us=46000 server_bridge_pool_end = 0.0.0.0
Jan 03 11:23:44: us=46000 ifconfig_pool_defined = DISABLED
Jan 03 11:23:44: us=46000 ifconfig_pool_start = 0.0.0.0
Jan 03 11:23:44: us=46000 ifconfig_pool_end = 0.0.0.0
Jan 03 11:23:44: us=46000 ifconfig_pool_netmask = 0.0.0.0
Jan 03 11:23:44: us=46000 ifconfig_pool_persist_filename = '[UNDEF]'
Jan 03 11:23:44: us=46000 ifconfig_pool_persist_refresh_freq = 600
Jan 03 11:23:44: us=46000 ifconfig_ipv6_pool_defined = DISABLED
Jan 03 11:23:44: us=46000 ifconfig_ipv6_pool_base = ::
Jan 03 11:23:44: us=46000 ifconfig_ipv6_pool_netbits = 0
Jan 03 11:23:44: us=46000 n_bcast_buf = 256
Jan 03 11:23:44: us=46000 tcp_queue_limit = 64
Jan 03 11:23:44: us=46000 real_hash_size = 256
Jan 03 11:23:44: us=46000 virtual_hash_size = 256
Jan 03 11:23:44: us=46000 client_connect_script = '[UNDEF]'
Jan 03 11:23:44: us=46000 learn_address_script = '[UNDEF]'
Jan 03 11:23:44: us=46000 client_disconnect_script = '[UNDEF]'
Jan 03 11:23:44: us=46000 client_config_dir = '[UNDEF]'
Jan 03 11:23:44: us=46000 ccd_exclusive = DISABLED
Jan 03 11:23:44: us=46000 tmp_dir = 'C:\WINDOWS\TEMP\'
Jan 03 11:23:44: us=46000 push_ifconfig_defined = DISABLED
Jan 03 11:23:44: us=46000 push_ifconfig_local = 0.0.0.0
Jan 03 11:23:44: us=46000 push_ifconfig_remote_netmask = 0.0.0.0
Jan 03 11:23:44: us=46000 push_ifconfig_ipv6_defined = DISABLED
Jan 03 11:23:44: us=46000 push_ifconfig_ipv6_local = ::/0
Jan 03 11:23:44: us=46000 push_ifconfig_ipv6_remote = ::
Jan 03 11:23:44: us=46000 enable_c2c = DISABLED
Jan 03 11:23:44: us=46000 duplicate_cn = DISABLED
Jan 03 11:23:44: us=46000 cf_max = 0
Jan 03 11:23:44: us=46000 cf_per = 0
Jan 03 11:23:44: us=46000 max_clients = 1024
Jan 03 11:23:44: us=46000 max_routes_per_client = 256
Jan 03 11:23:44: us=46000 auth_user_pass_verify_script = '[UNDEF]'
Jan 03 11:23:44: us=46000 auth_user_pass_verify_script_via_file = DISABLED
Jan 03 11:23:44: us=46000 client = DISABLED
Jan 03 11:23:44: us=46000 pull = DISABLED
Jan 03 11:23:44: us=46000 auth_user_pass_file = '[UNDEF]'
Jan 03 11:23:44: us=46000 show_net_up = DISABLED
Jan 03 11:23:44: us=46000 route_method = 0
Jan 03 11:23:44: us=46000 block_outside_dns = DISABLED
Jan 03 11:23:44: us=46000 ip_win32_defined = DISABLED
Jan 03 11:23:44: us=46000 ip_win32_type = 3
Jan 03 11:23:44: us=46000 dhcp_masq_offset = 0
Jan 03 11:23:44: us=46000 dhcp_lease_time = 31536000
Jan 03 11:23:44: us=46000 tap_sleep = 0
Jan 03 11:23:44: us=46000 dhcp_options = DISABLED
Jan 03 11:23:44: us=46000 dhcp_renew = DISABLED
Jan 03 11:23:44: us=46000 dhcp_pre_release = DISABLED
Jan 03 11:23:44: us=46000 dhcp_release = DISABLED
Jan 03 11:23:44: us=46000 domain = '[UNDEF]'
Jan 03 11:23:44: us=46000 netbios_scope = '[UNDEF]'
Jan 03 11:23:44: us=46000 netbios_node_type = 0
Jan 03 11:23:44: us=46000 disable_nbt = DISABLED
Jan 03 11:23:44: us=46000 wpad_url = '[UNDEF]'
Jan 03 11:23:44: us=46000 OpenVPN 2.3.13 Windows-MSVC [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on Nov 4 2016
Jan 03 11:23:44: us=46000 library versions: OpenSSL 1.0.2j 26 Sep 2016, LZO 2.09
Jan 03 11:23:44: us=62000 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:49820
Jan 03 11:23:44: us=62000 Need hold release from management interface, waiting...
Jan 03 11:23:44: us=281000 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:49820
Jan 03 11:23:44: us=312000 MANAGEMENT: CMD 'pid'
Jan 03 11:23:44: MANAGEMENT: CMD 'state on'
Jan 03 11:23:44: MANAGEMENT: CMD ''
Jan 03 11:23:44: MANAGEMENT: CMD 'hold release'
Jan 03 11:23:44: MANAGEMENT: CMD ''
Jan 03 11:23:44: Static Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Jan 03 11:23:44: WARNING: INSECURE cipher with block size less than 128 bit (64 bit). This allows attacks like SWEET32. Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Jan 03 11:23:44: Static Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Jan 03 11:23:44: Static Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Jan 03 11:23:44: WARNING: INSECURE cipher with block size less than 128 bit (64 bit). This allows attacks like SWEET32. Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Jan 03 11:23:44: Static Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Jan 03 11:23:44: LZO compression initialized
Jan 03 11:23:44: Socket Buffers: R=[65536->65536] S=[65536->65536]
Jan 03 11:23:44: MANAGEMENT: >STATE:1483442624,RESOLVE,,,
Jan 03 11:23:44: ROUTE_GATEWAY 192.168.6.254/255.255.255.0 I=4 HWADDR=94:de:80:5d:c2:c6
Jan 03 11:23:44: do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Jan 03 11:23:44: MANAGEMENT: >STATE:1483442624,ASSIGN_IP,,192.168.123.2,
Jan 03 11:23:44: MANAGEMENT: >STATE:1483442624,ASSIGN_IP,IPV4_NETMASK,255.255.255.252,
Jan 03 11:23:44: MANAGEMENT: >STATE:1483442624,ASSIGN_IP,IPV4_GATEWAY,192.168.123.0,
Jan 03 11:23:44: open_tun, tt->ipv6=0
Jan 03 11:23:44: TAP-WIN32 device [domain Mgmt] opened: \\.\Global\{FA4BBEF8-88FB-4657-B623-0983BFA6303A}.tap
Jan 03 11:23:44: TAP-Windows Driver Version 9.21
Jan 03 11:23:44: TAP-Windows MTU=1500
Jan 03 11:23:45: NETSH: C:\WINDOWS\system32\netsh.exe interface ip set address domain Mgmt dhcp
Jan 03 11:23:46: Notified TAP-Windows driver to set a DHCP IP/netmask of 192.168.123.2/255.255.255.252 on interface {FA4BBEF8-88FB-4657-B623-0983BFA6303A} [DHCP-serv: 192.168.123.1, lease-time: 31536000]
Jan 03 11:23:46: Successful ARP Flush on interface [14] {FA4BBEF8-88FB-4657-B623-0983BFA6303A}
Jan 03 11:23:46: Data Channel MTU parms [ L:1545 D:1450 EF:45 EB:143 ET:0 EL:3 AF:3/1 ]
Jan 03 11:23:46: Local Options String: 'V4,dev-type tun,link-mtu 1545,tun-mtu 1500,proto UDPv4,ifconfig 192.168.123.1 192.168.123.2,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,secret'
Jan 03 11:23:46: Expected Remote Options String: 'V4,dev-type tun,link-mtu 1545,tun-mtu 1500,proto UDPv4,ifconfig 192.168.123.2 192.168.123.1,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,secret'
Jan 03 11:23:46: Local Options hash (VER=V4): 'bc4a7f96'
Jan 03 11:23:46: Expected Remote Options hash (VER=V4): '82a364de'
Jan 03 11:23:46: UDPv4 link local: [undef]
Jan 03 11:23:46: UDPv4 link remote: [AF_INET]93.186.33.69:1194
Jan 03 11:23:56: Peer Connection Initiated with [AF_INET]93.186.33.69:1194
Jan 03 11:24:01: TEST ROUTES: 4/4 succeeded len=4 ret=1 a=0 u/d=up
Jan 03 11:24:01: MANAGEMENT: >STATE:1483442641,ADD_ROUTES,,,
Jan 03 11:24:01: MANAGEMENT: >STATE:1483442641,ADD_ROUTES,C:\WINDOWS\system32\route.exe ADD 192.168.124.128 MASK 255.255.255.128 192.168.123.1,,
Jan 03 11:24:01: C:\WINDOWS\system32\route.exe ADD 192.168.124.128 MASK 255.255.255.128 192.168.123.1
Jan 03 11:24:01: ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=25 and dwForwardType=4
Jan 03 11:24:01: Route addition via IPAPI succeeded [adaptive]
Jan 03 11:24:01: MANAGEMENT: >STATE:1483442641,ADD_ROUTES,C:\WINDOWS\system32\route.exe ADD 192.168.134.0 MASK 255.255.255.0 192.168.123.1,,
Jan 03 11:24:01: C:\WINDOWS\system32\route.exe ADD 192.168.134.0 MASK 255.255.255.0 192.168.123.1
Jan 03 11:24:01: ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=25 and dwForwardType=4
Jan 03 11:24:01: Route addition via IPAPI succeeded [adaptive]
Jan 03 11:24:01: MANAGEMENT: >STATE:1483442641,ADD_ROUTES,C:\WINDOWS\system32\route.exe ADD 192.168.241.0 MASK 255.255.255.0 192.168.123.1,,
Jan 03 11:24:01: C:\WINDOWS\system32\route.exe ADD 192.168.241.0 MASK 255.255.255.0 192.168.123.1
Jan 03 11:24:01: ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=25 and dwForwardType=4
Jan 03 11:24:01: Route addition via IPAPI succeeded [adaptive]
Jan 03 11:24:01: MANAGEMENT: >STATE:1483442641,ADD_ROUTES,C:\WINDOWS\system32\route.exe ADD 192.168.240.0 MASK 255.255.255.0 192.168.123.1,,
Jan 03 11:24:01: C:\WINDOWS\system32\route.exe ADD 192.168.240.0 MASK 255.255.255.0 192.168.123.1
Jan 03 11:24:01: ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=25 and dwForwardType=4
Jan 03 11:24:01: Route addition via IPAPI succeeded [adaptive]
Jan 03 11:24:01: Initialization Sequence Completed
Jan 03 11:24:01: MANAGEMENT: >STATE:1483442641,CONNECTED,SUCCESS,192.168.123.2,93.186.33.69
Jan 03 11:24:02: WARNING: Split DNS is being used however no DNS domains are present. The DNS server/s for this connection may not be used. For more information please see: https://www.sparklabs.com/support/kb/ar ... e-present/
Server - 192.168.6.253:53; Lookup Type - Any; Domains - domain.local.
Server - 8.8.8.8:53; Lookup Type - Any; Domains - domain.local.

Jan 03 11:24:02: State changed to Connected
Jan 03 11:24:03: MANAGEMENT: CMD 'status'
Jan 03 11:24:04: MANAGEMENT: CMD 'status'
Jan 03 11:24:05: MANAGEMENT: CMD 'status'
Jan 03 11:24:06: MANAGEMENT: CMD 'status'
Jan 03 11:24:07: MANAGEMENT: CMD 'status'
Jan 03 11:24:08: MANAGEMENT: CMD 'status'
Jan 03 11:24:09: MANAGEMENT: CMD 'status'
Jan 03 11:24:10: MANAGEMENT: CMD 'status'
Jan 03 11:24:11: MANAGEMENT: CMD 'status'
Jan 03 11:24:12: MANAGEMENT: CMD 'status'
Jan 03 11:24:13: MANAGEMENT: CMD 'status'
Jan 03 11:24:14: MANAGEMENT: CMD 'status'
Jan 03 11:24:15: MANAGEMENT: CMD 'status'
Jan 03 11:24:16: MANAGEMENT: CMD 'status'
Jan 03 11:24:17: MANAGEMENT: CMD 'status'
Jan 03 11:24:18: MANAGEMENT: CMD 'status'
Jan 03 11:24:19: MANAGEMENT: CMD 'status'
Jan 03 11:24:20: MANAGEMENT: CMD 'status'
Jan 03 11:24:21: MANAGEMENT: CMD 'status'
Jan 03 11:24:22: MANAGEMENT: CMD 'status'
Jan 03 11:24:23: MANAGEMENT: CMD 'status'
Jan 03 11:24:24: MANAGEMENT: CMD 'status'
Jan 03 11:24:25: MANAGEMENT: CMD 'status'
Jan 03 11:24:26: MANAGEMENT: CMD 'status'
Jan 03 11:24:27: MANAGEMENT: CMD 'status'
Jan 03 11:24:28: MANAGEMENT: CMD 'status'
Jan 03 11:24:29: MANAGEMENT: CMD 'status'
Jan 03 11:24:30: MANAGEMENT: CMD 'status'
Jan 03 11:24:31: MANAGEMENT: CMD 'status'
Jan 03 11:24:32: MANAGEMENT: CMD 'status'
Jan 03 11:24:33: MANAGEMENT: CMD 'status'
Jan 03 11:24:34: MANAGEMENT: CMD 'status'
Jan 03 11:24:35: MANAGEMENT: CMD 'status'
Jan 03 11:24:36: MANAGEMENT: CMD 'status'
Jan 03 11:24:37: MANAGEMENT: CMD 'status'
Jan 03 11:24:39: MANAGEMENT: CMD 'status'
Jan 03 11:24:40: MANAGEMENT: CMD 'status'
Jan 03 11:24:41: MANAGEMENT: CMD 'status'
Jan 03 11:24:42: MANAGEMENT: CMD 'status'
Jan 03 11:24:43: MANAGEMENT: CMD 'status'
Jan 03 11:24:44: MANAGEMENT: CMD 'status'
Jan 03 11:24:45: MANAGEMENT: CMD 'status'
Jan 03 11:24:46: MANAGEMENT: CMD 'status'
Jan 03 11:24:47: MANAGEMENT: CMD 'status'
Jan 03 11:24:48: MANAGEMENT: CMD 'status'
Jan 03 11:24:49: MANAGEMENT: CMD 'status'
Jan 03 11:24:50: MANAGEMENT: CMD 'status'
Jan 03 11:24:51: MANAGEMENT: CMD 'status'
Jan 03 11:24:52: MANAGEMENT: CMD 'status'
Jan 03 11:24:53: MANAGEMENT: CMD 'status'
Jan 03 11:24:54: MANAGEMENT: CMD 'status'
Jan 03 11:24:55: MANAGEMENT: CMD 'status'
Jan 03 11:24:56: MANAGEMENT: CMD 'status'
Jan 03 11:24:57: MANAGEMENT: CMD 'status'
Jan 03 11:24:58: MANAGEMENT: CMD 'status'
Jan 03 11:24:59: MANAGEMENT: CMD 'status'
Jan 03 11:25:00: MANAGEMENT: CMD 'status'
Jan 03 11:25:01: MANAGEMENT: CMD 'status'
Jan 03 11:25:02: MANAGEMENT: CMD 'status'
Jan 03 11:25:03: MANAGEMENT: CMD 'status'
Jan 03 11:25:04: MANAGEMENT: CMD 'status'
Jan 03 11:25:05: MANAGEMENT: CMD 'status'
Jan 03 11:25:06: MANAGEMENT: CMD 'status'
Jan 03 11:25:07: MANAGEMENT: CMD 'status'
Jan 03 11:25:08: MANAGEMENT: CMD 'status'
Jan 03 11:25:09: MANAGEMENT: CMD 'status'
Jan 03 11:25:10: MANAGEMENT: CMD 'status'
Jan 03 11:25:11: MANAGEMENT: CMD 'status'
Jan 03 11:25:12: MANAGEMENT: CMD 'status'
Jan 03 11:25:13: MANAGEMENT: CMD 'status'
Jan 03 11:25:14: MANAGEMENT: CMD 'status'
Jan 03 11:25:15: MANAGEMENT: CMD 'status'
Jan 03 11:25:16: MANAGEMENT: CMD 'status'
Jan 03 11:25:17: MANAGEMENT: CMD 'status'



#-- Config Auto Generated By Viscosity --#

#viscosity name domain Mgmt
#viscosity ipv6 false
#viscosity usepeerdns true
#viscosity manageadapter true
#viscosity startonopen true
#viscosity dns split
route-gateway 192.168.123.1
remote vpn.server.com 1194 udp
dev tun
secret secret.key
persist-key
comp-lzo yes
nobind
ping 15
ping-restart 76
tun-mtu 1500
route 192.168.124.128 255.255.255.128 vpn_gateway default
route 192.168.134.0 255.255.255.0 vpn_gateway default
route 192.168.241.0 255.255.255.0 vpn_gateway default
route 192.168.240.0 255.255.255.0 vpn_gateway default
route-delay 5
dev-node {FA4BBEF8-88FB-4657-B623-0983BFA6303A}
verb 5
ifconfig 192.168.123.2 192.168.123.1

Re: HTTPS with Windows 10 Anniversary

Posted: Wed Jan 04, 2017 10:49 am
by Eric
Hi Simon,

You appear to have no DNS on your remote tunnel, is this intentional? If anything on your HTTPS sources require DNS resolution, they will fail to load via internal IPs. I'm afraid that is the only thing that appears to stick out.

If your internal IP address resolve from external sources, please try changing your DNS Mode to Disabled.

Regards,
Eric