Hello,
Ok I have been playing with the settings and found out in the client openvpn settings a field extra option is always filled with the value 'admin'. From the gui this can not be removed so I had to do it from the cli with uci set command.
From the gui it is also impossible to select proto udp4 instead of udp. So I changed the value with uci.
From the logging I can see the connection is established but in the GUI both the server and clients do not show correct information. Also there is no data being forwarded through the tunnel. What else can I do?
This is the last logging from server and one client:
client1: (after uci set openvpn.xxxx.proto='udp4')
Thu Dec 20 14:07:08 2018 daemon.notice openvpn(636C69656E745F31)[3285]: OpenVPN 2.4.5 mips-openwrt-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
Thu Dec 20 14:07:08 2018 daemon.notice openvpn(636C69656E745F31)[3285]: library versions: OpenSSL 1.0.2o 27 Mar 2018, LZO 2.10
Thu Dec 20 14:07:08 2018 daemon.warn openvpn(636C69656E745F31)[3285]: WARNING: No server certificate verification method has been enabled. See
http://openvpn.net/howto.html#mitm for more info.
Thu Dec 20 14:07:08 2018 daemon.notice openvpn(636C69656E745F31)[3285]: LZO compression initializing
Thu Dec 20 14:07:08 2018 daemon.notice openvpn(636C69656E745F31)[3285]: Control Channel MTU parms [ L:1654 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Thu Dec 20 14:07:08 2018 daemon.notice openvpn(636C69656E745F31)[3285]: Data Channel MTU parms [ L:1654 D:1450 EF:122 EB:411 ET:32 EL:3 ]
Thu Dec 20 14:07:08 2018 daemon.notice openvpn(636C69656E745F31)[3285]: Local Options String (VER=V4): 'V4,dev-type tap,link-mtu 1574,tun-mtu 1532,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Thu Dec 20 14:07:08 2018 daemon.notice openvpn(636C69656E745F31)[3285]: Expected Remote Options String (VER=V4): 'V4,dev-type tap,link-mtu 1574,tun-mtu 1532,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Thu Dec 20 14:07:08 2018 daemon.notice openvpn(636C69656E745F31)[3285]: TCP/UDP: Preserving recently used remote address: [AF_INET]10.10.9.1:1194
Thu Dec 20 14:07:08 2018 daemon.notice openvpn(636C69656E745F31)[3285]: Socket Buffers: R=[8388608->8388608] S=[8388608->8388608]
Thu Dec 20 14:07:08 2018 daemon.notice openvpn(636C69656E745F31)[3285]: UDPv4 link local: (not bound)
Thu Dec 20 14:07:08 2018 daemon.notice openvpn(636C69656E745F31)[3285]: UDPv4 link remote: [AF_INET]10.10.9.1:1194
Thu Dec 20 14:07:08 2018 daemon.notice openvpn(636C69656E745F31)[3285]: TLS: Initial packet from [AF_INET]10.10.9.1:1194, sid=e0e39e14 5f029ee2
Thu Dec 20 14:07:08 2018 daemon.notice openvpn(636C69656E745F31)[3285]: VERIFY OK: depth=1, C=NL, ST=ZH, L=, O=, OU=, CN=CA, name=EasyRSA, emailAddress=me@myhost.mydomain
Thu Dec 20 14:07:08 2018 daemon.notice openvpn(636C69656E745F31)[3285]: VERIFY OK: depth=0, C=NL, ST=ZH, L=, O=, OU=, CN=server, name=EasyRSA, emailAddress=me@myhost.mydomain
Thu Dec 20 14:07:08 2018 daemon.notice openvpn(636C69656E745F31)[3285]: Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
Thu Dec 20 14:07:08 2018 daemon.notice openvpn(636C69656E745F31)[3285]: [server] Peer Connection Initiated with [AF_INET]10.10.9.1:1194
Thu Dec 20 14:07:08 2018 local1.info gsmd[2298]: gsmd send: 'AT+CSQ' (7)
Thu Dec 20 14:07:08 2018 local1.info gsmd[2298]: gsmd get: '+CSQ: 99,99' (11)
Thu Dec 20 14:07:09 2018 daemon.notice openvpn(636C69656E745F31)[3285]: SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Thu Dec 20 14:07:09 2018 daemon.notice openvpn(636C69656E745F31)[3285]: PUSH: Received control message: 'PUSH_REPLY,route 10.10.200.0 255.255.248.0,ping 10,ping-restart 120,ifconfig 10.0.0.2 10.0.0.1,peer-id 2,cipher AES-256-GCM'
Thu Dec 20 14:07:09 2018 daemon.notice openvpn(636C69656E745F31)[3285]: OPTIONS IMPORT: timers and/or timeouts modified
Thu Dec 20 14:07:09 2018 daemon.notice openvpn(636C69656E745F31)[3285]: OPTIONS IMPORT: --ifconfig/up options modified
Thu Dec 20 14:07:09 2018 daemon.notice openvpn(636C69656E745F31)[3285]: OPTIONS IMPORT: route options modified
Thu Dec 20 14:07:09 2018 daemon.notice openvpn(636C69656E745F31)[3285]: OPTIONS IMPORT: peer-id set
Thu Dec 20 14:07:09 2018 daemon.notice openvpn(636C69656E745F31)[3285]: OPTIONS IMPORT: adjusting link_mtu to 1657
Thu Dec 20 14:07:09 2018 daemon.notice openvpn(636C69656E745F31)[3285]: OPTIONS IMPORT: data channel crypto options modified
Thu Dec 20 14:07:09 2018 daemon.notice openvpn(636C69656E745F31)[3285]: Data Channel: using negotiated cipher 'AES-256-GCM'
Thu Dec 20 14:07:09 2018 daemon.notice openvpn(636C69656E745F31)[3285]: Data Channel MTU parms [ L:1585 D:1450 EF:53 EB:411 ET:32 EL:3 ]
Thu Dec 20 14:07:09 2018 daemon.notice openvpn(636C69656E745F31)[3285]: Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Thu Dec 20 14:07:09 2018 daemon.notice openvpn(636C69656E745F31)[3285]: Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Thu Dec 20 14:07:09 2018 daemon.warn openvpn(636C69656E745F31)[3285]: WARNING: Since you are using --dev tap, the second argument to --ifconfig must be a netmask, for example something like 255.255.255.0. (silence this warning with --ifconfig-nowarn)
Thu Dec 20 14:07:09 2018 daemon.warn openvpn(636C69656E745F31)[3285]: OpenVPN ROUTE: OpenVPN needs a gateway parameter for a --route option and no default was specified by either --route-gateway or --ifconfig options
Thu Dec 20 14:07:09 2018 daemon.warn openvpn(636C69656E745F31)[3285]: OpenVPN ROUTE: failed to parse/resolve route for host/network: 10.10.200.0
Thu Dec 20 14:07:09 2018 daemon.notice openvpn(636C69656E745F31)[3285]: TUN/TAP device tap0 opened
Thu Dec 20 14:07:09 2018 daemon.notice openvpn(636C69656E745F31)[3285]: TUN/TAP TX queue length set to 100
Thu Dec 20 14:07:09 2018 daemon.notice openvpn(636C69656E745F31)[3285]: do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Thu Dec 20 14:07:09 2018 daemon.notice openvpn(636C69656E745F31)[3285]: /sbin/ifconfig tap0 10.0.0.2 netmask 10.0.0.1 mtu 1500 broadcast 255.255.255.254
Thu Dec 20 14:07:09 2018 daemon.err openvpn(636C69656E745F31)[3285]: Linux ifconfig failed: external program exited with error status: 1
Thu Dec 20 14:07:09 2018 daemon.notice openvpn(636C69656E745F31)[3285]: Exiting due to fatal error
server after setting proto to udp4:
Thu Dec 20 13:15:48 2018 daemon.notice openvpn(7365727665725F31)[17189]: SIGTERM[hard,] received, process exiting
Thu Dec 20 13:15:48 2018 daemon.notice openvpn(7365727665725F31)[20286]: OpenVPN 2.4.5 mips-openwrt-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
Thu Dec 20 13:15:48 2018 daemon.notice openvpn(7365727665725F31)[20286]: library versions: OpenSSL 1.0.2o 27 Mar 2018, LZO 2.10
Thu Dec 20 13:15:48 2018 daemon.warn openvpn(7365727665725F31)[20286]: NOTE: when bridging your LAN adapter with the TAP adapter, note that the new bridge adapter will often take on its own IP address that is different from what the LAN adapter was previously set to
Thu Dec 20 13:15:48 2018 daemon.warn openvpn(7365727665725F31)[20286]: WARNING: using --duplicate-cn and --client-config-dir together is probably not what you want
Thu Dec 20 13:15:48 2018 daemon.notice openvpn(7365727665725F31)[20286]: Diffie-Hellman initialized with 1024 bit key
Thu Dec 20 13:15:48 2018 daemon.notice openvpn(7365727665725F31)[20286]: TLS-Auth MTU parms [ L:1654 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Thu Dec 20 13:15:48 2018 daemon.warn openvpn(7365727665725F31)[20286]: OpenVPN ROUTE: OpenVPN needs a gateway parameter for a --route option and no default was specified by either --route-gateway or --ifconfig options
Thu Dec 20 13:15:48 2018 daemon.warn openvpn(7365727665725F31)[20286]: OpenVPN ROUTE: failed to parse/resolve route for host/network: 10.10.200.2
Thu Dec 20 13:15:48 2018 daemon.notice netifd: Network device 'tap0' link is up
Thu Dec 20 13:15:48 2018 daemon.notice openvpn(7365727665725F31)[20286]: TUN/TAP device tap0 opened
Thu Dec 20 13:15:48 2018 daemon.notice openvpn(7365727665725F31)[20286]: TUN/TAP TX queue length set to 100
Thu Dec 20 13:15:48 2018 daemon.notice openvpn(7365727665725F31)[20286]: Data Channel MTU parms [ L:1654 D:1450 EF:122 EB:411 ET:32 EL:3 ]
Thu Dec 20 13:15:48 2018 daemon.notice openvpn(7365727665725F31)[20286]: Socket Buffers: R=[8388608->8388608] S=[8388608->8388608]
Thu Dec 20 13:15:48 2018 daemon.notice openvpn(7365727665725F31)[20286]: UDPv4 link local (bound): [AF_INET][undef]:1194
Thu Dec 20 13:15:48 2018 daemon.notice openvpn(7365727665725F31)[20286]: UDPv4 link remote: [AF_UNSPEC]
Thu Dec 20 13:15:48 2018 daemon.notice openvpn(7365727665725F31)[20286]: MULTI: multi_init called, r=256 v=256
Thu Dec 20 13:15:48 2018 kern.info kernel: [102684.420000] device tap0 entered promiscuous mode
Thu Dec 20 13:15:48 2018 kern.info kernel: [102684.420000] br-lan: port 3(tap0) entered forwarding state
Thu Dec 20 13:15:48 2018 daemon.notice openvpn(7365727665725F31)[20286]: Initialization Sequence Completed
Thu Dec 20 13:15:50 2018 kern.info kernel: [102686.420000] br-lan: port 3(tap0) entered forwarding state
Thu Dec 20 13:15:52 2018 kern.info kernel: [102688.010000] Ports leds ON