Ubuntu 20.04 vs OpenVPN 2.4.7 - проблемы с конфигурацией

[pushin-07]

помогите люди добрые! фантазия закончилась... не поднимается OpenVNP от слова совсем

задача:
нужно 27/4 иметь возможность из интернета обратиться к компу в деревне через роутер с gsm-модемом
ясное дело, что IP у ОПСОСа серый за NAT

1. на VPS поднял Ubuntu 20.04 LTS,
2. easy-rsa 3.0.6-1 (в vars EASYRSA_KEY_SIZE 2048) сгенерировал:
ca.crt
ca.key
dh.pem
ta.key
server.key
server.crt
user.key
user.crt

3. установил OpenVPN 2.4.7
для запуска службы OpenVPN создал не привилегированного пользователя ovpn
ключи и сертификаты из easy-rsa скопировал в /etc/openvpn/keys/

(Нажмите, чтобы показать/скрыть)

port 1194
proto udp4
dev tun
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/server.crt
key /etc/openvpn/keys/server.key
dh /etc/openvpn/keys/dh.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 77.88.8.8"
push "dhcp-option DNS 77.88.8.1"
keepalive 10 120
tls-auth /etc/openvpn/keys/ta.key 0
cipher AES-256-GCM
auth SHA256
user ovpn
group ovpn
persist-key
persist-tun
status /var/log/openvpn/openvpn-status.log
log /var/log/openvpn/openvpn.log
verb 9
explicit-exit-notify 1

в /etc/sysctl.conf раскомментировал: "net.ipv4.ip_forward = 1"

затем sysctl -p

(Нажмите, чтобы показать/скрыть)

# START OPENVPN RULES
# NAT table rules
*nat
:POSTROUTING ACCEPT [0:0] # Allow traffic from OpenVPN client to eth0 (change to the interface you discovered!)
-A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
COMMIT
# END OPENVPN RULES
/etc/ufw/before.rules

в /etc/default/ufw: DEFAULT_FORWARD_POLICY="ACCEPT"

в ufw добавил порты: 1194/udp и 703 (для ssh)
и перезапустил ufw disable/enable

И наконец запускаю службу с включением в автозагрузку:
systemctl -f enable openvpn-server@server.service
systemctl start openvpn-server@server.service

при проверке корректности запуска ругань, что не поднялась:

(Нажмите, чтобы показать/скрыть)

● openvpn-server@server.service - OpenVPN service for server
     Loaded: loaded (/lib/systemd/system/openvpn-server@.service; enabled; vendor preset: enabled)
     Active: activating (auto-restart) (Result: exit-code) since Wed 2022-02-16 15:31:00 MSK; 3s ago
       Docs: man:openvpn(
             https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage
             https://community.openvpn.net/openvpn/wiki/HOWTO
    Process: 13322 ExecStart=/usr/sbin/openvpn --status /run/openvpn-server/status-server.log --status-version 2 --suppress-timestamps --config server.conf (code=exited, status=1/FAILURE)
   Main PID: 13322 (code=exited, status=1/FAILURE)

Feb 16 15:31:00 71-114-114-12.cloudvps.regruhosting.ru systemd[1]: openvpn-server@server.service: Main process exited, code=exited, status=1/FAILURE
Feb 16 15:31:00 71-114-114-12.cloudvps.regruhosting.ru systemd[1]: openvpn-server@server.service: Failed with result 'exit-code'.
Feb 16 15:31:00 71-114-114-12.cloudvps.regruhosting.ru systemd[1]: Failed to start OpenVPN service for server.

(Нажмите, чтобы показать/скрыть)

OpenVPN CLIENT LIST
Updated,Wed Feb 16 15:48:24 2022
Common Name,Real Address,Bytes Received,Bytes Sent,Connected Since
ROUTING TABLE
Virtual Address,Common Name,Real Address,Last Ref
GLOBAL STATS
Max bcast/mcast queue length,0
END

(Нажмите, чтобы показать/скрыть)

Wed Feb 16 15:37:52 2022 us=524700 Current Parameter Settings:
Wed Feb 16 15:37:52 2022 us=524759   config = '/etc/openvpn/server.conf'
Wed Feb 16 15:37:52 2022 us=524767   mode = 1
Wed Feb 16 15:37:52 2022 us=524773   persist_config = DISABLED
Wed Feb 16 15:37:52 2022 us=524779   persist_mode = 1
Wed Feb 16 15:37:52 2022 us=524785   show_ciphers = DISABLED
Wed Feb 16 15:37:52 2022 us=524790   show_digests = DISABLED
Wed Feb 16 15:37:52 2022 us=524796   show_engines = DISABLED
Wed Feb 16 15:37:52 2022 us=524801   genkey = DISABLED
Wed Feb 16 15:37:52 2022 us=524807   key_pass_file = '[UNDEF]'
Wed Feb 16 15:37:52 2022 us=524812   show_tls_ciphers = DISABLED
Wed Feb 16 15:37:52 2022 us=524818   connect_retry_max = 0
Wed Feb 16 15:37:52 2022 us=524824 Connection profiles (0):
Wed Feb 16 15:37:52 2022 us=524830   proto = udp4
Wed Feb 16 15:37:52 2022 us=524836   local = '[UNDEF]'
Wed Feb 16 15:37:52 2022 us=524841   local_port = '1194'
Wed Feb 16 15:37:52 2022 us=524847   remote = '[UNDEF]'
Wed Feb 16 15:37:52 2022 us=524852   remote_port = '1194'
Wed Feb 16 15:37:52 2022 us=524858   remote_float = DISABLED
Wed Feb 16 15:37:52 2022 us=524863   bind_defined = DISABLED
Wed Feb 16 15:37:52 2022 us=524869   bind_local = ENABLED
Wed Feb 16 15:37:52 2022 us=524874   bind_ipv6_only = DISABLED
Wed Feb 16 15:37:52 2022 us=524880   connect_retry_seconds = 5
Wed Feb 16 15:37:52 2022 us=524885   connect_timeout = 120
Wed Feb 16 15:37:52 2022 us=524891   socks_proxy_server = '[UNDEF]'
Wed Feb 16 15:37:52 2022 us=524897   socks_proxy_port = '[UNDEF]'
Wed Feb 16 15:37:52 2022 us=524902   tun_mtu = 1500
Wed Feb 16 15:37:52 2022 us=524908   tun_mtu_defined = ENABLED
Wed Feb 16 15:37:52 2022 us=524913   link_mtu = 1500
Wed Feb 16 15:37:52 2022 us=524919   link_mtu_defined = DISABLED
Wed Feb 16 15:37:52 2022 us=524924   tun_mtu_extra = 0
Wed Feb 16 15:37:52 2022 us=524930   tun_mtu_extra_defined = DISABLED
Wed Feb 16 15:37:52 2022 us=524936   mtu_discover_type = -1
Wed Feb 16 15:37:52 2022 us=524942   fragment = 0
Wed Feb 16 15:37:52 2022 us=524947   mssfix = 1450
Wed Feb 16 15:37:52 2022 us=524953   explicit_exit_notification = 1
Wed Feb 16 15:37:52 2022 us=524959 Connection profiles END
Wed Feb 16 15:37:52 2022 us=524965   remote_random = DISABLED
Wed Feb 16 15:37:52 2022 us=524970   ipchange = '[UNDEF]'
Wed Feb 16 15:37:52 2022 us=524976   dev = 'tun'
Wed Feb 16 15:37:52 2022 us=524981   dev_type = '[UNDEF]'
Wed Feb 16 15:37:52 2022 us=524987   dev_node = '[UNDEF]'
Wed Feb 16 15:37:52 2022 us=524992   lladdr = '[UNDEF]'
Wed Feb 16 15:37:52 2022 us=524998   topology = 1
Wed Feb 16 15:37:52 2022 us=525003   ifconfig_local = '10.8.0.1'
Wed Feb 16 15:37:52 2022 us=525009   ifconfig_remote_netmask = '10.8.0.2'
Wed Feb 16 15:37:52 2022 us=525015   ifconfig_noexec = DISABLED
Wed Feb 16 15:37:52 2022 us=525020   ifconfig_nowarn = DISABLED
Wed Feb 16 15:37:52 2022 us=525026   ifconfig_ipv6_local = '[UNDEF]'
Wed Feb 16 15:37:52 2022 us=525031   ifconfig_ipv6_netbits = 0
Wed Feb 16 15:37:52 2022 us=525037   ifconfig_ipv6_remote = '[UNDEF]'
Wed Feb 16 15:37:52 2022 us=525042   shaper = 0
Wed Feb 16 15:37:52 2022 us=525048   mtu_test = 0
Wed Feb 16 15:37:52 2022 us=525057   mlock = DISABLED
Wed Feb 16 15:37:52 2022 us=525063   keepalive_ping = 10
Wed Feb 16 15:37:52 2022 us=525068   keepalive_timeout = 120
Wed Feb 16 15:37:52 2022 us=525074   inactivity_timeout = 0
Wed Feb 16 15:37:52 2022 us=525079   ping_send_timeout = 10
Wed Feb 16 15:37:52 2022 us=525085   ping_rec_timeout = 240
Wed Feb 16 15:37:52 2022 us=525090   ping_rec_timeout_action = 2
Wed Feb 16 15:37:52 2022 us=525096   ping_timer_remote = DISABLED
Wed Feb 16 15:37:52 2022 us=525101   remap_sigusr1 = 0
Wed Feb 16 15:37:52 2022 us=525107   persist_tun = ENABLED
Wed Feb 16 15:37:52 2022 us=525112   persist_local_ip = DISABLED
Wed Feb 16 15:37:52 2022 us=525117   persist_remote_ip = DISABLED
Wed Feb 16 15:37:52 2022 us=525123   persist_key = ENABLED
Wed Feb 16 15:37:52 2022 us=525130   passtos = DISABLED
Wed Feb 16 15:37:52 2022 us=525138   resolve_retry_seconds = 1000000000
Wed Feb 16 15:37:52 2022 us=525148   resolve_in_advance = DISABLED
Wed Feb 16 15:37:52 2022 us=525163   username = 'ovpn'
Wed Feb 16 15:37:52 2022 us=525175   groupname = 'ovpn'
Wed Feb 16 15:37:52 2022 us=525213   chroot_dir = '[UNDEF]'
Wed Feb 16 15:37:52 2022 us=525219   cd_dir = '[UNDEF]'
Wed Feb 16 15:37:52 2022 us=525225   writepid = '[UNDEF]'
Wed Feb 16 15:37:52 2022 us=525230   up_script = '[UNDEF]'
Wed Feb 16 15:37:52 2022 us=525236   down_script = '[UNDEF]'
Wed Feb 16 15:37:52 2022 us=525242   down_pre = DISABLED
Wed Feb 16 15:37:52 2022 us=525247   up_restart = DISABLED
Wed Feb 16 15:37:52 2022 us=525253   up_delay = DISABLED
Wed Feb 16 15:37:52 2022 us=525258   daemon = DISABLED
Wed Feb 16 15:37:52 2022 us=525264   inetd = 0
Wed Feb 16 15:37:52 2022 us=525269   log = ENABLED
Wed Feb 16 15:37:52 2022 us=525275   suppress_timestamps = DISABLED
Wed Feb 16 15:37:52 2022 us=525281   machine_readable_output = DISABLED
Wed Feb 16 15:37:52 2022 us=525289   nice = 0
Wed Feb 16 15:37:52 2022 us=525298   verbosity = 9
Wed Feb 16 15:37:52 2022 us=525305   mute = 0
Wed Feb 16 15:37:52 2022 us=525314   gremlin = 0
Wed Feb 16 15:37:52 2022 us=525322   status_file = '/var/log/openvpn/openvpn-status.log'
Wed Feb 16 15:37:52 2022 us=525329   status_file_version = 1
Wed Feb 16 15:37:52 2022 us=525338   status_file_update_freq = 60
Wed Feb 16 15:37:52 2022 us=525346   occ = ENABLED
Wed Feb 16 15:37:52 2022 us=525354   rcvbuf = 0
Wed Feb 16 15:37:52 2022 us=525360   sndbuf = 0
Wed Feb 16 15:37:52 2022 us=525366   mark = 0
Wed Feb 16 15:37:52 2022 us=525371   sockflags = 0
Wed Feb 16 15:37:52 2022 us=525377   fast_io = DISABLED
Wed Feb 16 15:37:52 2022 us=525383   comp.alg = 0
Wed Feb 16 15:37:52 2022 us=525388   comp.flags = 0
Wed Feb 16 15:37:52 2022 us=525394   route_script = '[UNDEF]'
Wed Feb 16 15:37:52 2022 us=525400   route_default_gateway = '[UNDEF]'
Wed Feb 16 15:37:52 2022 us=525405   route_default_metric = 0
Wed Feb 16 15:37:52 2022 us=525411   route_noexec = DISABLED
Wed Feb 16 15:37:52 2022 us=525416   route_delay = 0
Wed Feb 16 15:37:52 2022 us=525422   route_delay_window = 30
Wed Feb 16 15:37:52 2022 us=525427   route_delay_defined = DISABLED
Wed Feb 16 15:37:52 2022 us=525433   route_nopull = DISABLED
Wed Feb 16 15:37:52 2022 us=525439   route_gateway_via_dhcp = DISABLED
Wed Feb 16 15:37:52 2022 us=525444   allow_pull_fqdn = DISABLED
Wed Feb 16 15:37:52 2022 us=525451   route 10.8.0.0/255.255.255.0/default (not set)/default (not set)
Wed Feb 16 15:37:52 2022 us=525457   management_addr = '[UNDEF]'
Wed Feb 16 15:37:52 2022 us=525462   management_port = '[UNDEF]'
Wed Feb 16 15:37:52 2022 us=525468   management_user_pass = '[UNDEF]'
Wed Feb 16 15:37:52 2022 us=525474   management_log_history_cache = 250
Wed Feb 16 15:37:52 2022 us=525479   management_echo_buffer_size = 100
Wed Feb 16 15:37:52 2022 us=525485   management_write_peer_info_file = '[UNDEF]'
Wed Feb 16 15:37:52 2022 us=525491   management_client_user = '[UNDEF]'
Wed Feb 16 15:37:52 2022 us=525496   management_client_group = '[UNDEF]'
Wed Feb 16 15:37:52 2022 us=525502   management_flags = 0
Wed Feb 16 15:37:52 2022 us=525508   shared_secret_file = '[UNDEF]'
Wed Feb 16 15:37:52 2022 us=525514   key_direction = 0
Wed Feb 16 15:37:52 2022 us=525519   ciphername = 'AES-256-GCM'
Wed Feb 16 15:37:52 2022 us=525525   ncp_enabled = ENABLED
Wed Feb 16 15:37:52 2022 us=525531   ncp_ciphers = 'AES-256-GCM:AES-128-GCM'
Wed Feb 16 15:37:52 2022 us=525536   authname = 'SHA256'
Wed Feb 16 15:37:52 2022 us=525542   prng_hash = 'SHA1'
Wed Feb 16 15:37:52 2022 us=525548   prng_nonce_secret_len = 16
Wed Feb 16 15:37:52 2022 us=525554   keysize = 0
Wed Feb 16 15:37:52 2022 us=525559   engine = DISABLED
Wed Feb 16 15:37:52 2022 us=525565   replay = ENABLED
Wed Feb 16 15:37:52 2022 us=525571   mute_replay_warnings = DISABLED
Wed Feb 16 15:37:52 2022 us=525576   replay_window = 64
Wed Feb 16 15:37:52 2022 us=525582   replay_time = 15
Wed Feb 16 15:37:52 2022 us=525588   packet_id_file = '[UNDEF]'
Wed Feb 16 15:37:52 2022 us=525593   use_iv = ENABLED
Wed Feb 16 15:37:52 2022 us=525599   test_crypto = DISABLED
Wed Feb 16 15:37:52 2022 us=525610   tls_server = ENABLED
Wed Feb 16 15:37:52 2022 us=525616   tls_client = DISABLED
Wed Feb 16 15:37:52 2022 us=525622   key_method = 2
Wed Feb 16 15:37:52 2022 us=525628   ca_file = '/etc/openvpn/keys/ca.crt'
Wed Feb 16 15:37:52 2022 us=525634   ca_path = '[UNDEF]'
Wed Feb 16 15:37:52 2022 us=525639   dh_file = '/etc/openvpn/keys/dh.pem'
Wed Feb 16 15:37:52 2022 us=525645   cert_file = '/etc/openvpn/keys/server.crt'
Wed Feb 16 15:37:52 2022 us=525651   extra_certs_file = '[UNDEF]'
Wed Feb 16 15:37:52 2022 us=525657   priv_key_file = '/etc/openvpn/keys/server.key'
Wed Feb 16 15:37:52 2022 us=525662   pkcs12_file = '[UNDEF]'
Wed Feb 16 15:37:52 2022 us=525668   cipher_list = '[UNDEF]'
Wed Feb 16 15:37:52 2022 us=525674   cipher_list_tls13 = '[UNDEF]'
Wed Feb 16 15:37:52 2022 us=525679   tls_cert_profile = '[UNDEF]'
Wed Feb 16 15:37:52 2022 us=525685   tls_verify = '[UNDEF]'
Wed Feb 16 15:37:52 2022 us=525690   tls_export_cert = '[UNDEF]'
Wed Feb 16 15:37:52 2022 us=525696   verify_x509_type = 0
Wed Feb 16 15:37:52 2022 us=525701   verify_x509_name = '[UNDEF]'
Wed Feb 16 15:37:52 2022 us=525707   crl_file = '[UNDEF]'
Wed Feb 16 15:37:52 2022 us=525713   ns_cert_type = 0
Wed Feb 16 15:37:52 2022 us=525718   remote_cert_ku = 0
Wed Feb 16 15:37:52 2022 us=525724   remote_cert_ku = 0
Wed Feb 16 15:37:52 2022 us=525730   remote_cert_ku = 0
Wed Feb 16 15:37:52 2022 us=525735   remote_cert_ku = 0
Wed Feb 16 15:37:52 2022 us=525741   remote_cert_ku = 0
Wed Feb 16 15:37:52 2022 us=525746   remote_cert_ku = 0
Wed Feb 16 15:37:52 2022 us=525752   remote_cert_ku = 0
Wed Feb 16 15:37:52 2022 us=525757   remote_cert_ku = 0
Wed Feb 16 15:37:52 2022 us=525763   remote_cert_ku = 0
Wed Feb 16 15:37:52 2022 us=525768   remote_cert_ku = 0
Wed Feb 16 15:37:52 2022 us=525774   remote_cert_ku = 0
Wed Feb 16 15:37:52 2022 us=525779   remote_cert_ku = 0
Wed Feb 16 15:37:52 2022 us=525785   remote_cert_ku = 0
Wed Feb 16 15:37:52 2022 us=525790   remote_cert_ku = 0
Wed Feb 16 15:37:52 2022 us=525796   remote_cert_ku = 0
Wed Feb 16 15:37:52 2022 us=525801   remote_cert_ku = 0
Wed Feb 16 15:37:52 2022 us=525807   remote_cert_eku = '[UNDEF]'
Wed Feb 16 15:37:52 2022 us=525813   ssl_flags = 0
Wed Feb 16 15:37:52 2022 us=525819   tls_timeout = 2
Wed Feb 16 15:37:52 2022 us=525824   renegotiate_bytes = -1
Wed Feb 16 15:37:52 2022 us=525830   renegotiate_packets = 0
Wed Feb 16 15:37:52 2022 us=525836   renegotiate_seconds = 3600
Wed Feb 16 15:37:52 2022 us=525851   handshake_window = 60
Wed Feb 16 15:37:52 2022 us=525860   transition_window = 3600
Wed Feb 16 15:37:52 2022 us=525866   single_session = DISABLED
Wed Feb 16 15:37:52 2022 us=525871   push_peer_info = DISABLED
Wed Feb 16 15:37:52 2022 us=525877   tls_exit = DISABLED
Wed Feb 16 15:37:52 2022 us=525883   tls_auth_file = '/etc/openvpn/keys/ta.key'
Wed Feb 16 15:37:52 2022 us=525888   tls_crypt_file = '[UNDEF]'
Wed Feb 16 15:37:52 2022 us=525894   pkcs11_protected_authentication = DISABLED
Wed Feb 16 15:37:52 2022 us=525900   pkcs11_protected_authentication = DISABLED
Wed Feb 16 15:37:52 2022 us=525906   pkcs11_protected_authentication = DISABLED
Wed Feb 16 15:37:52 2022 us=525911   pkcs11_protected_authentication = DISABLED
Wed Feb 16 15:37:52 2022 us=525917   pkcs11_protected_authentication = DISABLED
Wed Feb 16 15:37:52 2022 us=525922   pkcs11_protected_authentication = DISABLED
Wed Feb 16 15:37:52 2022 us=525928   pkcs11_protected_authentication = DISABLED
Wed Feb 16 15:37:52 2022 us=525933   pkcs11_protected_authentication = DISABLED
Wed Feb 16 15:37:52 2022 us=525939   pkcs11_protected_authentication = DISABLED
Wed Feb 16 15:37:52 2022 us=525944   pkcs11_protected_authentication = DISABLED
Wed Feb 16 15:37:52 2022 us=525950   pkcs11_protected_authentication = DISABLED
Wed Feb 16 15:37:52 2022 us=525955   pkcs11_protected_authentication = DISABLED
Wed Feb 16 15:37:52 2022 us=525961   pkcs11_protected_authentication = DISABLED
Wed Feb 16 15:37:52 2022 us=525966   pkcs11_protected_authentication = DISABLED
Wed Feb 16 15:37:52 2022 us=525976   pkcs11_protected_authentication = DISABLED
Wed Feb 16 15:37:52 2022 us=525982   pkcs11_protected_authentication = DISABLED
Wed Feb 16 15:37:52 2022 us=525988   pkcs11_private_mode = 00000000
Wed Feb 16 15:37:52 2022 us=525994   pkcs11_private_mode = 00000000
Wed Feb 16 15:37:52 2022 us=525999   pkcs11_private_mode = 00000000
Wed Feb 16 15:37:52 2022 us=526005   pkcs11_private_mode = 00000000
Wed Feb 16 15:37:52 2022 us=526010   pkcs11_private_mode = 00000000
Wed Feb 16 15:37:52 2022 us=526016   pkcs11_private_mode = 00000000
Wed Feb 16 15:37:52 2022 us=526021   pkcs11_private_mode = 00000000
Wed Feb 16 15:37:52 2022 us=526027   pkcs11_private_mode = 00000000
Wed Feb 16 15:37:52 2022 us=526032   pkcs11_private_mode = 00000000
Wed Feb 16 15:37:52 2022 us=526038   pkcs11_private_mode = 00000000
Wed Feb 16 15:37:52 2022 us=526043   pkcs11_private_mode = 00000000
Wed Feb 16 15:37:52 2022 us=526049   pkcs11_private_mode = 00000000
Wed Feb 16 15:37:52 2022 us=526054   pkcs11_private_mode = 00000000
Wed Feb 16 15:37:52 2022 us=526060   pkcs11_private_mode = 00000000
Wed Feb 16 15:37:52 2022 us=526065   pkcs11_private_mode = 00000000
Wed Feb 16 15:37:52 2022 us=526071   pkcs11_private_mode = 00000000
Wed Feb 16 15:37:52 2022 us=526076   pkcs11_cert_private = DISABLED
Wed Feb 16 15:37:52 2022 us=526082   pkcs11_cert_private = DISABLED
Wed Feb 16 15:37:52 2022 us=526087   pkcs11_cert_private = DISABLED
Wed Feb 16 15:37:52 2022 us=526093   pkcs11_cert_private = DISABLED
Wed Feb 16 15:37:52 2022 us=526098   pkcs11_cert_private = DISABLED
Wed Feb 16 15:37:52 2022 us=526104   pkcs11_cert_private = DISABLED
Wed Feb 16 15:37:52 2022 us=526109   pkcs11_cert_private = DISABLED
Wed Feb 16 15:37:52 2022 us=526115   pkcs11_cert_private = DISABLED
Wed Feb 16 15:37:52 2022 us=526120   pkcs11_cert_private = DISABLED
Wed Feb 16 15:37:52 2022 us=526126   pkcs11_cert_private = DISABLED
Wed Feb 16 15:37:52 2022 us=526131   pkcs11_cert_private = DISABLED
Wed Feb 16 15:37:52 2022 us=526136   pkcs11_cert_private = DISABLED
Wed Feb 16 15:37:52 2022 us=526142   pkcs11_cert_private = DISABLED
Wed Feb 16 15:37:52 2022 us=526147   pkcs11_cert_private = DISABLED
Wed Feb 16 15:37:52 2022 us=526153   pkcs11_cert_private = DISABLED
Wed Feb 16 15:37:52 2022 us=526158   pkcs11_cert_private = DISABLED
Wed Feb 16 15:37:52 2022 us=526164   pkcs11_pin_cache_period = -1
Wed Feb 16 15:37:52 2022 us=526170   pkcs11_id = '[UNDEF]'
Wed Feb 16 15:37:52 2022 us=526175   pkcs11_id_management = DISABLED
Wed Feb 16 15:37:52 2022 us=526182   server_network = 10.8.0.0
Wed Feb 16 15:37:52 2022 us=526188   server_netmask = 255.255.255.0
Wed Feb 16 15:37:52 2022 us=526195   server_network_ipv6 = ::
Wed Feb 16 15:37:52 2022 us=526201   server_netbits_ipv6 = 0
Wed Feb 16 15:37:52 2022 us=526207   server_bridge_ip = 0.0.0.0
Wed Feb 16 15:37:52 2022 us=526213   server_bridge_netmask = 0.0.0.0
Wed Feb 16 15:37:52 2022 us=526230   server_bridge_pool_start = 0.0.0.0
Wed Feb 16 15:37:52 2022 us=526237   server_bridge_pool_end = 0.0.0.0
Wed Feb 16 15:37:52 2022 us=526243   push_entry = 'redirect-gateway def1 bypass-dhcp'
Wed Feb 16 15:37:52 2022 us=526248   push_entry = 'dhcp-option DNS 77.88.8.8'
Wed Feb 16 15:37:52 2022 us=526254   push_entry = 'dhcp-option DNS 77.88.8.1'
Wed Feb 16 15:37:52 2022 us=526259   push_entry = 'route 10.8.0.1'
Wed Feb 16 15:37:52 2022 us=526265   push_entry = 'topology net30'
Wed Feb 16 15:37:52 2022 us=526270   push_entry = 'ping 10'
Wed Feb 16 15:37:52 2022 us=526276   push_entry = 'ping-restart 120'
Wed Feb 16 15:37:52 2022 us=526282   ifconfig_pool_defined = ENABLED
Wed Feb 16 15:37:52 2022 us=526288   ifconfig_pool_start = 10.8.0.4
Wed Feb 16 15:37:52 2022 us=526295   ifconfig_pool_end = 10.8.0.251
Wed Feb 16 15:37:52 2022 us=526301   ifconfig_pool_netmask = 0.0.0.0
Wed Feb 16 15:37:52 2022 us=526307   ifconfig_pool_persist_filename = 'ipp.txt'
Wed Feb 16 15:37:52 2022 us=526313   ifconfig_pool_persist_refresh_freq = 600
Wed Feb 16 15:37:52 2022 us=526318   ifconfig_ipv6_pool_defined = DISABLED
Wed Feb 16 15:37:52 2022 us=526324   ifconfig_ipv6_pool_base = ::
Wed Feb 16 15:37:52 2022 us=526337   ifconfig_ipv6_pool_netbits = 0
Wed Feb 16 15:37:52 2022 us=526343   n_bcast_buf = 256
Wed Feb 16 15:37:52 2022 us=526349   tcp_queue_limit = 64
Wed Feb 16 15:37:52 2022 us=526355   real_hash_size = 256
Wed Feb 16 15:37:52 2022 us=526361   virtual_hash_size = 256
Wed Feb 16 15:37:52 2022 us=526366   client_connect_script = '[UNDEF]'
Wed Feb 16 15:37:52 2022 us=526372   learn_address_script = '[UNDEF]'
Wed Feb 16 15:37:52 2022 us=526377   client_disconnect_script = '[UNDEF]'
Wed Feb 16 15:37:52 2022 us=526383   client_config_dir = '[UNDEF]'
Wed Feb 16 15:37:52 2022 us=526389   ccd_exclusive = DISABLED
Wed Feb 16 15:37:52 2022 us=526394   tmp_dir = '/tmp'
Wed Feb 16 15:37:52 2022 us=526400   push_ifconfig_defined = DISABLED
Wed Feb 16 15:37:52 2022 us=526406   push_ifconfig_local = 0.0.0.0
Wed Feb 16 15:37:52 2022 us=526412   push_ifconfig_remote_netmask = 0.0.0.0
Wed Feb 16 15:37:52 2022 us=526418   push_ifconfig_ipv6_defined = DISABLED
Wed Feb 16 15:37:52 2022 us=526424   push_ifconfig_ipv6_local = ::/0
Wed Feb 16 15:37:52 2022 us=526430   push_ifconfig_ipv6_remote = ::
Wed Feb 16 15:37:52 2022 us=526436   enable_c2c = DISABLED
Wed Feb 16 15:37:52 2022 us=526442   duplicate_cn = DISABLED
Wed Feb 16 15:37:52 2022 us=526447   cf_max = 0
Wed Feb 16 15:37:52 2022 us=526453   cf_per = 0
Wed Feb 16 15:37:52 2022 us=526459   max_clients = 1024
Wed Feb 16 15:37:52 2022 us=526464   max_routes_per_client = 256
Wed Feb 16 15:37:52 2022 us=526470   auth_user_pass_verify_script = '[UNDEF]'
Wed Feb 16 15:37:52 2022 us=526476   auth_user_pass_verify_script_via_file = DISABLED
Wed Feb 16 15:37:52 2022 us=526481   auth_token_generate = DISABLED
Wed Feb 16 15:37:52 2022 us=526487   auth_token_lifetime = 0
Wed Feb 16 15:37:52 2022 us=526493   port_share_host = '[UNDEF]'
Wed Feb 16 15:37:52 2022 us=526498   port_share_port = '[UNDEF]'
Wed Feb 16 15:37:52 2022 us=526504   client = DISABLED
Wed Feb 16 15:37:52 2022 us=526510   pull = DISABLED
Wed Feb 16 15:37:52 2022 us=526515   auth_user_pass_file = '[UNDEF]'
Wed Feb 16 15:37:52 2022 us=526522 OpenVPN 2.4.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jul 19 2021
Wed Feb 16 15:37:52 2022 us=526541 library versions: OpenSSL 1.1.1f  31 Mar 2020, LZO 2.10
Wed Feb 16 15:37:52 2022 us=526596 PKCS#11: pkcs11_initialize - entered
Wed Feb 16 15:37:52 2022 us=526652 PKCS#11: pkcs11_initialize - return 0-'CKR_OK'
Wed Feb 16 15:37:52 2022 us=527008 Diffie-Hellman initialized with 2048 bit key
Wed Feb 16 15:37:52 2022 us=527414 PRNG init md=SHA1 size=36
Wed Feb 16 15:37:52 2022 us=527475 Outgoing Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Wed Feb 16 15:37:52 2022 us=527487 Outgoing Control Channel Authentication: HMAC KEY: e65ac634 8d8e8d88 f9680287 c79a1079 f2a2bd97 31f40198 1c351486 e7d23ae3
Wed Feb 16 15:37:52 2022 us=527493 Outgoing Control Channel Authentication: HMAC size=32 block_size=32
Wed Feb 16 15:37:52 2022 us=527500 Incoming Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Wed Feb 16 15:37:52 2022 us=527510 Incoming Control Channel Authentication: HMAC KEY: 3da51a9f 4fdb913b 9dab2316 5edbb54e bb0c98d3 cf97753d 3a93de07 c59f1b52
Wed Feb 16 15:37:52 2022 us=527515 Incoming Control Channel Authentication: HMAC size=32 block_size=32
Wed Feb 16 15:37:52 2022 us=527522 crypto_adjust_frame_parameters: Adjusting frame parameters for crypto by 40 bytes
Wed Feb 16 15:37:52 2022 us=527533 TLS-Auth MTU parms [ L:1621 D:1172 EF:78 EB:0 ET:0 EL:3 ]
Wed Feb 16 15:37:52 2022 us=527540 MTU DYNAMIC mtu=1450, flags=2, 1621 -> 1450
Wed Feb 16 15:37:52 2022 us=527614 ROUTE_GATEWAY 71.114.114.1/255.255.255.0 IFACE=eth0 HWADDR=11:22:33:cb:db:14
Wed Feb 16 15:37:52 2022 us=537249 TUN/TAP device tun1 opened
Wed Feb 16 15:37:52 2022 us=537581 TUN/TAP TX queue length set to 100
Wed Feb 16 15:37:52 2022 us=537613 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Wed Feb 16 15:37:52 2022 us=537629 /sbin/ip link set dev tun1 up mtu 1500
Wed Feb 16 15:37:52 2022 us=545075 /sbin/ip addr add dev tun1 local 10.8.0.1 peer 10.8.0.2
Wed Feb 16 15:37:52 2022 us=548653 /sbin/ip route add 10.8.0.0/24 via 10.8.0.2
RTNETLINK answers: File exists
Wed Feb 16 15:37:52 2022 us=557947 ERROR: Linux route add command failed: external program exited with error status: 2
Wed Feb 16 15:37:52 2022 us=558000 Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
Wed Feb 16 15:37:52 2022 us=558280 Socket Buffers: R=[212992->212992] S=[212992->212992]
Wed Feb 16 15:37:52 2022 us=558303 TCP/UDP: Socket bind failed on local address [AF_INET][undef]:1194: Address already in use (errno=98)
Wed Feb 16 15:37:52 2022 us=558314 Exiting due to fatal error
Wed Feb 16 15:37:52 2022 us=558330 Closing TUN/TAP interface
Wed Feb 16 15:37:52 2022 us=558342 /sbin/ip addr del dev tun1 local 10.8.0.1 peer 10.8.0.2

реакция на перезапуск сервера /etc/init.d/openvpn restart:
"Restarting openvpn (via systemctl): openvpn.service."

syslog по grep ovpn пусто

(Нажмите, чтобы показать/скрыть)

lo               UNKNOWN        127.0.0.1/8 ::1/128
tun0             UNKNOWN        10.8.0.1 peer 10.8.0.2/32
eth0             UP             71.114.114.12/24
eth1             DOWN

ip route list default:
"default via 71.114.114.1 dev eth0 proto static"

(Нажмите, чтобы показать/скрыть)

eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 71.114.114.12  netmask 255.255.255.0  broadcast 71.114.114.255
        inet6 - prefixlen 64  scopeid 0x0<global>
        inet6 - prefixlen 64  scopeid 0x20<link>
        ether - txqueuelen 1000  (Ethernet)
        RX packets 1051  bytes 94697 (94.6 KB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 751  bytes 341654 (341.6 KB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 2  bytes 100 (100.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 2  bytes 100 (100.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

tun0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST>  mtu 1500
        inet 10.8.0.1  netmask 255.255.255.255  destination 10.8.0.2
        inet6 fe80::8d64:391d:2e16:16a9  prefixlen 64  scopeid 0x20<link>
        unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  txqueuelen 100  (UNSPEC)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 9  bytes 432 (432.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

[AnrDaemon]

А зачем было ломать системную настройку и создавать левых пользователей?
Запускайте openvpn руками и смотрите, что пишет.

sudo -Hu openvpn /sbin/openvpn /etc/openvpn/cerver.conf

[pushin-07]

создавать левых пользователей

конкретно не привилегированного пользователя - из мысли о спокойствии

Хотя, вот попробовал - удалил пользователя и вернул строки в server.config
...должна ж кем-то запускаться служба и наверное без прав рута?
поправьте если ошибаюсь...
вернул в конфиг стоковые значения:

Код: [Выделить]

user nobody
group nogroup
VPS перезагрузил, в логе OpenVPN пользователь службы изменился, но толку это не дало - OpenVPN не заводится

(Нажмите, чтобы показать/скрыть)

● openvpn-server@ server.service - OpenVPN service for server
     Loaded: loaded (/lib/systemd/system/openvpn-server@.service; enabled; vendor preset: enabled)
     Active: activating (auto-restart) (Result: exit-code) since Wed 2022-02-16 19:56:33 MSK; 3s ago
       Docs: man:openvpn(
             https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage
             https://community.openvpn.net/openvpn/wiki/HOWTO
    Process: 774 ExecStart=/usr/sbin/openvpn --status /run/openvpn-server/status-server.log --status-version 2 --suppress-timestamps --config server.conf (code=exited, status=1/FAILURE)
   Main PID: 774 (code=exited, status=1/FAILURE)

Feb 16 19:56:33 71-114-114-12.cloudvps.regruhosting.ru systemd[1]: openvpn-server@server.service: Main process exited, code=exited, status=1/FAILURE
Feb 16 19:56:33 71-114-114-12.cloudvps.regruhosting.ru systemd[1]: openvpn-server@server.service: Failed with result 'exit-code'.
Feb 16 19:56:33 71-114-114-12.cloudvps.regruhosting.ru systemd[1]: Failed to start OpenVPN service for server.

(Нажмите, чтобы показать/скрыть)

Feb 16 19:55:18 71-114-114-12 systemd[1]: Stopped OpenVPN service for server.
Feb 16 19:55:18 71-114-114-12 systemd[1]: Starting OpenVPN service for server...
Feb 16 19:55:18 71-114-114-12 systemd[1]: Failed to start OpenVPN service for server.
Feb 16 19:55:25 71-114-114-12 systemd[1]: Stopped OpenVPN service for server.
Feb 16 19:55:25 71-114-114-12 systemd[1]: Starting OpenVPN service for server...
Feb 16 19:55:25 71-114-114-12 systemd[1]: Failed to start OpenVPN service for server.
Feb 16 19:55:30 71-114-114-12 systemd[1]: Stopped OpenVPN service for server.
Feb 16 19:55:30 71-114-114-12 systemd[1]: Starting OpenVPN service for server...
Feb 16 19:55:30 71-114-114-12 systemd[1]: Failed to start OpenVPN service for server.
Feb 16 19:55:35 71-114-114-12 systemd[1]: Stopped OpenVPN service for server.
Feb 16 19:55:35 71-114-114-12 systemd[1]: Starting OpenVPN service for server...
Feb 16 19:55:35 71-114-114-12 systemd[1]: Failed to start OpenVPN service for server.
Feb 16 19:55:40 71-114-114-12 systemd[1]: Stopped OpenVPN service for server.
Feb 16 19:55:40 71-114-114-12 systemd[1]: Starting OpenVPN service for server...
Feb 16 19:55:40 71-114-114-12 systemd[1]: Failed to start OpenVPN service for server.
Feb 16 19:55:46 71-114-114-12 systemd[1]: Stopped OpenVPN service for server.
Feb 16 19:55:46 71-114-114-12 systemd[1]: Starting OpenVPN service for server...
Feb 16 19:55:46 71-114-114-12 systemd[1]: Failed to start OpenVPN service for server.

(Нажмите, чтобы показать/скрыть)

Wed Feb 16 19:54:47 2022 us=420723 Current Parameter Settings:
Wed Feb 16 19:54:47 2022 us=420781   config = '/etc/openvpn/server.conf'
Wed Feb 16 19:54:47 2022 us=420790   mode = 1
Wed Feb 16 19:54:47 2022 us=420797   persist_config = DISABLED
Wed Feb 16 19:54:47 2022 us=420803   persist_mode = 1
Wed Feb 16 19:54:47 2022 us=420809   show_ciphers = DISABLED
Wed Feb 16 19:54:47 2022 us=420815   show_digests = DISABLED
Wed Feb 16 19:54:47 2022 us=420820   show_engines = DISABLED
Wed Feb 16 19:54:47 2022 us=420826   genkey = DISABLED
Wed Feb 16 19:54:47 2022 us=420832   key_pass_file = '[UNDEF]'
Wed Feb 16 19:54:47 2022 us=420837   show_tls_ciphers = DISABLED
Wed Feb 16 19:54:47 2022 us=420843   connect_retry_max = 0
Wed Feb 16 19:54:47 2022 us=420849 Connection profiles

• :

Wed Feb 16 19:54:47 2022 us=420856   proto = udp4
Wed Feb 16 19:54:47 2022 us=420861   local = '[UNDEF]'
Wed Feb 16 19:54:47 2022 us=420867   local_port = '1194'
Wed Feb 16 19:54:47 2022 us=420873   remote = '[UNDEF]'
Wed Feb 16 19:54:47 2022 us=420878   remote_port = '1194'
Wed Feb 16 19:54:47 2022 us=420884   remote_float = DISABLED
Wed Feb 16 19:54:47 2022 us=420890   bind_defined = DISABLED
Wed Feb 16 19:54:47 2022 us=420895   bind_local = ENABLED
Wed Feb 16 19:54:47 2022 us=420901   bind_ipv6_only = DISABLED
Wed Feb 16 19:54:47 2022 us=420907   connect_retry_seconds = 5
Wed Feb 16 19:54:47 2022 us=420913   connect_timeout = 120
Wed Feb 16 19:54:47 2022 us=420918   socks_proxy_server = '[UNDEF]'
Wed Feb 16 19:54:47 2022 us=420924   socks_proxy_port = '[UNDEF]'
Wed Feb 16 19:54:47 2022 us=420930   tun_mtu = 1500
Wed Feb 16 19:54:47 2022 us=420935   tun_mtu_defined = ENABLED
Wed Feb 16 19:54:47 2022 us=420941   link_mtu = 1500
Wed Feb 16 19:54:47 2022 us=420947   link_mtu_defined = DISABLED
Wed Feb 16 19:54:47 2022 us=420952   tun_mtu_extra = 0
Wed Feb 16 19:54:47 2022 us=420958   tun_mtu_extra_defined = DISABLED
Wed Feb 16 19:54:47 2022 us=420964   mtu_discover_type = -1
Wed Feb 16 19:54:47 2022 us=420970   fragment = 0
Wed Feb 16 19:54:47 2022 us=420976   mssfix = 1450
Wed Feb 16 19:54:47 2022 us=420982   explicit_exit_notification = 1
Wed Feb 16 19:54:47 2022 us=420988 Connection profiles END
Wed Feb 16 19:54:47 2022 us=420993   remote_random = DISABLED
Wed Feb 16 19:54:47 2022 us=420999   ipchange = '[UNDEF]'
Wed Feb 16 19:54:47 2022 us=421005   dev = 'tun'
Wed Feb 16 19:54:47 2022 us=421011   dev_type = '[UNDEF]'
Wed Feb 16 19:54:47 2022 us=421016   dev_node = '[UNDEF]'
Wed Feb 16 19:54:47 2022 us=421022   lladdr = '[UNDEF]'
Wed Feb 16 19:54:47 2022 us=421027   topology = 1
Wed Feb 16 19:54:47 2022 us=421033   ifconfig_local = '10.8.0.1'
Wed Feb 16 19:54:47 2022 us=421039   ifconfig_remote_netmask = '10.8.0.2'
Wed Feb 16 19:54:47 2022 us=421044   ifconfig_noexec = DISABLED
Wed Feb 16 19:54:47 2022 us=421050   ifconfig_nowarn = DISABLED
Wed Feb 16 19:54:47 2022 us=421056   ifconfig_ipv6_local = '[UNDEF]'
Wed Feb 16 19:54:47 2022 us=421061   ifconfig_ipv6_netbits = 0
Wed Feb 16 19:54:47 2022 us=421067   ifconfig_ipv6_remote = '[UNDEF]'
Wed Feb 16 19:54:47 2022 us=421073   shaper = 0
Wed Feb 16 19:54:47 2022 us=421084   mtu_test = 0
Wed Feb 16 19:54:47 2022 us=421090   mlock = DISABLED
Wed Feb 16 19:54:47 2022 us=421096   keepalive_ping = 10
Wed Feb 16 19:54:47 2022 us=421102   keepalive_timeout = 120
Wed Feb 16 19:54:47 2022 us=421107   inactivity_timeout = 0
Wed Feb 16 19:54:47 2022 us=421113   ping_send_timeout = 10
Wed Feb 16 19:54:47 2022 us=421118   ping_rec_timeout = 240
Wed Feb 16 19:54:47 2022 us=421124   ping_rec_timeout_action = 2
Wed Feb 16 19:54:47 2022 us=421130   ping_timer_remote = DISABLED
Wed Feb 16 19:54:47 2022 us=421135   remap_sigusr1 = 0
Wed Feb 16 19:54:47 2022 us=421141   persist_tun = ENABLED
Wed Feb 16 19:54:47 2022 us=421147   persist_local_ip = DISABLED
Wed Feb 16 19:54:47 2022 us=421152   persist_remote_ip = DISABLED
Wed Feb 16 19:54:47 2022 us=421158   persist_key = ENABLED
Wed Feb 16 19:54:47 2022 us=421164   passtos = DISABLED
Wed Feb 16 19:54:47 2022 us=421169   resolve_retry_seconds = 1000000000
Wed Feb 16 19:54:47 2022 us=421175   resolve_in_advance = DISABLED
Wed Feb 16 19:54:47 2022 us=423314   username = 'nobody'
Wed Feb 16 19:54:47 2022 us=423332   groupname = 'nogroup'
Wed Feb 16 19:54:47 2022 us=423339   chroot_dir = '[UNDEF]'
Wed Feb 16 19:54:47 2022 us=423345   cd_dir = '/etc/openvpn'
Wed Feb 16 19:54:47 2022 us=423351   writepid = '/run/openvpn/server.pid'
Wed Feb 16 19:54:47 2022 us=423357   up_script = '[UNDEF]'
Wed Feb 16 19:54:47 2022 us=423362   down_script = '[UNDEF]'
Wed Feb 16 19:54:47 2022 us=423368   down_pre = DISABLED
Wed Feb 16 19:54:47 2022 us=423374   up_restart = DISABLED
Wed Feb 16 19:54:47 2022 us=423380   up_delay = DISABLED
Wed Feb 16 19:54:47 2022 us=423385   daemon = ENABLED
Wed Feb 16 19:54:47 2022 us=423391   inetd = 0
Wed Feb 16 19:54:47 2022 us=423397   log = ENABLED
Wed Feb 16 19:54:47 2022 us=423403   suppress_timestamps = DISABLED
Wed Feb 16 19:54:47 2022 us=423409   machine_readable_output = DISABLED
Wed Feb 16 19:54:47 2022 us=423415   nice = 0
Wed Feb 16 19:54:47 2022 us=423420   verbosity = 9
Wed Feb 16 19:54:47 2022 us=423426   mute = 0
Wed Feb 16 19:54:47 2022 us=423432   gremlin = 0
Wed Feb 16 19:54:47 2022 us=423438   status_file = '/var/log/openvpn/openvpn-status.log'
Wed Feb 16 19:54:47 2022 us=423443   status_file_version = 1
Wed Feb 16 19:54:47 2022 us=423449   status_file_update_freq = 10
Wed Feb 16 19:54:47 2022 us=423455   occ = ENABLED
Wed Feb 16 19:54:47 2022 us=423461   rcvbuf = 0
Wed Feb 16 19:54:47 2022 us=423466   sndbuf = 0
Wed Feb 16 19:54:47 2022 us=423472   mark = 0
Wed Feb 16 19:54:47 2022 us=423478   sockflags = 0
Wed Feb 16 19:54:47 2022 us=423484   fast_io = DISABLED
Wed Feb 16 19:54:47 2022 us=423489   comp.alg = 0
Wed Feb 16 19:54:47 2022 us=423495   comp.flags = 0
Wed Feb 16 19:54:47 2022 us=423501   route_script = '[UNDEF]'
Wed Feb 16 19:54:47 2022 us=423507   route_default_gateway = '[UNDEF]'
Wed Feb 16 19:54:47 2022 us=423513   route_default_metric = 0
Wed Feb 16 19:54:47 2022 us=423519   route_noexec = DISABLED
Wed Feb 16 19:54:47 2022 us=423525   route_delay = 0
Wed Feb 16 19:54:47 2022 us=423530   route_delay_window = 30
Wed Feb 16 19:54:47 2022 us=423536   route_delay_defined = DISABLED
Wed Feb 16 19:54:47 2022 us=423542   route_nopull = DISABLED
Wed Feb 16 19:54:47 2022 us=423548   route_gateway_via_dhcp = DISABLED
Wed Feb 16 19:54:47 2022 us=423553   allow_pull_fqdn = DISABLED
Wed Feb 16 19:54:47 2022 us=423560   route 10.8.0.0/255.255.255.0/default (not set)/default (not set)
Wed Feb 16 19:54:47 2022 us=423567   management_addr = '[UNDEF]'
Wed Feb 16 19:54:47 2022 us=423573   management_port = '[UNDEF]'
Wed Feb 16 19:54:47 2022 us=423578   management_user_pass = '[UNDEF]'
Wed Feb 16 19:54:47 2022 us=423584   management_log_history_cache = 250
Wed Feb 16 19:54:47 2022 us=423590   management_echo_buffer_size = 100
Wed Feb 16 19:54:47 2022 us=423596   management_write_peer_info_file = '[UNDEF]'
Wed Feb 16 19:54:47 2022 us=423602   management_client_user = '[UNDEF]'
Wed Feb 16 19:54:47 2022 us=423608   management_client_group = '[UNDEF]'
Wed Feb 16 19:54:47 2022 us=423614   management_flags = 0
Wed Feb 16 19:54:47 2022 us=423620   shared_secret_file = '[UNDEF]'
Wed Feb 16 19:54:47 2022 us=423626   key_direction = 0
Wed Feb 16 19:54:47 2022 us=423632   ciphername = 'AES-256-GCM'
Wed Feb 16 19:54:47 2022 us=423637   ncp_enabled = ENABLED
Wed Feb 16 19:54:47 2022 us=423643   ncp_ciphers = 'AES-256-GCM:AES-128-GCM'
Wed Feb 16 19:54:47 2022 us=423663   authname = 'SHA256'
Wed Feb 16 19:54:47 2022 us=423669   prng_hash = 'SHA1'
Wed Feb 16 19:54:47 2022 us=423675   prng_nonce_secret_len = 16
Wed Feb 16 19:54:47 2022 us=423681   keysize = 0
Wed Feb 16 19:54:47 2022 us=423687   engine = DISABLED
Wed Feb 16 19:54:47 2022 us=423693   replay = ENABLED
Wed Feb 16 19:54:47 2022 us=423699   mute_replay_warnings = DISABLED
Wed Feb 16 19:54:47 2022 us=423705   replay_window = 64
Wed Feb 16 19:54:47 2022 us=423710   replay_time = 15
Wed Feb 16 19:54:47 2022 us=423716   packet_id_file = '[UNDEF]'
Wed Feb 16 19:54:47 2022 us=423722   use_iv = ENABLED
Wed Feb 16 19:54:47 2022 us=423728   test_crypto = DISABLED
Wed Feb 16 19:54:47 2022 us=423746   tls_server = ENABLED
Wed Feb 16 19:54:47 2022 us=423752   tls_client = DISABLED
Wed Feb 16 19:54:47 2022 us=423758   key_method = 2
Wed Feb 16 19:54:47 2022 us=423764   ca_file = '/etc/openvpn/keys/ca.crt'
Wed Feb 16 19:54:47 2022 us=423770   ca_path = '[UNDEF]'
Wed Feb 16 19:54:47 2022 us=423776   dh_file = '/etc/openvpn/keys/dh.pem'
Wed Feb 16 19:54:47 2022 us=423782   cert_file = '/etc/openvpn/keys/server.crt'
Wed Feb 16 19:54:47 2022 us=423788   extra_certs_file = '[UNDEF]'
Wed Feb 16 19:54:47 2022 us=423794   priv_key_file = '/etc/openvpn/keys/server.key'
Wed Feb 16 19:54:47 2022 us=423800   pkcs12_file = '[UNDEF]'
Wed Feb 16 19:54:47 2022 us=423806   cipher_list = '[UNDEF]'
Wed Feb 16 19:54:47 2022 us=423812   cipher_list_tls13 = '[UNDEF]'
Wed Feb 16 19:54:47 2022 us=423817   tls_cert_profile = '[UNDEF]'
Wed Feb 16 19:54:47 2022 us=423823   tls_verify = '[UNDEF]'
Wed Feb 16 19:54:47 2022 us=423829   tls_export_cert = '[UNDEF]'
Wed Feb 16 19:54:47 2022 us=423835   verify_x509_type = 0
Wed Feb 16 19:54:47 2022 us=423841   verify_x509_name = '[UNDEF]'
Wed Feb 16 19:54:47 2022 us=423846   crl_file = '[UNDEF]'
Wed Feb 16 19:54:47 2022 us=423852   ns_cert_type = 0
Wed Feb 16 19:54:47 2022 us=423858   remote_cert_ku = 0
Wed Feb 16 19:54:47 2022 us=423864   remote_cert_ku = 0
Wed Feb 16 19:54:47 2022 us=423870   remote_cert_ku = 0
Wed Feb 16 19:54:47 2022 us=423876   remote_cert_ku = 0
Wed Feb 16 19:54:47 2022 us=423881   remote_cert_ku = 0
Wed Feb 16 19:54:47 2022 us=423887   remote_cert_ku = 0
Wed Feb 16 19:54:47 2022 us=423893   remote_cert_ku = 0
Wed Feb 16 19:54:47 2022 us=423899   remote_cert_ku = 0
Wed Feb 16 19:54:47 2022 us=423904   remote_cert_ku = 0
Wed Feb 16 19:54:47 2022 us=423910   remote_cert_ku = 0
Wed Feb 16 19:54:47 2022 us=423916   remote_cert_ku = 0
Wed Feb 16 19:54:47 2022 us=423921   remote_cert_ku = 0
Wed Feb 16 19:54:47 2022 us=423927   remote_cert_ku = 0
Wed Feb 16 19:54:47 2022 us=423933   remote_cert_ku = 0
Wed Feb 16 19:54:47 2022 us=423938   remote_cert_ku = 0
Wed Feb 16 19:54:47 2022 us=423944   remote_cert_ku = 0
Wed Feb 16 19:54:47 2022 us=423950   remote_cert_eku = '[UNDEF]'
Wed Feb 16 19:54:47 2022 us=423956   ssl_flags = 0
Wed Feb 16 19:54:47 2022 us=423962   tls_timeout = 2
Wed Feb 16 19:54:47 2022 us=423968   renegotiate_bytes = -1
Wed Feb 16 19:54:47 2022 us=423974   renegotiate_packets = 0
Wed Feb 16 19:54:47 2022 us=423979   renegotiate_seconds = 3600
Wed Feb 16 19:54:47 2022 us=423985   handshake_window = 60
Wed Feb 16 19:54:47 2022 us=423991   transition_window = 3600
Wed Feb 16 19:54:47 2022 us=423997   single_session = DISABLED
Wed Feb 16 19:54:47 2022 us=424003   push_peer_info = DISABLED
Wed Feb 16 19:54:47 2022 us=424009   tls_exit = DISABLED
Wed Feb 16 19:54:47 2022 us=424015   tls_auth_file = '/etc/openvpn/keys/ta.key'
Wed Feb 16 19:54:47 2022 us=424021   tls_crypt_file = '[UNDEF]'
Wed Feb 16 19:54:47 2022 us=424027   pkcs11_protected_authentication = DISABLED
Wed Feb 16 19:54:47 2022 us=424033   pkcs11_protected_authentication = DISABLED
Wed Feb 16 19:54:47 2022 us=424039   pkcs11_protected_authentication = DISABLED
Wed Feb 16 19:54:47 2022 us=424044   pkcs11_protected_authentication = DISABLED
Wed Feb 16 19:54:47 2022 us=424050   pkcs11_protected_authentication = DISABLED
Wed Feb 16 19:54:47 2022 us=424056   pkcs11_protected_authentication = DISABLED
Wed Feb 16 19:54:47 2022 us=424062   pkcs11_protected_authentication = DISABLED
Wed Feb 16 19:54:47 2022 us=424067   pkcs11_protected_authentication = DISABLED
Wed Feb 16 19:54:47 2022 us=424073   pkcs11_protected_authentication = DISABLED
Wed Feb 16 19:54:47 2022 us=424079   pkcs11_protected_authentication = DISABLED
Wed Feb 16 19:54:47 2022 us=424085   pkcs11_protected_authentication = DISABLED
Wed Feb 16 19:54:47 2022 us=424091   pkcs11_protected_authentication = DISABLED
Wed Feb 16 19:54:47 2022 us=424096   pkcs11_protected_authentication = DISABLED
Wed Feb 16 19:54:47 2022 us=424102   pkcs11_protected_authentication = DISABLED
Wed Feb 16 19:54:47 2022 us=424114   pkcs11_protected_authentication = DISABLED
Wed Feb 16 19:54:47 2022 us=424120   pkcs11_protected_authentication = DISABLED
Wed Feb 16 19:54:47 2022 us=424126   pkcs11_private_mode = 00000000
Wed Feb 16 19:54:47 2022 us=424132   pkcs11_private_mode = 00000000
Wed Feb 16 19:54:47 2022 us=424138   pkcs11_private_mode = 00000000
Wed Feb 16 19:54:47 2022 us=424144   pkcs11_private_mode = 00000000
Wed Feb 16 19:54:47 2022 us=424149   pkcs11_private_mode = 00000000
Wed Feb 16 19:54:47 2022 us=424155   pkcs11_private_mode = 00000000
Wed Feb 16 19:54:47 2022 us=424161   pkcs11_private_mode = 00000000
Wed Feb 16 19:54:47 2022 us=424167   pkcs11_private_mode = 00000000
Wed Feb 16 19:54:47 2022 us=424172   pkcs11_private_mode = 00000000
Wed Feb 16 19:54:47 2022 us=424178   pkcs11_private_mode = 00000000
Wed Feb 16 19:54:47 2022 us=424184   pkcs11_private_mode = 00000000
Wed Feb 16 19:54:47 2022 us=424190   pkcs11_private_mode = 00000000
Wed Feb 16 19:54:47 2022 us=424195   pkcs11_private_mode = 00000000
Wed Feb 16 19:54:47 2022 us=424201   pkcs11_private_mode = 00000000
Wed Feb 16 19:54:47 2022 us=424207   pkcs11_private_mode = 00000000
Wed Feb 16 19:54:47 2022 us=424212   pkcs11_private_mode = 00000000
Wed Feb 16 19:54:47 2022 us=424218   pkcs11_cert_private = DISABLED
Wed Feb 16 19:54:47 2022 us=424224   pkcs11_cert_private = DISABLED
Wed Feb 16 19:54:47 2022 us=424229   pkcs11_cert_private = DISABLED
Wed Feb 16 19:54:47 2022 us=424235   pkcs11_cert_private = DISABLED
Wed Feb 16 19:54:47 2022 us=424241   pkcs11_cert_private = DISABLED
Wed Feb 16 19:54:47 2022 us=424246   pkcs11_cert_private = DISABLED
Wed Feb 16 19:54:47 2022 us=424252   pkcs11_cert_private = DISABLED
Wed Feb 16 19:54:47 2022 us=424258   pkcs11_cert_private = DISABLED
Wed Feb 16 19:54:47 2022 us=424263   pkcs11_cert_private = DISABLED
Wed Feb 16 19:54:47 2022 us=424269   pkcs11_cert_private = DISABLED
Wed Feb 16 19:54:47 2022 us=424275   pkcs11_cert_private = DISABLED
Wed Feb 16 19:54:47 2022 us=424280   pkcs11_cert_private = DISABLED
Wed Feb 16 19:54:47 2022 us=424286   pkcs11_cert_private = DISABLED
Wed Feb 16 19:54:47 2022 us=424292   pkcs11_cert_private = DISABLED
Wed Feb 16 19:54:47 2022 us=424297   pkcs11_cert_private = DISABLED
Wed Feb 16 19:54:47 2022 us=424303   pkcs11_cert_private = DISABLED
Wed Feb 16 19:54:47 2022 us=424309   pkcs11_pin_cache_period = -1
Wed Feb 16 19:54:47 2022 us=424315   pkcs11_id = '[UNDEF]'
Wed Feb 16 19:54:47 2022 us=424321   pkcs11_id_management = DISABLED
Wed Feb 16 19:54:47 2022 us=424328   server_network = 10.8.0.0
Wed Feb 16 19:54:47 2022 us=424335   server_netmask = 255.255.255.0
Wed Feb 16 19:54:47 2022 us=424342   server_network_ipv6 = ::
Wed Feb 16 19:54:47 2022 us=424348   server_netbits_ipv6 = 0
Wed Feb 16 19:54:47 2022 us=424354   server_bridge_ip = 0.0.0.0
Wed Feb 16 19:54:47 2022 us=424367   server_bridge_netmask = 0.0.0.0
Wed Feb 16 19:54:47 2022 us=424374   server_bridge_pool_start = 0.0.0.0
Wed Feb 16 19:54:47 2022 us=424380   server_bridge_pool_end = 0.0.0.0
Wed Feb 16 19:54:47 2022 us=424386   push_entry = 'redirect-gateway def1 bypass-dhcp'
Wed Feb 16 19:54:47 2022 us=424392   push_entry = 'dhcp-option DNS 77.88.8.8'
Wed Feb 16 19:54:47 2022 us=424398   push_entry = 'dhcp-option DNS 77.88.8.1'
Wed Feb 16 19:54:47 2022 us=424404   push_entry = 'route 10.8.0.1'
Wed Feb 16 19:54:47 2022 us=424409   push_entry = 'topology net30'
Wed Feb 16 19:54:47 2022 us=424415   push_entry = 'ping 10'
Wed Feb 16 19:54:47 2022 us=424420   push_entry = 'ping-restart 120'
Wed Feb 16 19:54:47 2022 us=424426   ifconfig_pool_defined = ENABLED
Wed Feb 16 19:54:47 2022 us=424432   ifconfig_pool_start = 10.8.0.4
Wed Feb 16 19:54:47 2022 us=424439   ifconfig_pool_end = 10.8.0.251
Wed Feb 16 19:54:47 2022 us=424445   ifconfig_pool_netmask = 0.0.0.0
Wed Feb 16 19:54:47 2022 us=424451   ifconfig_pool_persist_filename = 'ipp.txt'
Wed Feb 16 19:54:47 2022 us=424457   ifconfig_pool_persist_refresh_freq = 600
Wed Feb 16 19:54:47 2022 us=424463   ifconfig_ipv6_pool_defined = DISABLED
Wed Feb 16 19:54:47 2022 us=424475   ifconfig_ipv6_pool_base = ::
Wed Feb 16 19:54:47 2022 us=424481   ifconfig_ipv6_pool_netbits = 0
Wed Feb 16 19:54:47 2022 us=424487   n_bcast_buf = 256
Wed Feb 16 19:54:47 2022 us=424493   tcp_queue_limit = 64
Wed Feb 16 19:54:47 2022 us=424499   real_hash_size = 256
Wed Feb 16 19:54:47 2022 us=424505   virtual_hash_size = 256
Wed Feb 16 19:54:47 2022 us=424511   client_connect_script = '[UNDEF]'
Wed Feb 16 19:54:47 2022 us=424516   learn_address_script = '[UNDEF]'
Wed Feb 16 19:54:47 2022 us=424522   client_disconnect_script = '[UNDEF]'
Wed Feb 16 19:54:47 2022 us=424528   client_config_dir = '[UNDEF]'
Wed Feb 16 19:54:47 2022 us=424534   ccd_exclusive = DISABLED
Wed Feb 16 19:54:47 2022 us=424539   tmp_dir = '/tmp'
Wed Feb 16 19:54:47 2022 us=424545   push_ifconfig_defined = DISABLED
Wed Feb 16 19:54:47 2022 us=424552   push_ifconfig_local = 0.0.0.0
Wed Feb 16 19:54:47 2022 us=424558   push_ifconfig_remote_netmask = 0.0.0.0
Wed Feb 16 19:54:47 2022 us=432796   push_ifconfig_ipv6_defined = DISABLED
Wed Feb 16 19:54:47 2022 us=432820   push_ifconfig_ipv6_local = ::/0
Wed Feb 16 19:54:47 2022 us=432827   push_ifconfig_ipv6_remote = ::
Wed Feb 16 19:54:47 2022 us=432833   enable_c2c = DISABLED
Wed Feb 16 19:54:47 2022 us=432840   duplicate_cn = DISABLED
Wed Feb 16 19:54:47 2022 us=432846   cf_max = 0
Wed Feb 16 19:54:47 2022 us=432851   cf_per = 0
Wed Feb 16 19:54:47 2022 us=432857   max_clients = 1024
Wed Feb 16 19:54:47 2022 us=432863   max_routes_per_client = 256
Wed Feb 16 19:54:47 2022 us=432869   auth_user_pass_verify_script = '[UNDEF]'
Wed Feb 16 19:54:47 2022 us=432874   auth_user_pass_verify_script_via_file = DISABLED
Wed Feb 16 19:54:47 2022 us=432880   auth_token_generate = DISABLED
Wed Feb 16 19:54:47 2022 us=432885   auth_token_lifetime = 0
Wed Feb 16 19:54:47 2022 us=432890   port_share_host = '[UNDEF]'
Wed Feb 16 19:54:47 2022 us=432896   port_share_port = '[UNDEF]'
Wed Feb 16 19:54:47 2022 us=432901   client = DISABLED
Wed Feb 16 19:54:47 2022 us=432907   pull = DISABLED
Wed Feb 16 19:54:47 2022 us=432912   auth_user_pass_file = '[UNDEF]'
Wed Feb 16 19:54:47 2022 us=432920 OpenVPN 2.4.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jul 19 2021
Wed Feb 16 19:54:47 2022 us=432936 library versions: OpenSSL 1.1.1f  31 Mar 2020, LZO 2.10
Wed Feb 16 19:54:47 2022 us=433101 PKCS#11: pkcs11_initialize - entered
Wed Feb 16 19:54:47 2022 us=433163 PKCS#11: pkcs11_initialize - return 0-'CKR_OK'
Wed Feb 16 19:54:47 2022 us=440055 Diffie-Hellman initialized with 2048 bit key
Wed Feb 16 19:54:47 2022 us=449564 PRNG init md=SHA1 size=36
Wed Feb 16 19:54:47 2022 us=450243 Outgoing Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Wed Feb 16 19:54:47 2022 us=450266 Outgoing Control Channel Authentication: HMAC KEY: e65ac634 8d8e8d88 f9680287 c79a1079 f2a2bd97 31f40198 1c351486 e7d23ae3
Wed Feb 16 19:54:47 2022 us=450272 Outgoing Control Channel Authentication: HMAC size=32 block_size=32
Wed Feb 16 19:54:47 2022 us=450281 Incoming Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Wed Feb 16 19:54:47 2022 us=450291 Incoming Control Channel Authentication: HMAC KEY: 3da51a9f 4fdb913b 9dab2316 5edbb54e bb0c98d3 cf97753d 3a93de07 c59f1b52
Wed Feb 16 19:54:47 2022 us=450296 Incoming Control Channel Authentication: HMAC size=32 block_size=32
Wed Feb 16 19:54:47 2022 us=450305 crypto_adjust_frame_parameters: Adjusting frame parameters for crypto by 40 bytes
Wed Feb 16 19:54:47 2022 us=450316 TLS-Auth MTU parms [ L:1621 D:1172 EF:78 EB:0 ET:0 EL:3 ]
Wed Feb 16 19:54:47 2022 us=450323 MTU DYNAMIC mtu=1450, flags=2, 1621 -> 1450
Wed Feb 16 19:54:47 2022 us=450378 ROUTE: default_gateway=UNDEF
Wed Feb 16 19:54:47 2022 us=459247 TUN/TAP device tun0 opened
Wed Feb 16 19:54:47 2022 us=459473 TUN/TAP TX queue length set to 100
Wed Feb 16 19:54:47 2022 us=459497 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Wed Feb 16 19:54:47 2022 us=459513 /sbin/ip link set dev tun0 up mtu 1500
Wed Feb 16 19:54:47 2022 us=484632 /sbin/ip addr add dev tun0 local 10.8.0.1 peer 10.8.0.2
Wed Feb 16 19:54:47 2022 us=496752 /sbin/ip route add 10.8.0.0/24 via 10.8.0.2
Wed Feb 16 19:54:47 2022 us=507470 Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
Wed Feb 16 19:54:47 2022 us=507782 Socket Buffers: R=[212992->212992] S=[212992->212992]
Wed Feb 16 19:54:47 2022 us=507804 UDPv4 link local (bound): [AF_INET][undef]:1194
Wed Feb 16 19:54:47 2022 us=507812 UDPv4 link remote: [AF_UNSPEC]
Wed Feb 16 19:54:47 2022 us=507825 GID set to nogroup
Wed Feb 16 19:54:47 2022 us=507883 UID set to nobody
Wed Feb 16 19:54:47 2022 us=507902 MULTI: multi_init called, r=256 v=256
Wed Feb 16 19:54:47 2022 us=507933 IFCONFIG POOL: base=10.8.0.4 size=62, ipv6=0
Wed Feb 16 19:54:47 2022 us=507952 IFCONFIG POOL LIST
Wed Feb 16 19:54:47 2022 us=507974 PO_INIT maxevents=4 flags=0x00000002
Wed Feb 16 19:54:47 2022 us=508020 Initialization Sequence Completed
Wed Feb 16 19:54:47 2022 us=508028 SCHEDULE: schedule_find_least NULL
Wed Feb 16 19:54:47 2022 us=508035 PO_CTL rwflags=0x0001 ev=6 arg=0x55c0a55a5198
Wed Feb 16 19:54:47 2022 us=508041 PO_CTL rwflags=0x0001 ev=5 arg=0x55c0a55a5068
Wed Feb 16 19:54:47 2022 us=508050 I/O WAIT TR|Tw|SR|Sw [10/0]
Wed Feb 16 19:54:47 2022 us=508061 PO_WAIT[1,0] fd=5 rev=0x00000001 rwflags=0x0001 arg=0x55c0a55a5068
Wed Feb 16 19:54:47 2022 us=508067  event_wait returned 1
Wed Feb 16 19:54:47 2022 us=508073 I/O WAIT status=0x0004
Wed Feb 16 19:54:47 2022 us=508146  read from TUN/TAP returned 48
Wed Feb 16 19:54:47 2022 us=508154 SCHEDULE: schedule_find_least NULL
Wed Feb 16 19:54:47 2022 us=508160 PO_CTL rwflags=0x0001 ev=6 arg=0x55c0a55a5198
Wed Feb 16 19:54:47 2022 us=508166 PO_CTL rwflags=0x0001 ev=5 arg=0x55c0a55a5068
Wed Feb 16 19:54:47 2022 us=508172 I/O WAIT TR|Tw|SR|Sw [10/0]
Wed Feb 16 19:54:51 2022 us=300785 PO_WAIT[1,0] fd=5 rev=0x00000001 rwflags=0x0001 arg=0x55c0a55a5068
Wed Feb 16 19:54:51 2022 us=300878  event_wait returned 1
Wed Feb 16 19:54:51 2022 us=300890 I/O WAIT status=0x0004
Wed Feb 16 19:54:51 2022 us=300905 MULTI: REAP range 0 -> 16
Wed Feb 16 19:54:51 2022 us=300938  read from TUN/TAP returned 48
Wed Feb 16 19:54:51 2022 us=300956 SCHEDULE: schedule_find_least NULL
Wed Feb 16 19:54:51 2022 us=300964 PO_CTL rwflags=0x0001 ev=6 arg=0x55c0a55a5198
Wed Feb 16 19:54:51 2022 us=300969 PO_CTL rwflags=0x0001 ev=5 arg=0x55c0a55a5068
Wed Feb 16 19:54:51 2022 us=300987 I/O WAIT TR|Tw|SR|Sw [10/0]
Wed Feb 16 19:54:58 2022 us=468666 PO_WAIT[1,0] fd=5 rev=0x00000001 rwflags=0x0001 arg=0x55c0a55a5068
Wed Feb 16 19:54:58 2022 us=468737  event_wait returned 1
Wed Feb 16 19:54:58 2022 us=468745 I/O WAIT status=0x0004
Wed Feb 16 19:54:58 2022 us=468753 MULTI: REAP range 16 -> 32
Wed Feb 16 19:54:58 2022 us=468814  read from TUN/TAP returned 48
Wed Feb 16 19:54:58 2022 us=468823 SCHEDULE: schedule_find_least NULL
Wed Feb 16 19:54:58 2022 us=468830 PO_CTL rwflags=0x0001 ev=6 arg=0x55c0a55a5198
Wed Feb 16 19:54:58 2022 us=468847 PO_CTL rwflags=0x0001 ev=5 arg=0x55c0a55a5068
Wed Feb 16 19:54:58 2022 us=468860 I/O WAIT TR|Tw|SR|Sw [10/0]
Wed Feb 16 19:55:08 2022 us=472659  event_wait returned 0
Wed Feb 16 19:55:08 2022 us=472731 I/O WAIT status=0x0020
Wed Feb 16 19:55:08 2022 us=472742 MULTI: REAP range 32 -> 48
Wed Feb 16 19:55:08 2022 us=472804 SCHEDULE: schedule_find_least NULL
Wed Feb 16 19:55:08 2022 us=472813 PO_CTL rwflags=0x0001 ev=6 arg=0x55c0a55a5198
Wed Feb 16 19:55:08 2022 us=472820 PO_CTL rwflags=0x0001 ev=5 arg=0x55c0a55a5068
Wed Feb 16 19:55:08 2022 us=472829 I/O WAIT TR|Tw|SR|Sw [10/0]
Wed Feb 16 19:55:12 2022 us=548690 PO_WAIT[1,0] fd=5 rev=0x00000001 rwflags=0x0001 arg=0x55c0a55a5068
Wed Feb 16 19:55:12 2022 us=548755  event_wait returned 1
Wed Feb 16 19:55:12 2022 us=548764 I/O WAIT status=0x0004
Wed Feb 16 19:55:12 2022 us=548772 MULTI: REAP range 48 -> 64
Wed Feb 16 19:55:12 2022 us=548789  read from TUN/TAP returned 48
Wed Feb 16 19:55:12 2022 us=548797 SCHEDULE: schedule_find_least NULL
Wed Feb 16 19:55:12 2022 us=548804 PO_CTL rwflags=0x0001 ev=6 arg=0x55c0a55a5198
Wed Feb 16 19:55:12 2022 us=548831 PO_CTL rwflags=0x0001 ev=5 arg=0x55c0a55a5068
Wed Feb 16 19:55:12 2022 us=548841 I/O WAIT TR|Tw|SR|Sw [10/0]

от имени root: openvpn /etc/openvpn/server.conf
безрезультатно... пытается подняться и сразу падает
Пользователь добавил сообщение 16 Февраля 2022, 21:46:23:

от имени root: openvpn /etc/openvpn/server.conf

посетила фантазия, что служба пытаясь перезапуститься мне мешает выполнить "openvpn /etc/openvpn/server.conf"
прибил службу: systemctl -f disable openvpn-server@server.service
перезагрузил VPS
и руками (от рута) OpenVPN поднялся!

Теперь вот вопрос: куда копать? как правильно запускать службу чтоб и безопасно и чтоб работало?
...и почему она не стартовала ни с "#user" ни с "user nobody" в server.conf 
Пользователь добавил сообщение 17 Февраля 2022, 15:10:36:Не понимаю, установка была тупой в виде "apt-get install openvpn"
По факту OpenVPN при перезапуске сервера САМ каким-то чудом поднимается - к нему получается подключиться.
Сервер внутри пингуется по 10.8.0.1 и при посещении сайтов, выходишь с внешним IP VPS.

Вот как и от чьего имени стартует OpenVPN?

[AnrDaemon]

Стартует от рута, потом дропает привилегии.