It does not send a PIN, from my client through OpenVPN RoadWarrior to that second server, I tried changing the OpenVPN configuration from router to bridge, so that they had the same segment, but I get the following error in the client’s OpenVPN:
Tue Jan 25 04:25:23 2022 OpenVPN 2.4.9 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Apr 16 2020
Tue Jan 25 04:25:23 2022 Windows version 6.2 (Windows 8 or greater) 64bit
Tue Jan 25 04:25:23 2022 library versions: OpenSSL 1.1.1f 31 Mar 2020, LZO 2.10
Enter Management Password:
Tue Jan 25 04:25:23 2022 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25345
Tue Jan 25 04:25:23 2022 Need hold release from management interface, waiting...
Tue Jan 25 04:25:23 2022 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25345
Tue Jan 25 04:25:23 2022 MANAGEMENT: CMD 'state on'
Tue Jan 25 04:25:23 2022 MANAGEMENT: CMD 'log all on'
Tue Jan 25 04:25:24 2022 MANAGEMENT: CMD 'echo all on'
Tue Jan 25 04:25:24 2022 MANAGEMENT: CMD 'bytecount 5'
Tue Jan 25 04:25:24 2022 MANAGEMENT: CMD 'hold off'
Tue Jan 25 04:25:24 2022 MANAGEMENT: CMD 'hold release'
Tue Jan 25 04:25:24 2022 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Tue Jan 25 04:25:24 2022 MANAGEMENT: >STATE:1643102724,RESOLVE,,,,,,
Tue Jan 25 04:25:24 2022 TCP/UDP: Preserving recently used remote address: [AF_INET]"MYIPPUBLIC":1194
Tue Jan 25 04:25:24 2022 Socket Buffers: R=[65536->65536] S=[65536->65536]
Tue Jan 25 04:25:24 2022 UDP link local: (not bound)
Tue Jan 25 04:25:24 2022 UDP link remote: [AF_INET]"MYIPPUBLIC":1194
Tue Jan 25 04:25:24 2022 MANAGEMENT: >STATE:1643102724,WAIT,,,,,,
Tue Jan 25 04:25:24 2022 MANAGEMENT: >STATE:1643102724,AUTH,,,,,,
Tue Jan 25 04:25:24 2022 TLS: Initial packet from [AF_INET]"MYIPPUBLIC":1194, sid=e97b7d92 901ea519
Tue Jan 25 04:25:24 2022 VERIFY OK: depth=0, CN=NethServer, O=Example Org, ST=SomeState, OU=Main, emailAddress=root@nethserver.masterkey-sa.com, C=--, L=Hometown
Tue Jan 25 04:25:24 2022 WARNING: 'dev-type' is used inconsistently, local='dev-type tun', remote='dev-type tap'
Tue Jan 25 04:25:24 2022 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1541', remote='link-mtu 1573'
Tue Jan 25 04:25:24 2022 WARNING: 'tun-mtu' is used inconsistently, local='tun-mtu 1500', remote='tun-mtu 1532'
Tue Jan 25 04:25:24 2022 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Tue Jan 25 04:25:24 2022 [NethServer] Peer Connection Initiated with [AF_INET]"MYIPPUBLIC":1194
Tue Jan 25 04:25:25 2022 MANAGEMENT: >STATE:1643102725,GET_CONFIG,,,,,,
Tue Jan 25 04:25:25 2022 SENT CONTROL [NethServer]: 'PUSH_REQUEST' (status=1)
Tue Jan 25 04:25:25 2022 PUSH: Received control message: 'PUSH_REPLY,dhcp-option DOMAIN masterkey-sa.com,dhcp-option DNS 10.0.16.1,dhcp-option WINS 10.0.16.1,dhcp-option NBDD 10.0.16.1,dhcp-option NBT 2,route-gateway 10.0.16.1,ping 20,ping-restart 120,ifconfig 10.0.16.200 255.255.255.0,peer-id 0,cipher AES-256-GCM'
Tue Jan 25 04:25:25 2022 OPTIONS IMPORT: timers and/or timeouts modified
Tue Jan 25 04:25:25 2022 OPTIONS IMPORT: --ifconfig/up options modified
Tue Jan 25 04:25:25 2022 OPTIONS IMPORT: route-related options modified
Tue Jan 25 04:25:25 2022 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Tue Jan 25 04:25:25 2022 OPTIONS IMPORT: peer-id set
Tue Jan 25 04:25:25 2022 OPTIONS IMPORT: adjusting link_mtu to 1624
Tue Jan 25 04:25:25 2022 OPTIONS IMPORT: data channel crypto options modified
Tue Jan 25 04:25:25 2022 Data Channel: using negotiated cipher 'AES-256-GCM'
Tue Jan 25 04:25:25 2022 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Tue Jan 25 04:25:25 2022 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Tue Jan 25 04:25:25 2022 WARNING: Since you are using --dev tun with a point-to-point topology, the second argument to --ifconfig must be an IP address. You are using something (255.255.255.0) that looks more like a netmask. (silence this warning with --ifconfig-nowarn)
Tue Jan 25 04:25:25 2022 MANAGEMENT: Client disconnected
Tue Jan 25 04:25:25 2022 There is a problem in your selection of --ifconfig endpoints [local=10.0.16.200, remote=255.255.255.0]. The local and remote VPN endpoints must exist within the same 255.255.255.252 subnet. This is a limitation of --dev tun when used with the TAP-WIN32 driver. Try 'openvpn --show-valid-subnets' option for more info.
Tue Jan 25 04:25:25 2022 Exiting due to fatal error