Initialization Sequence Completed, but terminal wont give a prompt

I just installed openvpn on a remote CentOS 7 server using the instructions in this tutorial.

The only change I made to the tutorial was to use @GarethTheRed's instructions for configuring firewalld instead of iptables, as described in Step 4 of the tutorial.

The problem is that the tutorial ends with a line of client code that causes the terminal to fail to return a command prompt (see below). How can I successfully connect via OpenVPN to my remote CentOS 7 server from my local CentOS 7 devbox?

Here are the connection steps I have tried so far:

At the end of Step 6 of the tutorial, I successfully used yum install openvpn on my devbox before typing sudo openvpn --config /path/to/client.ovpn.

The problem is that sudo openvpn --config /path/to/client.ovpn results in the terminal locking up after printing Initialization Sequence Completed.

The complete output is:

[root@localhost ~]# openvpn --config /etc/openvpn/client.ovpn
Wed Feb 11 16:46:06 2015 OpenVPN 2.3.6 x86_64-redhat-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Dec  2 2014
Wed Feb 11 16:46:06 2015 library versions: OpenSSL 1.0.1e-fips 11 Feb 2013, LZO 2.06
Wed Feb 11 16:46:06 2015 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Wed Feb 11 16:46:06 2015 Socket Buffers: R=[212992->131072] S=[212992->131072]
Wed Feb 11 16:46:06 2015 UDPv4 link local: [undef]
Wed Feb 11 16:46:06 2015 UDPv4 link remote: [AF_INET]192.96.215.22:1194
Wed Feb 11 16:46:06 2015 TLS: Initial packet from [AF_INET]192.96.215.22:1194, sid=1f320288 ab1f20d3
Wed Feb 11 16:46:07 2015 VERIFY OK: depth=1, C=US, ST=CA, L=SomeTown, O=Fort-Funston, OU=MyOrganizationalUnit, CN=serverdomain.com, name=server, [email protected]
Wed Feb 11 16:46:07 2015 VERIFY OK: depth=0, C=US, ST=CA, L=SomeTown, O=Fort-Funston, OU=MyOrganizationalUnit, CN=server, name=server, [email protected]
Wed Feb 11 16:46:08 2015 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Feb 11 16:46:08 2015 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Feb 11 16:46:08 2015 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Feb 11 16:46:08 2015 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Feb 11 16:46:08 2015 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Wed Feb 11 16:46:08 2015 [server] Peer Connection Initiated with [AF_INET]192.96.215.22:1194
Wed Feb 11 16:46:10 2015 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Wed Feb 11 16:46:10 2015 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 8.8.8.8,dhcp-option DNS 8.8.4.4,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5'
Wed Feb 11 16:46:10 2015 OPTIONS IMPORT: timers and/or timeouts modified
Wed Feb 11 16:46:10 2015 OPTIONS IMPORT: --ifconfig/up options modified
Wed Feb 11 16:46:10 2015 OPTIONS IMPORT: route options modified
Wed Feb 11 16:46:10 2015 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Wed Feb 11 16:46:10 2015 ROUTE_GATEWAY 10.0.0.1/255.255.255.0 IFACE=p4p1 HWADDR=14:fe:b5:aa:57:60
Wed Feb 11 16:46:10 2015 TUN/TAP device tun0 opened
Wed Feb 11 16:46:10 2015 TUN/TAP TX queue length set to 100
Wed Feb 11 16:46:10 2015 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Wed Feb 11 16:46:10 2015 /usr/sbin/ip link set dev tun0 up mtu 1500
Wed Feb 11 16:46:10 2015 /usr/sbin/ip addr add dev tun0 local 10.8.0.6 peer 10.8.0.5
Wed Feb 11 16:46:10 2015 /usr/sbin/ip route add 192.96.215.22/32 via 10.0.0.1
Wed Feb 11 16:46:10 2015 /usr/sbin/ip route add 0.0.0.0/1 via 10.8.0.5
Wed Feb 11 16:46:10 2015 /usr/sbin/ip route add 128.0.0.0/1 via 10.8.0.5
Wed Feb 11 16:46:10 2015 /usr/sbin/ip route add 10.8.0.1/32 via 10.8.0.5
Wed Feb 11 16:46:10 2015 Initialization Sequence Completed  

At the end of this output, there is just a cursor, but no command prompt. Typing in the cursor or hitting return has no effect besides printing what you type on the terminal screen.

I read this other posting which describes a similar error and states that the problem is in the DNS configuration, but I followed the tutorial's DNS config instructions exactly. The server also handles requests for mydomain.com served up by httpd. The domain registrar has been pointing requests for mydomain.com to the ip of the server since long before adding OpenVPN. Would this cause some kind of conflict? How can I get the connection to complete?

@CodeMed - I've edited my answer...

I am planning to use OpenVPN to 1.) allow the administrator to perform all admin functions that I currently perform with ssh and 2.) to allow users to interact with a private web application using their web browsers. I can put much of those requirements in other questions. Right now, I just want to get started so that I can research the possibilities with a working prototype. I'm telling you these details so you can help me define a working starting point. Just being able to access a terminal via OpenVPN would be great for now. Then I could shut down ssh altogether and do admin over OpenVPN

Access a terminal via OpenVPN? That's the job of ssh. Unless you're trying to avoid opening the firewall for ssh of course. Once openvpn is running correctly, your remote user will effectively be on the LAN, at which point the user can ssh to the servers or access the private web application. Is that what you are trying to achieve? Run openvpn --daemon and check if you have a LAN IP address.

I ran openvpn --daemon and openvpn --daemon --management, but all I get is another command prompt after each of those commands. No error message. No success message. Nothing but another command prompt. Yes, I am trying to avoid opening the firewall for ssh. I want all ssh and http/s traffic to run inside the VPN tunnel, so that only two ports are open in the firewall, one for OpenVPN and the other for smtp. How can I check if I have a LAN IP address? This is all new to me. Thank you

Note that I created passwords for both the server and the client. I have not entered these passwords because I have not been prompted for them, and I have not read where to submit them. I do not know if they are required for authentication. I believe the passwords were created as part of the certificate generation process. The tutorial in my OP was silent on the topic of passwords, though the certificate generating scripts asked me to create passwords.

Yes, that's correct - you'll get a command prompt as openvpn is running in the background. If you run ip addr you should see a tun device with an IP address. If you run ip route you should see a new route added with IP addresses in the same network as your tun device has. This is the route through the VPN to your remote server. Ping the remote server's VPN address (not it's public IP address) and you should get a response.

Thank you. But I think I am missing something. Are you willing to look at the output and help me see what I might be doing wrong? I posted it to a file sharing site. Here is the link: jumpshare.com/v/lTULOxSkEeiaOm6Yd5FU?b=mLIuVaLC7U1s9hBx1tYY

You are missing the tun device, without which, nothing will work. Are you sure you've followed the DigitalOcean article correctly? To be honest, I can't confirm it works as I set up my server from another source, the client setup does work though. Run openvpn without --daemon or --management and see if there is anything useful in the output. You did run it as root didn't you?

Yes I ran it as root. Typing openvpn as root gives a long printout of options, much like a man page. Yes, I followed the digital ocean article explicitly, with the only exception that I used your firewalld instructions linked in my OP instead of the iptables instruction in the article.

Sorry - openvpn --config /path/to/config/file.

openvpn --config /path/to/config/file gives the same results described in my OP. i.e. The terminal prints a lot of stuff like it is establishing a connection. Then it prints Tue Feb 17 11:21:47 2015 Initialization Sequence Completed. But it does not give a command prompt. It just gives a cursor with no command prompt, so you can type things and hit return, but all you get is a carriage return and no interactive response.

Let us continue this discussion in chat.

I am not able to log into unix.stackexchange chat, though of course I am logged in as a user. I have posted a ticket about this, see meta post: meta.unix.stackexchange.com/questions/3405/cannot-log-into-c‌​hat

I did open a stack overflow chat room. Are you willing to discuss this with me there? here is the link: chat.stackoverflow.com/rooms/71108/anotherroom

I would like to define separate permissions for users who only get https access, and for administrator who can https and ssh. My research indicates that I should set up a separate instance of OpenVPN to accomplish this. I took a first stab at a plan. Are you willing to assess the plan and show how to accomplish it if you think my approach is best? Here is the link to the new posting: unix.stackexchange.com/questions/185599/…

I wish you guys did not use chat to solve the problem... I am stuck with this problem as of now.

@lobi. If we do not use chat, we get severely told off by the moderators :-) This is a question and answer site, not a question and discuss site and in order to keep it tidy, we are forced into chat every time the comments start to get a little long. In the perfect world, after discussing via chat, a relevant and concise answer should be posted; but as you can imagine, that doesn't always happen.

Understood. Thanks for the response; I'm relatively new to stackexchange. It is unfortunate that a chat session is not stored and linked to the question.