Help Setting up OpenVPN

csellsense

Updated to lvl 8 verbosity:

Feb 6 11:21:56 openvpn 55916 I/O WAIT TR|Tw|SR|Sw [10/0]
Feb 6 11:21:56 openvpn 55916 PO_CTL rwflags=0x0001 ev=9 arg=0x002c78bc
Feb 6 11:21:56 openvpn 55916 PO_CTL rwflags=0x0001 ev=4 arg=0x002c78b8
Feb 6 11:21:56 openvpn 55916 PO_CTL rwflags=0x0001 ev=5 arg=0x002c78b4
Feb 6 11:21:56 openvpn 55916 PO_CTL rwflags=0x0001 ev=6 arg=0x002c87c8
Feb 6 11:21:56 openvpn 55916 SCHEDULE: schedule_find_least NULL
Feb 6 11:21:56 openvpn 55916 GET INST BY REAL: <EXT IP REDACTED>:12772 [failed]
Feb 6 11:21:56 openvpn 55916 TLS Error: incoming packet authentication failed from [AF_INET]<EXT IP REDACTED>:12772
Feb 6 11:21:56 openvpn 55916 Authenticate/Decrypt packet error: packet HMAC authentication failed
Feb 6 11:21:56 openvpn 55916 MULTI: REAP range 128 -> 144
Feb 6 11:21:56 openvpn 55916 I/O WAIT status=0x0001
Feb 6 11:21:56 openvpn 55916 PO_WAIT[0,0] fd=6 rev=0x00000001 rwflags=0x0001 arg=0x002c87c8
Feb 6 11:21:55 openvpn 55916 I/O WAIT TR|Tw|SR|Sw [10/0]
Feb 6 11:21:55 openvpn 55916 PO_CTL rwflags=0x0001 ev=9 arg=0x002c78bc
Feb 6 11:21:55 openvpn 55916 PO_CTL rwflags=0x0001 ev=4 arg=0x002c78b8
Feb 6 11:21:55 openvpn 55916 PO_CTL rwflags=0x0001 ev=5 arg=0x002c78b4
Feb 6 11:21:55 openvpn 55916 PO_CTL rwflags=0x0001 ev=6 arg=0x002c87c8
Feb 6 11:21:55 openvpn 55916 SCHEDULE: schedule_find_least NULL
Feb 6 11:21:55 openvpn 55916 GET INST BY REAL: <EXT IP REDACTED>:12772 [failed]
Feb 6 11:21:55 openvpn 55916 TLS Error: incoming packet authentication failed from [AF_INET]<EXT IP REDACTED>:12772
Feb 6 11:21:55 openvpn 55916 Authenticate/Decrypt packet error: packet HMAC authentication failed
Feb 6 11:21:55 openvpn 55916 MULTI: REAP range 112 -> 128
Feb 6 11:21:55 openvpn 55916 I/O WAIT status=0x0001
Feb 6 11:21:55 openvpn 55916 PO_WAIT[0,0] fd=6 rev=0x00000001 rwflags=0x0001 arg=0x002c87c8
Feb 6 11:21:54 openvpn 55916 I/O WAIT TR|Tw|SR|Sw [10/0]
Feb 6 11:21:54 openvpn 55916 PO_CTL rwflags=0x0001 ev=9 arg=0x002c78bc
Feb 6 11:21:54 openvpn 55916 PO_CTL rwflags=0x0001 ev=4 arg=0x002c78b8
Feb 6 11:21:54 openvpn 55916 PO_CTL rwflags=0x0001 ev=5 arg=0x002c78b4
Feb 6 11:21:54 openvpn 55916 PO_CTL rwflags=0x0001 ev=6 arg=0x002c87c8
Feb 6 11:21:54 openvpn 55916 SCHEDULE: schedule_find_least NULL
Feb 6 11:21:54 openvpn 55916 GET INST BY REAL: <EXT IP REDACTED>:12772 [failed]
Feb 6 11:21:54 openvpn 55916 TLS Error: incoming packet authentication failed from [AF_INET]<EXT IP REDACTED>:12772
Feb 6 11:21:54 openvpn 55916 Authenticate/Decrypt packet error: packet HMAC authentication failed
Feb 6 11:21:54 openvpn 55916 MULTI: REAP range 96 -> 112
Feb 6 11:21:54 openvpn 55916 I/O WAIT status=0x0001
Feb 6 11:21:54 openvpn 55916 PO_WAIT[0,0] fd=6 rev=0x00000001 rwflags=0x0001 arg=0x002c87c8
Feb 6 11:21:53 openvpn 55916 I/O WAIT TR|Tw|SR|Sw [10/0]
Feb 6 11:21:53 openvpn 55916 PO_CTL rwflags=0x0001 ev=9 arg=0x002c78bc
Feb 6 11:21:53 openvpn 55916 PO_CTL rwflags=0x0001 ev=4 arg=0x002c78b8
Feb 6 11:21:53 openvpn 55916 PO_CTL rwflags=0x0001 ev=5 arg=0x002c78b4
Feb 6 11:21:53 openvpn 55916 PO_CTL rwflags=0x0001 ev=6 arg=0x002c87c8
Feb 6 11:21:53 openvpn 55916 SCHEDULE: schedule_find_least NULL
Feb 6 11:21:53 openvpn 55916 GET INST BY REAL: <EXT IP REDACTED>:12772 [failed]
Feb 6 11:21:53 openvpn 55916 TLS Error: incoming packet authentication failed from [AF_INET]<EXT IP REDACTED>:12772
Feb 6 11:21:53 openvpn 55916 Authenticate/Decrypt packet error: packet HMAC authentication failed
Feb 6 11:21:53 openvpn 55916 MULTI: REAP range 80 -> 96
Feb 6 11:21:53 openvpn 55916 I/O WAIT status=0x0001
Feb 6 11:21:53 openvpn 55916 PO_WAIT[0,0] fd=6 rev=0x00000001 rwflags=0x0001 arg=0x002c87c8
Feb 6 11:21:52 openvpn 55916 I/O WAIT TR|Tw|SR|Sw [10/0]
Feb 6 11:21:52 openvpn 55916 PO_CTL rwflags=0x0001 ev=9 arg=0x002c78bc

viragomann

@csellsense
Unfortunately this doesn't even give more information.

Maybe there is an issue with the UDP packet size for whatever reason. You can try with TCP.

Or try to connect with another client using a different internet connection.

csellsense

@viragomann Tried with changing OpenVPN server settings to TCP, made sure WAN and OpenVPN firewall rules allowed TCP on that port, exported new profile, when trying to load that into my phone, it gives an error saying "remote option not specified" even though when I look at the file with txt editor - remote has

remote <WAN IP> 1194 tcp4

viragomann

@csellsense
Got an idea. Try to remove the "4" at the end of the remote line.
As far as I remember, there were issues with this on certain clients.

csellsense

@viragomann no luck :/ same error

persist-tun
persist-key
data-ciphers AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305:AES-256-CBC
data-ciphers-fallback AES-256-CBC
auth SHA256
tls-client
client
remote <WAN IP> 1194 tcp
nobind
verify-x509-name "OpenVPN_ServerCertv2" name
auth-user-pass
remote-cert-tls server

viragomann

@csellsense
So I'm wondering, what the client is complaining regarding the remote line. The rest is straight forward.

csellsense

@viragomann Tried UDP again without the 4 - was able to load the profile but not able to connect.

csellsense

@viragomann alright, so after a LOT of research, reading I don't know how many guides and whatnot... rebuilding the whole thing several times over.... eventually I just needed to use a different client export. I was using the one for Android and the one for OpenVPN Connect (Android/iOS). I tried using the generic inline config and that is working without trouble! Screenshot included. The "Most Clients" config is working. There are some very minor changes to the config file but apparently that's what was hanging me up!

viragomann

@csellsense
I recently exported the "OpenVPN Connect" file and imported it into a recent version of the app on Android 14 and could connect immediately.

However, could be that older OS versions have different.

csellsense

@viragomann appreciate you helping me to troubleshoot anyways!