Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Write TCPv4_CLIENT: Operation not permitted (code=1)

    OpenVPN
    4
    4
    2.3k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L
      lewi3069
      last edited by

      I keep getting write TCPv4_CLIENT: Operation not permitted (code=1) on my router which is a client. I have about 12 other PCs connecting to the VPN server with no issues. I have tried adding keep alive. The vpn works great though the router otherwise.

      Client Config:

      Client Log:

      Jul 10 13:19:13	openvpn[67859]: Initialization Sequence Completed
Jul 10 13:19:13	openvpn[67859]: Preserving previous TUN/TAP instance: ovpnc1
Jul 10 13:19:11	openvpn[67859]: [VPSServer] Peer Connection Initiated with [AF_INET]xxx.xxx.xxx.127:443
Jul 10 13:19:09	openvpn[67859]: TCPv4_CLIENT link remote: [AF_INET]xxx.xxx.xxx.127:443
Jul 10 13:19:09	openvpn[67859]: TCPv4_CLIENT link local (bound): [AF_INET]xxx.xxx.xxx.252
Jul 10 13:19:09	openvpn[67859]: TCP connection established with [AF_INET]xxx.xxx.xxx.127:443
Jul 10 13:19:08	openvpn[67859]: Attempting to establish TCP connection with [AF_INET]xxx.xxx.xxx.127:443 [nonblock]
Jul 10 13:19:08	openvpn[67859]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jul 10 13:19:08	openvpn[67859]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Jul 10 13:19:03	openvpn[67859]: SIGUSR1[soft,ping-restart] received, process restarting
Jul 10 13:19:03	openvpn[67859]: [VPSServer] Inactivity timeout (--ping-restart), restarting
Jul 10 13:18:55	openvpn[67859]: write TCPv4_CLIENT: Operation not permitted (code=1)
Jul 10 13:18:45	openvpn[67859]: write TCPv4_CLIENT: Operation not permitted (code=1)
Jul 10 13:18:35	openvpn[67859]: write TCPv4_CLIENT: Operation not permitted (code=1)
Jul 10 13:18:25	openvpn[67859]: write TCPv4_CLIENT: Operation not permitted (code=1)
Jul 10 13:18:14	openvpn[67859]: write TCPv4_CLIENT: Operation not permitted (code=1)
Jul 10 13:18:04	openvpn[67859]: write TCPv4_CLIENT: Operation not permitted (code=1)
Jul 10 13:17:54	openvpn[67859]: write TCPv4_CLIENT: Operation not permitted (code=1)
Jul 10 13:17:44	openvpn[67859]: write TCPv4_CLIENT: Operation not permitted (code=1)
Jul 10 13:17:34	openvpn[67859]: write TCPv4_CLIENT: Operation not permitted (code=1)
Jul 10 13:17:23	openvpn[67859]: write TCPv4_CLIENT: Operation not permitted (code=1)
Jul 10 13:17:13	openvpn[67859]: write TCPv4_CLIENT: Operation not permitted (code=1)
Jul 10 13:06:48	openvpn[67859]: Initialization Sequence Completed
Jul 10 13:06:48	openvpn[67859]: Preserving previous TUN/TAP instance: ovpnc1
Jul 10 13:06:46	openvpn[67859]: [VPSServer] Peer Connection Initiated with [AF_INET]xxx.xxx.xxx.127:443
Jul 10 13:06:44	openvpn[67859]: TCPv4_CLIENT link remote: [AF_INET]xxx.xxx.xxx.127:443
Jul 10 13:06:44	openvpn[67859]: TCPv4_CLIENT link local (bound): [AF_INET]xxx.xxx.xxx.252
Jul 10 13:06:44	openvpn[67859]: TCP connection established with [AF_INET]xxx.xxx.xxx.127:443
Jul 10 13:06:43	openvpn[67859]: Attempting to establish TCP connection with [AF_INET]xxx.xxx.xxx.127:443 [nonblock]
Jul 10 13:06:43	openvpn[67859]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jul 10 13:06:43	openvpn[67859]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Jul 10 13:06:38	openvpn[67859]: SIGUSR1[soft,connection-reset] received, process restarting
Jul 10 13:06:38	openvpn[67859]: Connection reset, restarting [0]
Jul 10 13:06:38	openvpn[67859]: read TCPv4_CLIENT: Operation not permitted (code=1)
Jul 10 13:06:30	openvpn[67859]: write TCPv4_CLIENT: Operation not permitted (code=1)
Jul 10 13:06:20	openvpn[67859]: write TCPv4_CLIENT: Operation not permitted (code=1)
Jul 10 13:06:10	openvpn[67859]: write TCPv4_CLIENT: Operation not permitted (code=1)
Jul 10 13:06:00	openvpn[67859]: write TCPv4_CLIENT: Operation not permitted (code=1)
Jul 10 13:05:50	openvpn[67859]: write TCPv4_CLIENT: Operation not permitted (code=1)
Jul 10 13:05:39	openvpn[67859]: write TCPv4_CLIENT: Operation not permitted (code=1)
Jul 10 13:05:29	openvpn[67859]: write TCPv4_CLIENT: Operation not permitted (code=1)
Jul 10 13:05:19	openvpn[67859]: write TCPv4_CLIENT: Operation not permitted (code=1)
Jul 10 12:56:47	openvpn[67859]: Initialization Sequence Completed
Jul 10 12:56:47	openvpn[67859]: Preserving previous TUN/TAP instance: ovpnc1
Jul 10 12:56:44	openvpn[67859]: [VPSServer] Peer Connection Initiated with [AF_INET]xxx.xxx.xxx.127:443
Jul 10 12:56:43	openvpn[67859]: TCPv4_CLIENT link remote: [AF_INET]xxx.xxx.xxx.127:443
Jul 10 12:56:43	openvpn[67859]: TCPv4_CLIENT link local (bound): [AF_INET]xxx.xxx.xxx.252
Jul 10 12:56:43	openvpn[67859]: TCP connection established with [AF_INET]xxx.xxx.xxx.127:443
Jul 10 12:56:42	openvpn[67859]: Attempting to establish TCP connection with [AF_INET]xxx.xxx.xxx.127:443 [nonblock]
Jul 10 12:56:42	openvpn[67859]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jul 10 12:56:42	openvpn[67859]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Jul 10 12:56:37	openvpn[67859]: SIGUSR1[soft,connection-reset] received, process restarting
Jul 10 12:56:37	openvpn[67859]: Connection reset, restarting [0]
Jul 10 12:56:37	openvpn[67859]: read TCPv4_CLIENT: Operation not permitted (code=1)
Jul 10 12:56:29	openvpn[67859]: write TCPv4_CLIENT: Operation not permitted (code=1)
Jul 10 12:56:18	openvpn[67859]: write TCPv4_CLIENT: Operation not permitted (code=1)
Jul 10 12:56:08	openvpn[67859]: write TCPv4_CLIENT: Operation not permitted (code=1)
Jul 10 12:55:58	openvpn[67859]: write TCPv4_CLIENT: Operation not permitted (code=1)
Jul 10 12:55:48	openvpn[67859]: write TCPv4_CLIENT: Operation not permitted (code=1)
Jul 10 12:55:38	openvpn[67859]: write TCPv4_CLIENT: Operation not permitted (code=1)
Jul 10 12:55:27	openvpn[67859]: write TCPv4_CLIENT: Operation not permitted (code=1)
Jul 10 12:55:17	openvpn[67859]: write TCPv4_CLIENT: Operation not permitted (code=1)
Jul 10 12:50:20	openvpn[67859]: Initialization Sequence Completed
Jul 10 12:50:20	openvpn[67859]: Preserving previous TUN/TAP instance: ovpnc1
Jul 10 12:50:18	openvpn[67859]: [VPSServer] Peer Connection Initiated with [AF_INET]xxx.xxx.xxx.127:443
Jul 10 12:50:16	openvpn[67859]: TCPv4_CLIENT link remote: [AF_INET]xxx.xxx.xxx.127:443
Jul 10 12:50:16	openvpn[67859]: TCPv4_CLIENT link local (bound): [AF_INET]xxx.xxx.xxx.252
Jul 10 12:50:16	openvpn[67859]: TCP connection established with [AF_INET]xxx.xxx.xxx.127:443
Jul 10 12:50:15	openvpn[67859]: Attempting to establish TCP connection with [AF_INET]xxx.xxx.xxx.127:443 [nonblock]
Jul 10 12:50:15	openvpn[67859]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jul 10 12:50:15	openvpn[67859]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Jul 10 12:50:10	openvpn[67859]: SIGUSR1[soft,connection-reset] received, process restarting
Jul 10 12:50:10	openvpn[67859]: Connection reset, restarting [0]
Jul 10 12:50:10	openvpn[67859]: read TCPv4_CLIENT: Operation not permitted (code=1)
Jul 10 12:50:01	openvpn[67859]: write TCPv4_CLIENT: Operation not permitted (code=1)
Jul 10 12:49:51	openvpn[67859]: write TCPv4_CLIENT: Operation not permitted (code=1)
Jul 10 12:49:41	openvpn[67859]: write TCPv4_CLIENT: Operation not permitted (code=1)
Jul 10 12:49:31	openvpn[67859]: write TCPv4_CLIENT: Operation not permitted (code=1)
Jul 10 12:49:21	openvpn[67859]: write TCPv4_CLIENT: Operation not permitted (code=1)
Jul 10 12:49:11	openvpn[67859]: write TCPv4_CLIENT: Operation not permitted (code=1)
Jul 10 12:49:01	openvpn[67859]: write TCPv4_CLIENT: Operation not permitted (code=1)
Jul 10 12:48:51	openvpn[67859]: write TCPv4_CLIENT: Operation not permitted (code=1)
Jul 10 12:33:15	openvpn[67859]: Initialization Sequence Completed
Jul 10 12:33:15	openvpn[67859]: Preserving previous TUN/TAP instance: ovpnc1
Jul 10 12:33:13	openvpn[67859]: [VPSServer] Peer Connection Initiated with [AF_INET]xxx.xxx.xxx.127:443
Jul 10 12:33:11	openvpn[67859]: TCPv4_CLIENT link remote: [AF_INET]xxx.xxx.xxx.127:443
Jul 10 12:33:11	openvpn[67859]: TCPv4_CLIENT link local (bound): [AF_INET]xxx.xxx.xxx.252
Jul 10 12:33:11	openvpn[67859]: TCP connection established with [AF_INET]xxx.xxx.xxx.127:443
Jul 10 12:33:10	openvpn[67859]: Attempting to establish TCP connection with [AF_INET]xxx.xxx.xxx.127:443 [nonblock]
Jul 10 12:33:10	openvpn[67859]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jul 10 12:33:10	openvpn[67859]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.

      Server Config:

      port 443
proto tcp
dev tun
ca ca.crt
cert VPSServer.crt
key VPSServer.key  # This file should be kept secret
dh dh1024.pem
server 10.10.10.0 255.255.255.0
ifconfig-pool-persist ipptcp.txt
route 10.0.0.0 255.255.255.0
push "route 10.0.0.0 255.255.255.0"
tls-auth ta.key 0 # This file is secret
cipher AES-128-CBC   # AES
client-config-dir clients
client-to-client
user nobody
group nogroup
keepalive 10 120
persist-key
persist-tun
status openvpn-status.log
verb 3
      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        It looks like it's OK for a while and then gets that. My guess is something is disturbing the tunnel (WAN IP changing or being refreshed by DHCP, etc) but it seems to recover on its own when it happens.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • B
          Brad303
          last edited by

          For others with this issue, be sure to add a pass rule on the OpenVPN interface.

          1 Reply Last reply Reply Quote 0
          • C
            cmb
            last edited by

            @BradWaite:

            For others with this issue, be sure to add a pass rule on the OpenVPN interface.

            The firewall rules for traffic inside the VPN has no relation to the outside of the VPN, that would have been a coincidence or otherwise unrelated.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.