4. Repeated warnings in OpenVPN log

Repeated warnings in OpenVPN log

  • P

    I have repeated warnings in my OpenVPN logs:

    xxx.xxx.xxx.xxx:61586 WARNING: Bad encapsulated packet length from peer (18245), which must be > 0 and <= 1575 – please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart…]

    These seem to be present even when no client is connected to my pfSense OpenVPN server (although the pfSense box is still connected as an OpenVPN client to another OpenVPN server).

    What is causing these entries?  And is there a setting I can alter to prevent the problem (if in fact there is a problem)?

    0
  • P

    (bump)

    Anyone?

    0
  • Rebel Alliance Developer Netgate

    It could be junk packets hitting the port. Non-OpenVPN traffic attempting to talk to it, like a port scanner.

    0
  • P

    That makes sense.  I notice, however, that some of the warnings have a source IP that is internal to my network.  How would one explain that?

    0
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy