AEAD Decrypt Error since 2.4.3

Teddy

Hi everyone,
anyone also realized about problems with openvpn in PFSense 2.4.3?
Until i upgraded, my VPN Configuration to Cyberghost always worked properly, without any problems or crashes. But since the Update, especially on high-traffic-load, i get following failure:

"AEAD Decrypt error: bad packet ID (may be a replay): [ #794958 ] – see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings".

Sometimes also the connection is breaking down completely and then i cannot ping any adress anymore, until i restart the OpenVPN Service.
Unfortunately i yet couldn`t find for this any information / evidence in the logs, what could cause this. Just the AEAD decrypt-error is flooding my logs.

Until then it was never a problem on UDP with exactly the same configuration.

Gertjan

Hi,

As said somewhat earlier, it could be this, or, as proposed elsewhere, according Google, you have experiment a bit with "mssfix 1300".

Teddy

@Gertjan:

Hi,

As said somewhat earlier, it could be this, or, as proposed elsewhere, according Google, you have experiment a bit with "mssfix 1300".

Hi,
thank you for your reply.
I already tried to play with the mssfix, but yet no success.
I also read in another thread, that maybe the time on my machine or the VPN-Server might be out of time - so i changed the NTP Servers, but no success.