Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    TLS Error

    Scheduled Pinned Locked Moved OpenVPN
    3 Posts 2 Posters 1.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • gregeehG
      gregeeh
      last edited by gregeeh

      Hi all,

      I have pfSense 2.4.3 with OpenVPN configured as both a Server and a Client. Both Server and Client are working correctly.

      However I'm noting the following errors in the OpenVPN log:

      Jun 5 08:28:40 	openvpn 	43102 	TLS Error: cannot locate HMAC in incoming packet from [AF_INET]181.215.195.234:47099
      Jun 5 07:20:04 	openvpn 	43102 	TLS Error: cannot locate HMAC in incoming packet from [AF_INET]185.200.118.58:35062
      Jun 4 18:50:53 	openvpn 	43102 	TLS Error: cannot locate HMAC in incoming packet from [AF_INET]185.200.118.49:44359
      Jun 4 07:03:22 	openvpn 	43102 	TLS Error: cannot locate HMAC in incoming packet from [AF_INET]185.200.118.72:35633
      Jun 3 18:49:25 	openvpn 	43102 	TLS Error: cannot locate HMAC in incoming packet from [AF_INET]185.200.118.50:44700
      Jun 3 16:37:29 	openvpn 	5256 	Initialization Sequence Completed 
      

      I don't know what is causing the error or whether it is client or server related.

      Comments appreciated.

      TIA

      Greg

      Edit: There is no connection to the Server at present.

      PfSense running on Qotom mini PC
      CPU N3150, 2 GB memory, 32 GB SSD & 2 Realtek Gb Ethernet ports.
      UniFi AC-Lite access point

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        Usually that means that some other client (not OpenVPN) hit the port. It might be a port scan, a monitoring probe, or a client that doesn't have the right TLS key for example.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        gregeehG 1 Reply Last reply Reply Quote 2
        • gregeehG
          gregeeh @jimp
          last edited by

          @jimp said in TLS Error:

          Usually that means that some other client (not OpenVPN) hit the port. It might be a port scan, a monitoring probe, or a client that doesn't have the right TLS key for example.

          I think you are correct, as I just did a port scan, using one of the online tools, on port 1194 and the error appeared. Seems to confirm your thoughts.

          Thanks.

          PfSense running on Qotom mini PC
          CPU N3150, 2 GB memory, 32 GB SSD & 2 Realtek Gb Ethernet ports.
          UniFi AC-Lite access point

          1 Reply Last reply Reply Quote 1
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.