OPENVPN Client Error PFSense System Logs
-
Hey,
I am with keepsolid vpn provider. I keep getting the following errors:
tun packet too large on write (tried=1472,max=1470)
There is at least six entries about the tun packet being too large. The errors are not consistent. I might get them today at noon and then nothing until tonight at 10PM or nothing for a couple of days. I also see these two entries:
'tun-mtu' is used inconsistently, local='tun-mtu 1470', remote='tun-mtu 1500'
'link-mtu' is used inconsistently, local='link-mtu 1572', remote='link-mtu 1602'
AEAD Decrypt error: bad packet ID (may be a replay): [ #61016134 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
I had two connections to two different VPN servers and I thought just having one might make a difference but the errors still show up.
Have search on the net and the most "common fix" for this is to set the mtu and mssfix the correct number for the packets.
I have entered this into the custom options of both VPN client configuration:tun-mtu 1470; mssfix 1430;
I tested how large the packets can be and 1472 is the max, after that, I get a message that it needs to be fragmented.
I realize that I cannot change the MTU at the server side but is there anything I can do to fix this or stop from getting the errors in the logs?
Don't understand why he second link mtu error says 1572 when I have it set to 1470.
Any input you can provide is appreciated.
Thanks!