Openvpn[50203]: Authenticate/Decrypt packet error ?
-
Hi I have just noticed this error mulitple times in my openvpn system logs:
Jan 15 05:27:02 openvpn[50203]: Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #3179030 ] โ see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Jan 15 05:32:02 openvpn[50203]: Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #3507028 ] โ see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Jan 15 05:42:02 openvpn[50203]: Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #227671 ] โ see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warningsIt actually repeats non stop, I followed a pfsense VPN guide but I am unsure how to go about fixing this error ?
Any advice is welcome cheers
-
That can be a few different things but usually it boils down to one of two:
1. The clock is off on one or both sides
2. The internet connection is bad between the two, causing packets to arrive out of order or multiple times. -
Some outside services are injecting packets to the stream to get a bounce containing info on the download. It's just a way to see what's the content of the stream by a thrd party.
-
Wow! Resurrecting a 2 year thread.
In my case, I switched from UDP to TCP and the messages stopped.
-
Wow! Resurrecting a 2 year thread.
In my case, I switched from UDP to TCP and the messages stopped.
I second that, same config, but install set to use TCP, connects instantly (instead of waiting, then timing out).
-
I got this error on a UDP too where I have a mis match in cipher, server was none and client was AES-128-CBC and a mismatch in the comp-lzo, server said no and client was comp-lzo.
-
G Gertjan referenced this topic on
-
G Gertjan referenced this topic on
