What's new

How to try and stop OpenVPN connection attempts?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

automaton

Occasional Visitor
My router log is completely filled with OpenVPN connection attempts from what I assume are malicious IPs. Here's an example from this morning:

Code:
Jan  6 10:34:56 ovpn-server1[1251]: 150.95.91.174:25566 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Jan  6 10:34:56 ovpn-server1[1251]: 150.95.91.174:25566 TLS Error: TLS handshake failed
Jan  6 10:34:56 ovpn-server1[1251]: 150.95.91.174:25566 SIGUSR1[soft,tls-error] received, client-instance restarting
Jan  6 10:35:00 ovpn-server1[1251]: 150.95.91.174:25566 TLS: Initial packet from [AF_INET]150.95.91.174:25566 (via [AF_INET]24.150.160.93%eth0), sid=6a22eb44 5adb63fe
Jan  6 10:36:00 ovpn-server1[1251]: 150.95.91.174:25566 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Jan  6 10:36:00 ovpn-server1[1251]: 150.95.91.174:25566 TLS Error: TLS handshake failed
Jan  6 10:36:00 ovpn-server1[1251]: 150.95.91.174:25566 SIGUSR1[soft,tls-error] received, client-instance restarting
Jan  6 10:36:03 ovpn-server1[1251]: 150.95.91.174:25566 TLS: Initial packet from [AF_INET]150.95.91.174:25566 (via [AF_INET]24.150.160.93%eth0), sid=6a22eb44 5adb63fe
Jan  6 10:37:03 ovpn-server1[1251]: 150.95.91.174:25566 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Jan  6 10:37:03 ovpn-server1[1251]: 150.95.91.174:25566 TLS Error: TLS handshake failed
Jan  6 10:37:03 ovpn-server1[1251]: 150.95.91.174:25566 SIGUSR1[soft,tls-error] received, client-instance restarting
Jan  6 10:37:05 ovpn-server1[1251]: 150.95.91.174:25566 TLS: Initial packet from [AF_INET]150.95.91.174:25566 (via [AF_INET]24.150.160.93%eth0), sid=6a22eb44 5adb63fe
Jan  6 10:38:05 ovpn-server1[1251]: 150.95.91.174:25566 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Jan  6 10:38:05 ovpn-server1[1251]: 150.95.91.174:25566 TLS Error: TLS handshake failed
Jan  6 10:38:05 ovpn-server1[1251]: 150.95.91.174:25566 SIGUSR1[soft,tls-error] received, client-instance restarting
Jan  6 10:38:09 ovpn-server1[1251]: 150.95.91.174:25566 TLS: Initial packet from [AF_INET]150.95.91.174:25566 (via [AF_INET]24.150.160.93%eth0), sid=6a22eb44 5adb63fe
Jan  6 10:39:10 ovpn-server1[1251]: 150.95.91.174:25566 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Jan  6 10:39:10 ovpn-server1[1251]: 150.95.91.174:25566 TLS Error: TLS handshake failed
Jan  6 10:39:10 ovpn-server1[1251]: 150.95.91.174:25566 SIGUSR1[soft,tls-error] received, client-instance restarting
Jan  6 10:39:13 ovpn-server1[1251]: 150.95.91.174:25566 TLS: Initial packet from [AF_INET]150.95.91.174:25566 (via [AF_INET]24.150.160.93%eth0), sid=6a22eb44 5adb63fe
Jan  6 10:40:13 ovpn-server1[1251]: 150.95.91.174:25566 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Jan  6 10:40:13 ovpn-server1[1251]: 150.95.91.174:25566 TLS Error: TLS handshake failed
Jan  6 10:40:13 ovpn-server1[1251]: 150.95.91.174:25566 SIGUSR1[soft,tls-error] received, client-instance restarting
Jan  6 10:40:17 ovpn-server1[1251]: 150.95.91.174:25566 TLS: Initial packet from [AF_INET]150.95.91.174:25566 (via [AF_INET]24.150.160.93%eth0), sid=6a22eb44 5adb63fe
Jan  6 10:41:18 ovpn-server1[1251]: 150.95.91.174:25566 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Jan  6 10:41:18 ovpn-server1[1251]: 150.95.91.174:25566 TLS Error: TLS handshake failed
Jan  6 10:41:18 ovpn-server1[1251]: 150.95.91.174:25566 SIGUSR1[soft,tls-error] received, client-instance restarting
Jan  6 10:41:21 ovpn-server1[1251]: 150.95.91.174:25566 TLS: Initial packet from [AF_INET]150.95.91.174:25566 (via [AF_INET]24.150.160.93%eth0), sid=6a22eb44 5adb63fe
Jan  6 10:42:21 ovpn-server1[1251]: 150.95.91.174:25566 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Jan  6 10:42:21 ovpn-server1[1251]: 150.95.91.174:25566 TLS Error: TLS handshake failed
Jan  6 10:42:21 ovpn-server1[1251]: 150.95.91.174:25566 SIGUSR1[soft,tls-error] received, client-instance restarting
Jan  6 10:42:24 ovpn-server1[1251]: 150.95.91.174:25566 TLS: Initial packet from [AF_INET]150.95.91.174:25566 (via [AF_INET]24.150.160.93%eth0), sid=6a22eb44 5adb63fe
Jan  6 10:43:24 ovpn-server1[1251]: 150.95.91.174:25566 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Jan  6 10:43:24 ovpn-server1[1251]: 150.95.91.174:25566 TLS Error: TLS handshake failed
Jan  6 10:43:24 ovpn-server1[1251]: 150.95.91.174:25566 SIGUSR1[soft,tls-error] received, client-instance restarting
Jan  6 10:43:28 ovpn-server1[1251]: 150.95.91.174:25566 TLS: Initial packet from [AF_INET]150.95.91.174:25566 (via [AF_INET]24.150.160.93%eth0), sid=6a22eb44 5adb63fe
Jan  6 10:44:28 ovpn-server1[1251]: 150.95.91.174:25566 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Jan  6 10:44:28 ovpn-server1[1251]: 150.95.91.174:25566 TLS Error: TLS handshake failed
Jan  6 10:44:28 ovpn-server1[1251]: 150.95.91.174:25566 SIGUSR1[soft,tls-error] received, client-instance restarting

Is there any way for me to lock down OpenVPN to try and stop this (aside from turning it off because I use it sometimes)? Thanks.
 
Short of creating a whitelist/blacklist of allowed/disallowed IP addresses there's not a lot you can do.
 
FWIW, I also use an obscure port to prevent these types of problems. But I've also placed my OpenVPN server on a separate device (specifically a spare router running FT (FreshTomato)), which is connected to a smart wifi-enabled AC plug, which itself is on an isolated IOT network. So now my OpenVPN server doesn't need to be running 24/7, esp. when I use it so rarely. I just use the smartphone app to enable the server on-demand. I've even configured it to send me an email every hour in case I forget to turn it OFF after using it.

So if you have concerns, sometimes your best option is to think outside the box. Yes, it's NOT as convenient, but better security almost always comes at the price of less convenience.
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top