What's new

Logs showing multiple OpenVPN server “connection refused” - unauthorized access?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

jksmurf

Senior Member
As title really, RT-AX86U Merlin 388.1 Beta 2. See log extracts showing OpenVPN Server refusals, and a SIGUSR1 entry.

I am fairly certain it wasn’t me because I was either sleeping or hadn’t accessed the server in the last week at all.

Is this a normal log or should I be concerned? Web Access from WAN is not enabled. No ports forwarded. There are 4 instances over the last 2 days it seems?

I am no router / network expert but if you can explain what I need to do to check I can follow instructions pretty well.

Thanks in advance.

k.
 

Attachments

  • DD8BA564-EEFC-4D32-B3DC-862DD4B3E4E5.jpeg
    DD8BA564-EEFC-4D32-B3DC-862DD4B3E4E5.jpeg
    80.4 KB · Views: 59
  • 85B81197-CC3D-4969-A33E-81242DEC6F25.jpeg
    85B81197-CC3D-4969-A33E-81242DEC6F25.jpeg
    73.7 KB · Views: 46
  • DD8E9BBA-FDA5-4394-9C25-AF9CC7697C7D.jpeg
    DD8E9BBA-FDA5-4394-9C25-AF9CC7697C7D.jpeg
    105.9 KB · Views: 39
  • 2EC29251-FD1A-4C32-9B48-27425C5BA8CD.jpeg
    2EC29251-FD1A-4C32-9B48-27425C5BA8CD.jpeg
    144.8 KB · Views: 59
Last edited:
That's normal port scanning. For example, the 167.x.x.x addresses are Censys. If you haven't already done so change your VPN server port to something that isn't the default (1194), and isn't obvious (e.g. 8000). That will reduce the amount of "noise" in the log.

This is not an issue specifically with the Beta release.
 
Thank you Colin, that is indeed a relief to know. Will do the VPN Port Server change as suggested.
Will I also need to re-export the OpenVPN profile after doing so?
 
Will I also need to re-export the OpenVPN profile after doing so?
You can do that or you can edit the current .ovpn file and change the port number at the end of the remote line.

P.S. Please remove the "Beta" prefix from the title.
 
Cheers thanks Colin.
Did that (tried both) but for some reason I am (now) getting a network not ready on my client.
Different issue, will try a few things first.

[EDIT] Silly me, had "Connect via Wifi only" enabled in Client (iphone), was testing using LTE. All good.
 
Last edited:

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top