Menu
What's new
By:
Filters Better Search

OpenVPN TLS Error Message

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

C

Col8eral

Regular Contributor
I have an ASUS RT-AX88U Running Merlin 3004.388.5

I am seeing a TLS error message in my system logs and wondered what it means, if I need to be worried and if it needs fixing some how.

Code: 
Jan 16 09:03:22 ovpn-server1[1781]: TLS Error: cannot locate HMAC in incoming packet from [AF_INET]185.XXX.XX.XX:XXXX (via [AF_INET]XXX.XXX.XXX.XX%eth0)

Many thanks
 
This is a normal error message generated in response to internet port scanners. Totally expected if you run your VPN server on a common port like UDP 1194 or TCP 443. Change it to a different (random between 5001 to 32767) port and the messages will probably go away.
 
ColinTaylor said:
This is a normal error message generated in response to internet port scanners. Totally expected if you run your VPN server on a common port like UDP 1194 or TCP 443. Change it to a different (random between 5001 to 32767) port and the messages will probably go away.
Click to expand...
Ah, OK. Got it. Thank you Colin.
 
I spoke too fast. I have just seen this in my system logs. I don't understand these logs - Is this an attack? Was it successful? I have switched my VPN off for now.

Code: 
Jan 16 20:24:33 ovpn-server2[13317]: TCP connection established with [AF_INET]167.94.146.51:53066
Jan 16 20:25:33 ovpn-server2[13317]: 167.94.146.51:53066 Connection reset, restarting [-1]
Jan 16 20:25:33 ovpn-server2[13317]: 167.94.146.51:53066 SIGUSR1[soft,connection-reset] received, client-instance restarting
Jan 16 20:25:36 ovpn-server2[13317]: TCP connection established with [AF_INET]167.94.146.51:53224
Jan 16 20:25:39 ovpn-server2[13317]: 167.94.146.51:53224 Connection reset, restarting [-1]
Jan 16 20:25:39 ovpn-server2[13317]: 167.94.146.51:53224 SIGUSR1[soft,connection-reset] received, client-instance restarting
Jan 16 20:25:40 ovpn-server2[13317]: TCP connection established with [AF_INET]167.94.146.51:54034
Jan 16 20:25:40 ovpn-server2[13317]: 167.94.146.51:54034 WARNING: Bad encapsulated packet length from peer (5635), which must be > 0 and <= 1768 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]
Jan 16 20:25:40 ovpn-server2[13317]: 167.94.146.51:54034 Connection reset, restarting [0]
Jan 16 20:25:40 ovpn-server2[13317]: 167.94.146.51:54034 SIGUSR1[soft,connection-reset] received, client-instance restarting
Jan 16 20:25:40 ovpn-server2[13317]: TCP connection established with [AF_INET]167.94.146.51:60240
Jan 16 20:25:43 ovpn-server2[13317]: 167.94.146.51:60240 WARNING: Bad encapsulated packet length from peer (18245), which must be > 0 and <= 1768 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]
Jan 16 20:25:43 ovpn-server2[13317]: 167.94.146.51:60240 Connection reset, restarting [0]
Jan 16 20:25:43 ovpn-server2[13317]: 167.94.146.51:60240 SIGUSR1[soft,connection-reset] received, client-instance restarting
Jan 16 20:25:43 ovpn-server2[13317]: TCP connection established with [AF_INET]167.94.146.51:60460
Jan 16 20:25:43 ovpn-server2[13317]: 167.94.146.51:60460 Connection reset, restarting [-1]
Jan 16 20:25:43 ovpn-server2[13317]: 167.94.146.51:60460 SIGUSR1[soft,connection-reset] received, client-instance restarting

Many thanks
 
Thanks Colin. So are they a security company not someone trying to hack me? I'll go higher with my new port number.
 
You must log in or register to reply here.

Similar threads

B
OpenVPN TLS Error: tls-crypt unwrapping failed
Replies
1
Views
2K
brzvlg
B
J
ovpn-server log errors meaning?
Replies
11
Views
1K
RMerlin
RMerlin
G
TLS error with OpenVPN client
Replies
4
Views
2K
eibgrad
eibgrad
A
Setting up OpenVPN client
Replies
10
Views
1K
ColinTaylor
C
G
VPN TLS errors hack attempts
Replies
2
Views
2K
Gravityz
G
Similar threads
Thread starter Title Forum Replies Date
D ASUS RT-AX86U OpenVPN Server Error - Key Too Small ASUS AX Routers & Adapters (Wi-Fi 6/6e) 4
onthego41 openvpn and ax88u and gl axt1800 ASUS AX Routers & Adapters (Wi-Fi 6/6e) 4
A OpenVPN WiFI ASUS AX Routers & Adapters (Wi-Fi 6/6e) 2
J Help GT-AX11000 OpenVPN both server and client not working ASUS AX Routers & Adapters (Wi-Fi 6/6e) 1
Hajo Solved OpenVPN config file with custom server hostname? ASUS AX Routers & Adapters (Wi-Fi 6/6e) 2
A ROG Rapture GT-AX6000 OpenVPN performance, seems too slow ASUS AX Routers & Adapters (Wi-Fi 6/6e) 15
H OpenVPN vs WireGuard Speeds on RT-AX86U? ASUS AX Routers & Adapters (Wi-Fi 6/6e) 2
T OpenVPN on Asus RT-Ax88U. ASUS AX Routers & Adapters (Wi-Fi 6/6e) 12
R Solved At Wits End. OpenVPN Certificate Connection issue with Asus Router ASUS AX Routers & Adapters (Wi-Fi 6/6e) 4
mkaand Changing OpenVPN client password via CLI ASUS AX Routers & Adapters (Wi-Fi 6/6e) 6

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 967 (members: 23, guests: 944)
Top