OVPN server Bad encapsulated packet length...

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

Khadanja

Regular Contributor
What is this IP 45.33.86.231, belongs to linode but why appearing in my logs & why this warning?
Jul 16 11:44:01 RT-AC68U-20E0 ovpn-server2[24778]: Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Jul 16 11:44:01 RT-AC68U-20E0 ovpn-server2[24778]: Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Jul 16 11:44:01 RT-AC68U-20E0 ovpn-server2[24778]: Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Jul 16 11:44:01 RT-AC68U-20E0 ovpn-server2[24778]: Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Jul 16 11:44:01 RT-AC68U-20E0 ovpn-server2[24778]: TCP connection established with [AF_INET]45.33.86.231:47954
Jul 16 11:44:02 RT-AC68U-20E0 ovpn-server2[24778]: 45.33.86.231:47954 WARNING: Bad encapsulated packet length from peer (5635), which must be > 0 and <= 1626 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]
Jul 16 11:44:02 RT-AC68U-20E0 ovpn-server2[24778]: 45.33.86.231:47954 Connection reset, restarting [0]
Jul 16 11:44:02 RT-AC68U-20E0 ovpn-server2[24778]: 45.33.86.231:47954 SIGUSR1[soft,connection-reset] received, client-instance restarting
 

ColinTaylor

Part of the Furniture
It's a normal port scanning/hacking attempt. Are you running your VPN server on a standard port? If so you should expect these.
 

Khadanja

Regular Contributor
It's a normal port scanning/hacking attempt. Are you running your VPN server on a standard port? If so you should expect these.
Yeah running 2nd server on 443, followed this guide which advised to have 2nd server on 443 as some remote locations block 1194/UDP
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top