What's new

OVPN server Bad encapsulated packet length...

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Khadanja

Senior Member
What is this IP 45.33.86.231, belongs to linode but why appearing in my logs & why this warning?
Jul 16 11:44:01 RT-AC68U-20E0 ovpn-server2[24778]: Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Jul 16 11:44:01 RT-AC68U-20E0 ovpn-server2[24778]: Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Jul 16 11:44:01 RT-AC68U-20E0 ovpn-server2[24778]: Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Jul 16 11:44:01 RT-AC68U-20E0 ovpn-server2[24778]: Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Jul 16 11:44:01 RT-AC68U-20E0 ovpn-server2[24778]: TCP connection established with [AF_INET]45.33.86.231:47954
Jul 16 11:44:02 RT-AC68U-20E0 ovpn-server2[24778]: 45.33.86.231:47954 WARNING: Bad encapsulated packet length from peer (5635), which must be > 0 and <= 1626 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]
Jul 16 11:44:02 RT-AC68U-20E0 ovpn-server2[24778]: 45.33.86.231:47954 Connection reset, restarting [0]
Jul 16 11:44:02 RT-AC68U-20E0 ovpn-server2[24778]: 45.33.86.231:47954 SIGUSR1[soft,connection-reset] received, client-instance restarting
 
It's a normal port scanning/hacking attempt. Are you running your VPN server on a standard port? If so you should expect these.
 
It's a normal port scanning/hacking attempt. Are you running your VPN server on a standard port? If so you should expect these.
Yeah running 2nd server on 443, followed this guide which advised to have 2nd server on 443 as some remote locations block 1194/UDP
 
I see these all the time. I guess it is the price to pay for having this configuration. I also use 443/TCP for circumventing restrictions.

If there is anything else I can do, I'm all ears...
 

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top