Hi all,
I'm seeing an error on OpenVPN AS in the logs, for the connection of a client (TPLink ER605).
It was working correctly yesterday, but now the connection is down, an an error message appears in the logs every few minutes, saying "SESSION_ID HMAC token is expired". I've tried searching for this error message online, and I can't find any other mention of it.
Can anyone please shed some light on what the cause is, and a possible fix?
Thanks,
Josh
Error: SESSION_ID HMAC token is expired
-
josh43
- OpenVpn Newbie
- Posts: 1
- Joined: Fri Feb 02, 2024 1:57 am
-
openvpn_inc
- OpenVPN Inc.
- Posts: 1333
- Joined: Tue Feb 16, 2021 10:41 am
Re: Error: SESSION_ID HMAC token is expired
Hello Josh,
Not sure about a solution. Only that a session token is used instead of complete credentials once you've authenticated a VPN session. That token has expired. But it looks like the client keeps trying endlessly to reuse that token instead of doing authentication again like it should.
You could try to get an autologin type profile from your Access Server and installing that on your TP-Link device. Autologin profiles do not have to use session tokens or credentials, they just authenticate using the client's private key, fully automatically. It is more suited to unattended connections.
Also check if there is a more up-to-date firmware available for your TP-Link device.
Kind regards,
Johan
Not sure about a solution. Only that a session token is used instead of complete credentials once you've authenticated a VPN session. That token has expired. But it looks like the client keeps trying endlessly to reuse that token instead of doing authentication again like it should.
You could try to get an autologin type profile from your Access Server and installing that on your TP-Link device. Autologin profiles do not have to use session tokens or credentials, they just authenticate using the client's private key, fully automatically. It is more suited to unattended connections.
Also check if there is a more up-to-date firmware available for your TP-Link device.
Kind regards,
Johan
OpenVPN Inc.Answers provided by OpenVPN Inc. staff members here are provided on a voluntary best-effort basis, and no rights can be claimed on the basis of answers posted in this public forum. If you wish to get official support from OpenVPN Inc. please use the official support ticket system: https://openvpn.net/support