Vpn problems
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
-
- OpenVpn Newbie
- Posts: 5
- Joined: Wed Jul 14, 2021 12:41 pm
Vpn problems
Dear geniuses ,
i have some trouble with my openvpn config on my synology nas.
my setup in open is prettymuch standard settings, i forwarded my port that was given default (1194) to the internal host of my nas.
i worked prefectly for a friend of mine untill the start of june. Nothing has changed on my synology or my router, so im quite interessted what caused the issues that im not able to connect anymore.
Wed Jul 14 14:52:43 2021 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
Wed Jul 14 14:52:43 2021 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning.
Wed Jul 14 14:52:43 2021 OpenVPN 2.5.3 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Jun 17 2021
Wed Jul 14 14:52:43 2021 Windows version 10.0 (Windows 10 or greater) 64bit
Wed Jul 14 14:52:43 2021 library versions: OpenSSL 1.1.1k 25 Mar 2021, LZO 2.10
Wed Jul 14 14:52:47 2021 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Wed Jul 14 14:52:47 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]MY IP ADRESS:1194
Wed Jul 14 14:52:47 2021 UDP link local (bound): [AF_INET][undef]:1194
Wed Jul 14 14:52:47 2021 UDP link remote: [AF_INET]MY IP ADRESS:1194
Wed Jul 14 14:52:47 2021 VERIFY ERROR: depth=0, error=certificate has expired: CN=ktm.familyds.com, serial=311558570975139643781707280386422579217324
Wed Jul 14 14:52:47 2021 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Wed Jul 14 14:52:47 2021 TLS_ERROR: BIO read tls_read_plaintext error
Wed Jul 14 14:52:47 2021 TLS Error: TLS object -> incoming plaintext read error
Wed Jul 14 14:52:47 2021 TLS Error: TLS handshake failed
Wed Jul 14 14:52:47 2021 SIGUSR1[soft,tls-error] received, process restarting
Wed Jul 14 14:52:52 2021 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Wed Jul 14 14:52:52 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]MY IP ADRESS:1194
Wed Jul 14 14:52:52 2021 UDP link local (bound): [AF_INET][undef]:1194
Wed Jul 14 14:52:52 2021 UDP link remote: [AF_INET]MY IP ADRESS:1194
Wed Jul 14 14:52:52 2021 TLS Error: Unroutable control packet received from [AF_INET]MY IP ADRESS:1194 (si=3 op=P_CONTROL_V1)
Wed Jul 14 14:52:52 2021 VERIFY ERROR: depth=0, error=certificate has expired: CN=ktm.familyds.com, serial=311558570975139643781707280386422579217324
Wed Jul 14 14:52:52 2021 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Wed Jul 14 14:52:52 2021 TLS_ERROR: BIO read tls_read_plaintext error
Wed Jul 14 14:52:52 2021 TLS Error: TLS object -> incoming plaintext read error
Wed Jul 14 14:52:52 2021 TLS Error: TLS handshake failed
Wed Jul 14 14:52:52 2021 SIGUSR1[soft,tls-error] received, process restarting
Wed Jul 14 14:52:57 2021 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Wed Jul 14 14:52:57 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]MY IP ADRESS:1194
Wed Jul 14 14:52:57 2021 UDP link local (bound): [AF_INET][undef]:1194
Wed Jul 14 14:52:57 2021 UDP link remote: [AF_INET]MY IP ADRESS:1194
Wed Jul 14 14:52:57 2021 TLS Error: Unroutable control packet received from [AF_INET]MY IP ADRESS:1194 (si=3 op=P_ACK_V1)
Wed Jul 14 14:52:59 2021 TLS Error: Unroutable control packet received from [AF_INET]MY IP ADRESS:1194 (si=3 op=P_ACK_V1)
Wed Jul 14 14:53:00 2021 TLS Error: Unroutable control packet received from [AF_INET]MY IP ADRESS:1194 (si=3 op=P_CONTROL_V1)
Wed Jul 14 14:53:00 2021 TLS Error: Unroutable control packet received from [AF_INET]MY IP ADRESS:1194 (si=3 op=P_CONTROL_V1)
Wed Jul 14 14:53:03 2021 TLS Error: Unroutable control packet received from [AF_INET]MY IP ADRESS:1194 (si=3 op=P_CONTROL_V1)
Wed Jul 14 14:53:03 2021 TLS Error: Unroutable control packet received from [AF_INET]MY IP ADRESS:1194 (si=3 op=P_ACK_V1)
Wed Jul 14 14:53:04 2021 TLS Error: Unroutable control packet received from [AF_INET]MY IP ADRESS:1194 (si=3 op=P_CONTROL_V1)
Wed Jul 14 14:53:09 2021 TLS Error: Unroutable control packet received from [AF_INET]MY IP ADRESS:1194 (si=3 op=P_CONTROL_V1)
Wed Jul 14 14:53:10 2021 TLS Error: Unroutable control packet received from [AF_INET]MY IP ADRESS:1194 (si=3 op=P_CONTROL_V1)
Wed Jul 14 14:53:11 2021 TLS Error: Unroutable control packet received from [AF_INET]MY IP ADRESS:1194 (si=3 op=P_ACK_V1)
Wed Jul 14 14:53:20 2021 TLS Error: Unroutable control packet received from [AF_INET]MY IP ADRESS:1194 (si=3 op=P_CONTROL_V1)
Wed Jul 14 14:53:21 2021 TLS Error: Unroutable control packet received from [AF_INET]MY IP ADRESS:1194 (si=3 op=P_CONTROL_V1)
Wed Jul 14 14:53:25 2021 TLS Error: Unroutable control packet received from [AF_INET]MY IP ADRESS:1194 (si=3 op=P_CONTROL_V1)
Wed Jul 14 14:53:26 2021 TLS Error: Unroutable control packet received from [AF_INET]MY IP ADRESS:1194 (si=3 op=P_CONTROL_V1)
Wed Jul 14 14:53:27 2021 TLS Error: Unroutable control packet received from [AF_INET]MY IP ADRESS:1194 (si=3 op=P_ACK_V1)
Wed Jul 14 14:53:57 2021 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Wed Jul 14 14:53:57 2021 TLS Error: TLS handshake failed
Wed Jul 14 14:53:57 2021 SIGUSR1[soft,tls-error] received, process restarting
Wed Jul 14 14:54:02 2021 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Wed Jul 14 14:54:02 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]MY IP ADRESS:1194
Wed Jul 14 14:54:02 2021 UDP link local (bound): [AF_INET][undef]:1194
Wed Jul 14 14:54:02 2021 UDP link remote: [AF_INET]MY IP ADRESS:1194
Wed Jul 14 14:54:02 2021 VERIFY ERROR: depth=0, error=certificate has expired: CN=ktm.familyds.com, serial=311558570975139643781707280386422579217324
Wed Jul 14 14:54:02 2021 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Wed Jul 14 14:54:02 2021 TLS_ERROR: BIO read tls_read_plaintext error
Wed Jul 14 14:54:02 2021 TLS Error: TLS object -> incoming plaintext read error
Wed Jul 14 14:54:02 2021 TLS Error: TLS handshake failed
Wed Jul 14 14:54:02 2021 SIGUSR1[soft,tls-error] received, process restarting
this is my server log i changed my ip adress with {MY IP ADRESS}.
i follow couple of "tutorials" with let me to believe this was all you need to config and you could ignore the "missing external certificate"
do you have any idea what is wrong?
Thank you in advanced.
Koen
i have some trouble with my openvpn config on my synology nas.
my setup in open is prettymuch standard settings, i forwarded my port that was given default (1194) to the internal host of my nas.
i worked prefectly for a friend of mine untill the start of june. Nothing has changed on my synology or my router, so im quite interessted what caused the issues that im not able to connect anymore.
Wed Jul 14 14:52:43 2021 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
Wed Jul 14 14:52:43 2021 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning.
Wed Jul 14 14:52:43 2021 OpenVPN 2.5.3 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Jun 17 2021
Wed Jul 14 14:52:43 2021 Windows version 10.0 (Windows 10 or greater) 64bit
Wed Jul 14 14:52:43 2021 library versions: OpenSSL 1.1.1k 25 Mar 2021, LZO 2.10
Wed Jul 14 14:52:47 2021 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Wed Jul 14 14:52:47 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]MY IP ADRESS:1194
Wed Jul 14 14:52:47 2021 UDP link local (bound): [AF_INET][undef]:1194
Wed Jul 14 14:52:47 2021 UDP link remote: [AF_INET]MY IP ADRESS:1194
Wed Jul 14 14:52:47 2021 VERIFY ERROR: depth=0, error=certificate has expired: CN=ktm.familyds.com, serial=311558570975139643781707280386422579217324
Wed Jul 14 14:52:47 2021 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Wed Jul 14 14:52:47 2021 TLS_ERROR: BIO read tls_read_plaintext error
Wed Jul 14 14:52:47 2021 TLS Error: TLS object -> incoming plaintext read error
Wed Jul 14 14:52:47 2021 TLS Error: TLS handshake failed
Wed Jul 14 14:52:47 2021 SIGUSR1[soft,tls-error] received, process restarting
Wed Jul 14 14:52:52 2021 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Wed Jul 14 14:52:52 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]MY IP ADRESS:1194
Wed Jul 14 14:52:52 2021 UDP link local (bound): [AF_INET][undef]:1194
Wed Jul 14 14:52:52 2021 UDP link remote: [AF_INET]MY IP ADRESS:1194
Wed Jul 14 14:52:52 2021 TLS Error: Unroutable control packet received from [AF_INET]MY IP ADRESS:1194 (si=3 op=P_CONTROL_V1)
Wed Jul 14 14:52:52 2021 VERIFY ERROR: depth=0, error=certificate has expired: CN=ktm.familyds.com, serial=311558570975139643781707280386422579217324
Wed Jul 14 14:52:52 2021 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Wed Jul 14 14:52:52 2021 TLS_ERROR: BIO read tls_read_plaintext error
Wed Jul 14 14:52:52 2021 TLS Error: TLS object -> incoming plaintext read error
Wed Jul 14 14:52:52 2021 TLS Error: TLS handshake failed
Wed Jul 14 14:52:52 2021 SIGUSR1[soft,tls-error] received, process restarting
Wed Jul 14 14:52:57 2021 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Wed Jul 14 14:52:57 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]MY IP ADRESS:1194
Wed Jul 14 14:52:57 2021 UDP link local (bound): [AF_INET][undef]:1194
Wed Jul 14 14:52:57 2021 UDP link remote: [AF_INET]MY IP ADRESS:1194
Wed Jul 14 14:52:57 2021 TLS Error: Unroutable control packet received from [AF_INET]MY IP ADRESS:1194 (si=3 op=P_ACK_V1)
Wed Jul 14 14:52:59 2021 TLS Error: Unroutable control packet received from [AF_INET]MY IP ADRESS:1194 (si=3 op=P_ACK_V1)
Wed Jul 14 14:53:00 2021 TLS Error: Unroutable control packet received from [AF_INET]MY IP ADRESS:1194 (si=3 op=P_CONTROL_V1)
Wed Jul 14 14:53:00 2021 TLS Error: Unroutable control packet received from [AF_INET]MY IP ADRESS:1194 (si=3 op=P_CONTROL_V1)
Wed Jul 14 14:53:03 2021 TLS Error: Unroutable control packet received from [AF_INET]MY IP ADRESS:1194 (si=3 op=P_CONTROL_V1)
Wed Jul 14 14:53:03 2021 TLS Error: Unroutable control packet received from [AF_INET]MY IP ADRESS:1194 (si=3 op=P_ACK_V1)
Wed Jul 14 14:53:04 2021 TLS Error: Unroutable control packet received from [AF_INET]MY IP ADRESS:1194 (si=3 op=P_CONTROL_V1)
Wed Jul 14 14:53:09 2021 TLS Error: Unroutable control packet received from [AF_INET]MY IP ADRESS:1194 (si=3 op=P_CONTROL_V1)
Wed Jul 14 14:53:10 2021 TLS Error: Unroutable control packet received from [AF_INET]MY IP ADRESS:1194 (si=3 op=P_CONTROL_V1)
Wed Jul 14 14:53:11 2021 TLS Error: Unroutable control packet received from [AF_INET]MY IP ADRESS:1194 (si=3 op=P_ACK_V1)
Wed Jul 14 14:53:20 2021 TLS Error: Unroutable control packet received from [AF_INET]MY IP ADRESS:1194 (si=3 op=P_CONTROL_V1)
Wed Jul 14 14:53:21 2021 TLS Error: Unroutable control packet received from [AF_INET]MY IP ADRESS:1194 (si=3 op=P_CONTROL_V1)
Wed Jul 14 14:53:25 2021 TLS Error: Unroutable control packet received from [AF_INET]MY IP ADRESS:1194 (si=3 op=P_CONTROL_V1)
Wed Jul 14 14:53:26 2021 TLS Error: Unroutable control packet received from [AF_INET]MY IP ADRESS:1194 (si=3 op=P_CONTROL_V1)
Wed Jul 14 14:53:27 2021 TLS Error: Unroutable control packet received from [AF_INET]MY IP ADRESS:1194 (si=3 op=P_ACK_V1)
Wed Jul 14 14:53:57 2021 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Wed Jul 14 14:53:57 2021 TLS Error: TLS handshake failed
Wed Jul 14 14:53:57 2021 SIGUSR1[soft,tls-error] received, process restarting
Wed Jul 14 14:54:02 2021 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Wed Jul 14 14:54:02 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]MY IP ADRESS:1194
Wed Jul 14 14:54:02 2021 UDP link local (bound): [AF_INET][undef]:1194
Wed Jul 14 14:54:02 2021 UDP link remote: [AF_INET]MY IP ADRESS:1194
Wed Jul 14 14:54:02 2021 VERIFY ERROR: depth=0, error=certificate has expired: CN=ktm.familyds.com, serial=311558570975139643781707280386422579217324
Wed Jul 14 14:54:02 2021 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Wed Jul 14 14:54:02 2021 TLS_ERROR: BIO read tls_read_plaintext error
Wed Jul 14 14:54:02 2021 TLS Error: TLS object -> incoming plaintext read error
Wed Jul 14 14:54:02 2021 TLS Error: TLS handshake failed
Wed Jul 14 14:54:02 2021 SIGUSR1[soft,tls-error] received, process restarting
this is my server log i changed my ip adress with {MY IP ADRESS}.
i follow couple of "tutorials" with let me to believe this was all you need to config and you could ignore the "missing external certificate"
do you have any idea what is wrong?
Thank you in advanced.
Koen
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
-
- OpenVpn Newbie
- Posts: 5
- Joined: Wed Jul 14, 2021 12:41 pm
Re: Vpn problems
but there is no certificated needs to run vpn right? since it worked before?
ktm is just my nas name
ktm is just my nas name
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: Vpn problems
It worked before because your certificate had not expired ..
-
- OpenVpn Newbie
- Posts: 5
- Joined: Wed Jul 14, 2021 12:41 pm
Re: Vpn problems
well that is dumb...
i did fix that and created a new no-ip ddns and config it at my synology and my router but my config keeps forwarding to my old ddns.
i did re-export my config from openvpn but i keeps redirecting to ktm.familydns.nl, my new ddns is ktm123.ddns.net and in synology it has a green status "normal". in my router it says "Synchronized" so im not sure why openvpn is still looking for "ktm.familyfns.nl?
greets
i did fix that and created a new no-ip ddns and config it at my synology and my router but my config keeps forwarding to my old ddns.
i did re-export my config from openvpn but i keeps redirecting to ktm.familydns.nl, my new ddns is ktm123.ddns.net and in synology it has a green status "normal". in my router it says "Synchronized" so im not sure why openvpn is still looking for "ktm.familyfns.nl?
greets
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: Vpn problems
One has nothing to do with the other ..
-
- OpenVpn Newbie
- Posts: 5
- Joined: Wed Jul 14, 2021 12:41 pm
Re: Vpn problems
wait what do you mean?, i cant access ktm.familydns.nl but is still looking for it in my openvpn config but i cant seems te change it anywhere?
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
-
- OpenVpn Newbie
- Posts: 5
- Joined: Wed Jul 14, 2021 12:41 pm
Re: Vpn problems
i fixt the issue topic can be closed thnx for the responces issue was me ddns in my synology infact!
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: Vpn problems
Your certificate has still expired but if it works then don't fix it