[win11] client connection error - read UDP: Unknown error (code=10040)

Official client software for OpenVPN Access Server and OpenVPN Cloud.
Post Reply
VickFr
OpenVpn Newbie
Posts: 4
Joined: Sat Oct 09, 2021 11:29 am

[win11] client connection error - read UDP: Unknown error (code=10040)

Post by VickFr » Sat Oct 09, 2021 12:27 pm

Hello,
I have a new laptop and I'm currently migrating applications from
the old laptop (an Asus with Windows 10) to the new laptop (a Lenovo with Windows 11).

But on the Windows 11 laptop, the OpenVPN Gui application show several errors when connecting.
While the Windows 10 laptop has no problem for connecting.

The error messages in the log are :
read UDP: Unknown error (code=10040)
they are numerous

Sometimes the errors occur at the connection, sometimes only when I ask for contents (a web page behind the vpn ).
Sometime I can get a small snatch of the web page behind the vpn...

Characteristics and tests:
old laptop : Asus, Windows 10 Pro 64bits, french
new laptop : Lenovo, Windows 11 Pro 64bits, french
Both laptops are connected to the same wifi transmitter.
They use the same OpenVPN file configuration for the connection. (but I don't connect them at the same time)
They use the same OpenVPN version 2.5.4 (64bits).

I've also tried old OpenVPN versions 2.5.3 and 2.5.0, the behavior is the same.
On the Windows 11 laptop, I've deactivated the firewall and even uninstalled the antivirus software, the behavior is the same.
On the Windows 11 laptop, the is no problem with other Internet softwares (Ms Teams, Firefox, ...)

Any help is welcome...

OpenVPN configuration file :
config.ovpn
dev tun
persist-tun
persist-key
cipher AES-128-CBC
ncp-ciphers AES-256-GCM:AES-128-GCM
auth SHA256
tls-client
client
resolv-retry infinite
remote xxx.xxx.xxx.xxx xxxx udp
lport 0
verify-x509-name "vpn-server-xxxxxxxxxx" name
auth-user-pass
remote-cert-tls server

<ca>
-----BEGIN CERTIFICATE-----
xxxx
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
xxxx
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
xxxx
-----END PRIVATE KEY-----
</key>
<tls-auth>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
xxxx
-----END OpenVPN Static key V1-----
</tls-auth>
key-direction 1


Log example: (tags [olog] seem to no work)

Code: Select all

Sat Oct  9 13:15:58 2021 Note: Treating option '--ncp-ciphers' as  '--data-ciphers' (renamed in OpenVPN 2.5).
Sat Oct  9 13:15:58 2021 DEPRECATED OPTION: --cipher set to 'AES-128-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-128-CBC' to --data-ciphers or change --cipher 'AES-128-CBC' to --data-ciphers-fallback 'AES-128-CBC' to silence this warning.
Sat Oct  9 13:15:58 2021 OpenVPN 2.5.4 Windows-MSVC [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Oct  5 2021
Sat Oct  9 13:15:58 2021 Windows version 10.0 (Windows 10 or greater) 64bit
Sat Oct  9 13:15:58 2021 library versions: OpenSSL 1.1.1k  25 Mar 2021, LZO 2.10
Sat Oct  9 13:16:00 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]xxx.xxx.xxx.xxx:xxxx
Sat Oct  9 13:16:00 2021 UDP link local (bound): [AF_INET][undef]:0
Sat Oct  9 13:16:00 2021 UDP link remote: [AF_INET]xxx.xxx.xxx.xxx:xxxx
Sat Oct  9 13:16:00 2021 read UDP: Unknown error (code=10040)
Sat Oct  9 13:16:05 2021 Authenticate/Decrypt packet error: packet HMAC authentication failed
Sat Oct  9 13:16:05 2021 TLS Error: incoming packet authentication failed from [AF_INET]xxx.xxx.xxx.xxx:xxxx
Sat Oct  9 13:16:07 2021 [vpn-server-xxxxxxxxxx] Peer Connection Initiated with [AF_INET]xxx.xxx.xxx.xxx:xxxx
Sat Oct  9 13:16:13 2021 open_tun
Sat Oct  9 13:16:13 2021 tap-windows6 device [OpenVPN TAP-Windows6] opened
Sat Oct  9 13:16:13 2021 Set TAP-Windows TUN subnet mode network/local/netmask = 10.2.2.0/10.2.2.6/255.255.255.0 [SUCCEEDED]
Sat Oct  9 13:16:13 2021 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.2.2.6/255.255.255.0 on interface {B5689751-zzzz-zzzz-zzzz-zzzzzzzzzz} [DHCP-serv: yyy.yyy.yyy.yyy, lease-time: 31536000]
Sat Oct  9 13:16:13 2021 Successful ARP Flush on interface [19] {B5689751-zzzz-zzzz-zzzz-zzzzzzzzzz}
Sat Oct  9 13:16:13 2021 IPv4 MTU set to 1500 on interface 19 using service
Sat Oct  9 13:16:18 2021 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Sat Oct  9 13:16:18 2021 Initialization Sequence Completed
Sat Oct  9 13:17:21 2021 read UDP: Unknown error (code=10040)
Sat Oct  9 13:17:21 2021 read UDP: Unknown error (code=10040)
Sat Oct  9 13:17:21 2021 read UDP: Unknown error (code=10040)
Sat Oct  9 13:17:21 2021 read UDP: Unknown error (code=10040)
Sat Oct  9 13:17:21 2021 read UDP: Unknown error (code=10040)
Sat Oct  9 13:17:21 2021 AEAD Decrypt error: cipher final failed
Sat Oct  9 13:17:21 2021 read UDP: Unknown error (code=10040)
Sat Oct  9 13:17:21 2021 read UDP: Unknown error (code=10040)
Sat Oct  9 13:17:21 2021 read UDP: Unknown error (code=10040)
...

User avatar
TinCanTech
Forum Team
Posts: 9767
Joined: Fri Jun 03, 2016 1:17 pm

Re: [win11] client connection error - read UDP: Unknown error (code=10040)

Post by TinCanTech » Sat Oct 09, 2021 7:35 pm

Check your server log.

You may also need to ensure that your network drivers are up to date.

VickFr
OpenVpn Newbie
Posts: 4
Joined: Sat Oct 09, 2021 11:29 am

Re: [win11] client connection error - read UDP: Unknown error (code=10040)

Post by VickFr » Mon Oct 11, 2021 8:09 am

All my drivers are up to date, and other internet software are running ok when out of the vpn.

Here is the server logs while I attempt to connect:
(the server is Pfsense 2.4.5-RELEASE-p1)

Code: Select all

Oct 11 09:52:47	openvpn	24516	xxx.xxx.xxx.xxx:53121 VERIFY OK: depth=0, C=FR, ST=Paris, L=Paris, O=MyCompany, emailAddress=infra2@mycompany.com, CN=myname
Oct 11 09:52:47	openvpn	24516	xxx.xxx.xxx.xxx:53121 VERIFY SCRIPT OK: depth=0, C=FR, ST=Paris, L=Paris, O=MyCompany, emailAddress=infra2@mycompany.com, CN=myname
Oct 11 09:52:47	openvpn	24516	xxx.xxx.xxx.xxx:53121 VERIFY OK: depth=1, C=FR, ST=Paris, L=Paris, O=MyCompany, emailAddress=infra2@mycompany.com, CN=internal-ca-mycompany, OU=IT
Oct 11 09:52:47	openvpn	24516	xxx.xxx.xxx.xxx:53121 VERIFY SCRIPT OK: depth=1, C=FR, ST=Paris, L=Paris, O=MyCompany, emailAddress=infra2@mycompany.com, CN=internal-ca-mycompany, OU=IT
Oct 11 09:52:43	openvpn	24516	xxx.xxx.xxx.xxx:53121 TLS: Initial packet from [AF_INET]xxx.xxx.xxx.xxx:53121, sid=f9332960 eb42276d

VickFr
OpenVpn Newbie
Posts: 4
Joined: Sat Oct 09, 2021 11:29 am

Re: [win11] client connection error - read UDP: Unknown error (code=10040)

Post by VickFr » Mon Oct 11, 2021 12:25 pm

After uninstalling Windows 11 and returning to Windows 10, and installing all the same applications, on the same laptop, the problem no longer occurred.

VickFr
OpenVpn Newbie
Posts: 4
Joined: Sat Oct 09, 2021 11:29 am

Re: [win11] client connection error - read UDP: Unknown error (code=10040)

Post by VickFr » Mon Oct 11, 2021 12:36 pm

By the way, with Win11 I also tried with OpenVPN Connect 3.3.2.2475 and I had the error :
Connection Timeout
Cannot connect because of the following error(s):
HMAC verification failure : 4 times
Lost connection to server : 1 times

User avatar
TinCanTech
Forum Team
Posts: 9767
Joined: Fri Jun 03, 2016 1:17 pm

Re: [win11] client connection error - read UDP: Unknown error (code=10040)

Post by TinCanTech » Mon Oct 11, 2021 8:08 pm

If openvpn-connect is also affected then it is probably something about your W11 install.

Some built in hidden Windows security knob ..

User avatar
janjust
Forum Team
Posts: 2704
Joined: Fri Aug 20, 2010 2:57 pm
Location: Amsterdam
Contact:

Re: [win11] client connection error - read UDP: Unknown error (code=10040)

Post by janjust » Wed Oct 13, 2021 1:09 pm

could be related to this: https://docs.microsoft.com/en-us/window ... ws-11-21h2

Does the Lenovo laptop have Intel Killer/Smartbyte network drivers installed?

Post Reply