Hello
I have an openvpn network to a synology diskstation. it used to work fine for months now, all for sudden I am getting errors and cannot connect anymore. I am completely lost trying to figure out what's going on. Is somebody able to give a hint? please see error log below.
To my knowledge there hasn't been any update or any change to any of the involved software or hardware products involved (synology diskstation os, windows, openvpn etc. I didn't touch anything! The let's encrypt certificate is valid and will be renewed coming June.
Steps I've undertaken to resolve the issue:
reboot synology server
reboot internet modem/router
reboot my pc
Didn't help
Do you have any advice to me?
Many thanks
chris
------- Log from open vpn --------
I've replaced the ip-address with a placeholder <ip-address> for safety reasons (not sure if that's necessary at all)
-------------------------------------------
Sat May 08 19:23:14 2021 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Sat May 08 19:23:14 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]<ip-address>:1194
Sat May 08 19:23:14 2021 UDP link local (bound): [AF_INET][undef]:1194
Sat May 08 19:23:14 2021 UDP link remote: [AF_INET]<ip-address>:1194
Sat May 08 19:23:14 2021 TLS Error: Unroutable control packet received from [AF_INET]<ip-address>:1194 (si=3 op=P_CONTROL_V1)
Sat May 08 19:23:14 2021 VERIFY ERROR: depth=1, error=unable to get local issuer certificate: C=US, O=Let's Encrypt, CN=R3
Sat May 08 19:23:14 2021 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Sat May 08 19:23:14 2021 TLS_ERROR: BIO read tls_read_plaintext error
Sat May 08 19:23:14 2021 TLS Error: TLS object -> incoming plaintext read error
Sat May 08 19:23:14 2021 TLS Error: TLS handshake failed
Sat May 08 19:23:14 2021 SIGUSR1[soft,tls-error] received, process restarting
Sat May 08 19:23:19 2021 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Sat May 08 19:23:19 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]<ip-address>:1194
Sat May 08 19:23:19 2021 UDP link local (bound): [AF_INET][undef]:1194
Sat May 08 19:23:19 2021 UDP link remote: [AF_INET]<ip-address>:1194
Sat May 08 19:23:19 2021 TLS Error: Unroutable control packet received from [AF_INET]<ip-address>:1194 (si=3 op=P_ACK_V1)
Sat May 08 19:23:21 2021 TLS Error: Unroutable control packet received from [AF_INET]<ip-address>:1194 (si=3 op=P_ACK_V1)
Sat May 08 19:23:24 2021 TLS Error: Unroutable control packet received from [AF_INET]<ip-address>:1194 (si=3 op=P_CONTROL_V1)
Sat May 08 19:23:25 2021 TLS Error: Unroutable control packet received from [AF_INET]<ip-address>:1194 (si=3 op=P_CONTROL_V1)
Sat May 08 19:23:26 2021 TLS Error: Unroutable control packet received from [AF_INET]<ip-address>:1194 (si=3 op=P_CONTROL_V1)
Sat May 08 19:23:28 2021 TLS Error: Unroutable control packet received from [AF_INET]<ip-address>:1194 (si=3 op=P_CONTROL_V1)
Sat May 08 19:23:31 2021 TLS Error: Unroutable control packet received from [AF_INET]<ip-address>:1194 (si=3 op=P_CONTROL_V1)
Sat May 08 19:23:32 2021 TLS Error: Unroutable control packet received from [AF_INET]<ip-address>:1194 (si=3 op=P_CONTROL_V1)
Sat May 08 19:23:33 2021 TLS Error: Unroutable control packet received from [AF_INET]<ip-address>:1194 (si=3 op=P_ACK_V1)
Sat May 08 19:23:41 2021 TLS Error: Unroutable control packet received from [AF_INET]<ip-address>:1194 (si=3 op=P_CONTROL_V1)
Sat May 08 19:23:43 2021 TLS Error: Unroutable control packet received from [AF_INET]<ip-address>:1194 (si=3 op=P_CONTROL_V1)
Sat May 08 19:23:48 2021 TLS Error: Unroutable control packet received from [AF_INET]<ip-address>:1194 (si=3 op=P_CONTROL_V1)
Sat May 08 19:23:49 2021 TLS Error: Unroutable control packet received from [AF_INET]<ip-address>:1194 (si=3 op=P_CONTROL_V1)
Sat May 08 19:24:19 2021 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sat May 08 19:24:19 2021 TLS Error: TLS handshake failed
Sat May 08 19:24:19 2021 SIGUSR1[soft,tls-error] received, process restarting
working VPN connection suddenly throws error
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
-
- OpenVpn Newbie
- Posts: 1
- Joined: Sat May 08, 2021 5:43 pm
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: working VPN connection suddenly throws error
See your server log.
-
- OpenVpn Newbie
- Posts: 8
- Joined: Fri Nov 20, 2020 9:56 pm
Re: working VPN connection suddenly throws error
Were you able to resolve this? I'm having the same problem today. Everything was working fine since September 2020....then today...errors.
-
- OpenVpn Newbie
- Posts: 8
- Joined: Fri Nov 20, 2020 9:56 pm
Re: working VPN connection suddenly throws error
I think I've got this fixed but I'm not sure which action solved the problem, here is what I've done:
1. Reinstalled with most up-to-date client: V2.5.2 ...tbh I don't know what was installed before.
2. On Synology ...refreshed the Lets Encrypt certificate:
4. On Client:
1. Reinstalled with most up-to-date client: V2.5.2 ...tbh I don't know what was installed before.
2. On Synology ...refreshed the Lets Encrypt certificate:
- Control Panel
- External Access
- Click on "Synology" in the service provider list
- Click "Update Now"
- Click Open on VPN Server
- Click OpenVPN
- Changed Authentication to SHA256 (was SHA516)
- Click Export Configuration
4. On Client:
- Closed OpenVPN
- Opened OpenVPN as administrator
- Right clicked OpenVPN Icon and Clicked EDIT Config
- Replaced all text from new config, and updated server address
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: working VPN connection suddenly throws error
Generally, an unroutable control packet is caused by a session timeout. As is the case here.
Re-installing did nothing .. except allow the timeout to roll-over.
Re-installing did nothing .. except allow the timeout to roll-over.