I have a new laptop and I'm currently migrating applications from
the old laptop (an Asus with Windows 10) to the new laptop (a Lenovo with Windows 11).
But on the Windows 11 laptop, the OpenVPN Gui application show several errors when connecting.
While the Windows 10 laptop has no problem for connecting.
The error messages in the log are :
read UDP: Unknown error (code=10040)
they are numerous
Sometimes the errors occur at the connection, sometimes only when I ask for contents (a web page behind the vpn ).
Sometime I can get a small snatch of the web page behind the vpn...
Characteristics and tests:
old laptop : Asus, Windows 10 Pro 64bits, french
new laptop : Lenovo, Windows 11 Pro 64bits, french
Both laptops are connected to the same wifi transmitter.
They use the same OpenVPN file configuration for the connection. (but I don't connect them at the same time)
They use the same OpenVPN version 2.5.4 (64bits).
I've also tried old OpenVPN versions 2.5.3 and 2.5.0, the behavior is the same.
On the Windows 11 laptop, I've deactivated the firewall and even uninstalled the antivirus software, the behavior is the same.
On the Windows 11 laptop, the is no problem with other Internet softwares (Ms Teams, Firefox, ...)
Any help is welcome...
OpenVPN configuration file :
config.ovpn
dev tun
persist-tun
persist-key
cipher AES-128-CBC
ncp-ciphers AES-256-GCM:AES-128-GCM
auth SHA256
tls-client
client
resolv-retry infinite
remote xxx.xxx.xxx.xxx xxxx udp
lport 0
verify-x509-name "vpn-server-xxxxxxxxxx" name
auth-user-pass
remote-cert-tls server
<ca>
-----BEGIN CERTIFICATE-----
xxxx
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
xxxx
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
xxxx
-----END PRIVATE KEY-----
</key>
<tls-auth>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
xxxx
-----END OpenVPN Static key V1-----
</tls-auth>
key-direction 1
persist-tun
persist-key
cipher AES-128-CBC
ncp-ciphers AES-256-GCM:AES-128-GCM
auth SHA256
tls-client
client
resolv-retry infinite
remote xxx.xxx.xxx.xxx xxxx udp
lport 0
verify-x509-name "vpn-server-xxxxxxxxxx" name
auth-user-pass
remote-cert-tls server
<ca>
-----BEGIN CERTIFICATE-----
xxxx
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
xxxx
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
xxxx
-----END PRIVATE KEY-----
</key>
<tls-auth>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
xxxx
-----END OpenVPN Static key V1-----
</tls-auth>
key-direction 1
Log example: (tags [olog] seem to no work)
Code: Select all
Sat Oct 9 13:15:58 2021 Note: Treating option '--ncp-ciphers' as '--data-ciphers' (renamed in OpenVPN 2.5).
Sat Oct 9 13:15:58 2021 DEPRECATED OPTION: --cipher set to 'AES-128-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-128-CBC' to --data-ciphers or change --cipher 'AES-128-CBC' to --data-ciphers-fallback 'AES-128-CBC' to silence this warning.
Sat Oct 9 13:15:58 2021 OpenVPN 2.5.4 Windows-MSVC [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Oct 5 2021
Sat Oct 9 13:15:58 2021 Windows version 10.0 (Windows 10 or greater) 64bit
Sat Oct 9 13:15:58 2021 library versions: OpenSSL 1.1.1k 25 Mar 2021, LZO 2.10
Sat Oct 9 13:16:00 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]xxx.xxx.xxx.xxx:xxxx
Sat Oct 9 13:16:00 2021 UDP link local (bound): [AF_INET][undef]:0
Sat Oct 9 13:16:00 2021 UDP link remote: [AF_INET]xxx.xxx.xxx.xxx:xxxx
Sat Oct 9 13:16:00 2021 read UDP: Unknown error (code=10040)
Sat Oct 9 13:16:05 2021 Authenticate/Decrypt packet error: packet HMAC authentication failed
Sat Oct 9 13:16:05 2021 TLS Error: incoming packet authentication failed from [AF_INET]xxx.xxx.xxx.xxx:xxxx
Sat Oct 9 13:16:07 2021 [vpn-server-xxxxxxxxxx] Peer Connection Initiated with [AF_INET]xxx.xxx.xxx.xxx:xxxx
Sat Oct 9 13:16:13 2021 open_tun
Sat Oct 9 13:16:13 2021 tap-windows6 device [OpenVPN TAP-Windows6] opened
Sat Oct 9 13:16:13 2021 Set TAP-Windows TUN subnet mode network/local/netmask = 10.2.2.0/10.2.2.6/255.255.255.0 [SUCCEEDED]
Sat Oct 9 13:16:13 2021 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.2.2.6/255.255.255.0 on interface {B5689751-zzzz-zzzz-zzzz-zzzzzzzzzz} [DHCP-serv: yyy.yyy.yyy.yyy, lease-time: 31536000]
Sat Oct 9 13:16:13 2021 Successful ARP Flush on interface [19] {B5689751-zzzz-zzzz-zzzz-zzzzzzzzzz}
Sat Oct 9 13:16:13 2021 IPv4 MTU set to 1500 on interface 19 using service
Sat Oct 9 13:16:18 2021 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Sat Oct 9 13:16:18 2021 Initialization Sequence Completed
Sat Oct 9 13:17:21 2021 read UDP: Unknown error (code=10040)
Sat Oct 9 13:17:21 2021 read UDP: Unknown error (code=10040)
Sat Oct 9 13:17:21 2021 read UDP: Unknown error (code=10040)
Sat Oct 9 13:17:21 2021 read UDP: Unknown error (code=10040)
Sat Oct 9 13:17:21 2021 read UDP: Unknown error (code=10040)
Sat Oct 9 13:17:21 2021 AEAD Decrypt error: cipher final failed
Sat Oct 9 13:17:21 2021 read UDP: Unknown error (code=10040)
Sat Oct 9 13:17:21 2021 read UDP: Unknown error (code=10040)
Sat Oct 9 13:17:21 2021 read UDP: Unknown error (code=10040)
...