Hi all, I haven't spent much time with pfsense so I'm looking for input on these logs.
I just looked at my logs in pfsense openvpn, and I noticed a handful of logs that read like this...
TLS ERROR: cannot locate HMAC in incoming packet from [AF_INET]178.xx.xxx.xxx:51196
There are several of these and I don't recognize the IP addresses.
I only have 3 guys that connect to this vpn at work and from doing a dns lookup on these addresses, I don't believe any of them are from my guys.
What are these entries, are these attempted logins? Is there a way for me to block this kind of thing?
Thanks everyone.
Concerned with log entries in pfsense open vpn
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
-
- OpenVpn Newbie
- Posts: 1
- Joined: Mon Jan 03, 2022 5:38 pm
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: Concerned with log entries in pfsense open vpn
It is a packet which failed TLS authentication and was dropped.
Openvpn is capable of handling itself, nothing to worry about.
Openvpn is capable of handling itself, nothing to worry about.