OpenVPN server on Relocated AWS instance does not properly work

Need help configuring your VPN? Just post here and you'll get that help.
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
xyzw
OpenVpn Newbie
Posts: 5
Joined: Sun Feb 14, 2021 10:48 pm

OpenVPN server on Relocated AWS instance does not properly work

Post by xyzw » Sun Feb 14, 2021 10:52 pm

I set up an OpenVPN server in the Central AWS region. It works perfectly. However, after I copied the instance to the second server on a new region, I was able to connect it but it gave the error below.(The Instance is the instance of Ubuntu 16 LTS)

Code: Select all

Sun Feb 14 16:45:01 2021 us=56887 awsclient2/x.x.x.x:50370 MULTI: bad source address from >client [192.168.43.228], packet dropped Sun Feb 14 16:45:01 2021 us=56930 awsclient2/x.x.x.x:50370 MULTI: bad source address from >client [192.168.43.228], packet dropped Sun Feb 14 16:45:01 2021 us=56939 awsclient2/x.x.x.x:50370 MULTI: bad source address from >client [192.168.43.228], packet dropped Sun Feb 14 16:45:01 2021 us=56946 awsclient2/x.x.x.x:50370 MULTI: bad source address from >client [192.168.43.228], packet dropped Sun Feb 14 16:45:01 2021 us=56953 awsclient2/x.x.x.x:50370 MULTI: bad source address from >client [192.168.43.228], packet dropped Sun Feb 14 16:45:01 2021 us=56960 awsclient2/x.x.x.x:50370 MULTI: bad source address from client [192.168.43.228], packet dropped Sun Feb 14 16:45:01 2021 us=56968 awsclient2/x.x.x.x:50370 MULTI: bad source address from client [192.168.43.228], packet dropped Sun Feb 14 16:45:01 2021 us=56976 awsclient2/x.x.x.x:50370 MULTI: bad source address from client [192.168.43.228], packet dropped Sun Feb 14 16:45:01 2021 us=56983 awsclient2/x.x.x.x:50370 MULTI: bad source address from client [192.168.43.228], packet dropped Sun Feb 14 16:45:01 2021 us=56990 awsclient2/x.x.x.x:50370 MULTI: bad source address from client [192.168.43.228], packet dropped Sun Feb 14 16:45:01 2021 us=57014 awsclient2/x.x.x.x:50370 MULTI: bad source address from client [192.168.43.228], packet dropped Sun Feb 14 16:45:01 2021 us=57021 awsclient2/x.x.x.x:50370 MULTI: bad source address from client [192.168.43.228], packet dropped Sun Feb 14 16:45:01 2021 us=58586 awsclient2/x.x.x.x:50370 MULTI: bad source address from client [192.168.43.228], packet dropped Sun Feb 14 16:45:01 2021 us=58619 awsclient2/x.x.x.x:50370 MULTI: bad source address from client [192.168.43.228], packet dropped Sun Feb 14 16:45:01 2021 us=58627 awsclient2/x.x.x.x:50370 MULTI: bad source address from client [192.168.43.228], packet dropped Sun Feb 14 16:45:01 2021 us=58634 awsclient2/x.x.x.x:50370 MULTI: bad source address from client [192.168.43.228], packet dropped Sun Feb 14 16:45:01 2021 us=58640 awsclient2/x.x.x.x:50370 MULTI: bad source address from client [192.168.43.228], packet dropped Sun Feb 14 16: 
Server config

cipher AES-128-CBC
port 1194
proto tcp
dev tun
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
ca /etc/openvpn/easy-rsa/keys/ca.crt
cert /etc/openvpn/easy-rsa/keys/awsvpn.crt
key /etc/openvpn/easy-rsa/keys/awsvpn.key
dh /etc/openvpn/easy-rsa/keys/dh2048.pem
server 10.8.0.0 255.255.255.0
push "redirect-gateway def1 bypass-dhcp"
push "route x.x.x.x 255.255.255.255 net_gateway"
push "dhcp-option DNS 1.1.1.1"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
push "block-outside-dns"
keepalive 5 30
reneg-sec 0
persist-key
persist-tun
status /var/log/openvpn.log
log-append /etc/openvpn/server.log
client-config-dir ccd
route 192.168.4.0 255.255.255.0
verb 4


Client config

]cipher AES-128-CBC
client
dev tun
proto tcp
remote x.x.x.x 1194
#remote localhost 1337
# replace x.x.x.x with your openvpn server ip
#route x.x.x.x 255.255.255.255 net_gateway
resolv-retry infinite
nobind
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
persist-key
persist-tun
auth-nocache
remote-cert-tls server
verb 3
script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf


ccd/client2

Code: Select all

iroute 192.168.43.228  255.255.255.0
Last edited by Pippin on Mon Feb 15, 2021 1:20 pm, edited 3 times in total.
Reason: Formatting

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 8661
Joined: Fri Jun 03, 2016 1:17 pm

Re: Relocated AWS instance OpenVPN service does not properly work

Post by TinCanTech » Sun Feb 14, 2021 11:02 pm

Is this really worth reformatting ? It speaks for itself ..

xyzw
OpenVpn Newbie
Posts: 5
Joined: Sun Feb 14, 2021 10:48 pm

Re: OpenVPN server on Relocated AWS instance does not properly work

Post by xyzw » Mon Feb 15, 2021 1:09 pm

Do you have any idea why this error occured?

300000
OpenVPN Super User
Posts: 463
Joined: Tue May 01, 2012 9:30 pm

Re: OpenVPN server on Relocated AWS instance does not properly work

Post by 300000 » Mon Feb 15, 2021 2:01 pm

You copy it you know it was working fine until you moved it . Maybe copy wrong or something is wrong with news one.

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 8661
Joined: Fri Jun 03, 2016 1:17 pm

Re: OpenVPN server on Relocated AWS instance does not properly work

Post by TinCanTech » Mon Feb 15, 2021 3:38 pm

xyzw wrote:
Sun Feb 14, 2021 10:52 pm
awsclient2/x.x.x.x:50370 MULTI: bad source address from >client [192.168.43.228]
xyzw wrote:
Sun Feb 14, 2021 10:52 pm
ccd/client2
Looks like the wrong name.

xyzw
OpenVpn Newbie
Posts: 5
Joined: Sun Feb 14, 2021 10:48 pm

Re: OpenVPN server on Relocated AWS instance does not properly work

Post by xyzw » Tue Feb 16, 2021 1:23 am

The error is because of the aws I think. I tried the same configuration in two regions. It worked. But It does not work in Milan Europe region.

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 8661
Joined: Fri Jun 03, 2016 1:17 pm

Re: OpenVPN server on Relocated AWS instance does not properly work

Post by TinCanTech » Tue Feb 16, 2021 1:31 am

Do you know how to use an --iroute ?

xyzw
OpenVpn Newbie
Posts: 5
Joined: Sun Feb 14, 2021 10:48 pm

Re: OpenVPN server on Relocated AWS instance does not properly work

Post by xyzw » Tue Feb 16, 2021 4:05 pm

I have not got enough knowledge on iroute.Actually iroute was my last resort to solve my connection problem. It does not work either. The configuration that I managed to run succesfully works without iroute.

xyzw
OpenVpn Newbie
Posts: 5
Joined: Sun Feb 14, 2021 10:48 pm

Re: OpenVPN server on Relocated AWS instance does not properly work

Post by xyzw » Wed Feb 17, 2021 6:29 pm

For the record. Some aws ec2 machines do not have etho interface and have ens5 interface. This may be the root cause of the error.

Post Reply