[Solved] Error: Unroutable control packet

Samples of working configurations.
Post Reply
carlosalf27
OpenVpn Newbie
Posts: 6
Joined: Wed Jan 23, 2019 6:08 pm

[Solved] Error: Unroutable control packet

Post by carlosalf27 » Wed Jan 23, 2019 8:18 pm

Hello, I have installed the openvpn server and configured the client, but I am facing this issue, when it try to connect I receive this error on the client machine

Wed Jan 23 12:12:45 2019 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Wed Jan 23 12:12:45 2019 TLS_ERROR: BIO read tls_read_plaintext error
Wed Jan 23 12:12:45 2019 TLS Error: TLS object -> incoming plaintext read error
Wed Jan 23 12:12:45 2019 TLS Error: TLS handshake failed

and while in the server I can see

Jan 23 11:52:42 server.xxxxx.com openvpn[12829]: Wed Jan 23 11:52:42 2019 xxx.xxx.xxx.xxx:1194 SIGUSR1[soft,tls-error] received, client-instance restarting
Jan 23 12:12:44 server.xxxxx.com openvpn[12829]: Wed Jan 23 12:12:44 2019 xxx.xxx.xxx.xxx:1194 TLS: Initial packet from [AF_INET]xxx.xxx.xxx.xxx:1194, sid=58fcaffe c1059b5d
Jan 23 12:12:49 server.xxxxx.com openvpn[12829]: Wed Jan 23 12:12:49 2019 xxx.xxx.xxx.xxx:1194 TLS: new session incoming connection from [AF_INET]xxx.xxx.xxx.xxx:1194
Jan 23 12:12:54 server.xxxxx.com openvpn[12829]: Wed Jan 23 12:12:54 2019 xxx.xxx.xxx.xxx:1194 TLS: new session incoming connection from [AF_INET]xxx.Xxx.xxx.xxx:1194
Jan 23 12:13:44 server.xxxxx.com openvpn[12829]: Wed Jan 23 12:13:44 2019 xxx.xxx.xxx.xxx:1194 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Jan 23 12:13:44 server.xxxxx.com openvpn[12829]: Wed Jan 23 12:13:44 2019 xxx.xxx.xxx.xxx:1194 TLS Error: TLS handshake failed
Jan 23 12:13:44 server.xxxxx.com openvpn[12829]: Wed Jan 23 12:13:44 2019 xxx.xxx.xxx.xxx:1194 SIGUSR1[soft,tls-error] received, client-instance restarting
Jan 23 12:14:00 server.xxxxx.com openvpn[12829]: Wed Jan 23 12:14:00 2019 xxx.xxx.xxx.xxx:1194 TLS: Initial packet from [AF_INET]xxx.xxx.xxx.xxx:1194, sid=3198e9bf 6052bd5a
Jan 23 12:14:05 server.xxxxx.com openvpn[12829]: Wed Jan 23 12:14:05 2019 xxx.xxx.xxx.xxx:1194 TLS: new session incoming connection from [AF_INET]xxx.xxx.xxx.xxx:1194
Jan 23 12:14:15 server.xxxxx.com openvpn[12829]: Wed Jan 23 12:14:15 2019 xxx.xxx.xxx.xxx:1194 TLS: new session incoming connection from [AF_INET]xxx.xxx.xxx.xxx:1194


Do any body have any suggestion please ?

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 5319
Joined: Fri Jun 03, 2016 1:17 pm

Re: Error connecting to server

Post by TinCanTech » Wed Jan 23, 2019 8:48 pm


carlosalf27
OpenVpn Newbie
Posts: 6
Joined: Wed Jan 23, 2019 6:08 pm

Re: Error connecting to server

Post by carlosalf27 » Wed Jan 23, 2019 10:19 pm

Do you refer to this section ?

the error is caused by:
the server is using --auth SHA1 (openvpn default)
while the client is using --auth RSA-SHA512.
--auth algo must match on both server and client.

if so, can you please to explain me how to put both in the same sha type

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 5319
Joined: Fri Jun 03, 2016 1:17 pm

Re: Error connecting to server

Post by TinCanTech » Thu Jan 24, 2019 1:58 am

No, I mean this problem:
carlosalf27 wrote:
Wed Jan 23, 2019 8:18 pm
Wed Jan 23 12:12:45 2019 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed

carlosalf27
OpenVpn Newbie
Posts: 6
Joined: Wed Jan 23, 2019 6:08 pm

Re: Error connecting to server

Post by carlosalf27 » Thu Jan 24, 2019 11:17 pm

Sorry I am costarican and my English is not too many good, most part of my coments has been made with a translator to explain, I do not understand whats wrong, I was reading the post you send me and I think is because I have no used the quotes, that´s the answer error? I need to put the quotes to the error message the client and server bring ?

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 5319
Joined: Fri Jun 03, 2016 1:17 pm

Re: Error connecting to server

Post by TinCanTech » Fri Jan 25, 2019 2:26 am

Please translate this into your preferred language:
viewtopic.php?f=30&t=22603#p68963

carlosalf27
OpenVpn Newbie
Posts: 6
Joined: Wed Jan 23, 2019 6:08 pm

Re: Error connecting to server

Post by carlosalf27 » Fri Jan 25, 2019 3:48 pm

ok, I think I got it.

carlosalf27
OpenVpn Newbie
Posts: 6
Joined: Wed Jan 23, 2019 6:08 pm

Re: Error connecting to server

Post by carlosalf27 » Fri Jan 25, 2019 5:01 pm

Hello, I have installed the openvpn server and configured the client, but I am facing this issue, when it try to connect I receive this error on the client machine

* Server *
Operating system:
CODE: SELECT ALL

LSB Version: :core-4.1-amd64:core-4.1-noarch:cxx-4.1-amd64:cxx-4.1-noarch:desktop-4.1-amd64:desktop-4.1-noarch:languages-4.1-amd64:languages-4.1-noarch:printing-4.1-amd64:printing-4.1-noarch
Distributor ID: CentOS
Description: CentOS Linux release 7.6.1810 (Core)
Release: 7.6.1810
Codename: Core



Network setup:
CODE: SELECT ALL

$ ifconfig
enp3s0f0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet x.x.x.x netmask 255.255.255.248 broadcast x.x.x.x
inet6 fe80::8c1:42dd:2438:33b4 prefixlen 64 scopeid 0x20<link>
ether b4:99:ba:07:1b:84 txqueuelen 1000 (Ethernet)
RX packets 1161835498 bytes 1459231492304 (1.3 TiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 667329446 bytes 153826520663 (143.2 GiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

enp3s0f1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.4.1 netmask 255.255.255.0 broadcast 192.168.4.255
inet6 fe80::d457:788:5e4e:fdc8 prefixlen 64 scopeid 0x20<link>
ether b4:99:ba:07:1b:86 txqueuelen 1000 (Ethernet)
RX packets 3498011573 bytes 2413765553200 (2.1 TiB)
RX errors 0 dropped 1007900 overruns 0 frame 0
TX packets 3699755715 bytes 3682487028580 (3.3 TiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

enp3s0f1:1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.1 netmask 255.255.255.0 broadcast 192.168.1.255
ether b4:99:ba:07:1b:86 txqueuelen 1000 (Ethernet)

enp3s0f1:2: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.0.0.1 netmask 255.255.255.0 broadcast 10.0.0.255
ether b4:99:ba:07:1b:86 txqueuelen 1000 (Ethernet)

lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 8148153 bytes 993519222 (947.4 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 8148153 bytes 993519222 (947.4 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

tun0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500
inet 10.8.0.1 netmask 255.255.255.0 destination 10.8.0.1
inet6 fe80::9768:215b:334:edbd prefixlen 64 scopeid 0x20<link>
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 100 (UNSPEC)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 3 bytes 144 (144.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0


Server config file:
server.conf

server
port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key # This file should be kept secret
remote-cert-eku "TLS Web Client Authentication"
dh dh2048.pem
topology subnet
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
keepalive 10 120
tls-crypt mybussines.tlsauth
cipher AES-256-CBC
user nobody
group nobody
persist-key
persist-tun
status openvpn-status.log
verb 4
explicit-exit-notify 1


Server log (at --verb 4 and client IP address removed)
CODE: SELECT ALL

Fri Jan 25 10:38:07 2019 us=162325 x.x.x.x:1194 Control Channel MTU parms [ L:1621 D:1156 EF:94 EB:0 ET:0 EL:3 ]
Fri Jan 25 10:38:07 2019 us=162351 x.x.x.x:1194 Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
Fri Jan 25 10:38:07 2019 us=162398 x.x.x.x:1194 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1557,tun-mtu 1500,proto UDPv4,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-server'
Fri Jan 25 10:38:07 2019 us=162415 x.x.x.x:1194 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1557,tun-mtu 1500,proto UDPv4,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-client'
Fri Jan 25 10:38:07 2019 us=162475 x.x.x.x:1194 TLS: Initial packet from [AF_INET]x.x.x.x:1194, sid=f2b09be7 3399c056
Fri Jan 25 10:38:12 2019 us=289603 x.x.x.x:1194 TLS: new session incoming connection from [AF_INET]x.x.x.x:1194
Fri Jan 25 10:38:17 2019 us=435251 x.x.x.x:1194 TLS: new session incoming connection from [AF_INET]x.x.x.x:1194
Fri Jan 25 10:39:07 2019 us=419880 x.x.x.x:1194 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Fri Jan 25 10:39:07 2019 us=419929 x.x.x.x:1194 TLS Error: TLS handshake failed
Fri Jan 25 10:39:07 2019 us=420064 x.x.x.x:1194 SIGUSR1[soft,tls-error] received, client-instance restarting
Fri Jan 25 10:39:22 2019 us=204116 MULTI: multi_create_instance called
Fri Jan 25 10:39:22 2019 us=204218 x.x.x.x:1194 Re-using SSL/TLS context
Fri Jan 25 10:39:22 2019 us=204316 x.x.x.x:1194 Control Channel MTU parms [ L:1621 D:1156 EF:94 EB:0 ET:0 EL:3 ]
Fri Jan 25 10:39:22 2019 us=204346 x.x.x.x:1194 Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
Fri Jan 25 10:39:22 2019 us=204397 x.x.x.x:1194 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1557,tun-mtu 1500,proto UDPv4,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-server'
Fri Jan 25 10:39:22 2019 us=204418 x.x.x.x:1194 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1557,tun-mtu 1500,proto UDPv4,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-client'
Fri Jan 25 10:39:22 2019 us=204465 x.x.x.x:1194 TLS: Initial packet from [AF_INET]x.x.x.x:1194, sid=22a744a4 fb0fcfbb
Fri Jan 25 10:39:27 2019 us=328519 x.x.x.x:1194 TLS: new session incoming connection from [AF_INET]x.x.x.x:1194
Fri Jan 25 10:39:37 2019 us=532014 x.x.x.x:1194 TLS: new session incoming connection from [AF_INET]x.x.x.x:1194


* Client *

Operating system:
C:\Users\Carlos>ver
Microsoft Windows [Versión 10.0.17134.523]

Network setup:
CODE: SELECT ALL
C:\Users\Carlos>ipconfig /all
Configuración IP de Windows

Nombre de host. . . . . . . . . : CarlosLap
Sufijo DNS principal . . . . . :
Tipo de nodo. . . . . . . . . . : híbrido
Enrutamiento IP habilitado. . . : no
Proxy WINS habilitado . . . . . : no
Lista de búsqueda de sufijos DNS: xxxxxxxxxx.net

Adaptador desconocido VPN - VPN Client:

Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS específico para la conexión. . :
Descripción . . . . . . . . . . . . . . . : VPN Client Adapter - VPN
Dirección física. . . . . . . . . . . . . : 5E-15-A9-D6-68-CE
DHCP habilitado . . . . . . . . . . . . . : sí
Configuración automática habilitada . . . : sí

Adaptador de Ethernet Ethernet 4:

Sufijo DNS específico para la conexión. . : xxxxxxxxxxxxx.net
Descripción . . . . . . . . . . . . . . . : Intel(R) Ethernet Connection (3) I218-LM
Dirección física. . . . . . . . . . . . . : 70-5A-0F-CB-35-FE
DHCP habilitado . . . . . . . . . . . . . : sí
Configuración automática habilitada . . . : sí
Dirección IPv6 . . . . . . . . . . : fd8c:d1d1:70d1:0:1d1c:35cb:e97c:68bc(Preferido)
Dirección IPv6 temporal. . . . . . : fd8c:d1d1:70d1:0:5c3f:704b:e4e9:93d7(Preferido)
Vínculo: dirección IPv6 local. . . : fe80::1d1c:35cb:e97c:68bc%29(Preferido)
Dirección IPv4. . . . . . . . . . . . . . : 10.10.1.130(Preferido)
Máscara de subred . . . . . . . . . . . . : 255.255.255.0
Concesión obtenida. . . . . . . . . . . . : lunes, 21 de enero de 2019 07:45:23
La concesión expira . . . . . . . . . . . : sábado, 26 de enero de 2019 09:09:05
Puerta de enlace predeterminada . . . . . : 10.10.1.1
Servidor DHCP . . . . . . . . . . . . . . : 10.10.1.1
IAID DHCPv6 . . . . . . . . . . . . . . . : 376461839
DUID de cliente DHCPv6. . . . . . . . . . : 00-01-00-01-22-A7-EF-12-F0-92-1C-5A-FD-D0
Servidores DNS. . . . . . . . . . . . . . : 8.8.8.8
8.8.4.4
10.10.1.1
NetBIOS sobre TCP/IP. . . . . . . . . . . : habilitado

Adaptador de Ethernet Ethernet 7:

Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS específico para la conexión. . :
Descripción . . . . . . . . . . . . . . . : TAP-Windows Adapter V9
Dirección física. . . . . . . . . . . . . : 00-FF-40-2F-78-ED
DHCP habilitado . . . . . . . . . . . . . : sí
Configuración automática habilitada . . . : sí

Client config file:
client.ovpn

client
client
tls-client
ca ca.crt
cert laguero.crt
key laguero.key
tls-crypt mybussines.tlsauth
remote-cert-eku "TLS Web Client Authentication"
proto udp
remote x.x.x.x 1194 udp
dev tun
topology subnet
pull
user nobody
group nobody



Client log (at --verb 4 and server name and IP address removed)
CODE: SELECT ALL

Fri Jan 25 10:38:09 2019 OpenVPN 2.4.6 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Apr 26 2018
Fri Jan 25 10:38:09 2019 Windows version 6.2 (Windows 8 or greater) 64bit
Fri Jan 25 10:38:09 2019 library versions: OpenSSL 1.1.0h 27 Mar 2018, LZO 2.10
Enter Management Password:
Fri Jan 25 10:38:09 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:1194
Fri Jan 25 10:38:09 2019 UDP link local (bound): [AF_INET][undef]:1194
Fri Jan 25 10:38:09 2019 UDP link remote: [AF_INET]x.x.x.x:1194
Fri Jan 25 10:38:09 2019 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Fri Jan 25 10:38:09 2019 TLS_ERROR: BIO read tls_read_plaintext error
Fri Jan 25 10:38:09 2019 TLS Error: TLS object -> incoming plaintext read error
Fri Jan 25 10:38:09 2019 TLS Error: TLS handshake failed
Fri Jan 25 10:38:09 2019 SIGUSR1[soft,tls-error] received, process restarting
Fri Jan 25 10:38:14 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:1194
Fri Jan 25 10:38:14 2019 UDP link local (bound): [AF_INET][undef]:1194
Fri Jan 25 10:38:14 2019 UDP link remote: [AF_INET]x.x.x.x:1194
Fri Jan 25 10:38:14 2019 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Fri Jan 25 10:38:14 2019 TLS_ERROR: BIO read tls_read_plaintext error
Fri Jan 25 10:38:14 2019 TLS Error: TLS object -> incoming plaintext read error
Fri Jan 25 10:38:14 2019 TLS Error: TLS handshake failed
Fri Jan 25 10:38:14 2019 SIGUSR1[soft,tls-error] received, process restarting
Fri Jan 25 10:38:19 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:1194
Fri Jan 25 10:38:19 2019 UDP link local (bound): [AF_INET][undef]:1194
Fri Jan 25 10:38:19 2019 UDP link remote: [AF_INET]x.x.x.x:1194
Fri Jan 25 10:38:19 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_CONTROL_V1)
Fri Jan 25 10:38:20 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_CONTROL_V1)
Fri Jan 25 10:38:22 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_ACK_V1)
Fri Jan 25 10:38:24 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_CONTROL_V1)
Fri Jan 25 10:38:24 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_CONTROL_V1)
Fri Jan 25 10:38:25 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_CONTROL_V1)
Fri Jan 25 10:38:26 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_ACK_V1)
Fri Jan 25 10:38:28 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_CONTROL_V1)
Fri Jan 25 10:38:31 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_CONTROL_V1)
Fri Jan 25 10:38:34 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_ACK_V1)
Fri Jan 25 10:38:39 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_CONTROL_V1)
Fri Jan 25 10:38:41 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_CONTROL_V1)
Fri Jan 25 10:38:44 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_CONTROL_V1)
Fri Jan 25 10:38:47 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_CONTROL_V1)
Fri Jan 25 10:38:50 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_ACK_V1)
Fri Jan 25 10:39:19 2019 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Fri Jan 25 10:39:19 2019 TLS Error: TLS handshake failed
Fri Jan 25 10:39:19 2019 SIGUSR1[soft,tls-error] received, process restarting
Fri Jan 25 10:39:24 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:1194
Fri Jan 25 10:39:24 2019 UDP link local (bound): [AF_INET][undef]:1194
Fri Jan 25 10:39:24 2019 UDP link remote: [AF_INET]x.x.x.x:1194
Fri Jan 25 10:39:24 2019 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Fri Jan 25 10:39:24 2019 TLS_ERROR: BIO read tls_read_plaintext error
Fri Jan 25 10:39:24 2019 TLS Error: TLS object -> incoming plaintext read error
Fri Jan 25 10:39:24 2019 TLS Error: TLS handshake failed
Fri Jan 25 10:39:24 2019 SIGUSR1[soft,tls-error] received, process restarting
Fri Jan 25 10:39:29 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:1194
Fri Jan 25 10:39:29 2019 UDP link local (bound): [AF_INET][undef]:1194
Fri Jan 25 10:39:29 2019 UDP link remote: [AF_INET]x.x.x.x:1194
Fri Jan 25 10:39:29 2019 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Fri Jan 25 10:39:29 2019 TLS_ERROR: BIO read tls_read_plaintext error
Fri Jan 25 10:39:29 2019 TLS Error: TLS object -> incoming plaintext read error
Fri Jan 25 10:39:29 2019 TLS Error: TLS handshake failed
Fri Jan 25 10:39:29 2019 SIGUSR1[soft,tls-error] received, process restarting
Fri Jan 25 10:39:39 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:1194
Fri Jan 25 10:39:39 2019 UDP link local (bound): [AF_INET][undef]:1194
Fri Jan 25 10:39:39 2019 UDP link remote: [AF_INET]x.x.x.x:1194
Fri Jan 25 10:39:39 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_ACK_V1)
Fri Jan 25 10:39:41 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_ACK_V1)
Fri Jan 25 10:39:43 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_CONTROL_V1)
Fri Jan 25 10:39:44 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_CONTROL_V1)
Fri Jan 25 10:39:45 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_ACK_V1)
Fri Jan 25 10:39:46 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_CONTROL_V1)
Fri Jan 25 10:39:53 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_ACK_V1)
Fri Jan 25 10:39:54 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_CONTROL_V1)
Fri Jan 25 10:39:59 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_CONTROL_V1)
Fri Jan 25 10:40:00 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_CONTROL_V1)
Fri Jan 25 10:40:03 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_CONTROL_V1)
Fri Jan 25 10:40:09 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_ACK_V1)
Fri Jan 25 10:40:40 2019 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Fri Jan 25 10:40:40 2019 TLS Error: TLS handshake failed
Fri Jan 25 10:40:40 2019 SIGUSR1[soft,tls-error] received, process restarting
Fri Jan 25 10:41:00 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:1194
Fri Jan 25 10:41:00 2019 UDP link local (bound): [AF_INET][undef]:1194
Fri Jan 25 10:41:00 2019 UDP link remote: [AF_INET]x.x.x.x:1194
Fri Jan 25 10:41:00 2019 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Fri Jan 25 10:41:00 2019 TLS_ERROR: BIO read tls_read_plaintext error
Fri Jan 25 10:41:00 2019 TLS Error: TLS object -> incoming plaintext read error
Fri Jan 25 10:41:00 2019 TLS Error: TLS handshake failed
Fri Jan 25 10:41:00 2019 SIGUSR1[soft,tls-error] received, process restarting
Fri Jan 25 10:41:40 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:1194
Fri Jan 25 10:41:40 2019 UDP link local (bound): [AF_INET][undef]:1194
Fri Jan 25 10:41:40 2019 UDP link remote: [AF_INET]x.x.x.x:1194
Fri Jan 25 10:41:40 2019 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Fri Jan 25 10:41:40 2019 TLS_ERROR: BIO read tls_read_plaintext error
Fri Jan 25 10:41:40 2019 TLS Error: TLS object -> incoming plaintext read error
Fri Jan 25 10:41:40 2019 TLS Error: TLS handshake failed
Fri Jan 25 10:41:40 2019 SIGUSR1[soft,tls-error] received, process restarting
Fri Jan 25 10:42:15 2019 SIGTERM[hard,init_instance] received, process exiting

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 5319
Joined: Fri Jun 03, 2016 1:17 pm

Re: Error connecting to server

Post by TinCanTech » Fri Jan 25, 2019 5:08 pm

carlosalf27 wrote:
Fri Jan 25, 2019 5:01 pm
client
tls-client
ca ca.crt
cert laguero.crt
key laguero.key
tls-crypt mybussines.tlsauth
remote-cert-eku "TLS Web Client Authentication"
proto udp
remote x.x.x.x 1194 udp
dev tun
topology subnet
pull
user nobody
group nobody
This should be:

Code: Select all

remote-cert-eku "TLS Web Server Authentication"
Because your client connects to a server.

And you do not need "topology subnet" in your client because your server will push this.

carlosalf27
OpenVpn Newbie
Posts: 6
Joined: Wed Jan 23, 2019 6:08 pm

Re: Error connecting to server

Post by carlosalf27 » Fri Jan 25, 2019 8:23 pm

Thank you so much, it was Solved

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 5319
Joined: Fri Jun 03, 2016 1:17 pm

Re: Error connecting to server

Post by TinCanTech » Fri Jan 25, 2019 8:36 pm

Thank you for letting us know 8-)

Post Reply