[Solved] Error: Unroutable control packet

Samples of working configurations.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Post Reply
carlosalf27
OpenVpn Newbie
Posts: 6
Joined: Wed Jan 23, 2019 6:08 pm

[Solved] Error: Unroutable control packet

Post by carlosalf27 » Wed Jan 23, 2019 8:18 pm

Hello, I have installed the openvpn server and configured the client, but I am facing this issue, when it try to connect I receive this error on the client machine

Wed Jan 23 12:12:45 2019 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Wed Jan 23 12:12:45 2019 TLS_ERROR: BIO read tls_read_plaintext error
Wed Jan 23 12:12:45 2019 TLS Error: TLS object -> incoming plaintext read error
Wed Jan 23 12:12:45 2019 TLS Error: TLS handshake failed

and while in the server I can see

Jan 23 11:52:42 server.xxxxx.com openvpn[12829]: Wed Jan 23 11:52:42 2019 xxx.xxx.xxx.xxx:1194 SIGUSR1[soft,tls-error] received, client-instance restarting
Jan 23 12:12:44 server.xxxxx.com openvpn[12829]: Wed Jan 23 12:12:44 2019 xxx.xxx.xxx.xxx:1194 TLS: Initial packet from [AF_INET]xxx.xxx.xxx.xxx:1194, sid=58fcaffe c1059b5d
Jan 23 12:12:49 server.xxxxx.com openvpn[12829]: Wed Jan 23 12:12:49 2019 xxx.xxx.xxx.xxx:1194 TLS: new session incoming connection from [AF_INET]xxx.xxx.xxx.xxx:1194
Jan 23 12:12:54 server.xxxxx.com openvpn[12829]: Wed Jan 23 12:12:54 2019 xxx.xxx.xxx.xxx:1194 TLS: new session incoming connection from [AF_INET]xxx.Xxx.xxx.xxx:1194
Jan 23 12:13:44 server.xxxxx.com openvpn[12829]: Wed Jan 23 12:13:44 2019 xxx.xxx.xxx.xxx:1194 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Jan 23 12:13:44 server.xxxxx.com openvpn[12829]: Wed Jan 23 12:13:44 2019 xxx.xxx.xxx.xxx:1194 TLS Error: TLS handshake failed
Jan 23 12:13:44 server.xxxxx.com openvpn[12829]: Wed Jan 23 12:13:44 2019 xxx.xxx.xxx.xxx:1194 SIGUSR1[soft,tls-error] received, client-instance restarting
Jan 23 12:14:00 server.xxxxx.com openvpn[12829]: Wed Jan 23 12:14:00 2019 xxx.xxx.xxx.xxx:1194 TLS: Initial packet from [AF_INET]xxx.xxx.xxx.xxx:1194, sid=3198e9bf 6052bd5a
Jan 23 12:14:05 server.xxxxx.com openvpn[12829]: Wed Jan 23 12:14:05 2019 xxx.xxx.xxx.xxx:1194 TLS: new session incoming connection from [AF_INET]xxx.xxx.xxx.xxx:1194
Jan 23 12:14:15 server.xxxxx.com openvpn[12829]: Wed Jan 23 12:14:15 2019 xxx.xxx.xxx.xxx:1194 TLS: new session incoming connection from [AF_INET]xxx.xxx.xxx.xxx:1194


Do any body have any suggestion please ?

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: Error connecting to server

Post by TinCanTech » Wed Jan 23, 2019 8:48 pm


carlosalf27
OpenVpn Newbie
Posts: 6
Joined: Wed Jan 23, 2019 6:08 pm

Re: Error connecting to server

Post by carlosalf27 » Wed Jan 23, 2019 10:19 pm

Do you refer to this section ?

the error is caused by:
the server is using --auth SHA1 (openvpn default)
while the client is using --auth RSA-SHA512.
--auth algo must match on both server and client.

if so, can you please to explain me how to put both in the same sha type

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: Error connecting to server

Post by TinCanTech » Thu Jan 24, 2019 1:58 am

No, I mean this problem:
carlosalf27 wrote:
Wed Jan 23, 2019 8:18 pm
Wed Jan 23 12:12:45 2019 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed

carlosalf27
OpenVpn Newbie
Posts: 6
Joined: Wed Jan 23, 2019 6:08 pm

Re: Error connecting to server

Post by carlosalf27 » Thu Jan 24, 2019 11:17 pm

Sorry I am costarican and my English is not too many good, most part of my coments has been made with a translator to explain, I do not understand whats wrong, I was reading the post you send me and I think is because I have no used the quotes, that´s the answer error? I need to put the quotes to the error message the client and server bring ?

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: Error connecting to server

Post by TinCanTech » Fri Jan 25, 2019 2:26 am

Please translate this into your preferred language:
viewtopic.php?f=30&t=22603#p68963

carlosalf27
OpenVpn Newbie
Posts: 6
Joined: Wed Jan 23, 2019 6:08 pm

Re: Error connecting to server

Post by carlosalf27 » Fri Jan 25, 2019 3:48 pm

ok, I think I got it.

carlosalf27
OpenVpn Newbie
Posts: 6
Joined: Wed Jan 23, 2019 6:08 pm

Re: Error connecting to server

Post by carlosalf27 » Fri Jan 25, 2019 5:01 pm

Hello, I have installed the openvpn server and configured the client, but I am facing this issue, when it try to connect I receive this error on the client machine

* Server *
Operating system:
CODE: SELECT ALL

LSB Version: :core-4.1-amd64:core-4.1-noarch:cxx-4.1-amd64:cxx-4.1-noarch:desktop-4.1-amd64:desktop-4.1-noarch:languages-4.1-amd64:languages-4.1-noarch:printing-4.1-amd64:printing-4.1-noarch
Distributor ID: CentOS
Description: CentOS Linux release 7.6.1810 (Core)
Release: 7.6.1810
Codename: Core



Network setup:
CODE: SELECT ALL

$ ifconfig
enp3s0f0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet x.x.x.x netmask 255.255.255.248 broadcast x.x.x.x
inet6 fe80::8c1:42dd:2438:33b4 prefixlen 64 scopeid 0x20<link>
ether b4:99:ba:07:1b:84 txqueuelen 1000 (Ethernet)
RX packets 1161835498 bytes 1459231492304 (1.3 TiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 667329446 bytes 153826520663 (143.2 GiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

enp3s0f1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.4.1 netmask 255.255.255.0 broadcast 192.168.4.255
inet6 fe80::d457:788:5e4e:fdc8 prefixlen 64 scopeid 0x20<link>
ether b4:99:ba:07:1b:86 txqueuelen 1000 (Ethernet)
RX packets 3498011573 bytes 2413765553200 (2.1 TiB)
RX errors 0 dropped 1007900 overruns 0 frame 0
TX packets 3699755715 bytes 3682487028580 (3.3 TiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

enp3s0f1:1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.1 netmask 255.255.255.0 broadcast 192.168.1.255
ether b4:99:ba:07:1b:86 txqueuelen 1000 (Ethernet)

enp3s0f1:2: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.0.0.1 netmask 255.255.255.0 broadcast 10.0.0.255
ether b4:99:ba:07:1b:86 txqueuelen 1000 (Ethernet)

lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 8148153 bytes 993519222 (947.4 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 8148153 bytes 993519222 (947.4 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

tun0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500
inet 10.8.0.1 netmask 255.255.255.0 destination 10.8.0.1
inet6 fe80::9768:215b:334:edbd prefixlen 64 scopeid 0x20<link>
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 100 (UNSPEC)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 3 bytes 144 (144.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0


Server config file:
server.conf

server
port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key # This file should be kept secret
remote-cert-eku "TLS Web Client Authentication"
dh dh2048.pem
topology subnet
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
keepalive 10 120
tls-crypt mybussines.tlsauth
cipher AES-256-CBC
user nobody
group nobody
persist-key
persist-tun
status openvpn-status.log
verb 4
explicit-exit-notify 1


Server log (at --verb 4 and client IP address removed)
CODE: SELECT ALL

Fri Jan 25 10:38:07 2019 us=162325 x.x.x.x:1194 Control Channel MTU parms [ L:1621 D:1156 EF:94 EB:0 ET:0 EL:3 ]
Fri Jan 25 10:38:07 2019 us=162351 x.x.x.x:1194 Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
Fri Jan 25 10:38:07 2019 us=162398 x.x.x.x:1194 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1557,tun-mtu 1500,proto UDPv4,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-server'
Fri Jan 25 10:38:07 2019 us=162415 x.x.x.x:1194 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1557,tun-mtu 1500,proto UDPv4,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-client'
Fri Jan 25 10:38:07 2019 us=162475 x.x.x.x:1194 TLS: Initial packet from [AF_INET]x.x.x.x:1194, sid=f2b09be7 3399c056
Fri Jan 25 10:38:12 2019 us=289603 x.x.x.x:1194 TLS: new session incoming connection from [AF_INET]x.x.x.x:1194
Fri Jan 25 10:38:17 2019 us=435251 x.x.x.x:1194 TLS: new session incoming connection from [AF_INET]x.x.x.x:1194
Fri Jan 25 10:39:07 2019 us=419880 x.x.x.x:1194 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Fri Jan 25 10:39:07 2019 us=419929 x.x.x.x:1194 TLS Error: TLS handshake failed
Fri Jan 25 10:39:07 2019 us=420064 x.x.x.x:1194 SIGUSR1[soft,tls-error] received, client-instance restarting
Fri Jan 25 10:39:22 2019 us=204116 MULTI: multi_create_instance called
Fri Jan 25 10:39:22 2019 us=204218 x.x.x.x:1194 Re-using SSL/TLS context
Fri Jan 25 10:39:22 2019 us=204316 x.x.x.x:1194 Control Channel MTU parms [ L:1621 D:1156 EF:94 EB:0 ET:0 EL:3 ]
Fri Jan 25 10:39:22 2019 us=204346 x.x.x.x:1194 Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
Fri Jan 25 10:39:22 2019 us=204397 x.x.x.x:1194 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1557,tun-mtu 1500,proto UDPv4,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-server'
Fri Jan 25 10:39:22 2019 us=204418 x.x.x.x:1194 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1557,tun-mtu 1500,proto UDPv4,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-client'
Fri Jan 25 10:39:22 2019 us=204465 x.x.x.x:1194 TLS: Initial packet from [AF_INET]x.x.x.x:1194, sid=22a744a4 fb0fcfbb
Fri Jan 25 10:39:27 2019 us=328519 x.x.x.x:1194 TLS: new session incoming connection from [AF_INET]x.x.x.x:1194
Fri Jan 25 10:39:37 2019 us=532014 x.x.x.x:1194 TLS: new session incoming connection from [AF_INET]x.x.x.x:1194


* Client *

Operating system:
C:\Users\Carlos>ver
Microsoft Windows [Versión 10.0.17134.523]

Network setup:
CODE: SELECT ALL
C:\Users\Carlos>ipconfig /all
Configuración IP de Windows

Nombre de host. . . . . . . . . : CarlosLap
Sufijo DNS principal . . . . . :
Tipo de nodo. . . . . . . . . . : híbrido
Enrutamiento IP habilitado. . . : no
Proxy WINS habilitado . . . . . : no
Lista de búsqueda de sufijos DNS: xxxxxxxxxx.net

Adaptador desconocido VPN - VPN Client:

Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS específico para la conexión. . :
Descripción . . . . . . . . . . . . . . . : VPN Client Adapter - VPN
Dirección física. . . . . . . . . . . . . : 5E-15-A9-D6-68-CE
DHCP habilitado . . . . . . . . . . . . . : sí
Configuración automática habilitada . . . : sí

Adaptador de Ethernet Ethernet 4:

Sufijo DNS específico para la conexión. . : xxxxxxxxxxxxx.net
Descripción . . . . . . . . . . . . . . . : Intel(R) Ethernet Connection (3) I218-LM
Dirección física. . . . . . . . . . . . . : 70-5A-0F-CB-35-FE
DHCP habilitado . . . . . . . . . . . . . : sí
Configuración automática habilitada . . . : sí
Dirección IPv6 . . . . . . . . . . : fd8c:d1d1:70d1:0:1d1c:35cb:e97c:68bc(Preferido)
Dirección IPv6 temporal. . . . . . : fd8c:d1d1:70d1:0:5c3f:704b:e4e9:93d7(Preferido)
Vínculo: dirección IPv6 local. . . : fe80::1d1c:35cb:e97c:68bc%29(Preferido)
Dirección IPv4. . . . . . . . . . . . . . : 10.10.1.130(Preferido)
Máscara de subred . . . . . . . . . . . . : 255.255.255.0
Concesión obtenida. . . . . . . . . . . . : lunes, 21 de enero de 2019 07:45:23
La concesión expira . . . . . . . . . . . : sábado, 26 de enero de 2019 09:09:05
Puerta de enlace predeterminada . . . . . : 10.10.1.1
Servidor DHCP . . . . . . . . . . . . . . : 10.10.1.1
IAID DHCPv6 . . . . . . . . . . . . . . . : 376461839
DUID de cliente DHCPv6. . . . . . . . . . : 00-01-00-01-22-A7-EF-12-F0-92-1C-5A-FD-D0
Servidores DNS. . . . . . . . . . . . . . : 8.8.8.8
8.8.4.4
10.10.1.1
NetBIOS sobre TCP/IP. . . . . . . . . . . : habilitado

Adaptador de Ethernet Ethernet 7:

Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS específico para la conexión. . :
Descripción . . . . . . . . . . . . . . . : TAP-Windows Adapter V9
Dirección física. . . . . . . . . . . . . : 00-FF-40-2F-78-ED
DHCP habilitado . . . . . . . . . . . . . : sí
Configuración automática habilitada . . . : sí

Client config file:
client.ovpn

client
client
tls-client
ca ca.crt
cert laguero.crt
key laguero.key
tls-crypt mybussines.tlsauth
remote-cert-eku "TLS Web Client Authentication"
proto udp
remote x.x.x.x 1194 udp
dev tun
topology subnet
pull
user nobody
group nobody



Client log (at --verb 4 and server name and IP address removed)
CODE: SELECT ALL

Fri Jan 25 10:38:09 2019 OpenVPN 2.4.6 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Apr 26 2018
Fri Jan 25 10:38:09 2019 Windows version 6.2 (Windows 8 or greater) 64bit
Fri Jan 25 10:38:09 2019 library versions: OpenSSL 1.1.0h 27 Mar 2018, LZO 2.10
Enter Management Password:
Fri Jan 25 10:38:09 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:1194
Fri Jan 25 10:38:09 2019 UDP link local (bound): [AF_INET][undef]:1194
Fri Jan 25 10:38:09 2019 UDP link remote: [AF_INET]x.x.x.x:1194
Fri Jan 25 10:38:09 2019 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Fri Jan 25 10:38:09 2019 TLS_ERROR: BIO read tls_read_plaintext error
Fri Jan 25 10:38:09 2019 TLS Error: TLS object -> incoming plaintext read error
Fri Jan 25 10:38:09 2019 TLS Error: TLS handshake failed
Fri Jan 25 10:38:09 2019 SIGUSR1[soft,tls-error] received, process restarting
Fri Jan 25 10:38:14 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:1194
Fri Jan 25 10:38:14 2019 UDP link local (bound): [AF_INET][undef]:1194
Fri Jan 25 10:38:14 2019 UDP link remote: [AF_INET]x.x.x.x:1194
Fri Jan 25 10:38:14 2019 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Fri Jan 25 10:38:14 2019 TLS_ERROR: BIO read tls_read_plaintext error
Fri Jan 25 10:38:14 2019 TLS Error: TLS object -> incoming plaintext read error
Fri Jan 25 10:38:14 2019 TLS Error: TLS handshake failed
Fri Jan 25 10:38:14 2019 SIGUSR1[soft,tls-error] received, process restarting
Fri Jan 25 10:38:19 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:1194
Fri Jan 25 10:38:19 2019 UDP link local (bound): [AF_INET][undef]:1194
Fri Jan 25 10:38:19 2019 UDP link remote: [AF_INET]x.x.x.x:1194
Fri Jan 25 10:38:19 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_CONTROL_V1)
Fri Jan 25 10:38:20 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_CONTROL_V1)
Fri Jan 25 10:38:22 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_ACK_V1)
Fri Jan 25 10:38:24 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_CONTROL_V1)
Fri Jan 25 10:38:24 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_CONTROL_V1)
Fri Jan 25 10:38:25 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_CONTROL_V1)
Fri Jan 25 10:38:26 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_ACK_V1)
Fri Jan 25 10:38:28 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_CONTROL_V1)
Fri Jan 25 10:38:31 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_CONTROL_V1)
Fri Jan 25 10:38:34 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_ACK_V1)
Fri Jan 25 10:38:39 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_CONTROL_V1)
Fri Jan 25 10:38:41 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_CONTROL_V1)
Fri Jan 25 10:38:44 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_CONTROL_V1)
Fri Jan 25 10:38:47 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_CONTROL_V1)
Fri Jan 25 10:38:50 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_ACK_V1)
Fri Jan 25 10:39:19 2019 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Fri Jan 25 10:39:19 2019 TLS Error: TLS handshake failed
Fri Jan 25 10:39:19 2019 SIGUSR1[soft,tls-error] received, process restarting
Fri Jan 25 10:39:24 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:1194
Fri Jan 25 10:39:24 2019 UDP link local (bound): [AF_INET][undef]:1194
Fri Jan 25 10:39:24 2019 UDP link remote: [AF_INET]x.x.x.x:1194
Fri Jan 25 10:39:24 2019 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Fri Jan 25 10:39:24 2019 TLS_ERROR: BIO read tls_read_plaintext error
Fri Jan 25 10:39:24 2019 TLS Error: TLS object -> incoming plaintext read error
Fri Jan 25 10:39:24 2019 TLS Error: TLS handshake failed
Fri Jan 25 10:39:24 2019 SIGUSR1[soft,tls-error] received, process restarting
Fri Jan 25 10:39:29 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:1194
Fri Jan 25 10:39:29 2019 UDP link local (bound): [AF_INET][undef]:1194
Fri Jan 25 10:39:29 2019 UDP link remote: [AF_INET]x.x.x.x:1194
Fri Jan 25 10:39:29 2019 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Fri Jan 25 10:39:29 2019 TLS_ERROR: BIO read tls_read_plaintext error
Fri Jan 25 10:39:29 2019 TLS Error: TLS object -> incoming plaintext read error
Fri Jan 25 10:39:29 2019 TLS Error: TLS handshake failed
Fri Jan 25 10:39:29 2019 SIGUSR1[soft,tls-error] received, process restarting
Fri Jan 25 10:39:39 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:1194
Fri Jan 25 10:39:39 2019 UDP link local (bound): [AF_INET][undef]:1194
Fri Jan 25 10:39:39 2019 UDP link remote: [AF_INET]x.x.x.x:1194
Fri Jan 25 10:39:39 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_ACK_V1)
Fri Jan 25 10:39:41 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_ACK_V1)
Fri Jan 25 10:39:43 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_CONTROL_V1)
Fri Jan 25 10:39:44 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_CONTROL_V1)
Fri Jan 25 10:39:45 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_ACK_V1)
Fri Jan 25 10:39:46 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_CONTROL_V1)
Fri Jan 25 10:39:53 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_ACK_V1)
Fri Jan 25 10:39:54 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_CONTROL_V1)
Fri Jan 25 10:39:59 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_CONTROL_V1)
Fri Jan 25 10:40:00 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_CONTROL_V1)
Fri Jan 25 10:40:03 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_CONTROL_V1)
Fri Jan 25 10:40:09 2019 TLS Error: Unroutable control packet received from [AF_INET]x.x.x.x:1194 (si=3 op=P_ACK_V1)
Fri Jan 25 10:40:40 2019 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Fri Jan 25 10:40:40 2019 TLS Error: TLS handshake failed
Fri Jan 25 10:40:40 2019 SIGUSR1[soft,tls-error] received, process restarting
Fri Jan 25 10:41:00 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:1194
Fri Jan 25 10:41:00 2019 UDP link local (bound): [AF_INET][undef]:1194
Fri Jan 25 10:41:00 2019 UDP link remote: [AF_INET]x.x.x.x:1194
Fri Jan 25 10:41:00 2019 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Fri Jan 25 10:41:00 2019 TLS_ERROR: BIO read tls_read_plaintext error
Fri Jan 25 10:41:00 2019 TLS Error: TLS object -> incoming plaintext read error
Fri Jan 25 10:41:00 2019 TLS Error: TLS handshake failed
Fri Jan 25 10:41:00 2019 SIGUSR1[soft,tls-error] received, process restarting
Fri Jan 25 10:41:40 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:1194
Fri Jan 25 10:41:40 2019 UDP link local (bound): [AF_INET][undef]:1194
Fri Jan 25 10:41:40 2019 UDP link remote: [AF_INET]x.x.x.x:1194
Fri Jan 25 10:41:40 2019 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Fri Jan 25 10:41:40 2019 TLS_ERROR: BIO read tls_read_plaintext error
Fri Jan 25 10:41:40 2019 TLS Error: TLS object -> incoming plaintext read error
Fri Jan 25 10:41:40 2019 TLS Error: TLS handshake failed
Fri Jan 25 10:41:40 2019 SIGUSR1[soft,tls-error] received, process restarting
Fri Jan 25 10:42:15 2019 SIGTERM[hard,init_instance] received, process exiting

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: Error connecting to server

Post by TinCanTech » Fri Jan 25, 2019 5:08 pm

carlosalf27 wrote:
Fri Jan 25, 2019 5:01 pm
client
tls-client
ca ca.crt
cert laguero.crt
key laguero.key
tls-crypt mybussines.tlsauth
remote-cert-eku "TLS Web Client Authentication"
proto udp
remote x.x.x.x 1194 udp
dev tun
topology subnet
pull
user nobody
group nobody
This should be:

Code: Select all

remote-cert-eku "TLS Web Server Authentication"
Because your client connects to a server.

And you do not need "topology subnet" in your client because your server will push this.

carlosalf27
OpenVpn Newbie
Posts: 6
Joined: Wed Jan 23, 2019 6:08 pm

Re: Error connecting to server

Post by carlosalf27 » Fri Jan 25, 2019 8:23 pm

Thank you so much, it was Solved

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: Error connecting to server

Post by TinCanTech » Fri Jan 25, 2019 8:36 pm

Thank you for letting us know 8-)

Post Reply