20%CPU usage, AEAD Decrypt error: bad packet ID (may be a replay): [ #1507564 ]

postcd · Post by **postcd** » Fri May 04, 2018 9:28 am

Hello,

on Windows 10 i saw openvpn.exe is using around 20% of the CPU long time and when i opened connection status via OpenVPN gui

i see this as a last line:
Fri May 04 11:18:01 2018 AEAD Decrypt error: bad packet ID (may be a replay): [ #1507564 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings

My installation details (the OpenVPN client PC reports this in VPN connection log):
OpenVPN 2.4.4 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Sep 26 2017
Windows version 6.2 (Windows 8 or greater) 64bit
library versions: OpenSSL 1.0.2l 25 May 2017, LZO 2.10

How can i prevent this in future or debug it if it happen again please?

TinCanTech · Post by **TinCanTech** » Fri May 04, 2018 11:41 am

postcd wrote: ↑
Fri May 04, 2018 9:28 am
AEAD Decrypt error: bad packet ID (may be a replay): [ #1507564 ]

A "replay attack" is when the same packet arrives more than once, also packets which arrive "out of order" .. and a few other scenarios ..

This is common when using proto UDP, which is the nature of UDP and why UDP is faster than TCP in the context of the VPN protocol.

Generally, this happens most when your VPN connection is maxing out your line speed and can be ignored.

If you suspect somebody is trying to tamper with your VPN packets then what can you really do about it ?

OpenVPN Support Forum

20%CPU usage, AEAD Decrypt error: bad packet ID (may be a replay): [ #1507564 ]

20%CPU usage, AEAD Decrypt error: bad packet ID (may be a replay): [ #1507564 ]

Re: 20%CPU usage, AEAD Decrypt error: bad packet ID (may be a replay): [ #1507564 ]