Page 1 of 1
AEAD Decrypt error:
Posted: Mon Oct 19, 2020 8:14 am
by scorpoin
Hello to Community,
I observed some strange error messages while connected to my VPN server from windows 10,
Code: Select all
Mon Oct 19 12:35:38 2020 AEAD Decrypt error: bad packet ID (may be a replay): [ #6014 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
after that above error message client unable to brower any thing then I had to disconnect and reconnect the client . I'm using VPN tunnel as udp mode .
Regards
Scorpoin
Re: AEAD Decrypt error:
Posted: Mon Oct 19, 2020 2:34 pm
by TinCanTech
Generally, you can ignore this message, if it only happens once in a while.
If you get a lot of problems with it then it usually indicates some network problem.
You can use --replay-window to adjust OpenVPN replay protection.
Re: AEAD Decrypt error:
Posted: Wed Oct 21, 2020 4:52 am
by scorpoin
Thanks @TinCatTech , do I need to apply this parameter in server.conf and client.conf file ?
Regards
Re: AEAD Decrypt error:
Posted: Wed Oct 21, 2020 1:14 pm
by TinCanTech
scorpoin wrote: ↑Wed Oct 21, 2020 4:52 am
do I need to apply this parameter in server.conf and client.conf file ?
Probably required at both ends ..
Re: AEAD Decrypt error:
Posted: Fri Jan 31, 2025 1:01 am
by pzi123
What would be "some underlying network problem"? Out of the blue two nanopi arm64 openwrt 23.05.05 routers - quiet so far - pump this in `logread -f`- I hope this is not a CCP snooping
: (BTW: the IPs below are fake for CCP)
Code: Select all
Thu Jan 30 17:55:06 2025 daemon.err openvpn(pzi3_2_pzi_net_server)[3939]: rt1.pzi3-1.pzi.net/74.56.70.250:44063 AEAD Decrypt error: bad packet ID (may be a replay): [ #747524 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Thu Jan 30 17:55:06 2025 daemon.err openvpn(pzi3_2_pzi_net_server)[3939]: rt1.pzi3-1.pzi.net/74.56.70.250:44063 AEAD Decrypt error: bad packet ID (may be a replay): [ #747525 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Thu Jan 30 17:55:06 2025 daemon.err openvpn(pzi3_2_pzi_net_server)[3939]: rt1.pzi3-1.pzi.net/74.56.70.250:44063 AEAD Decrypt error: bad packet ID (may be a replay): [ #747526 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Platform details:
Code: Select all
root@rt1:~$ uname -a
Linux rt1.pzi3-2.pzi.net 6.1.57 #1 SMP Mon Nov 11 17:11:56 MST 2024 aarch64 GNU/Linux
root@rt1:~$ cat /etc/os-release
NAME="OpenWrt"
VERSION="23.05.5"
ID="openwrt"
ID_LIKE="lede openwrt"
PRETTY_NAME="OpenWrt 23.05.5"
VERSION_ID="23.05.5"
HOME_URL="https://openwrt.org/"
BUG_URL="https://bugs.openwrt.org/"
SUPPORT_URL="https://forum.openwrt.org/"
BUILD_ID="r24106-10cc5fcd00"
OPENWRT_BOARD="rockchip/armv8"
OPENWRT_ARCH="aarch64_generic"
OPENWRT_TAINTS="busybox"
OPENWRT_DEVICE_MANUFACTURER="OpenWrt"
OPENWRT_DEVICE_MANUFACTURER_URL="https://openwrt.org/"
OPENWRT_DEVICE_PRODUCT="Generic"
OPENWRT_DEVICE_REVISION="v0"
OPENWRT_RELEASE="OpenWrt 23.05.5 r24106-10cc5fcd00"