Page 1 of 1

TLS Error incoming packet authentication failed from

Posted: Tue Aug 02, 2022 12:07 pm
by DV
Hello,
After updating OpenVPN 2.3.x. to OpenVPN 2.4.4 I have a problem for authentication all devices

openvpnas.log

Code: Select all

2022-08-02T14:05:24+0200 [stdout#info] [OVPN 4] OUT: 'Tue Aug  2 12:05:24 2022 Authenticate/Decrypt packet error: packet HMAC authentication failed'
2022-08-02T14:05:24+0200 [stdout#info] [OVPN 4] OUT: 'Tue Aug  2 12:05:24 2022 TLS Error: incoming packet authentication failed from
server.config

Code: Select all

port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key  # This file should be kept secret
dh dh2048.pem
server 10.200.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
client-to-client
keepalive 10 120
tls-auth ta.key 0 # This file is secret
auth SHA256
cipher AES-128-CBC   # AES
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
verb 3
Collapse
Client.OPENVPN

Code: Select all

client
dev tun
proto udp
remote x.x.x.x 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert x.crt
key x.key
remote-cert-tls server
Tls-auth ta.key 0 
auth SHA256
cipher AES-128-CBC
comp-lzo
verb 3

Re: TLS Error incoming packet authentication failed from

Posted: Tue Aug 02, 2022 12:44 pm
by Pippin
If it was working before the update then probably it could be a user error.

server.config

Code: Select all

tls-auth ta.key 0
.
Client.OPENVPN

Code: Select all

Tls-auth ta.key 0

Re: TLS Error incoming packet authentication failed from

Posted: Tue Aug 02, 2022 1:07 pm
by DV
Same problem on this configuration:
Client

Code: Select all

client
dev tun
proto udp
remote x.x.x.x 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert x.crt
key x.key
remote-cert-tls server
tls-auth ta.key 1 
auth SHA256
cipher AES-128-CBC
comp-lzo
verb 3
Server.config

Code: Select all

port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key  # This file should be kept secret
dh dh2048.pem
server 10.200.0.0 255.255.254.0
ifconfig-pool-persist ipp.txt
client-config-dir ccd
client-to-client
keepalive 10 120
tls-auth ta.key 0 # This file is secret
auth SHA256
cipher AES-128-CBC   # AES
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
verb 4