I've searched for this error and found topics and solutions that didn't work for me.
Anybody can help?
Server.conf
mode server
port 1194
proto udp
dev tun
tun-mtu 1500
ca /etc/openvpn/server/ca.crt
cert /etc/openvpn/server/issued/server.crt
key /etc/openvpn/server/private/server.key
dh /etc/openvpn/dh2048.pem
tls-auth /etc/openvpn/server/ta.key
key-direction 1
server 10.8.1.0 255.255.255.0
log /var/log/openvpn/openvpn.log
topology subnet
client-to-client
client-config-dir /etc/openvpn/ccd
route 10.8.1.0 255.255.255.0
ifconfig-pool-persist ipp.txt
keepalive 10 120
tls-cert-profile preferred
remote-cert-tls client
verify-client-cert require
tls-server
user nobody
group nobody
persist-key
persist-tun
cipher AES-256-GCM
status /var/log/openvpn/status.log
verb 6
mute 20
explicit-exit-notify 1
auth SHA256
comp-lzo
cliente.ovpn
client
tls-client
dev tun
tun-mtu 1500
proto udp
remote 138.121.192.72 1194
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
cipher AES-256-GCM
verb 3
mute 20
comp-lzo
auth SHA256
dhcp-option DNS 8.8.8.8
tls-client
key cliente.key
ca ca.crt
cert cliente.crt
tls-auth ta.key
key-direction 1
Error: TLS Error: incoming packet authentication failed from [AF_INET] and Authenticate/Decrypt packet error: packet HMA
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
-
jpqn
- OpenVpn Newbie
- Posts: 3
- Joined: Mon Oct 30, 2023 10:59 pm
-
jpqn
- OpenVpn Newbie
- Posts: 3
- Joined: Mon Oct 30, 2023 10:59 pm
Re: Error: TLS Error: incoming packet authentication failed from [AF_INET] and Authenticate/Decrypt packet error: packet
server
mode server
port 1194
proto udp
dev tun
tun-mtu 1500
ca /etc/openvpn/server/ca.crt
cert /etc/openvpn/server/issued/server.crt
key /etc/openvpn/server/private/server.key
dh /etc/openvpn/dh2048.pem
tls-auth /etc/openvpn/server/ta.key
key-direction 1
server 10.8.1.0 255.255.255.0
log /var/log/openvpn/openvpn.log
topology subnet
client-to-client
client-config-dir /etc/openvpn/ccd
route 10.8.1.0 255.255.255.0
ifconfig-pool-persist ipp.txt
keepalive 10 120
tls-cert-profile preferred
remote-cert-tls client
verify-client-cert require
tls-server
user nobody
group nobody
persist-key
persist-tun
cipher AES-256-GCM
status /var/log/openvpn/status.log
verb 6
mute 20
explicit-exit-notify 1
auth SHA256
comp-lzo
-
RemoteOne
- OpenVPN User
- Posts: 34
- Joined: Wed Sep 18, 2019 10:11 am
Re: Error: TLS Error: incoming packet authentication failed from [AF_INET] and Authenticate/Decrypt packet error: packet
Do you recognise the reported IP addresses?
I get similar messages all the time from random unknown IP Addresses - for example
tls-crypt unwrap error: packet too short
TLS Error: tls-crypt unwrapping failed from [AF_INET]nnn.nnn.nnn.nnn:ppppp
- I suspect they are random scammer bots searching for open ports but unable to authenticate when they find an OpenVPN port
You can use fail2ban to ban repeated callers
If you do recognise the IP Address(es) then you may have mismatched server/client configs. See this thread viewtopic.php?f=30&t=22603#p68966
I get similar messages all the time from random unknown IP Addresses - for example
tls-crypt unwrap error: packet too short
TLS Error: tls-crypt unwrapping failed from [AF_INET]nnn.nnn.nnn.nnn:ppppp
- I suspect they are random scammer bots searching for open ports but unable to authenticate when they find an OpenVPN port
You can use fail2ban to ban repeated callers
If you do recognise the IP Address(es) then you may have mismatched server/client configs. See this thread viewtopic.php?f=30&t=22603#p68966