'Re: [Openvpn-users] Quite a few "Authenticate/Decrypt packet error: bad packet ID (may be a replay)"'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openvpn-users
Subject:    Re: [Openvpn-users] Quite a few "Authenticate/Decrypt packet error: bad packet ID (may be a replay)"
From:       Hans via Openvpn-users <openvpn-users () lists ! sourceforge ! net>
Date:       2020-06-15 15:17:10
Message-ID: 31mjvg3ryf-1 () 0151ims402 ! msg ! iegi ! nl
[Download RAW message or body]

Hi,

I noticed those "--mute-replay-warnings" to.
But it wondered, is it wise and/or safe to mute those warnings?
They were brought up (I presume) for a good reason...

Hans.


-----Original Message-----
From: Ralf Hildebrandt <Ralf.Hildebrandt@charite.de>
Sent: Monday, June 15, 2020 4:43 PM
To: openvpn-users@lists.sourceforge.net
Subject: [Openvpn-users] Quite a few "Authenticate/Decrypt packet error: bad packet \
ID (may be a replay)" warnings

Today I investigated messages like these:

2020-06-15 16:36:40 openvpn-int ovpn-server-udp 46.183.103.17:21378 \
Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #2 / time = \
(1592231796) Mon Jun 15 16:36:36 2020 ] -- see the man page entry for --no-replay and \
--replay-window for more info or silence this warning with --mute-replay-warnings

In the end I wanted to add "mute-replay-warnings" to our config, since most of these \
messages come from our internal WiFi network.

I then looked at my config and found that "mute-replay-warnings" was already in \
effect... Using 2.4.9-bionic0 from Ubuntu. And yes, the process had been starded \
after the config change was made.

Could it be that this option is not working?

Ralf Hildebrandt
Charité - Universitätsmedizin Berlin
Geschäftsbereich IT | Abteilung Netzwerk

Campus Benjamin Franklin (CBF)
Haus I | 1. OG | Raum 105
Hindenburgdamm 30 | D-12203 Berlin

Tel. +49 30 450 570 155
ralf.hildebrandt@charite.de
https://www.charite.de

Dit bericht kan informatie bevatten die niet voor u is bestemd. Indien u niet de \
geadresseerde bent of dit bericht abusievelijk aan u is toegezonden, wordt u verzocht \
dat aan de afzender te melden en het bericht te verwijderen. De Staat aanvaardt geen \
aansprakelijkheid voor schade, van welke aard ook, die verband houdt met risico's \
verbonden aan het elektronisch verzenden van berichten.

This message may contain information that is not intended for you. If you are not the \
addressee or if this message was sent to you by mistake, you are requested to inform \
the sender and delete the message. The State accepts no liability for damage of any \
kind resulting from the risks inherent in the electronic transmission of messages.

_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic