bad packet ID error messages on VPN server since client upgrade to Tunnelblick 3.4beta14
868 views
Skip to first unread message
rosscol...@gmail.com
Nov 14, 2013, 7:20:59 AM11/14/13
to tunnelbli...@googlegroups.com
I've upset my IT sysadmin since upgrading to OS X 10.9 and Tunnelblick 3.4beta14 (build 3649) (previously I was on OS X 10.7.4 on Tunnelblick 3.3). Apparently when transferring files across the VPN connection I'm generating lots of VPN server log entries, 20 per second during a
burst with a few seconds between bursts, that end up filling the log for large file transfers. Each entry looks like this:
burst with a few seconds between bursts, that end up filling the log for large file transfers. Each entry looks like this:
Nov 12 23:34:59 vpngate ovpn-ovpn-udp[2090]:
User_Name/X.X.X.184:54730 Authenticate/Decrypt packet error:
bad packet ID (may be a replay): [ #184730 ] -- see the man page entry for
--no-replay and --replay-window for more info or silence this warning with
--mute-replay-warnings
User_Name/X.X.X.184:54730 Authenticate/Decrypt packet error:
bad packet ID (may be a replay): [ #184730 ] -- see the man page entry for
--no-replay and --replay-window for more info or silence this warning with
--mute-replay-warnings
Any idea what may be causing this? I can dig out specific settings if that would help diagnose the problem, but I don't still have any client-slide log entries from the date of this particular error message and I don't have access to the server-side logs myself. Thanks.
jkbull...gmail.com
Nov 14, 2013, 7:37:43 AM11/14/13
to tunnelbli...@googlegroups.com, rosscol...@gmail.com
This is the first I've heard of this problem. Tunnelblick itself doesn't have much to do with the VPN traffic; OpenVPN does all that.
I'd appreciate it if you let us know how you resolve the situation.
So it could be something with OpenVPN, or something with Mavericks. Or could it be you are now using a different network (a wireless network, for example -- my understanding is that they sometimes cause replays).
Or -- unlikely -- maybe it really is a replay attack!
Perhaps you are using a different version of OpenVPN since you upgraded. Try changing the OpenVPN version on the Settings tab. (First select the configuration(s) whose setting(s) you want to change in the list on the left, then change it in the drop-down menu).
If that doesn't help, you probably should ask -- or have your IT department ask -- some OpenVPN experts for help:
I'd appreciate it if you let us know how you resolve the situation.
rosscol...@gmail.com
Nov 14, 2013, 8:28:41 AM11/14/13
to tunnelbli...@googlegroups.com, rosscol...@gmail.com
Thank you for the quick response and confirming that this is unlikely to be Tunnelblick itself causing the problem. I'm travelling at the moment and am connecting to a variety of wireless networks where my VPN traffic is being routed over. So it could just be a particular wireless network that I was using at the time. I'll check with my IT department whether the problem occurs again...
I'm using the default 2.2.1 version of OpenVPN - I hadn't realised that Tunnelblick included multiple versions that I could switch between. I'll experiment with that too if I get the chance. Has the default version of OpenVPN changed since the last stable release of Tunnelblick?
jkbull...gmail.com
Nov 14, 2013, 8:34:33 AM11/14/13
to tunnelbli...@googlegroups.com, rosscol...@gmail.com
Thanks for reporting back.
The default has not changed since 3.3 and remains OpenVPN 2.2.1, so if you haven't changed it that shouldn't be the problem.
You are probably correct that it was a particular wireless network causing the problem.
Reply all
Reply to author
Forward
0 new messages