Hi list,
This is an issue seen on FreeBSD 10.3 (OPNsense 16.7) with the
2.4-RC2 version, while 2.3.14 works as expected (connection ok):
Dec 23 09:10:58 openvpn[76817]: SIGTERM[hard,] received, process exiting
Dec 23 09:10:55 openvpn[76817]: /usr/local/sbin/ovpn-linkdown ovpns7 1500 1564
10.2.0.93 10.2.0.94 init
Dec 23 09:10:54 openvpn[76817]: event_wait : Interrupted system call (code=4)
Dec 23 09:10:46 openvpn[76817]: Authenticate/Decrypt packet error: bad packet
ID (may be a replay): [ #9 / time = (1482480605) Fri Dec 23 09:10:05 2016 ] --
see the man page entry for --no-replay and --replay-window for more info or
silence this warning with --mute-replay-warnings
Dec 23 09:10:46 openvpn[76817]: Authenticate/Decrypt packet error: bad packet
ID (may be a replay): [ #8 / time = (1482480605) Fri Dec 23 09:10:05 2016 ] --
see the man page entry for --no-replay and --replay-window for more info or
silence this warning with --mute-replay-warnings
Dec 23 09:10:36 openvpn[76817]: Authenticate/Decrypt packet error: bad packet
ID (may be a replay): [ #7 / time = (1482480605) Fri Dec 23 09:10:05 2016 ] --
see the man page entry for --no-replay and --replay-window for more info or
silence this warning with --mute-replay-warnings
Dec 23 09:10:36 openvpn[76817]: Authenticate/Decrypt packet error: bad packet
ID (may be a replay): [ #6 / time = (1482480605) Fri Dec 23 09:10:05 2016 ] --
see the man page entry for --no-replay and --replay-window for more info or
silence this warning with --mute-replay-warnings
Dec 23 09:10:26 openvpn[76817]: Authenticate/Decrypt packet error: bad packet
ID (may be a replay): [ #5 / time = (1482480605) Fri Dec 23 09:10:05 2016 ] --
see the man page entry for --no-replay and --replay-window for more info or
silence this warning with --mute-replay-warnings
Dec 23 09:10:26 openvpn[76817]: Authenticate/Decrypt packet error: bad packet
ID (may be a replay): [ #4 / time = (1482480605) Fri Dec 23 09:10:05 2016 ] --
see the man page entry for --no-replay and --replay-window for more info or
silence this warning with --mute-replay-warnings
Dec 23 09:10:15 openvpn[76817]: Authenticate/Decrypt packet error: bad packet
ID (may be a replay): [ #3 / time = (1482480605) Fri Dec 23 09:10:05 2016 ] --
see the man page entry for --no-replay and --replay-window for more info or
silence this warning with --mute-replay-warnings
Dec 23 09:10:15 openvpn[76817]: Authenticate/Decrypt packet error: bad packet
ID (may be a replay): [ #2 / time = (1482480605) Fri Dec 23 09:10:05 2016 ] --
see the man page entry for --no-replay and --replay-window for more info or
silence this warning with --mute-replay-warnings
Dec 23 09:10:07 openvpn[76817]: Peer Connection Initiated with
[AF_INET]212.79.xx.xx:14900
Dec 23 09:10:05 openvpn[76817]: Peer Connection Initiated with
[AF_INET]212.79.xx.xx:49298
dev ovpns7
verb 1
dev-type tun
tun-ipv6
dev-node /dev/tun7
writepid /var/run/openvpn_server7.pid
#user nobody
#group nobody
script-security 3
daemon
keepalive 10 60
ping-timer-rem
persist-tun
persist-key
proto udp
cipher AES-128-CBC
auth SHA1
up /usr/local/sbin/ovpn-linkup
down /usr/local/sbin/ovpn-linkdown
local 178.19.xx.xx
ifconfig 10.2.0.93 10.2.0.94
lport 1210
management /var/etc/openvpn/server7.sock unix
secret /var/etc/openvpn/server7.secret
route 10.255.252.0 255.255.255.0
route 172.16.0.0 255.255.255.0
tun-mtu 1500
fragment 1300
mssfix
The other side is an identical FreeBSD/OPNsense with 2.3.14. Any ideas or
request for further input?
Cheers,
Franco
------------------------------------------------------------------------------
Developer Access Program for Intel Xeon Phi Processors
Access to Intel Xeon Phi processor-based developer platforms.
With one year of Intel Parallel Studio XE.
Training and support from Colfax.
Order your platform today.http://sdm.link/intel
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
