AEAD Decrypt error: bad packet ID on openvpn using UDP
15,175
If the MTU is 1500, add mssfix 1431 at the bottom of your *.ovpn.
Explanation: get the credit from James Yonan's explanation, who's the owner of OpenVPN
With a TUN-style tunnel over UDP using the default TLS options, the per-packet overhead is:
- 41 bytes security layer overhead (includes packet tag (1), HMAC-SHA1 signature (20), initialization vector (16), sequence number (4))
- 28 bytes tunneling overhead (includes IP + UDP header)
- Total: 69 bytes per packet
Related videos on Youtube
41 : 15
Libreswan: teaching old code new tricks: Andrew Cagney
10 : 18
tryhackme | vulnNet writeup - walkthrough
23 : 01
Tutorial: pfsense OpenVPN Configuration For Remote Users 2020
45 : 57
VPN Cliente/Servidor com OpenVPN
49 : 08
Kernel Recipes 2015 - WireGuard: A Kernelspace VPN - by J. A. Donenfeld
Author by
SJang
Updated on September 18, 2022Comments
-
SJang over 1 year
having some sort of Decrypt error when using openvpn as UDP to connect to server, having this :
Mon Apr 22 17:46:17 2019 AEAD Decrypt error: bad packet ID (may be a replay): [ #49607 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings Mon Apr 22 17:46:34 2019 AEAD Decrypt error: bad packet ID (may be a replay): [ #51909 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings Mon Apr 22 17:46:50 2019 AEAD Decrypt error: bad packet ID (may be a replay): [ #54482 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warningsIf using TCP, getting no problem but I really need to use UDP as openvpn. Is there a way to solve this kind-of error problem?