Authenticate/Decrypt packet error in openvpn

server vpn openvpn
6,752

It depends. It could be a replay attack, or a badly configured router sending packets again even after they've been received.

Essentially, OpenVPN signs every packet with a unique ID. When the client receives the packet, it records the packet ID. When the client receives a packet with a same unique ID, it drops the packet and raises a red flag.

Badly configured routers (and other network middle-ware) could resend packets over and over even though they have arrived at the client (which could be a reason why you saw the 700MB traffic), which would obviously cause a false alert with OpenVPN.

A malicious actor usually uses replay attacks to gain authentication. Usually, this is not much of an issue, because OpenVPN just drops duplicate packets and raises a warning. It is not so much of a MITM attack, because the actor still doesn't know how to decrypt those packets.

One more possibility is your system clock. When you turn back time, OpenVPN may confuse the unique IDs received and raise a false alarm. Make sure your NTP is working fine.

Share:
6,752

Related videos on Youtube

A. suda
Author by

A. suda

Updated on September 18, 2022

Comments

  • A. suda
    A. suda over 1 year

    An error message was shown when I was connecting with my openvpn server through tcp or udp connection (on an openvpn client windows), the message was "Authenticate/Decrypt packet error".

    Sat Jun 10 03:08:08 2017 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #235853 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Sat Jun 10 03:08:36 2017 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #491688 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Sat Jun 10 03:08:36 2017 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #491701 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings

    During this repeated message, about 700MB uploaded from my host!. Is this issue classified as Man In The Middle Attack (MITM)?

  • Nwawel A Iroume
    Nwawel A Iroume about 3 years
    fixing NTP which was wrong from the beginning did not solve my issue. I fixed it by changing my VMWare network from Bridged to NAT

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

OpenVPN client not getting DNS information
how to configure OpenVPN with only IPv6?
Connected to OpenVPN Server but can't SSH
OpenVPN does not connect via network manager plugin
How to automatically connect OpenConnect VPN when the connection closes?
OpenVPN setting up own server 2 errors
How do I share samba via Open VPN? Is that possible?
How to install PAM for OpenVPN server?
Install OpenVPN server and Easy-RSA
Connecting to SSH server which is behind VPN