Hi On Mon, May 25, 2020 at 1:28 PM Aleksandar Ivanisevic <aleksan...@ivanisevic.de> wrote: > > Hi, > > every time I restart the server (2.4.7 from debian 10.4) i see weird floating > requests, e.g. > > May 22 19:27:52 qbs01 openvpn[16384]: Float requested for peer 1 to > 1.2.3.4:5002 > > followed immediately by > > May 22 19:27:52 server openvpn[16384]: TLS Error: local/remote TLS keys are > out of sync: [AF_INET]5.6.7.8:9249 (via [AF_INET]192.168.2.3%vdsl) [6] > > it is physically impossible that anything floats to the IP above as this is a > fixed IP that never floats and always belongs to the client YYY > > i thought nothing of it, as it everything would eventually resolve, until > yesterday... > > May 22 19:28:06 server openvpn[16384]: XXX/1.2.3.4:5002 TLS Auth Error: TLS > object CN attempted to change from ‘XXX' to ‘YYY' -- tunnel disabled > > remote client got > > May 22 19:28:07 YYY openvpn[492871]: AUTH: Received control message: > AUTH_FAILED > May 22 19:28:08 YYY openvpn[492871]: SIGTERM[soft,exit-with-notification] > received, process exiting > > and that was it, game over, my VPN was down the whole night until someone > woke me up az 5:30am Saturday morning and I restarted the client. > > how is this possible? YYY always has the same IP and port 1.2.3.4:5002, the > float requests to it are from random other clients, different every time.
Probably related to Trac 1272? See https://community.openvpn.net/openvpn/ticket/1272 if so, this was recently fixed in 2.4 and master -- should be in the 2.4.9 release. Selva _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
