search

letheanVPN / lthn-app-vpn

Client/Server dVPN
https://www.lt.hn
European Union Public License 1.2
36 stars 16 forks source link

Bad encapsulated packet length from peer #106

Closed ronnylov closed 5 years ago

ronnylov commented 5 years ago

Got some errors from openvpn on my exit node:

Jun 02 22:23:47 ca02 openvpn[3545]: WARNING: normally if you use --mssfix and/or --fragment, you should also set --tun-mtu 1500 (currently it is 1400)
Jun 02 22:23:47 ca02 openvpn[3545]: TCP connection established with [AF_INET]162.243.144.152:60680
Jun 02 22:23:47 ca02 openvpn[3545]: 162.243.144.152:60680 WARNING: Bad encapsulated packet length from peer (5635), which must be > 0 and <= 1526 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]
Jun 02 22:23:47 ca02 openvpn[3545]: 162.243.144.152:60680 Connection reset, restarting [0]
Jun 03 04:15:32 ca02 openvpn[3545]: WARNING: normally if you use --mssfix and/or --fragment, you should also set --tun-mtu 1500 (currently it is 1400)
Jun 03 04:15:32 ca02 openvpn[3545]: TCP connection established with [AF_INET]184.105.247.195:65434
Jun 03 04:15:32 ca02 openvpn[3545]: 184.105.247.195:65434 WARNING: Bad encapsulated packet length from peer (5635), which must be > 0 and <= 1526 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]
Jun 03 04:15:32 ca02 openvpn[3545]: 184.105.247.195:65434 Connection reset, restarting [0]
Jun 03 14:56:25 ca02 openvpn[3545]: WARNING: normally if you use --mssfix and/or --fragment, you should also set --tun-mtu 1500 (currently it is 1400)
Jun 03 14:56:25 ca02 openvpn[3545]: TCP connection established with [AF_INET]193.188.22.56:203
Jun 03 14:57:25 ca02 openvpn[3545]: 193.188.22.56:203 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Jun 03 14:57:25 ca02 openvpn[3545]: 193.188.22.56:203 TLS Error: TLS handshake failed
Jun 03 14:57:25 ca02 openvpn[3545]: 193.188.22.56:203 Fatal TLS error (check_tls_errors_co), restarting
Jun 03 15:14:44 ca02 openvpn[3545]: WARNING: normally if you use --mssfix and/or --fragment, you should also set --tun-mtu 1500 (currently it is 1400)
Jun 03 15:14:44 ca02 openvpn[3545]: TCP connection established with [AF_INET]154.47.32.66:63585
Jun 03 15:14:44 ca02 openvpn[3545]: 154.47.32.66:63585 WARNING: Bad encapsulated packet length from peer (5635), which must be > 0 and <= 1526 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]
Jun 03 15:14:44 ca02 openvpn[3545]: 154.47.32.66:63585 Connection reset, restarting [0]

"please ensure that --tun-mtu or --link-mtu is equal on both peers" How do I do that?

ronnylov commented 5 years ago

"this condition could also indicate a possible active attack on the TCP link" Should this make me worried?

ronnylov commented 5 years ago

Not seen this any more. I close it.