Skip to main content
Unix & Linux

Return to Question

Notice removed Draw attention by CommunityBot
Bounty Ended with no winning answer by CommunityBot
Notice added Draw attention by 5andr0
Bounty Started worth 50 reputation by 5andr0
Tweeted twitter.com/StackUnix/status/1147928402135060480
deleted 43 characters in body
Source Link
Jeff Schaller
Jeff Schaller
  • 68.8k
  • 35
  • 122
  • 264

Separately I have a remote VPN service that I can connect to via an OpenVPN client from the Pi device. That I tested succesfullysuccessfully as well.

I have tried solutions like the one described in this similar question (Wireguard server with active OpenVPN client) with negative similar results: Once you activate the Open VPN client (tun1) the server (tun0) becomes unrecheableunreachable.

Here's what the routing table looks like when both intefacesinterfaces tun[01] are up

edit: I also tried the solution in OpenVPN Client and Server on same machine - Server doesn't allow connections when client is connected which I discovered after posting this question, to no avail. This would appear to be directly related to my issue but it's still not working. Here's what the server log looks like

Separately I have a remote VPN service that I can connect to via an OpenVPN client from the Pi device. That I tested succesfully as well.

I have tried solutions like the one described in this similar question (Wireguard server with active OpenVPN client) with negative similar results: Once you activate the Open VPN client (tun1) the server (tun0) becomes unrecheable.

Here's what the routing table looks like when both intefaces tun[01] are up

edit: I also tried the solution in OpenVPN Client and Server on same machine - Server doesn't allow connections when client is connected which I discovered after posting this question to no avail. This would appear to be directly related to my issue but it's still not working. Here's what the server log looks like

Separately I have a remote VPN service that I can connect to via an OpenVPN client from the Pi device. That I tested successfully as well.

I have tried solutions like the one described in this similar question (Wireguard server with active OpenVPN client) with negative similar results: Once you activate the Open VPN client (tun1) the server (tun0) becomes unreachable.

Here's what the routing table looks like when both interfaces tun[01] are up

I also tried the solution in OpenVPN Client and Server on same machine - Server doesn't allow connections when client is connected which I discovered after posting this question, to no avail. This would appear to be directly related to my issue but it's still not working.

deleted 20 characters in body
Source Link
Proto
Proto
  • 71
  • 4

Is there a way to make it so incoming/outgoing connections going to the port belonging toHere's the OVPNcurrent output of my openvpn server (1194) go through tun0? Is this the only thing I would need to change?

edit: I also tried the solution in OpenVPN Client and Server on same machine - Server doesn't allow connections when client is connected whichwhen I discovered after posting this question to no avail. This would appear to be directly relatedtry to my issue but it's still not workingconnect. Here's what the server log looks like

pi@raspberrypi:/etc/openvpn $ sudo more openvpn-status.log
OpenVPN CLIENT LIST
Updated,Sat Jun 29 23:30:41 2019
Common Name,Real Address,Bytes Received,Bytes Sent,Connected Since
UNDEF,172x.58x.87x.22x:39159,860,442,Sat Jun 29 23:30:02 2019

Sat Jun 29 23:34:47 2019 172x.58x.87x.22x:28162 TLS Error: incoming packet authentication failed from [AF_INET]172.58.87.22:28162
Sat Jun 29 23:34:48 2019 172x.58x.87x.22x:28162 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #1 / time = (1561869285) Sat Jun 29 23:34:45 2019 ] -- see the man page entry for --no-replay and --replay-window for more
info or silence this warning with --mute-replay-warnings
Sat Jun 29 23:34:48 2019 172x.58x.87x.22x:28162 TLS Error: incoming packet authentication failed from [AF_INET]172[AF_INET]x.58x.87x.22x:28162

Apparently the client connection is getting corrupted?

edit: I also tried the solution in OpenVPN Client and Server on same machine - Server doesn't allow connections when client is connected which I discovered after posting this question to no avail. This would appear to be directly related to my issue but it's still not working. Here's what the server log looks like

Is there a way to make it so incoming/outgoing connections going to the port belonging to the OVPN server (1194) go through tun0? Is this the only thing I would need to change?

edit: I also tried the solution in OpenVPN Client and Server on same machine - Server doesn't allow connections when client is connected which I discovered after posting this question to no avail. This would appear to be directly related to my issue but it's still not working. Here's what the server log looks like

pi@raspberrypi:/etc/openvpn $ sudo more openvpn-status.log
OpenVPN CLIENT LIST
Updated,Sat Jun 29 23:30:41 2019
Common Name,Real Address,Bytes Received,Bytes Sent,Connected Since
UNDEF,172.58.87.22:39159,860,442,Sat Jun 29 23:30:02 2019

Sat Jun 29 23:34:47 2019 172.58.87.22:28162 TLS Error: incoming packet authentication failed from [AF_INET]172.58.87.22:28162
Sat Jun 29 23:34:48 2019 172.58.87.22:28162 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #1 / time = (1561869285) Sat Jun 29 23:34:45 2019 ] -- see the man page entry for --no-replay and --replay-window for more
info or silence this warning with --mute-replay-warnings
Sat Jun 29 23:34:48 2019 172.58.87.22:28162 TLS Error: incoming packet authentication failed from [AF_INET]172.58.87.22:28162

Here's the current output of my openvpn server when I try to connect.

pi@raspberrypi:/etc/openvpn $ sudo more openvpn-status.log
OpenVPN CLIENT LIST
Updated,Sat Jun 29 23:30:41 2019
Common Name,Real Address,Bytes Received,Bytes Sent,Connected Since
UNDEF,x.x.x.x:39159,860,442,Sat Jun 29 23:30:02 2019

Sat Jun 29 23:34:47 2019 x.x.x.x:28162 TLS Error: incoming packet authentication failed from [AF_INET]172.58.87.22:28162
Sat Jun 29 23:34:48 2019 x.x.x.x:28162 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #1 / time = (1561869285) Sat Jun 29 23:34:45 2019 ] -- see the man page entry for --no-replay and --replay-window for more
info or silence this warning with --mute-replay-warnings
Sat Jun 29 23:34:48 2019 x.x.x.x:28162 TLS Error: incoming packet authentication failed from [AF_INET]x.x.x.x:28162

Apparently the client connection is getting corrupted?

edit: I also tried the solution in OpenVPN Client and Server on same machine - Server doesn't allow connections when client is connected which I discovered after posting this question to no avail. This would appear to be directly related to my issue but it's still not working. Here's what the server log looks like

added 357 characters in body
Source Link
Proto
Proto
  • 71
  • 4

edit: I also tried the solution in OpenVPN Client and Server on same machine - Server doesn't allow connections when client is connected which I discovered after posting this question to no avail. This would appear to be directly related to my issue but i'mit's still not sure how this would be supposed to helpworking. For once myHere's what the server log doesn't appear to be receiving any connections.looks like

pi@raspberrypi:/etc/openvpn $ sudo more openvpn-status.log
OpenVPN CLIENT LIST
Updated,Sat Jun 29 23:30:41 2019
Common Name,Real Address,Bytes Received,Bytes Sent,Connected Since
UNDEF,172.58.87.22:39159,860,442,Sat Jun 29 23:30:02 2019

This is what the error log looks like

Sat Jun 29 23:34:47 2019 172.58.87.22:28162 TLS Error: incoming packet authentication failed from [AF_INET]172.58.87.22:28162
Sat Jun 29 23:34:48 2019 172.58.87.22:28162 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #1 / time = (1561869285) Sat Jun 29 23:34:45 2019 ] -- see the man page entry for --no-replay and --replay-window for more
info or silence this warning with --mute-replay-warnings
Sat Jun 29 23:34:48 2019 172.58.87.22:28162 TLS Error: incoming packet authentication failed from [AF_INET]172.58.87.22:28162

edit: I also tried the solution in OpenVPN Client and Server on same machine - Server doesn't allow connections when client is connected which I discovered after posting this question to no avail. This would appear to be directly related to my issue but i'm not sure how this would be supposed to help. For once my server log doesn't appear to be receiving any connections.

edit: I also tried the solution in OpenVPN Client and Server on same machine - Server doesn't allow connections when client is connected which I discovered after posting this question to no avail. This would appear to be directly related to my issue but it's still not working. Here's what the server log looks like

pi@raspberrypi:/etc/openvpn $ sudo more openvpn-status.log
OpenVPN CLIENT LIST
Updated,Sat Jun 29 23:30:41 2019
Common Name,Real Address,Bytes Received,Bytes Sent,Connected Since
UNDEF,172.58.87.22:39159,860,442,Sat Jun 29 23:30:02 2019

This is what the error log looks like

Sat Jun 29 23:34:47 2019 172.58.87.22:28162 TLS Error: incoming packet authentication failed from [AF_INET]172.58.87.22:28162
Sat Jun 29 23:34:48 2019 172.58.87.22:28162 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #1 / time = (1561869285) Sat Jun 29 23:34:45 2019 ] -- see the man page entry for --no-replay and --replay-window for more
info or silence this warning with --mute-replay-warnings
Sat Jun 29 23:34:48 2019 172.58.87.22:28162 TLS Error: incoming packet authentication failed from [AF_INET]172.58.87.22:28162
added 357 characters in body
Source Link
Proto
Proto
  • 71
  • 4
Source Link
Proto
Proto
  • 71
  • 4