|
|
Well I tried to find out why for a while longer but decided to give up. Despite the errors, the tunnels never seemed to work any worse at all, or any better when they're gone? Guess it must be either (2) or (3). Just for info the errors would pop up every 10 seconds and the same with verb 9 and no mute. Server is Linux-2.4.22 client WinXP. The other 12 clients never had this trouble. HOWEVER my client is running XP SP2 (hadn't thought of that at the time), which could possibly have something to do with it as a few other programs are showing strange behavior. Also with the new firewall turned off, a few programs cant connect out but I think this is when they're using scripts/activeX. I'll uninstall SP2 later and let you know if anything happens. Many thanks for your help -----Original Message----- From: James Yonan [mailto:jim@xxxxxxxxx] Sent: 20 January 2004 20:43 To: Tyrone Omidi Cc: openvpn-users@xxxxxxxxxxxxxxxxxxxxx Subject: RE: [Openvpn-users] Authenticate/Decrypt packet error: packet HMAC authentication failed? Tyrone Omidi <tyrone.omidi@xxxxxxxxxxxxxxxx> said: > > I don't understand? If the keys are out of sync (different) how can the > connection still work? "HMAC authentication failed" could mean a number of different things: (1) You are using different keys on both sides of the connection. (2) Encrypted packets are somehow getting corrupted during network transit. (3) Non-OpenVPN packets are being sent to OpenVPN's port number. The connection can still "work" in the sense that there is UDP connectivity, but OpenVPN will drop any packet with a bad HMAC signature, i.e. one that does not match the key given in --secret (or the key which is dynamically generated in TLS mode). James > Thanks > > -----Original Message----- > From: openvpn-users-admin@xxxxxxxxxxxxxxxxxxxxx > [mailto:openvpn-users-admin@xxxxxxxxxxxxxxxxxxxxx] On Behalf Of Doug > Lytle > Sent: 19 January 2004 23:58 > To: openvpn-users@xxxxxxxxxxxxxxxxxxxxx > Subject: Re: [Openvpn-users] Authenticate/Decrypt packet error: packet > HMAC authentication failed? > > I usually see this when my keys are out of sync. > > Doug > > Tyrone Omidi wrote: > > >Hi, > > > >Mon Jan 19 23:09:47 2004 7: Authenticate/Decrypt packet error: packet > >HMAC authentication failed > > > >Can anyone tell me what this means and why it might happen? > > > > > > > > > > > > ------------------------------------------------------- > The SF.Net email is sponsored by EclipseCon 2004 > Premiere Conference on Open Tools Development and Integration > See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. > http://www.eclipsecon.org/osdn > _______________________________________________ > Openvpn-users mailing list > Openvpn-users@xxxxxxxxxxxxxxxxxxxxx > https://lists.sourceforge.net/lists/listinfo/openvpn-users > > > ________________________________________________________________________ > Please visit our website for Online Quotations / Bookings > http://www.sbsworldwide.com > ________________________________________________________________________ > This email and any files transmitted with it are confidential > and intended solely for the use of the individual or entity to > whom they are addressed. If you have received this email in > error please notify postmaster@xxxxxxxxxxxxxxxx > > This e-mail has been scanned for all viruses by Star Internet. > The service is powered by MessageLabs. > ________________________________________________________________________ > > > ------------------------------------------------------- > The SF.Net email is sponsored by EclipseCon 2004 > Premiere Conference on Open Tools Development and Integration > See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. > http://www.eclipsecon.org/osdn > _______________________________________________ > Openvpn-users mailing list > Openvpn-users@xxxxxxxxxxxxxxxxxxxxx > https://lists.sourceforge.net/lists/listinfo/openvpn-users > -- ________________________________________________________________________ Please visit our website for Online Quotations / Bookings http://www.sbsworldwide.com ________________________________________________________________________ This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify postmaster@xxxxxxxxxxxxxxxx This e-mail has been scanned for all viruses by Star Internet. The service is powered by MessageLabs. ________________________________________________________________________ ------------------------------------------------------- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. http://www.eclipsecon.org/osdn _______________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users |