Project

General

Profile

Actions
Copy link

Bug #3493

closed

mute-replay-warnings doesn't appear to work

Added by B. Derman about 11 years ago. Updated about 11 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
OpenVPN
Target version:
-
Start date:
02/27/2014
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.1
Affected Architecture:
i386

Description

Have the lines

mute-replay-warnings;
verb 1;

as entries in the OpenVPN Advanced Configuration box, but am still getting lots of messages like the following (only IPv4 in use)

Feb 25 13:50:34 openvpn61934: 209.121.225.198:8877 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #1 / time = (1393365006) Tue Feb 25 13:50:06 2014 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings

I believe the messages are actually due to the fact that neither iOS 7.0.6 nor 7.1b5 handle VPN on-demand processing properly when transitioning from WiFi to cellular. After multiple seconds worth of such failures, the server resets the connection and a successful connection follows. <sigh>

Actions
Copy link
 #1

Updated by Chris Buechler about 11 years ago

B. Derman - could you please update your email address to something that doesn't bounce? I get a slew of bounces from attempts to send to your email address. Can update it here:
https://redmine.pfsense.org/my/account

also FYI, the contact page on your website isn't usable as the captcha is broken.

Actions
Copy link
 #2

Updated by Chris Buechler about 11 years ago

  • Status changed from New to Feedback

mute-replay-warnings should work fine in general, if it doesn't, it's an issue in OpenVPN itself. I'm not aware of anything that can override that setting, if it's there, it should never log replay warnings. It's always worked when I've used it. Probably something you'll need to bring up on the OpenVPN forum to see if someone has an idea as to why that wouldn't work.

Actions
Copy link
 #3

Updated by B. Derman about 11 years ago

Re: ... please update your email address...
---
Done.

Re: ... the contact page on your website isn't usable as the captcha is broken.
---
Unless you happened to hit it one day when I was seeing what would happen if I made it even more aggressive (wasn't readable/usable), don't know what the issue would be as it gets lots of successful usage. If you have more detail, I'd be interested.

Actions
Copy link
 #4

Updated by Chris Buechler about 11 years ago

Thanks. The captcha image was only showing as a broken image when I tried, now it loads fine.

Actions
Copy link
 #5

Updated by Chris Buechler about 11 years ago

  • Status changed from Feedback to Closed

this does work, and any issues where it doesn't would be within OpenVPN itself.

Actions
Copy link

Also available in: Atom PDF