openvpn-install: it stuck on TLS: Initial Packet...

I have used this script before like 3 months ago or so , and it worked perfectly , then I wanted to upgrade the script and the authentications , so as You mentioned I have to remove the openvpn using your script then, update the script , and after that I rerun the configurations , and that exactly what happened, but since then I can’t connect to the server , it stuck on

"..TLS: Initial packet from [AF_INET6]..."

I also tried to install it on a fresh install of Ubuntu 16.4 , but same issue , any clue what causing this?!

About this issue

  • Original URL
  • State: closed
  • Created 6 years ago
  • Comments: 29 (15 by maintainers)

Most upvoted comments

Having the same issue. It worked perfeclty a month or so ago, and suddenly today it does not.

The log says:

Dec  5 10:20:00 SERVER ovpn-server[28828]: library versions: OpenSSL 1.1.1d  10 Sep 2019, LZO 2.10
Dec  5 10:20:00 SERVER ovpn-server[28828]: Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Dec  5 10:20:00 SERVER ovpn-server[28828]: Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Dec  5 10:20:00 SERVER ovpn-server[28828]: Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Dec  5 10:20:00 SERVER ovpn-server[28828]: Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Dec  5 10:20:00 SERVER ovpn-server[28828]: TLS-Auth MTU parms [ L:1621 D:1156 EF:94 EB:0 ET:0 EL:3 ]
Dec  5 10:20:00 SERVER ovpn-server[28828]: TUN/TAP device tun0 opened
Dec  5 10:20:00 SERVER ovpn-server[28828]: TUN/TAP TX queue length set to 100
Dec  5 10:20:00 SERVER ovpn-server[28828]: do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Dec  5 10:20:00 SERVER ovpn-server[28828]: /sbin/ip link set dev tun0 up mtu 1500
Dec  5 10:20:00 SERVER ovpn-server[28828]: /sbin/ip addr add dev tun0 10.8.0.1/24 broadcast 10.8.0.255
Dec  5 10:20:00 SERVER ovpn-server[28828]: Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
Dec  5 10:20:00 SERVER ovpn-server[28828]: Socket Buffers: R=[212992->212992] S=[212992->212992]
Dec  5 10:20:00 SERVER ovpn-server[28828]: setsockopt(IPV6_V6ONLY=0)
Dec  5 10:20:00 SERVER ovpn-server[28828]: UDPv6 link local (bound): [AF_INET6][undef]:1194
Dec  5 10:20:00 SERVER ovpn-server[28828]: UDPv6 link remote: [AF_UNSPEC]
Dec  5 10:20:00 SERVER ovpn-server[28828]: GID set to nogroup
Dec  5 10:20:00 SERVER ovpn-server[28828]: UID set to nobody
Dec  5 10:20:00 SERVER ovpn-server[28828]: MULTI: multi_init called, r=256 v=256
Dec  5 10:20:00 SERVER ovpn-server[28828]: IFCONFIG POOL: base=10.8.0.2 size=252, ipv6=0
Dec  5 10:20:00 SERVER ovpn-server[28828]: Initialization Sequence Completed
Dec  5 10:20:06 SERVER ovpn-server[28828]: MULTI: multi_create_instance called
Dec  5 10:20:06 SERVER ovpn-server[28828]: <v6clientaddr>:9543 Re-using SSL/TLS context
Dec  5 10:20:06 SERVER ovpn-server[28828]: <v6clientaddr>:9543 Control Channel MTU parms [ L:1621 D:1156 EF:94 EB:0 ET:0 EL:3 ]
Dec  5 10:20:06 SERVER ovpn-server[28828]: <v6clientaddr>:9543 Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
Dec  5 10:20:06 SERVER ovpn-server[28828]: <v6clientaddr>:9543 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1569,tun-mtu 1500,proto UDPv4,cipher AES-256-CBC,auth SHA256,keysize 256,key-method 2,tls-server'
Dec  5 10:20:06 SERVER ovpn-server[28828]: <v6clientaddr>:9543 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1569,tun-mtu 1500,proto UDPv4,cipher AES-256-CBC,auth SHA256,keysize 256,key-method 2,tls-client'
Dec  5 10:20:06 SERVER ovpn-server[28828]: <v6clientaddr>:9543 TLS: Initial packet from [AF_INET6]<v6clientaddr>:9543:59052, sid=47ae6ce4 45128a4f

However using local <localv6server> does not fix it for me. The log then states

Dec  5 10:25:04 USERVER ovpn-server[6063]: library versions: OpenSSL 1.1.1d  10 Sep 2019, LZO 2.10
Dec  5 10:25:04 USERVER ovpn-server[6063]: Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Dec  5 10:25:04 USERVER ovpn-server[6063]: Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Dec  5 10:25:04 USERVER ovpn-server[6063]: Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Dec  5 10:25:04 USERVER ovpn-server[6063]: Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Dec  5 10:25:04 USERVER ovpn-server[6063]: TLS-Auth MTU parms [ L:1621 D:1156 EF:94 EB:0 ET:0 EL:3 ]
Dec  5 10:25:04 USERVER ovpn-server[6063]: TUN/TAP device tun0 opened
Dec  5 10:25:04 USERVER ovpn-server[6063]: TUN/TAP TX queue length set to 100
Dec  5 10:25:04 USERVER ovpn-server[6063]: do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Dec  5 10:25:04 USERVER ovpn-server[6063]: /sbin/ip link set dev tun0 up mtu 1500
Dec  5 10:25:04 USERVER ovpn-server[6063]: /sbin/ip addr add dev tun0 10.8.0.1/24 broadcast 10.8.0.255
Dec  5 10:25:04 USERVER ovpn-server[6063]: Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
Dec  5 10:25:04 USERVER ovpn-server[6063]: Socket Buffers: R=[212992->212992] S=[212992->212992]
Dec  5 10:25:04 USERVER ovpn-server[6063]: setsockopt(IPV6_V6ONLY=0)
Dec  5 10:25:04 USERVER ovpn-server[6063]: TCP/UDP: Socket bind failed on local address [AF_INET6]<localv6server>:1194: Invalid argument (errno=22)
Dec  5 10:25:04 USERVER ovpn-server[6063]: Exiting due to fatal error
Dec  5 10:25:04 USERVER ovpn-server[6063]: Closing TUN/TAP interface
Dec  5 10:25:04 USERVER ovpn-server[6063]: /sbin/ip addr del dev tun0 10.8.0.1/24

Any ideas? Reopen the issue?

+1
ax-meyer on Dec 5, 2019

@randomshell I assume the packets will be rejected by OpenVPN, but they won’t be dropped before being checked by OpenVPN so nmap can find that the port is opened.

+1
angristan on Sep 20, 2018
Read more comments on GitHub
← openvpn-install: Can't connect to the VPN, RNG errors
openvpn-install: OpenVPN Connect on Windows does not support tls-crypt →