Packet authentication failure with tls-auth

[oguzklc]

Cannot connect to vpn with ovpn file. I use ConfigurationParser class to parse client.ovpn file and it can parse this file. However, connection cannot be established. Logs are below when try to establish connection :

2019-02-01 11:47:30.795 INFO TunnelKitProvider.startTunnel():179 - Starting tunnel...
2019-02-01 11:47:30.817 INFO TunnelKitProvider+Configuration.print():459 - Protocols: [TCP:1198]
2019-02-01 11:47:30.817 INFO TunnelKitProvider+Configuration.print():460 - Cipher: AES-256-CBC
2019-02-01 11:47:30.817 INFO TunnelKitProvider+Configuration.print():461 - Digest: HMAC-SHA1
2019-02-01 11:47:30.817 INFO TunnelKitProvider+Configuration.print():465 - Client verification: disabled
2019-02-01 11:47:30.817 INFO TunnelKitProvider+Configuration.print():467 - MTU: 1350
2019-02-01 11:47:30.818 INFO TunnelKitProvider+Configuration.print():468 - Compression framing: comp-lzo
2019-02-01 11:47:30.818 INFO TunnelKitProvider+Configuration.print():472 - Keep-alive: never
2019-02-01 11:47:30.818 INFO TunnelKitProvider+Configuration.print():477 - Renegotiation: never
2019-02-01 11:47:30.819 INFO TunnelKitProvider+Configuration.print():480 - TLS wrapping: auth
2019-02-01 11:47:30.819 INFO TunnelKitProvider+Configuration.print():484 - Debug: true

2019-02-01 11:47:31.132 ERROR SessionProxy.loopLink():419 - Failed LINK read: Error Domain=NSPOSIXErrorDomain Code=57 "Socket is not connected"

2019-02-01 11:47:31.209 ERROR TunnelKitProvider.finishTunnelDisconnection():296 - Tunnel did stop (error: linkError)

Server errors are below :

Thu Jan 31 16:53:11 2019 TCP connection established with [AF_INET]xxx.xx.xxx.xx:xxxx
Thu Jan 31 16:53:11 2019 xxx.xx.xxx.xx:xxxx TLS: Initial packet from [AF_INET]xxx.xx.xxx.xx:xxxx, sid=3b85a451 fe3ffe6a
Thu Jan 31 16:53:12 2019 xxx.xx.xxx.xx:xxxx Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #12 / time = (1548942796) Thu Jan 31 $
Thu Jan 31 16:53:12 2019 xxx.xx.xxx.xx:xxxxTLS Error: incoming packet authentication failed from [AF_INET]xxx.xx.xxx.xx:xxxx
Thu Jan 31 16:53:12 2019 xxx.xx.xxx.xx:xxxx Fatal TLS error (check_tls_errors_co), restarting
Thu Jan 31 16:53:12 2019 xxx.xx.xxx.xx:xxxx SIGUSR1[soft,tls-error] received, client-instance restarting

[rodrigocasillas]

Same with me

[keeshux]

You're very probably using either:

1. A wrong key for tls-auth
2. The right key with a wrong key-direction

[oguzklc]

I use this client.ovpn file on OpenVPN app and can connect to vpn without any problem. However, I cannot connect to vpn with this code. I use ConfigurationParser to parse client.ovpn file and it can parse.

[keeshux]

Then you'll have to share your .ovpn file.

[oguzklc]

I sent an email to [email protected]. This mail include client.ovpn file, username and password.

[keeshux]

As usual, also make sure that the server has compression disabled. ATM I can't recall if compression may be involved in the handshake too, even though I tend to believe it's not. Better double check regardless.

[keeshux]

@oguzklc any update?

[keeshux]

@oguzklc do you believe this is a duplicate? #88

User reports that the error persists despite disabling tls-auth.

[wfs498121294]

same with me

[qq5050595531]

same error,how to fix it