Menu
What's new
By:
Filters Better Search

AC86U with 384.5 VPN log question

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

J

JAF

Occasional Visitor
Quick question,

I'm using my 86U as an OpenVPN server so we can connect to it anytime we're on another WiFi. It's working great for all our devices. Looking thought the logs today, I'm noticing this entry a few times a day. It's at times I know no one is trying to connect to the VPN. Is this someone else trying to connect to my VPN server unsuccessfully? What do these log entries mean? Thanks!

Jun 24 16:47:26 ovpn-server1[2007]: 185.200.118.88:37919 TLS: Initial packet from [AF_INET]185.200.118.88:37919, sid=12121212 12121212

Jun 24 16:48:26 ovpn-server1[2007]: 185.200.118.88:37919 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)

Jun 24 16:48:26 ovpn-server1[2007]: 185.200.118.88:37919 TLS Error: TLS handshake failed

Jun 24 16:48:26 ovpn-server1[2007]: 185.200.118.88:37919 SIGUSR1[soft,tls-error] received, client-instance restarting
 
Thanks for confirming! That's the only service that is exposed and I'd like to keep it running instead of turning it off and on.
 
Simply changing the default port from 1194 to something non-standard will greatly reduce the number of attempts.
 
JAF said:
Quick question,

I'm using my 86U as an OpenVPN server so we can connect to it anytime we're on another WiFi. It's working great for all our devices. Looking thought the logs today, I'm noticing this entry a few times a day. It's at times I know no one is trying to connect to the VPN. Is this someone else trying to connect to my VPN server unsuccessfully? What do these log entries mean? Thanks!

Jun 24 16:47:26 ovpn-server1[2007]: 185.200.118.88:37919 TLS: Initial packet from [AF_INET]185.200.118.88:37919, sid=12121212 12121212

Jun 24 16:48:26 ovpn-server1[2007]: 185.200.118.88:37919 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)

Jun 24 16:48:26 ovpn-server1[2007]: 185.200.118.88:37919 TLS Error: TLS handshake failed

Jun 24 16:48:26 ovpn-server1[2007]: 185.200.118.88:37919 SIGUSR1[soft,tls-error] received, client-instance restarting
Click to expand...


I have almost identical entries in the system log, starting since April this year.

By coincidence, I did an analysis this afternoon and found that 80% of log in attempts are coming from servers in the same range, 185.200.118.0/24.

What puzzles me is that the log file entry is written by OpenVPN server, which on my router is listening on a non-standard port.

What I am trying to understand, is if this means that someone has correctly guessed the port, and has simply failed to log in because they did not have the correct (non-standard) user id and password?

Surely if the log in attempt was received on a different port, OpenVPN would not even see the attempt, and so would not write anything to the log file?
 
ColinTaylor said:
@PolarBearPerhaps you coincidentally moved it to another "standard" port.
Click to expand...

Thank you, that was most helpful. It turns out I was completely mistaken and have been using the standard port all along.

That explains why OpenVPN saw the port knocking and logged it to the system log.

Obviously, changing to a non-standard port would make things more difficult for someone trying to break in.

But if I do this, is it more likely that when I am travelling, the hotel's network will block my VPN connection ?
 
PolarBear said:
But if I do this, is it more likely that when I am travelling, the hotel's network will block my VPN connection ?
Click to expand...
I'm sure there are more seasoned travellers than me on these forums that can give better feedback. But in my limited experience I have found most places either allow everything or only HTTP/HTTPS. There's probably very few places that explicitly block port 1194.

I suppose if you did change your VPN to a non-standard port and then got stuck somewhere that blocked it you could use a mobile phone data connection to connect through the VPN, log into the router and change the port. Or, already have the second OpenVPN server configured for TPC/443 but not enabled. Then use your mobile login to turn it on.
 
You must log in or register to reply here.

Similar threads

B
Unable to establish VPN connection to my PiVPN (ovpn) from my Asus RT-AC86U running Asuswrt-Merlin 386.14
Replies
1
Views
218
eibgrad
eibgrad
T
[Help] Problems setting up OpenVPN
Replies
7
Views
308
Thookie
T
L
Openvpn internal error add route
Replies
0
Views
584
lucian
L
N
RT-AX86U-Pro, WAN disconnect every 36 hours
2
Replies
25
Views
2K
Nick24
N
Sergyk
VPN client
Replies
6
Views
685
eibgrad
eibgrad
Similar threads
Thread starter Title Forum Replies Date
B Unable to establish VPN connection to my PiVPN (ovpn) from my Asus RT-AC86U running Asuswrt-Merlin 386.14 Asuswrt-Merlin 1
C Need info on bringing AC86U back to life as AIMesh unit Asuswrt-Merlin 3
D VPN director issue on RT-AC86U (386.14 Merlin FW) Asuswrt-Merlin 9
nospamever Happy and sad for RT-AC86U Asuswrt-Merlin 10
H Extremely low speed on ac86u with openvpn client Asuswrt-Merlin 7
P EoL RT-AC86U replacement Asuswrt-Merlin 4
H GT-AC29000 and AC86U mesh together Asuswrt-Merlin 10
M RT-AC86U Errors after latest firmware update (386.14) Asuswrt-Merlin 3
criskoe Asus RT-AC86U Openvpn connected but not working Asuswrt-Merlin 9
B AC86U: boot the prior "bootfs_update" mtd as is? Asuswrt-Merlin 6

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Staff online

Members online

Total: 730 (members: 29, guests: 701)
Top