Mikrotik tls crypt unwrap error packet too short - Исправление ошибок и поиск оптимальных решений проблем

Hello openvpn forum,

I try to create a VPN, currently with a server and a client.
My problem is, I have arch linux server for the openVPN server and
a debian server for the openVPN client.

Used packets:
Arch Linux: openvpn (2.4.9-2)
Debian: openvpn (2.4.7-1)

I used the Arch Linux tutorial for the openVPN server side.
https://wiki.archlinux.org/index.php/Op … ation_file
https://wiki.archlinux.org/index.php/Easy-RSA
=> Elliptic curve cryptography.

For the client side of openVPN the I used the debian tutorial.
https://wiki.debian.org/OpenVPN

To test my setup I started the server side and and then on an other maschine my client.

Server output:

Code: Select all

Mon Aug 31 21:15:07 2020 Initialization Sequence Completed
Mon Aug 31 21:31:00 2020 tls-crypt unwrap error: packet too short
Mon Aug 31 21:31:00 2020 TLS Error: tls-crypt unwrapping failed from [AF_INET]XXXXX:33577
Mon Aug 31 21:31:02 2020 tls-crypt unwrap error: packet too short
Mon Aug 31 21:31:02 2020 TLS Error: tls-crypt unwrapping failed from [AF_INET]XXXXX:33577
Mon Aug 31 21:31:06 2020 tls-crypt unwrap error: packet too short
Mon Aug 31 21:31:06 2020 TLS Error: tls-crypt unwrapping failed from [AF_INET]XXXXX:33577

Client output:

Code: Select all

Mon Aug 31 19:31:00 2020 OpenVPN 2.4.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 20 2019
Mon Aug 31 19:31:00 2020 library versions: OpenSSL 1.1.1d  10 Sep 2019, LZO 2.10
Mon Aug 31 19:31:00 2020 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Mon Aug 31 19:31:00 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]YYYYY:1194
Mon Aug 31 19:31:00 2020 Socket Buffers: R=[212992->212992] S=[212992->212992]
Mon Aug 31 19:31:00 2020 UDP link local: (not bound)
Mon Aug 31 19:31:00 2020 UDP link remote: [AF_INET]YYYYY:1194
Mon Aug 31 19:32:01 2020 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Mon Aug 31 19:32:01 2020 TLS Error: TLS handshake failed
Mon Aug 31 19:32:01 2020 SIGUSR1[soft,tls-error] received, process restarting
Mon Aug 31 19:32:01 2020 Restart pause, 5 second(s)

Server config:

Code: Select all

port 1194
proto udp
dev tun

ca /etc/openvpn/server/ca.crt
cert /etc/openvpn/server/openVPN_srv.crt
key /etc/openvpn/server/openVPN_srv.key  # This file should be kept secret
tls-crypt /etc/openvpn/server/ta.key
cipher AES-256-CBC

dh none
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
keepalive 10 120
user nobody
group nobody
persist-key
persist-tun
status openvpn-status.log
verb 3
explicit-exit-notify 1
cipher AES-256-GCM

cipher AES-256-GCM
auth SHA512
tls-version-min 1.2
tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-128-GCM-SHA256:TLS-DHE-RSA-WITH-AES-256-CBC-SHA:TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA:TLS-DHE-RSA-WITH-AES-128-CBC-SHA:TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA

Client config:

Code: Select all

client
port 1194
proto udp

remote mydomain.de 1194             # VPN server IP : PORT
nobind

ca /etc/openvpn/easy-rsa/keys/ca.crt
cert /etc/openvpn/easy-rsa/keys/openVPN_client_build.crt
key /etc/openvpn/easy-rsa/keys/openVPN_client_build.key

dev tun
#comp-lzo
#persist-key
#persist-tun
verb 3

How to fix this problem, or setup my configs correctly?
Greetings, KokosBot.

Источник

Содержание

OpenVPN Support Forum
OpenWRT LEDE — TLS Error: tls-crypt unwrapping failed from
OpenWRT LEDE — TLS Error: tls-crypt unwrapping failed from
Re: TLS Error: tls-crypt unwrapping failed from
Re: TLS Error: tls-crypt unwrapping failed from
Re: TLS Error: tls-crypt unwrapping failed from
Re: TLS Error: tls-crypt unwrapping failed from
Re: TLS Error: tls-crypt unwrapping failed from
Re: TLS Error: tls-crypt unwrapping failed from
Re: TLS Error: tls-crypt unwrapping failed from
Re: TLS Error: tls-crypt unwrapping failed from
Re: TLS Error: tls-crypt unwrapping failed from
Re: TLS Error: tls-crypt unwrapping failed from
Re: TLS Error: tls-crypt unwrapping failed from
Re: TLS Error: tls-crypt unwrapping failed from
Re: OpenWRT LEDE — TLS Error: tls-crypt unwrapping failed from
Re: OpenWRT LEDE — TLS Error: tls-crypt unwrapping failed from
Re: OpenWRT LEDE — TLS Error: tls-crypt unwrapping failed from
Re: OpenWRT LEDE — TLS Error: tls-crypt unwrapping failed from
OpenVPN Support Forum
tls-crypt unwrap error: bad packet ID (may be a replay): [ #1 / time = (1578390112) Tue Jan 7 09:41:52 2020 ] — see th
tls-crypt unwrap error: bad packet ID (may be a replay): [ #1 / time = (1578390112) Tue Jan 7 09:41:52 2020 ] — see th
Re: tls-crypt unwrap error: bad packet ID (may be a replay): [ #1 / time = (1578390112) Tue Jan 7 09:41:52 2020 ] — se
Re: tls-crypt unwrap error: bad packet ID (may be a replay): [ #1 / time = (1578390112) Tue Jan 7 09:41:52 2020 ] — se
Re: tls-crypt unwrap error: bad packet ID (may be a replay): [ #1 / time = (1578390112) Tue Jan 7 09:41:52 2020 ] — se
OpenVPN Support Forum
TLS Error: tls-crypt unwrapping failed
TLS Error: tls-crypt unwrapping failed
tls-crypt unwrap error: packet too short #21
Comments
OpenVPN Support Forum
unwrap error: packet too short
unwrap error: packet too short
Re: unwrap error: packet too short
Re: unwrap error: packet too short
Re: unwrap error: packet too short
Re: unwrap error: packet too short
Re: unwrap error: packet too short
Re: unwrap error: packet too short
Re: unwrap error: packet too short
Re: unwrap error: packet too short
Re: unwrap error: packet too short
Re: unwrap error: packet too short
Re: unwrap error: packet too short
Re: unwrap error: packet too short
Re: unwrap error: packet too short
Re: unwrap error: packet too short

OpenVPN Support Forum

Community Support Forum

OpenWRT LEDE — TLS Error: tls-crypt unwrapping failed from

Post by mrgenie » Mon Jan 09, 2017 11:32 pm

Tue Jan 10 00:31:14 2017 tls-crypt unwrap error: packet too short
Tue Jan 10 00:31:14 2017 TLS Error: tls-crypt unwrapping failed from [AF_INET6]::ffff:93.245.255.104:55912

How to fix this error?

OpenVPN 2.4.0 windows (server)
and
OpenVPN 2.4.0 Linux (openWRT/DD-wrt/LEDE they all have the same message) as client

windows — windows client I don’t see this error
linux — linux I don’t see it either.

windows server — linux client = error message..

Re: TLS Error: tls-crypt unwrapping failed from

Post by mrgenie » Mon Jan 09, 2017 11:38 pm

ehm.. I know reverting back to tls-auth solves this error message, but that’s not what I’m asking really although it fixes the error..

I do want to use the tls-crypt but working LOL

Re: TLS Error: tls-crypt unwrapping failed from

Post by mrgenie » Mon Jan 09, 2017 11:58 pm

never mind.. although I ./scripts/feeds update -a
and ./scripts/feeds install -a

then I did make and it did show 2.4.0 in the GUI interface but in command openvpn shows version 2.3.13

so I guess I have to do make dirclean

or even make distclean which I hope to avoid so my menuconfig remains..

Re: TLS Error: tls-crypt unwrapping failed from

Post by mrgenie » Tue Jan 10, 2017 2:16 am

well. I now have definately 2.4.0 running and still the error.

tls-crypt with the ta.key under linux can’t connect to a windows 2.4.0 with tls-crypt.

Re: TLS Error: tls-crypt unwrapping failed from

Post by mrgenie » Tue Jan 10, 2017 12:27 pm

than everything is working out of the box and all verifications result in OK and no errors whatsoever!

So it’s really the tls-crypt on the linux side as other windows clients with tls-crypt just work fine!

Re: TLS Error: tls-crypt unwrapping failed from

Post by TinCanTech » Tue Jan 10, 2017 5:06 pm

I have a W10 Server and a Linux client both running openvpn-2.4.0 with — tls-crypt enabled correctly and it works perfectly for me. You must restart your server & client if you change a configuration option.

Re: TLS Error: tls-crypt unwrapping failed from

Post by mrgenie » Wed Jan 11, 2017 9:09 pm

Thank you for your reply.
I did already restart the whole system. Shutdown. No power.
So I’m pretty sure it’s not a restart issue.

If it works on your end, then I presume it’s working and thus something
is wrong on my end.

I’ll build the firmware from scratch. Maybe some old 2.3 objects still somewhere
in the firmware, although it says 2.4.0 when I openvpn —version.

But thank you anyway, now I know it’s working for someone, it means it should be working
for me as well.

Re: TLS Error: tls-crypt unwrapping failed from

Post by chuckler » Sun Jan 15, 2017 6:06 pm

I’m having the same problem with a LEDE build in a router. I’m using OpenVPN 2.4.0 but still it looks like the

is not applied to the LEDE code, because if you enabled it you can still connect to the server if you disable the tls-auth option in the server config.

Maybe it’s something to do with LEDE/OpenWRT, I’ll open a new post in their forums.

Re: TLS Error: tls-crypt unwrapping failed from

Post by chuckler » Sun Jan 15, 2017 6:13 pm

this is the post on the LEDE forums.

Maybe we could help them.

Re: TLS Error: tls-crypt unwrapping failed from

Post by TinCanTech » Sun Jan 15, 2017 8:25 pm

Re: TLS Error: tls-crypt unwrapping failed from

Post by mrgenie » Tue Jan 24, 2017 8:46 pm

I found out the error comes from AES-256-GCM

or any other encryption method.

The only thing that tls-crypt is compatible with is AES-256-CTR

All other encryption options are now just useless if you want to use tls-crypt.

Re: TLS Error: tls-crypt unwrapping failed from

Post by mrgenie » Wed Jan 25, 2017 7:43 am

Ok, so it should work with AES-256-GCM as it applies CTR

Must be LEDE/OpenWRT specific then.

Back to LEDE forums

Re: TLS Error: tls-crypt unwrapping failed from

Post by mrgenie » Wed Jan 25, 2017 9:05 am

Solution to the problem I wrote in the last comment:

will be applied to the standard git some time in future. Maybe even today, maybe next month.
But there’s a manual fix for those who are interested.

Re: OpenWRT LEDE — TLS Error: tls-crypt unwrapping failed from

Post by TinCanTech » Wed Jan 25, 2017 2:51 pm

Openvpn was not involved in that.

With regard to this:

AES-256-CTR has been initially selected for use with — tls-crypt because it is » a nonce misuse-resistant authenticated encryption scheme«.

— tls-crypt only effects the control channel not the data channel. Ciphers available to the data channel are as they always have been and can be configured with — cipher and/or negotiated internally by openvpn with — ncp-ciphers, which is enabled by default in 2.4

It is complicated but well documented .. worth your time to read.

Re: OpenWRT LEDE — TLS Error: tls-crypt unwrapping failed from

Post by mrgenie » Fri Apr 07, 2017 7:52 pm

Re: OpenWRT LEDE — TLS Error: tls-crypt unwrapping failed from

Post by xioxify » Sun Jan 21, 2018 7:47 am

Thanks mrgenie for sharing your experience.
I have this problem too.
You said «The only thing that tls-crypt is compatible with is AES-256-CTR», by this you mean I change GCM in the config line » cipher AES-256-GCM» to AES-256-CTR or change the GCM in this line: «tls-cipher TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384» .

Another question:
you used the tls-cipher TLS-ECDHE-RSA-WITH-AES-256-GCM- SHA384 and the «auth SHA384». They have to be the same SHA384 or can I use the «auth SHA512»??

Re: OpenWRT LEDE — TLS Error: tls-crypt unwrapping failed from

Post by TinCanTech » Sun Jan 21, 2018 3:28 pm

This is simply wrong .. you are mixing up different options that are not linked.

Источник

OpenVPN Support Forum

Community Support Forum

tls-crypt unwrap error: bad packet ID (may be a replay): [ #1 / time = (1578390112) Tue Jan 7 09:41:52 2020 ] — see th

Post by mbelchin » Wed Jan 08, 2020 4:05 pm

I just recently installed a new vpn server using openvpn 2.4.7-1 on a debian 10.2 machine.

My problem is that I have server configured to use

This is my server config.

and this is my client config:

Can someone help me out with that ? I’m not sure if the mute-reply-warnings isn’t working or it’s just appearing because of some misconfiguration.

Thanks in advance.

Re: tls-crypt unwrap error: bad packet ID (may be a replay): [ #1 / time = (1578390112) Tue Jan 7 09:41:52 2020 ] — se

Post by TinCanTech » Wed Jan 08, 2020 5:02 pm

Note: —tls-crypt does not require a direction parameter.

You should probably report that as a bug to which ever script you used (pivpn?)

Set —verb 4 and remove —mute-replay-warnings and then post your complete log as per this:
viewtopic.php?f=30&t=22603#p68963

Re: tls-crypt unwrap error: bad packet ID (may be a replay): [ #1 / time = (1578390112) Tue Jan 7 09:41:52 2020 ] — se

Post by mbelchin » Thu Jan 09, 2020 9:23 pm

Thanks for answering. Will follow your instructions

Can you or any other administrator remove this threat ?

Forgot to remove remote ip from config

Re: tls-crypt unwrap error: bad packet ID (may be a replay): [ #1 / time = (1578390112) Tue Jan 7 09:41:52 2020 ] — se

Post by TinCanTech » Fri Jan 10, 2020 12:22 am

Источник

OpenVPN Support Forum

Community Support Forum

TLS Error: tls-crypt unwrapping failed

Post by xioxify » Sun Jan 21, 2018 5:12 pm

I’m sorry. I’m new to OpenVPN. Here is my config and I get this error: TLS Error: tls-crypt unwrapping failed from
I got this error when I added tls-crypt to the config.
Would you please check for the problem? Or is this config right form all aspects?
Thanks

port 1194
proto udp4
dev tun
topology subnet
tls-server

ca ca.crt
cert server.crt
key server.key
dh dh4096.pem
tls-crypt tls.tlsauth

remote-cert-eku «TLS Web Client Authentication»
tls-version-min 1.2
tls-cipher TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384
cipher AES-256-CBC
auth SHA512
reneg-sec 60

server 10.8.0.0 255.255.255.0
push «redirect-gateway autolocal def1»
push «dhcp-option DNS 8.8.8.8»
push «dhcp-option DNS 8.8.4.4»
push «dhcp-option DNS 10.8.0.1»

compress lz4-v2
push «compress lz4-v2»

keepalive 10 120
persist-key
persist-tun
explicit-exit-notify 1
status openvpn-status.log
verb

client
tls-client
dev tun
proto udp4
remote **************
resolv-retry infinite
nobind
persist-key
persist-tun
auth-nocache
verb 3
redirect-gateway autolocal
compress lz4-v2

remote-cert-eku «TLS Web Server Authentication»
tls-crypt tls.tlsauth

tls-version-min 1.2
tls-cipher TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384
remote-cert-tls server
cipher AES-256-CBC
auth SHA512
reneg-sec 60

Источник

tls-crypt unwrap error: packet too short #21

I have tls-auth enabled on my ovpn server. I supply the required file (the TLS key from the server, which the script accepts and sends) but the command fails saying CRIT: Not responding .

Checking the ovpn logs I see that it was having trouble reading the tls key.

Here us the command being run:

The text was updated successfully, but these errors were encountered:

Can I get some help.

Can you verify that the very same tls key file works with other clients?

@Engineer-of-Stuff can you post your openvpn server config? and the version of the server binary please.

hello guys, I am confirming that tls-crypt does not work at all.

I am getting the following error:
Sat Feb 9 14:07:47 2019 tls-crypt unwrap error: packet authentication failed

Here is my server.conf:
mode server
tls-server
tls-crypt /etc/openvpn/certs/tlscrypt.key 0
proto udp
dev tun0
port 1194
topology subnet
group openvpn
user openvpn
auth SHA512
cipher AES-256-GCM
tls-version-min 1.2
tls-cipher TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384
duplicate-cn
reneg-sec 0
persist-key
compress lz4-v2
fast-io
tun-mtu 1200
verb 3
max-clients 250
auth-retry interact
ping-restart 15
ping 5
inactive 1800
management 127.0.0.1 5555
status /var/log/openvpn/status.log
log-append /var/log/openvpn/access.log
tmp-dir /etc/openvpn/tmp
plugin /etc/openvpn/plugins/openvpn-plugin-auth-script.so /etc/openvpn/scripts/authenticate.sh

Version of openvpn server binary:
openvpn-2.4.6-1.el7.x86_64

Can you help me please ?

Thank you very much.

@Engineer-of-Stuff i see «Tue Dec 18 21:23:01 2018 TCP connection established with [AF_INET]myip» but for the check script you use udp.
@drajcan i just tested it for my setup and it works. maybe «tls-cipher TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384» is the problem here.

Источник

OpenVPN Support Forum

Community Support Forum

unwrap error: packet too short

Post by tontonjab » Tue Jul 27, 2021 4:08 pm

Hello again !
Now, i am facing a very weird issue. My connected devices are ok for 4-7 days, and. then, they disconnect. And i need a reboot to make them work again.

Mon Jul 26 23:43:57 2021 gate_******/92.184.***.***:60371 SIGUSR1[soft,ping-restart] received, client-instance restarting
Mon Jul 26 23:43:58 2021 [gate_******] Inactivity timeout (—ping-restart), restarting
Mon Jul 26 23:43:58 2021 SIGUSR1[soft,ping-restart] received, client-instance restarting
Tue Jul 27 03:18:27 2021 tls-crypt unwrap error: packet too short
Tue Jul 27 03:18:27 2021 TLS Error: tls-crypt unwrapping failed from [AF_INET6]::ffff:*******:59555
Tue Jul 27 06:36:48 2021 tls-crypt unwrap error: packet too short
Tue Jul 27 06:36:48 2021 TLS Error: tls-crypt unwrapping failed from [AF_INET6]::ffff:*********:58319
Tue Jul 27 09:25:09 2021 tls-crypt unwrap error: packet too short
Tue Jul 27 09:25:09 2021 TLS Error: tls-crypt unwrapping failed from [AF_INET6]::ffff:*************:54677

i read some advices about switching from UDP to TCP. Do you think that might help ?

Re: unwrap error: packet too short

Post by TinCanTech » Tue Jul 27, 2021 4:29 pm

Well, you should not because Openvpn recovers from that problem easily.

Re: unwrap error: packet too short

Post by tontonjab » Wed Jul 28, 2021 11:07 am

Thx you, and sorry for the lack of infos:

SERVEUR
Linux ns3033356 5.8.0-43-generic #49-Ubuntu SMP Fri Feb 5 03:01:28 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux

Linux klk-fevo-SERIAL 4.14.9-klk #1 SMP Tue Feb 18 14:41:02 CET 2020 armv7l armv7l armv7l GNU/Linux

Re: unwrap error: packet too short

Post by 300000 » Wed Jul 28, 2021 11:28 am

Inactivity timeout (—ping-restart), restarting

you server cut it off after no active you need make it active for keep open server running, just adding this into your server so it will work for you

Re: unwrap error: packet too short

Post by TinCanTech » Wed Jul 28, 2021 11:29 am

Re: unwrap error: packet too short

Post by tontonjab » Sat Jul 31, 2021 10:24 pm

Thx you a lot for your help, i wasnt able to access to internet for a while

OpenVPN 2.4.9 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Apr 27 2021
library versions: OpenSSL 1.1.1f 31 Mar 2020, LZO 2.10
Originally developed by James Yonan
Copyright (C) 2002-2018 OpenVPN Inc
Compile time defines: enable_async_push=no enable_comp_stub=no enable_crypto=yes enable_crypto_ofb_cfb=yes enable_debug=yes enable_def_auth=yes enable_dependency_tracking=no enable_dlopen=unknown enable_dlopen_self=unknown enable_dlopen_self_static=unknown enable_fast_install=needless enable_fragment=yes enable_iproute2=yes enable_libtool_lock=yes enable_lz4=yes enable_lzo=yes enable_maintainer_mode=no enable_management=yes enable_multihome=yes enable_option_checking=no enable_pam_dlopen=no enable_pedantic=no enable_pf=yes enable_pkcs11=yes enable_plugin_auth_pam=yes enable_plugin_down_root=yes enable_plugins=yes enable_port_share=yes enable_selinux=no enable_server=yes enable_shared=yes enable_shared_with_static_runtimes=no enable_silent_rules=no enable_small=no enable_static=yes enable_strict=no enable_strict_options=no enable_systemd=yes enable_werror=no enable_win32_dll=yes enable_x509_alt_username=yes with_aix_soname=aix with_crypto_library=openssl with_gnu_ld=yes with_mem_check=no with_sysroot=no

keepalive 90 190
push «ping 190»

Re: unwrap error: packet too short

Post by TinCanTech » Sat Jul 31, 2021 10:55 pm

There has been a lot of development.

Upgrade your client or define your compression model.
See: — comp-lzo and — compress in the manual: https://community.openvpn.net/openvpn/w . n24ManPage

Re: unwrap error: packet too short

Post by tontonjab » Sat Jul 31, 2021 11:09 pm

I have to use LZO ? according to the doc, for backward comp. Why do you point this ?

A cant update openVPN, because its a device from the market. (LoRa gateway).

Re: unwrap error: packet too short

Post by TinCanTech » Sun Aug 01, 2021 1:37 pm

Re: unwrap error: packet too short

Post by tontonjab » Mon Aug 02, 2021 3:52 pm

Hello TinCan, i have added LZO to my conf, now i have:

[olog]
Mon Aug 2 15:46:13 2021 us=667023 *.*.*.*:41551 WARNING: ‘link-mtu’ is used inconsistently, local=’link-mtu 1550′, remote=’link-mtu 1549′
Mon Aug 2 15:46:13 2021 us=667049 *.*.*.*:41551 WARNING: ‘comp-lzo’ is present in local config but missing in remote config, local=’comp-lzo’
Mon Aug 2 15:46:13 2021 us=728478 *.*.*.*:41551 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit EC, curve: prime256v1
Mon Aug 2 15:46:13 2021 us=728548 *.*.*.*:41551 [gate-02082021_0000003] Peer Connection Initiated with [AF_INET6]::ffff:*.*.*.*:41551
Mon Aug 2 15:46:13 2021 us=738208 gate-02082021_0000003/*.*.*.*:41551 MULTI_sva: pool returned IPv4=10.8.0.4, IPv6=fd42:42:42:42::1002
Mon Aug 2 15:46:13 2021 us=738270 gate-02082021_0000003/*.*.*.*:41551 MULTI: Learn: 10.8.0.4 -> gate-02082021_0000003/*.*.*.*:41551
Mon Aug 2 15:46:13 2021 us=738284 gate-02082021_0000003/*.*.*.*:41551 MULTI: primary virtual IP for gate-02082021_0000003/*.*.*.*:41551: 10.8.0.4
Mon Aug 2 15:46:13 2021 us=738296 gate-02082021_0000003/*.*.*.*:41551 MULTI: Learn: fd42:42:42:42::1002 -> gate-02082021_0000003/*.*.*.*:41551
Mon Aug 2 15:46:13 2021 us=738309 gate-02082021_0000003/*.*.*.*:41551 MULTI: primary virtual IPv6 for gate-02082021_0000003/*.*.*.*:41551: fd42:42:42:42::1002
Mon Aug 2 15:46:14 2021 us=915069 gate-02082021_0000003/*.*.*.*:41551 PUSH: Received control message: ‘PUSH_REQUEST’
Mon Aug 2 15:46:14 2021 us=915225 gate-02082021_0000003/*.*.*.*:41551 SENT CONTROL [gate-02082021_0000003]: ‘PUSH_REPLY,dhcp-option DNS 94.140.14.14,dhcp-option DNS 94.140.15.15,redirect-gateway def1 bypass-dhcp,tun-ipv6,route-ipv6 2000::/3,redirect-gateway ipv6,tun-ipv6,route-gateway 10.8.0.1,topology subnet,ping 10,ping-restart 120,ifconfig-ipv6 fd42:42:42:42::1002/112 fd42:42:42:42::1,ifconfig 10.8.0.4 255.255.255.0,peer-id 2,cipher AES-128-GCM’ (status=1)
Mon Aug 2 15:46:14 2021 us=915311 gate-02082021_0000003/*.*.*.*:41551 Data Channel MTU parms [ L:1550 D:1450 EF:50 EB:406 ET:0 EL:3 ]
Mon Aug 2 15:46:14 2021 us=915514 gate-02082021_0000003/*.*.*.*:41551 Outgoing Data Channel: Cipher ‘AES-128-GCM’ initialized with 128 bit key
Mon Aug 2 15:46:14 2021 us=915553 gate-02082021_0000003/*.*.*.*:41551 Incoming Data Channel: Cipher ‘AES-128-GCM’ initialized with 128 bit key
Mon Aug 2 15:46:15 2021 us=249623 gate-02082021_0000003/*.*.*.*:41551 Bad LZO decompression header byte: 96
Mon Aug 2 15:46:15 2021 us=303133 gate-17072021-TEST/176.176.203.106:39416 Bad LZO decompression header byte: 42
Mon Aug 2 15:46:15 2021 us=328973 gate-17072021-TEST/176.176.203.106:49496 Bad LZO decompression header byte: 42
Mon Aug 2 15:46:19 2021 us=2714 gate-02082021_0000003/*.*.*.*:41551 Bad LZO decompression header byte: 96
Mon Aug 2 15:46:25 2021 us=520043 gate-17072021-TEST/176.176.203.106:39416 Bad LZO decompression header byte: 42
Mon Aug 2 15:46:25 2021 us=538987 gate-17072021-TEST/176.176.203.106:49496 Bad LZO decompression header byte: 42
Mon Aug 2 15:46:26 2021 us=682303 gate-02082021_0000003/*.*.*.*:41551 Bad LZO decompression header byte: 96
[/olog]

I have to add compress lzo to client too ?

I have removed persist-tun. Why do you point this ?

Since i added compress lzo, everything fail. If i add compress lzo to the client too, i have:
Mon Aug 2 15:55:22 2021 us=903752 Float requested for peer 0 to 176.176.203.106:46397
Mon Aug 2 15:55:22 2021 us=903792 AEAD Decrypt error: cipher final failed
Mon Aug 2 15:55:32 2021 us=953478 Float requested for peer 0 to 176.176.203.106:46397
Mon Aug 2 15:55:32 2021 us=953526 AEAD Decrypt error: cipher final failed

Re: unwrap error: packet too short

Post by TinCanTech » Mon Aug 02, 2021 4:17 pm

Re: unwrap error: packet too short

Post by tontonjab » Mon Aug 02, 2021 4:37 pm

my server dont want to restart with this:

port 1194
proto udp6
dev tun
user nobody
group nogroup
persist-key
persist-tun
duplicate-cn
keepalive 10 120
topology subnet
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push «dhcp-option DNS 94.140.14.14»
push «dhcp-option DNS 94.140.15.15»
push «redirect-gateway def1 bypass-dhcp»
server-ipv6 fd42:42:42:42::/112
tun-ipv6
push tun-ipv6
push «route-ipv6 2000::/3»
push «redirect-gateway ipv6»
dh none
ecdh-curve prime256v1
tls-crypt tls-crypt.key
crl-verify crl.pem
ca ca.crt
cert server_XL98c6RoSdvOVX3E.crt
key server_XL98c6RoSdvOVX3E.key
auth SHA256
cipher AES-128-GCM
ncp-ciphers AES-128-GCM
tls-server
tls-version-min 1.2
tls-cipher TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
client-config-dir /etc/openvpn/ccd
status /var/log/openvpn/status.log
client-to-client
management 127.0.0.1 17562
verb 4
mute 20
status /var/log/openvpn-status.log
log-append /var/log/openvpn.log
comp-lzo no
push «comp-lzo no»
compress no
push «compress no»

Re: unwrap error: packet too short

Post by tontonjab » Mon Aug 02, 2021 5:06 pm

now. i have this kind of logs:

[olog]
Mon Aug 2 17:00:09 2021 us=188822 gate-17072021-TEST/*.*.*.*:58701 Data Channel MTU parms [ L:1549 D:1450 EF:49 EB:406 ET:0 EL:3 ]
Mon Aug 2 17:00:09 2021 us=188887 gate-17072021-TEST/*.*.*.*:58701 Outgoing Data Channel: Cipher ‘AES-128-GCM’ initialized with 128 bit key
Mon Aug 2 17:00:09 2021 us=188897 gate-17072021-TEST/*.*.*.*:58701 Incoming Data Channel: Cipher ‘AES-128-GCM’ initialized with 128 bit key
Mon Aug 2 17:00:10 2021 us=548466 gate-17072021-TEST/*.*.*.*:58701 IP packet with unknown IP version=15 seen
Mon Aug 2 17:00:12 2021 us=797275 gate-17072021-TEST/*.*.*.*:37423 IP packet with unknown IP version=15 seen
Mon Aug 2 17:00:12 2021 us=797356 gate-17072021-TEST/*.*.*.*:37423 IP packet with unknown IP version=15 seen
Mon Aug 2 17:00:14 2021 us=715360 gate-17072021-TEST/*.*.*.*:58701 IP packet with unknown IP version=15 seen
Mon Aug 2 17:00:22 2021 us=942469 gate-17072021-TEST/*.*.*.*:37423 IP packet with unknown IP version=15 seen
Mon Aug 2 17:00:24 2021 us=155921 gate-17072021-TEST/*.*.*.*:58701 IP packet with unknown IP version=15 seen
Mon Aug 2 17:00:27 2021 us=995568 gate-17072021-TEST/*.*.*.*:37423 IP packet with unknown IP version=15 seen
Mon Aug 2 17:00:34 2021 us=320107 gate-17072021-TEST/*.*.*.*:58701 IP packet with unknown IP version=15 seen
Mon Aug 2 17:00:38 2021 us=68917 gate-17072021-TEST/*.*.*.*:37423 IP packet with unknown IP version=15 seen
Mon Aug 2 17:00:42 2021 us=76007 gate-17072021-TEST/*.*.*.*:58701 IP packet with unknown IP version=15 seen
Mon Aug 2 17:00:49 2021 us=23984 gate-17072021-TEST/*.*.*.*:37423 IP packet with unknown IP version=15 seen
Mon Aug 2 17:00:52 2021 us=351016 gate-17072021-TEST/*.*.*.*:58701 IP packet with unknown IP version=15 seen
Mon Aug 2 17:00:59 2021 us=603968 gate-17072021-TEST/*.*.*.*:37423 IP packet with unknown IP version=15 seen
Mon Aug 2 17:01:03 2021 us=67276 gate-17072021-TEST/*.*.*.*:58701 IP packet with unknown IP version=15 seen
Mon Aug 2 17:01:09 2021 us=115492 gate-17072021-TEST/*.*.*.*:48864 [gate-17072021-TEST] Inactivity timeout (—ping-restart), restarting
Mon Aug 2 17:01:09 2021 us=115563 gate-17072021-TEST/*.*.*.*:48864 SIGUSR1[soft,ping-restart] received, client-instance restarting
Mon Aug 2 17:01:09 2021 us=978005 gate-17072021-TEST/*.*.*.*:37423 IP packet with unknown IP version=15 seen
Mon Aug 2 17:01:13 2021 us=451673 gate-17072021-TEST/*.*.*.*:58701 IP packet with unknown IP version=15 seen
Mon Aug 2 17:01:15 2021 us=996043 gate-17072021-TEST/*.*.*.*:58701 IP packet with unknown IP version=15 seen
Mon Aug 2 17:01:18 2021 us=796970 gate-17072021-TEST/*.*.*.*:37423 IP packet with unknown IP version=15 seen
Mon Aug 2 17:01:19 2021 us=796852 gate-17072021-TEST/*.*.*.*:37423 IP packet with unknown IP version=15 seen
Mon Aug 2 17:01:25 2021 us=857026 gate-17072021-TEST/*.*.*.*:58701 IP packet with unknown IP version=15 seen
Mon Aug 2 17:01:29 2021 us=119242 gate-17072021-TEST/*.*.*.*:37423 IP packet with unknown IP version=15 seen
Mon Aug 2 17:01:30 2021 us=76079 gate-17072021-TEST/*.*.*.*:37423 IP packet with unknown IP version=15 seen
Mon Aug 2 17:01:35 2021 us=446638 gate-17072021-TEST/*.*.*.*:58701 IP packet with unknown IP version=15 seen
Mon Aug 2 17:01:36 2021 us=405866 *.*.*.*:58491 VERIFY OK: depth=0, CN=gate-17072021-TEST
Mon Aug 2 17:01:36 2021 us=444620 *.*.*.*:58491 [gate-17072021-TEST] Peer Connection Initiated with [AF_INET6]::ffff:*.*.*.*:58491
Mon Aug 2 17:01:36 2021 us=444712 gate-17072021-TEST/*.*.*.*:58491 MULTI_sva: pool returned IPv4=10.8.0.4, IPv6=fd42:42:42:42::1002
Mon Aug 2 17:01:36 2021 us=444821 gate-17072021-TEST/*.*.*.*:58491 MULTI: Learn: 10.8.0.4 -> gate-17072021-TEST/*.*.*.*:58491
Mon Aug 2 17:01:36 2021 us=444851 gate-17072021-TEST/*.*.*.*:58491 MULTI: primary virtual IP for gate-17072021-TEST/*.*.*.*:58491: 10.8.0.4
Mon Aug 2 17:01:36 2021 us=444883 gate-17072021-TEST/*.*.*.*:58491 MULTI: Learn: fd42:42:42:42::1002 -> gate-17072021-TEST/*.*.*.*:58491
Mon Aug 2 17:01:36 2021 us=444912 gate-17072021-TEST/*.*.*.*:58491 MULTI: primary virtual IPv6 for gate-17072021-TEST/*.*.*.*:58491: fd42:42:42:42::1002
Mon Aug 2 17:01:37 2021 us=552481 gate-17072021-TEST/*.*.*.*:58491 PUSH: Received control message: ‘PUSH_REQUEST’
Mon Aug 2 17:01:37 2021 us=552613 gate-17072021-TEST/*.*.*.*:58491 SENT CONTROL [gate-17072021-TEST]: ‘PUSH_REPLY,dhcp-option DNS 94.140.14.14,dhcp-option DNS 94.140.15.15,redirect-gateway def1 bypass-dhcp,tun-ipv6,route-ipv6 2000::/3,redirect-gateway ipv6,tun-ipv6,route-gateway 10.8.0.1,topology subnet,ping 10,ping-restart 120,ifconfig-ipv6 fd42:42:42:42::1002/112 fd42:42:42:42::1,ifconfig 10.8.0.4 255.255.255.0,peer-id 2,cipher AES-128-GCM’ (status=1)
Mon Aug 2 17:01:37 2021 us=552645 gate-17072021-TEST/*.*.*.*:58491 Data Channel MTU parms [ L:1549 D:1450 EF:49 EB:406 ET:0 EL:3 ]
Mon Aug 2 17:01:37 2021 us=552774 gate-17072021-TEST/*.*.*.*:58491 Outgoing Data Channel: Cipher ‘AES-128-GCM’ initialized with 128 bit key
Mon Aug 2 17:01:37 2021 us=552796 gate-17072021-TEST/*.*.*.*:58491 Incoming Data Channel: Cipher ‘AES-128-GCM’ initialized with 128 bit key
Mon Aug 2 17:01:38 2021 us=980755 gate-17072021-TEST/*.*.*.*:58491 IP packet with unknown IP version=15 seen
Mon Aug 2 17:01:41 2021 us=796708 gate-17072021-TEST/*.*.*.*:58701 IP packet with unknown IP version=15 seen
Mon Aug 2 17:01:43 2021 us=36509 gate-17072021-TEST/*.*.*.*:58491 IP packet with unknown IP version=15 seen
Mon Aug 2 17:01:44 2021 us=796586 gate-17072021-TEST/*.*.*.*:58701 IP packet with unknown IP version=15 seen
Mon Aug 2 17:01:51 2021 us=233395 gate-17072021-TEST/*.*.*.*:45815 [gate-17072021-TEST] Inactivity timeout (—ping-restart), restarting
Mon Aug 2 17:01:51 2021 us=233482 gate-17072021-TEST/*.*.*.*:45815 SIGUSR1[soft,ping-restart] received, client-instance restarting
Mon Aug 2 17:01:51 2021 us=836077 gate-17072021-TEST/*.*.*.*:58491 IP packet with unknown IP version=15 seen
Mon Aug 2 17:01:54 2021 us=671293 gate-17072021-TEST/*.*.*.*:58701 IP packet with unknown IP version=15 seen
Mon Aug 2 17:02:01 2021 us=219791 gate-17072021-TEST/*.*.*.*:58491 IP packet with unknown IP version=15 seen
Mon Aug 2 17:02:04 2021 us=540003 gate-17072021-TEST/*.*.*.*:58701 IP packet with unknown IP version=15 seen
Mon Aug 2 17:02:08 2021 us=476075 gate-17072021-TEST/*.*.*.*:58491 IP packet with unknown IP version=15 seen
Mon Aug 2 17:02:15 2021 us=136429 *.*.*.*:36621 VERIFY OK: depth=0, CN=gate-17072021-TEST
Mon Aug 2 17:02:15 2021 us=175268 *.*.*.*:36621 [gate-17072021-TEST] Peer Connection Initiated with [AF_INET6]::ffff:*.*.*.*:36621
Mon Aug 2 17:02:15 2021 us=175335 gate-17072021-TEST/*.*.*.*:36621 MULTI_sva: pool returned IPv4=10.8.0.5, IPv6=fd42:42:42:42::1003
Mon Aug 2 17:02:15 2021 us=175425 gate-17072021-TEST/*.*.*.*:36621 MULTI: Learn: 10.8.0.5 -> gate-17072021-TEST/*.*.*.*:36621
Mon Aug 2 17:02:15 2021 us=175444 gate-17072021-TEST/*.*.*.*:36621 MULTI: primary virtual IP for gate-17072021-TEST/*.*.*.* 10.8.0.5
Mon Aug 2 17:02:15 2021 us=175471 gate-17072021-TEST/*.*.*.*:36621 MULTI: Learn: fd42:42:42:42::1003 -> gate-17072021-TEST/*.*.*.*:36621
Mon Aug 2 17:02:15 2021 us=175501 gate-17072021-TEST/*.*.*.*:36621 MULTI: primary virtual IPv6 for gate-17072021-TEST/*.*.*.* fd42:42:42:42::1003
Mon Aug 2 17:02:16 2021 us=370302 gate-17072021-TEST/*.*.*.*:36621 PUSH: Received control message: ‘PUSH_REQUEST’
Mon Aug 2 17:02:16 2021 us=370406 gate-17072021-TEST/*.*.*.*:36621 SENT CONTROL [gate-17072021-TEST]: ‘PUSH_REPLY,dhcp-option DNS 94.140.14.14,dhcp-option DNS 94.140.15.15,redirect-gateway def1 bypass-dhcp,tun-ipv6,route-ipv6 2000::/3,redirect-gateway ipv6,tun-ipv6,route-gateway 10.8.0.1,topology subnet,ping 10,ping-restart 120,ifconfig-ipv6 fd42:42:42:42::1003/112 fd42:42:42:42::1,ifconfig 10.8.0.5 255.255.255.0,peer-id 3,cipher AES-128-GCM’ (status=1)
Mon Aug 2 17:02:16 2021 us=370489 gate-17072021-TEST/*.*.*.*:36621 Data Channel MTU parms [ L:1549 D:1450 EF:49 EB:406 ET:0 EL:3 ]
Mon Aug 2 17:02:16 2021 us=370625 gate-17072021-TEST/*.*.*.*:36621 Outgoing Data Channel: Cipher ‘AES-128-GCM’ initialized with 128 bit key
Mon Aug 2 17:02:16 2021 us=370648 gate-17072021-TEST/*.*.*.*:36621 Incoming Data Channel: Cipher ‘AES-128-GCM’ initialized with 128 bit key
Mon Aug 2 17:02:17 2021 us=724238 gate-17072021-TEST/*.*.*.*:36621 IP packet with unknown IP version=15 seen
Mon Aug 2 17:02:18 2021 us=744117 gate-17072021-TEST/*.*.*.*:58491 IP packet with unknown IP version=15 seen
Mon Aug 2 17:02:20 2021 us=796857 gate-17072021-TEST/*.*.*.*:58491 IP packet with unknown IP version=15 seen
Mon Aug 2 17:02:21 2021 us=796859 gate-17072021-TEST/*.*.*.*:58491 IP packet with unknown IP version=15 seen
Mon Aug 2 17:02:21 2021 us=836055 gate-17072021-TEST/*.*.*.*:36621 IP packet with unknown IP version=15 seen
Mon Aug 2 17:02:30 2021 us=236026 gate-17072021-TEST/*.*.*.*:36621 IP packet with unknown IP version=15 seen
Mon Aug 2 17:02:31 2021 us=376023 gate-17072021-TEST/*.*.*.*:58491 IP packet with unknown IP version=15 seen
Mon Aug 2 17:02:40 2021 us=964340 gate-17072021-TEST/*.*.*.*:36621 IP packet with unknown IP version=15 seen
Mon Aug 2 17:02:41 2021 us=468529 gate-17072021-TEST/*.*.*.*:58491 IP packet with unknown IP version=15 seen
Mon Aug 2 17:02:43 2021 us=36117 gate-17072021-TEST/*.*.*.*:58491 IP packet with unknown IP version=15 seen
Mon Aug 2 17:02:46 2021 us=876064 gate-17072021-TEST/*.*.*.*:36621 IP packet with unknown IP version=15 seen
Mon Aug 2 17:02:53 2021 us=210813 gate-17072021-TEST/*.*.*.*:58491 IP packet with unknown IP version=15 seen
Mon Aug 2 17:02:56 2021 us=190127 gate-17072021-TEST/*.*.*.*:36621 IP packet with unknown IP version=15 seen
Mon Aug 2 17:03:03 2021 us=569945 gate-17072021-TEST/*.*.*.*:58491 IP packet with unknown IP version=15 seen
Mon Aug 2 17:03:06 2021 us=285917 gate-17072021-TEST/*.*.*.*:36621 IP packet with unknown IP version=15 seen
Mon Aug 2 17:03:13 2021 us=279779 gate-17072021-TEST/*.*.*.*:58491 IP packet with unknown IP version=15 seen
Mon Aug 2 17:03:16 2021 us=520990 gate-17072021-TEST/*.*.*.*:36621 IP packet with unknown IP version=15 seen
Mon Aug 2 17:03:19 2021 us=579151 gate-17072021-TEST/*.*.*.*:55418 [gate-17072021-TEST] Inactivity timeout (—ping-restart), restarting
Mon Aug 2 17:03:19 2021 us=579230 gate-17072021-TEST/*.*.*.*:55418 SIGUSR1[soft,ping-restart] received, client-instance restarting
Mon Aug 2 17:03:20 2021 us=156134 gate-17072021-TEST/*.*.*.*:36621 IP packet with unknown IP version=15 seen
Mon Aug 2 17:03:23 2021 us=361720 gate-17072021-TEST/*.*.*.*:58491 IP packet with unknown IP version=15 seen
Mon Aug 2 17:03:31 2021 us=226888 gate-17072021-TEST/*.*.*.*:36621 IP packet with unknown IP version=15 seen
Mon Aug 2 17:03:33 2021 us=293767 gate-17072021-TEST/*.*.*.*:58491 IP packet with unknown IP version=15 seen
Mon Aug 2 17:03:41 2021 us=200360 gate-17072021-TEST/*.*.*.*:36621 IP packet with unknown IP version=15 seen
Mon Aug 2 17:03:42 2021 us=832979 *.*.*.*:33178 VERIFY OK: depth=0, CN=gate-17072021-TEST
Mon Aug 2 17:03:42 2021 us=872356 *.*.*.*:33178 [gate-17072021-TEST] Peer Connection Initiated with [AF_INET6]::ffff:*.*.*.*:33178
Mon Aug 2 17:03:42 2021 us=872415 gate-17072021-TEST/*.*.*.*:33178 MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=fd42:42:42:42::1004
Mon Aug 2 17:03:42 2021 us=872469 gate-17072021-TEST/*.*.*.*:33178 MULTI: Learn: 10.8.0.6 -> gate-17072021-TEST/*.*.*.*:33178
Mon Aug 2 17:03:42 2021 us=872484 gate-17072021-TEST/*.*.*.*:33178 MULTI: primary virtual IP for gate-17072021-TEST/*.*.*.* 10.8.0.6
Mon Aug 2 17:03:42 2021 us=872499 gate-17072021-TEST/*.*.*.*:33178 MULTI: Learn: fd42:42:42:42::1004 -> gate-17072021-TEST/*.*.*.*:33178
Mon Aug 2 17:03:42 2021 us=872535 gate-17072021-TEST/*.*.*.*:33178 MULTI: primary virtual IPv6 for gate-17072021-TEST/*.*.*.* fd42:42:42:42::1004
Mon Aug 2 17:03:43 2021 us=901879 gate-17072021-TEST/*.*.*.*:33178 PUSH: Received control message: ‘PUSH_REQUEST’
Mon Aug 2 17:03:43 2021 us=901981 gate-17072021-TEST/*.*.*.*:33178 SENT CONTROL [gate-17072021-TEST]: ‘PUSH_REPLY,dhcp-option DNS 94.140.14.14,dhcp-option DNS 94.140.15.15,redirect-gateway def1 bypass-dhcp,tun-ipv6,route-ipv6 2000::/3,redirect-gateway ipv6,tun-ipv6,route-gateway 10.8.0.1,topology subnet,ping 10,ping-restart 120,ifconfig-ipv6 fd42:42:42:42::1004/112 fd42:42:42:42::1,ifconfig 10.8.0.6 255.255.255.0,peer-id 4,cipher AES-128-GCM’ (status=1)
Mon Aug 2 17:03:43 2021 us=902015 gate-17072021-TEST/*.*.*.*:33178 Data Channel MTU parms [ L:1549 D:1450 EF:49 EB:406 ET:0 EL:3 ]
Mon Aug 2 17:03:43 2021 us=902123 gate-17072021-TEST/*.*.*.*:33178 Outgoing Data Channel: Cipher ‘AES-128-GCM’ initialized with 128 bit key
Mon Aug 2 17:03:43 2021 us=902142 gate-17072021-TEST/*.*.*.*:33178 Incoming Data Channel: Cipher ‘AES-128-GCM’ initialized with 128 bit key
Mon Aug 2 17:03:45 2021 us=321892 gate-17072021-TEST/*.*.*.*:33178 IP packet with unknown IP version=15 seen
Mon Aug 2 17:03:47 2021 us=797199 gate-17072021-TEST/*.*.*.*:36621 IP packet with unknown IP version=15 seen
Mon Aug 2 17:03:48 2021 us=797169 gate-17072021-TEST/*.*.*.*:36621 IP packet with unknown IP version=15 seen
Mon Aug 2 17:03:49 2021 us=116115 gate-17072021-TEST/*.*.*.*:33178 IP packet with unknown IP version=15 seen
Mon Aug 2 17:03:57 2021 us=137855 gate-17072021-TEST/*.*.*.*:58548 [gate-17072021-TEST] Inactivity timeout (—ping-restart), restarting
Mon Aug 2 17:03:57 2021 us=137934 gate-17072021-TEST/*.*.*.*:58548 SIGUSR1[soft,ping-restart] received, client-instance restarting
Mon Aug 2 17:03:57 2021 us=276115 gate-17072021-TEST/*.*.*.*:33178 IP packet with unknown IP version=15 seen
Mon Aug 2 17:03:58 2021 us=505868 gate-17072021-TEST/*.*.*.*:36621 IP packet with unknown IP version=15 seen
Mon Aug 2 17:04:07 2021 us=414096 gate-17072021-TEST/*.*.*.*:33178 IP packet with unknown IP version=15 seen
Mon Aug 2 17:04:08 2021 us=143250 gate-17072021-TEST/*.*.*.*:36621 IP packet with unknown IP version=15 seen
Mon Aug 2 17:04:12 2021 us=635991 gate-17072021-TEST/*.*.*.*:33178 IP packet with unknown IP version=15 seen
[/olog]

Re: unwrap error: packet too short

Post by TinCanTech » Mon Aug 02, 2021 5:42 pm

Re: unwrap error: packet too short

Post by tontonjab » Tue Aug 03, 2021 8:02 am

Without persist tun, the IP is «refreshed» every connection ? What is the bets approach to point the right client then. Open vpn have a local DNS ?

https://community.openvpn.net/openvpn/ticket/952
According to this, «comp-lzo no» and «compress» options not compatible. Can you help me with this ?

comp-lzo no
push «comp-lzo no»
#compress no
#push «compress no

And it works. For the moment. I will see if my client drops.

I have something weird on my client:

tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.8.0.5 P-t-P:10.8.0.5 Mask:255.255.255.0
inet6 addr: fe80::eba7:fd9b:c714:239b/64 Scope:Link
inet6 addr: fd42:42:42:42::1003/112 Scope:Global
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:38 errors:0 dropped:0 overruns:0 frame:0
TX packets:90 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:3668 (3.5 KiB) TX bytes:7288 (7.1 KiB)

tun1 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.8.0.6 P-t-P:10.8.0.6 Mask:255.255.255.0
inet6 addr: fd42:42:42:42::1004/112 Scope:Global
inet6 addr: fe80::53fc:8b75:88e7:2ca3/64 Scope:Link
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:47 errors:0 dropped:0 overruns:0 frame:0
TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:4424 (4.3 KiB) TX bytes:288 (288.0 B)

tun0 works. 10.8.0.5 ping from the server. Why i have tun1 ? I have only one conf in /etc/openvpn. What am i doing wrong ?

Источник

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.

Источник

Hi,

I configured OpenVPN server v2.4.5 and the Linux workstations were able to connect to the VPN successfully.

The only clients that did not work were Android phones (Android apps: «OpenVPN for Android» or «OpenVPN connect»). Each time I try to connect with an Android phone, I have the error below on the OpenVPN server side:

TLS: Initial packet from [AF_INET]208.74.193.21:47546, sid=dc5eafbc 22024732
tls-crypt unwrap error: packet too short
TLS Error: tls-crypt unwrapping failed from [AF_INET]208.74.193.21:47546
Fatal TLS error (check_tls_errors_co), restarting
SIGUSR1[soft,tls-error] received, client-instance restarting

This is the OpenVPN server side configuration:

# MANAGED BY ANSIBLE
port 1194
proto tcp
dev tun
auth SHA512
cipher AES-256-CBC
tls-crypt /etc/openvpn/easy-rsa/keys/ta.key
key-direction 0
user nobody
group nogroup
ca /etc/openvpn/easy-rsa/keys/ca.crt
cert /etc/openvpn/easy-rsa/keys/server.crt
key /etc/openvpn/easy-rsa/keys/server.key  # This file should be kept secret
server 172.25.0.0 255.255.0.0
dh /etc/openvpn/easy-rsa/keys/dh2048.pem
ifconfig-pool-persist ipp.txt
keepalive 10 120
persist-key
persist-tun
status openvpn-status.log
verb 3
client-config-dir /etc/openvpn/ccd
client-to-client

This is the Android client «*.ovpn» file:

client
dev tun
remote URL.DOMAIN.COM 1194
proto tcp
remote-cert-tls server
resolv-retry infinite
nobind
persist-key
persist-tun
verb 1
<ca>
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
...
-----END PRIVATE KEY-----
</key>
key-direction 1
<tls-auth>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
...
-----END OpenVPN Static key V1-----
</tls-auth>

Do you have any idea how to solve this issue? (It is caused by tls-crypt/tls-auth according to my last test. Check the «PS:» below)

Thank you!

PS: I was able to connect my Android phones to the VPN server by removing tls-crypt from the server side and tls-auth from the Android side. It looks like the issue is related to the extra protection tls-crypt.

Last edited by Asher256 (2018-03-29 15:22:46)

Источник

Всем привет!
Прошу помощи! Сильно не пинайте, я начинающий, уже много перепробовал и прочитал, решений так и не нашел.
Задача проста, поставить OpenVpn сервер на VDS( латвии) и организовать клиентов для подключения.
Ставил и вручную поэтапно и с помощью готового скрипта с гитхаба angristan. Проблема всегда 1 и таже, сколько клиентов не создай( все с разными ключами и сертификатами), кто первый законектился, «того и тапки» тот и работает, остальные не могут подключится. первоначально нужно что бы подключались клиенты на ОС Ubuntu, но и для Windows тоже самое.
Пробовал добавлять параметр «Duplicate-cn» в файл Server.conf, но он как-будто игнорируется, хотя у многих в видео и текст. материалах работает( ибо мне пофигу, что 1 сертификат на всех,НО суть в том, что хоть черед Duplicate, хоть через создание отдельных серт. клиентов не подключается больше 1го юзера.)
Еще заметил, что кто-бы не подключился присваивается только 1 и тот же Ip 10.8.0.2( может согласна порядку присваивания номеру подключения). Порты менял ( 1194, 443) , тип ( udp,tcp) тоже.
Вот конфиг сервера:

port 443

proto udp

dev tun

user nobody

group nogroup

persist-key

persist-tun

keepalive 10 120

topology subnet

server 10.8.0.0 255.255.255.0

ifconfig-pool-persist ipp.txt

duplicate-cn

push "dhcp-option DNS 8.8.8.8"

push "dhcp-option DNS 8.8.4.4"

push "redirect-gateway def1 bypass-dhcp"

dh none

ecdh-curve prime256v1

tls-crypt tls-crypt.key

crl-verify crl.pem

ca ca.crt

Конфиг клиента 1:

client

proto udp

explicit-exit-notify

remote 149.100.208.124 443

dev tun

resolv-retry infinite

nobind

persist-key

persist-tun

remote-cert-tls server

verify-x509-name

server_A1OldLkKcjivS7al name

auth SHA256

auth-nocache

cipher AES-128-GCM

tls-client

tls-version-min 1.2

tls-cipher TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256

ignore-unknown-option block-outside-dns

setenv opt block-outside-dns

Рrevent Windows 10 DNS leak

verb 3
<ca>
-----BEGIN CERTIFICATE-----
MIIB1jCCAX2gAwIBAgIUfFlcGsAZyNeuRpgq1s/kvwLZC9cwCgYIKoZIzj0EAwIw
HjEcMBoGA1UEAwwTY25fd0xPMDhBVGhZN1JtM0xHRDAeFw0yMjA2MTMwOTM3 MzVa
Fw0zMjA2MTAwOTM3MzVaMB4xHDAaBgNVBAMME2NuX3dMTzA4QVRoWTdSbTNM R0Qw
WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATvLGN6k98NlXGtahRoIDSWSkvf Xf+d
lQHWmqC3SXvPiA85ZOZ68BBiAwWme8abTf9C2jvZU0vyj9kJMA6JuxkIo4GY MIGV
MB0GA1UdDgQWBBQWrWIfv69sK0y6bFIjbSm2MrS9FDBZBgNVHSMEUjBQgBQW rWIf
v69sK0y6bFIjbSm2MrS9FKEipCAwHjEcMBoGA1UEAwwTY25fd0xPMDhBVGhZ N1Jt
M0xHRIIUfFlcGsAZyNeuRpgq1s/kvwLZC9cwDAYDVR0TBAUwAwEB/zALBgNVHQ8E
BAMCAQYwCgYIKoZIzj0EAwIDRwAwRAIgJi6UlgA2M2bWa+B39XatlZ3s7DTQ DR2S
Vej7SOp42TACICBJMpvou1Xwc+L082ECWpmQOKB1TgbcLhTV3Hfc6WOT
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
MIIB2jCCAX+gAwIBAgIQH6midcYiDjfnlafZbOqcZTAKBggqhkjOPQQDAjAe MRww
GgYDVQQDDBNjbl93TE8wOEFUaFk3Um0zTEdEMB4XDTIyMDYxMzEwMDIzOVoX DTI0
MDkxNTEwMDIzOVowEjEQMA4GA1UEAwwHY2xpZW50MTBZMBMGByqGSM49AgEG CCqG
SM49AwEHA0IABHOqxJbes4aZ/mXyaIP3Yg0LxsCncPZtaB1e/rT8qG7m/9BZW1yB
UfpoVeMGR00r66gqfY2JrmpV9J7Zihd6PmWjgaowgacwCQYDVR0TBAIwADAd BgNV
HQ4EFgQUzpZH0q5JUtLJvmTEXnH8bRtHWG0wWQYDVR0jBFIwUIAUFq1iH7+v bCtM
umxSI20ptjK0vRShIqQgMB4xHDAaBgNVBAMME2NuX3dMTzA4QVRoWTdSbTNM R0SC
FHxZXBrAGcjXrkaYKtbP5L8C2QvXMBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsG A1Ud
DwQEAwIHgDAKBggqhkjOPQQDAgNJADBGAiEAw9GDz7qDj4tth3SGbOtl9/hGRRDN
2/nSpLR7GVg7eS8CIQDeUadyUbXG/yxAfVTi4rNxX/PZ9zPTn43QH3lO3S723w==
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgOSQkycg3GrGl EuIj
AcOre5f+Ts5buCaubevJQtktMyuhRANCAARzqsSW3rOGmf5l8miD92INC8bA p3D2
bWgdXv60/Khu5v/QWVtcgVH6aFXjBkdNK+uoKn2Nia5qVfSe2YoXej5l
-----END PRIVATE KEY-----
</key>
<tls-crypt>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
0afe73333e2b40548bf6a4b9d6d11b12
4362f1ddae9e9a71a1be6802ffd679dd
3049e4dd22fbb4327813db0cede6016c
4d7d0679076b8dd87df5fc9a5782c64d
0c2b9c84ead91f33efea309c1bdd6656
75fcb965637b1cbb358c1e85b37a04b1
4b691c9c933144685b97c4ebfb3c59a5
c8ece08c343baaa5af64596a5009ec18
b9da41de7724c23521cf38978a99364b
ffacf0e44c701d04fa331c118bacd1fa
e851e7f1b78eee45414fce9f31c7ca77
50c6f578cf86da40f79581c8b9c4a2fe
4a85538f0def1412a0e8d1220d440e10
e625a081ccaa9d500216cc4d868c5f7d
7e9771beea5eee97fb6d74d12c058686
0fa226f7404fe95ee37bcd308fb37a0d
-----END OpenVPN Static key V1-----
</tls-crypt>

конфиг клиента 2:

client

proto udp

explicit-exit-notify

remote 149.100.208.124 443

dev tun

resolv-retry infinite

nobind

persist-key

persist-tun

remote-cert-tls server

verify-x509-name
 
server_A1OldLkKcjivS7al name

auth SHA256

auth-nocache

cipher AES-128-GCM

tls-client

tls-version-min 1.2

tls-cipher TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256

ignore-unknown-option block-outside-dns

setenv opt block-outside-dns #

Prevent Windows 10 DNS leak
verb 3
<ca>
-----BEGIN CERTIFICATE-----
MIIB1jCCAX2gAwIBAgIUfFlcGsAZyNeuRpgq1s/kvwLZC9cwCgYIKoZIzj0EAwIw
HjEcMBoGA1UEAwwTY25fd0xPMDhBVGhZN1JtM0xHRDAeFw0yMjA2MTMwOTM3 MzVa
Fw0zMjA2MTAwOTM3MzVaMB4xHDAaBgNVBAMME2NuX3dMTzA4QVRoWTdSbTNM R0Qw
WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATvLGN6k98NlXGtahRoIDSWSkvf Xf+d
lQHWmqC3SXvPiA85ZOZ68BBiAwWme8abTf9C2jvZU0vyj9kJMA6JuxkIo4GY MIGV
MB0GA1UdDgQWBBQWrWIfv69sK0y6bFIjbSm2MrS9FDBZBgNVHSMEUjBQgBQW rWIf
v69sK0y6bFIjbSm2MrS9FKEipCAwHjEcMBoGA1UEAwwTY25fd0xPMDhBVGhZ N1Jt
M0xHRIIUfFlcGsAZyNeuRpgq1s/kvwLZC9cwDAYDVR0TBAUwAwEB/zALBgNVHQ8E
BAMCAQYwCgYIKoZIzj0EAwIDRwAwRAIgJi6UlgA2M2bWa+B39XatlZ3s7DTQ DR2S
Vej7SOp42TACICBJMpvou1Xwc+L082ECWpmQOKB1TgbcLhTV3Hfc6WOT
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
MIIB2TCCAX+gAwIBAgIQF0aA28jY5XaWYaGf+4R5aDAKBggqhkjOPQQDAjAe MRww
GgYDVQQDDBNjbl93TE8wOEFUaFk3Um0zTEdEMB4XDTIyMDYxMzEwMTcwNFoX DTI0
MDkxNTEwMTcwNFowEjEQMA4GA1UEAwwHY2xpZW50MjBZMBMGByqGSM49AgEG CCqG
SM49AwEHA0IABI+Bn7IiA8nvtHQWnHhWSzpWpYRTdmcvyuoGcuOR7lLhtxWe Ky0R
6pYGPHYIh1pQlaJZwglBJhHFYZnxgV7V7LyjgaowgacwCQYDVR0TBAIwADAd BgNV
HQ4EFgQU98XDYYc+ljr+NPMSVdym1/1AwZgwWQYDVR0jBFIwUIAUFq1iH7+vbCtM
umxSI20ptjK0vRShIqQgMB4xHDAaBgNVBAMME2NuX3dMTzA4QVRoWTdSbTNM R0SC
FHxZXBrAGcjXrkaYKtbP5L8C2QvXMBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsG A1Ud
DwQEAwIHgDAKBggqhkjOPQQDAgNIADBFAiAKOEPUztVBrIQqt4v59KMBktQa KkvM
PyHpDgGCb/RzfQIhAJr4mSpgPSt5KvsX+Zsh8IW1Q7ked33ZoPFCDaPbqmB+
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgxfVn1RyNRnm/3rap
sUVb393IhhI/GPeDF+E9i/62DkuhRANCAASPgZ+yIgPJ77R0Fpx4Vks6VqWEU3Zn
L8rqBnLjke5S4bcVnistEeqWBjx2CIdaUJWiWcIJQSYRxWGZ8YFe1ey8
-----END PRIVATE KEY-----
</key>
<tls-crypt>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
0afe73333e2b40548bf6a4b9d6d11b12
4362f1ddae9e9a71a1be6802ffd679dd
3049e4dd22fbb4327813db0cede6016c
4d7d0679076b8dd87df5fc9a5782c64d
0c2b9c84ead91f33efea309c1bdd6656
75fcb965637b1cbb358c1e85b37a04b1
4b691c9c933144685b97c4ebfb3c59a5
c8ece08c343baaa5af64596a5009ec18
b9da41de7724c23521cf38978a99364b
ffacf0e44c701d04fa331c118bacd1fa
e851e7f1b78eee45414fce9f31c7ca77
50c6f578cf86da40f79581c8b9c4a2fe
4a85538f0def1412a0e8d1220d440e10
e625a081ccaa9d500216cc4d868c5f7d
7e9771beea5eee97fb6d74d12c058686
0fa226f7404fe95ee37bcd308fb37a0d
-----END OpenVPN Static key V1-----
</tls-crypt>

вот лог ошибки с клиента Windows( когда он пытается подключится 2м клиентом (1й уже успешно приконектился и работает):

Mon Jun 13 23:34:09 2022 Restart pause, 300 second(s)
Mon Jun 13 23:39:09 2022 Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Mon Jun 13 23:39:09 2022 Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Mon Jun 13 23:39:09 2022 Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Mon Jun 13 23:39:09 2022 Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Mon Jun 13 23:39:09 2022 TCP/UDP: Preserving recently used remote address: [AF_INET]149.100.208.124:443
Mon Jun 13 23:39:09 2022 Socket Buffers: R=[65536->65536] S=[65536->65536]
Mon Jun 13 23:39:09 2022 UDP link local: (not bound)
Mon Jun 13 23:39:09 2022 UDP link remote: [AF_INET]149.100.208.124:443
Mon Jun 13 23:39:09 2022 MANAGEMENT: >STATE:1655127549,WAIT,,,,,,
Mon Jun 13 23:40:10 2022 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Mon Jun 13 23:40:10 2022 TLS Error: TLS handshake failed
Mon Jun 13 23:40:10 2022 SIGUSR1[soft,tls-error] received, process restarting
Mon Jun 13 23:40:10 2022 MANAGEMENT: >STATE:1655127610,RECONNECTING,tls-error,,,,,
Mon Jun 13 23:40:10 2022 Restart pause, 300 second(s)

На ключи пофиг, ибо пересоздать не проблема.
Главное тыкните на ошибку, пожалуйста не сильно заумными словами.
и не пинайте сильно)

Источник

OpenVPN Support Forum

OpenWRT LEDE — TLS Error: tls-crypt unwrapping failed from

OpenWRT LEDE — TLS Error: tls-crypt unwrapping failed from

Re: TLS Error: tls-crypt unwrapping failed from

Re: TLS Error: tls-crypt unwrapping failed from

Re: TLS Error: tls-crypt unwrapping failed from

Re: TLS Error: tls-crypt unwrapping failed from

Re: TLS Error: tls-crypt unwrapping failed from

Re: TLS Error: tls-crypt unwrapping failed from

Re: TLS Error: tls-crypt unwrapping failed from

Re: TLS Error: tls-crypt unwrapping failed from

Re: TLS Error: tls-crypt unwrapping failed from

Re: TLS Error: tls-crypt unwrapping failed from

Re: TLS Error: tls-crypt unwrapping failed from

Re: TLS Error: tls-crypt unwrapping failed from

Re: OpenWRT LEDE — TLS Error: tls-crypt unwrapping failed from

Re: OpenWRT LEDE — TLS Error: tls-crypt unwrapping failed from

Re: OpenWRT LEDE — TLS Error: tls-crypt unwrapping failed from

Re: OpenWRT LEDE — TLS Error: tls-crypt unwrapping failed from

OpenVPN Support Forum

tls-crypt unwrap error: bad packet ID (may be a replay): [ #1 / time = (1578390112) Tue Jan 7 09:41:52 2020 ] — see th

tls-crypt unwrap error: bad packet ID (may be a replay): [ #1 / time = (1578390112) Tue Jan 7 09:41:52 2020 ] — see th

Re: tls-crypt unwrap error: bad packet ID (may be a replay): [ #1 / time = (1578390112) Tue Jan 7 09:41:52 2020 ] — se

Re: tls-crypt unwrap error: bad packet ID (may be a replay): [ #1 / time = (1578390112) Tue Jan 7 09:41:52 2020 ] — se

Re: tls-crypt unwrap error: bad packet ID (may be a replay): [ #1 / time = (1578390112) Tue Jan 7 09:41:52 2020 ] — se

OpenVPN Support Forum

TLS Error: tls-crypt unwrapping failed

TLS Error: tls-crypt unwrapping failed

tls-crypt unwrap error: packet too short #21

OpenVPN Support Forum

unwrap error: packet too short

unwrap error: packet too short

Re: unwrap error: packet too short

Re: unwrap error: packet too short

Re: unwrap error: packet too short

Re: unwrap error: packet too short

Re: unwrap error: packet too short

Re: unwrap error: packet too short

Re: unwrap error: packet too short

Re: unwrap error: packet too short

Re: unwrap error: packet too short

Re: unwrap error: packet too short

Re: unwrap error: packet too short

Re: unwrap error: packet too short

Re: unwrap error: packet too short

Re: unwrap error: packet too short

Recommend Projects

<img decoding="async" onError="javascript: wp_broken_images = window.wp_broken_images || function(){}; wp_broken_images(this);" loading="lazy" width="24" height="24" src="https://www.typescriptlang.org/favicon-32x32.png" alt="Typescript photo" /> Typescript

<img decoding="async" onError="javascript: wp_broken_images = window.wp_broken_images || function(){}; wp_broken_images(this);" loading="lazy" width="24" height="24" src="https://avatars2.githubusercontent.com/u/27804?s=200&amp;v=4" alt="Django photo" /> Django

<img decoding="async" onError="javascript: wp_broken_images = window.wp_broken_images || function(){}; wp_broken_images(this);" loading="lazy" width="24" height="24" src="https://laravel.com/img/logomark.min.svg" alt="Laravel photo" /> Laravel

Recommend Topics

web

server

Machine learning

Visualization

Recommend Org

<img decoding="async" onError="javascript: wp_broken_images = window.wp_broken_images || function(){}; wp_broken_images(this);" loading="lazy" width="24" height="24" src="https://avatars.githubusercontent.com/u/69631?v=4" alt="Facebook photo" /> Facebook

<img decoding="async" onError="javascript: wp_broken_images = window.wp_broken_images || function(){}; wp_broken_images(this);" loading="lazy" width="24" height="24" src="https://avatars.githubusercontent.com/u/6154722?v=4" alt="Microsoft photo" /> Microsoft

<img decoding="async" onError="javascript: wp_broken_images = window.wp_broken_images || function(){}; wp_broken_images(this);" loading="lazy" width="24" height="24" src="https://avatars.githubusercontent.com/u/1342004?v=4" alt="Google photo" /> Google

<img decoding="async" onError="javascript: wp_broken_images = window.wp_broken_images || function(){}; wp_broken_images(this);" loading="lazy" width="24" height="24" src="https://avatars.githubusercontent.com/u/1961952?v=4" alt="Alibaba photo" /> Alibaba

<img decoding="async" onError="javascript: wp_broken_images = window.wp_broken_images || function(){}; wp_broken_images(this);" loading="lazy" width="24" height="24" src="https://avatars.githubusercontent.com/u/1562726?v=4" alt="D3 photo" /> D3

<img decoding="async" onError="javascript: wp_broken_images = window.wp_broken_images || function(){}; wp_broken_images(this);" loading="lazy" width="24" height="24" src="https://avatars.githubusercontent.com/u/18461506?v=4" alt="Tencent photo" /> Tencent

Typescript

Django

Laravel

Facebook

Microsoft

Google

Alibaba

D3

Tencent