Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Connection reset, restarting [-1] #66

Closed
13567436138 opened this issue Feb 3, 2019 · 3 comments
Closed

Connection reset, restarting [-1] #66

13567436138 opened this issue Feb 3, 2019 · 3 comments

Comments

@13567436138
Copy link

Sun Feb 03 12:25:31 2019 Connection reset, restarting [-1]
Sun Feb 03 12:25:31 2019 SIGUSR1[soft,connection-reset] received, process restarting
Sun Feb 03 12:26:51 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]47.254.92.51:1194
Sun Feb 03 12:26:51 2019 Attempting to establish TCP connection with [AF_INET]47.254.92.51:1194 [nonblock]
Sun Feb 03 12:26:52 2019 TCP connection established with [AF_INET]47.254.92.51:1194
Sun Feb 03 12:26:52 2019 TCP_CLIENT link local: (not bound)
Sun Feb 03 12:26:52 2019 TCP_CLIENT link remote: [AF_INET]47.254.92.51:1194
Sun Feb 03 12:26:53 2019 Connection reset, restarting [-1]
Sun Feb 03 12:26:53 2019 SIGUSR1[soft,connection-reset] received, process restarting
@okutasan
Copy link

how to fix this ?

@alfieyfc
Copy link

I keep getting this error too :( it repeats every second.
On the server logs it's as below:

Wed Jan 20 23:38:06 2021 TCP connection established with [AF_INET]10.42.1.1:61256
Wed Jan 20 23:38:07 2021 10.42.1.1:61256 TLS: Initial packet from [AF_INET]10.42.1.1:61256, sid=86bee538 5617bef7
Wed Jan 20 23:38:07 2021 10.42.1.1:61256 TLS Error: reading acknowledgement record from packet
Wed Jan 20 23:38:07 2021 10.42.1.1:61256 Fatal TLS error (check_tls_errors_co), restarting
Wed Jan 20 23:38:07 2021 10.42.1.1:61256 SIGUSR1[soft,tls-error] received, client-instance restarting

Can we reopen this until at least some form of resolution is provided? Thanks!

@alfieyfc
Copy link

Nvm, I believe I have solved it! Using the same method I mentioned in #73 (comment).

Looking at this post I noticed there is a <tls-auth> in the client's .ovpn file but ta.key wasn't referenced in the servers .conf file.

OpenVPN: TLS Error: reading acknowledgement record from packet
This error message (in my experince) most often means that one side (either the client or the server) is set up for TLS auth, but the other side is not.

So I added this line in openvpn-tmpl and created a configmap for the pod to mount.

tls-auth ${EASYRSA_PKI}/ta.key

Error message gone! :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@okutasan @13567436138 @alfieyfc