UDP packets sent from specific source port, with public source IP address do not reach specific destination port of the public destination IP address. changing any of the parameters [ usually source port ] – fixes the issue. i’ve observed this phenomenon multiple times for long-running OpenVPN and Wireguard VPNs encapsulating encrypted traffic in UDP ... Read More
another thing to adjust after upgrade to Buster. on openvpn endpoint that in it’s config – /etc/openvpn/whatever.conf – had: dh dh1024.pem the vpn service did not start. tail -f /var/log/syslog showed: apparently the new version of openssl no longer accepts 1024 Diffie Hellman group. solution: and change in /etc/openvpn/whatever.conf – from dh dh1024.pem to dh ... Read More
we’ve run out of the office space in one of the locations. in short term it was not possible to find a suitable and large enough place to rent so we had to split and relocate some of the staff to another building few kilometers away. it’s possible that we’ll shuffle people and servers between ... Read More
i run windows 10 on one of the computers, it also has a ‘dial up’ openvpn – started from openvpn gui. it worked fine for a few days but then i started to see repeting in the logs and tunnel would not get up for 20-60 seconds. and sometimes even after that the right entries ... Read More
at work i have openvpn between OVH dedicated server and our datacenter. due to varying bandwidth we sometimes use udp over ipv6 and sometimes over ipv4 as an encapsulation method. whenever we did the switch we always had to reconfigure both ends of the tunnel. it turns out that with recent openvpns and kernels it’s ... Read More
one day an openvpn that used to carry traffic for the last 7 years started to misbehave. openvpn’s own built in watchdog was restarting it every few minutes. one of the tunnels endpoints – a- is behind NAT that we don’t control, another – b – is a host with public ip address.