When I try to use tls-auth on the client (pointing it to a ta.key file), my OpenVPN server logs say:


You are watching: Tls error: cannot locate hmac in incoming packet from

Dec 22 18:18:26 ... ovpn-server<31133>: TLS Error: cannot locate HMAC in incoming packet from :63448Dec 22 18:18:28 ... ovpn-server<31133>: TLS Error: cannot locate HMAC in incoming packet from :63448Dec 22 18:18:32 ... ovpn-server<31133>: TLS Error: cannot locate HMAC in incoming packet from :63448I"ve attached an image of my client config. It behaves this way whether I set the Direction as "Default" or as "1".On my server.conf file, I have:
tls-auth /etc/openvpn/tls/ta.key 0 # This file is secretIf I manually open the connection file generated by Viscosity at ~/Library/Application Support/Viscosity/1/config.conf, I see:
tls-auth ~/client-configs/files/ta.keyI"ve verified the shasums of the ta.key files are the same on the client and server. The only other variable here is that I"m using PKCS11 for this connection (connecting with a Yubikey). The PKCS11 connection works when I remove the tls-auth requirement (when I use the newest beta version of Viscosity, PKCS11 works).Any ideas? Thanks!
*

*

If I manually open the connection file generated by Viscosity at ~/Library/Application Support/Viscosity/1/config.conf, I see:tls-auth ~/client-configs/files/ta.keyThis may be the problem: Viscosity should store its own copy of the file in your connection"s profile directory. However the path in your configuration file seems to indicate it may have been modified by hand with a custom path. I recommend editing your connection in Viscosity clicking the "Clear" button next to the existing TLS-Auth file, and then clicking "Select..." to select the file to use. Click Save and try connecting. This ensures that the path and associated permissions are correct.
Dec 22 18:18:32 ... ovpn-server<31133>: TLS Error: cannot locate HMAC in incoming packet from :63448This error indicates that there is no TLS-Auth signature in the packet sent from the client. This likely means that the TLS-Auth file isn"t being used in this case (as you"ve checked the direction).Cheers,James
James BekkemaViscosity DeveloperWeb: http://www.digitalrecordersreview.orgSupport: http://www.digitalrecordersreview.org/supportTwitter: http://twitter.com/digitalrecordersreview.org
Display: All posts1 day7 days2 weeks1 month3 months6 months1 yearSort by: AuthorPost timeSubjectDirection: AscendingDescending
*

Stay UpdatedKeep up with the latest important digitalrecordersreview.org news and updates with our (very) occasional newsletter.


See more: Hello Bello Hair Skin And Nails Reviews 2021, Hello Bello Hair, Skin + Nails Gummy €“ 75Ct

© digitalrecordersreview.org Pty Ltd. digitalrecordersreview.org & Viscosity are registered trademarks of digitalrecordersreview.org Pty Ltd. Privacy Policy