OpenVPN Bad encapsulated packet length from peer

openvpn

Solution 1:

The problem is a too broad REDIRECT iptables rule because it affects all NATed traffic. It should be limited to incoming traffic to the VPN server only.

Change that rule so that it would only match incoming traffic either by specifying interface or IP address which the client uses to connect to the VPN server.

For example:

-A PREROUTING -i eth0 -p tcp --dport 443 -j REDIRECT --to-port 1194

where eth0 is the interface that VPN client connects to (most probably, the WAN interface)

or:

-A PREROUTING -d 192.0.2.0 -p tcp --dport 443 -j REDIRECT --to-port 1194

where 192.0.2.0 is the IP address that VPN client connects to (most probably, the external IP address).

Related

Tunnel closed. packet_write_wait: Connection to UNKNOWN port 0: Broken pipe
How to suppress a Heartbeat resource from starting in failover data center?
Experiencing gcc 5 failure running poetry install on Ubuntu 20.04
pfSense + NAT and nginx - real IP not shown in logs
When changing from windows 10 to linux, will the data still on pc or removed?
How to backup file storage NAS through VM-based backup solutions
How to install fonts in 20.04
How do I configure a Unix system to run on TAI time?
How do I find which documents are protected by Active Directory Rights Management Services?
Zoom won't launch on Ubuntu 20.04
LVM extend Filesystem: new partition vs. grow existing one
Multiple RDP connections to the same user