Openvpn TLS Error: local/remote TLS keys are out of sync

[zimon]

I get the TLS Error: local/remote TLS keys are out of sync error in my transmission jail from time to time.
When this happens I cannot get any connection within the jail.
After I restart the openvpn service it works again. This happens from time to time and is very annoying, but I could not figure out what the trigger is.
This is my opencvp config:

Code:

client

dev tun

proto udp

resolv-retry infinite

nobind

persist-key

persist-tun

ns-cert-type server

comp-lzo

verb 3

tun-mtu 1500

fragment 0

mssfix 1400

cipher AES-256-CBC

remote-random

remote vpn-se5.privatevpn.com 53

remote vpn-se8.privatevpn.com 53

route-delay

reneg-sec 0

--auth-user-pass pass.txt

<ca>

-----BEGIN CERTIFICATE-----

CA Omitted
-----END CERTIFICATE-----

</ca>

I found some "solutions" where they removed the actual ca from the config, but when I am doing that vpn does not work at all.

 

[dlavigne]

This is my opencvp config:

Code:

proto udp

That is the culprit. Try changing udp to tcp.

 

[zimon]

Unfortunatly if I change it to tcp I get the following error when I want to start openvpn:
TCP: connect to [AF_INET]IPADRESS failed: Operation timed out

 

[dlavigne]

Do you have a hosts entry for the system you're trying to connect to? That will prevent DNS timeouts.

 

[zimon]

I added it to hosts but the problem was that I forgot to change the port in the config. Now I am connected via tcp, lets hope I do not get a TSL handshake/key sync problem