TLS Error: local/remote TLS keys are out of sync

[jjm1982]

On one of my four zentyal servers keeps getting "TLS Error: local/remote TLS keys are out of sync" error while being connected to the Zentyal Cloud Services. I have not made any changes to this servers openvpn configuration. Is there something I need to update? Provide further information? Is anyone else getting this same error? I was only made aware of this because of the email alert I receive from Zentyal informing me my server disconnected.

[robb]

Do you use UDP or TCP for VPN connections? (configurable in VPN Server config) TCP will help anyway...
2nd thing is to use NTP to keep time ok.

[jjm1982]

Do you use UDP or TCP for VPN connections? (configurable in VPN Server config) TCP will help anyway...
2nd thing is to use NTP to keep time ok.

I have NTP enabled on all of my servers and UDP for the VPN; but its not the server. This is the client side connecting to Zentyal Cloud, that's what's giving me the problem. And it's only with this server, all the others are functioning correctly.

[robb]

You are absolutely sure it has nothing to do with the internet connection of that particular server? (Are other servers using the same connection? Do you see any latency in the connection of that server?)

Maybe Jose Antonio can have a look at your problem.... you can also create a ticket in TRAC: http://trac.zentyal.org/newticket

[jjm1982]

You are absolutely sure it has nothing to do with the internet connection of that particular server? (Are other servers using the same connection? Do you see any latency in the connection of that server?)

Maybe Jose Antonio can have a look at your problem.... you can also create a ticket in TRAC: http://trac.zentyal.org/newticket

I updated the client config to TCP and will continue to monitor. There is one other server using the same connection which is connected directly to the internet and it has no issues. The server that is experiencing the problem is behind the other one. I'll continue to monitor and report back. If I continue to see this issue I'll definitely open a ticket.

[J. A. Calvo]

Is the system date/time correct? If not, you can try using zentyal-ntp to fix it. Just an idea, I'm not sure if that's the cause of the problem...

[jjm1982]

Is the system date/time correct? If not, you can try using zentyal-ntp to fix it. Just an idea, I'm not sure if that's the cause of the problem...

Yes, I actually have zentyal ntp enabled on this server and the rest of my servers. All the times are in sync. I have been monitoring the server throughout the day and have not noticed any additional "TLS keys are out of sync" errors but I have gotten a few timeout errors to 92.243.6.103; but I've seen these in the past. Updating the client side to use TCP for Zentyal Cloud has seemed to have fixed the issue (for now).

What I don't understand is, why did this only impact this server? My other three servers have not had any of these issue. And yes, I did verify that the other three servers are only using UDP as the protocol. Interesting?