OpenVPN issue when client tries to connect: read UDP: Connection reset by peer (WSAECONNRESET) (code=10054)

Question

UPDATE: Here's the output when I try to access OpenVPN using my Verizon router instead of my homemade Ubuntu router. It doesn't work immediately after I plug in the router, but in about a day or so, it works. I don't get it:

Tue Nov 27 21:31:30 2018 OpenVPN 2.4.3 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Jun 20 2017
Tue Nov 27 21:31:30 2018 Windows version 6.1 (Windows 7) 64bit
Tue Nov 27 21:31:30 2018 library versions: OpenSSL 1.0.2l  25 May 2017, LZO 2.10
Enter Management Password:
Tue Nov 27 21:31:30 2018 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25343
Tue Nov 27 21:31:30 2018 Need hold release from management interface, waiting...
Tue Nov 27 21:31:30 2018 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25343
Tue Nov 27 21:31:31 2018 MANAGEMENT: CMD 'state on'
Tue Nov 27 21:31:31 2018 MANAGEMENT: CMD 'log all on'
Tue Nov 27 21:31:31 2018 MANAGEMENT: CMD 'echo all on'
Tue Nov 27 21:31:31 2018 MANAGEMENT: CMD 'hold off'
Tue Nov 27 21:31:31 2018 MANAGEMENT: CMD 'hold release'
Tue Nov 27 21:31:43 2018 MANAGEMENT: CMD 'password [...]'
Tue Nov 27 21:31:43 2018 Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Tue Nov 27 21:31:43 2018 Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Tue Nov 27 21:31:43 2018 Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Tue Nov 27 21:31:43 2018 Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Tue Nov 27 21:31:43 2018 MANAGEMENT: >STATE:1543372303,RESOLVE,,,,,,
Tue Nov 27 21:31:44 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]96.255.47.75:1194
Tue Nov 27 21:31:44 2018 Socket Buffers: R=[8192->8192] S=[8192->8192]
Tue Nov 27 21:31:44 2018 UDP link local: (not bound)
Tue Nov 27 21:31:44 2018 UDP link remote: [AF_INET]96.255.47.75:1194
Tue Nov 27 21:31:44 2018 MANAGEMENT: >STATE:1543372304,WAIT,,,,,,
Tue Nov 27 21:31:44 2018 MANAGEMENT: >STATE:1543372304,AUTH,,,,,,
Tue Nov 27 21:31:44 2018 TLS: Initial packet from [AF_INET]96.255.47.75:1194, sid=a595f501 53b59ad2
Tue Nov 27 21:31:44 2018 VERIFY OK: depth=1, CN=ChangeMe
Tue Nov 27 21:31:44 2018 VERIFY KU OK
Tue Nov 27 21:31:44 2018 Validating certificate extended key usage
Tue Nov 27 21:31:44 2018 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Tue Nov 27 21:31:44 2018 VERIFY EKU OK
Tue Nov 27 21:31:44 2018 VERIFY X509NAME OK: CN=server_ulIZjDM5Jfumz3sy
Tue Nov 27 21:31:44 2018 VERIFY OK: depth=0, CN=server_ulIZjDM5Jfumz3sy
Tue Nov 27 21:31:44 2018 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-ECDSA-AES256-GCM-SHA384
Tue Nov 27 21:31:44 2018 [server_ulIZjDM5Jfumz3sy] Peer Connection Initiated with [AF_INET]96.255.47.75:1194
Tue Nov 27 21:31:45 2018 MANAGEMENT: >STATE:1543372305,GET_CONFIG,,,,,,
Tue Nov 27 21:31:45 2018 SENT CONTROL [server_ulIZjDM5Jfumz3sy]: 'PUSH_REQUEST' (status=1)
Tue Nov 27 21:31:45 2018 PUSH: Received control message: 'PUSH_REPLY,dhcp-option DNS 8.8.8.8,dhcp-option DNS 8.8.4.4,block-outside-dns,redirect-gateway def1,route-gateway 10.8.0.1,topology subnet,ping 1800,ping-restart 3600,ifconfig 10.8.0.2 255.255.255.0,peer-id 0,cipher AES-256-GCM'
Tue Nov 27 21:31:45 2018 OPTIONS IMPORT: timers and/or timeouts modified
Tue Nov 27 21:31:45 2018 OPTIONS IMPORT: --ifconfig/up options modified
Tue Nov 27 21:31:45 2018 OPTIONS IMPORT: route options modified
Tue Nov 27 21:31:45 2018 OPTIONS IMPORT: route-related options modified
Tue Nov 27 21:31:45 2018 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Tue Nov 27 21:31:45 2018 OPTIONS IMPORT: peer-id set
Tue Nov 27 21:31:45 2018 OPTIONS IMPORT: adjusting link_mtu to 1624
Tue Nov 27 21:31:45 2018 OPTIONS IMPORT: data channel crypto options modified
Tue Nov 27 21:31:45 2018 Data Channel: using negotiated cipher 'AES-256-GCM'
Tue Nov 27 21:31:45 2018 Data Channel Encrypt: Cipher 'AES-256-GCM' initialized with 256 bit key
Tue Nov 27 21:31:45 2018 Data Channel Decrypt: Cipher 'AES-256-GCM' initialized with 256 bit key
Tue Nov 27 21:31:45 2018 interactive service msg_channel=356
Tue Nov 27 21:31:46 2018 ROUTE_GATEWAY 192.168.86.1/255.255.255.0 I=11 HWADDR=00:21:63:ab:66:38
Tue Nov 27 21:31:46 2018 open_tun
Tue Nov 27 21:31:46 2018 TAP-WIN32 device [Local Area Connection 4] opened: \\.\Global\{9BFFC2A5-A514-4119-BFF1-94B0F8BCDA6D}.tap
Tue Nov 27 21:31:46 2018 TAP-Windows Driver Version 9.9 
Tue Nov 27 21:31:46 2018 Set TAP-Windows TUN subnet mode network/local/netmask = 10.8.0.0/10.8.0.2/255.255.255.0 [SUCCEEDED]
Tue Nov 27 21:31:46 2018 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.8.0.2/255.255.255.0 on interface {9BFFC2A5-A514-4119-BFF1-94B0F8BCDA6D} [DHCP-serv: 10.8.0.254, lease-time: 31536000]
Tue Nov 27 21:31:46 2018 Successful ARP Flush on interface [34] {9BFFC2A5-A514-4119-BFF1-94B0F8BCDA6D}
Tue Nov 27 21:31:46 2018 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Tue Nov 27 21:31:46 2018 MANAGEMENT: >STATE:1543372306,ASSIGN_IP,,10.8.0.2,,,,
Tue Nov 27 21:31:46 2018 Blocking outside dns using service succeeded.
Tue Nov 27 21:31:51 2018 TEST ROUTES: 1/1 succeeded len=0 ret=1 a=0 u/d=up
Tue Nov 27 21:31:51 2018 C:\Windows\system32\route.exe ADD 96.255.47.75 MASK 255.255.255.255 192.168.86.1
Tue Nov 27 21:31:51 2018 Route addition via service succeeded
Tue Nov 27 21:31:51 2018 C:\Windows\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.8.0.1
Tue Nov 27 21:31:51 2018 Route addition via service succeeded
Tue Nov 27 21:31:51 2018 C:\Windows\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 10.8.0.1
Tue Nov 27 21:31:51 2018 Route addition via service succeeded
Tue Nov 27 21:31:51 2018 Initialization Sequence Completed
Tue Nov 27 21:31:51 2018 MANAGEMENT: >STATE:1543372311,CONNECTED,SUCCESS,10.8.0.2,96.255.47.75,1194,,
Tue Nov 27 21:35:07 2018 C:\Windows\system32\route.exe DELETE 96.255.47.75 MASK 255.255.255.255 192.168.86.1
Tue Nov 27 21:35:07 2018 Route deletion via service succeeded
Tue Nov 27 21:35:07 2018 C:\Windows\system32\route.exe DELETE 0.0.0.0 MASK 128.0.0.0 10.8.0.1
Tue Nov 27 21:35:07 2018 Route deletion via service succeeded
Tue Nov 27 21:35:07 2018 C:\Windows\system32\route.exe DELETE 128.0.0.0 MASK 128.0.0.0 10.8.0.1
Tue Nov 27 21:35:08 2018 Route deletion via service succeeded
Tue Nov 27 21:35:08 2018 Closing TUN/TAP interface
Tue Nov 27 21:35:08 2018 TAP: DHCP address released
Tue Nov 27 21:35:08 2018 Unblocking outside dns using service succeeded.
Tue Nov 27 21:35:08 2018 SIGTERM[hard,] received, process exiting
Tue Nov 27 21:35:08 2018 MANAGEMENT: >STATE:1543372508,EXITING,SIGTERM,,,,,

I am having trouble getting my devices connected to my home network through OpenVPN using a router I built through Ubuntu, with the IP address of 192.168.1.1. The OpenVPN server is my Raspberry Pi which is separate from the router and has the address of 192.168.1.1. I used this page https://arstechnica.com/gadgets/2016/04/the-ars-guide-to-building-a-linux-router-from-scratch/ and this page https://arashmilani.com/post?id=53 to configure my router and setup the iptables for the router. I have port 1194 UDP open, so that's not a problem. However, every time I try to connect, I keep on getting this:

Fri Nov 23 16:44:50 2018 OpenVPN 2.4.3 x86_64-w64-mingw32 [SSL (OpenSSL)] 
[LZO] [LZ4] [PKCS11] [AEAD] built on Jun 20 2017
Fri Nov 23 16:44:50 2018 Windows version 6.1 (Windows 7) 64bit
Fri Nov 23 16:44:50 2018 library versions: OpenSSL 1.0.2l  25 May 2017, LZO 2.10
Fri Nov 23 16:44:50 2018 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25343
Fri Nov 23 16:44:50 2018 Need hold release from management interface, waiting...
Fri Nov 23 16:44:50 2018 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25343
Fri Nov 23 16:44:51 2018 MANAGEMENT: CMD 'state on'
Fri Nov 23 16:44:51 2018 MANAGEMENT: CMD 'log all on'
Fri Nov 23 16:44:51 2018 MANAGEMENT: CMD 'echo all on'
Fri Nov 23 16:44:51 2018 MANAGEMENT: CMD 'hold off'
Fri Nov 23 16:44:51 2018 MANAGEMENT: CMD 'hold release'
Fri Nov 23 16:44:57 2018 MANAGEMENT: CMD 'password [...]'
Fri Nov 23 16:44:57 2018 Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Fri Nov 23 16:44:57 2018 Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Fri Nov 23 16:44:57 2018 Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Fri Nov 23 16:44:57 2018 Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Fri Nov 23 16:44:57 2018 MANAGEMENT: >STATE:1543009497,RESOLVE,,,,,,
Fri Nov 23 16:44:57 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]100.15.140.98:1194
Fri Nov 23 16:44:57 2018 Socket Buffers: R=[8192->8192] S=[8192->8192]
Fri Nov 23 16:44:57 2018 UDP link local: (not bound)
Fri Nov 23 16:44:57 2018 UDP link remote: [AF_INET]100.15.150.28:1194
Fri Nov 23 16:44:57 2018 MANAGEMENT: >STATE:1543009497,WAIT,,,,,,
Fri Nov 23 16:44:57 2018 read UDP: Connection reset by peer (WSAECONNRESET) (code=10054)
Fri Nov 23 16:44:59 2018 read UDP: Connection reset by peer (WSAECONNRESET) (code=10054)
Fri Nov 23 16:45:04 2018 read UDP: Connection reset by peer (WSAECONNRESET) (code=10054)
Fri Nov 23 16:45:12 2018 read UDP: Connection reset by peer (WSAECONNRESET) (code=10054)
Fri Nov 23 16:45:28 2018 read UDP: Connection reset by peer (WSAECONNRESET) (code=10054)
Fri Nov 23 16:45:58 2018 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Fri Nov 23 16:45:58 2018 TLS Error: TLS handshake failed
Fri Nov 23 16:45:58 2018 SIGUSR1[soft,tls-error] received, process restarting
Fri Nov 23 16:45:58 2018 MANAGEMENT: >STATE:1543009558,RECONNECTING,tls-error,,,,,
Fri Nov 23 16:45:58 2018 Restart pause, 5 second(s)

Here's my server.conf file from the Raspberry Pi

dev tun
proto udp
port 1194
ca /etc/openvpn/easy-rsa/pki/ca.crt
cert /etc/openvpn/easy-rsa/pki/issued/server_ulIZjDM5Jfumz3sy.crt
key /etc/openvpn/easy-rsa/pki/private/server_ulIZjDM5Jfumz3sy.key
dh none
topology subnet 
server 10.8.0.0 255.255.255.0
# Set your primary domain name server address for clients
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
# Prevent DNS leaks on Windows
push "block-outside-dns"
# Override the Client default gateway by using 0.0.0.0/1 and
# 128.0.0.0/1 rather than 0.0.0.0/0. This has the benefit of
# overriding but not wiping out the original default gateway.
push "redirect-gateway def1"
client-to-client
keepalive 1800 3600
remote-cert-tls client
tls-version-min 1.2
tls-crypt /etc/openvpn/easy-rsa/pki/ta.key
cipher AES-256-CBC
auth SHA256
user nobody
group nogroup
persist-key
persist-tun
crl-verify /etc/openvpn/crl.pem
status /var/log/openvpn-status.log 20
status-version 3
syslog
verb 3
#DuplicateCNs allow access control on a less-granular, per user basis.
#Remove # if you will manage access by user instead of device.
#duplicate-cn
# Generated for use by PiVPN.io

And here's one of my client config files:

client
dev tun
proto udp
remote shadow.bounceonthis.net 1194
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
tls-version-min 1.2
verify-x509-name server_ulIZjDM5Jfumz3sy name
cipher AES-256-CBC
auth SHA256
auth-nocache
verb 3

And here's my iptable setup. I have it stored in a file (/etc/network/iptables) and push it to iptables-restore whenever I modify it.

*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]

# Masquerade vpn tunnel for specific ip source
#-A POSTROUTING -o tun+ -j MASQUERADE --src 10.8.0.0/24
# For OpenVPN
#-A POSTROUTING -s 10.8.0.0/24 -o enp3s0f1 -j MASQUERADE

# enp3s0f0 is WAN interface, #enp3s0f1 is LAN interface
-A POSTROUTING -o enp3s0f0 -j MASQUERADE

# NAT pinhole: HTTP from WAN to LAN
-A PREROUTING -p tcp -m tcp -i enp3s0f0 --dport 80 -j DNAT --to-destination 192.168.1.7:80
#-A PREROUTING -p udp -m udp -i enp3s0f0 --dport 1194 -j DNAT --to-destination 192.168.1.8:1194
-A PREROUTING -p tcp -m tcp -i enp3s0f0 --dport 22 -j DNAT --to-destination 192.168.1.7:22

COMMIT

*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]

# Service rules

# basic global accept rules - ICMP, loopback, traceroute, established all accepted
-A INPUT -s 127.0.0.0/8 -d 127.0.0.0/8 -i lo -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -m state --state ESTABLISHED -j ACCEPT

# enable traceroute rejections to get sent out
-A INPUT -p udp -m udp --dport 33434:33523 -j REJECT --reject-with icmp-port-unreachable

# DNS - accept from LAN
-A INPUT -i enp3s0f1 -p tcp --dport 53 -j ACCEPT
-A INPUT -i enp3s0f1 -p udp --dport 53 -j ACCEPT
-A INPUT -i enp4s0f0 -p tcp --dport 53 -j ACCEPT
-A INPUT -i enp4s0f0 -p udp --dport 53 -j ACCEPT
-A INPUT -i enp4s0f1 -p tcp --dport 53 -j ACCEPT
-A INPUT -i enp4s0f1 -p udp --dport 53 -j ACCEPT

# SSH - accept from LAN
-A INPUT -i enp3s0f1 -p tcp --dport 22 -j ACCEPT
-A INPUT -i enp4s0f0 -p tcp --dport 22 -j ACCEPT
-A INPUT -i enp4s0f1 -p tcp --dport 22 -j ACCEPT

# DHCP client requests - accept from LAN
-A INPUT -i enp3s0f1 -p udp --dport 67:68 -j ACCEPT
-A INPUT -i enp4s0f0 -p udp --dport 67:68 -j ACCEPT
-A INPUT -i enp4s0f1 -p udp --dport 67:68 -j ACCEPT

#OpenVPN - accept from LAN
-A INPUT -i enp3s0f1 -p udp -m state --state NEW --dport 1194 -j ACCEPT
-A INPUT -i tun+ -j ACCEPT
#-A INPUT -i tun0 -j ACCEPT
#-A INPUT -i enp3s0f1 -j ACCEPT

# drop all other inbound traffic
-A INPUT -j DROP

# Forwarding rules

# forward packets along established/related connections
-A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT

# forward from LAN (enp3s0f1) to WAN (enp3s0f0)
-A FORWARD -i enp3s0f1 -o enp3s0f0 -j ACCEPT
-A FORWARD -i enp4s0f0 -o enp3s0f0 -j ACCEPT
-A FORWARD -i enp4s0f1 -o enp3s0f0 -j ACCEPT

-A FORWARD -i tun+ -j ACCEPT
-A FORWARD -i tun+ -o enp3s0f1 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i enp3s0f1 -o tun+ -m state --state RELATED,ESTABLISHED -j ACCEPT
#-A FORWARD -i tun0 -j ACCEPT
#-A FORWARD -i tun0 -o enp3s0f1 -m state --state RELATED,ESTABLISHED -j ACCEPT --src 10.8.0.0/24
#-A FORWARD -i enp3s0f1 -o tun0 -m state --state RELATED,ESTABLISHED -j ACCEPT --src 10.8.0.0/24
#-A FORWARD -i enp3s0f1 -j ACCEPT

# allow traffic from our NAT pinhole
-A FORWARD -p tcp -d 192.168.1.7 --dport 80 -j ACCEPT
-A FORWARD -p tcp -d 192.168.1.8 --dport 22 -j ACCEPT
#-A FORWARD -p udp -d 192.168.1.8 --dport 1194 -j ACCEPT

# drop all other forwarded traffic
-A FORWARD -j DROP

-A OUTPUT -o tun+ -j ACCEPT

COMMIT

This is from iptables -L -v

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination 
  298 71669 ACCEPT     all  --  lo     any     127.0.0.0/8          127.0.0.0/8 
  358 21968 ACCEPT     icmp --  any    any     anywhere             anywhere    
 5406 3229K ACCEPT     all  --  any    any     anywhere             anywhere             state ESTABLISHED
    0     0 REJECT     udp  --  any    any     anywhere             anywhere             udp dpts:33434:33523 reject-with icmp-port-unreachable
    0     0 ACCEPT     tcp  --  enp3s0f1 any     anywhere             anywhere             tcp dpt:domain
  741 46889 ACCEPT     udp  --  enp3s0f1 any     anywhere             anywhere             udp dpt:domain
    0     0 ACCEPT     tcp  --  enp4s0f0 any     anywhere             anywhere             tcp dpt:domain
    0     0 ACCEPT     udp  --  enp4s0f0 any     anywhere             anywhere             udp dpt:domain
    0     0 ACCEPT     tcp  --  enp4s0f1 any     anywhere             anywhere             tcp dpt:domain
    0     0 ACCEPT     udp  --  enp4s0f1 any     anywhere             anywhere             udp dpt:domain
    2   104 ACCEPT     tcp  --  enp3s0f1 any     anywhere             anywhere             tcp dpt:ssh
    0     0 ACCEPT     tcp  --  enp4s0f0 any     anywhere             anywhere             tcp dpt:ssh
    0     0 ACCEPT     tcp  --  enp4s0f1 any     anywhere             anywhere             tcp dpt:ssh
   11  4015 ACCEPT     udp  --  enp3s0f1 any     anywhere             anywhere             udp dpts:bootps:bootpc
    0     0 ACCEPT     udp  --  enp4s0f0 any     anywhere             anywhere             udp dpts:bootps:bootpc
    0     0 ACCEPT     udp  --  enp4s0f1 any     anywhere             anywhere             udp dpts:bootps:bootpc
   52  4264 ACCEPT     udp  --  enp3s0f1 any     anywhere             anywhere             state NEW udp dpt:openvpn
    0     0 ACCEPT     all  --  tun+   any     anywhere             anywhere    
 1903  196K DROP       all  --  any    any     anywhere             anywhere    

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination 
 380K  421M ACCEPT     all  --  any    any     anywhere             anywhere             ctstate RELATED,ESTABLISHED
 7260 1021K ACCEPT     all  --  enp3s0f1 enp3s0f0  anywhere             anywhere
    0     0 ACCEPT     all  --  enp4s0f0 enp3s0f0  anywhere             anywhere
    0     0 ACCEPT     all  --  enp4s0f1 enp3s0f0  anywhere             anywhere
    0     0 ACCEPT     all  --  tun+   any     anywhere             anywhere    
    0     0 ACCEPT     all  --  tun+   enp3s0f1  anywhere             anywhere             state RELATED,ESTABLISHED
    0     0 ACCEPT     all  --  enp3s0f1 tun+    anywhere             anywhere             state RELATED,ESTABLISHED
    2   100 ACCEPT     tcp  --  any    any     anywhere             192.168.1.7          tcp dpt:http
   21  1228 ACCEPT     tcp  --  any    any     anywhere             192.168.1.8          tcp dpt:ssh
    0     0 DROP       all  --  any    any     anywhere             anywhere    

Chain OUTPUT (policy ACCEPT 10253 packets, 3548K bytes)
 pkts bytes target     prot opt in     out     source               destination 
    0     0 ACCEPT     all  --  any    tun+    anywhere             anywhere

This is from iptables -L -t nat -v

Chain PREROUTING (policy ACCEPT 9046 packets, 1163K bytes)
 pkts bytes target     prot opt in     out     source               destination 
    5   256 DNAT       tcp  --  enp3s0f0 any     anywhere             anywhere             tcp dpt:http to:192.168.1.7:80
   21  1228 DNAT       tcp  --  enp3s0f0 any     anywhere             anywhere             tcp dpt:ssh to:192.168.1.8:22

Chain INPUT (policy ACCEPT 799 packets, 54051 bytes)
 pkts bytes target     prot opt in     out     source               destination 

Chain OUTPUT (policy ACCEPT 429 packets, 190K bytes)
 pkts bytes target     prot opt in     out     source               destination 

Chain POSTROUTING (policy ACCEPT 230 packets, 17336 bytes)
 pkts bytes target     prot opt in     out     source               destination 
 7213 1123K MASQUERADE  all  --  any    enp3s0f0  anywhere             anywhere

I've been beating my brains over this for the past two days and I am getting nowhere with this.

*”Outgoing Control Channel Encryption: Cipher **'AES-256-CTR'** initialized with 256 bit key”* versus **’cipher AES-256-CBC’** might explain the issue — HBruijn, Nov 23 '18 at 22:45
Can you explain a bit more how it does so? It works well if I used my Verizon router, but not my homemade router. — Andy Narain, Nov 26 '18 at 02:30

OpenVPN issue when client tries to connect: read UDP: Connection reset by peer (WSAECONNRESET) (code=10054)

0 Answers0