[SOLVED] read UDPv4 [ECONNREFUSED]: Connection refused (code=111)

Answer 1245 (100.0% helpful)

be careful using explicit-exit-notify in a shared-secret setup, it seems to kill the server from the client which is bad.

Answer 295 (63.157894% helpful)

It\'s nothing wrong. Per default the server is not notified when a client disconnects, what\'s why you get these messages in the server log.

There is two things you can to make things better though. Use --keepalive (or ping/ping-restart) to make the server realize that a client has disconnected after some time. I usually use the following values

On server:
ping 10
ping-restart 120


On clients:
ping 10
ping-restart 60


And, then you can add \"--explicit-exit-notify 2\" on the client, which will cause it to notify the server when you disconnect cleanly. The \'2\' means that it will send to exit-notify packets to the server before exiting. There is no acknowledge to this exit-notify packet that why you can tell OpenVPN to send multiple exit-notify packets it case happends to be dropped.

Answer 1597 (57.142857% helpful)

I had my router forwarding TCP and it needs to be UDP

Answer 1472 (54.545456% helpful)

Check if Openvpn adapter on the client is enabled

Answer 1416 (50.0% helpful)

In my case, it was that the clock on client side was not set properly (it was set to 1.1.1970) and therefore the client couldn\'t accept the server certificate. After setting the clock, the error was gone and the connection got established.

Answer 1436 (45.454544% helpful)

check if protocol is set on the same on the two sides

;proto tcp
proto udp

Answer 1442 (40.0% helpful)

I changed the udp port the client and server ran on and restarted both.  Error went away.

Answer 1621 (40.0% helpful)

In my case the modem was provided by the carrier that was blocking the access of the Internet to your LAN, the solution was to add a DMZ to the ip of the firewall on the modem / router provided by the carrier.

Answer 891 (33.333332% helpful)

If the ERROR occures on the server side a firewall might block the port on the client side.

Open the port on the client side and the Error will disappear.

Answer 1680 (25.0% helpful)

Check that the CA, server and client certificates are still valid. In my case, the problem was an expired certificate. This showed up in the client log, not the server log.

Answer 1281 (0.0% helpful)

in my case, it was because the server side openvpn was not running (tun0 was not up on server)

Add an answer/solution

If you know the answer, please add your own solution below.
If you don't know, but find out later, please come back and share your answer - there will be other people struggling with this too.

If you want to be notified via email when this is solved, enter your email address here:

readthefuckingmanual.net