Potential bug with AWS VPN Client version 3.2 and 'verify-x509-name' flag

With the recent update to the AWS VPN Client to version 3.2, it has, "Added support for 'verify-x509-name' OpenVPN flag". We had setup a VPN endpoint a few months ago and it worked fine on AWS VPN Client version 3.1. We tried testing again about a week ago and we were getting TLS handshake failures. I first updated my AWS VPN client from 3.1 to 3.2 with no changes in outcome. We went down that rabbit hole of troubleshooting the TLS handshake failures to no avail. I found that new line for 'verify-x509-name' in the downloaded ovpn config. Removing that line from the config solved the connectivity issue.

Topics

Networking & Content Delivery

Relevant content

Enterprise VPN Client needed to connect to AWS Client VPN Endpoint
Rob
asked 2 years ago
AWS VPN Client cannot handle some OpenVPN options.
jinux
asked 2 years ago
Install AWS VPN Client on MacOs version 14
Alexandre
asked 2 months ago
AWS Client VPN Please add support for Login / Logout scripts like OpenVPN has
mthomsen
asked 2 years ago
How does DNS work with my AWS Client VPN endpoint?
AWS OFFICIALUpdated 10 months ago
How do I use the AWS CLI to configure a Client VPN?
AWS OFFICIALUpdated 6 months ago
How can I revoke access to a Client VPN endpoint for a specific client?
AWS OFFICIALUpdated 9 months ago
How can I replace the certificates for my AWS Client VPN to resolve a TLS handshake error?
AWS OFFICIALUpdated a year ago
Usage of Security Group associated with AWS Client VPN
EXPERT
Karthikiran Ilango
published 7 months ago
AWS Client VPN connection and traffic flow handling simplified
EXPERT
Karthikiran Ilango
published 6 months ago