Users OVPN auth failure with 2 backends after upgrade to 2.5.0
-
I have a OpenVPN server with LDAP user authentication (AD) + certificate. After updating to version 2.5.0, users could not connect with an authentication error.
It turned out that if 2 backends (Local Clients and LDAP) are selected in the OpenVPN configuration, then authentication does not pass. If you leave only LDAP, everything starts working.
There are no local clients on this server that need OpenVPN, but the bug is unpleasant.
Did someone else encounter this?Also, after the update, for some reason Hardware Crypto was disabled, and now "/dev/crypto" is displayed instead of "BSD cryptodev engine" - is it "by design" or is it bug in the GUI?
-
@proger
Seems related to https://redmine.pfsense.org/issues/9460Try to install System Patches pkg and apply Patch ID ce76f299853dccb036de229f08a30013593c98fd
-
@viktor_g
Thanks, it helped. Could not check immediately because there was no access to the server.
Are you planning to include this patch in the next releases? -
@proger said in Users OVPN auth failure with 2 backends after upgrade to 2.5.0:
@viktor_g
Thanks, it helped. Could not check immediately because there was no access to the server.
Are you planning to include this patch in the next releases?See 2.5.1 roadmap: https://redmine.pfsense.org/versions/61
-
@viktor_g
This bug not listed.. :(Today, one user can't auth with only "LDAP auth" selected in OpenVPN (but other users can connect), with errors
"could not read Auth username/password/ok/string from management interface" (several times only)
and
"AUTH: Received control message: AUTH_FAILED"
"SIGUSR1[soft,auth-failure] received, process restarting"but patch resolve it
Is it necessary to describe this problem somewhere to include a fix in the release?
-
@proger said in Users OVPN auth failure with 2 backends after upgrade to 2.5.0:
@viktor_g
This bug not listed.. :(here is:
Related issues
Bug #4521: Issue with OpenVPN certificate depth validation and long certificate subjects