Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN/ExpressVPN Fatal Error

    Scheduled Pinned Locked Moved OpenVPN
    3 Posts 3 Posters 4.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      BigRich
      last edited by

      Evening all.

      Have recently started using ExpressVPN on my main workstation, have been happy with the performance, and now want to configure my pfSense box to act as the VPN client for the network.

      Alas, if things were so simple.  I've downloaded the certificates and keys from ExpressVPN, and (I believe) successfully created the Certificate Authority, certificate and the client connection in pfSense.  However, when I check the logs, I get a fatal error showing that I can't get around.

      Feb 1 00:17:36 openvpn 97351 Exiting due to fatal error
      Feb 1 00:17:36 openvpn 97351 neither stdin nor stderr are a tty device and you have neither a controlling tty nor systemd - can't ask for 'Enter Auth Username:'. If you used –daemon, you need to use --askpass to make passphrase-protected keys work, and you can not use --auth-nocache.

      I've done some digging, and the problem appears to be relating to the certificates having been generated with a passphrase.  The OpenVPN forum post I found talked about using '–askpass' as part of the solution but I have no idea how to do that in pfSense.

      Being a total VPN noob, I'd appreciate someone confirming my diagnosis, or possibly pointing me in the right direction if I'm totally off course.

      Haven't ruled out contacting ExpressVPN about it, but wanted to check with the wise people here first.  :)

      1 Reply Last reply Reply Quote 0
      • L
        lowfat
        last edited by

        Were you able to get it working yet?

        That sounds like you don't have a password filled out under User Authentication Settings. In my hours of testing I had tried this and got the same response. Still unable to get it working however. Always an authentication issue.

        1 Reply Last reply Reply Quote 0
        • N
          netgateuser23
          last edited by netgateuser23

          Hi,
          while this is 3 years old, i just stumbled across this problem today with another VPN setup using username and password. So long story short, for whatever reason pfsense is removing the last line in the user/password file when openvpn client is executed. This results in the above error message.
          To fix this issue:

          1.) connect via ssh to your pfsense and choose to start shell
          2.) find your user+passwordfile in the openvpn directory (/var/etc/openvpn/), for me it is the file:

          /var/etc/openvpn/client1.up

          3.) If you open it with cat for instance it will only show the username and an empty line

          cat /var/etc/openvpn/client1.up
myvpnusername

          4.) Simply add in a new line after the username the password and save the file so that the file looks like
          myvpnusername
          myvpnpassword

          5.) Now the important step, make the file immuteable. If you do not do this, the password will be removed again. Execute:

          chflags schg /var/etc/openvpn/client1.up

          6.) re-check that username and password are correct

          cat /var/etc/openvpn/client1.up
myvpnusername
myvpnpassword

          8.) Go in the webinterface to Status->OpenVPN and Start the service.
          9.) Should run now.

          Happy VPNing
          ng23

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.