Adding Username and Password option
-
From what I've read the newer version of PFsense doesn't need a password file as mentioned in older tutorials. I'm trying to follow one that recommends putting in the Advanced: (which works)
auth-user-pass /conf/myvpnpass
persist-key
persist-tun
persist-remote-ip
tls-client
remote-cert-tls server
comp-lzo
verb 3
auth SHA256
cipher AES-256-CBCIf I remove the "auth-user-pass /conf/myvpnpass" from the advanced section and enter it the GUI the OpenVPN doesn't work. Can some shed so light on how to get this working without a myvpnpass file? I presume the benefit would be it would be backed up by the backup utility if it wasn't in a separate file.
-
No problem using User Authentication Settings. Only requirement is the correct user and password. Are you using the same as in /conf/myvpnpass?
-
Yes the username and pw are the same, but will double check it. So your saying I can just delete the first line that refers to the password file and enter the username and pw into the GUI and it should work?
-
It would have been more prudent of you to double check and then post. Whatever.
Looking at my file
/var/etc/openvpn/client1.confI see the line
auth-user-pass /var/etc/openvpn/client1.upThere are two lines in /var/etc/openvpn/client1.up
user
passwordIt really is not that hard.
-
Thanks for your help, I didn't realize that I needed to add the extension @VPNprovider to the username (username@VPNprovider.com). Sorry for wasting your time.
-
Glad you sorted things out. For a final check, I see this line in the openvpn log
auth_user_pass_file = '/var/etc/openvpn/client1.up'
-
Glad you sorted things out. For a final check, I see this line in the openvpn log
auth_user_pass_file = '/var/etc/openvpn/client1.up'
I don't see that line in my openvpn log (currently set for 100 lines). Here are the last few lines:
May 17 18:56:47 openvpn 15348 MANAGEMENT: Client disconnected
May 17 18:56:47 openvpn 15348 MANAGEMENT: CMD 'status 2'
May 17 18:56:47 openvpn 15348 MANAGEMENT: CMD 'state 1'
May 17 18:56:47 openvpn 15348 MANAGEMENT: Client connected from /var/etc/openvpn/client1.sock
May 17 18:56:11 openvpn 15348 Initialization Sequence CompletedNot sure why it says Client disconnected
-
Glad you sorted things out. For a final check, I see this line in the openvpn log
auth_user_pass_file = '/var/etc/openvpn/client1.up'
I don't see that line in my openvpn log (currently set for 100 lines). Here are the last few lines:
May 17 18:56:47 openvpn 15348 MANAGEMENT: Client disconnected
May 17 18:56:47 openvpn 15348 MANAGEMENT: CMD 'status 2'
May 17 18:56:47 openvpn 15348 MANAGEMENT: CMD 'state 1'
May 17 18:56:47 openvpn 15348 MANAGEMENT: Client connected from /var/etc/openvpn/client1.sock
May 17 18:56:11 openvpn 15348 Initialization Sequence CompletedNot sure why it says Client disconnected
Apparently that doesn't mean anything as discussed here https://forum.pfsense.org/index.php?topic=79363.0
-
You may want to set the Verbosity level to 5 under Advanced Configuration of the Openvpn client if you really want to check the log. Reset it when you are done.
-
You may want to set the Verbosity level to 5 under Advanced Configuration of the Openvpn client if you really want to check the log. Reset it when you are done.
At Verbosity level 5 the line auth_user_pass_file = '/var/etc/openvpn/client1.up' is there. But now notice this error
May 17 21:30:05 openvpn 79458 ERROR: FreeBSD route add command failed: external program exited with error status: 1