Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Adding Username and Password option

    Scheduled Pinned Locked Moved OpenVPN
    10 Posts 2 Posters 1.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      NasKar
      last edited by

      From what I've read the newer version of PFsense doesn't need a password file as mentioned in older tutorials.  I'm trying to follow one that recommends putting in the Advanced: (which works)

      auth-user-pass /conf/myvpnpass
      persist-key
      persist-tun
      persist-remote-ip
      tls-client
      remote-cert-tls server
      comp-lzo
      verb 3
      auth SHA256
      cipher AES-256-CBC

      If I remove the "auth-user-pass /conf/myvpnpass" from the advanced section and enter it the GUI the OpenVPN doesn't work.  Can some shed so light on how to get this working without a myvpnpass file? I presume the benefit would be it would be backed up by the backup utility if it wasn't in a separate file.

      Intel(R) Core(TM)2 Duo CPU E7500 @ 2.93GHz
      2 CPUs: 1 package(s) x 2 core(s)
      AES-NI CPU Crypto: No
      2 Gigs Ram
      SSD with ver 2.4.0
      IBM Intel Pro PCI-E Quad Port 10/100/1000 Server Adapter 39Y6138 (K210320)

      1 Reply Last reply Reply Quote 0
      • G
        gjaltemba
        last edited by

        No problem using User Authentication Settings. Only requirement is the correct user and password. Are you using the same as in /conf/myvpnpass?

        1 Reply Last reply Reply Quote 0
        • N
          NasKar
          last edited by

          Yes the username and pw are the same, but will double check it.  So your saying I can just delete the first line that refers to the password file and enter the username and pw into the GUI and it should work?

          Intel(R) Core(TM)2 Duo CPU E7500 @ 2.93GHz
          2 CPUs: 1 package(s) x 2 core(s)
          AES-NI CPU Crypto: No
          2 Gigs Ram
          SSD with ver 2.4.0
          IBM Intel Pro PCI-E Quad Port 10/100/1000 Server Adapter 39Y6138 (K210320)

          1 Reply Last reply Reply Quote 0
          • G
            gjaltemba
            last edited by

            It would have been more prudent of you to double check and then post. Whatever.

            Looking at my file
            /var/etc/openvpn/client1.conf

            I see the line
            auth-user-pass /var/etc/openvpn/client1.up

            There are two lines in /var/etc/openvpn/client1.up
            user
            password

            It really is not that hard.

            1 Reply Last reply Reply Quote 0
            • N
              NasKar
              last edited by

              Thanks for your help, I didn't realize that I needed to add the extension @VPNprovider to the username (username@VPNprovider.com). Sorry for wasting your time.

              Intel(R) Core(TM)2 Duo CPU E7500 @ 2.93GHz
              2 CPUs: 1 package(s) x 2 core(s)
              AES-NI CPU Crypto: No
              2 Gigs Ram
              SSD with ver 2.4.0
              IBM Intel Pro PCI-E Quad Port 10/100/1000 Server Adapter 39Y6138 (K210320)

              1 Reply Last reply Reply Quote 0
              • G
                gjaltemba
                last edited by

                Glad you sorted things out. For a final check, I see this line in the openvpn log

                auth_user_pass_file = '/var/etc/openvpn/client1.up'

                1 Reply Last reply Reply Quote 0
                • N
                  NasKar
                  last edited by

                  @gjaltemba:

                  Glad you sorted things out. For a final check, I see this line in the openvpn log

                  auth_user_pass_file = '/var/etc/openvpn/client1.up'

                  I don't see that line in my openvpn log (currently set for 100 lines).  Here are the last few lines:
                  May 17 18:56:47 openvpn 15348 MANAGEMENT: Client disconnected
                  May 17 18:56:47 openvpn 15348 MANAGEMENT: CMD 'status 2'
                  May 17 18:56:47 openvpn 15348 MANAGEMENT: CMD 'state 1'
                  May 17 18:56:47 openvpn 15348 MANAGEMENT: Client connected from /var/etc/openvpn/client1.sock
                  May 17 18:56:11 openvpn 15348 Initialization Sequence Completed

                  Not sure why it says Client disconnected

                  Intel(R) Core(TM)2 Duo CPU E7500 @ 2.93GHz
                  2 CPUs: 1 package(s) x 2 core(s)
                  AES-NI CPU Crypto: No
                  2 Gigs Ram
                  SSD with ver 2.4.0
                  IBM Intel Pro PCI-E Quad Port 10/100/1000 Server Adapter 39Y6138 (K210320)

                  1 Reply Last reply Reply Quote 0
                  • N
                    NasKar
                    last edited by

                    @NasKar:

                    @gjaltemba:

                    Glad you sorted things out. For a final check, I see this line in the openvpn log

                    auth_user_pass_file = '/var/etc/openvpn/client1.up'

                    I don't see that line in my openvpn log (currently set for 100 lines).  Here are the last few lines:
                    May 17 18:56:47 openvpn 15348 MANAGEMENT: Client disconnected
                    May 17 18:56:47 openvpn 15348 MANAGEMENT: CMD 'status 2'
                    May 17 18:56:47 openvpn 15348 MANAGEMENT: CMD 'state 1'
                    May 17 18:56:47 openvpn 15348 MANAGEMENT: Client connected from /var/etc/openvpn/client1.sock
                    May 17 18:56:11 openvpn 15348 Initialization Sequence Completed

                    Not sure why it says Client disconnected

                    Apparently that doesn't mean anything as discussed here https://forum.pfsense.org/index.php?topic=79363.0

                    Intel(R) Core(TM)2 Duo CPU E7500 @ 2.93GHz
                    2 CPUs: 1 package(s) x 2 core(s)
                    AES-NI CPU Crypto: No
                    2 Gigs Ram
                    SSD with ver 2.4.0
                    IBM Intel Pro PCI-E Quad Port 10/100/1000 Server Adapter 39Y6138 (K210320)

                    1 Reply Last reply Reply Quote 0
                    • G
                      gjaltemba
                      last edited by

                      You may want to set the Verbosity level to 5 under Advanced Configuration of the Openvpn client if you really want to check the log. Reset it when you are done.

                      1 Reply Last reply Reply Quote 0
                      • N
                        NasKar
                        last edited by

                        @gjaltemba:

                        You may want to set the Verbosity level to 5 under Advanced Configuration of the Openvpn client if you really want to check the log. Reset it when you are done.

                        At Verbosity level 5 the line auth_user_pass_file = '/var/etc/openvpn/client1.up' is there. But now notice this error

                        May 17 21:30:05 openvpn 79458 ERROR: FreeBSD route add command failed: external program exited with error status: 1

                        Intel(R) Core(TM)2 Duo CPU E7500 @ 2.93GHz
                        2 CPUs: 1 package(s) x 2 core(s)
                        AES-NI CPU Crypto: No
                        2 Gigs Ram
                        SSD with ver 2.4.0
                        IBM Intel Pro PCI-E Quad Port 10/100/1000 Server Adapter 39Y6138 (K210320)

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.