PIA setup

OpenVPN
Log in to reply
  • F

    So I have had PIA for a little over a year and I created a new account.  I updated my login information in pfsense, but it doesn't seem to take.  I keep going to start the service (Status, OpenVPN) and it fails.  I got back into my setup (VPN, OpenVPN, Clients, Edit) and notice my password is shorter than my PIA login.  I'm not sure if this is normal or not, so I duplicated everything into a new setup in pfsense and the same thing happens.  I've have a support ticket open with PIA, but so far, they are very slow to respond and only seem to want to reset my password even though I can log into PIA's website just fine.

    Any ideas?

    0
  • M

    What do the logs hint at? You can set the verbosity to a little more detail (4 instead of 3, 5 instead of 4) to try and find 'ERROR'.

    0
  • F

    I don't see error, but I do have this:

    AUTH: Received control message: AUTH_FAILED

    0
  • M

    Perhaps set logging to 4 and then post the log here?

    0
  • Derelict
    LAYER 8 Netgate

    AUTH: Received control message: AUTH_FAILED

    They rejected your username/password. Or at least what is configured in the client.

    0
  • F 

    [quote]
Perhaps set logging to 4 and then post the log here?

[quote]Sep 2 10:01:07 	openvpn 	39424 	SIGTERM[soft,auth-failure] received, process exiting
Sep 2 10:01:07 	openvpn 	39424 	TCP/UDP: Closing socket
Sep 2 10:01:07 	openvpn 	39424 	AUTH: Received control message: AUTH_FAILED
Sep 2 10:01:07 	openvpn 	39424 	SENT CONTROL [ed9721ea3ba9bb2ce9abe621a7437494]: 'PUSH_REQUEST' (status=1)
Sep 2 10:01:04 	openvpn 	39424 	[ed9721ea3ba9bb2ce9abe621a7437494] Peer Connection Initiated with [AF_INET]108.61.101.130:1198
Sep 2 10:01:04 	openvpn 	39424 	Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Sep 2 10:01:04 	openvpn 	39424 	Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sep 2 10:01:04 	openvpn 	39424 	Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Sep 2 10:01:04 	openvpn 	39424 	Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sep 2 10:01:04 	openvpn 	39424 	Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Sep 2 10:01:04 	openvpn 	39424 	WARNING: 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
Sep 2 10:01:04 	openvpn 	39424 	WARNING: 'cipher' is used inconsistently, local='cipher AES-128-CBC', remote='cipher BF-CBC'
Sep 2 10:01:04 	openvpn 	39424 	WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1557', remote='link-mtu 1542'
Sep 2 10:01:04 	openvpn 	39424 	VERIFY OK: depth=0, C=US, ST=CA, L=LosAngeles, O=Private Internet Access, OU=Private Internet Access, CN=ed9721ea3ba9bb2ce9abe621a7437494, name=ed9721ea3ba9bb2ce9abe621a7437494
Sep 2 10:01:04 	openvpn 	39424 	VERIFY EKU OK
Sep 2 10:01:04 	openvpn 	39424 	++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Sep 2 10:01:04 	openvpn 	39424 	Validating certificate extended key usage
Sep 2 10:01:04 	openvpn 	39424 	VERIFY KU OK
Sep 2 10:01:04 	openvpn 	39424 	++ Certificate has key usage 00a0, expects 00a0
Sep 2 10:01:04 	openvpn 	39424 	Validating certificate key usage
Sep 2 10:01:04 	openvpn 	39424 	VERIFY OK: depth=1, C=US, ST=CA, L=LosAngeles, O=Private Internet Access, OU=Private Internet Access, CN=Private Internet Access, name=Private Internet Access, emailAddress=secure@privateinternetaccess.com [/quote][/quote]
    0
  • F

    @Derelict:

    AUTH: Received control message: AUTH_FAILED

    They rejected your username/password. Or at least what is configured in the client.

    Maybe I'm missing it, but I wish there was multi-quote here.

    So is the old password getting stuck somewhere?  And if so, how do I fix it?

    0
  • Derelict
    LAYER 8 Netgate

    You will have to make the username and password match what PIA is expecting. Might need to talk to them about it. They are the ones you are paying cash, after all.

    Else port more logs surrounding that. there might be something else in-play.

    Reenter the username/password and re-save.

    0
  • F

    @Derelict:

    You will have to make the username and password match what PIA is expecting. Might need to talk to them about it. They are the ones you are paying cash, after all.

    Else port more logs surrounding that. there might be something else in-play.

    Reenter the username/password and re-save.

    I guess I'll try a third time setting it up.  /sigh

    0

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy