PIA setup



  • So I have had PIA for a little over a year and I created a new account.  I updated my login information in pfsense, but it doesn't seem to take.  I keep going to start the service (Status, OpenVPN) and it fails.  I got back into my setup (VPN, OpenVPN, Clients, Edit) and notice my password is shorter than my PIA login.  I'm not sure if this is normal or not, so I duplicated everything into a new setup in pfsense and the same thing happens.  I've have a support ticket open with PIA, but so far, they are very slow to respond and only seem to want to reset my password even though I can log into PIA's website just fine.

    Any ideas?



  • What do the logs hint at? You can set the verbosity to a little more detail (4 instead of 3, 5 instead of 4) to try and find 'ERROR'.



  • I don't see error, but I do have this:

    AUTH: Received control message: AUTH_FAILED



  • Perhaps set logging to 4 and then post the log here?


  • LAYER 8 Netgate

    AUTH: Received control message: AUTH_FAILED

    They rejected your username/password. Or at least what is configured in the client.



  • [quote]
    Perhaps set logging to 4 and then post the log here?
    
    [quote]Sep 2 10:01:07 	openvpn 	39424 	SIGTERM[soft,auth-failure] received, process exiting
    Sep 2 10:01:07 	openvpn 	39424 	TCP/UDP: Closing socket
    Sep 2 10:01:07 	openvpn 	39424 	AUTH: Received control message: AUTH_FAILED
    Sep 2 10:01:07 	openvpn 	39424 	SENT CONTROL [ed9721ea3ba9bb2ce9abe621a7437494]: 'PUSH_REQUEST' (status=1)
    Sep 2 10:01:04 	openvpn 	39424 	[ed9721ea3ba9bb2ce9abe621a7437494] Peer Connection Initiated with [AF_INET]108.61.101.130:1198
    Sep 2 10:01:04 	openvpn 	39424 	Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
    Sep 2 10:01:04 	openvpn 	39424 	Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Sep 2 10:01:04 	openvpn 	39424 	Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
    Sep 2 10:01:04 	openvpn 	39424 	Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Sep 2 10:01:04 	openvpn 	39424 	Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
    Sep 2 10:01:04 	openvpn 	39424 	WARNING: 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
    Sep 2 10:01:04 	openvpn 	39424 	WARNING: 'cipher' is used inconsistently, local='cipher AES-128-CBC', remote='cipher BF-CBC'
    Sep 2 10:01:04 	openvpn 	39424 	WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1557', remote='link-mtu 1542'
    Sep 2 10:01:04 	openvpn 	39424 	VERIFY OK: depth=0, C=US, ST=CA, L=LosAngeles, O=Private Internet Access, OU=Private Internet Access, CN=ed9721ea3ba9bb2ce9abe621a7437494, name=ed9721ea3ba9bb2ce9abe621a7437494
    Sep 2 10:01:04 	openvpn 	39424 	VERIFY EKU OK
    Sep 2 10:01:04 	openvpn 	39424 	++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
    Sep 2 10:01:04 	openvpn 	39424 	Validating certificate extended key usage
    Sep 2 10:01:04 	openvpn 	39424 	VERIFY KU OK
    Sep 2 10:01:04 	openvpn 	39424 	++ Certificate has key usage 00a0, expects 00a0
    Sep 2 10:01:04 	openvpn 	39424 	Validating certificate key usage
    Sep 2 10:01:04 	openvpn 	39424 	VERIFY OK: depth=1, C=US, ST=CA, L=LosAngeles, O=Private Internet Access, OU=Private Internet Access, CN=Private Internet Access, name=Private Internet Access, emailAddress=secure@privateinternetaccess.com [/quote][/quote]
    


  • @Derelict:

    AUTH: Received control message: AUTH_FAILED

    They rejected your username/password. Or at least what is configured in the client.

    Maybe I'm missing it, but I wish there was multi-quote here.

    So is the old password getting stuck somewhere?  And if so, how do I fix it?


  • LAYER 8 Netgate

    You will have to make the username and password match what PIA is expecting. Might need to talk to them about it. They are the ones you are paying cash, after all.

    Else port more logs surrounding that. there might be something else in-play.

    Reenter the username/password and re-save.



  • @Derelict:

    You will have to make the username and password match what PIA is expecting. Might need to talk to them about it. They are the ones you are paying cash, after all.

    Else port more logs surrounding that. there might be something else in-play.

    Reenter the username/password and re-save.

    I guess I'll try a third time setting it up.  /sigh


Log in to reply