Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PIA setup

    Scheduled Pinned Locked Moved OpenVPN
    9 Posts 3 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F Offline
      false
      last edited by

      So I have had PIA for a little over a year and I created a new account.  I updated my login information in pfsense, but it doesn't seem to take.  I keep going to start the service (Status, OpenVPN) and it fails.  I got back into my setup (VPN, OpenVPN, Clients, Edit) and notice my password is shorter than my PIA login.  I'm not sure if this is normal or not, so I duplicated everything into a new setup in pfsense and the same thing happens.  I've have a support ticket open with PIA, but so far, they are very slow to respond and only seem to want to reset my password even though I can log into PIA's website just fine.

      Any ideas?

      1 Reply Last reply Reply Quote 0
      • M Offline
        Mr. Jingles
        last edited by

        What do the logs hint at? You can set the verbosity to a little more detail (4 instead of 3, 5 instead of 4) to try and find 'ERROR'.

        6 and a half billion people know that they are stupid, agressive, lower life forms.

        1 Reply Last reply Reply Quote 0
        • F Offline
          false
          last edited by

          I don't see error, but I do have this:

          AUTH: Received control message: AUTH_FAILED

          1 Reply Last reply Reply Quote 0
          • M Offline
            Mr. Jingles
            last edited by

            Perhaps set logging to 4 and then post the log here?

            6 and a half billion people know that they are stupid, agressive, lower life forms.

            1 Reply Last reply Reply Quote 0
            • DerelictD Offline
              Derelict LAYER 8 Netgate
              last edited by

              AUTH: Received control message: AUTH_FAILED

              They rejected your username/password. Or at least what is configured in the client.

              Chattanooga, Tennessee, USA
              A comprehensive network diagram is worth 10,000 words and 15 conference calls.
              DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
              Do Not Chat For Help! NO_WAN_EGRESS(TM)

              1 Reply Last reply Reply Quote 0
              • F Offline
                false
                last edited by 

                [quote]
Perhaps set logging to 4 and then post the log here?

[quote]Sep 2 10:01:07 	openvpn 	39424 	SIGTERM[soft,auth-failure] received, process exiting
Sep 2 10:01:07 	openvpn 	39424 	TCP/UDP: Closing socket
Sep 2 10:01:07 	openvpn 	39424 	AUTH: Received control message: AUTH_FAILED
Sep 2 10:01:07 	openvpn 	39424 	SENT CONTROL [ed9721ea3ba9bb2ce9abe621a7437494]: 'PUSH_REQUEST' (status=1)
Sep 2 10:01:04 	openvpn 	39424 	[ed9721ea3ba9bb2ce9abe621a7437494] Peer Connection Initiated with [AF_INET]108.61.101.130:1198
Sep 2 10:01:04 	openvpn 	39424 	Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Sep 2 10:01:04 	openvpn 	39424 	Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sep 2 10:01:04 	openvpn 	39424 	Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Sep 2 10:01:04 	openvpn 	39424 	Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sep 2 10:01:04 	openvpn 	39424 	Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Sep 2 10:01:04 	openvpn 	39424 	WARNING: 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
Sep 2 10:01:04 	openvpn 	39424 	WARNING: 'cipher' is used inconsistently, local='cipher AES-128-CBC', remote='cipher BF-CBC'
Sep 2 10:01:04 	openvpn 	39424 	WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1557', remote='link-mtu 1542'
Sep 2 10:01:04 	openvpn 	39424 	VERIFY OK: depth=0, C=US, ST=CA, L=LosAngeles, O=Private Internet Access, OU=Private Internet Access, CN=ed9721ea3ba9bb2ce9abe621a7437494, name=ed9721ea3ba9bb2ce9abe621a7437494
Sep 2 10:01:04 	openvpn 	39424 	VERIFY EKU OK
Sep 2 10:01:04 	openvpn 	39424 	++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Sep 2 10:01:04 	openvpn 	39424 	Validating certificate extended key usage
Sep 2 10:01:04 	openvpn 	39424 	VERIFY KU OK
Sep 2 10:01:04 	openvpn 	39424 	++ Certificate has key usage 00a0, expects 00a0
Sep 2 10:01:04 	openvpn 	39424 	Validating certificate key usage
Sep 2 10:01:04 	openvpn 	39424 	VERIFY OK: depth=1, C=US, ST=CA, L=LosAngeles, O=Private Internet Access, OU=Private Internet Access, CN=Private Internet Access, name=Private Internet Access, emailAddress=secure@privateinternetaccess.com [/quote][/quote]
                1 Reply Last reply Reply Quote 0
                • F Offline
                  false
                  last edited by

                  @Derelict:

                  AUTH: Received control message: AUTH_FAILED

                  They rejected your username/password. Or at least what is configured in the client.

                  Maybe I'm missing it, but I wish there was multi-quote here.

                  So is the old password getting stuck somewhere?  And if so, how do I fix it?

                  1 Reply Last reply Reply Quote 0
                  • DerelictD Offline
                    Derelict LAYER 8 Netgate
                    last edited by

                    You will have to make the username and password match what PIA is expecting. Might need to talk to them about it. They are the ones you are paying cash, after all.

                    Else port more logs surrounding that. there might be something else in-play.

                    Reenter the username/password and re-save.

                    Chattanooga, Tennessee, USA
                    A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                    DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                    Do Not Chat For Help! NO_WAN_EGRESS(TM)

                    1 Reply Last reply Reply Quote 0
                    • F Offline
                      false
                      last edited by

                      @Derelict:

                      You will have to make the username and password match what PIA is expecting. Might need to talk to them about it. They are the ones you are paying cash, after all.

                      Else port more logs surrounding that. there might be something else in-play.

                      Reenter the username/password and re-save.

                      I guess I'll try a third time setting it up.  /sigh

                      1 Reply Last reply Reply Quote 0
                      • First post
                        Last post
                      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.