OpenVPN give auth_fail after rebooting pfsense server

KingSteve032

Afternoon,

So I've recently just setup opnevpn through the wizard and configured it as a tap server that authenticates people via LDAP. Worked perfectly until I rebooted pfsense. Once I did that I get AUTH_FAILED error when trying to connect to the openvpn server. So I verified that pfsense was able to talk to the LDAP server with the Diag Authentication option and it worked fine. Also did a remove and readd of the server but that didnt work. After that I reinstalled pfsense and set up openvpn again and it work just fine until I rebooted again. Same thing.

These logs here are from when it worked fine.
Nov 3 20:01:57 openvpn 74802 98.186.210.15:9299 Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Nov 3 20:01:57 openvpn 74802 98.186.210.15:9299 Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Nov 3 20:01:57 openvpn 74802 98.186.210.15:9299 Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Nov 3 20:01:57 openvpn 74802 98.186.210.15:9299 Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Nov 3 20:01:57 openvpn 74802 98.186.210.15:9299 TLS: Initial packet from [AF_INET]98.186.210.15:9299, sid=c5cfc3ad 265b7739
Nov 3 20:01:57 openvpn 74802 98.186.210.15:9299 peer info: IV_VER=2.5.2
Nov 3 20:01:57 openvpn 74802 98.186.210.15:9299 peer info: IV_PLAT=win
Nov 3 20:01:57 openvpn 74802 98.186.210.15:9299 peer info: IV_PROTO=6
Nov 3 20:01:57 openvpn 74802 98.186.210.15:9299 peer info: IV_NCP=2
Nov 3 20:01:57 openvpn 74802 98.186.210.15:9299 peer info: IV_CIPHERS=AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305:AES-256-CBC
Nov 3 20:01:57 openvpn 74802 98.186.210.15:9299 peer info: IV_LZ4=1
Nov 3 20:01:57 openvpn 74802 98.186.210.15:9299 peer info: IV_LZ4v2=1
Nov 3 20:01:57 openvpn 74802 98.186.210.15:9299 peer info: IV_LZO=1
Nov 3 20:01:57 openvpn 74802 98.186.210.15:9299 peer info: IV_COMP_STUB=1
Nov 3 20:01:57 openvpn 74802 98.186.210.15:9299 peer info: IV_COMP_STUBv2=1
Nov 3 20:01:57 openvpn 74802 98.186.210.15:9299 peer info: IV_TCPNL=1
Nov 3 20:01:57 openvpn 74802 98.186.210.15:9299 peer info: IV_GUI_VER=OpenVPN_GUI_11
Nov 3 20:01:57 openvpn 74802 98.186.210.15:9299 PLUGIN_CALL: POST /usr/local/lib/openvpn/plugins/openvpn-plugin-auth-script.so/PLUGIN_AUTH_USER_PASS_VERIFY status=2
Nov 3 20:01:57 openvpn 74802 98.186.210.15:9299 TLS: Username/Password authentication deferred for username 'TestUser'
Nov 3 20:01:57 openvpn 74802 98.186.210.15:9299 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384
Nov 3 20:01:57 openvpn 74802 98.186.210.15:9299 [] Peer Connection Initiated with [AF_INET]98.186.210.15:9299
Nov 3 20:01:57 openvpn 32735 user 'TestUser' authenticated
Nov 3 20:01:57 openvpn 74802 98.186.210.15:9299 MULTI_sva: pool returned IPv4=10.0.0.100, IPv6=(Not enabled)
Nov 3 20:01:57 openvpn 33127 openvpn server 'ovpns1' user 'TestUser' address '98.186.210.15' - connected
Nov 3 20:01:57 openvpn 74802 98.186.210.15:9299 OPTIONS IMPORT: reading client specific options from: /tmp/openvpn_cc_6be32b985720d9237462f60173ca8e75.tmp
Nov 3 20:01:57 openvpn 74802 98.186.210.15:9299 Data Channel: using negotiated cipher 'AES-256-GCM'
Nov 3 20:01:57 openvpn 74802 98.186.210.15:9299 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Nov 3 20:01:57 openvpn 74802 98.186.210.15:9299 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Nov 3 20:01:57 openvpn 74802 98.186.210.15:9299 SENT CONTROL [UNDEF]: 'PUSH_REPLY,route-gateway 10.0.0.7,route 10.1.0.0 255.255.255.0,route 10.2.0.0 255.255.255.0,route 10.3.0.0 255.255.255.0,dhcp-option DOMAIN internal.w4car.org,dhcp-option DNS 10.2.0.2,dhcp-option DNS 8.8.8.8,route-gateway 10.0.0.7,ping 10,ping-restart 60,ifconfig 10.0.0.100 255.255.255.0,peer-id 0,cipher AES-256-GCM' (status=1)
Nov 3 20:01:58 openvpn 74802 98.186.210.15:9299 MULTI: Learn: 00:ff:53:0a:d0:77@0 -> 98.186.210.15:9299
Nov 3 20:01:58 openvpn 74802 MANAGEMENT: Client connected from /var/etc/openvpn/server1/sock
Nov 3 20:01:59 openvpn 74802 MANAGEMENT: CMD 'status 2'
Nov 3 20:01:59 openvpn 74802 MANAGEMENT: CMD 'quit'
Nov 3 20:01:59 openvpn 74802 MANAGEMENT: Client disconnected

This was from after the reboot
Nov 3 20:14:10 openvpn 55549 TLS Error: tls-crypt unwrapping failed from [AF_INET]128.82.14.253:44436
Nov 3 20:14:33 openvpn 55549 20.119.39.11:52265 Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Nov 3 20:14:33 openvpn 55549 20.119.39.11:52265 Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Nov 3 20:14:33 openvpn 55549 20.119.39.11:52265 Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Nov 3 20:14:33 openvpn 55549 20.119.39.11:52265 Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Nov 3 20:14:33 openvpn 55549 20.119.39.11:52265 TLS: Initial packet from [AF_INET]20.119.39.11:52265, sid=260e0736 e861836a
Nov 3 20:14:33 openvpn 55549 20.119.39.11:52265 peer info: IV_VER=2.5.2
Nov 3 20:14:33 openvpn 55549 20.119.39.11:52265 peer info: IV_PLAT=win
Nov 3 20:14:33 openvpn 55549 20.119.39.11:52265 peer info: IV_PROTO=6
Nov 3 20:14:33 openvpn 55549 20.119.39.11:52265 peer info: IV_NCP=2
Nov 3 20:14:33 openvpn 55549 20.119.39.11:52265 peer info: IV_CIPHERS=AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305:AES-256-CBC
Nov 3 20:14:33 openvpn 55549 20.119.39.11:52265 peer info: IV_LZ4=1
Nov 3 20:14:33 openvpn 55549 20.119.39.11:52265 peer info: IV_LZ4v2=1
Nov 3 20:14:33 openvpn 55549 20.119.39.11:52265 peer info: IV_LZO=1
Nov 3 20:14:33 openvpn 55549 20.119.39.11:52265 peer info: IV_COMP_STUB=1
Nov 3 20:14:33 openvpn 55549 20.119.39.11:52265 peer info: IV_COMP_STUBv2=1
Nov 3 20:14:33 openvpn 55549 20.119.39.11:52265 peer info: IV_TCPNL=1
Nov 3 20:14:33 openvpn 55549 20.119.39.11:52265 peer info: IV_GUI_VER=OpenVPN_GUI_11
Nov 3 20:14:33 openvpn 55549 20.119.39.11:52265 PLUGIN_CALL: POST /usr/local/lib/openvpn/plugins/openvpn-plugin-auth-script.so/PLUGIN_AUTH_USER_PASS_VERIFY status=2
Nov 3 20:14:33 openvpn 55549 20.119.39.11:52265 TLS: Username/Password authentication deferred for username 'TestUser'
Nov 3 20:14:33 openvpn 55549 20.119.39.11:52265 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384
Nov 3 20:14:33 openvpn 55549 20.119.39.11:52265 [] Peer Connection Initiated with [AF_INET]20.119.39.11:52265
Nov 3 20:14:33 openvpn 56191 user 'TestUser' authenticated
Nov 3 20:14:35 openvpn 55549 20.119.39.11:52265 PUSH: Received control message: 'PUSH_REQUEST'
Nov 3 20:14:35 openvpn 55549 20.119.39.11:52265 Delayed exit in 5 seconds
Nov 3 20:14:35 openvpn 55549 20.119.39.11:52265 SENT CONTROL [UNDEF]: 'AUTH_FAILED' (status=1)
Nov 3 20:14:40 openvpn 55549 20.119.39.11:52265 SIGTERM[soft,delayed-exit] received, client-instance exiting

Does anyone know why it would do this?