• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Authentication failure openvpn and pfsense

Scheduled Pinned Locked Moved OpenVPN
5 Posts 2 Posters 6.0k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • B Offline
    bhenson1
    last edited by May 14, 2014, 4:26 PM

    I'm trying to get openvpn (v2.2) working for myself and another employee to our office. Every time I try to connect I get an authentication failure.

    I don't understand why because I'm one of the administrators in pfsense. So where's the authentication failing?

    I extracted the config, certificate, and key files from pfsense.

    Pfsense version 2.0.

    Can someone help me get on the right track for troubleshooting?

    1 Reply Last reply Reply Quote 0
    • D Offline
      divsys
      last edited by May 14, 2014, 5:07 PM

      What version of pfsense are you running, 2.03, 2.1, 2.12, 2.13?

      Is this a road warrior setup, site to site?

      The Authentication error messages are coming from the OpenVPN status logs, correct?

      If so, that usually points to a problem with your certificates, not the user login to pfsense. The actual error message would help.

      If you can post your OpenVPN server config page, we might be able to help.

      -jfp

      1 Reply Last reply Reply Quote 0
      • B Offline
        bhenson1
        last edited by May 14, 2014, 5:13 PM

        Version is 2.0-RELEASE (i386)

        I don't know what road warrior is. This is a VPN connection between our office and employees' homes.

        The message is in the status logs, here is the message:

        openvpn[41125]: 67.189.18.29:1194 TLS Auth Error: Auth Username/Password verification failed for peer

        From config file:

        dev tun
        persist-tun
        persist-key
        cipher AES-256-CBC
        tls-client
        client
        resolv-retry infinite
        remote 75.150.44.1 1194 udp
        tls-remote vpnuser
        auth-user-pass
        ca numedics-pfsense-udp-1194-ca.crt
        tls-auth numedics-pfsense-udp-1194-tls.key 1
        comp-lzo

        1 Reply Last reply Reply Quote 0
        • D Offline
          divsys
          last edited by May 14, 2014, 5:53 PM

          Ok, just for future reference, "Road Warrior" is a generic term used for VPN connections made from a "salesman's laptop" or someone "on the road".  :)

          Here it just means the employee's home is the client and your office pfsense is the OpenVPN server.

          From your config file it looks like you've assigned a password to the certificate used on the home computer.

          Do you have other remote links that do work or is this the first one?

          Is the home computer a PC or a Mac?

          Do you know how the client was installed, downloaded from the pfsense webgui or manually?

          We'll help as best we can, it's just that error message can point in a bunch of directions

          -jfp

          1 Reply Last reply Reply Quote 0
          • B Offline
            bhenson1
            last edited by May 14, 2014, 7:48 PM

            God I feel dumb. I thought that being a member of the domain admins group meant I'd also have VPN rights, but looks like I had to be added to our VPN group in active directory. I feel humbled.

            Thank you for going out of your way to offer to help. But looks like I'm good to go now.

            1 Reply Last reply Reply Quote 0
            5 out of 5
            • First post
              5/5
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
              This community forum collects and processes your personal information.
              consent.not_received