About openvpn with certification auth
Posted: Sat Mar 02, 2019 2:40 pm
Hi everyone!
I follow this article to built up softether on windows server 2008 R2.
https://github.com/SoftEtherVPN/SoftEtherVPN/pull/327
When openvpn client(iPhone or windows's version) connect to softether, client's log will show "auth-failure"
And in the softether log, i can find something like these:
2019-03-02 06:50:02.615 [HUB "VPN"] The connection "XXX-XX-XXXXXXXXXX" (IP address: AAA.BBB.CCC.DDD, Host name: AAA.BBB.CCC.DDD, Port number: 53557, Client name: "OpenVPN Client", Version: 4.29, Build: 9678) is attempting to connect to the Virtual Hub. The auth type provided is "External server authentication" and the user name is "".
2019-03-02 06:50:02.615 [HUB "VPN"] Connection "XXX-XX-XXXXXXXXXX": User authentication failed. The user name that has been provided was "".
2019-03-02 06:50:02.615 OpenVPN Session 70 (AAA.BBB.CCC.DDD:53557 -> sotfehter_ip:1194) Channel 0: Failed to connect a channel.
2019-03-02 06:50:02.641 Connection "XXX-XX-XXXXXXXXXX" terminated by the cause "User authentication failed." (code 9).
2019-03-02 06:50:02.641 Connection "XXX-XX-XXXXXXXXXX" has been terminated.
2019-03-02 06:50:02.641 The connection with the client (IP address AAA.BBB.CCC.DDD, Port number 53557) has been disconnected.
According softether config file, the vpn account is AuthType 2 (Individual Certificate Authentication)
but I don't kwnow why system still use "External server authentication" and user name is ""
I googled and found someone said cert's CN will be user name, but in my case system this was not work.
How can i fix this issue?
PS: I tested use password auth is no issue, but i want to use openvpn with certificate on production environment.
THX
I follow this article to built up softether on windows server 2008 R2.
https://github.com/SoftEtherVPN/SoftEtherVPN/pull/327
When openvpn client(iPhone or windows's version) connect to softether, client's log will show "auth-failure"
And in the softether log, i can find something like these:
2019-03-02 06:50:02.615 [HUB "VPN"] The connection "XXX-XX-XXXXXXXXXX" (IP address: AAA.BBB.CCC.DDD, Host name: AAA.BBB.CCC.DDD, Port number: 53557, Client name: "OpenVPN Client", Version: 4.29, Build: 9678) is attempting to connect to the Virtual Hub. The auth type provided is "External server authentication" and the user name is "".
2019-03-02 06:50:02.615 [HUB "VPN"] Connection "XXX-XX-XXXXXXXXXX": User authentication failed. The user name that has been provided was "".
2019-03-02 06:50:02.615 OpenVPN Session 70 (AAA.BBB.CCC.DDD:53557 -> sotfehter_ip:1194) Channel 0: Failed to connect a channel.
2019-03-02 06:50:02.641 Connection "XXX-XX-XXXXXXXXXX" terminated by the cause "User authentication failed." (code 9).
2019-03-02 06:50:02.641 Connection "XXX-XX-XXXXXXXXXX" has been terminated.
2019-03-02 06:50:02.641 The connection with the client (IP address AAA.BBB.CCC.DDD, Port number 53557) has been disconnected.
According softether config file, the vpn account is AuthType 2 (Individual Certificate Authentication)
but I don't kwnow why system still use "External server authentication" and user name is ""
I googled and found someone said cert's CN will be user name, but in my case system this was not work.
How can i fix this issue?
PS: I tested use password auth is no issue, but i want to use openvpn with certificate on production environment.
THX