topnotchit
New Around Here
Hi,
I have an AC3100 that was running <=380.67 with a OpenVPN client successfully configured to my own AWS instance server. This has been working for > 6 months.
Recently, i upgrade the merlin firmware. Ever since I upgraded to 380.68_2 and now 380.68_4, I receive a "Error Connecting - Authentication Failed" and "Error - Authentication Failure!" . I have not changed the VPN server or the vpn client settings. Just the firmware. I did upgrade, not re-install. But I did flush the cache as instructured.
I see that the change log for 380.68_x says there were OpenVPN changes, but somehow the existing configuration that use to work, no longer works. Any thoughts on how to correct?
Here are the system logs:
Oct 7 13:06:03 rc_service: httpds 575:notify_rc start_vpnclient1
Oct 7 13:06:04 openvpn[13781]: OpenVPN 2.4.3 arm-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Oct 4 2017
Oct 7 13:06:04 openvpn[13781]: library versions: OpenSSL 1.0.2l 25 May 2017, LZO 2.08
Oct 7 13:06:04 openvpn[13782]: WARNING: --ns-cert-type is DEPRECATED. Use --remote-cert-tls instead.
Oct 7 13:06:04 openvpn[13782]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Oct 7 13:06:04 dnsmasq-dhcp[569]: DHCPDISCOVER(br0) 192.168.1.60 a6:2b:b0:20:7d:bb
Oct 7 13:06:04 dnsmasq-dhcp[569]: DHCPOFFER(br0) 192.168.1.60 a6:2b:b0:20:7d:bb
Oct 7 13:06:04 openvpn[13782]: Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Oct 7 13:06:04 openvpn[13782]: Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Oct 7 13:06:04 openvpn[13782]: TCP/UDP: Preserving recently used remote address: [AF_INET]x.y.z.z:1194
Oct 7 13:06:04 openvpn[13782]: Socket Buffers: R=[122880->200000] S=[122880->200000]
Oct 7 13:06:04 openvpn[13782]: UDP link local: (not bound)
Oct 7 13:06:04 openvpn[13782]: UDP link remote: [AF_INET]x.y.z.z:1194
Oct 7 13:06:04 openvpn[13782]: TLS: Initial packet from [AF_INET]x.y.z.z:1194, sid=8dc9fd05 221db3ae
Oct 7 13:06:04 openvpn[13782]: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Oct 7 13:06:04 openvpn[13782]: VERIFY OK: depth=1, CN=OpenVPN CA
Oct 7 13:06:04 openvpn[13782]: VERIFY OK: nsCertType=SERVER
Oct 7 13:06:04 openvpn[13782]: VERIFY OK: depth=0, CN=OpenVPN Server
Oct 7 13:06:05 openvpn[13782]: Control Channel: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 2048 bit RSA
Oct 7 13:06:05 openvpn[13782]: [OpenVPN Server] Peer Connection Initiated with [AF_INET]x.y.z.z:1194
Oct 7 13:06:06 openvpn[13782]: SENT CONTROL [OpenVPN Server]: 'PUSH_REQUEST' (status=1)
Oct 7 13:06:06 openvpn[13782]: AUTH: Received control message: AUTH_FAILED
Oct 7 13:06:06 openvpn[13782]: SIGTERM[soft,auth-failure] received, process exiting
I have an AC3100 that was running <=380.67 with a OpenVPN client successfully configured to my own AWS instance server. This has been working for > 6 months.
Recently, i upgrade the merlin firmware. Ever since I upgraded to 380.68_2 and now 380.68_4, I receive a "Error Connecting - Authentication Failed" and "Error - Authentication Failure!" . I have not changed the VPN server or the vpn client settings. Just the firmware. I did upgrade, not re-install. But I did flush the cache as instructured.
I see that the change log for 380.68_x says there were OpenVPN changes, but somehow the existing configuration that use to work, no longer works. Any thoughts on how to correct?
Here are the system logs:
Oct 7 13:06:03 rc_service: httpds 575:notify_rc start_vpnclient1
Oct 7 13:06:04 openvpn[13781]: OpenVPN 2.4.3 arm-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Oct 4 2017
Oct 7 13:06:04 openvpn[13781]: library versions: OpenSSL 1.0.2l 25 May 2017, LZO 2.08
Oct 7 13:06:04 openvpn[13782]: WARNING: --ns-cert-type is DEPRECATED. Use --remote-cert-tls instead.
Oct 7 13:06:04 openvpn[13782]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Oct 7 13:06:04 dnsmasq-dhcp[569]: DHCPDISCOVER(br0) 192.168.1.60 a6:2b:b0:20:7d:bb
Oct 7 13:06:04 dnsmasq-dhcp[569]: DHCPOFFER(br0) 192.168.1.60 a6:2b:b0:20:7d:bb
Oct 7 13:06:04 openvpn[13782]: Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Oct 7 13:06:04 openvpn[13782]: Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Oct 7 13:06:04 openvpn[13782]: TCP/UDP: Preserving recently used remote address: [AF_INET]x.y.z.z:1194
Oct 7 13:06:04 openvpn[13782]: Socket Buffers: R=[122880->200000] S=[122880->200000]
Oct 7 13:06:04 openvpn[13782]: UDP link local: (not bound)
Oct 7 13:06:04 openvpn[13782]: UDP link remote: [AF_INET]x.y.z.z:1194
Oct 7 13:06:04 openvpn[13782]: TLS: Initial packet from [AF_INET]x.y.z.z:1194, sid=8dc9fd05 221db3ae
Oct 7 13:06:04 openvpn[13782]: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Oct 7 13:06:04 openvpn[13782]: VERIFY OK: depth=1, CN=OpenVPN CA
Oct 7 13:06:04 openvpn[13782]: VERIFY OK: nsCertType=SERVER
Oct 7 13:06:04 openvpn[13782]: VERIFY OK: depth=0, CN=OpenVPN Server
Oct 7 13:06:05 openvpn[13782]: Control Channel: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 2048 bit RSA
Oct 7 13:06:05 openvpn[13782]: [OpenVPN Server] Peer Connection Initiated with [AF_INET]x.y.z.z:1194
Oct 7 13:06:06 openvpn[13782]: SENT CONTROL [OpenVPN Server]: 'PUSH_REQUEST' (status=1)
Oct 7 13:06:06 openvpn[13782]: AUTH: Received control message: AUTH_FAILED
Oct 7 13:06:06 openvpn[13782]: SIGTERM[soft,auth-failure] received, process exiting