OpenVPN Usernames and Passwords not working

AndrewL733

New Around Here
I am currently running Asuswrt-Merlin 386.2_6 on two Asus routers (RT-AC68U and RT-AC86U). Since a few software releases back, I have found that usernames and passwords are not working with OpenVPN (I use certificates PLUS usernames/passwords -- not usernames and passwords only). OpenVPN clients always report back "authentication failure", except when I use router "admin" user (which in my case is not "admin" but something else). If I used that username and the router's admin password, my VPN clients can connect.

I vaguely remember reading a while back that there may have been a UI bug with ASUS routers, and that the characters you typed weren't the same characters that actually got saved in your username/password configuration. In fact, if I try to add any new usernames/passwords to my router, they don't get saved either.

Does this ring a bell to anybody, and if so, is there a solution? Is this perhaps fixed in 386.3?
 

maestr0

Occasional Visitor
I have the same/similar issue. I noticed also that all of a sudden certain accounts were not working anymore (authentication failed). I was also not able to remove/add account in a way to set new passwords (http://www.snbforums.com/threads/i-cant-add-openvpn-users.72906/post-693584).

While I knew one account that was working, I copied the hashed password from this account to the account with issues in the shadow and shadow.openvpn files. With this new, now known, password I was able to connect with the account. Not a solution ofcourse, more an analysis step. No real solution so far, as mentioned the referred link, via the UI I can't add/remove accounts properly.
 

martinr

Part of the Furniture
I am currently running Asuswrt-Merlin 386.2_6 on two Asus routers (RT-AC68U and RT-AC86U). Since a few software releases back, I have found that usernames and passwords are not working with OpenVPN (I use certificates PLUS usernames/passwords -- not usernames and passwords only). OpenVPN clients always report back "authentication failure", except when I use router "admin" user (which in my case is not "admin" but something else). If I used that username and the router's admin password, my VPN clients can connect.

I vaguely remember reading a while back that there may have been a UI bug with ASUS routers, and that the characters you typed weren't the same characters that actually got saved in your username/password configuration. In fact, if I try to add any new usernames/passwords to my router, they don't get saved either.

Does this ring a bell to anybody, and if so, is there a solution? Is this perhaps fixed in 386.3?

That you say “if I try to add any new usernames/passwords to my router, they don't get saved either.” suggests possibly more than one simple glitch.

Have you tried clearing the OpenVPN setup and starting again? I think the default button does that, but I’m not going to test it on mine just in case it doesn’t ask if I’m sure!

And I’d possibly start with just just a username and password to begin with and prove that works. Of course, you’d need to export new config files to the clients. Then, when you’re happy it’s working well, progress to PKI authentication as well.

You aren’t using any special characters in the username or passwords, are you?

Failing starting again with a fresh OpenVPN setup, you might be looking at the more drastic reset to factory default settings and following L&LD’s M&M guide.
 

elorimer

Very Senior Member
except when I use router "admin" user (which in my case is not "admin" but something else). If I used that username and the router's admin password, my VPN clients can connect.
This is I think a trap for the unwary, particularly if one is using user/password only. Even though not listed in the list of authorized users, the admin user also can connect unless you specifically code it to be dropped.
 

Kanji-San

Regular Contributor
That you say “if I try to add any new usernames/passwords to my router, they don't get saved either.” suggests possibly more than one simple glitch.

Have you tried clearing the OpenVPN setup and starting again? I think the default button does that, but I’m not going to test it on mine just in case it doesn’t ask if I’m sure!

And I’d possibly start with just just a username and password to begin with and prove that works. Of course, you’d need to export new config files to the clients. Then, when you’re happy it’s working well, progress to PKI authentication as well.

You aren’t using any special characters in the username or passwords, are you?

Failing starting again with a fresh OpenVPN setup, you might be looking at the more drastic reset to factory default settings and following L&LD’s M&M guide.
Im having the exact same problem: OpenVPN server on 386.2_6 first user, works as it should. Added three more users, first user couldn’t authenticate anymore. The three new users still work.
has anyone found the root cause, yet?
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top