Menu
What's new
By:
Filters Better Search

RT-AC55U - 3.0.0.4.382_50010

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

D

dizzystreak

New Around Here
Hi!
I've upgraded the RT-AC55U to firmware version 3.0.0.4.382_50010. Now VPN does not work anymore.
I have tried a few different settings to the router's OpenVPN server and various OpenVPN clients.
No matter the combination, the client always receives an authentication failure. Before the upgrade it worked fine. Unfortunately downgrading is not possible.
Have you run accross this problem?

Here is the log from the router:
Feb 27 19:29:46 vpnserver1[2563]: TCP connection established with [AF_INET]CLIENT_IP:CLIENT_PORT
Feb 27 19:29:47 vpnserver1[2563]: CLIENT_IP:CLIENT_PORT TLS: Initial packet from [AF_INET]CLIENT_IP:CLIENT_PORT, sid=416318b8 0049ace8
Feb 27 19:29:49 vpnserver1[2563]: CLIENT_IP:CLIENT_PORT VERIFY OK: depth=1, C=TW, ST=TW, L=Taipei, O=ASUS, CN=RT-AC55U, emailAddress=me@myhost.mydomain
Feb 27 19:29:49 vpnserver1[2563]: CLIENT_IP:CLIENT_PORT VERIFY OK: depth=0, C=TW, ST=TW, L=Taipei, O=ASUS, CN=client, emailAddress=me@myhost.mydomain
Feb 27 19:29:49 vpnserver1[2563]: CLIENT_IP:CLIENT_PORT PLUGIN_CALL: POST /usr/lib/openvpn-plugin-auth-pam.so/PLUGIN_AUTH_USER_PASS_VERIFY status=1
Feb 27 19:29:49 vpnserver1[2563]: CLIENT_IP:CLIENT_PORT PLUGIN_CALL: plugin function PLUGIN_AUTH_USER_PASS_VERIFY failed with status 1: /usr/lib/openvpn-plugin-auth-pam.so
Feb 27 19:29:49 vpnserver1[2563]: CLIENT_IP:CLIENT_PORT TLS Auth Error: Auth Username/Password verification failed for peer
Feb 27 19:29:50 vpnserver1[2563]: CLIENT_IP:CLIENT_PORT Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Feb 27 19:29:50 vpnserver1[2563]: CLIENT_IP:CLIENT_PORT [client] Peer Connection Initiated with [AF_INET]CLIENT_IP:CLIENT_PORT
Feb 27 19:29:51 vpnserver1[2563]: CLIENT_IP:CLIENT_PORT PUSH: Received control message: 'PUSH_REQUEST'
Feb 27 19:29:51 vpnserver1[2563]: CLIENT_IP:CLIENT_PORT Delayed exit in 5 seconds
Feb 27 19:29:51 vpnserver1[2563]: CLIENT_IP:CLIENT_PORT SENT CONTROL [client]: 'AUTH_FAILED' (status=1)
Feb 27 19:29:51 vpnserver1[2563]: CLIENT_IP:CLIENT_PORT Connection reset, restarting [0]
Feb 27 19:29:51 vpnserver1[2563]: CLIENT_IP:CLIENT_PORT SIGUSR1[soft,connection-reset] received, client-instance restarting
 
dizzystreak said:
Feb 27 19:29:49 vpnserver1[2563]: CLIENT_IP:CLIENT_PORT TLS Auth Error: Auth Username/Password verification failed for peer
Click to expand...

Check your username/password. If you don't use password-based authentication then disable it.

Also note that overly long (i.e. > 64 chars long) settings will get truncated.
 
RMerlin said:
Check your username/password. If you don't use password-based authentication then disable it.

Also note that overly long (i.e. > 64 chars long) settings will get truncated.
Click to expand...

Yes, before creating the post I have tried the basic troubleshooting steps, even the famed "Have you tried turning it off and on again?" I believe in doing one's own due diligence before asking others for help. Though it is entirely possible I missed something.

To answer the question, I have changed the password to a single character. No luck. I created a simple multi-character password, which I pasted into the router's password field. Then I pasted the same thing into my OpenVPN client. Of course connecting to the external network before trying. Again, no luck. And yes, I want to use username/password auth.
The note above the password set field also warns not to use to long passwords, so I did not.

The setup worked unchanged for the past few years, and stopped working after I updated to 3.0.0.4.382_50010. Naturally I suspect the firmware.

Kind regards.
 
dizzystreak said:
The setup worked unchanged for the past few years, and stopped working after I updated to 3.0.0.4.382_50010. Naturally I suspect the firmware.
Click to expand...

It's always possible. I can't tell for sure, Asus's new OpenVPN implementation is now closed source, so our code differs.
 
RMerlin said:
It's always possible. I can't tell for sure, Asus's new OpenVPN implementation is now closed source, so our code differs.
Click to expand...

Thank you for the reply. It spawned another train of thought with corresponding questions.
Would you recommend I try Asuswrt-Merlin intead of the official firmware?
Does Asuswrt-Merlin support RT-AC55U?
Can I flash Asuswrt-Merlin over the official 3.0.0.4.382_50010?
Can I flash back to the official ASUS firmware if I choose to?

Kind regards.
 
I don't support the RT-AC55U, sorry.
 
dizzystreak said:
Thank you for the reply. It spawned another train of thought with corresponding questions.
Would you recommend I try Asuswrt-Merlin intead of the official firmware?
Does Asuswrt-Merlin support RT-AC55U?
Can I flash Asuswrt-Merlin over the official 3.0.0.4.382_50010?
Can I flash back to the official ASUS firmware if I choose to?

Kind regards.
Click to expand...

Can you send feedback with system log, wifi log and cfg file by feedback function and please add the "https://www.snbforums.com/threads/rt-ac55u-3-0-0-4-382_50010.44932/" in description field.
 
You must log in or register to reply here.

Similar threads

gallahermike
GT-BE98 Pro and OpenVPN problem
Replies
7
Views
616
gallahermike
gallahermike
N
Suspicious Activity?
Replies
6
Views
1K
L&LD
L&LD
X
OpenVPN server on RT-AX55, client connects but no internet
Replies
4
Views
974
Tech9
Tech9
Wishmaster1965
Solved OpenVPN Server Issue
Replies
5
Views
683
Wishmaster1965
Wishmaster1965
R
VPN between Asus RT cannot communicate
Replies
3
Views
1K
raynaud
R

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 938 (members: 29, guests: 909)
Top