Good afternoon Best regard
I'm having trouble with a CentOS server release 5.10, so that my users connect via VPN Intranet type, I could not find a solution, if I can collaborate appreciate them, attached logs when it worked and now.
Log running:
Mon Oct 10 13:50:02 2016 193.60.90.72:23683 Re-using SSL/TLS context Mon Oct 10 13:50:02 2016 193.60.90.72:23683 LZO compression initialized Mon Oct 10 13:50:02 2016 193.60.90.72:23683 Control Channel MTU parms [ L:1543 D:163 EF:66 EB:3 ET:3 EL:0 ] Mon Oct 10 13:50:02 2016 193.60.90.72:23683 Data Channel MTU parms [ L:1543 D:1453 EF:43 EB:133 ET:3 EL:0 AF:3/1 ] Mon Oct 10 13:50:02 2016 193.60.90.72:23683 Local Options hash (VER=V4): '31aebcbb' Mon Oct 10 13:50:02 2016 193.60.90.72:23683 Expected Remote Options hash (VER=V4): '3ebe1e45' Mon Oct 10 13:50:03 2016 193.60.90.72:23683 CRL CHECK OK: /C=CO/ST=Valle/L=CALI/O=IMAWEBS_-_IMAWE ... mawebs.com /C=CO/ST=Valle/L=CALI/O=IMAWEBS_-_IMAWEBS/OU=Sistemas/CN=OpenVPN-CA/emailAddress=tecnologico@imawebs.com Mon Oct 10 13:50:03 2016 193.60.90.72:23683 VERIFY OK: depth=1, /C=CO/ST=Valle/L=CALI/O=IMAWEBS_-_IMAWE ... mawebs.com /C=CO/ST=Valle/L=CALI/O=IMAWEBS_-_IMAWEBS/OU=Sistemas/CN=OpenVPN-CA/emailAddress=tecnologico@imawebs.com Mon Oct 10 13:50:03 2016 193.60.90.72:23683 CRL CHECK OK: /C=CO/ST=Valle/O=IMAWEBS_-_IMAWEBS/OU=S ... mawebs.com /C=CO/ST=Valle/O=IMAWEBS_-_IMAWEBS/OU=Sistemas/CN=imawebs_common_cert/emailAddress=tecnologico@imawebs.com Mon Oct 10 13:50:03 2016 193.60.90.72:23683 VERIFY OK: depth=0, /C=CO/ST=Valle/O=IMAWEBS_-_IMAWEBS/OU=S ... mawebs.com /C=CO/ST=Valle/O=IMAWEBS_-_IMAWEBS/OU=Sistemas/CN=imawebs_common_cert/emailAddress=tecnologico@imawebs.com Mon Oct 10 13:50:03 2016 193.60.90.72:23683 TLS: Username/Password authentication succeeded for username 'usuario6' Mon Oct 10 13:50:03 2016 193.60.90.72:23683 Data Channel Encrypt: Cipher 'DES-EDE-CBC' initialized with 128 bit key Mon Oct 10 13:50:03 2016 193.60.90.72:23683 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Mon Oct 10 13:50:03 2016 193.60.90.72:23683 Data Channel Decrypt: Cipher 'DES-EDE-CBC' initialized with 128 bit key Mon Oct 10 13:50:03 2016 193.60.90.72:23683 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Mon Oct 10 13:50:03 2016 193.60.90.72:23683 Control Channel: TLSv1, cipher TLSv3/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA Mon Oct 10 13:50:03 2016 193.60.90.72:23683 [imawebs_common_cert] Peer Connection Initiated with 193.60.90.72:23683
Log no Operating:
Mon Oct 24 10:46:31 2016 193.60.90.72:60903 Re-using SSL/TLS context Mon Oct 24 10:46:31 2016 193.60.90.72:60903 LZO compression initialized Mon Oct 24 10:46:31 2016 193.60.90.72:60903 Control Channel MTU parms [ L:1543 D:163 EF:63 EB:3 ET:3 EL:0 ] Mon Oct 24 10:46:31 2016 193.60.90.72:60903 Data Channel MTU parms [ L:1543 D:1453 EF:43 EB:133 ET:3 EL:0 AF:3/1 ] Mon Oct 24 10:46:31 2016 193.60.90.72:60903 Local Options hash (VER=V4): '31aebcbb' Mon Oct 24 10:46:31 2016 193.60.90.72:60903 Expected Remote Options hash (VER=V4): '3ebe1e45' Mon Oct 24 10:46:32 2016 193.60.90.72:60903 CRL CHECK OK: /C=CO/ST=Valle/L=CALI/O=IMAWEBS_-_IMAWE ... mawebs.com /C=CO/ST=Valle/L=CALI/O=IMAWEBS_-_IMAWEBS/OU=Sistemas/CN=OpenVPN-CA/emailAddress=tecnologico@imawebs.com Mon Oct 24 10:46:32 2016 193.60.90.72:60903 VERIFY OK: depth=1, /C=CO/ST=Valle/L=CALI/O=IMAWEBS_-_IMAWE ... mawebs.com /C=CO/ST=Valle/L=CALI/O=IMAWEBS_-_IMAWEBS/OU=Sistemas/CN=OpenVPN-CA/emailAddress=tecnologico@imawebs.com Mon Oct 24 10:46:32 2016 193.60.90.72:60903 CRL CHECK OK: /C=CO/ST=Valle/O=IMAWEBS_-_IMAWEBS/OU=S ... mawebs.com /C=CO/ST=Valle/O=IMAWEBS_-_IMAWEBS/OU=Sistemas/CN=imawebs_common_cert/emailAddress=tecnologico@imawebs.com Mon Oct 24 10:46:32 2016 193.60.90.72:60903 VERIFY OK: depth=0, /C=CO/ST=Valle/O=IMAWEBS_-_IMAWEBS/OU=S ... mawebs.com /C=CO/ST=Valle/O=IMAWEBS_-_IMAWEBS/OU=Sistemas/CN=imawebs_common_cert/emailAddress=tecnologico@imawebs.com Mon Oct 24 10:46:34 2016 193.60.90.72:60903 WARNING: Failed running command (--auth-user-pass-verify): external program exited with error status: 1 Mon Oct 24 10:46:34 2016 193.60.90.72:60903 TLS Auth Error: Auth Username/Password verification failed for peer Mon Oct 24 10:46:34 2016 193.60.90.72:60903 Control Channel: TLSv1, cipher TLSv3/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA Mon Oct 24 10:46:34 2016 193.60.90.72:60903 [imawebs_common_cert] Peer Connection Initiated with 193.60.90.72:60903
Am 24.10.2016 um 23:38 schrieb Macmor Mach lfmacmor.mach@gmail.com:
I'm having trouble with a CentOS server release 5.10, so that my users connect via VPN Intranet type, I could not find a solution, if I can collaborate appreciate them, attached logs when it worked and now.
Log running:
Mon Oct 10 13:50:02 2016 193.60.90.72:23683 Re-using SSL/TLS context Mon Oct 10 13:50:02 2016 193.60.90.72:23683 LZO compression initialized Mon Oct 10 13:50:02 2016 193.60.90.72:23683 Control Channel MTU parms [ L:1543 D:163 EF:66 EB:3 ET:3 EL:0 ] Mon Oct 10 13:50:02 2016 193.60.90.72:23683 Data Channel MTU parms [ L:1543 D:1453 EF:43 EB:133 ET:3 EL:0 AF:3/1 ] Mon Oct 10 13:50:02 2016 193.60.90.72:23683 Local Options hash (VER=V4): '31aebcbb' Mon Oct 10 13:50:02 2016 193.60.90.72:23683 Expected Remote Options hash (VER=V4): '3ebe1e45' Mon Oct 10 13:50:03 2016 193.60.90.72:23683 CRL CHECK OK: /C=CO/ST=Valle/L=CALI/O=IMAWEBS_-_IMAWE ... mawebs.com /C=CO/ST=Valle/L=CALI/O=IMAWEBS_-_IMAWEBS/OU=Sistemas/CN=OpenVPN-CA/emailAddress=tecnologico@imawebs.com Mon Oct 10 13:50:03 2016 193.60.90.72:23683 VERIFY OK: depth=1, /C=CO/ST=Valle/L=CALI/O=IMAWEBS_-_IMAWE ... mawebs.com /C=CO/ST=Valle/L=CALI/O=IMAWEBS_-_IMAWEBS/OU=Sistemas/CN=OpenVPN-CA/emailAddress=tecnologico@imawebs.com Mon Oct 10 13:50:03 2016 193.60.90.72:23683 CRL CHECK OK: /C=CO/ST=Valle/O=IMAWEBS_-_IMAWEBS/OU=S ... mawebs.com /C=CO/ST=Valle/O=IMAWEBS_-_IMAWEBS/OU=Sistemas/CN=imawebs_common_cert/emailAddress=tecnologico@imawebs.com Mon Oct 10 13:50:03 2016 193.60.90.72:23683 VERIFY OK: depth=0, /C=CO/ST=Valle/O=IMAWEBS_-_IMAWEBS/OU=S ... mawebs.com /C=CO/ST=Valle/O=IMAWEBS_-_IMAWEBS/OU=Sistemas/CN=imawebs_common_cert/emailAddress=tecnologico@imawebs.com Mon Oct 10 13:50:03 2016 193.60.90.72:23683 TLS: Username/Password authentication succeeded for username 'usuario6' Mon Oct 10 13:50:03 2016 193.60.90.72:23683 Data Channel Encrypt: Cipher 'DES-EDE-CBC' initialized with 128 bit key Mon Oct 10 13:50:03 2016 193.60.90.72:23683 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Mon Oct 10 13:50:03 2016 193.60.90.72:23683 Data Channel Decrypt: Cipher 'DES-EDE-CBC' initialized with 128 bit key Mon Oct 10 13:50:03 2016 193.60.90.72:23683 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Mon Oct 10 13:50:03 2016 193.60.90.72:23683 Control Channel: TLSv1, cipher TLSv3/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA Mon Oct 10 13:50:03 2016 193.60.90.72:23683 [imawebs_common_cert] Peer Connection Initiated with 193.60.90.72:23683
Log no Operating:
Mon Oct 24 10:46:31 2016 193.60.90.72:60903 Re-using SSL/TLS context Mon Oct 24 10:46:31 2016 193.60.90.72:60903 LZO compression initialized Mon Oct 24 10:46:31 2016 193.60.90.72:60903 Control Channel MTU parms [ L:1543 D:163 EF:63 EB:3 ET:3 EL:0 ] Mon Oct 24 10:46:31 2016 193.60.90.72:60903 Data Channel MTU parms [ L:1543 D:1453 EF:43 EB:133 ET:3 EL:0 AF:3/1 ] Mon Oct 24 10:46:31 2016 193.60.90.72:60903 Local Options hash (VER=V4): '31aebcbb' Mon Oct 24 10:46:31 2016 193.60.90.72:60903 Expected Remote Options hash (VER=V4): '3ebe1e45' Mon Oct 24 10:46:32 2016 193.60.90.72:60903 CRL CHECK OK: /C=CO/ST=Valle/L=CALI/O=IMAWEBS_-_IMAWE ... mawebs.com /C=CO/ST=Valle/L=CALI/O=IMAWEBS_-_IMAWEBS/OU=Sistemas/CN=OpenVPN-CA/emailAddress=tecnologico@imawebs.com Mon Oct 24 10:46:32 2016 193.60.90.72:60903 VERIFY OK: depth=1, /C=CO/ST=Valle/L=CALI/O=IMAWEBS_-_IMAWE ... mawebs.com /C=CO/ST=Valle/L=CALI/O=IMAWEBS_-_IMAWEBS/OU=Sistemas/CN=OpenVPN-CA/emailAddress=tecnologico@imawebs.com Mon Oct 24 10:46:32 2016 193.60.90.72:60903 CRL CHECK OK: /C=CO/ST=Valle/O=IMAWEBS_-_IMAWEBS/OU=S ... mawebs.com /C=CO/ST=Valle/O=IMAWEBS_-_IMAWEBS/OU=Sistemas/CN=imawebs_common_cert/emailAddress=tecnologico@imawebs.com Mon Oct 24 10:46:32 2016 193.60.90.72:60903 VERIFY OK: depth=0, /C=CO/ST=Valle/O=IMAWEBS_-_IMAWEBS/OU=S ... mawebs.com /C=CO/ST=Valle/O=IMAWEBS_-_IMAWEBS/OU=Sistemas/CN=imawebs_common_cert/emailAddress=tecnologico@imawebs.com Mon Oct 24 10:46:34 2016 193.60.90.72:60903 WARNING: Failed running command (--auth-user-pass-verify): external program exited with error status: 1 Mon Oct 24 10:46:34 2016 193.60.90.72:60903 TLS Auth Error: Auth Username/Password verification failed for peer Mon Oct 24 10:46:34 2016 193.60.90.72:60903 Control Channel: TLSv1, cipher TLSv3/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA Mon Oct 24 10:46:34 2016 193.60.90.72:60903 [imawebs_common_cert] Peer Connection Initiated with 193.60.90.72:60903
It looks like openvpn, right? Which version?
Your auth-user-pass-verify script does not authenticate your users.
How does your configuration look like?
-- LF
-
Leon Fauster -
Macmor Mach