Freebox Server (Ultra V9/ Pop V8/ Delta V7 / Revolution V6 / Mini 4K)

  • État Fermée
  • Pourcentage achevé
    100%
  • Type Anomalie
  • Catégorie Services locaux → Client VPN
  • Assignée à
    mbizon
  • Système d'exploitation Tous
  • Sévérité Haute
  • Priorité Très Basse
  • Basée sur la version 3.4.0
  • Due pour la version Non décidée
  • Échéance Non décidée
  • Votes 8
  • Privée
Concerne le projet: Freebox Server (Ultra V9/ Pop V8/ Delta V7 / Revolution V6 / Mini 4K)
Ouverte par julienc - 23/04/2017
Dernière modification par Thibaut Freebox - 11/06/2019

FS#21414 - Impossible d'utiliser le Client VPN de la Freebox avec le fournisseur PIA

Jusqu’au 7 avril 2017 la connexion en client VPN sur PrivateInternetAccess (PIA) fonctionnait sans soucis. Depuis cette date j’ai un message “openvpn: asked for unsupported password”. D’après ce que j’ai vu dans les forums PIA et freebox, on est plusieurs (tous?) dans cette situation. Cela est relativement problématique car la fonctionnalité fonctionnait chez d’autres et c’est ce qui m’a encouragé à prendre un abonnement à PIA pour ma freebox...

Le bug est proche de  FS#15685  mais avec un autre fournisseur

2017-04-23 15:49:10 openvpn: connected to management interface
2017-04-23 15:49:10 openvpn: output: Sun Apr 23 15:49:10 2017 MANAGEMENT: Connected to management server at unix_mgt.sock
2017-04-23 15:49:10 openvpn: rx: >INFO:OpenVPN Management Interface Version 1 – type ‘help’ for more info
2017-04-23 15:49:10 openvpn: rx: >HOLD:Waiting for hold release
2017-04-23 15:49:10 openvpn: tx: hold release
2017-04-23 15:49:10 openvpn: output: Sun Apr 23 15:49:10 2017 MANAGEMENT: CMD ‘hold release’ 2017-04-23 15:49:10 openvpn: rx: SUCCESS: hold release succeeded
2017-04-23 15:49:10 openvpn: output: Sun Apr 23 15:49:10 2017 MANAGEMENT: CMD ‘state on’ 2017-04-23 15:49:10 openvpn: rx: SUCCESS: real-time state notification set to ON
2017-04-23 15:49:10 openvpn: rx: >PASSWORD:Need ‘Auth’ username/password
2017-04-23 15:49:10 openvpn: tx: username “Auth” “p4486859” 2017-04-23 15:49:10 openvpn: output: Sun Apr 23 15:49:10 2017 MANAGEMENT: CMD ‘username “Auth” “p4486859”’ 2017-04-23 15:49:10 openvpn: rx: SUCCESS: ‘Auth’ username entered, but not yet verified
2017-04-23 15:49:10 openvpn: output: Sun Apr 23 15:49:10 2017 MANAGEMENT: CMD ‘password [...]’ 2017-04-23 15:49:10 openvpn: rx: SUCCESS: ‘Auth’ password entered, but not yet verified
2017-04-23 15:49:10 openvpn: output: Sun Apr 23 15:49:10 2017 MANAGEMENT: >STATE:1492955350,WILL_CONNECT,ro.privateinternetaccess.com,,,,,0
2017-04-23 15:49:10 openvpn: output: Sun Apr 23 15:49:10 2017 Socket Buffers: R=[172032→131072] S=[172032→131072]
2017-04-23 15:49:10 openvpn: output: Sun Apr 23 15:49:10 2017 MANAGEMENT: >STATE:1492955350,RESOLVE,,,,,,0
2017-04-23 15:49:10 openvpn: output: Sun Apr 23 15:49:10 2017 UDPv4 link local: [undef]
2017-04-23 15:49:10 openvpn: output: Sun Apr 23 15:49:10 2017 UDPv4 link remote: [AF_INET]37.221.166.146:1198
2017-04-23 15:49:10 openvpn: output: Sun Apr 23 15:49:10 2017 MANAGEMENT: >STATE:1492955350,WAIT,,,,,,0
2017-04-23 15:49:10 openvpn: rx: >STATE:1492955350,WILL_CONNECT,ro.privateinternetaccess.com,,,,,0
2017-04-23 15:49:10 openvpn: rx: >STATE:1492955350,RESOLVE,,,,,,0
2017-04-23 15:49:10 openvpn: rx: >STATE:1492955350,WAIT,,,,,,0
2017-04-23 15:49:10 openvpn: output: Sun Apr 23 15:49:10 2017 MANAGEMENT: >STATE:1492955350,AUTH,,,,,,0
2017-04-23 15:49:10 openvpn: output: Sun Apr 23 15:49:10 2017 TLS: Initial packet from [AF_INET]37.221.166.146:1198, sid=c77eafa1 c993a8c7
2017-04-23 15:49:10 openvpn: rx: >STATE:1492955350,AUTH,,,,,,0
2017-04-23 15:49:10 openvpn: output: Sun Apr 23 15:49:10 2017 VERIFY OK: depth=1, C=US, ST=CA, L=LosAngeles, O=Private Internet Access, OU=Private Internet Access, CN=Private Internet Access, name=Private Internet Access, emailAddress=secure@privateinternetaccess.com
2017-04-23 15:49:10 openvpn: output: Sun Apr 23 15:49:10 2017 Validating certificate key usage
2017-04-23 15:49:10 openvpn: output: Sun Apr 23 15:49:10 2017 ++ Certificate has key usage 00a0, expects 00a0
2017-04-23 15:49:10 openvpn: output: Sun Apr 23 15:49:10 2017 VERIFY KU OK
2017-04-23 15:49:10 openvpn: output: Sun Apr 23 15:49:10 2017 Validating certificate extended key usage
2017-04-23 15:49:10 openvpn: output: Sun Apr 23 15:49:10 2017 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2017-04-23 15:49:10 openvpn: output: Sun Apr 23 15:49:10 2017 VERIFY EKU OK
2017-04-23 15:49:10 openvpn: output: Sun Apr 23 15:49:10 2017 VERIFY OK: depth=0, C=US, ST=CA, L=LosAngeles, O=Private Internet Access, OU=Private Internet Access, CN=b70cfdf6b689d499576461f9b1499336, name=b70cfdf6b689d499576461f9b1499336
2017-04-23 15:49:11 openvpn: output: Sun Apr 23 15:49:11 2017 WARNING: ‘link-mtu’ is used inconsistently, local=’link-mtu 1558’, remote=’link-mtu 1542’ 2017-04-23 15:49:11 openvpn: output: Sun Apr 23 15:49:11 2017 WARNING: ‘cipher’ is used inconsistently, local=’cipher AES-128-CBC’, remote=’cipher BF-CBC’ 2017-04-23 15:49:11 openvpn: output: Sun Apr 23 15:49:11 2017 Data Channel Encrypt: Cipher ‘AES-128-CBC’ initialized with 128 bit key
2017-04-23 15:49:11 openvpn: output: Sun Apr 23 15:49:11 2017 Data Channel Encrypt: Using 160 bit message hash ‘SHA1’ for HMAC authentication
2017-04-23 15:49:11 openvpn: output: Sun Apr 23 15:49:11 2017 Data Channel Decrypt: Cipher ‘AES-128-CBC’ initialized with 128 bit key
2017-04-23 15:49:11 openvpn: output: Sun Apr 23 15:49:11 2017 Data Channel Decrypt: Using 160 bit message hash ‘SHA1’ for HMAC authentication
2017-04-23 15:49:11 openvpn: output: Sun Apr 23 15:49:11 2017 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
2017-04-23 15:49:11 openvpn: output: Sun Apr 23 15:49:11 2017 [b70cfdf6b689d499576461f9b1499336] Peer Connection Initiated with [AF_INET]37.221.166.146:1198
2017-04-23 15:49:12 openvpn: rx: >STATE:1492955352,GET_CONFIG,,,,,,0
2017-04-23 15:49:12 openvpn: output: Sun Apr 23 15:49:12 2017 MANAGEMENT: >STATE:1492955352,GET_CONFIG,,,,,,0
2017-04-23 15:49:13 openvpn: output: Sun Apr 23 15:49:13 2017 SENT CONTROL [b70cfdf6b689d499576461f9b1499336]: ‘PUSH_REQUEST’ (status=1)
2017-04-23 15:49:13 openvpn: output: Sun Apr 23 15:49:13 2017 PUSH: Received control message: ‘PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 209.222.18.222,dhcp-option DNS 209.222.18.218,ping 10,comp-lzo no,route 10.70.10.1,topology net30,ifconfig 10.70.10.6 10.70.10.5,auth-token A+i+Wd8Hxlrl+6ExAN+leVgsWJCVwA2NqxL5hwi7g2o=’ 2017-04-23 15:49:13 openvpn: output: Sun Apr 23 15:49:13 2017 OPTIONS IMPORT: timers and/or timeouts modified
2017-04-23 15:49:13 openvpn: output: Sun Apr 23 15:49:13 2017 OPTIONS IMPORT: LZO parms modified
2017-04-23 15:49:13 openvpn: output: Sun Apr 23 15:49:13 2017 OPTIONS IMPORT: –ifconfig/up options modified
2017-04-23 15:49:13 openvpn: output: Sun Apr 23 15:49:13 2017 OPTIONS IMPORT: route options modified
2017-04-23 15:49:13 openvpn: output: Sun Apr 23 15:49:13 2017 OPTIONS IMPORT: –ip-win32 and/or –dhcp-option options modified
2017-04-23 15:49:13 openvpn: output: Sun Apr 23 15:49:13 2017 ROUTE: default_gateway=UNDEF
2017-04-23 15:49:13 openvpn: output: Sun Apr 23 15:49:13 2017 Initialization Sequence Completed
2017-04-23 15:49:13 openvpn: output: Sun Apr 23 15:49:13 2017 MANAGEMENT: >STATE:1492955353,CONNECTED,SUCCESS,10.70.10.6,37.221.166.146,209.222.18.218,209.222.18.222,1500
2017-04-23 15:49:13 openvpn: rx: >PASSWORD:Auth-Token:A+i+Wd8Hxlrl+6ExAN+leVgsWJCVwA2NqxL5hwi7g2o=
2017-04-23 15:49:13 openvpn: asked for unsupported password
2017-04-23 15:49:13 l3 is now stable
2017-04-23 15:49:13 l3 does not fulfil config requirement
2017-04-23 15:49:13 l3 state change ‘l3_wait_stable’ ⇒ ‘l3_bring_down’ 2017-04-23 15:49:13 waiting for l3 providers to go down
2017-04-23 15:49:13 l3 state change ‘l3_bring_down’ ⇒ ‘l3_wait_down’ 2017-04-23 15:49:13 l3 state change ‘l3_wait_down’ ⇒ ‘l3_cleanup_start’ 2017-04-23 15:49:13 calling helper script at ‘/etc/fbxconnman/conn.post-down’ 2017-04-23 15:49:13 l3 state change ‘l3_cleanup_start’ ⇒ ‘l3_wait_postdown_helper’ 2017-04-23 15:49:13 l3 state change ‘l3_wait_postdown_helper’ ⇒ ‘l3_cleanup_finish’ 2017-04-23 15:49:13 l3 state change ‘l3_cleanup_finish’ ⇒ ‘l3_finished’ 2017-04-23 15:49:13 state change ‘wait_l3_up’ ⇒ ‘wait_l3_down’ 2017-04-23 15:49:13 l3 state change ‘l3_finished’ ⇒ ‘l3_down’ 2017-04-23 15:49:13 state is now DOWN
2017-04-23 15:49:13 state change ‘wait_l3_down’ ⇒ ‘l3_finished’ 2017-04-23 15:49:13 state change ‘l3_finished’ ⇒ ‘wait_l2_down’ 2017-04-23 15:49:13 l2 state change ‘l2_up’ ⇒ ‘l2_cleanup’ 2017-04-23 15:49:13 l2 state change ‘l2_cleanup’ ⇒ ‘l2_down’ 2017-04-23 15:49:13 state change ‘wait_l2_down’ ⇒ ‘down’

Fermée par  Thibaut Freebox
11.06.2019 13:46
Raison de la fermeture :  Doublon
renzoe a commenté le 26.04.2017 13:49

+1 . J ai PIA et je n arrive pas a meconecter depuis au moins un semaine. En plus le bug du UI WEB Client VPN ne m aide pas non plus (il faur debbuger le html pour voir toute le log, et faire les conf .opvpn depuis l app "freebox compagning).
PIA marche bien das mes autres clients VPN .

Noon53 a commenté le 27.04.2017 14:23

Bonjour,

Je confirme le même souci.
Fonctionnement sans aucun souci sous la version Server 3.3.6. Impossible depuis la 3.4 et 3.4.1.
Y a t il une modification à apporter dans le fichier de configuration OpenVPN?

Merci pour votre réponse (en espérant qu'il ne faille pas attendre 1 mois de plus... 2 mois sans fonction complète pré existante, ça mériterait un geste commerciale de la part de Free.)

Idem pour moi. J'attendais la version 3.4.1 avec impatience pour corriger le problème du script qui bloquait le client VPN dans la 3.4. Et voici maintenant un nouveau bug dans la toute nouvelle version 3.4.1.
Va-t-on s'en sortir un jour.
L'erreur est la suivante : 2017-04-27 22:16:44 openvpn: asked for unsupported password

N'hésitez pas à voter pour cette tâche et à contacter mbizon @ freebox.fr (sans les espaces) pour faire bouger les choses.

Avez-vous du nouveau depuis l'ouverture du ticket ?

Chargement...

Activer les raccourcis clavier

Liste des tâches

Détails de la tâche

Édition de la tâche