- État Fermée
- Pourcentage achevé
- Type Anomalie
- Catégorie Services locaux → Client VPN
- Assignée à Personne
- Système d'exploitation Tous
- Sévérité Haute
- Priorité Très Basse
- Basée sur la version 3.4.1
- Due pour la version Non décidée
-
Échéance
Non décidée
- Votes 6
- Privée
Ouverte par robigne - 28/04/2017
Dernière modification par Thibaut Freebox - 11/06/2019
FS#21440 - [3.4.1]Connexion VPN impossible
Bonjour,
Depuis le passage au fw 3.4.0, la connexion a mon VPN via l’interface Freebox OS est impossible. Le passage a la version 3.4.1 n’a pas résolu le problème.
L’erreur remontée par l’interface est :
openvpn: asked for unsupported password
Après renseignement auprès de la communauté OpenVPN, cette erreur n’est pas une erreur levée par OpenVPN, ni du serveur.
Ce problème est bien évidement très pénalisant.
A noté que la connexion fonctionne parfaitement en passant directement par OpenVPN et en utilisant le même fichier de configuration
Voici le fichier ovpn de configuration :
client
dev tun
proto udp
remote ro.privateinternetaccess.com 1198
resolv-retry infinite
nobind
persist-key
persist-tun
cipher aes-128-cbc
auth sha1
tls-client
remote-cert-tls server
auth-user-pass
comp-lzo
verb 1
reneg-sec 0
<ca>
—–BEGIN CERTIFICATE—-
...
—–END CERTIFICATE—–
</ca>
Le log complet :
2017-04-28 18:17:26 openvpn: connected to management interface
2017-04-28 18:17:26 openvpn: output: Fri Apr 28 18:17:26 2017 MANAGEMENT: Connected to management server at unix_mgt.sock
2017-04-28 18:17:26 openvpn: rx: >INFO:OpenVPN Management Interface Version 1 – type ‘help’ for more info
2017-04-28 18:17:26 openvpn: rx: >HOLD:Waiting for hold release
2017-04-28 18:17:26 openvpn: tx: hold release
2017-04-28 18:17:26 openvpn: output: Fri Apr 28 18:17:26 2017 MANAGEMENT: CMD ‘hold release’ 2017-04-28 18:17:26 openvpn: rx: SUCCESS: hold release succeeded
2017-04-28 18:17:26 openvpn: output: Fri Apr 28 18:17:26 2017 MANAGEMENT: CMD ‘state on’ 2017-04-28 18:17:26 openvpn: rx: SUCCESS: real-time state notification set to ON
2017-04-28 18:17:26 openvpn: rx: >PASSWORD:Need ‘Auth’ username/password
2017-04-28 18:17:26 openvpn: tx: username “Auth” “blabla” 2017-04-28 18:17:26 openvpn: output: Fri Apr 28 18:17:26 2017 MANAGEMENT: CMD ‘username “Auth” “blabla”’ 2017-04-28 18:17:26 openvpn: rx: SUCCESS: ‘Auth’ username entered, but not yet verified
2017-04-28 18:17:26 openvpn: output: Fri Apr 28 18:17:26 2017 MANAGEMENT: CMD ‘password [...]’ 2017-04-28 18:17:26 openvpn: rx: SUCCESS: ‘Auth’ password entered, but not yet verified
2017-04-28 18:17:26 openvpn: output: Fri Apr 28 18:17:26 2017 MANAGEMENT: >STATE:1493396246,WILL_CONNECT,ro.privateinternetaccess.com,,,,,0
2017-04-28 18:17:26 openvpn: output: Fri Apr 28 18:17:26 2017 Socket Buffers: R=[172032→131072] S=[172032→131072]
2017-04-28 18:17:26 openvpn: output: Fri Apr 28 18:17:26 2017 MANAGEMENT: >STATE:1493396246,RESOLVE,,,,,,0
2017-04-28 18:17:26 openvpn: output: Fri Apr 28 18:17:26 2017 UDPv4 link local: [undef]
2017-04-28 18:17:26 openvpn: output: Fri Apr 28 18:17:26 2017 UDPv4 link remote: [AF_INET]37.221.161.114:1198
2017-04-28 18:17:26 openvpn: output: Fri Apr 28 18:17:26 2017 MANAGEMENT: >STATE:1493396246,WAIT,,,,,,0
2017-04-28 18:17:26 openvpn: rx: >STATE:1493396246,WILL_CONNECT,ro.privateinternetaccess.com,,,,,0
2017-04-28 18:17:26 openvpn: rx: >STATE:1493396246,RESOLVE,,,,,,0
2017-04-28 18:17:26 openvpn: rx: >STATE:1493396246,WAIT,,,,,,0
2017-04-28 18:17:26 openvpn: output: Fri Apr 28 18:17:26 2017 MANAGEMENT: >STATE:1493396246,AUTH,,,,,,0
2017-04-28 18:17:26 openvpn: output: Fri Apr 28 18:17:26 2017 TLS: Initial packet from [AF_INET]37.221.161.114:1198, sid=a5444cd3 43f6c26e
2017-04-28 18:17:26 openvpn: rx: >STATE:1493396246,AUTH,,,,,,0
2017-04-28 18:17:26 openvpn: output: Fri Apr 28 18:17:26 2017 VERIFY OK: depth=1, C=US, ST=CA, L=LosAngeles, O=Private Internet Access, OU=Private Internet Access, CN=Private Internet Access, name=Private Internet Access, emailAddress=secure@privateinternetaccess.com
2017-04-28 18:17:26 openvpn: output: Fri Apr 28 18:17:26 2017 Validating certificate key usage
2017-04-28 18:17:26 openvpn: output: Fri Apr 28 18:17:26 2017 ++ Certificate has key usage 00a0, expects 00a0
2017-04-28 18:17:26 openvpn: output: Fri Apr 28 18:17:26 2017 VERIFY KU OK
2017-04-28 18:17:26 openvpn: output: Fri Apr 28 18:17:26 2017 Validating certificate extended key usage
2017-04-28 18:17:26 openvpn: output: Fri Apr 28 18:17:26 2017 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2017-04-28 18:17:26 openvpn: output: Fri Apr 28 18:17:26 2017 VERIFY EKU OK
2017-04-28 18:17:26 openvpn: output: Fri Apr 28 18:17:26 2017 VERIFY OK: depth=0, C=US, ST=CA, L=LosAngeles, O=Private Internet Access, OU=Private Internet Access, CN=26d924ec9a543982c7464cea96686663, name=26d924ec9a543982c7464cea96686663
2017-04-28 18:17:27 openvpn: output: Fri Apr 28 18:17:27 2017 WARNING: ‘link-mtu’ is used inconsistently, local=’link-mtu 1558’, remote=’link-mtu 1542’ 2017-04-28 18:17:27 openvpn: output: Fri Apr 28 18:17:27 2017 WARNING: ‘cipher’ is used inconsistently, local=’cipher AES-128-CBC’, remote=’cipher BF-CBC’ 2017-04-28 18:17:27 openvpn: output: Fri Apr 28 18:17:27 2017 Data Channel Encrypt: Cipher ‘AES-128-CBC’ initialized with 128 bit key
2017-04-28 18:17:27 openvpn: output: Fri Apr 28 18:17:27 2017 Data Channel Encrypt: Using 160 bit message hash ‘SHA1’ for HMAC authentication
2017-04-28 18:17:27 openvpn: output: Fri Apr 28 18:17:27 2017 Data Channel Decrypt: Cipher ‘AES-128-CBC’ initialized with 128 bit key
2017-04-28 18:17:27 openvpn: output: Fri Apr 28 18:17:27 2017 Data Channel Decrypt: Using 160 bit message hash ‘SHA1’ for HMAC authentication
2017-04-28 18:17:27 openvpn: output: Fri Apr 28 18:17:27 2017 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
2017-04-28 18:17:27 openvpn: output: Fri Apr 28 18:17:27 2017 [26d924ec9a543982c7464cea96686663] Peer Connection Initiated with [AF_INET]37.221.161.114:1198
2017-04-28 18:17:28 openvpn: rx: >STATE:1493396248,GET_CONFIG,,,,,,0
2017-04-28 18:17:28 openvpn: output: Fri Apr 28 18:17:28 2017 MANAGEMENT: >STATE:1493396248,GET_CONFIG,,,,,,0
2017-04-28 18:17:29 openvpn: output: Fri Apr 28 18:17:29 2017 SENT CONTROL [26d924ec9a543982c7464cea96686663]: ‘PUSH_REQUEST’ (status=1)
2017-04-28 18:17:29 openvpn: rx: >PASSWORD:Auth-Token:9fnPbf5uaxtygXiarS9TMf8uLJBG+CnsilfDhoL3mfE=
2017-04-28 18:17:29 openvpn: asked for unsupported password
2017-04-28 18:17:29 l3 is now stable
2017-04-28 18:17:29 l3 does not fulfil config requirement
2017-04-28 18:17:29 l3 state change ‘l3_wait_stable’ ⇒ ‘l3_bring_down’ 2017-04-28 18:17:29 waiting for l3 providers to go down
2017-04-28 18:17:29 l3 state change ‘l3_bring_down’ ⇒ ‘l3_wait_down’ 2017-04-28 18:17:29 l3 state change ‘l3_wait_down’ ⇒ ‘l3_cleanup_start’ 2017-04-28 18:17:29 calling helper script at ‘/etc/fbxconnman/conn.post-down’ 2017-04-28 18:17:29 l3 state change ‘l3_cleanup_start’ ⇒ ‘l3_wait_postdown_helper’ 2017-04-28 18:17:29 openvpn: output: Fri Apr 28 18:17:29 2017 PUSH: Received control message: ‘PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 209.222.18.222,dhcp-option DNS 209.222.18.218,ping 10,comp-lzo no,route 10.78.10.1,topology net30,ifconfig 10.78.10.6 10.78.10.5,auth-token 9fnPbf5uaxtygXiarS9TMf8uLJBG+CnsilfDhoL3mfE=’ 2017-04-28 18:17:29 openvpn: output: Fri Apr 28 18:17:29 2017 OPTIONS IMPORT: timers and/or timeouts modified
2017-04-28 18:17:29 openvpn: output: Fri Apr 28 18:17:29 2017 OPTIONS IMPORT: LZO parms modified
2017-04-28 18:17:29 openvpn: output: Fri Apr 28 18:17:29 2017 OPTIONS IMPORT: –ifconfig/up options modified
2017-04-28 18:17:29 openvpn: output: Fri Apr 28 18:17:29 2017 OPTIONS IMPORT: route options modified
2017-04-28 18:17:29 openvpn: output: Fri Apr 28 18:17:29 2017 OPTIONS IMPORT: –ip-win32 and/or –dhcp-option options modified
2017-04-28 18:17:29 openvpn: output: Fri Apr 28 18:17:29 2017 ROUTE: default_gateway=UNDEF
2017-04-28 18:17:29 openvpn: output: Fri Apr 28 18:17:29 2017 Initialization Sequence Completed
2017-04-28 18:17:29 openvpn: output: Fri Apr 28 18:17:29 2017 MANAGEMENT: >STATE:1493396249,CONNECTED,SUCCESS,10.78.10.6,37.221.161.114,209.222.18.218,209.222.18.222,1500
2017-04-28 18:17:29 l3 state change ‘l3_wait_postdown_helper’ ⇒ ‘l3_cleanup_finish’ 2017-04-28 18:17:29 l3 state change ‘l3_cleanup_finish’ ⇒ ‘l3_finished’ 2017-04-28 18:17:29 state change ‘wait_l3_up’ ⇒ ‘wait_l3_down’ 2017-04-28 18:17:29 l3 state change ‘l3_finished’ ⇒ ‘l3_down’ 2017-04-28 18:17:29 state is now DOWN
2017-04-28 18:17:29 state change ‘wait_l3_down’ ⇒ ‘l3_finished’ 2017-04-28 18:17:29 state change ‘l3_finished’ ⇒ ‘wait_l2_down’ 2017-04-28 18:17:29 l2 state change ‘l2_up’ ⇒ ‘l2_cleanup’ 2017-04-28 18:17:29 l2 state change ‘l2_cleanup’ ⇒ ‘l2_down’ 2017-04-28 18:17:29 state change ‘wait_l2_down’ ⇒ ‘down’
Merci par avance.
R.Carrillo
Chargement...
Activer les raccourcis clavier
- Alt + ⇧ Shift + l Se connecter/Se déconnecter
- Alt + ⇧ Shift + a Ouvrir une tâche
- Alt + ⇧ Shift + m Mes recherches
- Alt + ⇧ Shift + t Rechercher par ID de tâche
Liste des tâches
- o Ouvrir la tâche sélectionnée
- j Déplacer le curseur vers le bas
- k Déplacer le curseur vers le haut
Détails de la tâche
- n Tâche suivante
- p Tâche précédente
- Alt + ⇧ Shift + e ↵ Enter Modifier cette tâche
- Alt + ⇧ Shift + w Surveiller
- Alt + ⇧ Shift + y Fermer cette tâche
Édition de la tâche
- Alt + ⇧ Shift + s Enregistrer la tâche
J'ai exactement le même problème.
La v3.4.1 corrige le problème d'interface au client VPN mais la connexion échoue systématiquement.
Même problème pour ma part... C'est une spécialité de casser la connexion OpenVPN. Ça doit faire 3 ou 4 fois.
Du coup j'ai moi aussi ouvert une tâche, désolé pour le doublon.
Avez-vous du nouveau depuis l'ouverture du ticket ?