OPNsense Forum

Archive => 19.7 Legacy Series => Topic started by: fromageblue on October 21, 2019, 12:21:39 am

Title: Hybrid RSA + Xauth fails with no Xauth secret found
Post by: fromageblue on October 21, 2019, 12:21:39 am: I have an IPsec mobile client setup with Hybrid RSA + Xauth with a LDAP backend. I tested the LDAP backend authentication with the "System: Access: Tester" page, no issues, LDAP works.

However, when I try to connect to my vpn, I keep getting an "XAuth authentication of 'myuser' failed" error message. I looked at my LDAP server's logs and I don't even see any connection attempts from OpnSense.
I tried switching to using the local database with a local user instead of LDAP, same error.

I tried the same IPsec configuration with LDAP backend, but instead of Hybrid RSA + Xauth, I used Mutual PSK + Xauth and that worked. Authentication successful and I see the connection from OpnSense in my LDAP logs.

So why does it work with a Mutual PSK + Xauth setup, but fails with a Hybrid RSA + Xauth.

The only error messages on OpnSense are:
XAuth authentication of 'myuser' failed
no XAuth secret found for 'server' - 'myuser'

SMF 2.0.19 | SMF © 2021, Simple Machines
Privacy Policy