OPNsense Forum

International Forums => Portuguese - Português => Topic started by: simasla on February 01, 2023, 03:06:14 pm

Title: OpenVPN não autentica usuário, erro OpenSSL
Post by: simasla on February 01, 2023, 03:06:14 pm

Realizei a configuração conforme DOCs do OPNSense https://docs.opnsense.org/manual/how-tos/sslvpn_client.html
Mas não ocorre a autenticação do usuário de jeito nenhum.

Gera o erro :
10:36:20 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305). OpenVPN ignores --cipher for cipher negotiations.
10:36:20 OpenVPN 2.6.0 [git:v2.6.0/b999466418dddb89] Windows-MSVC [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] [DCO] built on Jan 25 2023
10:36:20 Windows version 10.0 (Windows 10 or greater), amd64 executable
10:36:20 library versions: OpenSSL 3.0.7 1 Nov 2022, LZO 2.10
10:37:49 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
10:37:49 OpenSSL: error:0308010C:digital envelope routines::unsupported
10:37:49 OpenSSL: error:11800071:PKCS12 routines::mac verify failure
10:37:49 Decoding PKCS12 failed. Probably wrong password or unsupported/legacy encryption
10:37:49 SIGUSR1[soft,private-key-password-failure] received, process restarting
10:38:08 OpenSSL: error:0308010C:digital envelope routines::unsupported
10:38:08 OpenSSL: error:11800071:PKCS12 routines::mac verify failure
10:38:08 Decoding PKCS12 failed. Probably wrong password or unsupported/legacy encryption
10:38:08 SIGUSR1[soft,private-key-password-failure] received, process restarting
10:38:42 OpenSSL: error:0308010C:digital envelope routines::unsupported
10:38:42 OpenSSL: error:11800071:PKCS12 routines::mac verify failure
10:38:42 Decoding PKCS12 failed. Probably wrong password or unsupported/legacy encryption
10:38:42 SIGUSR1[soft,private-key-password-failure] received, process restarting
10:38:49 ERROR: could not read Auth username/password/ok/string from management interface
10:38:49 Exiting due to fatal error

Tentei configurar com 2FA e sem, mas não teve jeito ele não conecta, aparentemente a regra de firewall esta ok, pq ele chega a pedir a autenticação, mas ele nao reconhece o usuario/senha... e testando no System->Access->Tester ....  o usuario e senha estão corretos...   

Pensei na versão do Client do OpenVPN, sigo testando, se alguém tiver uma ideia agradeço a ajuda...

Title: Re: OpenVPN não autentica usuário, erro OpenSSL
Post by: juliocbc on February 02, 2023, 03:07:09 pm

Olá!

Sugiro tentar esse tutorial que fizemos e veja se ajuda:

https://ajuda.cloudfence.com.br/opnsense-suporte/openvpn-ativar-2fa-opnsense (https://ajuda.cloudfence.com.br/opnsense-suporte/openvpn-ativar-2fa-opnsense)