Messages

I deleted everything related to OpenVPN and redid the configuration and I have a working VPN.

Something, somewhere I screwed up. But it would be nice to know what was wrong with the config.

Hi,

Got to play with Opnsense 25.7.1, and configured a OpenVPN instance for roaming users. I created my test user with its corresponding certificate. When authenticating I get AUTH_FAILED in the client.

In Opnsense I get the following errors:

Code Select Expand

2025-08-05T14:24:24 Notice openvpn_server1 <EDITED CLIENT IP>:53433 SIGTERM[soft,delayed-exit] received, client-instance exiting
2025-08-05T14:24:19 Notice openvpn_server1 <EDITED CLIENT IP>:53433 SENT CONTROL [msantosn]: 'AUTH_FAILED' (status=1)
2025-08-05T14:24:19 Notice openvpn_server1 <EDITED CLIENT IP>:53433 SENT CONTROL [UNDEF]: 'AUTH_FAILED' (status=1)
2025-08-05T14:24:19 Notice openvpn_server1 <EDITED CLIENT IP>:53433 Delayed exit in 5 seconds
2025-08-05T14:24:18 Warning openvpn authentication failed for user 'msantosn'. No tunnel network provisioned, but required.
2025-08-05T14:24:18 Notice openvpn Locate overwrite for 'msantosn' using server '77a28ac6-eb75-478d-a59a-d7609b675e52' (vpnid: 1)
2025-08-05T14:24:18 Notice openvpn_server1 <EDITED CLIENT IP>:53433 [msantosn] Peer Connection Initiated with [AF_INET6]::ffff:<EDITED CLIENT IP>:53433 (via ::ffff:<EDITED SERVER IP>%vtnet0)
2025-08-05T14:24:18 Notice openvpn_server1 <EDITED CLIENT IP>:53433 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 4096 bits RSA, signature: RSA-SHA512, peer temporary key: 253 bits X25519
2025-08-05T14:24:18 Notice openvpn_server1 <EDITED CLIENT IP>:53433 TLS: tls_multi_process: initial untrusted session promoted to semi-trusted
2025-08-05T14:24:18 Notice openvpn_server1 <EDITED CLIENT IP>:53433 TLS: move_session: dest=TM_ACTIVE src=TM_INITIAL reinit_src=1
2025-08-05T14:24:18 Notice openvpn_server1 <EDITED CLIENT IP>:53433 TLS: Username/Password authentication deferred for username 'msantosn' [CN SET]
2025-08-05T14:24:17 Notice openvpn_server1 <EDITED CLIENT IP>:53433 peer info: IV_SSO=openurl,webauth,crtext
2025-08-05T14:24:17 Notice openvpn_server1 <EDITED CLIENT IP>:53433 peer info: IV_GUI_VER=OpenVPN_GUI_11.50.0.0
2025-08-05T14:24:17 Notice openvpn_server1 <EDITED CLIENT IP>:53433 peer info: IV_PROTO=990
2025-08-05T14:24:17 Notice openvpn_server1 <EDITED CLIENT IP>:53433 peer info: IV_CIPHERS=AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305
2025-08-05T14:24:17 Notice openvpn_server1 <EDITED CLIENT IP>:53433 peer info: IV_NCP=2
2025-08-05T14:24:17 Notice openvpn_server1 <EDITED CLIENT IP>:53433 peer info: IV_MTU=1600
2025-08-05T14:24:17 Notice openvpn_server1 <EDITED CLIENT IP>:53433 peer info: IV_TCPNL=1
2025-08-05T14:24:17 Notice openvpn_server1 <EDITED CLIENT IP>:53433 peer info: IV_PLAT=win
2025-08-05T14:24:17 Notice openvpn_server1 <EDITED CLIENT IP>:53433 peer info: IV_VER=2.6.12
2025-08-05T14:24:17 Notice openvpn_server1 <EDITED CLIENT IP>:53433 VERIFY OK: depth=0, C=NL, ST=n/a, L=n/a, O=DunderMiflin, emailAddress=msantosn@example.com, CN=msantosn
2025-08-05T14:24:17 Notice openvpn_server1 <EDITED CLIENT IP>:53433 VERIFY SCRIPT OK: depth=0, C=NL, ST=n/a, L=n/a, O=DunderMiflin, emailAddress=msantosn@example.com, CN=msantosn
2025-08-05T14:24:17 Notice openvpn_server1 <EDITED CLIENT IP>:53433 VERIFY OK: depth=1, C=NL, ST=n/a, L=n/a, O=DunderMiflin, OU=IT Operations, emailAddress=root@example.com, CN=OpenVPN-CA
2025-08-05T14:24:17 Notice openvpn_server1 <EDITED CLIENT IP>:53433 VERIFY SCRIPT OK: depth=1, C=NL, ST=n/a, L=n/a, O=DunderMiflin, OU=IT Operations, emailAddress=root@example.com, CN=OpenVPN-CA
I have used a lot OpenVPN in the past and I find this error confusing. Also, I cannot find absolutely anything on Google. Anyone has an idea or a pointer?