Parameter --auth-user-pass doesn't working with OpenVPN Access Server

Post Reply
aecioalves
OpenVpn Newbie
Posts: 2
Joined: Fri Jul 12, 2019 8:10 pm

Parameter --auth-user-pass doesn't working with OpenVPN Access Server

Post by aecioalves » Fri Jul 12, 2019 8:26 pm

I'm trying to use OpenVPN Access Server (OpenVPN Connect) version 3.0.2 (598) on my MacOS to connect to my OpenVPN Server, but the client doesn't ask me for username and password.

On my server, I configured the --auth-user-pass-verify parameter to check the credentials on my LDAP server. This part is running normally with Tunnelblick, for example.

On my server, there is the following error during the attempt of connection:

TLS Error: Auth Username/Password was not provided by peer
TLS Error: TLS handshake failed

On my client, there is the following warning during the attempt of connection:

UNUSED OPTIONS:
.
.
.
--auth-user-pass
.
.
.
Creds: UsernameEmpty/PasswordEmpty

Can someone help me?

novaflash
I should be on the dev team.
Posts: 952
Joined: Fri Apr 13, 2012 8:43 pm

Re: Parameter --auth-user-pass doesn't working with OpenVPN Access Server

Post by novaflash » Sat Jul 13, 2019 9:16 am

That's rather strange because the OpenVPN Access Server with user-locked profiles uses that same method and that works just fine. Are you sure that this isn't some problem in your profile?

But in any case, it's probably best if you use the open source client for your open source server, because when you are messing with parameters manually, you are probably using an open source server. And for that you should use the open source client. You're mixing the commercial client with the open source server now. And in theory that should work, but from experience, open source configurations are difficult and people can make mistakes there, and cause problems such as these. I'd suggest trying the open source client.

aecioalves
OpenVpn Newbie
Posts: 2
Joined: Fri Jul 12, 2019 8:10 pm

Re: Parameter --auth-user-pass doesn't working with OpenVPN Access Server

Post by aecioalves » Tue Jul 16, 2019 2:55 pm

Thanks for your answer.

Normally, we use Tunnelblick, but it's displaying a security alert when we enable the --auth-user-pass parameter.

Tunnelblick warns that the connection may be insecure and not proceed with importing the configuration if you do not trust the author of the configuration.

I would like to test another OpenVPN connection client to see if the same alert appears.

novaflash
I should be on the dev team.
Posts: 952
Joined: Fri Apr 13, 2012 8:43 pm

Re: Parameter --auth-user-pass doesn't working with OpenVPN Access Server

Post by novaflash » Tue Jul 16, 2019 3:17 pm

I can't really say anything about tunnelblick, that's the open source client for macos. Are you sure you just didn't by accident import the autologin profile and that is why it's not asking you for username/password? You ARE using OpenVPN Access Server right? You can just download the profile right off the client web interface there.

Post Reply