OpenVPN not logging peer-ifo at loggin

This forum is for admins who are looking to build or expand their OpenVPN setup.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
claudiu.cristea
OpenVpn Newbie
Posts: 1
Joined: Fri Dec 16, 2022 7:32 am

OpenVPN not logging peer-ifo at loggin

Post by claudiu.cristea » Fri Dec 16, 2022 7:51 am

Hello,

Can someone help me with info regarding openvpn longing? I have integrated openvpn with add and sso and at the initial login the server doesn't log peer-info like mac, version, platform and so on.
After an hour when the server re-authenticate the user those information are available.

Here some log example below:

auth:

Dec 16 08:53:39 server openvpn[580253]: 109.166.129.119:37974 [user-1686] Peer Connection Initiated with [AF_INET6]::ffff:109.166.129.119:37974 (via ::ffff:IP_SERVER%eth0)
Dec 16 08:53:39 server OpenVPN_LDAP_AUTH[580481]: 2022/12/16 08:53:39 109.166.129.119:user@domeniu: LDAP auth successful...
Dec 16 08:53:39 server OpenVPN_LDAP_AUTH[580481]: 2022/12/16 08:53:39 user:domain:auth: userul e activ
Dec 16 08:53:39 server user@domeniu[580481]: 145865
Dec 16 08:53:39 server user@domeniu[580481]: 2FA FALSE:Invalid code confirmation value
Dec 16 08:53:39 server OpenVPN_LDAP_AUTH[580481]: 2FA:user:domain.local:2FA FAILED:Invalid code confirmation value
Dec 16 08:53:39 server OpenVPN_LDAP_AUTH[580481]: 2022/12/16 08:53:39 109.166.129.119:user:domain: 2FA FAILED
Dec 16 08:53:40 server openvpn[580253]: 109.166.129.119:37974 SENT CONTROL [user-1686]: 'AUTH_FAILED' (status=1)
Dec 16 08:54:49 server openvpn[580253]: 109.166.129.119:38988 TLS: Username/Password authentication deferred for username 'user'
Dec 16 08:54:49 server openvpn[580253]: 109.166.129.119:38988 [user-1686] Peer Connection Initiated with [AF_INET6]::ffff:109.166.129.119:38988 (via ::ffff:IP_SERVER%eth0)
Dec 16 08:54:49 server OpenVPN_LDAP_AUTH[580510]: 2022/12/16 08:54:49 109.166.129.119:user:domain: LDAP auth successful...
Dec 16 08:54:49 server OpenVPN_LDAP_AUTH[580510]: 2022/12/16 08:54:49 user:domain:auth: userul e activ
Dec 16 08:54:49 server user[580510]: 318606
Dec 16 08:54:49 server OpenVPN_LDAP_AUTH[580510]: 2FA:user:domain.local:2FA OK:
Dec 16 08:54:49 server OpenVPN_LDAP_AUTH[580510]: 2022/12/16 08:54:49 109.166.129.119:user:domain: 2FA OK



reauth:

Dec 16 09:46:00 seerver OpenVPN_LDAP_AUTH[582111]: 2022/12/16 09:46:00 source_ip:user:rcs-rds: LDAP reauth successful...
Dec 16 09:46:00 seerver openvpn[96328]: user-2788/source_ip:58650 peer info: IV_VER=2.5.4
Dec 16 09:46:00 seerver openvpn[96328]: user-2788/source_ip:58650 peer info: IV_PLAT=win
Dec 16 09:46:00 seerver openvpn[96328]: user-2788/source_ip:58650 peer info: IV_PROTO=6
Dec 16 09:46:00 seerver openvpn[96328]: user-2788/source_ip:58650 peer info: IV_NCP=2
Dec 16 09:46:00 seerver openvpn[96328]: user-2788/source_ip:58650 peer info: IV_CIPHERS=AES-256-GCM:AES-128-GCM:AES-128-CBC
Dec 16 09:46:00 seerver openvpn[96328]: user-2788/source_ip:58650 peer info: IV_LZ4=1
Dec 16 09:46:00 seerver openvpn[96328]: user-2788/source_ip:58650 peer info: IV_LZ4v2=1
Dec 16 09:46:00 seerver openvpn[96328]: user-2788/source_ip:58650 peer info: IV_LZO=1
Dec 16 09:46:00 seerver openvpn[96328]: user-2788/source_ip:58650 peer info: IV_COMP_STUB=1
Dec 16 09:46:00 seerver openvpn[96328]: user-2788/source_ip:58650 peer info: IV_COMP_STUBv2=1
Dec 16 09:46:00 seerver openvpn[96328]: user-2788/source_ip:58650 peer info: IV_TCPNL=1
Dec 16 09:46:00 seerver openvpn[96328]: user-2788/source_ip:58650 peer info: IV_HWADDR=80:32:53:75:62:46
Dec 16 09:46:00 seerver openvpn[96328]: user-2788/source_ip:58650 peer info: IV_SSL=OpenSSL_1.1.1l__24_Aug_2021
Dec 16 09:46:00 seerver openvpn[96328]: user-2788/source_ip:58650 peer info: IV_PLAT_VER=10.0_64bit
Dec 16 09:46:00 seerver openvpn[96328]: user-2788/source_ip:58650 peer info: IV_GUI_VER=OpenVPN_GUI_11
Dec 16 09:46:00 seerver openvpn[96328]: user-2788/source_ip:58650 peer info: IV_SSO=openurl,crtext


Can someone help me with this issue?

User avatar
ordex
OpenVPN Inc.
Posts: 444
Joined: Wed Dec 28, 2016 2:32 am
Location: IRC #openvpn-devel @ libera.chat

Re: OpenVPN not logging peer-ifo at loggin

Post by ordex » Fri Dec 16, 2022 6:52 pm

I report here the answer you got on the mailing list for completeness:

On the initial connect, the username is not known when the peer info
is logged. So when you search for the username, you won't see it.

If you search by peer IP address, it should be there.

gert

Post Reply