All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
OpenVPN with User/Password Authorization
I am not an experienced man with OpenVPN. I tried everything. Following tutorials etc. But I kept failing at setting up OpenVPN over and over again til the point I decided to give up. Shortly after that I found Nyr's OpenVPN auto-installer. It worked perfect after using Nyr's script however one thing that kept bugging me was having to keep track of all those certificates. The one thing I loved when using other VPN hosts was the user/password authorization. Where I didn't had to keep making certificates. Putting them for download etc. Just one certificate online and using that with the username and password and done.
But here is the problem. I am unable to even get OpenVPN and the user/password authorization to work. Sadly Nyr's script does not support user/password authorization or I just used that.
Can you guys help me out? I am able to provide a user account on my VPS or we can work over screen sharing apps such as TeamViewer or Join.me
Thanks in advance!
Comments
You need to integrate your openvpn with free radius, that's probably the easiest user-pass integration.
Check this tutorial http://safesrv.net/setup-freeradius-plugin-and-openvpn-source/
Hmm. Does it work with SQLite? Adding MySQL on a LEB is way to much. Im also curious on how to add users in the SQLite database than.
That's not necessary. Just use PAM based authentication.
https://wiki.archlinux.org/index.php/OpenVPN#Using_PAM_and_passwords_to_authenticate
http://tarique21.wordpress.com/2011/06/23/open-vpn-with-pam/
http://www.webhostingtalk.com/showthread.php?t=1024872
You can also use Softether, which also supports OpenVPN with user/pass authorization.
Thanks for the help.
I managed to setup OpenVPN with user/pass authorization! But I ran into a problem. After connecting to the VPN it turns green and shows no errors or anything but when I go check my IP its still my real IP instead of the VPN IP. Help.
Logs:
Sat Apr 19 00:48:34 2014 OpenVPN 2.3.2 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [eurephia] [IPv6] built on Aug 22 2013
Enter Management Password:
Sat Apr 19 00:48:34 2014 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Sat Apr 19 00:48:34 2014 Need hold release from management interface, waiting...
Sat Apr 19 00:48:34 2014 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Sat Apr 19 00:48:34 2014 MANAGEMENT: CMD 'state on'
Sat Apr 19 00:48:34 2014 MANAGEMENT: CMD 'log all on'
Sat Apr 19 00:48:34 2014 MANAGEMENT: CMD 'hold off'
Sat Apr 19 00:48:34 2014 MANAGEMENT: CMD 'hold release'
Sat Apr 19 00:48:40 2014 MANAGEMENT: CMD 'username "Auth" "xxx"'
Sat Apr 19 00:48:40 2014 MANAGEMENT: CMD 'password [...]'
Sat Apr 19 00:48:40 2014 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Sat Apr 19 00:48:40 2014 Socket Buffers: R=[8192->8192] S=[8192->8192]
Sat Apr 19 00:48:40 2014 UDPv4 link local: [undef]
Sat Apr 19 00:48:40 2014 UDPv4 link remote: [AF_INET]xxxx:xxxx
Sat Apr 19 00:48:40 2014 MANAGEMENT: >STATE:1397861320,WAIT,,,
Sat Apr 19 00:48:40 2014 MANAGEMENT: >STATE:1397861320,AUTH,,,
Sat Apr 19 00:48:40 2014 TLS: Initial packet from [AF_INET]xxxx:xxxx, sid=xxx
Sat Apr 19 00:48:40 2014 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Sat Apr 19 00:48:40 2014 VERIFY OK: depth=1, C=xx, ST=xxx, L=xxxx, O=xxx, OU=xxx, CN=xxx, name=xxx, emailAddress=xxx
Sat Apr 19 00:48:40 2014 VERIFY OK: depth=0, C=xx, ST=xxx, L=xxxx, O=xxx, OU=xxx, CN=xxx, name=xxx, emailAddress=xxx
Sat Apr 19 00:48:41 2014 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat Apr 19 00:48:41 2014 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Apr 19 00:48:41 2014 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat Apr 19 00:48:41 2014 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Apr 19 00:48:41 2014 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Sat Apr 19 00:48:41 2014 [fdVPN] Peer Connection Initiated with [AF_INET]xxxx:xxx
Sat Apr 19 00:48:42 2014 MANAGEMENT: >STATE:1397861322,GET_CONFIG,,,
Sat Apr 19 00:48:43 2014 SENT CONTROL [fdVPN]: 'PUSH_REQUEST' (status=1)
Sat Apr 19 00:48:43 2014 PUSH: Received control message: 'PUSH_REPLY,dhcp-option DNS 8.8.8.8,dhcp-option DNS 8.8.4.4,route 10.0.35.1,topology net30,ping 10,ping-restart 120,ifconfig 10.0.35.6 10.0.35.5'
Sat Apr 19 00:48:43 2014 OPTIONS IMPORT: timers and/or timeouts modified
Sat Apr 19 00:48:43 2014 OPTIONS IMPORT: --ifconfig/up options modified
Sat Apr 19 00:48:43 2014 OPTIONS IMPORT: route options modified
Sat Apr 19 00:48:43 2014 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Sat Apr 19 00:48:43 2014 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Sat Apr 19 00:48:43 2014 MANAGEMENT: >STATE:1397861323,ASSIGN_IP,,10.0.35.6,
Sat Apr 19 00:48:43 2014 open_tun, tt->ipv6=0
Sat Apr 19 00:48:43 2014 TAP-WIN32 device [LAN-verbinding 2] opened: \.\Global{22BB7B74-875B-49D4-8498-BA8C5DCB1E92}.tap
Sat Apr 19 00:48:43 2014 TAP-Windows Driver Version 9.9
Sat Apr 19 00:48:43 2014 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.0.35.6/255.255.255.252 on interface {22BB7B74-875B-49D4-8498-BA8C5DCB1E92} [DHCP-serv: 10.0.35.5, lease-time: 31536000]
Sat Apr 19 00:48:43 2014 Successful ARP Flush on interface [16] {22BB7B74-875B-49D4-8498-BA8C5DCB1E92}
Sat Apr 19 00:48:48 2014 TEST ROUTES: 1/1 succeeded len=1 ret=1 a=0 u/d=up
Sat Apr 19 00:48:48 2014 MANAGEMENT: >STATE:1397861328,ADD_ROUTES,,,
Sat Apr 19 00:48:48 2014 C:\Windows\system32\route.exe ADD 10.0.35.1 MASK 255.255.255.255 10.0.35.5
Sat Apr 19 00:48:48 2014 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4
Sat Apr 19 00:48:48 2014 Route addition via IPAPI succeeded [adaptive]
Sat Apr 19 00:48:48 2014 Initialization Sequence Completed
Sat Apr 19 00:48:48 2014 MANAGEMENT: STATE:1397861328,CONNECTED,SUCCESS,10.0.35.6,xxxx
@TehEnforce Are you using Windows 8 as your OS?
You seemed to be missing the "redirect-gateway def1" option in your openvpn configuration...
For example of my openvpn configuration that working, I will get this message with the "redirect-gateway def1" in it...
PUSH: Received control message: 'PUSH_REPLY,dhcp-option DNS 8.8.8.8,dhcp-option DNS 4.2.2.1,route 10.2.0.0 255.255.255.0,redirect-gateway def1,route 10.2.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.2.0.6 10.2.0.5'
http://chagridsada.blogspot.com/2012/06/openvpn-system-based-on-user-pass-lib.html
@TehEnforce Try running OpenVPN as admin.
No. Running Windows 7.
Added that option in the config. It broke the whole VPN. I can connect to it but when connected I can't browse anything anymore.
I always run OpenVPN as admin. Didn't work
Thanks but its based on MySQL.