What's new

OpenVPN Usernames and Passwords not working

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

AndrewL733

Occasional Visitor
I am currently running Asuswrt-Merlin 386.2_6 on two Asus routers (RT-AC68U and RT-AC86U). Since a few software releases back, I have found that usernames and passwords are not working with OpenVPN (I use certificates PLUS usernames/passwords -- not usernames and passwords only). OpenVPN clients always report back "authentication failure", except when I use router "admin" user (which in my case is not "admin" but something else). If I used that username and the router's admin password, my VPN clients can connect.

I vaguely remember reading a while back that there may have been a UI bug with ASUS routers, and that the characters you typed weren't the same characters that actually got saved in your username/password configuration. In fact, if I try to add any new usernames/passwords to my router, they don't get saved either.

Does this ring a bell to anybody, and if so, is there a solution? Is this perhaps fixed in 386.3?
 
I have the same/similar issue. I noticed also that all of a sudden certain accounts were not working anymore (authentication failed). I was also not able to remove/add account in a way to set new passwords (http://www.snbforums.com/threads/i-cant-add-openvpn-users.72906/post-693584).

While I knew one account that was working, I copied the hashed password from this account to the account with issues in the shadow and shadow.openvpn files. With this new, now known, password I was able to connect with the account. Not a solution ofcourse, more an analysis step. No real solution so far, as mentioned the referred link, via the UI I can't add/remove accounts properly.
 
I am currently running Asuswrt-Merlin 386.2_6 on two Asus routers (RT-AC68U and RT-AC86U). Since a few software releases back, I have found that usernames and passwords are not working with OpenVPN (I use certificates PLUS usernames/passwords -- not usernames and passwords only). OpenVPN clients always report back "authentication failure", except when I use router "admin" user (which in my case is not "admin" but something else). If I used that username and the router's admin password, my VPN clients can connect.

I vaguely remember reading a while back that there may have been a UI bug with ASUS routers, and that the characters you typed weren't the same characters that actually got saved in your username/password configuration. In fact, if I try to add any new usernames/passwords to my router, they don't get saved either.

Does this ring a bell to anybody, and if so, is there a solution? Is this perhaps fixed in 386.3?

That you say “if I try to add any new usernames/passwords to my router, they don't get saved either.” suggests possibly more than one simple glitch.

Have you tried clearing the OpenVPN setup and starting again? I think the default button does that, but I’m not going to test it on mine just in case it doesn’t ask if I’m sure!

And I’d possibly start with just just a username and password to begin with and prove that works. Of course, you’d need to export new config files to the clients. Then, when you’re happy it’s working well, progress to PKI authentication as well.

You aren’t using any special characters in the username or passwords, are you?

Failing starting again with a fresh OpenVPN setup, you might be looking at the more drastic reset to factory default settings and following L&LD’s M&M guide.
 
except when I use router "admin" user (which in my case is not "admin" but something else). If I used that username and the router's admin password, my VPN clients can connect.
This is I think a trap for the unwary, particularly if one is using user/password only. Even though not listed in the list of authorized users, the admin user also can connect unless you specifically code it to be dropped.
 
That you say “if I try to add any new usernames/passwords to my router, they don't get saved either.” suggests possibly more than one simple glitch.

Have you tried clearing the OpenVPN setup and starting again? I think the default button does that, but I’m not going to test it on mine just in case it doesn’t ask if I’m sure!

And I’d possibly start with just just a username and password to begin with and prove that works. Of course, you’d need to export new config files to the clients. Then, when you’re happy it’s working well, progress to PKI authentication as well.

You aren’t using any special characters in the username or passwords, are you?

Failing starting again with a fresh OpenVPN setup, you might be looking at the more drastic reset to factory default settings and following L&LD’s M&M guide.
Im having the exact same problem: OpenVPN server on 386.2_6 first user, works as it should. Added three more users, first user couldn’t authenticate anymore. The three new users still work.
has anyone found the root cause, yet?
 
Just wanted to update for anyone finding this thread (as I did when I experienced a similar weirdness), that I have done some troubleshooting which does not provide any real solution or root cause, but better explains the problem and the behaviors. You can find it here:

 

Similar threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top