Dear all, I'm trying to setup an openvpn 2fa setup, i'm copying an current working CA with certificates setup to one with https://github.com/evgeny-gridasov/openvpn-otp aswell.
The initial setup works good, but after +/- 15 minutes the connection wants to re-authenticate. Which i don't want. It goes a bit like this: Fri Jan 18 14:35:42 2019 us=228670 iphere:14804 CRL CHECK OK: Fri Jan 18 14:35:42 2019 us=228761 iphere:14804 VERIFY OK: Fri Jan 18 14:35:42 2019 us=229271 iphere:14804 CRL CHECK OK: Fri Jan 18 14:35:42 2019 us=229343 iphere:14804 VERIFY OK OTP-AUTH: trying to authenticate username 'erik' OTP-AUTH: username 'erik' exists in '/etc/openvpn/my_otp_secret_file' OTP-AUTH: trying method='totp', client_username='erik', client_secret='secrethere', server_username='erik', server_secret='numberhere' OTP-AUTH: trying method='totp', client_username='erik', client_secret=' secrethere ', server_username='erik', server_secret=' numberhere ' OTP-AUTH: trying method='totp', client_username='erik', client_secret=' secrethere ', server_username='erik', server_secret='numberhere' OTP-AUTH: trying method='totp', client_username='erik', client_secret=' secrethere ', server_username='erik', server_secret='numberhere' OTP-AUTH: trying method='totp', client_username='erik', client_secret=' secrethere ', server_username='erik', server_secret=' numberhere ' OTP-AUTH: trying method='totp', client_username='erik', client_secret=' secrethere ', server_username='erik', server_secret=' numberhere ' OTP-AUTH: trying method='totp', client_username='erik', client_secret=' secrethere ', server_username='erik', server_secret=' numberhere ' OTP-AUTH: auth ok for method='totp', client_username='erik', client_secret=' secrethere ' OTP-AUTH: authentication succeeded for username 'erik', remote iphere:14804 Fri Jan 18 14:35:42 2019 us=272397 iphere:14804 PLUGIN_CALL: POST /usr/lib/openvpn/openvpn-otp.so/PLUGIN_AUTH_USER_PASS_VERIFY status=0 Fri Jan 18 14:35:42 2019 us=272446 iphere:14804 TLS: Username/Password authentication succeeded for username 'erik' Fri Jan 18 14:49:58 2019 us=214900 erik/ip:14804 CRL CHECK OK: Fri Jan 18 14:49:58 2019 us=214990 erik/ip:14804 VERIFY OK: Fri Jan 18 14:49:58 2019 us=215474 erik/ip:14804 CRL CHECK OK: Fri Jan 18 14:49:58 2019 us=215545 erik/ip:14804 VERIFY OK: OTP-AUTH: trying to authenticate username 'erik' OTP-AUTH: username 'erik' exists in '/etc/openvpn/my_otp_secret_file' OTP-AUTH: trying method='totp', client_username='erik', client_secret='883364', server_username='erik', server_secret='344513' OTP-AUTH: trying method='totp', client_username='erik', client_secret='883364', server_username='erik', server_secret='597562' OTP-AUTH: trying method='totp', client_username='erik', client_secret='883364', server_username='erik', server_secret='126101' OTP-AUTH: authentication failed for username 'erik', remote iphere:14804 Fri Jan 18 14:49:58 2019 us=234480 erik/iphere:14804 PLUGIN_CALL: POST /usr/lib/openvpn/openvpn-otp.so/PLUGIN_AUTH_USER_PASS_VERIFY status=1 Fri Jan 18 14:49:58 2019 us=234495 erik/iphere:14804 PLUGIN_CALL: plugin function PLUGIN_AUTH_USER_PASS_VERIFY failed with status 1: /usr/lib/openvpn/openvpn-otp.so I don't want to connection to re-authenticate, how can i do this? openvpn 2.3.2-7ubuntu3.2 Thanks! Best regards, Erik van Dam
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
