OpenVpn client can't connect

brokenby2703 · October 10, 2018, 9:16pm

I have a problem remotely (as usual) with one of our machine.
It is connected to local wifi and it can ping and connect internet.
But when it’s time to use the VPN client it can’t connect.
It did work well in VPN for a month till last Saturday when they accidentally switched off the WIFI AP from the factory.
We did realize it only yesterday when they asked to modify some parameters on the PLC and we weren’t able to connect.
WIFI was there and ARM300 was indeed connected but the VPN wasn’t able to connect back.
We tried to reset it (hardware, our technician is there today) and re set it up from factory default a few times without any success. WIFI setup it works but when we move to VPN CLIENT… it can’t connect to our server (and actually to any other we tried)
We tested various .ovpn config files, all failed with the same error :

All the config files are working perfectly if tested in my tunnelblick program on my computer but when loaded in the ARM300, it fail.

I checked the log on the vpn server and this is :

===quote log====
local auth failed: no stored password digest found in authcred attributes: auth/authlocal:35,application/app:348,internet/base:1166,internet/base:1175,internet/base:779,omi/omibase:65,internet/defer:102,omi/omimulti:15,omi/omiauth:62,internet/defer:829,internet/defer:746,omi/auth:516,util/delegate:26,auth/authdelegate:308,util/delegate:26,auth/authdelegate:237,util/defer:224,util/defer:246,internet/defer:190,internet/defer:181,internet/defer:323,util/defer:246,internet/defer:190,internet/defer:181,internet/defer:323,util/defer:245,internet/defer:102,auth/authdelegate:61,auth/authdelegate:240,util/delegate:26,auth/authlocal:35,util/error:61,util/error:44
===/quote log===

Can somebody tell me what to do ?
Thanks
D.

kyson-lok · October 11, 2018, 1:34am

Could you confirm that the username or password you input is correct?

brokenby2703 · October 11, 2018, 7:13am

I confirm that username and password input was correct.
Indeed we did try 3 .ovpn config files with the latest the simplest ever.
username: 12345
password: 12345
all the 3 .ovpn return the same AUTH error in ARM300, while in Tunnelblick it work ok.
I reproduced the situation in testing AR150 here in office.
I loaded all the 3 .ovpn files and all 3 are okay.

sammo · October 11, 2018, 8:35am

Have you check the MTU size?

brokenby2703 · October 11, 2018, 8:58am

No, I didn’t because it always worked out of the box without changing anything.
Where is the MTU setting to be modified ?

kyson-lok · October 11, 2018, 10:37am

But the log says auth failed. In this case, it is a incorrect username or password probably. Could you confirm it on command line? The file /etc/openvpn/auth/*.txt.

nopro404 · October 11, 2018, 10:44am

if you are on firmware 2.7x and have the switch configured to enable or disable vpn, disable the setting (to default) and reboot the router. see if that helps

brokenby2703 · October 11, 2018, 12:20pm

It fail on AR300
Same .ovpn WORKS on another AR150 or on tunnelblik

brokenby2703 · October 11, 2018, 12:21pm

No switch configured…
It’s working as remote router to control our machine via VPN.
We came from Industrial VPN routers

brokenby2703 · October 11, 2018, 12:22pm

Factory router does’t open forwarding ports so no way I can access.
My technician doesn’t know what is a command line.
I will see what to figure out

sammo · October 11, 2018, 12:26pm

So you have ruled out .ovpn by testing on AR300/AR150

Then it’s either older/newer openvpn package on your AR300
Your AR300 failing
Are both AR300/AR150 tested on the same environment eg connected to same access point on customer premises?
If not, your upstream ISP is blocking or again MTU size.
Could also be file format problem? dos2unix?