Forum

Posts by joe04 (joe04)

joe04
joe04
Posts: 15

Okay, thanks for your reply. Looking forward to see it implemented sometime.

Best regards
Joe

6 mths OpenVPN: Allow multiple active profiles
joe04
joe04
Posts: 15

Hello David

Any news on this one. My team and I are really looking forward to the "OpenVPN multiple sessions"-option.


Best regards
Joe

6 mths OpenVPN: Allow multiple active profiles
joe04
joe04
Posts: 15

Aah okay, thanks for the clarification.

11 mths Problems with OpenVPN Automatic authentication. Only some parts of username/password is entered
joe04
joe04
Posts: 15

Hello Carl

What can I achieve by using this new option ?


Regards
Joe

11 mths Problems with OpenVPN Automatic authentication. Only some parts of username/password is entered
joe04
joe04
Posts: 15

Thanks for the link and your update.
Looking forward to see this implemented.

It is usable as it is now, which is great.


Thanks for your time and help!


Regards

11 mths Problems with OpenVPN Automatic authentication. Only some parts of username/password is entered
joe04
joe04
Posts: 15

Hello David

Works now, fantastic!


The only problem now is that it does not always close the VPN connection after a session is closed, even though it is configured. Some times it does, and sometimes it doesn't. Currently running RDM without admin rights.

When running RDM as admin it does always close the VPN connection as supposed. I guess this works by killing the OpenVPN Interactive Service as it has actually rights to do that as admin.

When launching my OpenVPN GUI outside RDM (after having closed a VPN in RDM as admin) I get the error message that: "OpenVPNServiceInteractive" is not started. Which is of course because RDM killed the process when closing the tunnel. I think it would be a good idea if you implement it so that when closing a VPN in RDM it either closes it without killing the OpenVPN Interactive Service, or at least is restarting the service after the VPN is closed so that I won't have problems when opening the OpenVPN GUI afterwards.


It would be nice if RDM could reliably close the VPN every time without needing admin rights, but I don't know if that's possible ?


Thanks
Regards

12 mths Problems with OpenVPN Automatic authentication. Only some parts of username/password is entered
joe04
joe04
Posts: 15

Just tried upgrading my client to 2.4.6 (2.4.6 x86_64-w64-mingw32).
Still having the same problem as above.

I can see that RDM creates the pwd file, but the log still terminates with: AUTH: Received control message: AUTH_FAILED.

Tried to make a copy of the pwd file that rdm creates, before it got deleted. When starting the VPN from the OpenVPN GUI using the copied file, I see the errors above. When I edit the pwd file to contain the password in clear text it works right away.

I wonder if I have to include anything in my .ovpn file to handle the password in your encrypted format, or if I should enable anything at the OpenVPN-server to allow this ?

12 mths Problems with OpenVPN Automatic authentication. Only some parts of username/password is entered
joe04
joe04
Posts: 15

I guess that after it fails at the first try - probably because of the wrong/scrambled password in the .pwd file, it tries again and at this moment RDM deleted the .pwd file, leading to the "Error opening 'Auth' auth file: vpn.my-domain.dk.pwd: No such file or directory (errno=2)"

12 mths Problems with OpenVPN Automatic authentication. Only some parts of username/password is entered
joe04
joe04
Posts: 15

Just did some more testing.
My OpenVPN logs states this, when starting the VPN from RDM:

Wed Feb 27 15:24:38 2019 OpenVPN 2.4.4 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Sep 26 2017
Wed Feb 27 15:24:38 2019 Windows version 6.2 (Windows 8 or greater) 64bit
Wed Feb 27 15:24:38 2019 library versions: OpenSSL 1.0.2l 25 May 2017, LZO 2.10
Enter Management Password:
Wed Feb 27 15:24:38 2019 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Wed Feb 27 15:24:38 2019 Need hold release from management interface, waiting...
Wed Feb 27 15:24:38 2019 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Wed Feb 27 15:24:39 2019 MANAGEMENT: CMD 'state on'
Wed Feb 27 15:24:39 2019 MANAGEMENT: CMD 'log all on'
Wed Feb 27 15:24:39 2019 MANAGEMENT: CMD 'echo all on'
Wed Feb 27 15:24:39 2019 MANAGEMENT: CMD 'hold off'
Wed Feb 27 15:24:39 2019 MANAGEMENT: CMD 'hold release'
Wed Feb 27 15:24:39 2019 MANAGEMENT: >STATE:1551277479,RESOLVE,,,,,,
Wed Feb 27 15:24:39 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:1194
Wed Feb 27 15:24:39 2019 Socket Buffers: R=[65536->65536] S=[65536->65536]
Wed Feb 27 15:24:39 2019 UDP link local: (not bound)
Wed Feb 27 15:24:39 2019 UDP link remote: [AF_INET]85.27.246.52:1194
Wed Feb 27 15:24:39 2019 MANAGEMENT: >STATE:1551277479,WAIT,,,,,,
Wed Feb 27 15:24:39 2019 MANAGEMENT: >STATE:1551277479,AUTH,,,,,,
Wed Feb 27 15:24:39 2019 TLS: Initial packet from [AF_INET]x.x.x.x:1194, sid=58dbf7d3 90bb7529
Wed Feb 27 15:24:40 2019 VERIFY OK: depth=1, C=DK, ST=x, L=x, O=x, CN=OpenVPN CA, name=EasyRSA, emailAddress=me@myhost.mydomain
Wed Feb 27 15:24:40 2019 VERIFY KU OK
Wed Feb 27 15:24:40 2019 Validating certificate extended key usage
Wed Feb 27 15:24:40 2019 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Wed Feb 27 15:24:40 2019 VERIFY EKU OK
Wed Feb 27 15:24:40 2019 VERIFY OK: depth=0, C=DK, ST=x, L=x, O=x, OU=MyOrganizationalUnit, CN=OpenVPN CA, name=EasyRSA, emailAddress=me@myhost.mydomain
Wed Feb 27 15:24:40 2019 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Wed Feb 27 15:24:40 2019 [OpenVPN CA] Peer Connection Initiated with [AF_INET]x.x.x.x:1194
Wed Feb 27 15:24:41 2019 MANAGEMENT: >STATE:1551277481,GET_CONFIG,,,,,,
Wed Feb 27 15:24:41 2019 SENT CONTROL [OpenVPN CA]: 'PUSH_REQUEST' (status=1)
Wed Feb 27 15:24:41 2019 AUTH: Received control message: AUTH_FAILED
Wed Feb 27 15:24:41 2019 SIGUSR1[soft,auth-failure] received, process restarting
Wed Feb 27 15:24:41 2019 MANAGEMENT: >STATE:1551277481,RECONNECTING,auth-failure,,,,,
Wed Feb 27 15:24:41 2019 Restart pause, 5 second(s)
Wed Feb 27 15:24:46 2019 MANAGEMENT: Client disconnected
Wed Feb 27 15:24:46 2019 Error opening 'Auth' auth file: vpn.my-domain.dk.pwd: No such file or directory (errno=2)
Wed Feb 27 15:24:46 2019 Exiting due to fatal error


As you can see it first gives an AUTH_FAILED. I took a look at the vpn.my-domain.dk.pwd file that RDM created, the username on first line is right, but the password is wrong, I guess that could be because you encrypt the password in some way? When I tested this, I created my own .pwd file containing the username and password in clear text, and it works with this file just fine.

If I try to start the VPN from OpenVPN GUI using the .pwd file that RDM created, it fails too - I'm guessing that's because that it isn't the right password in the .pwd file - at least not the password written in clear text.


Hope this helps you.

12 mths Problems with OpenVPN Automatic authentication. Only some parts of username/password is entered
joe04
joe04
Posts: 15

So I played around with it some more, I was too quick in my reply above. I see now that the OpenVPN client is looking for the file vpn.my-domain.dk.pwd, which it states it can't find. I tried to create it manually in the OpenVPN configuration directory filling in my username and pw in the file. Connected through the OpenVPN GUI right away (I see that RDM already modified the .ovpn file to use the .pwd file).

Could not get it to work when starting the VPN connection from RDM.

I deleted the OpenVPN configuration for the entry in RDM, setting it up from scratch again.
I import my .opvn file, ticks the "Enable automatic authentication" --> Enters my credentials in the GUI --> ticks the "Use authentication file" --> ok.

When I start the VPN from my RDM I see that the configuration folder and the .ovpn file just tied to the entry is copied over to the folder "C:\Users\joe\AppData\Local\Devolutions\RemoteDesktopManager\OpenVPN\vpn.my-domain.dk" along with the .pwd file that RDM created. Then the OpenVPN GUI shows, shortly after I see that the .pwd file is removed from the folder, and the OpenVPN GUI states "Error opening 'Auth' auth file: vpn.damgaard-automatik.dk.pwd: No such file or directory (errno=2)"


It seems like the .pwd file is automatically deleted before OpenVPN GUI has read it, or something similar to that. As stated it works perfectly if the VPN is started from the OpenVPN GUI instead of started from RDM.


Regards

12 mths Problems with OpenVPN Automatic authentication. Only some parts of username/password is entered
joe04
joe04
Posts: 15

Hello David

Just noticed that an update to the OpenVPN addon was pushed out yesterday.
Updated it just now.

Got the option to enable "Use authentication file" now, but where should I place this file, and how much information should it contain ?
Nothing is stated in the GUI about this, as far as I see.


Regards

12 mths Problems with OpenVPN Automatic authentication. Only some parts of username/password is entered
joe04
joe04
Posts: 15

It definitely seems like a timing issue to me. It's like it isn't waiting long enough for the OpenVPN Credentials window to appear, or isn't registering correctly when it appears. Seems that it is writing out the credentials way too early.

12 mths Problems with OpenVPN Automatic authentication. Only some parts of username/password is entered
joe04
joe04
Posts: 15

Hello David

Sorry for my late replies in regards to the support you offered me to troubleshoot this further. Have had some rough weeks.

I would still very much like your help, so if you are still interested in taking a look at this, you're welcome.


Best regards

12 mths Problems with OpenVPN Automatic authentication. Only some parts of username/password is entered
joe04
joe04
Posts: 15

Hello David

I am already using add-on 2.8.0.0
I am also already running as administrator.

I got my colleague to test it too, he has the same problems as me.

2 yrs Problems with OpenVPN Automatic authentication. Only some parts of username/password is entered
joe04
joe04
Posts: 15

I'm trying to implement the OpenVPN addon in our RDM v. 14.1.1.0, so far without luck...
I'm running OpenVPN GUI v. 11.9.0.0.

I've attached screenshots of my configured entry. Those are here: https://www.dropbox.com/sh/61hzl3gc365cfff/AABRsOJb40kFnepapVW9bvp4a?dl=0
When launching the entry it starts the OpenVPN GUI just fine, the GUI then asks for username/password and RDM is sending something to the GUI, the problem is that only some of the characters are entered in the username/password fields, sometimes it enters one character in the username, sometimes four and sometimes all of it. Sometimes the password is left blank or partly filled, and sometimes it enters the password in the username field...

It seems that there's major problems with the "Automatic authentication" settings. Do you have a fix for this ?
I tried to delete the .ovpn file that RDM creates multiple times to clear the cached username etc, but anyway it is struggeling when writing the username/password to the OpenVPN GUI.

It could be because it is sending the characters before the OpenVPN User Authentication window is shown which ends in not all characters passed to the window. Is there a setting to tell RDM to wait for x seconds before trying to paste the credentials of the User Authentication window ?


Thanks in advance

Best regards
Joe

2 yrs Problems with OpenVPN Automatic authentication. Only some parts of username/password is entered