Using multiple authentication backends on an OpenVPN server fails
We did update our pfSense Cluster to 2.5.0. On our OpenVPN connection we do have multiple backends. Our main one (RADIUS) and as backup the Local Database with a generic User for "emergency" if the RADIUS is not reachable.
After the Update to 2.5.0 we did receive always an Error => AUTH: Received control message: AUTH_FAILED
So we checked the RADIUS. Everything was fine. Also when we did a Test over "Diagnostics" > "Authentication" we were able to auth.
Still => AUTH: Received control message: AUTH_FAILED
So we did some Updates on client sites also to 2.5.0 and most of them do not have multiple backends on the OpenVPN connection.
And on those client sites the OpenVPN was working after the upgrade to 2.5.0.
So we did a test on our Site. We just selected our main backend (RADIUS) and we were able to authenticate us and connect.
As soon we selected multiple backend, we were not able to authenticate and connect.
We did also the tests if its based on the type of the backend. It was not. No matter which backend (we did with Local, RADIS and LDAP) - as soon as you have multiple selected, we were not able to connect.
Feb 22 10:27:07 PM: AUTH: Received control message: AUTH_FAILED
Last System Log on the OpenVPN when connecting with multiple backends enabled
Feb 22 20:53:15 openvpn 53311 xxx.xxx.xxx.xxx:9796 [USER] Peer Connection Initiated with [AF_INET]xxx.xxx.xxx.xxx:9796
Updated by Jim Pingle about 2 years ago
- Subject changed from multiple «Backend for authentication» on an OpenVPN Server => AUTH_FAILED to Using multiple authentication backends on an OpenVPN server fails
- Target version set to CE-Next
Updated by Viktor Gurov about 2 years ago
seems related to #9460