search

OpenVPN / openvpn3-linux

OpenVPN 3 Linux client
GNU Affero General Public License v3.0
554 stars 148 forks source link

VPN client is not reporting a MAC/UUID address. #35

Closed xudaaaaa closed 3 years ago

xudaaaaa commented 3 years ago

I used the HW address checking script in my openvpn server : OpenVPN Access Server Post_auth Hardware Address Checking Script

When I use openvpn3 in Ubuntu 16.04 / 20.04 , I cannot login my server, here is server log:

VPN Auth Failed: 'VPN client is not reporting a MAC/UUID address. Please verify that a suitable OpenVPN client is being used.' ['VPN client is not reporting a MAC/UUID address. Please verify that a suitable OpenVPN client is being used.']

2021-01-15T15:34:56+0800 [stdout#info] POST_AUTH MAC CHECK: action taken : VPN connection denied with a suitable error message. 2021-01-15T15:34:56+0800 [stdout#info] POST_AUTH MAC CHECK: connection attempt : FAILED

While other OS client is OK (MacOS)

I don't know if my config is wrong .. or openvpn3-linux doesn't report client's MAC address is by design... Thanks a lot .

dsommers commented 3 years ago

Hi, thanks for the report.

This is a known missing feature. The OpenVPN 3 Linux client does not send the IV_HWADDR identifier to the server. This will be fixed in a coming release.

xudaaaaa commented 3 years ago

Thanks a lot !

dsommers commented 3 years ago

This feature will be part of the coming v14_beta release.

dsommers commented 3 years ago

v14_beta will be released today.

Joaodagraca commented 3 years ago

Hello, I have been pateintly waiting for this release, where can I download it from to test?

dsommers commented 3 years ago

It's already in all the available repositories.

https://community.openvpn.net/openvpn/wiki/OpenVPN3Linux

Joaodagraca commented 3 years ago

My users upgrade to this version which has now unfortunately broken other things and they are unable to connect. I have asked them to downgrade. image

dsommers commented 3 years ago

@Joaodagraca Can you please retry now? Also which distro do you use? A good bug report needs:

  1. Get all the proper version information:

    [user@host:~]$ openvpn3 version

    and

    [user@host:~]$ openvpn3-admin version --services

  2. Always increase the default logging before connecting:

    [root@host:~]# openvpn3-admin log-service --log-level 6
[root@host:~]# openvpn3-admin netcfg-service --config-set log-level 6

  3. Stop all running VPN sessions and ensure openvpn3-service-netcfg is stopped

  4. Retrieve log events from the systemd journal:

    [root@host:~]# journalctl --since -30m SYSLOG_IDENTIFIER=net.openvpn.v3.log + SYSLOG_IDENTIFIER=openvpn3-service-logger + SYSLOG_IDENTIFIER=dbus + _SYSTEMD_UNIT=dbus.service + UNIT=dbus.service