Ξ welcome to cryptostorm's member forums ~ you don't have to be a cryptostorm member to post here Ξ
Ξ any OpenVPN configs found on the forum are likely outdated. For the latest, visit here or GitHub Ξ
Ξ If you're looking for tutorials/guides, check out the new https://cryptostorm.is/#section6 Ξ

iOS: OpenVPN 3.0 "Authentication Failed"

Looking for assistance with a cryptostorm connection issue? Post here & we'll help out. Also: if you're not sure where to post, do so here & we'll move things around as needed. Also: for quickest support, email our oddly calm & easygoing support reps at support@cryptostorm.is :)
User avatar

Topic Author
0xD4
Posts: 3
Joined: Sat Sep 01, 2018 5:49 pm

iOS: OpenVPN 3.0 "Authentication Failed"

Post by 0xD4 » Sat Sep 01, 2018 6:16 pm

Hi all

I have been using CS with OpenVPN App on iOS (11.4.x) for months. Now a new update of the app came a few days ago and since then CS doesn't work anymore. When logging in I always get the error "User authetification failed". I suspect that the update has broken something or the settings have been changed. But I can't find the error.

What I've tried so far:
 • reload profiles (delete and reinstall)
 • all imaginable settings adjusted and tested
 • different servers tested (seems no server problem)
 • hash regenerated
On Linux desktop the service works with the same login data. The error must therefore somehow be found in OpenVPN App. Here are my current settings and the log of a connection attempt:

Code: Select all

2018-48-01 XX:XX:50 1

2018-48-01 XX:XX:50 ----- OpenVPN Start -----
OpenVPN core 3.2 ios arm64 64-bit PT_PROXY built on Aug 17 2018 09:49:39

2018-48-01 XX:XX:50 Frame=512/2048/512 mssfix-ctrl=1250

2018-48-01 XX:XX:50 UNUSED OPTIONS
2 [resolv-retry] [16] 
8 [nobind] 
10 [down-pre] 
13 [verb] [4] 
14 [mute] [3] 
19 [tls-cipher] [TLS-DHE-RSA-WITH-AES-256-CBC-SHA] 
20 [tls-client] 
21 [key-method] [2] 

2018-48-01 XX:XX:50 EVENT: RESOLVE

2018-48-01 XX:XX:50 Contacting [89.163.214.183]:443/TCP via TCP

2018-48-01 XX:XX:50 EVENT: WAIT

2018-48-01 XX:XX:50 Connecting to [linux-dusseldorf.cryptostorm.net]:443 (89.163.214.183) via TCPv4

2018-48-01 XX:XX:50 EVENT: CONNECTING

2018-48-01 XX:XX:50 Tunnel Options:V4,dev-type tun,link-mtu 1604,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,cipher AES-256-CBC,auth SHA512,keysize 256,key-method 2,tls-client

2018-48-01 XX:XX:50 Creds: Username/Password

2018-48-01 XX:XX:50 Peer Info:
IV_GUI_VER=net.openvpn.connect.ios 3.0.0-712
IV_VER=3.2
IV_PLAT=ios
IV_LZO_STUB=1
IV_COMP_STUB=1
IV_IPv6=0


2018-48-01 XX:XX:50 VERIFY OK : depth=1
cert. version   : 3
serial number   : XX:XX:XX:XX:XX:XX:XX:XX
issuer name    : C=CA, ST=QC, L=Montreal, O=Katana Holdings Limite / cryptostorm_darknet, OU=Tech Ops, CN=cryptostorm_is, emailAddress=certadmin@cryptostorm.is
subject name   : C=CA, ST=QC, L=Montreal, O=Katana Holdings Limite / cryptostorm_darknet, OU=Tech Ops, CN=cryptostorm_is, emailAddress=certadmin@cryptostorm.is
issued on    : 2017-12-16 07:59:42
expires on    : 2067-12-16 07:59:42
signed using   : RSA with SHA-256
RSA key size   : 2048 bits
basic constraints : CA=true


2018-48-01 XX:XX:50 VERIFY OK : depth=0
cert. version   : 3
serial number   : 0A
issuer name    : C=CA, ST=QC, L=Montreal, O=Katana Holdings Limite / cryptostorm_darknet, OU=Tech Ops, CN=cryptostorm_is, emailAddress=certadmin@cryptostorm.is
subject name   : C=CA, ST=QC, L=Montreal, O=Katana Holdings Limite / cryptostorm_darknet, OU=Tech Ops, CN=server, emailAddress=certadmin@cryptostorm.is
issued on    : 2017-12-16 07:59:53
expires on    : 2019-12-16 07:59:53
signed using   : RSA with SHA-256
RSA key size   : 2048 bits
basic constraints : CA=false
cert. type    : SSL Server
key usage     : Digital Signature, Key Encipherment
ext key usage   : TLS Web Server Authentication


2018-48-01 XX:XX:50 SSL Handshake: TLSv1.2/TLS-DHE-RSA-WITH-AES-256-CBC-SHA

2018-48-01 XX:XX:50 Session is ACTIVE

2018-48-01 XX:XX:50 EVENT: GET_CONFIG

2018-48-01 XX:XX:50 Sending PUSH_REQUEST to server...

2018-48-01 XX:XX:51 AUTH_FAILED

2018-48-01 XX:XX:51 EVENT: AUTH_FAILED [ERR]

2018-48-01 XX:XX:51 Raw stats on disconnect:
 BYTES_IN : 4167
 BYTES_OUT : 1236
 PACKETS_IN : 9
 PACKETS_OUT : 9

2018-48-01 XX:XX:51 Performance stats on disconnect:
 CPU usage (microseconds): 141530
 Network bytes per CPU second: 38175
 Tunnel bytes per CPU second: 0

2018-48-01 XX:XX:51 EVENT: DISCONNECTED

2018-48-01 XX:XX:51 Raw stats on disconnect:
 BYTES_IN : 4167
 BYTES_OUT : 1236
 PACKETS_IN : 9
 PACKETS_OUT : 9
 AUTH_FAILED : 1

2018-48-01 XX:XX:51 Performance stats on disconnect:
 CPU usage (microseconds): 142114
 Network bytes per CPU second: 38018
 Tunnel bytes per CPU second: 0
ovpn-profile.jpg
ovpn-settings.jpg
Does anyone have similar problems or a tip for me? Other VPN services, on the other hand, work perfectly with the app.


prospav
Posts: 8
Joined: Sun Jan 06, 2013 7:19 pm

Re: iOS: OpenVPN 3.0 "Authentication Failed"

Post by prospav » Sat Sep 01, 2018 10:58 pm

For username, only use the token provided, not hashed.
In settings, set compression to full. I have AES-CBC off, so far no difference if off or on.
Took a few days to play around with and support helped out. I'm on udp.


pedro_cucaracha_3

Re: iOS: OpenVPN 3.0 "Authentication Failed"

Post by pedro_cucaracha_3 » Sun Sep 02, 2018 8:39 pm

I have the same issue as OP. No connections are possible because auto fails


at

Re: iOS: OpenVPN 3.0 "Authentication Failed"

Post by at » Mon Sep 03, 2018 2:50 pm

The new version of openvpn connect does not have enough space in the username field to fit the hashed token.
See here: viewtopic.php?f=32&t=9753
Using the unhashed token does not work for me.

User avatar

Topic Author
0xD4
Posts: 3
Joined: Sat Sep 01, 2018 5:49 pm

Re: iOS: OpenVPN 3.0 "Authentication Failed"

Post by 0xD4 » Thu Sep 20, 2018 12:10 pm

They will change this by version 3.0.3.

User avatar

Topic Author
0xD4
Posts: 3
Joined: Sat Sep 01, 2018 5:49 pm

Re: iOS: OpenVPN 3.0 "Authentication Failed"

Post by 0xD4 » Thu Oct 04, 2018 9:06 pm

Allready fixed in 3.0.2.

Post Reply