CloudConnexa: AUTH_FAILED in Client

Symptom

An OpenVPN Client fails to authenticate to a CloudConnexa connection profile. The Client logs display the following error message:

AUTH: Received control message: AUTH_FAILED

Note: Refer to ‘Where to Find OpenVPN Client Logs’ for details on locating logs.

Reason

CloudConnexa uses a web authentication process that some third-party or open-source clients (such as the Ubuntu VPN GUI) don't support natively.

Resolution

Option 1: Use a supported OpenVPN Client

Use an OpenVPN Client that natively supports CloudConnexa web authentication. These include:

• OpenVPN Connect for Windows, macOS, Android, or iOS (version 3.1.0 and newer).

• OpenVPN 3 for Linux.

Option 2: Disable connection authentication for the User group

You can turn off the connection authentication requirement for the User group. This allows users to authenticate using only the mutual digital certificate included in their connection profile, bypassing the need for web authentication.

Important: This change affects all users within that group.

Steps:

1. Log in to the CloudConnexa Administration Portal.

2. Go to Users > Groups.

3. Click the edit button (pencil icon) for the User group.

4. Set the Connect Auth setting to No, and click Save.

Note: Users must still authenticate to sign in to the User Portal and initially download their connection profiles.

Option 3: Use a Host Connector profile

Host Connectors utilize mutual digital certificate authentication and token-based sessions. They entirely ignore username and password values, bypassing the need for web authentication.

Refer to the ‘about Hosts’ section for more information.