Viscosity 1.10 getting auth failure (roll back to previous version works)

Got a problem with Viscosity or need help? Ask here!

grayaii

Posts: 1
Joined: Tue Oct 26, 2021 10:08 pm

Post by grayaii » Tue Oct 26, 2021 10:23 pm
After the latest Viscosity upgrade a few days ago, I couldn't connect to any of my Openvpn servers.
It was driving me nuts, since I was able to connect with all other VPN clients, like OpenVPN client for instance.

I even wiped all Viscosity items in my KeyChain, uninstalled, reinstall, nothing worked.

I followed the full uninstall process here:
https://www.sparklabs.com/support/kb/ar ... osity-mac/

I ended up installing the previous version of Viscosity here:
https://swupdate.sparklabs.com/download ... 01.9.4.dmg

And now everything works.

I'm using MacOS Big Sur 11.6, if that helps, but I'm pretty confident the issue was with the latest version of Viscosity, since that is the only thing that changed on my system (that I know of).

Unfortunately, I do not have the Viscosity logs, but it was definitely saying "AUTH FAILURE", which was bogus, since I checked like a million times, and it was the same username/password saved in my lasspass account, which worked with my other VPN clients. I was using Google Auth as my MFA too. I don't know if that plays a role in reproducing the bug.

Anyway, I wanted to let you know about this, in case anyone else runs into this.

Thanks!

Alex

James

User avatar
Posts: 2130
Joined: Thu Sep 04, 2008 9:27 pm

Post by James » Wed Oct 27, 2021 8:15 am
Hi Alex,

Viscosity 1.10 updates OpenVPN to version 2.5, which is a major update. It sounds likely that something about your setup is not currently compatible with OpenVPN 2.5.

We strongly recommend getting your connection working with 2.5, however in the meantime it's not necessary to downgrade to an older version of Viscosity to get it connecting again. You can still use OpenVPN 2.4 by opening Viscosity's Preferences window, going to the Advanced tab, and changing the OpenVPN version to 2.4.

An AUTH_FAIL message is sent by the OpenVPN server. While it typically indicates that a username, password, or two-factor credential was incorrect, the server may be sending the message for another reason as well. AUTH_FAIL messages are also a normal part of dynamic two-factor authentication. Anything that causes the server's authentication script to reject the session will cause an AUTH_FAIL message: you'll need to check the logs on the OpenVPN server for the actual reason.

If you'd like for us to take a look at the log for you to see whether any OpenVPN 2.5 compatibility issues stand out, please email us the details listed in the following article and we'll take a look for you:
https://www.sparklabs.com/support/kb/ar ... ort-staff/

Cheers,
James
James Bekkema
Viscosity Developer

Web: http://www.sparklabs.com
Support: http://www.sparklabs.com/support
Twitter: http://twitter.com/sparklabs
2 posts Page 1 of 1