[Openvpn-users] AUTH_FAILED only on a client

[Pol H. <pol...@gm...>]

Hello guys!

I've same working linux clients with openvpn 2.4.7 (debian) with:

remote IP PORT
client
dev tap
proto udp
nobind
user nobody
group nobody
persist-key
persist-tun
keepalive 10 60
cipher AES-256-CBC
auth SHA512
tls-cipher 
TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-128-GCM-SHA256:TLS-DHE-RSA-WITH-AES-256-CBC-SHA:TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA:TLS-DHE-RSA-WITH-AES-128-CBC-SHA:TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA
ca /etc/openvpn/ca.crt
cert /etc/openvpn/client01.crt
key /etc/openvpn/client01.key
tls-auth /etc/openvpn/ta.key 1
comp-lzo
verb 3
mute 20
ping-restart 0
remote-cert-tls server
askpass /etc/openvpn/askpass
auth-user-pass /etc/openvpn/pass

on a new debian 12 client (openvpn 2.6.3) I have same config with 
different client key but I can't connect:

2024-11-09 10:35:04 TLS: Initial packet from [AF_INET]IP, sid=3f598f7a 
e6dc1665
2024-11-09 10:35:04 VERIFY OK: depth=1, C=IT, ST=IT, L=Italy, O=Italy, 
OU=Italy, CN=noname.org, name=VPN, ema...@no...
2024-11-09 10:35:04 VERIFY KU OK
2024-11-09 10:35:04 Validating certificate extended key usage
2024-11-09 10:35:04 ++ Certificate has EKU (str) TLS Web Server 
Authentication, expects TLS Web Server Authentication
2024-11-09 10:35:04 VERIFY EKU OK
2024-11-09 10:35:04 NOTE: --mute triggered...
2024-11-09 10:35:07 2 variation(s) on previous 20 message(s) suppressed 
by --mute
2024-11-09 10:35:07 [server] Peer Connection Initiated with [AF_INET]IP:PORT
2024-11-09 10:35:07 TLS: move_session: dest=TM_ACTIVE src=TM_INITIAL 
reinit_src=1
2024-11-09 10:35:07 TLS: tls_multi_process: initial untrusted session 
promoted to trusted
2024-11-09 10:35:08 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
2024-11-09 10:35:08 AUTH: Received control message: AUTH_FAILED
2024-11-09 10:35:08 SIGTERM[soft,auth-failure] received, process exiting

any idea to solve?
thanks!

-- 
Pol