OpenVPN Access Server w/ Duo Issues

#1

Hello all, I am having issues getting Duo 2FA to work with an OpenVPN Access Server setup.

OpenVPN access server is setup without issues, GUI works just fine: can log in etc.

Following the documentation here: Two-Factor Authentication for OpenVPN Access Server | Duo Security I get stuck at the step to run the python script.

Here’s my command: /usr/local/openvpn_as/scripts/sacli -a admin_username -k auth.module.post_auth_script --value_file=/usr/local/openvpn_as/scripts/duo_openvpn_as.py ConfigPut

Where admin_username is the username of an admin openvpn user.

Error: `Unhandled Error
Traceback (most recent call last):
File “build/bdist.linux-x86_64/egg/pyovpn/sagent/sacli.py”, line 1145, in start

File “build/bdist.linux-x86_64/egg/pyovpn/util/options.py”, line 81, in run

File “/usr/local/openvpn_as/lib/python2.7/site-packages/Twisted-17.9.0-py2.7-linux-x86_64.egg/twisted/internet/base.py”, line 1243, in run
self.mainLoop()
File “/usr/local/openvpn_as/lib/python2.7/site-packages/Twisted-17.9.0-py2.7-linux-x86_64.egg/twisted/internet/base.py”, line 1252, in mainLoop
self.runUntilCurrent()
— —
File “/usr/local/openvpn_as/lib/python2.7/site-packages/Twisted-17.9.0-py2.7-linux-x86_64.egg/twisted/internet/base.py”, line 878, in runUntilCurrent
call.func(*call.args, **call.kw)
File “/usr/local/openvpn_as/lib/python2.7/site-packages/Twisted-17.9.0-py2.7-linux-x86_64.egg/twisted/internet/tcp.py”, line 583, in doConnect
self._connectDone()
File “/usr/local/openvpn_as/lib/python2.7/site-packages/Twisted-17.9.0-py2.7-linux-x86_64.egg/twisted/internet/tcp.py”, line 612, in _connectDone
self.protocol.makeConnection(self)
File “/usr/local/openvpn_as/lib/python2.7/site-packages/Twisted-17.9.0-py2.7-linux-x86_64.egg/twisted/internet/protocol.py”, line 510, in makeConnection
self.connectionMade()
File “build/bdist.linux-x86_64/egg/pyovpn/xml/udscli.py”, line 24, in connectionMade

File “build/bdist.linux-x86_64/egg/pyovpn/xml/xmlclibase.py”, line 27, in connectionMade

File “/usr/local/openvpn_as/lib/python2.7/site-packages/Twisted-17.9.0-py2.7-linux-x86_64.egg/twisted/web/xmlrpc.py”, line 354, in connectionMade
auth = b’:’.join([myenc(self.factory.user), myenc(self.factory.password)])
exceptions.TypeError: sequence item 1: expected string, NoneType found

^CERROR: Connection to the other side was lost in a non-clean fashion: Connection lost. (twisted.internet.error.ConnectionLost)
[root@advpn02v ~]# /usr/local/openvpn_as/scripts/sacli -a openvpn -k auth.module.post_auth_script --value_file=/usr/local/openvpn_as/[root@advpn02v ~]# /usr/local/openvpn_as/scripts/sacli -a openvpn -k auth.module.post_auth_script --value_file=/usr/local/openvpn_as/scripts/duo_openvpn_as.py ConfigPut
Unhandled Error
Traceback (most recent call last):
File “build/bdist.linux-x86_64/egg/pyovpn/sagent/sacli.py”, line 1145, in start

File “build/bdist.linux-x86_64/egg/pyovpn/util/options.py”, line 81, in run

File “/usr/local/openvpn_as/lib/python2.7/site-packages/Twisted-17.9.0-py2.7-linux-x86_64.egg/twisted/internet/base.py”, line 1243, in run
self.mainLoop()
File “/usr/local/openvpn_as/lib/python2.7/site-packages/Twisted-17.9.0-py2.7-linux-x86_64.egg/twisted/internet/base.py”, line 1252, in mainLoop
self.runUntilCurrent()
— —
File “/usr/local/openvpn_as/lib/python2.7/site-packages/Twisted-17.9.0-py2.7-linux-x86_64.egg/twisted/internet/base.py”, line 878, in runUntilCurrent
call.func(*call.args, **call.kw)
File “/usr/local/openvpn_as/lib/python2.7/site-packages/Twisted-17.9.0-py2.7-linux-x86_64.egg/twisted/internet/tcp.py”, line 583, in doConnect
self._connectDone()
File “/usr/local/openvpn_as/lib/python2.7/site-packages/Twisted-17.9.0-py2.7-linux-x86_64.egg/twisted/internet/tcp.py”, line 612, in _connectDone
self.protocol.makeConnection(self)
File “/usr/local/openvpn_as/lib/python2.7/site-packages/Twisted-17.9.0-py2.7-linux-x86_64.egg/twisted/internet/protocol.py”, line 510, in makeConnection
self.connectionMade()
File “build/bdist.linux-x86_64/egg/pyovpn/xml/udscli.py”, line 24, in connectionMade

File “build/bdist.linux-x86_64/egg/pyovpn/xml/xmlclibase.py”, line 27, in connectionMade

File “/usr/local/openvpn_as/lib/python2.7/site-packages/Twisted-17.9.0-py2.7-linux-x86_64.egg/twisted/web/xmlrpc.py”, line 354, in connectionMade
auth = b’:’.join([myenc(self.factory.user), myenc(self.factory.password)])
exceptions.TypeError: sequence item 1: expected string, NoneType found

ERROR: Connection was closed cleanly. (twisted.internet.error.ConnectionDone)`


I have confirmed that all the keys and API hostname is correct.

Any help would be appreciated.

0 Likes