SSL Client - Blue screen

Please let us know what Microsoft or Lenovo comes up with.

Cheers - Bob

Hi,

We've been having a lot of issues lately with Sophos' SSL client (as well as the OpenSSL one) on a lot of clients. 

When some people connect to the VPN, when they're at the point where the connection would be established, the computers crash and go all "BSOD" on us. 

The NDIS.sys file is at cause here but I believe it must be a conflict with something else since it is very hit and miss. The problem occurs on ~30 thinkpads (out of ~600 users), various models from T510 to T440s. Windows is up to date up some, not so much on others..) 

Mostly, I believe it is all Intel NICS for Wireless and Wired connections. we've tried old versions of Intel drivers as well as newer ones.

We also tried to update the TAP driver with no success.

The message is SYSTEM_SERVICE_EXCEPTION with a code of 0X0000003B.

Has anyone been experiencing similar issues? 

I've read there should be a new SSL client in the next UTM release but until then, I'm still trying to figure out what could cause this issue.

Thanks!

Have you tried utilizing OpenVPN's application?  Sophos's SSL client is more or less the rebranded OpenVPN x86 GUI application

Not sure if you've already come across this or not:

https://msdn.microsoft.com/en-us/library/windows/hardware/ff558949(v=vs.85).aspx

If it's occuring in Windows 8:
http://www.tomshardware.com/faq/id-1653284/fix-system-service-exception-bsod-error-windows.html

Hi there,

I've installed the Sophos SSL client software recently (last friday) and tried to connect to a server of a customer.
On friday I got a bluescreen of death in that moment as the connection was established (I watched the protocoll during the connection process as the primary attempt failed due to some network issues, so I tried it via a normal internet connection without our company's network in between).

My BSOD was related to the ndis.sys too, but it wasn't the SYSTEM_SERVICE_EXCEPTION. It was a DRIVER_IRQL_NOT_LESS_OR_EQUAL error, saying it stopped at 0x000000D1 in ndis.sys Address FFFFF880016DAF05 base at FFFFF880016D1000

I searched the web up and down and couldn't find any particular information/help so far.

Today I've tried it again and the error message was the same.

I need this connection to work as otherwise I'd have to travel several 100km to the customer every week :-(

Any further ideas where this error message comes from?
Any information how to test it to narrow it down?
-> The 2 links from Microsoft and tomshardware did not help me, but thenkas for them.

I'm using a Windows 7 64bit OS, WLAN connection (Intel Centrino Advanced-N 6205)

Thank you for your assistance.

It sounds like a network driver issue... have you verified your running the most up to date drivers for whatever network card you're utilizing?

If you're running the most up to date drivers from Intel's site (not the device manufacturer's driver's page), google the following:

Intel Centrino Advanced-N 6205 DRIVER_IRQL_NOT_LESS_OR_EQUAL ndis.sys

It may take some digging, and to provide an example (different circumstances, but similar enough to provide an example):

It took me a couple of hours to troubleshoot a similar issue with a broadcom ac wlan that came preinstalled on my AW18 after I upgraded to Windows 10.  Even though broadcom had released a windows 10 driver package, they included within the package a windows 8 driver that was causing the issue, however it took me several days of BSODs and searching to finally come across a thread that explained what was going on.  Since there were no other driver packages for windows 10 for this specific card, I ended up switching back to my Intel 7260ac.

Because the BSOD is occurring immediately upon connection, this is most indicative of a network driver issue.  Have you tried using LAN, instead of wifi, to establish the connection?

Hi Guys
Did anyone find the root cause of this issue? We have several T440's and T450's with the same issue and whilst I suspect the network drivers, I have been unable to replicate the issue so I'm finding it hard to target the cause. I wonder if anyone has any more info or has found a conflict or driver that specifically caused this issue?

Many thanks in advance!

Hi Dan.

Are you seeing the same windows log error message as others in this thread (ndis.sys error)?
Did you try using the latest OpenVPN OEM program installer instead of the Sophos branded one (will need to install the SSL VPN config after)? Did you try a newer NIC driver set?

Hi Scott
Thanks for getting back to me.
It is the same error as above (ndis.sys) but interestingly the laptops can also bluescreen with the scfndis.sys. This issue is different in that it's not happening through the sophos ssl client that I am aware of but randomly through our wifi/lan network. I am still unable to replicate the issue and as such it is still random but the fact both errors are relating to ndis.sys points to a network driver conflict? I have updated the NIC drivers to the latest intel ones but the issue is still occurring.
Many thanks in advance
Dan