SSL-VPN

Hi Yash, 

do you have the possibility to check my sophos SSL-VPN setting though the remote session?

Regards

Nazir

Hi Nazir Heravi,

Please change the port back to 8443.

Check tcpdump on XG by following the below steps.

==> Login to SSH > 4. Device Console

console> tcpdump 'port 8443

Connect SSL VPN client and check if you see any incoming packets on the firewall or not. Ensure that you've installed the latest user configuration file.

Hi Yash, 

I have connected with SSH but looks there is no connection see below also in Firewall Roll I see also no data exchange.

Regards

Nazir

VPN connection on UDP Protocol 

Tue Nov 09 22:07:29 2021 Restart pause, 2 second (s)
Tue Nov 09 22:07:31 2021 Socket Buffers: R = [65536-> 65536] S = [65536-> 65536]
Tue Nov 09 22:07:31 2021 MANAGEMENT:> STATE: 1636492051, RESOLVE ,,,,,,
Tue Nov 09 22:07:42 2021 MANAGEMENT:> STATE: 1636492062, RESOLVE ,,,,,,
Tue Nov 09 22:07:48 2021 UDPv4 link local: [undef]
Tue Nov 09 22:07:48 2021 UDPv4 link remote: [AF_INET] 80.145.240.133:8443
Tue Nov 09 22:07:48 2021 SIGHUP [hard, init_instance] received, process restarting
Tue Nov 09 22:07:48 2021 MANAGEMENT:> STATE: 1636492068, RECONNECTING, init_instance ,,,,,
Tue Nov 09 22:07:48 2021 OpenVPN 2.3.8 i686-w64-mingw32 [SSL (OpenSSL)] [LZO] [IPv6] built on Jul 3 2017
Tue Nov 09 22:07:48 2021 library versions: OpenSSL 1.0.2l 25 May 2017, LZO 2.09
Tue Nov 09 22:07:48 2021 Restart pause, 2 second (s)
Tue Nov 09 22:07:50 2021 Socket Buffers: R = [65536-> 65536] S = [65536-> 65536]
Tue Nov 09 22:07:50 2021 MANAGEMENT:> STATE: 1636492070, RESOLVE ,,,,,,
Tue Nov 09 22:07:50 2021 RESOLVE: Cannot resolve host address: starroute.ddns.net: The specified host is unknown.
Tue Nov 09 22:07:50 2021 MANAGEMENT:> STATE: 1636492070, RESOLVE ,,,,,,
Tue Nov 09 22:07:50 2021 RESOLVE: Cannot resolve host address: starroute.ddns.net: The specified host is unknown.
Tue Nov 09 22:07:58 2021 UDPv4 link local: [undef]
Tue Nov 09 22:07:58 2021 UDPv4 link remote: [AF_INET] 80.145.240.133:8443
Tue Nov 09 22:07:58 2021 MANAGEMENT:> STATE: 1636492078, WAIT ,,,,,

VPN connection on TCP Protocol 

Tue Nov 09 22:13:37 2021 MANAGEMENT:> STATE: 1636492417, RESOLVE ,,,,,,
Tue Nov 09 22:13:37 2021 MANAGEMENT:> STATE: 1636492417, TCP_CONNECT ,,,,,,
Tue Nov 09 22:13:47 2021 TCP: connect to [AF_INET] 80.145.240.133:8443 failed, will try again in 5 seconds: The system tried to find a drive in a directory on a JOIN-assigned drive to be assigned with SUBST.
Tue Nov 09 22:13:52 2021 MANAGEMENT:> STATE: 1636492432, RESOLVE ,,,,,,
Tue Nov 09 22:13:52 2021 MANAGEMENT:> STATE: 1636492432, TCP_CONNECT ,,,,,,
Tue Nov 09 22:14:03 2021 TCP: connect to [AF_INET] 80.145.240.133:8443 failed, will try again in 5 seconds: The system tried to find a drive in a directory on a JOIN-assigned drive to be assigned with SUBST.
Tue Nov 09 22:14:08 2021 MANAGEMENT:> STATE: 1636492448, RESOLVE ,,,,,,
Tue Nov 09 22:14:08 2021 MANAGEMENT:> STATE: 1636492448, TCP_CONNECT ,,,,,,
Tue Nov 09 22:14:18 2021 TCP: connect to [AF_INET] 80.145.240.133:8443 failed, will try again in 5 seconds: The system tried to find a drive in a directory on a JOIN-assigned drive to be assigned with SUBST.
Tue Nov 09 22:14:23 2021 MANAGEMENT:> STATE: 1636492463, RESOLVE ,,,,,,
Tue Nov 09 22:14:23 2021 MANAGEMENT:> STATE: 1636492463, TCP_CONNECT ,,,,,,
Tue Nov 09 22:14:33 2021 TCP: connect to [AF_INET] 80.145.240.133:8443 failed, will try again in 5 seconds: The system tried to find a drive in a directory on a JOIN-assigned drive to be assigned with SUBST.
Tue Nov 09 22:14:38 2021 MANAGEMENT:> STATE: 1636492478, RESOLVE ,,,,,,
Tue Nov 09 22:14:39 2021 MANAGEMENT:> STATE: 1636492479, TCP_CONNECT ,,,,,,
Tue Nov 09 22:14:49 2021 TCP: connect to [AF_INET] 80.145.240.133:8443 failed, will try again in 5 seconds: The system tried to find a drive in a directory on a JOIN-assigned drive to be assigned with SUBST.
Tue Nov 09 22:14:54 2021 MANAGEMENT:> STATE: 1636492494, RESOLVE ,,,,,,
Tue Nov 09 22:14:54 2021 MANAGEMENT:> STATE: 1636492494, TCP_CONNECT ,,,,,,
Tue Nov 09 22:15:04 2021 TCP: connect to [AF_INET] 80.145.240.133:8443 failed, will try again in 5 seconds: The system tried to find a drive in a directory on a JOIN-assigned drive to be assigned with SUBST.
Tue Nov 09 22:15:09 2021 MANAGEMENT:> STATE: 1636492509, RESOLVE ,,,,,,
Tue Nov 09 22:15:09 2021 MANAGEMENT:> STATE: 1636492509, TCP_CONNECT ,,,,,,
Tue Nov 09 22:15:19 2021 TCP: connect to [AF_INET] 80.145.240.133:8443 failed, will try again in 5 seconds: The system tried to find a drive in a directory on a JOIN-assigned drive to be assigned with SUBST.
Tue Nov 09 22:15:24 2021 MANAGEMENT:> STATE: 1636492524, RESOLVE ,,,,,,
Tue Nov 09 22:15:24 2021 MANAGEMENT:> STATE: 1636492524, TCP_CONNECT ,,,,,,
Tue Nov 09 22:15:34 2021 TCP: connect to [AF_INET] 80.145.240.133:8443 failed, will try again in 5 seconds: The system tried to find a drive in a directory on a JOIN-assigned drive to be assigned with SUBST.
Tue Nov 09 22:15:39 2021 MANAGEMENT:> STATE: 1636492539, RESOLVE ,,,,,,
Tue Nov 09 22:15:40 2021 MANAGEMENT:> STATE: 1636492540, TCP_CONNECT ,,,,,,
Tue Nov 09 22:15:50 2021 TCP: connect to [AF_INET] 80.145.240.133:8443 failed, will try again in 5 seconds: The system tried to find a drive in a directory on a JOIN-assigned drive to be assigned with SUBST.
Tue Nov 09 22:15:55 2021 MANAGEMENT:> STATE: 1636492555, RESOLVE ,,,,,,
Tue Nov 09 22:15:55 2021 MANAGEMENT:> STATE: 1636492555, TCP_CONNECT ,,,,,,
Tue Nov 09 22:16:05 2021 TCP: connect to [AF_INET] 80.145.240.133:8443 failed, will try again in 5 seconds: The system tried to find a drive in a directory on a JOIN-assigned drive to be assigned with SUBST.
Tue Nov 09 22:16:10 2021 MANAGEMENT:> STATE: 1636492570, RESOLVE ,,,,,,
Tue Nov 09 22:16:10 2021 MANAGEMENT:> STATE: 1636492570, TCP_CONNECT ,,,,,,
Tue Nov 09 22:16:20 2021 TCP: connect to [AF_INET] 80.145.240.133:8443 failed, will try again in 5 seconds: The system tried to find a drive in a directory on a JOIN-assigned drive to be assigned with SUBST.
Tue Nov 09 22:16:25 2021 MANAGEMENT:> STATE: 1636492585, RESOLVE ,,,,,,
Tue Nov 09 22:16:25 2021 MANAGEMENT:> STATE: 1636492585, TCP_CONNECT ,,,,,,
Tue Nov 09 22:16:35 2021 TCP: connect to [AF_INET] 80.145.240.133:8443 failed, will try again in 5 seconds: The system tried to find a drive in a directory on a JOIN-assigned drive to be assigned with SUBST.
Tue Nov 09 22:16:40 2021 MANAGEMENT:> STATE: 1636492600, RESOLVE ,,,,,,
Tue Nov 09 22:16:40 2021 MANAGEMENT:> STATE: 1636492600, TCP_CONNECT ,,,,,,
Tue Nov 09 22:16:50 2021 TCP: connect to [AF_INET] 80.145.240.133:8443 failed, will try again in 5 seconds: The system tried to connect to a directory on a JOIN

Hallo 

I am still not able to connect SSL VPN can you advice me where the problem can be ?

Sat Nov 13 22:06:39 2021 Socket Buffers: R=[65536->65536] S=[65536->65536]
Sat Nov 13 22:06:39 2021 MANAGEMENT: >STATE:1636837599,RESOLVE,,,,,,
Sat Nov 13 22:06:42 2021 Attempting to establish TCP connection with [AF_INET]79.226.58.37:8443 [nonblock]
Sat Nov 13 22:06:42 2021 MANAGEMENT: >STATE:1636837602,TCP_CONNECT,,,,,,
Sat Nov 13 22:06:43 2021 TCP connection established with [AF_INET]79.226.58.37:8443
Sat Nov 13 22:06:43 2021 TCPv4_CLIENT link local: [undef]
Sat Nov 13 22:06:43 2021 TCPv4_CLIENT link remote: [AF_INET]79.226.58.37:8443
Sat Nov 13 22:06:43 2021 MANAGEMENT: >STATE:1636837603,WAIT,,,,,,
Sat Nov 13 22:06:43 2021 MANAGEMENT: >STATE:1636837603,AUTH,,,,,,
Sat Nov 13 22:06:43 2021 TLS: Initial packet from [AF_INET]79.226.58.37:8443, sid=88b6fc8d e50d8b66
Sat Nov 13 22:06:43 2021 VERIFY OK: depth=1, C=NA, ST=NA, L=NA, O=NA, OU=NA, CN=Default_CA_IhUBaUk0QMxUMzm, emailAddress=na@example.com
Sat Nov 13 22:06:43 2021 VERIFY X509NAME OK: C=NA, ST=NA, L=NA, O=NA, OU=NA, CN=Appliance_Certificate_0iexzAaWfiuMl7H, emailAddress=na@example.com
Sat Nov 13 22:06:43 2021 VERIFY OK: depth=0, C=NA, ST=NA, L=NA, O=NA, OU=NA, CN=Appliance_Certificate_0iexzAaWfiuMl7H, emailAddress=na@example.com
Sat Nov 13 22:06:43 2021 Connection reset, restarting [0]
Sat Nov 13 22:06:43 2021 SIGUSR1[soft,connection-reset] received, process restarting
Sat Nov 13 22:06:43 2021 MANAGEMENT: >STATE:1636837603,RECONNECTING,connection-reset,,,,,
Sat Nov 13 22:06:43 2021 Restart pause, 5 second(s)
Sat Nov 13 22:06:48 2021 Socket Buffers: R=[65536->65536] S=[65536->65536]
Sat Nov 13 22:06:48 2021 MANAGEMENT: >STATE:1636837608,RESOLVE,,,,,,
Sat Nov 13 22:06:48 2021 Attempting to establish TCP connection with [AF_INET]79.226.58.37:8443 [nonblock]
Sat Nov 13 22:06:48 2021 MANAGEMENT: >STATE:1636837608,TCP_CONNECT,,,,,,
Sat Nov 13 22:06:49 2021 TCP connection established with [AF_INET]79.226.58.37:8443
Sat Nov 13 22:06:49 2021 TCPv4_CLIENT link local: [undef]
Sat Nov 13 22:06:49 2021 TCPv4_CLIENT link remote: [AF_INET]79.226.58.37:8443
Sat Nov 13 22:06:49 2021 MANAGEMENT: >STATE:1636837609,WAIT,,,,,,
Sat Nov 13 22:06:49 2021 MANAGEMENT: >STATE:1636837609,AUTH,,,,,,
Sat Nov 13 22:06:49 2021 TLS: Initial packet from [AF_INET]79.226.58.37:8443, sid=da4925a5 69b97a5f
Sat Nov 13 22:06:49 2021 VERIFY OK: depth=1, C=NA, ST=NA, L=NA, O=NA, OU=NA, CN=Default_CA_IhUBaUk0QMxUMzm, emailAddress=na@example.com
Sat Nov 13 22:06:49 2021 VERIFY X509NAME OK: C=NA, ST=NA, L=NA, O=NA, OU=NA, CN=Appliance_Certificate_0iexzAaWfiuMl7H, emailAddress=na@example.com
Sat Nov 13 22:06:49 2021 VERIFY OK: depth=0, C=NA, ST=NA, L=NA, O=NA, OU=NA, CN=Appliance_Certificate_0iexzAaWfiuMl7H, emailAddress=na@example.com
Sat Nov 13 22:06:50 2021 Connection reset, restarting [0]
Sat Nov 13 22:06:50 2021 SIGUSR1[soft,connection-reset] received, process restarting
Sat Nov 13 22:06:50 2021 MANAGEMENT: >STATE:1636837610,RECONNECTING,connection-reset,,,,,
Sat Nov 13 22:06:50 2021 Restart pause, 5 second(s)

Regards

Nazir

Hello Nazir,

can you give us a screenshot of your LANCOM configuration regarding the port-forwarding?

Hello Philipp, 

thank you from your answer, below you can see my port-forwarding in Lancom Router as well my Lancom WAN and LAN configuration 

192.168.10.2 ist my sophos-firewall wan-port.

Regards

Nazir

Hello Nazir,

that notation "8.443" seems odd to me, can you chek this?

Also, we have had some problems with Lancom configuration through the webinterface, can you try configuration with LANconfig?

Hello Philipp, 

I didn't understand what do you mean that notation 8443 seems odd to you? could you please a little bit explain it what should I do here ? I do always the configuration with LAN config tool.

Regards

Nazir

Hello Nazir,

Most likely it's no longer necessary but just in case this was not clear yet; with "notation" jprusch's literally meant the "." in between the 8 and 443. Since it shows in your picture "8.443" in stead of "8443". I've searched for pictures of different kinds of port forwarding tables and none of the common results show port numbers with dots in between the digits.

Kind regards,

Timo

Hello Time, 

unfortunately my problem is still not solved and I am surprised in this big community there is no one to support me in order to fined the Problem I thanks from Yash and Philip they tried to solve my problem but then I have got no more advice from them.
in case of "." which you have meintioned I want tell you that the LANCOM Router put "." automatically

regards

Nazir