Can not connect SSL VPN

Hello Laxmi Diamond,

Thank you for reaching out to the community, Please login into the ssh with the admin credentials via Putty. Press 4 for the device control and share us the output of the following command: 
console> system diagnostics show disk

Hi, Laxmi Diamond Based on shared logs "Received control message: AUTH_FAILED" seems the enter details for username or password are not correct, if it is already correct check if the user is allowed to login over the VPN or max log limit settings, etc. Something more needs to be checked on authentication side settings or user credentials to solve the above error.

Hi Vivek,

Thanks for the reply.

Please show below details for console> system diagnostics show disk

console> system diagnostics show disk
Partition Utilization(%)
===============================
configuration 20%
content 13%
report 80%

Hi Vishal,

There is not issue regarding username and password. because of from username and password we can login on sophos user portal.

So I think this is not username and password related issue.

Hello Laxmi Diamond,

Thank you for the update, as I suspected based on the following log: 
Sat Jun 18 17:24:51 2022 SENT CONTROL [Appliance_Certificate_VEVBvvJkVo44PSp]: 'PUSH_REQUEST' (status=1)

Your reporting has reached to 80% threshold, and the users are not able to connect because the request is not able to process due to the space available 

*NOTE: If report use is 80% or higher, the firewall will stop displaying reports.
              If report use is 90% or higher, the report database service is possibly dead.

Try purging the reports: 
Manual purge of report data - https://support.sophos.com/support/s/article/KB-000035779?language=en_US

Once the threshold is below 80% try connecting the user again and share us the results.
 

Hi Laxmi Diamond Is it an AD user and is it a specific user/user group for which this error is appearing? OR Adding a test user on XG and trying with that user (local XG database user) has also a similar error while connecting SSL VPN from outside? 

Hi Vishal,

Thank you for the reply.

We have only use local user which created in XG firewall. we are not using AD user for SSL VPN. We have not integrate AD user in XG Firewall. We have tried only with local user of XG firewall. 

Laxmi Diamond Did you tried clearing the disk space as suggested above ?

Hi Vivek,

Thanks for reply and update.

we have follow you steps means we have manual purged report and currently report size 21%. please refer below screenshot.

But still issue is same SSL vpn not connected and get same error.

 below error for during ssl vpn connect.

Tue Jun 21 17:25:34 2022 MANAGEMENT: CMD 'username "Auth" "LDPLU1"'
Tue Jun 21 17:25:34 2022 MANAGEMENT: CMD 'password [...]'
Tue Jun 21 17:25:35 2022 Socket Buffers: R=[65536->65536] S=[65536->65536]
Tue Jun 21 17:25:35 2022 Attempting to establish TCP connection with [AF_INET]180.211.116.194:8443 [nonblock]
Tue Jun 21 17:25:35 2022 MANAGEMENT: >STATE:1655812535,TCP_CONNECT,,,,,,
Tue Jun 21 17:25:36 2022 TCP connection established with [AF_INET]180.211.116.194:8443
Tue Jun 21 17:25:36 2022 TCPv4_CLIENT link local: [undef]
Tue Jun 21 17:25:36 2022 TCPv4_CLIENT link remote: [AF_INET]180.211.116.194:8443
Tue Jun 21 17:25:36 2022 MANAGEMENT: >STATE:1655812536,WAIT,,,,,,
Tue Jun 21 17:25:36 2022 MANAGEMENT: >STATE:1655812536,AUTH,,,,,,
Tue Jun 21 17:25:36 2022 TLS: Initial packet from [AF_INET]180.211.116.194:8443, sid=e7d92a57 aeecf3d3
Tue Jun 21 17:25:36 2022 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Tue Jun 21 17:25:37 2022 VERIFY OK: depth=1, C=IN, ST=Gujarat, L=SURAT, O=ld, OU=1985, CN=laxmi, emailAddress=it@laxmidiamond.com
Tue Jun 21 17:25:37 2022 VERIFY X509NAME OK: C=NA, ST=NA, L=NA, O=NA, OU=NA, CN=Appliance_Certificate_VEVBvvJkVo44PSp, emailAddress=na@example.com
Tue Jun 21 17:25:37 2022 VERIFY OK: depth=0, C=NA, ST=NA, L=NA, O=NA, OU=NA, CN=Appliance_Certificate_VEVBvvJkVo44PSp, emailAddress=na@example.com
Tue Jun 21 17:25:40 2022 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Tue Jun 21 17:25:40 2022 Data Channel Encrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
Tue Jun 21 17:25:40 2022 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Tue Jun 21 17:25:40 2022 Data Channel Decrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
Tue Jun 21 17:25:40 2022 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Tue Jun 21 17:25:40 2022 [Appliance_Certificate_VEVBvvJkVo44PSp] Peer Connection Initiated with [AF_INET]180.211.116.194:8443
Tue Jun 21 17:25:41 2022 MANAGEMENT: >STATE:1655812541,GET_CONFIG,,,,,,
Tue Jun 21 17:25:42 2022 SENT CONTROL [Appliance_Certificate_VEVBvvJkVo44PSp]: 'PUSH_REQUEST' (status=1)
Tue Jun 21 17:25:42 2022 AUTH: Received control message: AUTH_FAILED
Tue Jun 21 17:25:42 2022 SIGUSR1[soft,auth-failure] received, process restarting
Tue Jun 21 17:25:42 2022 MANAGEMENT: >STATE:1655812542,RECONNECTING,auth-failure,,,,,
Tue Jun 21 17:25:42 2022 Restart pause, 5 second(s)

Hello Laxmi Diamond,

What is the version of the firmware ?

Can you double check with the subnet of SSL VPN 

And if it is v19, then the issue could be related to the following, you may check the link below:
https://community.sophos.com/sophos-xg-firewall/f/recommended-reads/132121/ssl-vpn-ipv4-lease-range-changes-in-sfos-v19