Thread Info
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SSL VPN - client won't re-connect unless I re-install the Sophos Connect app

Aaron Berger

Firewall Site:

- XG125w (SFOS 19.0.1 MR-1-Build365), IP Range 192

- Network range: 192.168.0.X

Remote Client Details:

- Network range: 192.168.5.X

- Sophos Connect Client Version: 2.7.75.0506

- Client OS: Win10 Pro 64bit (latest Windows updates, drivers and firmware installed)

If I uninstall the Sophos Connect Client, reboot and re-install the client and re-import the connection config it will connect the first time and I can access resources on the remote network. However, if I disconnect and try to reconnect (or try reboot and reconnect), the connection stays stuck on "please wait - establishing connection". I've tried resetting the Windows network stack, using wifi and ethernet, different user account, remove AV, disable Windows firewall, reboot network equipment.

If I check the Firewall sslvpn logs it shows the user has successfully connected each time (whether it completes the connection or not for the client).

I tested the same user sslvpn connection on a different computer and it doesn't experience this issue.

I see these warning/error in the client vpn logs:

- ROUTE: route addition failed using service: The object already exists.   [status=5010 if_index=14]

- MANAGEMENT: >STATE:1665627235,CONNECTED,ERROR

What could be causing this issue?



This thread was automatically locked due to age.
  • 0

    You need to have enough local rights to add and remove ip routes.

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.

    • 0 in reply to PhilippRusch

      User is local Admin. Also tried running Sophos Connect Client as administrator. Is that what you mean by enough rights?

      • 0 in reply to Aaron Berger

        Hi Regarding the error "The error Object already exists"  mostly only occurs if the system already has routes. Please check by entering route print in CMD and see if the route is already there or not on the same interface or any other interfaces of the system. If there's a route already there, there may be a chance that there are two different networks with the same IP subnet. Once you've taken care of that, you should not see the error while connecting SSL VPN.

        Regards,

        Vishal Ranpariya
        Technical Account Manager | Sophos Technical Support
        Sophos Support Videos | Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
        If a post solves your question use the 'Verify Answer' link.

        • 0 in reply to Vishal_R

          I checked the routes before and after making the connection. Definitely no route for XG125 network in the list (192.168.0.X or the VPN IP range). This is what show in ipv4 route table: 

          • 0 in reply to Vishal_R

            Hi Vishal,

            that's what I thought, too. Maybe a route already exists and has to be removed manually before installing again.

            Mit freundlichem Gruß, best regards from Germany,

            Philipp Rusch

            New Vision GmbH, Germany
            Sophos Silver-Partner

            If a post solves your question please use the 'Verify Answer' button.

            • 0 in reply to PhilippRusch

              Hello Aaron,

              can you show the routing table after you tried establishing the connection?

              Mit freundlichem Gruß, best regards from Germany,

              Philipp Rusch

              New Vision GmbH, Germany
              Sophos Silver-Partner

              If a post solves your question please use the 'Verify Answer' button.

              • 0 in reply to PhilippRusch

                Here's the route print during a successful connection:

                Here's the route print during a non-successful connection:

                • 0 in reply to Aaron Berger

                  Also, here's a route print with no connection attempt and Sophos app closed:

                  • 0 in reply to Aaron Berger

                    Is there another VPN software installed? For example fortinet or barracuda? Check if there is any other software and uninstall it - then reinstall Sophos and try again.

                    _______________________________________________________

                    Sophos SG 210 with Sophos XG Home - 20.0 MR 1

                    If a post solves your question please use the 'Verify Answer' button.

                    • 0 in reply to Thomas_XG

                      No other VPN software is currently installed. About 2yrs ago we did use Sophos Netextender on this device, but that has been completely removed.

                  Unfiltered HTML