Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 39 subscribers
  • Views 5001 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SSL VPN doesn't connect

pospo2435

Hi there,

hope that someone could help me to figure out why from one day to the next SSL VPN clients aren't connecting anymore.

I attach logs from Client and from tcpdump on port 8443

Thu Nov 30 16:00:35 2023 OpenVPN 2.3.8 i686-w64-mingw32 [SSL (OpenSSL)] [LZO] [IPv6] built on Jul  3 2017
Thu Nov 30 16:00:35 2023 library versions: OpenSSL 1.0.2l  25 May 2017, LZO 2.09
Enter Management Password:
Thu Nov 30 16:00:35 2023 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Thu Nov 30 16:00:35 2023 Need hold release from management interface, waiting...
Thu Nov 30 16:00:35 2023 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Thu Nov 30 16:00:35 2023 MANAGEMENT: CMD 'state on'
Thu Nov 30 16:00:35 2023 MANAGEMENT: CMD 'log all on'
Thu Nov 30 16:00:35 2023 MANAGEMENT: CMD 'hold off'
Thu Nov 30 16:00:35 2023 MANAGEMENT: CMD 'hold release'
Thu Nov 30 16:00:42 2023 MANAGEMENT: CMD 'username "Auth" "\\\myuser\\\"'
Thu Nov 30 16:00:42 2023 MANAGEMENT: CMD 'password [...]'
Thu Nov 30 16:00:42 2023 Socket Buffers: R=[65536->65536] S=[65536->65536]
Thu Nov 30 16:00:42 2023 Attempting to establish TCP connection with [AF_INET]public ip:8443 [nonblock]
Thu Nov 30 16:00:42 2023 MANAGEMENT: >STATE:1701356442,TCP_CONNECT,,,,,,
Thu Nov 30 16:00:43 2023 TCP connection established with [AF_INET]\\\public ip:8443
Thu Nov 30 16:00:43 2023 TCPv4_CLIENT link local: [undef]
Thu Nov 30 16:00:43 2023 TCPv4_CLIENT link remote: [AF_INET]public ip:8443
Thu Nov 30 16:00:43 2023 MANAGEMENT: >STATE:1701356443,WAIT,,,,,,
Thu Nov 30 16:01:19 2023 read TCPv4_CLIENT: Connection timed out (WSAETIMEDOUT) (code=10060)
Thu Nov 30 16:01:19 2023 Connection reset, restarting [-1]
Thu Nov 30 16:01:19 2023 SIGUSR1[soft,connection-reset] received, process restarting
Thu Nov 30 16:01:19 2023 MANAGEMENT: >STATE:1701356479,RECONNECTING,connection-reset,,,,,
Thu Nov 30 16:01:19 2023 Restart pause, 5 second(s)
Thu Nov 30 16:01:24 2023 Socket Buffers: R=[65536->65536] S=[65536->65536]
Thu Nov 30 16:01:24 2023 Attempting to establish TCP connection with [AF_INET]public ip [nonblock]
Thu Nov 30 16:01:24 2023 MANAGEMENT: >STATE:1701356484,TCP_CONNECT,,,,,,

15:46:39.668794 Port2, OUT: IP \\\public IP\\\ > 5.168.123.131.31917: Flags 
[.], ack 1786998223, win 14600, options [nop,nop,sack 1 {4294967281:1}], length 
0                                                                               
15:46:39.963059 Port2, IN: IP 5.168.123.131.31917 > \\\public IP\\\: Flags [
P.], ack 4294967268, win 515, length 16                                         
15:46:39.963089 Port2, OUT: IP \\\public IP\\\ > 5.168.123.131.31917: Flags 
[.], ack 1, win 14600, options [nop,nop,sack 1 {4294967281:1}], length 0        
15:46:40.107559 Port2, OUT: IP \\\public IP\\\ > 5.168.123.131.31917: Flags 
[P.], ack 1, win 14600, length 28                                               
15:46:40.481232 Port2, IN: IP 5.168.123.131.31917 > \\\public IP\\\: Flags [
P.], ack 4294967268, win 515, length 16                                         
15:46:40.481261 Port2, OUT: IP \\\public IP\\\ > 5.168.123.131.31917: Flags 
[.], ack 1, win 14600, options [nop,nop,sack 1 {4294967281:1}], length 0        
15:46:41.579901 Port2, IN: IP 5.168.123.131.31917 > \\\public IP\\\: Flags [
P.], ack 4294967268, win 515, length 16                                         
15:46:41.579932 Port2, OUT: IP \\\public IP\\\ > 5.168.123.131.31917: Flags 
[.], ack 1, win 14600, options [nop,nop,sack 1 {4294967281:1}], length 0        
15:46:43.087567 Port2, OUT: IP \\\public IP\\\ > 5.168.123.131.31917: Flags 
[P.], ack 1, win 14600, length 28                                               
15:46:43.745836 Port2, IN: IP 5.168.123.131.31917 > \\\public IP\\\: Flags [
P.], ack 4294967268, win 515, length 16                                         
15:46:43.745877 Port2, OUT: IP \\\public IP\\\ > 5.168.123.131.31917: Flags 
[.], ack 1, win 14600, options [nop,nop,sack 1 {4294967281:1}], length 0        
15:46:48.077174 Port2, IN: IP 5.168.123.131.31917 > \\\public IP\\\: Flags [
P.], ack 4294967268, win 515, length 32                                         
15:46:48.077220 Port2, OUT: IP \\\public IP\\\ > 5.168.123.131.31917: Flags 
[.], ack 17, win 14600, options [nop,nop,sack 1 {4294967281:1}], length 0       
15:46:49.047566 Port2, OUT: IP \\\public IP\\\ > 5.168.123.131.31917: Flags 
[P.], ack 17, win 14600, length 28                                              
15:46:56.805764 Port2, IN: IP 5.168.123.131.31917 > \\\public IP\\\: Flags [
R.], seq 17, ack 4294967268, win 0, length 0

VPN has kept working for years until yesterday

Thankyou in advance



This thread was automatically locked due to age.
Parents Reply Children
Unfiltered HTML