Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

VPN Client Ubuntu

Hi

I am trying to connect to a Sophos Fw via OpenVpn in a Ubuntu 22.04 LTS installation

I downloaded the vpn configuration from the web site--> ok

Tried to add in network manager GUI but no way to add it until the line 

;route remote_host 255.255.255.255 net_gateway 

has been commented out

Trying to connect via terminal:

with configuration file downloaded from the site

>VERIFY ERROR: depth=0, error=CA signature digest algorithm too weak: C=IT, ST=NA, L=NA, O=zzzzzzzzz, OU=OU, CN=SophosApplianceCertificate_C4xxxxxxxxxxxxxxxx, emailAddress=xxxxxxx, serial=87zzzz8

making the same changes as before (;route remote_host...) the vpn work smoothly but the dns name (regarding the remote site) are not resolved

So

- It is not possible to load the configuration from file without modifying it

- via terminal works but no remote dns resolution (local ok)

I've found this solution:

https://askubuntu.com/questions/1407774/cant-connect-to-vpn-after-upgrading-to-ubuntu-22-04

but I cannot find the field "TLS ciher string" in the netowrk mngmt GUI

  1. Write DEFAULT:@SECLEVEL=0 in the "TLS cipher string" field

Any suggestion? Were you able to connect to sophos firewall with a ubuntu openvpn client?

Thanks



This thread was automatically locked due to age.
Parents
  • Sorry. I forgot this:

    It does not connect via terminal  if this parameter is not added in the configuration file (.ovpn)

    tls-cert-profile insecure

    It is NOT necessary to comment the line

    route remote_host 255.255.255.255 net_gateway 

    when connecting via command line

    But the dns resolution (with remote dns server) is not working 

    Thks

Reply
  • Sorry. I forgot this:

    It does not connect via terminal  if this parameter is not added in the configuration file (.ovpn)

    tls-cert-profile insecure

    It is NOT necessary to comment the line

    route remote_host 255.255.255.255 net_gateway 

    when connecting via command line

    But the dns resolution (with remote dns server) is not working 

    Thks

Children
No Data