Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Site To Site SSL VPN random disconnection

Hi everyone, 

We have a cloud Sophos 19.5 appliance with a public IP. We use it to setup a site to site SSL VPN to another Sophos 19.5 with is located behind a 3rd party firewall. 

For some reason, the VPN behaviour is erratic. It could work for few days, then it stoppes working (state is disconnected with the red circle on the SSL VPN S2S page).

Unfortunatley, no useful logs in the log browser (it just says the S2S VPN has been disconnected.)

After the disconnection, the VPN S2S is impossible to restart, The status remains red even if we restart the vpn from the server or client side. 

What could cause such issues ? This is problematic for us as we are strongly relying on this feature

Thank you very much for your help

Cheers everyone ! 



This thread was automatically locked due to age.
Parents Reply Children
  • Hi  

    Thank you very much for your answer !

    I struggle a little bit to download the log files as I manage to access them via the cli, but the listing of the directory /log using winscp or filezilla is always empty.

    Is there any settings to adjust to allow the log directory listing ?

    Thanks

  •  , /log/sslvpn.log (from the cli) is the one to be looked at to have initial understanding of the reason for disconnect. In the issue state when unable to bringup the sslvpn s2s tunnel (do it always from the s2s client), pls check the sslvpn service state on s2s server using service -S | grep sslvpn; service should be in 'RUNNING' state. If the service is running, verify the tunnel initiation packets are reaching s2s server using tcpdump on the sslvpn port being used and from the ip address of the s2s client.

  • Hi !

    Thank you very much for your answer. 

    I found these logs line on the client S2S that corresponds to the disconnection. All disconnection starts with the "Inactivity timeout" logs. What does that mean? Does it mean it can not reach the s2s server ? 

    Thank you very much ! 

    cat sslvpn.log | grep "2024-01-04"       
    2024-01-04 01:36:07Z [15359] [Appliance_Certificate_i7pZu6pHisUSm5s] Inactivity 
    timeout (--ping-restart), restarting                                            
    2024-01-04 01:36:07Z [15359] PLUGIN_CALL: POST /lib/openvpn-plugin-utm.so/PLUGIN
    _ROUTE_PREDOWN status=0                                                         
    2024-01-04 01:36:07Z [15359] /sbin/ip route del 172.28.0.0/24                   
    2024-01-04 01:36:07Z [15359] Closing TUN/TAP interface                          
    2024-01-04 01:36:07Z [15359] /sbin/ip addr del dev tun21 10.81.0.2/16           
    2024-01-04 01:36:08Z [15359] SIGUSR1[soft,ping-restart] received, process restar
    ting                                                                            
    2024-01-04 01:36:08Z [15359] Restart pause, 10 second(s)                        
    2024-01-04 01:36:18Z [15359] TCP/UDP: Preserving recently used remote address: [
    AF_INET]XX.XX.XX.XX.23.102.153:8443                                                      
    2024-01-04 01:36:18Z [15359] Socket Buffers: R=[87380->87380] S=[16384->16384]  
    2024-01-04 01:36:18Z [15359] Attempting to establish TCP connection with [AF_INE
    T]XX.XX.XX.XX.23.102.153:8443 [nonblock]                                                 
    2024-01-04 01:36:19Z [15359] TCP connection established with [AF_INET]XX.XX.XX.XX.23.102.
    153:8443                                                                        
    2024-01-04 01:36:19Z [15359] TCP_CLIENT link local: (not bound)                 
    2024-01-04 01:36:19Z [15359] TCP_CLIENT link remote: [AF_INET]XX.XX.XX.XX:8443
    2024-01-04 01:38:18Z [15359] Server poll timeout, restarting                    
    2024-01-04 01:38:18Z [15359] SIGUSR1[soft,server_poll] received, process restart
    ing                                                                             
    2024-01-04 01:38:18Z [15359] TCP/UDP: Preserving recently used remote address: [
    AF_INET]10.1.11.254:8443                                                        
    2024-01-04 01:38:18Z [15359] Socket Buffers: R=[87380->87380] S=[16384->16384]  
    2024-01-04 01:38:18Z [15359] Attempting to establish TCP connection with [AF_INE
    T]10.1.11.254:8443 [nonblock]                                                   
    2024-01-04 01:38:34Z [15359] TCP: connect to [AF_INET]10.1.11.254:8443 failed: C
    onnection timed out                                                             
    2024-01-04 01:38:34Z [15359] SIGUSR1[connection failed(soft),init_instance] rece
    ived, process restarting                                                        
    2024-01-04 01:38:34Z [15359] Restart pause, 10 second(s)                        
    2024-01-04 01:38:44Z [15359] TCP/UDP: Preserving recently used remote address: [
    AF_INET]172.28.0.254:8443                                                       
    2024-01-04 01:38:44Z [15359] Socket Buffers: R=[87380->87380] S=[16384->16384]  
    2024-01-04 01:38:44Z [15359] Attempting to establish TCP connection with [AF_INE
    T]172.28.0.254:8443 [nonblock]                                                  
    2024-01-04 01:39:00Z [15359] TCP: connect to [AF_INET]172.28.0.254:8443 failed: 
    Connection timed out                                                            
    2024-01-04 01:39:00Z [15359] SIGUSR1[connection failed(soft),init_instance] rece
    ived, process restarting                                                        
    2024-01-04 01:39:00Z [15359] Restart pause, 10 second(s)                        
    2024-01-04 01:39:10Z [15359] TCP/UDP: Preserving recently used remote address: [
    AF_INET]10.255.0.1:8443                                                         
    2024-01-04 01:39:10Z [15359] Socket Buffers: R=[87380->87380] S=[16384->16384]  
    2024-01-04 01:39:10Z [15359] Attempting to establish TCP connection with [AF_INE
    T]10.255.0.1:8443 [nonblock]                                                    
    2024-01-04 01:39:26Z [15359] TCP: connect to [AF_INET]10.255.0.1:8443 failed: Co
    nnection timed out                                                              
    2024-01-04 01:39:26Z [15359] SIGUSR1[connection failed(soft),init_instance] rece
    ived, process restarting                                                        
    2024-01-04 01:39:26Z [15359] Restart pause, 10 second(s)                        
    2024-01-04 01:39:36Z [15359] TCP/UDP: Preserving recently used remote address: [
    AF_INET]XX.XX.XX.XX.23.102.153:8443                                                      
    2024-01-04 01:39:36Z [15359] Socket Buffers: R=[87380->87380] S=[16384->16384]  
    2024-01-04 01:39:36Z [15359] Attempting to establish TCP connection with [AF_INE
    T]XX.XX.XX.XX.23.102.153:8443 [nonblock]                                                 
    2024-01-04 01:39:37Z [15359] TCP connection established with [AF_INET]XX.XX.XX.XX.23.102.
    153:8443                                                                        
    2024-01-04 01:39:37Z [15359] TCP_CLIENT link local: (not bound)                 
    2024-01-04 01:39:37Z [15359] TCP_CLIENT link remote: [AF_INET]XX.XX.XX.XX.23.102.153:8443
    2024-01-04 01:41:36Z [15359] Server poll timeout, restarting                    
    2024-01-04 01:41:36Z [15359] SIGUSR1[soft,server_poll] received, process restart
    ing                                                                             
    2024-01-04 01:41:36Z [15359] TCP/UDP: Preserving recently used remote address: [
    AF_INET]10.1.11.254:8443                                                        
    2024-01-04 01:41:36Z [15359] Socket Buffers: R=[87380->87380] S=[16384->16384]  
    2024-01-04 01:41:36Z [15359] Attempting to establish TCP connection with [AF_INE
    T]10.1.11.254:8443 [nonblock]                                                   
    2024-01-04 01:41:52Z [15359] TCP: connect to [AF_INET]10.1.11.254:8443 failed: C
    onnection timed out                                                             
    2024-01-04 01:41:52Z [15359] SIGUSR1[connection failed(soft),init_instance] rece
    ived, process restarting                                                        
    2024-01-04 01:41:52Z [15359] Restart pause, 10 second(s)                        
    2024-01-04 01:42:02Z [15359] TCP/UDP: Preserving recently used remote address: [
    AF_INET]172.28.0.254:8443                                                       
    2024-01-04 01:42:02Z [15359] Socket Buffers: R=[87380->87380] S=[16384->16384]  
    2024-01-04 01:42:02Z [15359] Attempting to establish TCP connection with [AF_INE
    T]172.28.0.254:8443 [nonblock]                                                  
    2024-01-04 01:42:18Z [15359] TCP: connect to [AF_INET]172.28.0.254:8443 failed: 
    Connection timed out                                                            
    2024-01-04 01:42:18Z [15359] SIGUSR1[connection failed(soft),init_instance] rece
    ived, process restarting                                                        
    2024-01-04 01:42:18Z [15359] Restart pause, 10 second(s)                        
    2024-01-04 01:42:28Z [15359] TCP/UDP: Preserving recently used remote address: [
    AF_INET]10.255.0.1:8443                                                         
    2024-01-04 01:42:28Z [15359] Socket Buffers: R=[87380->87380] S=[16384->16384]  
    2024-01-04 01:42:28Z [15359] Attempting to establish TCP connection with [AF_INE
    T]10.255.0.1:8443 [nonblock]                                                    
    2024-01-04 01:42:44Z [15359] TCP: connect to [AF_INET]10.255.0.1:8443 failed: Co
    nnection timed out                                                              
    2024-01-04 01:42:44Z [15359] SIGUSR1[connection failed(soft),init_instance] rece
    ived, process restarting                                                        
    2024-01-04 01:42:44Z [15359] Restart pause, 10 second(s)                        
    2024-01-04 01:42:54Z [15359] TCP/UDP: Preserving recently used remote address: [
    AF_INET]XX.XX.XX.XX.23.102.153:8443                                                      
    2024-01-04 01:42:54Z [15359] Socket Buffers: R=[87380->87380] S=[16384->16384]  
    2024-01-04 01:42:54Z [15359] Attempting to establish TCP connection with [AF_INE
    T]XX.XX.XX.XX.23.102.153:8443 [nonblock]                                                 
    2024-01-04 01:42:55Z [15359] TCP connection established with [AF_INET]XX.XX.XX.XX.23.102.
    153:8443                                                                        
    2024-01-04 01:42:55Z [15359] TCP_CLIENT link local: (not bound)                 
    2024-01-04 01:42:55Z [15359] TCP_CLIENT link remote: [AF_INET]XX.XX.XX.XX.23.102.153:8443
    2024-01-04 01:44:54Z [15359] Server poll timeout, restarting                    
    2024-01-04 01:44:54Z [15359] SIGUSR1[soft,server_poll] received, process restart
    ing                                                                             
    2024-01-04 01:44:54Z [15359] TCP/UDP: Preserving recently used remote address: [
    AF_INET]10.1.11.254:8443                                                        
    2024-01-04 01:44:54Z [15359] Socket Buffers: R=[87380->87380] S=[16384->16384]  
    2024-01-04 01:44:54Z [15359] Attempting to establish TCP connection with [AF_INE
    T]10.1.11.254:8443 [nonblock]                                                   
    2024-01-04 01:45:10Z [15359] TCP: connect to [AF_INET]10.1.11.254:8443 failed: C
    onnection timed out                                                             
    2024-01-04 01:45:10Z [15359] SIGUSR1[connection failed(soft),init_instance] rece
    ived, process restarting                                                        
    2024-01-04 01:45:10Z [15359] Restart pause, 10 second(s)                        
    2024-01-04 01:45:20Z [15359] TCP/UDP: Preserving recently used remote address: [
    AF_INET]172.28.0.254:8443                                                       
    2024-01-04 01:45:20Z [15359] Socket Buffers: R=[87380->87380] S=[16384->16384]  
    2024-01-04 01:45:20Z [15359] Attempting to establish TCP connection with [AF_INE
    T]172.28.0.254:8443 [nonblock]                                                  
    2024-01-04 01:45:37Z [15359] TCP: connect to [AF_INET]172.28.0.254:8443 failed: 
    Connection timed out                                                            
    2024-01-04 01:45:37Z [15359] SIGUSR1[connection failed(soft),init_instance] rece
    ived, process restarting                                                        
    2024-01-04 01:45:37Z [15359] Restart pause, 10 second(s)                        
    2024-01-04 01:45:47Z [15359] TCP/UDP: Preserving recently used remote address: [
    AF_INET]10.255.0.1:8443                                                         
    2024-01-04 01:45:47Z [15359] Socket Buffers: R=[87380->87380] S=[16384->16384]  
    2024-01-04 01:45:47Z [15359] Attempting to establish TCP connection with [AF_INE
    T]10.255.0.1:8443 [nonblock]                                                    
    2024-01-04 01:46:03Z [15359] TCP: connect to [AF_INET]10.255.0.1:8443 failed: Co
    nnection timed out                                                              
    2024-01-04 01:46:03Z [15359] SIGUSR1[connection failed(soft),init_instance] rece
    ived, process restarting                                                        
    2024-01-04 01:46:03Z [15359] Restart pause, 10 second(s)                        
    2024-01-04 01:46:13Z [15359] TCP/UDP: Preserving recently used remote address: [
    AF_INET]XX.XX.XX.XX.23.102.153:8443                                                      
    2024-01-04 01:46:13Z [15359] Socket Buffers: R=[87380->87380] S=[16384->16384]  
    2024-01-04 01:46:13Z [15359] Attempting to establish TCP connection with [AF_INE
    T]XX.XX.XX.XX.23.102.153:8443 [nonblock]                                                 
    2024-01-04 01:46:14Z [15359] TCP connection established with [AF_INET]XX.XX.XX.XX.23.102.
    153:8443                                                                        
    2024-01-04 01:46:14Z [15359] TCP_CLIENT link local: (not bound)                 
    2024-01-04 01:46:14Z [15359] TCP_CLIENT link remote: [AF_INET]XX.XX.XX.XX.23.102.153:8443
    2024-01-04 01:48:13Z [15359] Server poll timeout, restarting                    
    2024-01-04 01:48:13Z [15359] SIGUSR1[soft,server_poll] received, process restart
    ing                                                                             
    2024-01-04 01:48:13Z [15359] TCP/UDP: Preserving recently used remote address: [
    AF_INET]10.1.11.254:8443                                                        
    2024-01-04 01:48:13Z [15359] Socket Buffers: R=[87380->87380] S=[16384->16384]  
    2024-01-04 01:48:13Z [15359] Attempting to establish TCP connection with [AF_INE
    T]10.1.11.254:8443 [nonblock]                                                   
    2024-01-04 01:48:29Z [15359] TCP: connect to [AF_INET]10.1.11.254:8443 failed: C
    onnection timed out                                                             
    2024-01-04 01:48:29Z [15359] SIGUSR1[connection failed(soft),init_instance] rece
    ived, process restarting                                                        
    2024-01-04 01:48:29Z [15359] Restart pause, 10 second(s)                        
    2024-01-04 01:48:39Z [15359] TCP/UDP: Preserving recently used remote address: [
    AF_INET]172.28.0.254:8443                                                       
    2024-01-04 01:48:39Z [15359] Socket Buffers: R=[87380->87380] S=[16384->16384]  
    2024-01-04 01:48:39Z [15359] Attempting to establish TCP connection with [AF_INE
    T]172.28.0.254:8443 [nonblock]                                                  
    2024-01-04 01:48:55Z [15359] TCP: connect to [AF_INET]172.28.0.254:8443 failed: 
    Connection timed out                                                            
    2024-01-04 01:48:55Z [15359] SIGUSR1[connection failed(soft),init_instance] rece
    ived, process restarting                                                        
    2024-01-04 01:48:55Z [15359] Restart pause, 10 second(s)                        
    2024-01-04 01:49:05Z [15359] TCP/UDP: Preserving recently used remote address: [
    AF_INET]10.255.0.1:8443                                                         
    2024-01-04 01:49:05Z [15359] Socket Buffers: R=[87380->87380] S=[16384->16384]  
    2024-01-04 01:49:05Z [15359] Attempting to establish TCP connection with [AF_INE
    T]10.255.0.1:8443 [nonblock]                                                    
    2024-01-04 01:49:21Z [15359] TCP: connect to [AF_INET]10.255.0.1:8443 failed: Co
    nnection timed out                                                              
    2024-01-04 01:49:21Z [15359] SIGUSR1[connection failed(soft),init_instance] rece
    ived, process restarting                                                        
    2024-01-04 01:49:21Z [15359] Restart pause, 10 second(s)                        
    2024-01-04 01:49:31Z [15359] TCP/UDP: Preserving recently used remote address: [
    AF_INET]XX.XX.XX.XX.23.102.153:8443                                                      
    2024-01-04 01:49:31Z [15359] Socket Buffers: R=[87380->87380] S=[16384->16384]  
    2024-01-04 01:49:31Z [15359] Attempting to establish TCP connection with [AF_INE
    T]XX.XX.XX.XX.23.102.153:8443 [nonblock]                                                 
    2024-01-04 01:49:32Z [15359] TCP connection established with [AF_INET]XX.XX.XX.XX.23.102.
    153:8443                                                                        
    2024-01-04 01:49:32Z [15359] TCP_CLIENT link local: (not bound)                 
    2024-01-04 01:49:32Z [15359] TCP_CLIENT link remote: [AF_INET]XX.XX.XX.XX.23.102.153:8443
    2024-01-04 01:51:31Z [15359] Server poll timeout, restarting                    
    2024-01-04 01:51:31Z [15359] SIGUSR1[soft,server_poll] received, process restart
    ing                                                                             
    2024-01-04 01:51:31Z [15359] TCP/UDP: Preserving recently used remote address: [
    AF_INET]10.1.11.254:8443                                                        
    2024-01-04 01:51:31Z [15359] Socket Buffers: R=[87380->87380] S=[16384->16384]  
    2024-01-04 01:51:31Z [15359] Attempting to establish TCP connection with [AF_INE
    T]10.1.11.254:8443 [nonblock]                                                   
    2024-01-04 01:51:47Z [15359] TCP: connect to [AF_INET]10.1.11.254:8443 failed: C
    onnection timed out                                                             
    2024-01-04 01:51:47Z [15359] SIGUSR1[connection failed(soft),init_instance] rece
    ived, process restarting                                                        
    2024-01-04 01:51:47Z [15359] Restart pause, 10 second(s)                        
    2024-01-04 01:51:57Z [15359] TCP/UDP: Preserving recently used remote address: [
    AF_INET]172.28.0.254:8443                                                       
    2024-01-04 01:51:57Z [15359] Socket Buffers: R=[87380->87380] S=[16384->16384]  
    2024-01-04 01:51:57Z [15359] Attempting to establish TCP connection with [AF_INE
    T]172.28.0.254:8443 [nonblock]                                                  
    2024-01-04 01:52:13Z [15359] MANAGEMENT: Client connected from /tmp/openvpn_mgmt
    _VPN_SAS_Master                                                                 
    2024-01-04 01:52:13Z [15359] MANAGEMENT: CMD 'status'                           
    2024-01-04 01:52:13Z [15359] TCP: connect to [AF_INET]172.28.0.254:8443 failed: 
    Connection timed out                                                            
    2024-01-04 01:52:13Z [15359] SIGUSR1[connection failed(soft),init_instance] rece
    ived, process restarting                                                        
    2024-01-04 01:52:13Z [15359] Restart pause, 10 second(s)                        
    2024-01-04 01:52:21Z [15359] PLUGIN_CLOSE: /lib/openvpn-plugin-utm.so           
    2024-01-04 01:52:21Z [15359] SIGTERM[hard,init_instance] received, process exiti
    ng