Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 5 replies
  • Answers 2 answers
  • Subscribers 42 subscribers
  • Views 6095 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

No SSL S2S Tunnel after SSD Upgrade

PifPof

Hello Folks, 

a customer installed the ssd upgrade and after the reboot all ssl site-2-site tunnels don't work. ssl remote access works, ipsec tunnels are working. 

here are some lines from the sslvpn.log: 

we created a new connection, same issue. it always ends with this line: 

2024-01-26 10:13:20Z [1453] 116.202.161.231:52284 SENT CONTROL [SRV_E69A005F8BEC5B460E6D23C73D688FFFDE183C35]: 'AUTH_FAILED' (status=1)

 


2024-01-26 10:13:19Z [1453] 116.202.161.231:52284 peer info: IV_VER=2.4.7
2024-01-26 10:13:19Z [1453] 116.202.161.231:52284 peer info: IV_PLAT=linux
2024-01-26 10:13:19Z [1453] 116.202.161.231:52284 peer info: IV_PROTO=2
2024-01-26 10:13:19Z [1453] 116.202.161.231:52284 peer info: IV_NCP=2
2024-01-26 10:13:19Z [1453] 116.202.161.231:52284 peer info: IV_LZ4=1
2024-01-26 10:13:19Z [1453] 116.202.161.231:52284 peer info: IV_LZ4v2=1
2024-01-26 10:13:19Z [1453] 116.202.161.231:52284 peer info: IV_LZO=1
2024-01-26 10:13:19Z [1453] 116.202.161.231:52284 peer info: IV_COMP_STUB=1
2024-01-26 10:13:19Z [1453] 116.202.161.231:52284 peer info: IV_COMP_STUBv2=1
2024-01-26 10:13:19Z [1453] 116.202.161.231:52284 peer info: IV_TCPNL=1
2024-01-26 10:13:19Z [1453] 116.202.161.231:52284 PLUGIN_CALL: POST /lib/openvpn-plugin-utm.so/PLUGIN_AUTH_USER_PASS_VERIFY status=2
2024-01-26 10:13:19Z [1453] 116.202.161.231:52284 TLS: Username/Password authentication deferred for username 'SRV_E69A005F8BEC5B460E6D23C73D688FFFDE183C35' [CN SET]
2024-01-26 10:13:19Z [1453] 116.202.161.231:52284 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, 2048 bit RSA
2024-01-26 10:13:19Z [1453] 116.202.161.231:52284 [SRV_E69A005F8BEC5B460E6D23C73D688FFFDE183C35] Peer Connection Initiated with [AF_INET6]::ffff:116.202.161.231:52284 (via ::ffff:81.14.171.26%Port2.21)
2024-01-26 10:13:20Z [1453] 116.202.161.231:52284 PUSH: Received control message: 'PUSH_REQUEST'
2024-01-26 10:13:20Z [1453] 116.202.161.231:52284 Delayed exit in 5 seconds
2024-01-26 10:13:20Z [1453] 116.202.161.231:52284 SENT CONTROL [SRV_E69A005F8BEC5B460E6D23C73D688FFFDE183C35]: 'AUTH_FAILED' (status=1)
2024-01-26 10:13:22Z [1453] 136.243.174.155:42700 SIGTERM[soft,delayed-exit] received, client-instance exiting
2024-01-26 10:13:25Z [1453] 116.202.161.231:52284 SIGTERM[soft,delayed-exit] received, client-instance exiting
2024-01-26 10:14:07Z [1456] 49.12.3.41:52075 TLS: Initial packet from [AF_INET6]::ffff:49.12.3.41:52075 (via ::ffff:192.168.130.250%Port2.24), sid=6da40037 bbed8bc0



This thread was automatically locked due to age.
Parents Reply Children
No Data
Unfiltered HTML