Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

No SSL S2S Tunnel after SSD Upgrade

Hello Folks, 

a customer installed the ssd upgrade and after the reboot all ssl site-2-site tunnels don't work. ssl remote access works, ipsec tunnels are working. 

here are some lines from the sslvpn.log: 

we created a new connection, same issue. it always ends with this line: 

2024-01-26 10:13:20Z [1453] 116.202.161.231:52284 SENT CONTROL [SRV_E69A005F8BEC5B460E6D23C73D688FFFDE183C35]: 'AUTH_FAILED' (status=1)

 


2024-01-26 10:13:19Z [1453] 116.202.161.231:52284 peer info: IV_VER=2.4.7
2024-01-26 10:13:19Z [1453] 116.202.161.231:52284 peer info: IV_PLAT=linux
2024-01-26 10:13:19Z [1453] 116.202.161.231:52284 peer info: IV_PROTO=2
2024-01-26 10:13:19Z [1453] 116.202.161.231:52284 peer info: IV_NCP=2
2024-01-26 10:13:19Z [1453] 116.202.161.231:52284 peer info: IV_LZ4=1
2024-01-26 10:13:19Z [1453] 116.202.161.231:52284 peer info: IV_LZ4v2=1
2024-01-26 10:13:19Z [1453] 116.202.161.231:52284 peer info: IV_LZO=1
2024-01-26 10:13:19Z [1453] 116.202.161.231:52284 peer info: IV_COMP_STUB=1
2024-01-26 10:13:19Z [1453] 116.202.161.231:52284 peer info: IV_COMP_STUBv2=1
2024-01-26 10:13:19Z [1453] 116.202.161.231:52284 peer info: IV_TCPNL=1
2024-01-26 10:13:19Z [1453] 116.202.161.231:52284 PLUGIN_CALL: POST /lib/openvpn-plugin-utm.so/PLUGIN_AUTH_USER_PASS_VERIFY status=2
2024-01-26 10:13:19Z [1453] 116.202.161.231:52284 TLS: Username/Password authentication deferred for username 'SRV_E69A005F8BEC5B460E6D23C73D688FFFDE183C35' [CN SET]
2024-01-26 10:13:19Z [1453] 116.202.161.231:52284 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, 2048 bit RSA
2024-01-26 10:13:19Z [1453] 116.202.161.231:52284 [SRV_E69A005F8BEC5B460E6D23C73D688FFFDE183C35] Peer Connection Initiated with [AF_INET6]::ffff:116.202.161.231:52284 (via ::ffff:81.14.171.26%Port2.21)
2024-01-26 10:13:20Z [1453] 116.202.161.231:52284 PUSH: Received control message: 'PUSH_REQUEST'
2024-01-26 10:13:20Z [1453] 116.202.161.231:52284 Delayed exit in 5 seconds
2024-01-26 10:13:20Z [1453] 116.202.161.231:52284 SENT CONTROL [SRV_E69A005F8BEC5B460E6D23C73D688FFFDE183C35]: 'AUTH_FAILED' (status=1)
2024-01-26 10:13:22Z [1453] 136.243.174.155:42700 SIGTERM[soft,delayed-exit] received, client-instance exiting
2024-01-26 10:13:25Z [1453] 116.202.161.231:52284 SIGTERM[soft,delayed-exit] received, client-instance exiting
2024-01-26 10:14:07Z [1456] 49.12.3.41:52075 TLS: Initial packet from [AF_INET6]::ffff:49.12.3.41:52075 (via ::ffff:192.168.130.250%Port2.24), sid=6da40037 bbed8bc0



Added v20 TAG
[edited by: Erick Jan at 8:18 AM (GMT -8) on 29 Feb 2024]