Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 5 replies
  • Subscribers 9 subscribers
  • Views 4671 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SSL VPN Verbindung bricht immer wieder ab

Simon Straubinger

Hallo,

folgende Problematik bei mir bricht seit ca. 2 Wochen immer wieder das SSL VPN  ab hier das Log:

Thu Jun 30 14:39:24 2022 OpenVPN 2.3.8 i686-w64-mingw32 [SSL (OpenSSL)] [LZO] [IPv6] built on Jul  3 2017
Thu Jun 30 14:39:24 2022 library versions: OpenSSL 1.0.2l  25 May 2017, LZO 2.09
Thu Jun 30 14:39:24 2022 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Thu Jun 30 14:39:24 2022 Need hold release from management interface, waiting...
Thu Jun 30 14:39:24 2022 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Thu Jun 30 14:39:24 2022 MANAGEMENT: CMD 'state on'
Thu Jun 30 14:39:24 2022 MANAGEMENT: CMD 'log all on'
Thu Jun 30 14:39:24 2022 MANAGEMENT: CMD 'hold off'
Thu Jun 30 14:39:24 2022 MANAGEMENT: CMD 'hold release'
Thu Jun 30 14:39:32 2022 MANAGEMENT: CMD 'username "Auth" "simon"'
Thu Jun 30 14:39:32 2022 MANAGEMENT: CMD 'password [...]'
Thu Jun 30 14:39:32 2022 Socket Buffers: R=[65536->65536] S=[65536->65536]
Thu Jun 30 14:39:32 2022 MANAGEMENT: >STATE:1656592772,RESOLVE,,,,,,
Thu Jun 30 14:39:32 2022 Attempting to establish TCP connection with [AF_INET]xxx.xxx.xxx.xxx:8443 [nonblock]
Thu Jun 30 14:39:32 2022 MANAGEMENT: >STATE:1656592772,TCP_CONNECT,,,,,,
Thu Jun 30 14:39:33 2022 TCP connection established with [AF_INET]xxx.xxx.xxx.xxx:8443
Thu Jun 30 14:39:33 2022 TCPv4_CLIENT link local: [undef]
Thu Jun 30 14:39:33 2022 TCPv4_CLIENT link remote: [AF_INET]xxx.xxx.xxx.xxx:8443
Thu Jun 30 14:39:33 2022 MANAGEMENT: >STATE:1656592773,WAIT,,,,,,
Thu Jun 30 14:39:33 2022 MANAGEMENT: >STATE:1656592773,AUTH,,,,,,
Thu Jun 30 14:39:33 2022 TLS: Initial packet from [AF_INET]xxx.xxx.xxx.xxx:8443, sid=661cb874 36b321df
Thu Jun 30 14:39:33 2022 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Thu Jun 30 14:39:33 2022 VERIFY OK: depth=1, C=DE, ST=BY, L=Haiming, O=xxxxx, OU=OU, CN=Sophos_CA_C1A0A48J993G733, emailAddress=xxxxx
Thu Jun 30 14:39:33 2022 VERIFY X509NAME OK: C=DE, ST=BY, L=Haiming, O=Gemeinde Haiming, OU=OU, CN=SophosApplianceCertificate_C1A0A48J993G733, emailAddress=gl@haiming.de
Thu Jun 30 14:39:33 2022 VERIFY OK: depth=0, C=DE, ST=BY, L=Haiming, O=xxxxx, OU=OU, CN=SophosApplianceCertificate_C1A0A48J993G733, emailAddress=xxxxx
Thu Jun 30 14:39:34 2022 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Thu Jun 30 14:39:34 2022 Data Channel Encrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
Thu Jun 30 14:39:34 2022 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Thu Jun 30 14:39:34 2022 Data Channel Decrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
Thu Jun 30 14:39:34 2022 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Thu Jun 30 14:39:34 2022 [SophosApplianceCertificate_C1A0A48J993G733] Peer Connection Initiated with [AF_INET]24.134.67.117:8443
Thu Jun 30 14:39:35 2022 MANAGEMENT: >STATE:1656592775,GET_CONFIG,,,,,,
Thu Jun 30 14:39:36 2022 SENT CONTROL [SophosApplianceCertificate_C1A0A48J993G733]: 'PUSH_REQUEST' (status=1)
Thu Jun 30 14:39:36 2022 PUSH: Received control message: 'PUSH_REPLY,route-gateway 10.81.234.5,sndbuf 0,rcvbuf 0,sndbuf 0,rcvbuf 0,ping 45,ping-restart 180,route 10.17.123.0 255.255.255.0,topology subnet,route remote_host 255.255.255.255 net_gateway,ifconfig 10.81.234.8 255.255.255.0'
Thu Jun 30 14:39:36 2022 OPTIONS IMPORT: timers and/or timeouts modified
Thu Jun 30 14:39:36 2022 OPTIONS IMPORT: --sndbuf/--rcvbuf options modified
Thu Jun 30 14:39:36 2022 Socket Buffers: R=[65536->65536] S=[65536->65536]
Thu Jun 30 14:39:36 2022 OPTIONS IMPORT: --ifconfig/up options modified
Thu Jun 30 14:39:36 2022 OPTIONS IMPORT: route options modified
Thu Jun 30 14:39:36 2022 OPTIONS IMPORT: route-related options modified
Thu Jun 30 14:39:36 2022 ROUTE_GATEWAY 192.168.0.1/255.255.255.0 I=14 HWADDR=96:33:34:cf:8c:84
Thu Jun 30 14:39:36 2022 open_tun, tt->ipv6=0
Thu Jun 30 14:39:36 2022 TAP-WIN32 device [Ethernet 2] opened: \\.\Global\{B8876532-3A18-4DBF-BAC9-9F15BEC2367E}.tap
Thu Jun 30 14:39:36 2022 TAP-Windows Driver Version 9.21
Thu Jun 30 14:39:36 2022 Set TAP-Windows TUN subnet mode network/local/netmask = 10.81.234.0/10.81.234.8/255.255.255.0 [SUCCEEDED]
Thu Jun 30 14:39:36 2022 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.81.234.8/255.255.255.0 on interface {B8876532-3A18-4DBF-BAC9-9F15BEC2367E} [DHCP-serv: 10.81.234.254, lease-time: 31536000]
Thu Jun 30 14:39:36 2022 Successful ARP Flush on interface [13] {B8876532-3A18-4DBF-BAC9-9F15BEC2367E}
Thu Jun 30 14:39:36 2022 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Thu Jun 30 14:39:36 2022 MANAGEMENT: >STATE:1656592776,ASSIGN_IP,,10.81.234.8,,,,
Thu Jun 30 14:39:41 2022 TEST ROUTES: 3/3 succeeded len=3 ret=1 a=0 u/d=up
Thu Jun 30 14:39:41 2022 MANAGEMENT: >STATE:1656592781,ADD_ROUTES,,,,,,
Thu Jun 30 14:39:41 2022 C:\Windows\system32\route.exe ADD xxx.xxx.xxx.xxx MASK 255.255.255.255 192.168.0.1
Thu Jun 30 14:39:41 2022 Route addition via service succeeded
Thu Jun 30 14:39:41 2022 C:\Windows\system32\route.exe ADD 10.17.123.0 MASK 255.255.255.0 10.81.234.5
Thu Jun 30 14:39:41 2022 Route addition via service succeeded
Thu Jun 30 14:39:41 2022 C:\Windows\system32\route.exe ADD xxx.xxx.xxx.xxx MASK 255.255.255.255 192.168.0.1
Thu Jun 30 14:39:41 2022 ROUTE: route addition failed using service: Das Objekt ist bereits vorhanden.   [status=5010 if_index=14]
Thu Jun 30 14:39:41 2022 Route addition via service failed
Thu Jun 30 14:39:41 2022 Initialization Sequence Completed
Thu Jun 30 14:39:41 2022 MANAGEMENT: >STATE:1656592781,CONNECTED,SUCCESS,10.81.234.8,xxx.xxx.xxx.xxx,8443,192.168.0.251,49687
Thu Jun 30 14:54:53 2022 read TCPv4_CLIENT: Connection timed out (WSAETIMEDOUT) (code=10060)
Thu Jun 30 14:54:53 2022 Connection reset, restarting [-1]
Thu Jun 30 14:54:53 2022 SIGUSR1[soft,connection-reset] received, process restarting
Thu Jun 30 14:54:53 2022 MANAGEMENT: >STATE:1656593693,RECONNECTING,connection-reset,,,,,
Thu Jun 30 14:54:53 2022 Restart pause, 5 second(s)
Thu Jun 30 14:54:58 2022 Socket Buffers: R=[65536->65536] S=[65536->65536]
Thu Jun 30 14:54:58 2022 MANAGEMENT: >STATE:1656593698,RESOLVE,,,,,,
Thu Jun 30 14:54:58 2022 Attempting to establish TCP connection with [AF_INET]xxx.xxx.xxx.xxx:8443 [nonblock]
Thu Jun 30 14:54:58 2022 MANAGEMENT: >STATE:1656593698,TCP_CONNECT,,,,,,
Thu Jun 30 14:54:59 2022 TCP connection established with [AF_INET]xxx.xxx.xxx.xxx:8443
Thu Jun 30 14:54:59 2022 TCPv4_CLIENT link local: [undef]
Thu Jun 30 14:54:59 2022 TCPv4_CLIENT link remote: [AF_INET]xxx.xxx.xxx.xxx:8443
Thu Jun 30 14:54:59 2022 MANAGEMENT: >STATE:1656593699,WAIT,,,,,,
Thu Jun 30 14:54:59 2022 MANAGEMENT: >STATE:1656593699,AUTH,,,,,,
Thu Jun 30 14:54:59 2022 TLS: Initial packet from [AF_INET]xxx.xxx.xxx.xxx:8443, sid=f181329a 415b9131
Thu Jun 30 14:54:59 2022 VERIFY OK: depth=1, C=DE, ST=BY, L=Haiming, O=xxxxx, OU=OU, CN=Sophos_CA_C1A0A48J993G733, emailAddress=xxxxx
Thu Jun 30 14:54:59 2022 VERIFY X509NAME OK: C=DE, ST=BY, L=Haiming, O=Gemeinde Haiming, OU=OU, CN=SophosApplianceCertificate_C1A0A48J993G733, emailAddress=gl@haiming.de
Thu Jun 30 14:54:59 2022 VERIFY OK: depth=0, C=DE, ST=BY, L=Haiming, O=xxxxx, OU=OU, CN=SophosApplianceCertificate_C1A0A48J993G733, emailAddress=xxxxx
Thu Jun 30 14:55:00 2022 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Thu Jun 30 14:55:00 2022 Data Channel Encrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
Thu Jun 30 14:55:00 2022 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Thu Jun 30 14:55:00 2022 Data Channel Decrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
Thu Jun 30 14:55:00 2022 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Thu Jun 30 14:55:00 2022 [SophosApplianceCertificate_C1A0A48J993G733] Peer Connection Initiated with [AF_INET]24.134.67.117:8443
Thu Jun 30 14:55:02 2022 MANAGEMENT: >STATE:1656593702,GET_CONFIG,,,,,,
Thu Jun 30 14:55:03 2022 SENT CONTROL [SophosApplianceCertificate_C1A0A48J993G733]: 'PUSH_REQUEST' (status=1)
Thu Jun 30 14:55:03 2022 PUSH: Received control message: 'PUSH_REPLY,route-gateway 10.81.234.5,sndbuf 0,rcvbuf 0,sndbuf 0,rcvbuf 0,ping 45,ping-restart 180,route 10.17.123.0 255.255.255.0,topology subnet,route remote_host 255.255.255.255 net_gateway,ifconfig 10.81.234.9 255.255.255.0'
Thu Jun 30 14:55:03 2022 OPTIONS IMPORT: timers and/or timeouts modified
Thu Jun 30 14:55:03 2022 OPTIONS IMPORT: --sndbuf/--rcvbuf options modified
Thu Jun 30 14:55:03 2022 Socket Buffers: R=[65536->65536] S=[65536->65536]
Thu Jun 30 14:55:03 2022 OPTIONS IMPORT: --ifconfig/up options modified
Thu Jun 30 14:55:03 2022 OPTIONS IMPORT: route options modified
Thu Jun 30 14:55:03 2022 OPTIONS IMPORT: route-related options modified
Thu Jun 30 14:55:03 2022 Preserving previous TUN/TAP instance: Ethernet 2
Thu Jun 30 14:55:03 2022 NOTE: Pulled options changed on restart, will need to close and reopen TUN/TAP device.
Thu Jun 30 14:55:03 2022 C:\Windows\system32\route.exe DELETE 10.17.123.0 MASK 255.255.255.0 10.81.234.5
Thu Jun 30 14:55:03 2022 Route deletion via service succeeded
Thu Jun 30 14:55:03 2022 C:\Windows\system32\route.exe DELETE xxx.xxx.xxx.xxx MASK 255.255.255.255 192.168.0.1
Thu Jun 30 14:55:03 2022 Route deletion via service succeeded
Thu Jun 30 14:55:03 2022 Closing TUN/TAP interface
Thu Jun 30 14:55:04 2022 ROUTE_GATEWAY 192.168.0.1/255.255.255.0 I=14 HWADDR=96:33:34:cf:8c:84
Thu Jun 30 14:55:04 2022 open_tun, tt->ipv6=0
Thu Jun 30 14:55:04 2022 TAP-WIN32 device [Ethernet 2] opened: \\.\Global\{B8876532-3A18-4DBF-BAC9-9F15BEC2367E}.tap
Thu Jun 30 14:55:04 2022 TAP-Windows Driver Version 9.21
Thu Jun 30 14:55:04 2022 Set TAP-Windows TUN subnet mode network/local/netmask = 10.81.234.0/10.81.234.9/255.255.255.0 [SUCCEEDED]
Thu Jun 30 14:55:04 2022 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.81.234.9/255.255.255.0 on interface {B8876532-3A18-4DBF-BAC9-9F15BEC2367E} [DHCP-serv: 10.81.234.254, lease-time: 31536000]
Thu Jun 30 14:55:04 2022 Successful ARP Flush on interface [13] {B8876532-3A18-4DBF-BAC9-9F15BEC2367E}
Thu Jun 30 14:55:04 2022 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Thu Jun 30 14:55:04 2022 MANAGEMENT: >STATE:1656593704,ASSIGN_IP,,10.81.234.9,,,,
Thu Jun 30 14:55:08 2022 TEST ROUTES: 3/3 succeeded len=3 ret=1 a=0 u/d=up
Thu Jun 30 14:55:08 2022 MANAGEMENT: >STATE:1656593708,ADD_ROUTES,,,,,,
Thu Jun 30 14:55:08 2022 C:\Windows\system32\route.exe ADD xxx.xxx.xxx.xxx MASK 255.255.255.255 192.168.0.1
Thu Jun 30 14:55:08 2022 Route addition via service succeeded
Thu Jun 30 14:55:08 2022 C:\Windows\system32\route.exe ADD 10.17.123.0 MASK 255.255.255.0 10.81.234.5
Thu Jun 30 14:55:08 2022 Route addition via service succeeded
Thu Jun 30 14:55:08 2022 C:\Windows\system32\route.exe ADD xxx.xxx.xxx.xxx MASK 255.255.255.255 192.168.0.1
Thu Jun 30 14:55:08 2022 ROUTE: route addition failed using service: Das Objekt ist bereits vorhanden.   [status=5010 if_index=14]
Thu Jun 30 14:55:08 2022 Route addition via service failed
Thu Jun 30 14:55:08 2022 Initialization Sequence Completed
Thu Jun 30 14:55:08 2022 MANAGEMENT: >STATE:1656593708,CONNECTED,SUCCESS,10.81.234.9,xxx.xxx.xxx.xxx,8443,192.168.0.251,49698
 

folgendes habe ich bereits versucht:

https://ugetfix.com/ask/how-to-fix-socket-error-10060-on-windows/

SSL VPN Software mehrmals neu installiert =  selbes Ergebniss 

Neues Betriebsystem in einer  VM aufgesetzt  (jeweils Windows 10 Home & Enterprise LTSC mit aktuellen Patchstand) = selbes Ergebniss

Hat hier irgendwär Irgendwelche Ideen woran das liegen kann.

Gruß

Straubinger Simon



Added TAGs
[edited by: Erick Jan at 8:27 AM (GMT -7) on 8 Jun 2023]
Parents Reply Children
Unfiltered HTML