Hallo,
folgende Problematik bei mir bricht seit ca. 2 Wochen immer wieder das SSL VPN ab hier das Log:
Thu Jun 30 14:39:24 2022 OpenVPN 2.3.8 i686-w64-mingw32 [SSL (OpenSSL)] [LZO] [IPv6] built on Jul 3 2017Thu Jun 30 14:39:24 2022 library versions: OpenSSL 1.0.2l 25 May 2017, LZO 2.09Thu Jun 30 14:39:24 2022 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340Thu Jun 30 14:39:24 2022 Need hold release from management interface, waiting...Thu Jun 30 14:39:24 2022 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340Thu Jun 30 14:39:24 2022 MANAGEMENT: CMD 'state on'Thu Jun 30 14:39:24 2022 MANAGEMENT: CMD 'log all on'Thu Jun 30 14:39:24 2022 MANAGEMENT: CMD 'hold off'Thu Jun 30 14:39:24 2022 MANAGEMENT: CMD 'hold release'Thu Jun 30 14:39:32 2022 MANAGEMENT: CMD 'username "Auth" "simon"'Thu Jun 30 14:39:32 2022 MANAGEMENT: CMD 'password [...]'Thu Jun 30 14:39:32 2022 Socket Buffers: R=[65536->65536] S=[65536->65536]Thu Jun 30 14:39:32 2022 MANAGEMENT: >STATE:1656592772,RESOLVE,,,,,,Thu Jun 30 14:39:32 2022 Attempting to establish TCP connection with [AF_INET]xxx.xxx.xxx.xxx:8443 [nonblock]Thu Jun 30 14:39:32 2022 MANAGEMENT: >STATE:1656592772,TCP_CONNECT,,,,,,Thu Jun 30 14:39:33 2022 TCP connection established with [AF_INET]xxx.xxx.xxx.xxx:8443Thu Jun 30 14:39:33 2022 TCPv4_CLIENT link local: [undef]Thu Jun 30 14:39:33 2022 TCPv4_CLIENT link remote: [AF_INET]xxx.xxx.xxx.xxx:8443Thu Jun 30 14:39:33 2022 MANAGEMENT: >STATE:1656592773,WAIT,,,,,,Thu Jun 30 14:39:33 2022 MANAGEMENT: >STATE:1656592773,AUTH,,,,,,Thu Jun 30 14:39:33 2022 TLS: Initial packet from [AF_INET]xxx.xxx.xxx.xxx:8443, sid=661cb874 36b321dfThu Jun 30 14:39:33 2022 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent thisThu Jun 30 14:39:33 2022 VERIFY OK: depth=1, C=DE, ST=BY, L=Haiming, O=xxxxx, OU=OU, CN=Sophos_CA_C1A0A48J993G733, emailAddress=xxxxxThu Jun 30 14:39:33 2022 VERIFY X509NAME OK: C=DE, ST=BY, L=Haiming, O=Gemeinde Haiming, OU=OU, CN=SophosApplianceCertificate_C1A0A48J993G733, emailAddress=gl@haiming.deThu Jun 30 14:39:33 2022 VERIFY OK: depth=0, C=DE, ST=BY, L=Haiming, O=xxxxx, OU=OU, CN=SophosApplianceCertificate_C1A0A48J993G733, emailAddress=xxxxxThu Jun 30 14:39:34 2022 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit keyThu Jun 30 14:39:34 2022 Data Channel Encrypt: Using 256 bit message hash 'SHA256' for HMAC authenticationThu Jun 30 14:39:34 2022 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit keyThu Jun 30 14:39:34 2022 Data Channel Decrypt: Using 256 bit message hash 'SHA256' for HMAC authenticationThu Jun 30 14:39:34 2022 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSAThu Jun 30 14:39:34 2022 [SophosApplianceCertificate_C1A0A48J993G733] Peer Connection Initiated with [AF_INET]24.134.67.117:8443Thu Jun 30 14:39:35 2022 MANAGEMENT: >STATE:1656592775,GET_CONFIG,,,,,,Thu Jun 30 14:39:36 2022 SENT CONTROL [SophosApplianceCertificate_C1A0A48J993G733]: 'PUSH_REQUEST' (status=1)Thu Jun 30 14:39:36 2022 PUSH: Received control message: 'PUSH_REPLY,route-gateway 10.81.234.5,sndbuf 0,rcvbuf 0,sndbuf 0,rcvbuf 0,ping 45,ping-restart 180,route 10.17.123.0 255.255.255.0,topology subnet,route remote_host 255.255.255.255 net_gateway,ifconfig 10.81.234.8 255.255.255.0'Thu Jun 30 14:39:36 2022 OPTIONS IMPORT: timers and/or timeouts modifiedThu Jun 30 14:39:36 2022 OPTIONS IMPORT: --sndbuf/--rcvbuf options modifiedThu Jun 30 14:39:36 2022 Socket Buffers: R=[65536->65536] S=[65536->65536]Thu Jun 30 14:39:36 2022 OPTIONS IMPORT: --ifconfig/up options modifiedThu Jun 30 14:39:36 2022 OPTIONS IMPORT: route options modifiedThu Jun 30 14:39:36 2022 OPTIONS IMPORT: route-related options modifiedThu Jun 30 14:39:36 2022 ROUTE_GATEWAY 192.168.0.1/255.255.255.0 I=14 HWADDR=96:33:34:cf:8c:84Thu Jun 30 14:39:36 2022 open_tun, tt->ipv6=0Thu Jun 30 14:39:36 2022 TAP-WIN32 device [Ethernet 2] opened: \\.\Global\{B8876532-3A18-4DBF-BAC9-9F15BEC2367E}.tapThu Jun 30 14:39:36 2022 TAP-Windows Driver Version 9.21 Thu Jun 30 14:39:36 2022 Set TAP-Windows TUN subnet mode network/local/netmask = 10.81.234.0/10.81.234.8/255.255.255.0 [SUCCEEDED]Thu Jun 30 14:39:36 2022 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.81.234.8/255.255.255.0 on interface {B8876532-3A18-4DBF-BAC9-9F15BEC2367E} [DHCP-serv: 10.81.234.254, lease-time: 31536000]Thu Jun 30 14:39:36 2022 Successful ARP Flush on interface [13] {B8876532-3A18-4DBF-BAC9-9F15BEC2367E}Thu Jun 30 14:39:36 2022 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0Thu Jun 30 14:39:36 2022 MANAGEMENT: >STATE:1656592776,ASSIGN_IP,,10.81.234.8,,,,Thu Jun 30 14:39:41 2022 TEST ROUTES: 3/3 succeeded len=3 ret=1 a=0 u/d=upThu Jun 30 14:39:41 2022 MANAGEMENT: >STATE:1656592781,ADD_ROUTES,,,,,,Thu Jun 30 14:39:41 2022 C:\Windows\system32\route.exe ADD xxx.xxx.xxx.xxx MASK 255.255.255.255 192.168.0.1Thu Jun 30 14:39:41 2022 Route addition via service succeededThu Jun 30 14:39:41 2022 C:\Windows\system32\route.exe ADD 10.17.123.0 MASK 255.255.255.0 10.81.234.5Thu Jun 30 14:39:41 2022 Route addition via service succeededThu Jun 30 14:39:41 2022 C:\Windows\system32\route.exe ADD xxx.xxx.xxx.xxx MASK 255.255.255.255 192.168.0.1Thu Jun 30 14:39:41 2022 ROUTE: route addition failed using service: Das Objekt ist bereits vorhanden. [status=5010 if_index=14]Thu Jun 30 14:39:41 2022 Route addition via service failedThu Jun 30 14:39:41 2022 Initialization Sequence CompletedThu Jun 30 14:39:41 2022 MANAGEMENT: >STATE:1656592781,CONNECTED,SUCCESS,10.81.234.8,xxx.xxx.xxx.xxx,8443,192.168.0.251,49687Thu Jun 30 14:54:53 2022 read TCPv4_CLIENT: Connection timed out (WSAETIMEDOUT) (code=10060)Thu Jun 30 14:54:53 2022 Connection reset, restarting [-1]Thu Jun 30 14:54:53 2022 SIGUSR1[soft,connection-reset] received, process restartingThu Jun 30 14:54:53 2022 MANAGEMENT: >STATE:1656593693,RECONNECTING,connection-reset,,,,,Thu Jun 30 14:54:53 2022 Restart pause, 5 second(s)Thu Jun 30 14:54:58 2022 Socket Buffers: R=[65536->65536] S=[65536->65536]Thu Jun 30 14:54:58 2022 MANAGEMENT: >STATE:1656593698,RESOLVE,,,,,,Thu Jun 30 14:54:58 2022 Attempting to establish TCP connection with [AF_INET]xxx.xxx.xxx.xxx:8443 [nonblock]Thu Jun 30 14:54:58 2022 MANAGEMENT: >STATE:1656593698,TCP_CONNECT,,,,,,Thu Jun 30 14:54:59 2022 TCP connection established with [AF_INET]xxx.xxx.xxx.xxx:8443Thu Jun 30 14:54:59 2022 TCPv4_CLIENT link local: [undef]Thu Jun 30 14:54:59 2022 TCPv4_CLIENT link remote: [AF_INET]xxx.xxx.xxx.xxx:8443Thu Jun 30 14:54:59 2022 MANAGEMENT: >STATE:1656593699,WAIT,,,,,,Thu Jun 30 14:54:59 2022 MANAGEMENT: >STATE:1656593699,AUTH,,,,,,Thu Jun 30 14:54:59 2022 TLS: Initial packet from [AF_INET]xxx.xxx.xxx.xxx:8443, sid=f181329a 415b9131Thu Jun 30 14:54:59 2022 VERIFY OK: depth=1, C=DE, ST=BY, L=Haiming, O=xxxxx, OU=OU, CN=Sophos_CA_C1A0A48J993G733, emailAddress=xxxxxThu Jun 30 14:54:59 2022 VERIFY X509NAME OK: C=DE, ST=BY, L=Haiming, O=Gemeinde Haiming, OU=OU, CN=SophosApplianceCertificate_C1A0A48J993G733, emailAddress=gl@haiming.deThu Jun 30 14:54:59 2022 VERIFY OK: depth=0, C=DE, ST=BY, L=Haiming, O=xxxxx, OU=OU, CN=SophosApplianceCertificate_C1A0A48J993G733, emailAddress=xxxxxThu Jun 30 14:55:00 2022 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit keyThu Jun 30 14:55:00 2022 Data Channel Encrypt: Using 256 bit message hash 'SHA256' for HMAC authenticationThu Jun 30 14:55:00 2022 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit keyThu Jun 30 14:55:00 2022 Data Channel Decrypt: Using 256 bit message hash 'SHA256' for HMAC authenticationThu Jun 30 14:55:00 2022 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSAThu Jun 30 14:55:00 2022 [SophosApplianceCertificate_C1A0A48J993G733] Peer Connection Initiated with [AF_INET]24.134.67.117:8443Thu Jun 30 14:55:02 2022 MANAGEMENT: >STATE:1656593702,GET_CONFIG,,,,,,Thu Jun 30 14:55:03 2022 SENT CONTROL [SophosApplianceCertificate_C1A0A48J993G733]: 'PUSH_REQUEST' (status=1)Thu Jun 30 14:55:03 2022 PUSH: Received control message: 'PUSH_REPLY,route-gateway 10.81.234.5,sndbuf 0,rcvbuf 0,sndbuf 0,rcvbuf 0,ping 45,ping-restart 180,route 10.17.123.0 255.255.255.0,topology subnet,route remote_host 255.255.255.255 net_gateway,ifconfig 10.81.234.9 255.255.255.0'Thu Jun 30 14:55:03 2022 OPTIONS IMPORT: timers and/or timeouts modifiedThu Jun 30 14:55:03 2022 OPTIONS IMPORT: --sndbuf/--rcvbuf options modifiedThu Jun 30 14:55:03 2022 Socket Buffers: R=[65536->65536] S=[65536->65536]Thu Jun 30 14:55:03 2022 OPTIONS IMPORT: --ifconfig/up options modifiedThu Jun 30 14:55:03 2022 OPTIONS IMPORT: route options modifiedThu Jun 30 14:55:03 2022 OPTIONS IMPORT: route-related options modifiedThu Jun 30 14:55:03 2022 Preserving previous TUN/TAP instance: Ethernet 2Thu Jun 30 14:55:03 2022 NOTE: Pulled options changed on restart, will need to close and reopen TUN/TAP device.Thu Jun 30 14:55:03 2022 C:\Windows\system32\route.exe DELETE 10.17.123.0 MASK 255.255.255.0 10.81.234.5Thu Jun 30 14:55:03 2022 Route deletion via service succeededThu Jun 30 14:55:03 2022 C:\Windows\system32\route.exe DELETE xxx.xxx.xxx.xxx MASK 255.255.255.255 192.168.0.1Thu Jun 30 14:55:03 2022 Route deletion via service succeededThu Jun 30 14:55:03 2022 Closing TUN/TAP interfaceThu Jun 30 14:55:04 2022 ROUTE_GATEWAY 192.168.0.1/255.255.255.0 I=14 HWADDR=96:33:34:cf:8c:84Thu Jun 30 14:55:04 2022 open_tun, tt->ipv6=0Thu Jun 30 14:55:04 2022 TAP-WIN32 device [Ethernet 2] opened: \\.\Global\{B8876532-3A18-4DBF-BAC9-9F15BEC2367E}.tapThu Jun 30 14:55:04 2022 TAP-Windows Driver Version 9.21 Thu Jun 30 14:55:04 2022 Set TAP-Windows TUN subnet mode network/local/netmask = 10.81.234.0/10.81.234.9/255.255.255.0 [SUCCEEDED]Thu Jun 30 14:55:04 2022 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.81.234.9/255.255.255.0 on interface {B8876532-3A18-4DBF-BAC9-9F15BEC2367E} [DHCP-serv: 10.81.234.254, lease-time: 31536000]Thu Jun 30 14:55:04 2022 Successful ARP Flush on interface [13] {B8876532-3A18-4DBF-BAC9-9F15BEC2367E}Thu Jun 30 14:55:04 2022 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0Thu Jun 30 14:55:04 2022 MANAGEMENT: >STATE:1656593704,ASSIGN_IP,,10.81.234.9,,,,Thu Jun 30 14:55:08 2022 TEST ROUTES: 3/3 succeeded len=3 ret=1 a=0 u/d=upThu Jun 30 14:55:08 2022 MANAGEMENT: >STATE:1656593708,ADD_ROUTES,,,,,,Thu Jun 30 14:55:08 2022 C:\Windows\system32\route.exe ADD xxx.xxx.xxx.xxx MASK 255.255.255.255 192.168.0.1Thu Jun 30 14:55:08 2022 Route addition via service succeededThu Jun 30 14:55:08 2022 C:\Windows\system32\route.exe ADD 10.17.123.0 MASK 255.255.255.0 10.81.234.5Thu Jun 30 14:55:08 2022 Route addition via service succeededThu Jun 30 14:55:08 2022 C:\Windows\system32\route.exe ADD xxx.xxx.xxx.xxx MASK 255.255.255.255 192.168.0.1Thu Jun 30 14:55:08 2022 ROUTE: route addition failed using service: Das Objekt ist bereits vorhanden. [status=5010 if_index=14]Thu Jun 30 14:55:08 2022 Route addition via service failedThu Jun 30 14:55:08 2022 Initialization Sequence CompletedThu Jun 30 14:55:08 2022 MANAGEMENT: >STATE:1656593708,CONNECTED,SUCCESS,10.81.234.9,xxx.xxx.xxx.xxx,8443,192.168.0.251,49698
folgendes habe ich bereits versucht:
https://ugetfix.com/ask/how-to-fix-socket-error-10060-on-windows/ = trifft alles nicht zu
SSL VPN Software mehrmals neu installiert = selbes Ergebniss
Neues Betriebsystem in einer VM aufgesetzt (jeweils Windows 10 Home & Enterprise LTSC mit aktuellen Patchstand) = selbes Ergebniss
Hat hier irgendwär Irgendwelche Ideen woran das liegen kann.
Gruß
Straubinger Simon
Hallo Simon Straubinger,
Vielen Dank, dass Sie sich an die Community gewandt haben. Bitte stellen Sie sicher, dass kein anderer ähnlicher SSL-VPN-Client oder Cisco Any Connect-Client vorhanden ist. oder eine doppelte tuntap-Schnittstelle ist nicht vorhanden und versuchen Sie es erneut.
Oder versuchen Sie es auf einer Maschine, die keine virtuelle Schnittstelle hat, und installieren Sie einen neuen Client.
Sobald die Verbindung hergestellt ist, stellen Sie sicher, dass eine LAN-zu-VPN- und eine VPN-zu-LAN-Regel mit aktiviertem NAT vorhanden ist.
Thanks & Regards,_______________________________________________________________
Vivek Jagad | Technical Account Manager 3 | Cyber Security Evolved
Sophos Community | Product Documentation | Sophos Techvids | SMSIf a post solves your question please use the 'Verify Answer' button.
kann das auch sein das der von mir angewählte Computer diese Probleme verursacht, nutzte hier nähmlich noch lancom vpn?
Ja, es könnte ein Problem auf Systemebene sein ...
habe es jetzt mal mit aktivierten NAT (war nicht vorhanden) probiert ob es geholfen wird sich die nächsten Tage zeigen.
Besten Dank schonmal
Sicher, wenn Ihnen dies geholfen hat, klicken Sie auf die Schaltfläche "Bestätigen", um unserer Community beim Wachsen zu helfen.