Hello everybody,
I've stumbled upon a strange problem last Saturday: One of our sales people was unable to establish a VPN connection to our main office using the SSL VPN client.
He sent me a screenshot of the log file and what peaked my interest was the following error message:
DEPRECATED OPTION -tls-remote, please update your configuration
The actual cause of his inability to connect seemed to be a DNS issue. His PC was unable to resolve the public hostname of our SG430 cluster.
Unfortunately, I was not directly involved with the trouble shooting.
He uninstalled the SSL client from his machine, redownloaded the VPN profile from the user portal and was able to connect.
When I checked the original SSL config file and the file he redownloaded from the UTM, the tls-remote option was indeed missing from the redownloaded config file.
I then went ahead and checked my own profile on my machine and the tls-remote option was still present.
I don't have any problems connecting to our VPN and there also aren't any error messages regarding this deprecated option in my log file.
I also redownloaded my VPN profile from the user portal and the tls-remote option is no longer present.
So I'm assuming that some firmware update those last months removed the option from all profiles?
I'm unsure what to do at this point: Can I simply ignore this configuration change or do I need to redeploy all VPN profiles to all our users to prevent issues with this deprecated option?
Thanks in advance,
Dominik
This thread was automatically locked due to age.
