This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

one (1) out-of-control tunnelblick SSL VPN user causing 100% CPU load on UTM

SG430 v9.718-5 at 100% cpu load, mostly caused by confd process due to one single SSL VPN connection that is permanently connecting (16 times per minute) and disconnecting.

Seems like SG SSL OpenVPN implementation is not able to catch and limit that behaviour.

openvpn log in loop:

Peer Connection Initiated

Connection reset, restarting

SIGUSR1[soft,connection-reset] received, client-instance restarting

TLS: Username/Password authentication deferred for username

Peer Connection Initiated

2024:02:14-09:40:02 firewall openvpn[10620]: clientWANIP:57255 [username] Peer Connection Initiated with [AF_INET]clientWANIP:57255 (via [AF_INET]firewallIP:443)
2024:02:14-09:40:09 firewall openvpn[10620]: clientWANIP:57257 [username] Peer Connection Initiated with [AF_INET]clientWANIP:57257 (via [AF_INET]firewallIP:443)
2024:02:14-09:40:11 firewall openvpn[10620]: clientWANIP:57258 [username] Peer Connection Initiated with [AF_INET]clientWANIP:57258 (via [AF_INET]firewallIP:443)
2024:02:14-09:40:13 firewall openvpn[10620]: clientWANIP:57262 [username] Peer Connection Initiated with [AF_INET]clientWANIP:57262 (via [AF_INET]firewallIP:443)
2024:02:14-09:40:15 firewall openvpn[10620]: clientWANIP:57263 [username] Peer Connection Initiated with [AF_INET]clientWANIP:57263 (via [AF_INET]firewallIP:443)
2024:02:14-09:40:17 firewall openvpn[10620]: clientWANIP:57264 [username] Peer Connection Initiated with [AF_INET]clientWANIP:57264 (via [AF_INET]firewallIP:443)
2024:02:14-09:40:19 firewall openvpn[10620]: clientWANIP:57265 [username] Peer Connection Initiated with [AF_INET]clientWANIP:57265 (via [AF_INET]firewallIP:443)
2024:02:14-09:40:26 firewall openvpn[10620]: clientWANIP:57267 [username] Peer Connection Initiated with [AF_INET]clientWANIP:57267 (via [AF_INET]firewallIP:443)
2024:02:14-09:40:28 firewall openvpn[10620]: clientWANIP:57268 [username] Peer Connection Initiated with [AF_INET]clientWANIP:57268 (via [AF_INET]firewallIP:443)
2024:02:14-09:40:30 firewall openvpn[10620]: clientWANIP:57269 [username] Peer Connection Initiated with [AF_INET]clientWANIP:57269 (via [AF_INET]firewallIP:443)
2024:02:14-09:40:31 firewall openvpn[10620]: clientWANIP:57270 [username] Peer Connection Initiated with [AF_INET]clientWANIP:57270 (via [AF_INET]firewallIP:443)
2024:02:14-09:40:38 firewall openvpn[10620]: clientWANIP:57279 [username] Peer Connection Initiated with [AF_INET]clientWANIP:57279 (via [AF_INET]firewallIP:443)
2024:02:14-09:40:40 firewall openvpn[10620]: clientWANIP:57282 [username] Peer Connection Initiated with [AF_INET]clientWANIP:57282 (via [AF_INET]firewallIP:443)
2024:02:14-09:40:41 firewall openvpn[10620]: clientWANIP:57285 [username] Peer Connection Initiated with [AF_INET]clientWANIP:57285 (via [AF_INET]firewallIP:443)
2024:02:14-09:40:43 firewall openvpn[10620]: clientWANIP:57286 [username] Peer Connection Initiated with [AF_INET]clientWANIP:57286 (via [AF_INET]firewallIP:443)
2024:02:14-09:40:55 firewall openvpn[10620]: clientWANIP:57290 [username] Peer Connection Initiated with [AF_INET]clientWANIP:57290 (via [AF_INET]firewallIP:443)

confd log

2024:02:14-10:03:29 fw confd[3970]: I main::top-level:682() => id="310a" severity="info" sys="System" sub="confd" name="object changed" class="network" type="aaa" ref="REF_NetAaaxxxUserNetwo" objname="xxx (User Network)" user="system" srcip="127.0.0.1" sid="xxxxx" facility="system" client="confd-qrunner.pl" pid="30629" attr_addresses="['10.242.2.8']" attr_resolved="1" oldattr_addresses="['10.242.2.8']" oldattr_resolved="1"

The MacOS user updated it's tunnelblick SSL VPN client just yesterday to 4.0.0beta15 build 5950 (2024-02-12)

disabling the user solved the CPU high load immediately.



This thread was automatically locked due to age.
Parents Reply Children
No Data