I have a problem with some VPN clients at times. Connections to a certain subnet are not possible.
After some investigations it shows, that one of the routes is missing under Windows.
1. Route shows correct in Sophos Connect client.
2. Route is correctly installed, if i look at the vpn log.
3. Route shows in CMD "route print"
4. DNS requests are showing up from VPN virtual ip 10.242.4.2, but no answer is received
5. All other requests going out with the client public ip, not routed through th tunnel.
6. After some minutes, the route disappears from windows "route print"
7. DNS request are send still through the tunnel without an answer
- Problem is only on 1 of 4 remote networks (but the most important, directly connected to the utm)
- Problem is only on certain windows notebooks / user
Tried on a very basic Windows 11 installation only with Sophos Connect (1.4.45 and 2.3.1) and InterceptX.
Any ideas?
PS:
Charon.log shows some entries:
169.254.132.148 disappeared from interface 7 'Sophos TAP Adapter'
and then:
received DELETE for ESP CHILD_SA with SPI 6ef6655f
closing CHILD_SA Einwahl_xxxxxx{34} with SPIs 16bbc8a1_i (0 bytes) 6ef6655f_o (1361 bytes) and TS 10.242.4.2/32 === 10.10.33.0/24
Looks like killing 1 of 4 SA's
Bye
Christian
added log details
[bearbeitet von: Christian Sievers um 12:06 PM (GMT -7) am 30 Aug 2024]
