Can you please help me, setting up my remote access ssl vpn.
Above is my current set-up
But i still get error, see below error logs
What configuration am I missing? Thanks in advance.
This thread was automatically locked due to age.
Can you please help me, setting up my remote access ssl vpn.
Above is my current set-up
But i still get error, see below error logs
What configuration am I missing? Thanks in advance.
tried what you advised, but still I am getting the same error.
You were getting a TLS error, which means the initial handshake is failing.
1) sha1 is deprecated as insufficiently secure. Change to sha2.
2) aes128 is weak. Change to aes256.
It may be that your client is configured to only accept the new protocols, while your utm is only offering old ones.
Does your utm have its own ca-issued identity certificate? Is that name in the override hosts file? Is that name in dns or in the client hosts file? Have you updated the client to ensure that the utm name stored on the client pc matchhes the certificate name?
The product works. You will get there.
Hi, Jay-ar, and welcome to the UTM Community!
You're just getting started, so you can go back now and start over paying attention to The Zeroeth Rule in Rulz.
If you have only a single public IP, I would change from TCP 443 to UDP 1443 - that will accelerate your connection and avoid conflict with other uses for HTTPS. I would use 'Automatic firewall rules' and allow the SSL VPN service to listen on "Any" interface.
Cheers - Bob
PS Doug, you said, "2) aes128 is weak. Change to aes256." I think there's a vulnerability in AES256 that AES128 doesn't have, so I prefer AES128.