Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 6 replies
  • Subscribers 7 subscribers
  • Views 12234 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Help: Set-up Remote access SSL VPN

Jay-ar Balberan

Can you please help me, setting up my remote access ssl vpn.

Above is my current set-up

But i still get error, see below error logs

What configuration am I missing? Thanks in advance.



This thread was automatically locked due to age.
Parents
  • 0

    change interface address to "Any" and clear Override hostname.  Just curious show us your profile settings

  • 0 in reply to PatrickLee

    unable to use any. since it is already used on our exchange server.

    see above profile setting.

  • 0 in reply to Jay-ar Balberan

    You were getting a TLS error, which means the initial handshake is failing.

    1) sha1 is deprecated as insufficiently secure.   Change to sha2.

    2) aes128 is weak.  Change to aes256.

    It may be that your client is configured to only accept the new protocols, while your utm is only offering old ones.

    Does your utm have its own ca-issued identity certificate?   Is that name in the override hosts file?   Is that name in dns or in the client hosts file?   Have you updated the client to ensure that the utm name stored on the client pc matchhes the certificate name?

    The product works.  You will get there.

Reply
  • 0 in reply to Jay-ar Balberan

    You were getting a TLS error, which means the initial handshake is failing.

    1) sha1 is deprecated as insufficiently secure.   Change to sha2.

    2) aes128 is weak.  Change to aes256.

    It may be that your client is configured to only accept the new protocols, while your utm is only offering old ones.

    Does your utm have its own ca-issued identity certificate?   Is that name in the override hosts file?   Is that name in dns or in the client hosts file?   Have you updated the client to ensure that the utm name stored on the client pc matchhes the certificate name?

    The product works.  You will get there.

Children
No Data
Unfiltered HTML