Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 11 replies
  • Subscribers 4 subscribers
  • Views 1932 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Wingo SSL VPN

fox007

Hallo zusammen 

Aktuell bin ich etwas ratlos, aber evtl. kann mir jemand einen Tipp geben. Ich habe meinen ISP  gewechselt und musste das WAN Interface auf Ethernet (vorher auf PPOE) umstellen um eine Internet Verbindung zu bekommen. Soweit funktioniert meine Verbindung ins Internet und ich habe via  DHCP vom neuen ISP (Wingo) eine IP bekommen soweit so gut. Mein Problem ist, dass meinen SSL VPN nach der Umstellung der WAN Schnittstelle auf Ethernet nicht mehr funktionierte.  

Ist es möglich, dass mein ISP auf der öffentlichen IP NAT eingeschalten hat und ich somit mit meinem SSL VPN gar nicht in mein SSL VPN Netz komme (SIGUSER1 [soft,connection-reset] received, process restarting )’Warte auf Server’?  

Bin für jede Hilfe dankbar. 

Gruss 

Reto 



This thread was automatically locked due to age.
Parents
  • 0

    Hi

    Yes I have a public adress and yes I have downlaod the new config from the user portal.... And I work with dyndns and I see the correctly IP address in the openvpn client.

    Thanks fro your help.

    Sohos UTM 9  / 9.705-7

  • 0 in reply to fox007

    Sohos UTM 9  / 9.705-7

  • 0 in reply to fox007

    In the SSL client I only see the dynamically assigned IP from the provider (the ip is correct). I do not get any response from the SSL pool.
    I see only this:

    Thank you for any help

    Reto

    PS: Log from Sophos ssl protocoll:

    2021:07:06-08:48:40 sophos01 openvpn[32376]: PLUGIN_CALL: POST /usr/lib/openvpn/plugins/openvpn-plugin-utm.so/PLUGIN_UP status=0
    2021:07:06-08:48:41 sophos01 openvpn[32376]: Data Channel MTU parms [ L:1604 D:1450 EF:104 EB:143 ET:0 EL:3 AF:3/1 ]
    2021:07:06-08:48:41 sophos01 openvpn[32376]: Listening for incoming TCP connection on [undef]
    2021:07:06-08:48:41 sophos01 openvpn[32376]: TCPv4_SERVER link local (bound): [undef]
    2021:07:06-08:48:41 sophos01 openvpn[32376]: TCPv4_SERVER link remote: [undef]
    2021:07:06-08:48:41 sophos01 openvpn[32376]: MULTI: multi_init called, r=256 v=256
    2021:07:06-08:48:41 sophos01 openvpn[32376]: IFCONFIG POOL: base=10.242.2.2 size=252, ipv6=0
    2021:07:06-08:48:41 sophos01 openvpn[32376]: IFCONFIG POOL LIST
    2021:07:06-08:48:41 sophos01 openvpn[32376]: MULTI: TCP INIT maxclients=1024 maxevents=1028
    2021:07:06-08:48:41 sophos01 openvpn[32376]: Initialization Sequence Completed

    Sohos UTM 9  / 9.705-7

  • FormerMember
    0 FormerMember in reply to fox007

    Hi ,

    If you run a packet capture on the UTM on the source public IP address, do you see the traffic? If yes, check if any firewall rules drop this traffic in packetfilter logs. Also, is port 443 used by any other services on the UTM, such as UserPortal or DNAT rules? 

    Thanks,

  • 0 in reply to FormerMember

    Hi

    I have never done a packet capture on the UTM. I will try it when I get the chance. Traffic on the WAN interface is OK (browsing ok), but I don't see any request from my WAN IP in the firewall log!!?
    Also in the SSL log (external to Sophos) I see no response from the default VPN pool (SSL). Also on Sophos I don't see any request from external in the SSL log.
    Is it possible that my ISP has a NAT on the dynamic IP?

    Thanks for the help and patience.
    Reto

    PS: Request for NAT on the WAN IP is open with the ISP. The Port 443 is free. I have changed to 4443 and make a new export from the userportal / config, the same problem...

    Sohos UTM 9  / 9.705-7

  • 0 in reply to fox007

    Hi

    I have never done a packet capture on the UTM. I will try it when I get the chance. Traffic on the WAN interface is OK (browsing ok), but I don't see any request from my WAN IP in the firewall log!!?
    Also in the SSL log (external to Sophos) I see no response from the default VPN pool (SSL). Also on Sophos I don't see any request from external in the SSL log.
    Is it possible that my ISP has a NAT on the dynamic IP?

    Thanks for the help and patience.
    Reto

    PS: Request for NAT on the WAN IP is open with the ISP. The Port 443 is free. I have changed to 4443 and make a new export from the userportal / config, the same problem...

    Sohos UTM 9  / 9.705-7

  • 0 in reply to fox007

    What I don't understand, my dynamic IP from ISP is 178.238.174.225 at a tracert to google.ch the first hub after my sophos is 138.187.22.22 and I never see the subnet 178.238.174.0/24 ?

    Does anyone have an explanation ? How should I establish a VPN connection there?

    Thanks and greetings
    Reto

    Sohos UTM 9  / 9.705-7

  • 0 in reply to fox007

    SOLUTION:

    In the ISP settings a menu item "internet settings" was not visible. My ISP assigns normally only geNATete IP's.
    After that I was able to set my ISP connection to DMZ and then I got the public IP directly.


    Thanks Harsh Patel for your help and efforts.

    Sohos UTM 9  / 9.705-7

  • 0 in reply to fox007

    Moin fox007

    Das finde ich sehr interessant, habe es aber nicht verstanden :-(

    Magst Du noch mal Screenshots davon posten, was Du jetzt genau gemacht hast, um das Problem zu lösen? - Das Problem wird zukünftig sicher noch bei anderen autauchen, die dann auf diesen Post stoßen werden.

    Vielen Dank!

    LG, Janbo

    ---

    janbo.noerskau@comedia.de UTM lover ;-)

Reply Children
No Data
Unfiltered HTML