Hello, all of our users can't connect via SSL VPN since yesterday afternoon.
I tried the connection via the old SSL VPN Client and via the new Sophos Connect client. Both don't work.
I tried it with a new config file from the UTM, no difference.
We have OTP active. I tried to disable it for vpn, still not working.
Interesting tho: The login into the User Portal is possible. It' also only possible without using the OTP; however at [Definitions & User > Authentication Services > One-time Passwords] the box "Enable OTP for facilities" is checked for User Portal.
We're using a SG230, firmware version 9.710-1
The SSL VPN log says:
The user authentication daemon log says:
2022:06:01-07:45:48 utmdo01 aua[24999]: id="3006" severity="info" sys="System" sub="auth" name="Trying 172.20.1.85 (adirectory)" 2022:06:01-07:45:48 utmdo01 aua[24999]: id="3006" severity="info" sys="System" sub="auth" name="Trying 172.20.1.85 (ldap)" 2022:06:01-07:45:48 utmdo01 aua[24999]: id="3006" severity="info" sys="System" sub="auth" name="Trying 172.20.1.5 (adirectory)" 2022:06:01-07:45:48 utmdo01 aua[24999]: id="3006" severity="info" sys="System" sub="auth" name="Trying 172.20.1.5 (ldap)" 2022:06:01-07:45:48 utmdo01 aua[24999]: id="3006" severity="info" sys="System" sub="auth" name="Trying 172.20.1.85 (radius)" 2022:06:01-07:45:48 utmdo01 aua[24999]: id="3005" severity="warn" sys="System" sub="auth" name="Authentication failed" srcip="192.168.111.96" host="" user="username" caller="openvpn" reason="DENIED" 2022:06:01-07:45:48 utmdo01 aua[3906]: id="3006" severity="info" sys="System" sub="auth" name="Running _cleanup_up_children with max_run_time: 53"
Edit: I created a user locally on the UTM itself and that user can connect via VPN. So it seems like there's an error with the UTM and the AD / LDAP communicating?
However I can use the test example user feature and it says it works...
This thread was automatically locked due to age.
