This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Upgraded last night to 9.707-5 and now remote access VPN isn't working.

Upgraded last night and now my clients are getting the following errors when connecting to VPN.   Any help would be great...

Fri Oct 08 09:14:29 2021 MANAGEMENT: >STATE:1633698869,TCP_CONNECT,,,,,,
Fri Oct 08 09:14:39 2021 TCP: connect to [AF_INET]173.x.x.x:443 failed, will try again in 5 seconds: The system tried to join a drive to a directory on a joined drive.  
Fri Oct 08 09:14:44 2021 MANAGEMENT: >STATE:1633698884,TCP_CONNECT,,,,,,
Fri Oct 08 09:14:54 2021 TCP: connect to [AF_INET]173.x.x.x:443 failed, will try again in 5 seconds: The system tried to join a drive to a directory on a joined drive.  
Fri Oct 08 09:14:59 2021 MANAGEMENT: >STATE:1633698899,TCP_CONNECT,,,,,,

I just found this in the SSL VPN log

2021:10:08-09:09:56 -2 openvpn[24781]: MANAGEMENT: unix domain socket listening on /var/run/openvpn_mgmt
2021:10:08-09:09:56 -2 openvpn[24781]: WARNING: using --duplicate-cn and --client-config-dir together is probably not what you want
2021:10:08-09:09:56 -2 openvpn[24781]: WARNING: --ifconfig-pool-persist will not work with --duplicate-cn
2021:10:08-09:09:56 -2 openvpn[24781]: PLUGIN_INIT: POST /usr/lib/openvpn/plugins/openvpn-plugin-utm.so '[/usr/lib/openvpn/plugins/openvpn-plugin-utm.so]' intercepted=PLUGIN_UP|PLUGIN_DOWN|PLUGIN_AUTH_USER_PASS_VERIFY|PLUGIN_CLIENT_CONNECT|PLUGIN_CLIENT_DISCONNECT
2021:10:08-09:09:56 -2 openvpn[24781]: Cannot load DH parameters from /etc/openvpn/dh2048.local.pem: error:0906D06C:PEM routines:PEM_read_bio:no start line
2021:10:08-09:09:56 -2 openvpn[24781]: Exiting due to fatal error


This thread was automatically locked due to age.
Parents
  • On one of your clients to test my theory, I think you will either need to:

    1.  Uninstall the SSL client, and reinstall from the User Portal, or at least:

    2. Import an updated config from the User Portal.  (I've found this to not always be reliable for me, and default to #1)

    Looking back on this same issue in the past, it's an OpenVPN bug, and usually reinstalling the VPN client fresh fixes it.

    Are you able to do that on at least one client?  The 'system tried to join a drive...' error is probably related to that.  Your warning in red there I believe is a default log entry when UTM is the VPN server.

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

Reply
  • On one of your clients to test my theory, I think you will either need to:

    1.  Uninstall the SSL client, and reinstall from the User Portal, or at least:

    2. Import an updated config from the User Portal.  (I've found this to not always be reliable for me, and default to #1)

    Looking back on this same issue in the past, it's an OpenVPN bug, and usually reinstalling the VPN client fresh fixes it.

    Are you able to do that on at least one client?  The 'system tried to join a drive...' error is probably related to that.  Your warning in red there I believe is a default log entry when UTM is the VPN server.

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

Children
No Data