Hi, I'm trying to set-up VPN to my UTM 9 so I can connect from "Open" networks back to a (more) secure position.
Here's what I've done thus far, any advice/guidance/pointers would be very much appreciated.
UTM: 9.510-5
Pattern version: 153278
Steps taken:
- Configured "Remote access" (UTM and client) following the "www.sophos.com/.../utm90_Remote_Access_Via_SSL_geng.pdf" document
- UTM "User portal" can be accessed from the Internet (aaa.bbb.ccc -- names removed to protect, same "reference" used in OpenVPN below) - checked via mobile "hotspot"
Issue:
- When connecting with OpenVPN (2.4.6) from Windows 10 I'm getting "recv_line: TCP port read failed on recv()" and the VPN connection just continues to retry
- Also tried the UTM User Portal version of VPN client & Windows 10 "built in" VPN client - same error
- Have checked Dr. GOOGLE and Sophos communities however there doesn't seem to be a definitive explanation/root cause/resolution.
- I've also updated the TAP driver although not sure that's the issue here (from a non-expert standpoint).
- First, what does "recv_line: TCP port read failed on recv()" actually (really) mean?
- Second, as I've tried 3 different (Windows 10) clients and get the same "error" my presumption is that my UTM 9 configurtion is at fault however I'm struggling to see where based upon following the .pdf link above
=== OpenVPN log start
Sat Nov 03 17:55:04 2018 OpenVPN 2.4.6 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Apr 26 2018
Sat Nov 03 17:55:04 2018 Windows version 6.2 (Windows 8 or greater) 64bit
Sat Nov 03 17:55:04 2018 library versions: OpenSSL 1.1.0h 27 Mar 2018, LZO 2.10
Enter Management Password:
Sat Nov 03 17:55:04 2018 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Sat Nov 03 17:55:04 2018 Need hold release from management interface, waiting...
Sat Nov 03 17:55:04 2018 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Sat Nov 03 17:55:04 2018 MANAGEMENT: CMD 'state on'
Sat Nov 03 17:55:04 2018 MANAGEMENT: CMD 'log all on'
Sat Nov 03 17:55:04 2018 MANAGEMENT: CMD 'echo all on'
Sat Nov 03 17:55:04 2018 MANAGEMENT: CMD 'bytecount 5'
Sat Nov 03 17:55:04 2018 MANAGEMENT: CMD 'hold off'
Sat Nov 03 17:55:04 2018 MANAGEMENT: CMD 'hold release'
Sat Nov 03 17:55:13 2018 MANAGEMENT: CMD 'username "Auth" "<name>"'
Sat Nov 03 17:55:13 2018 MANAGEMENT: CMD 'password [...]'
Sat Nov 03 17:55:13 2018 MANAGEMENT: CMD 'proxy HTTP aaa.bbb.ccc 443'
Sat Nov 03 17:55:14 2018 MANAGEMENT: >STATE:1541267714,RESOLVE,,,,,,
Sat Nov 03 17:55:14 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]1.2.3.4:443
Sat Nov 03 17:55:14 2018 Socket Buffers: R=[65536->65536] S=[65536->65536]
Sat Nov 03 17:55:14 2018 Attempting to establish TCP connection with [AF_INET]1.2.3.4:443 [nonblock]
Sat Nov 03 17:55:14 2018 MANAGEMENT: >STATE:1541267714,TCP_CONNECT,,,,,,
Sat Nov 03 17:55:15 2018 TCP connection established with [AF_INET]1.2.3.4:443
Sat Nov 03 17:55:15 2018 Send to HTTP proxy: 'CONNECT aaa.bbb.ccc:443 HTTP/1.0'
Sat Nov 03 17:55:15 2018 Send to HTTP proxy: 'Host: aaa.bbb.ccc'
Sat Nov 03 17:55:15 2018 recv_line: TCP port read failed on recv()
Sat Nov 03 17:55:15 2018 SIGUSR1[soft,init_instance] received, process restarting
Sat Nov 03 17:55:15 2018 MANAGEMENT: >STATE:1541267715,RECONNECTING,init_instance,,,,,
Sat Nov 03 17:55:15 2018 Restart pause, 5 second(s)
Sat Nov 03 17:55:19 2018 SIGTERM[hard,init_instance] received, process exiting
Sat Nov 03 17:55:19 2018 MANAGEMENT: >STATE:1541267719,EXITING,init_instance,,,,,
=== OpenVPN log end
Here's an "example" of what I see in the SSL VPN log:
2018:11:03-23:58:39 firewall openvpn[27856]: 195.171.237.220:59662 Non-OpenVPN client protocol detected 2018:11:03-23:58:39 firewall openvpn[27856]: 195.171.237.220:59662 SIGTERM[soft,port-share-redirect] received, client-instance exiting
This thread was automatically locked due to age.
