This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SSL VPN - only one user

Hello all,

I'm coming to you because I have a user with a weird phenomena with the SSL VPN - all other users are working fine:
- The SSL VPN connects without any other problems
- But it can't connect to the clients/server
 
The Firewall and the VPN client is are up-to-date. Here the log from the SSL VPN Client:

Sun Feb 12 20:54:37 2023 MANxxEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Sun Feb 12 20:54:37 2023 Need hold release from manxxement interface, waiting...
Sun Feb 12 20:54:37 2023 MANxxEMENT: Client connected from [AF_INET]127.0.0.1:25340
Sun Feb 12 20:54:37 2023 MANxxEMENT: CMD 'state on'
Sun Feb 12 20:54:37 2023 MANxxEMENT: CMD 'log all on'
Sun Feb 12 20:54:37 2023 MANxxEMENT: CMD 'hold off'
Sun Feb 12 20:54:37 2023 MANxxEMENT: CMD 'hold release'
Sun Feb 12 20:54:58 2023 MANxxEMENT: CMD 'username "Auth" "xx"'
Sun Feb 12 20:54:58 2023 MANxxEMENT: CMD 'password [...]'
Sun Feb 12 20:54:58 2023 Socket Buffers: R=[65536->65536] S=[65536->65536]
Sun Feb 12 20:54:58 2023 MANxxEMENT: >STATE:1676231698,RESOLVE,,,,,,
Sun Feb 12 20:54:58 2023 Attempting to establish TCP connection with [AF_INET]xx.xx.xx.xx:4443 [nonblock]
Sun Feb 12 20:54:58 2023 MANxxEMENT: >STATE:1676231698,TCP_CONNECT,,,,,,
Sun Feb 12 20:54:59 2023 TCP connection established with [AF_INET]xx.xx.xx.xx:4443
Sun Feb 12 20:54:59 2023 TCPv4_CLIENT link local: [undef]
Sun Feb 12 20:54:59 2023 TCPv4_CLIENT link remote: [AF_INET]xx.xx.xx.xx:4443
Sun Feb 12 20:54:59 2023 MANxxEMENT: >STATE:1676231699,WAIT,,,,,,
Sun Feb 12 20:55:00 2023 MANxxEMENT: >STATE:1676231700,AUTH,,,,,,
Sun Feb 12 20:55:00 2023 TLS: Initial packet from [AF_INET]xx.xx.xx.xx:4443, sid=08f89ac3 8b1878a0
Sun Feb 12 20:55:00 2023 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Sun Feb 12 20:55:01 2023 VERIFY OK: depth=1, C=ch, L=xx, O=xx xx, CN=xx xx VPN CA, emailAddress=xx@gmxxx
Sun Feb 12 20:55:01 2023 VERIFY X509NAME OK: C=ch, L=xx, O=xx xx, CN=xxxx, emailAddress=xx@gmxxx
Sun Feb 12 20:55:01 2023 VERIFY OK: depth=0, C=ch, L=xx, O=xx xx, CN=xxxx, emailAddress=xx@gmxxx
Sun Feb 12 20:55:07 2023 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Sun Feb 12 20:55:07 2023 Data Channel Encrypt: Using 160 bit messxxe hash 'SHA1' for HMAC authentication
Sun Feb 12 20:55:07 2023 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Sun Feb 12 20:55:07 2023 Data Channel Decrypt: Using 160 bit messxxe hash 'SHA1' for HMAC authentication
Sun Feb 12 20:55:07 2023 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Sun Feb 12 20:55:07 2023 [xxxx] Peer Connection Initiated with [AF_INET]xx.xx.xx.xx:4443
Sun Feb 12 20:55:08 2023 MANxxEMENT: >STATE:1676231708,GET_CONFIG,,,,,,
Sun Feb 12 20:55:09 2023 SENT CONTROL [xxxx]: 'PUSH_REQUEST' (status=1)
Sun Feb 12 20:55:10 2023 PUSH: Received control messxxe: 'PUSH_REPLY,route-gateway 10.242.2.1,route-gateway 10.242.2.1,topology subnet,ping 10,ping-restart 120,route 192.168.169.20 255.255.255.255,route 192.168.169.231 255.255.255.255,route 192.168.169.202 255.255.255.255,route 192.168.169.38 255.255.255.255,route 192.168.169.219 255.255.255.255,route 192.168.169.217 255.255.255.255,route 192.168.169.203 255.255.255.255,ifconfig 10.242.2.2 255.255.255.0'
Sun Feb 12 20:55:10 2023 OPTIONS IMPORT: timers and/or timeouts modified
Sun Feb 12 20:55:10 2023 OPTIONS IMPORT: --ifconfig/up options modified
Sun Feb 12 20:55:10 2023 OPTIONS IMPORT: route options modified
Sun Feb 12 20:55:10 2023 OPTIONS IMPORT: route-related options modified
Sun Feb 12 20:55:10 2023 ROUTE_GATEWAY 192.168.1.1/255.255.255.0 I=20 HWADDR=74:70:fd:1a:dc:a4
Sun Feb 12 20:55:10 2023 open_tun, tt->ipv6=0
Sun Feb 12 20:55:10 2023 TAP-WIN32 device [Ethernet 2] opened: \\.\Global\{A4AA48F9-4A5F-4C38-85DB-E180400554F9}.tap
Sun Feb 12 20:55:10 2023 TAP-Windows Driver Version 9.21
Sun Feb 12 20:55:10 2023 Set TAP-Windows TUN subnet mode network/local/netmask = 10.242.2.0/10.242.2.2/255.255.255.0 [SUCCEEDED]
Sun Feb 12 20:55:10 2023 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.242.2.2/255.255.255.0 on interface {A4AA48F9-4A5F-4C38-85DB-E180400554F9} [DHCP-serv: 10.242.2.254, lease-time: 31536000]
Sun Feb 12 20:55:10 2023 Successful ARP Flush on interface [14] {A4AA48F9-4A5F-4C38-85DB-E180400554F9}
Sun Feb 12 20:55:10 2023 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Sun Feb 12 20:55:10 2023 MANxxEMENT: >STATE:1676231710,ASSIGN_IP,,10.242.2.2,,,,
Sun Feb 12 20:55:14 2023 TEST ROUTES: 8/8 succeeded len=8 ret=1 a=0 u/d=up
Sun Feb 12 20:55:14 2023 MANxxEMENT: >STATE:1676231714,ADD_ROUTES,,,,,,
Sun Feb 12 20:55:14 2023 C:\WINDOWS\system32\route.exe ADD xx.xx.xx.xx MASK 255.255.255.255 192.168.1.1
Sun Feb 12 20:55:14 2023 Route addition via service succeeded
Sun Feb 12 20:55:14 2023 C:\WINDOWS\system32\route.exe ADD 192.168.169.20 MASK 255.255.255.255 10.242.2.1
Sun Feb 12 20:55:14 2023 Route addition via service succeeded
Sun Feb 12 20:55:14 2023 C:\WINDOWS\system32\route.exe ADD 192.168.169.231 MASK 255.255.255.255 10.242.2.1
Sun Feb 12 20:55:14 2023 Route addition via service succeeded
Sun Feb 12 20:55:14 2023 C:\WINDOWS\system32\route.exe ADD 192.168.169.202 MASK 255.255.255.255 10.242.2.1
Sun Feb 12 20:55:14 2023 Route addition via service succeeded
Sun Feb 12 20:55:14 2023 C:\WINDOWS\system32\route.exe ADD 192.168.169.38 MASK 255.255.255.255 10.242.2.1
Sun Feb 12 20:55:14 2023 Route addition via service succeeded
Sun Feb 12 20:55:14 2023 C:\WINDOWS\system32\route.exe ADD 192.168.169.219 MASK 255.255.255.255 10.242.2.1
Sun Feb 12 20:55:14 2023 Route addition via service succeeded
Sun Feb 12 20:55:14 2023 C:\WINDOWS\system32\route.exe ADD 192.168.169.217 MASK 255.255.255.255 10.242.2.1
Sun Feb 12 20:55:14 2023 Route addition via service succeeded
Sun Feb 12 20:55:14 2023 C:\WINDOWS\system32\route.exe ADD 192.168.169.203 MASK 255.255.255.255 10.242.2.1
Sun Feb 12 20:55:14 2023 Route addition via service succeeded
Sun Feb 12 20:55:14 2023 Initialization Sequence Completed
Sun Feb 12 20:55:14 2023 MANxxEMENT: >STATE:1676231714,CONNECTED,SUCCESS,10.242.2.2,xx.xx.xx.xx,4443,192.168.1.106,63852

On the firewall i see that the user is connect. SSL VPN is actived "automatic firewall rules. Client is a Windows 10.

Some ideas for this strange issue?

Best regards



This thread was automatically locked due to age.
Parents
  • Hello jprusch,

    Thank you for your help.

    Here the printscreen:

    We have the user under Users and Groups and under the Local Networks we have 3 Hosts with one IP Adress

    LAn 1: 192.168.169.x

    Lan 2: 192.168.169.x

    LAn 3: 192.168.169.x

    Here some more Infos about VPN Defintion:

    Where do you see the entry with the /32 in the Logfile? Do you need any other info?

    Thank you for your help.

    Best regards

  • I remember there being a bug in Windows 10 from a KB, but I don't remember the exact issues it was having.  It might be that.

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

Reply
  • I remember there being a bug in Windows 10 from a KB, but I don't remember the exact issues it was having.  It might be that.

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

Children
No Data