Reflexion will be End-of-life on March 31,2023. See Sophos Reflexion EoL FAQs to learn more.
Hi,
i have got a problem with Site2Site VPN (SSL).I would like to connect to two different VPNs, but its not possible. See the problem below. Both tunnels were closed by the UTM, because of "username attempted to change from"
2016:02:15-00:48:04 example openvpn[24761]: REF_AaaUse1/::ffff:1.2.3.4 PLUGIN_CALL: POST /usr/lib/openvpn/plugins/openvpn-plugin-utm.so/PLUGIN_AUTH_USER_PASS_VERIFY status=22016:02:15-00:48:04 example openvpn[24761]: REF_AaaUse1/::ffff:1.2.3.4 TLS Auth Error: username attempted to change from 'REF_AaaUse1' to 'REF_AaaUse3' -- tunnel disabled2016:02:15-00:48:04 example openvpn[24761]: REF_AaaUse1/::ffff:1.2.3.4 TLS Auth Error: Auth Username/Password verification failed for peer2016:02:15-00:48:04 example openvpn[24761]: REF_AaaUse1/::ffff:1.2.3.4 TLS: move_session: dest=TM_ACTIVE src=TM_UNTRUSTED reinit_src=1
Is it bug?
Thanks in advance.
this problem is solved in current UTM 9.4 release.
Thank you for testing and sharing your experience.
Grettings
Holger
Hi Holger,
I installed the latest beta update (9.375-5), but the problem is not solved yet.
2016:03:16-21:36:00 test123 openvpn[11910]: REF_AaaUse3/x.x.x.x:43968 PLUGIN_CALL: POST /usr/lib/openvpn/plugins/openvpn-plugin-utm.so/PLUGIN_AUTH_USER_PASS_VERIFY status=22016:03:16-21:36:00 test123 openvpn[11910]: REF_AaaUse3/x.x.x.x:43968 TLS Auth Error: username attempted to change from 'REF_AaaUse3' to 'REF_AaaUse1' -- tunnel disabled2016:03:16-21:36:00 test123 openvpn[11910]: REF_AaaUse3/x.x.x.x:43968 TLS Auth Error: Auth Username/Password verification failed for peer
Or do I need a special configuration?
Greetings
basti
Yes, you're right. The fix didn't make it into 9.375. It will be in the soft-release of UTM 9.4.
Please check it out, it is scheduled to be released today if I'm not mistaken. =)