Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 27 subscribers
  • Views 3778 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SSL VPN Over TCP Port 80 sending instantly "RESET" Flag after the initial "SYN" From the SSL Client

Felix Lehmann1

Hey Mates, I cound need a little help.

After Configuring the SSL VPN on UDP, i choose to revert the settings back to TCP. It initialy worked fine but since that moment the XG is sending back an RESET Flag packet back to the Client.
10:37:01.362891 Port4, IN: IP WINHOST.49713 > SFOSXG.www: Flags [SEW], seq 1162704604, win 8192, options [mss 1412,nop,wscale 8,nop,nop,sackOK], length 0
10:37:01.363027 Port4, OUT: IP SFOSXG.www > WINHOST.49713: Flags [R.], seq 0, ack 1162704605, win 0, length 0
10:37:01.892886 Port4, IN: IP WINHOST.49713 > SFOSXG.www: Flags [S ], seq 1162704604, win 8192, options [mss 1412,nop,wscale 8,nop,nop,sackOK], length 0
10:37:01.892980 Port4, OUT: IP SFOSXG.www > WINHOST.49713: Flags [R.], seq 0, ack 1, win 0, length 0
10:37:02.424412 Port4, IN: IP WINHOST.49713 > SFOSXG.www: Flags [S ], seq 1162704604, win 8192, options [mss 1412,nop,nop,sackOK], length 0
10:37:02.424494 Port4, OUT: IP SFOSXG.www > WINHOST.49713: Flags [R.], seq 0, ack 1, win 0, length 0

The Wireshark output on the client is showing all packets returning to the Client so nothing seems to be missing

 

 Obviously there is nothing appearing in the SSL VPN Log file because no TCP connection can be established

 

The Netstat is telling about an open port on TCP 80 but i am a bit confused about the IPv6 only entry for port 80-tcp...

SFVH_SO01_SFOS 17.1.2 MR-2# netstat -tunpl | grep :80
tcp 0 0 127.0.0.1:8088 0.0.0.0:* LISTEN 2704/ctasd.bin
tcp 0 0 127.0.0.1:8089 0.0.0.0:* LISTEN 2656/ctasd.bin
tcp 0 0 0.0.0.0:8094 0.0.0.0:* LISTEN 2579/awarrenmta
tcp 0 0 :::8009 :::* LISTEN 2435/java
tcp 0 0 :::80 :::* LISTEN 3033/sslvpn
tcp 0 0 :::8094 :::* LISTEN 2579/awarrenmta
udp 0 0 :::8005 :::* 2435/java

The SSL VPN Config itself looks like the following:

To prevent questions like the following and on order to offer more info:

Yes i've checked the SSL VPN CheckBox in the WAN Zone.

The Sophos XG is NATed behind a Router but the same Config worked fine with the Sophos UTM a few days ago.

Ive already tried do restart the Service and the XG twice

Switching back to udp is just a temporary solution

 

Tell me if you got any ideas!
I dont have any further Idear

 

Kind Regards

 

Felix



This thread was automatically locked due to age.