Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 3 replies
  • Subscribers 27 subscribers
  • Views 1455 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XG, SSLVPN Issues

Simon-Timothy Folaji

Hello Community,

i have a little problem setting up SSLVPN for my XG. I´ve followed this article: https://community.sophos.com/kb/en-us/122769

When i try to setup a connection via sslvpn client, i receive the following error:

Tue Mar 26 15:13:54 2019 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Tue Mar 26 15:13:54 2019 TLS Error: TLS handshake failed

I´ve also seen in the log that the client tries to connect to 192.168.0.1 which is the internal ip address of my XG, so i changed the configfile to the public ip like this:

remote my.public.ip.adress 443

Now i see that ip address in the log but still same error message.

The XG is accessible from remote via VPN, telnet to port 443 is open.

Question: Why comes the config file from the userportal with a wrong (private) ip address?

Why can´t i access the network?

Thanks!!

 



This thread was automatically locked due to age.
Parents
  • 0

    I figured that out by myself:

    I had to put the source network VPN in my zone-traffic fw-rule, all fine!

    But one tiny issue persists:

    The generated SSLVPN config file is missing the external dns name (or ip) of my sophos appliance. I was editing the config file from hand, but thats not what i want. How can i tell the xg to put that information into the config file as well?

    Any suggestions are highly recommended.

    Kind regards

Reply
  • 0

    I figured that out by myself:

    I had to put the source network VPN in my zone-traffic fw-rule, all fine!

    But one tiny issue persists:

    The generated SSLVPN config file is missing the external dns name (or ip) of my sophos appliance. I was editing the config file from hand, but thats not what i want. How can i tell the xg to put that information into the config file as well?

    Any suggestions are highly recommended.

    Kind regards

Children