This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XG125 || Connection Errors with MS Products while SSL-VPN Client || Connection to VPN L2TP Cert failed in Win 10 || low IPSec credentials for L2TP PSK

Hi everybody,

this is a "copy" (https://community.sophos.com/products/unified-threat-management/f/german-forum/114929/xg125-ssl-vpn-client-und-ms-produkte-vpn-l2tp-cert-credentials-for-l2tp-pskof my question in the UTM Group because its a XG question.

Since the begining of august we try to calibrate a new XG 125 in our companynetwort and we want to use the VPN options because of different reasons.

- Customer support and remoteaccess (over one IP)

- connecting infrastructure over S2S

- protectionrules and policies for homeoffice worker and sales

But here starts our problems and my first try to chat with sophos ends with a ticket in the westcoase of USA - timedifference 9 h, so no option to call during officetime. Now they're trying to change the servicesupportzone from usa to UK but this could take month (answer from sophos) until a supportworker from sophos UK will answer me. because i dont have so much time, i will try it here.

We are a software developing company and the most of our workers are working in home office with own infrastructure like fritz box, ISP. A part of our work is software maintenance.

1. one securitypolicy to connect or get remoteaccess to the customersystem is to connect to the VPN. Now we use differnt vpn client because different problems. With the XG we start with the Sophos SSL Client (openVPN Base). But during the vpn connection we have connection problems with the officetools like Outlook and Onenote. If we cut the vpn the connection is fine.

- during vpn the Outlook loses the connection to the office365 exchange and cant reconnect (Errormsg: server not available or no internet) and in OneNote the notesync failed because the accessauth failed (errormsg: server not available or no internet).

- sometimes a reconnect to the VPN fixed the issue for 4 h but not continuously

> Firewallpolicy:

VPN (any host) to WAN (any host); any service; accept.

> No filters, no http scan, no https scan, just NAT

> and yes internet is connected

2. because of the problems in >1< we tried the buildin l2tp ipsec connection with certkey like here : https://community.sophos.com/kb/en-us/132253

- but we cant get any connection with certkey.

3. because of the problems in >1 and 2< we tried the buildin l2tp ipsec connection with psk

- but the connection with acceptable credentials like aes 256 failed. the only working l2tp connection needs md5 or less credentials.

- did anybody have some informations or help ?

thanks a lot,

Michael

This thread was automatically locked due to age.

Parents

0 Keyur over 6 years ago

Hi Michael Nährig

I would request you to PM the service request number.

Can you please share the L2VP connection logs while you connect he L2TP VPN from the user machine?
Cancel
Vote Up 0 Vote Down

Cancel
0 Michael Nährig over 6 years ago in reply to Keyur

Hi Keyur,

i send you the SR# by PM.

i try not to use the l2tp/l2vp connection and i'm not sure what you can see in the logs during the l2(t|v)p connection, when the connection is the problem.

to reduce the problems i use openVPN from https://openvpn.net instead of the sophos ssl clients. The problems with MS Products are the same, but the connectionlifetime is longer.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 Michael Nährig over 6 years ago in reply to Keyur

Hi Keyur,

i send you the SR# by PM.

i try not to use the l2tp/l2vp connection and i'm not sure what you can see in the logs during the l2(t|v)p connection, when the connection is the problem.

to reduce the problems i use openVPN from https://openvpn.net instead of the sophos ssl clients. The problems with MS Products are the same, but the connectionlifetime is longer.
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data