Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 27 subscribers
  • Views 906 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SSL VPN is not connecting

Veera P

Hi 

i am able to login user interface and download in install the client and conf for windows and installed the client

when i am connecting i am getting below error

Mon Apr 12 19:02:21 2021 OpenVPN 2.3.8 i686-w64-mingw32 [SSL (OpenSSL)] [LZO] [IPv6] built on Jul 3 2017
Mon Apr 12 19:02:21 2021 library versions: OpenSSL 1.0.2l 25 May 2017, LZO 2.09
Enter Management Password:
Mon Apr 12 19:02:21 2021 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Mon Apr 12 19:02:21 2021 Need hold release from management interface, waiting...
Mon Apr 12 19:02:22 2021 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Mon Apr 12 19:02:22 2021 MANAGEMENT: CMD 'state on'
Mon Apr 12 19:02:22 2021 MANAGEMENT: CMD 'log all on'
Mon Apr 12 19:02:22 2021 MANAGEMENT: CMD 'hold off'
Mon Apr 12 19:02:22 2021 MANAGEMENT: CMD 'hold release'
Mon Apr 12 19:02:30 2021 MANAGEMENT: CMD 'username "Auth" "rahul annae"'
Mon Apr 12 19:02:30 2021 MANAGEMENT: CMD 'password [...]'
Mon Apr 12 19:02:31 2021 Socket Buffers: R=[65536->65536] S=[65536->65536]
Mon Apr 12 19:02:31 2021 Attempting to establish TCP connection with [AF_INET]                       [nonblock]
Mon Apr 12 19:02:31 2021 MANAGEMENT: >STATE:1618234351,TCP_CONNECT,,,,,,
Mon Apr 12 19:02:32 2021 TCP connection established with [AF_INET]  
Mon Apr 12 19:02:32 2021 TCPv4_CLIENT link local: [undef]
Mon Apr 12 19:02:32 2021 TCPv4_CLIENT link remote: [AF_INET]
Mon Apr 12 19:02:32 2021 MANAGEMENT: >STATE:1618234352,WAIT,,,,,,
Mon Apr 12 19:02:32 2021 MANAGEMENT: >STATE:1618234352,AUTH,,,,,,
Mon Apr 12 19:02:32 2021 TLS: Initial packet from [AF_INET]                 , sid=430fe7e8 b89df388
Mon Apr 12 19:02:32 2021 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Mon Apr 12 19:02:32 2021 VERIFY OK: depth=1, C=IN, ST=Gujarat, L=Ahmedabad, O=Cyberoam, OU=Cyberoam Appliance, CN=Cyberoam Appliance CA_C12616133376, emailAddress=info@cyberoam.com
Mon Apr 12 19:02:32 2021 VERIFY X509NAME OK: C=IN, ST=Gujarat, L=Ahmedabad, O=Cyberoam, OU=Cyberoam Appliance, CN=CyberoamApplianceCertificate_C12616133376, emailAddress=info@cyberoam.com
Mon Apr 12 19:02:32 2021 VERIFY OK: depth=0, C=IN, ST=Gujarat, L=Ahmedabad, O=Cyberoam, OU=Cyberoam Appliance, CN=CyberoamApplianceCertificate_C12616133376, emailAddress=info@cyberoam.com
Mon Apr 12 19:02:33 2021 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Mon Apr 12 19:02:33 2021 Data Channel Encrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
Mon Apr 12 19:02:33 2021 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Mon Apr 12 19:02:33 2021 Data Channel Decrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
Mon Apr 12 19:02:33 2021 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
Mon Apr 12 19:02:33 2021 [CyberoamApplianceCertificate_C12616133376] Peer Connection Initiated with [AF_INET]
Mon Apr 12 19:02:34 2021 MANAGEMENT: >STATE:1618234354,GET_CONFIG,,,,,,
Mon Apr 12 19:02:35 2021 SENT CONTROL [CyberoamApplianceCertificate_C12616133376]: 'PUSH_REQUEST' (status=1)
Mon Apr 12 19:02:35 2021 AUTH: Received control message: AUTH_FAILED
Mon Apr 12 19:02:35 2021 SIGUSR1[soft,auth-failure] received, process restarting
Mon Apr 12 19:02:35 2021 MANAGEMENT: >STATE:1618234355,RECONNECTING,auth-failure,,,,,
Mon Apr 12 19:02:35 2021 Restart pause, 5 second(s)



This thread was automatically locked due to age.
Parents
  • FormerMember
    0 FormerMember

    Hi ,

    Thanks for reaching out to the Community! 

    The error messages are related to the authentication. Did you configure local or AD users? 

    If the user belongs to AD, did you select your AD server at Authentication > Services > SSL VPN authentication methods? 

    To get the verbose logs, put the access_server service in debug from the Advanced Shell by the following command and collect the logs: 

    service access_server:debug -ds nosync 

    Note: Run the same command to remove the service from the debugging. 

    Thanks,

  • 0 in reply to FormerMember

    Hi Patel

    The users is local , its not from AD 

    Thanks

Reply Children
No Data