Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 2 replies
  • Answers 2 answers
  • Subscribers 27 subscribers
  • Views 1351 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SSL VPN Service dead

Juan-Pierre Botha

Good day Guys, 

I hope someone has an answer, I'm running a Sophos XGS4300 in HA at a client. 

The firewalls are claiming the SSL VPN service is dead. 

I've tried rebooting the device and restarting the service manually with service sslvpn:restart -ds nosync. 

Unfortunately both did not work. 

Any advise will be appreciated. 

Regards 



This thread was automatically locked due to age.
Parents
  • 0

    Hi : Thank you for reaching out to the Sophos community team. If the issue appeared with any recent changes you may try by restoring the previous back up which was taken with SSL VPN service running time (this should help). If this option is not possible then you may check the CSC service debug logs and other logs file (csc.log. applog.log, sslvpn.log) when you are trying for service restart manually to get the clue from problematic logs. Also, you may open a support investigation to track it further if it is a kind of critical situation for you due to service dead to get immediate assistance. 

    CSC debug command from the shell:

    #csc custom debug

    The same command will revert the debug mode. After require log collection please revert it back to normal mode with the same command.

Reply
  • 0

    Hi : Thank you for reaching out to the Sophos community team. If the issue appeared with any recent changes you may try by restoring the previous back up which was taken with SSL VPN service running time (this should help). If this option is not possible then you may check the CSC service debug logs and other logs file (csc.log. applog.log, sslvpn.log) when you are trying for service restart manually to get the clue from problematic logs. Also, you may open a support investigation to track it further if it is a kind of critical situation for you due to service dead to get immediate assistance. 

    CSC debug command from the shell:

    #csc custom debug

    The same command will revert the debug mode. After require log collection please revert it back to normal mode with the same command.

Children
  • 0 in reply to Vishal_R

    Good day Vishal, 

    Thank you for the response. 

    The issue was quite simple as i just needed to fill in the CA for the default Appliance Certificate. 

    What bothers me is that the Service status was "dead", the least Sophos can do is create a KB article explaining this. 

    As this is a new issue with the XGS series and was never an issue on the previous SG or XG firewalls. 

    The SSL Client would either connect or not and you'd have to go an fill in the CA. 

    It wouldn't give you a SSL VPN status "dead". 

    Hopefully this article helps someone else with the same issue though. 

    Regards