XGS4500 (SFOS 19.0.1 MR-1-Build365)
Our SSL VPN stopped allowing two-way communications. We can ping the VPN Client IP from inside the network. Once the client connects, the client cannot communicate to anything (full tunnel). NSLOOKUP, PING, etc.
No rules have changed, all was working previously as expected.
In some circumstance the user can disconnect/reconnect and then they are fine.
We first noticed the issue on 09.06.2022. On 09.07.2022 we restarted the VPN services, this seemed to remedy the situation, but it was not fixed for all clients. And some reverted to broken again.
on 09.08.2022 we updated the firmware hoping to resolve the issue. The issues still persists, and now iPAD VPN clients have the same problem.
A packet capture shows:
A inbound DNS Request from VPN Client to Domain Controller then it says violation firewall
Nothing reflected in any logs that corresponds to that violation..
The only other clue is in the Authentication log:
User failed to login to Firewall through AD,AD,Local authentication mechanism because of wrong credentials
This is related the Heartbeat.
This thread was automatically locked due to age.
