Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 3 replies
  • Subscribers 28 subscribers
  • Views 329 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

I haven't been able to access to a VPN through Sophos VPN or Client. Does it work in Ubuntu?

Diego Alejandro Gomez

Hello everybody, I'm trying to enter into a VPN from Sophos but I haven't been able. I'm new in this technology and that's why I'm not sure what else is missing

First of all I tried to access to a VPN through openvpn like the one in this video

1. Downloaded openVPN

2. Tested "sudo openvpn --config diego.gomez.external__ssl_vpn_config.ovpn"

3. I add my username and password... there are no errors in the console, but there is something suspicious that I saw

2023-04-03 14:00:12 net_route_v4_add: 217.24.201.70/32 via 192.168.1.1 dev [NULL] table 0 metric -1
2023-04-03 14:00:12 net_route_v4_add: 172.24.0.0/16 via 10.10.3.1 dev [NULL] table 0 metric -1
2023-04-03 14:00:12 net_route_v4_add: 172.24.1.10/32 via 10.10.3.1 dev [NULL] table 0 metric -1
2023-04-03 14:00:12 net_route_v4_add: 172.24.1.12/32 via 10.10.3.1 dev [NULL] table 0 metric -1
2023-04-03 14:00:12 net_route_v4_add: 192.168.137.0/24 via 10.10.3.1 dev [NULL] table 0 metric -1
2023-04-03 14:00:12 net_route_v4_add: 192.168.133.0/24 via 10.10.3.1 dev [NULL] table 0 metric -1
2023-04-03 14:00:12 net_route_v4_add: 192.168.10.0/24 via 10.10.3.1 dev [NULL] table 0 metric -1
2023-04-03 14:00:12 net_route_v4_add: 172.24.2.77/32 via 10.10.3.1 dev [NULL] table 0 metric -1
2023-04-03 14:00:12 net_route_v4_add: 192.168.133.14/32 via 10.10.3.1 dev [NULL] table 0 metric -1
2023-04-03 14:00:12 net_route_v4_add: 172.24.2.92/32 via 10.10.3.1 dev [NULL] table 0 metric -1
2023-04-03 14:00:12 net_route_v4_add: 192.168.133.16/32 via 10.10.3.1 dev [NULL] table 0 metric -1
2023-04-03 14:00:12 net_route_v4_add: 10.30.32.0/24 via 10.10.3.1 dev [NULL] table 0 metric -1
2023-04-03 14:00:12 net_route_v4_add: 192.168.137.200/32 via 10.10.3.1 dev [NULL] table 0 metric -1
2023-04-03 14:00:12 net_route_v4_add: 10.42.0.1/32 via 10.10.3.1 dev [NULL] table 0 metric -1
2023-04-03 14:00:12 net_route_v4_add: 192.168.167.0/24 via 10.10.3.1 dev [NULL] table 0 metric -1
2023-04-03 14:00:12 net_route_v4_add: 10.120.20.0/24 via 10.10.3.1 dev [NULL] table 0 metric -1
2023-04-03 14:00:12 net_route_v4_add: 172.24.2.34/32 via 10.10.3.1 dev [NULL] table 0 metric -1
2023-04-03 14:00:12 net_route_v4_add: 10.4.24.0/24 via 10.10.3.1 dev [NULL] table 0 metric -1
2023-04-03 14:00:12 net_route_v4_add: 10.128.0.0/24 via 10.10.3.1 dev [NULL] table 0 metric -1
2023-04-03 14:00:12 net_route_v4_add: 10.128.1.0/24 via 10.10.3.1 dev [NULL] table 0 metric -1
2023-04-03 14:00:12 net_route_v4_add: 217.24.201.70/32 via 192.168.1.1 dev [NULL] table 0 metric -1
2023-04-03 14:00:12 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2023-04-03 14:00:12 Initialization Sequence Completed

And the VPN connection is not working (even though the "sequence was completed")...

In my second try I downloaded a client from there I followed the instructions of the the README file like the following

Copernicus host: 217.24.201.70 # The IPV4 uri from vpn-fn.indra-avitech.aero
Username: <myUsername>
Encrypted password: <theEncryptedPassword>

But here I cannot specify the port with colon after the ipv4 address (When I do it, I receive a message telling me that I didn't specify an IPV4 address) and I receive a message telling me that it was not possible to connect to the specified address.

I'm out of ideas. Could please anyone help me?



This thread was automatically locked due to age.
  • 0

    Hello there,

    Good day and thanks for reaching out to Sophos Community, hope you are well

    Few queries:

    -What is the current Sophos Firewall Firmware? and current Ubuntu version?
    - Is the IP address of your WAN Static or DHCP?
    Also, could you share fi there is any logs regarding the connection that you can see on /log/sslvpn.log

    You can run this in Advance shell by typing tail -f /log/sslvpn.log https://support.sophos.com/support/s/article/KB-000035834?language=en_US

    Many thanks for your time and patience and thank you for choosing Sophos

    Cheers,

    Raphael Alganes
    Community Support Engineer | Sophos Technical Support
    Sophos Support Videos Product Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.

  • 0

    Is that „ Copernicus“ your own Sophos firewall? Did you configure the serverside properly?

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.

  • +1

    Hello Everybody, thanks a lot for your help. I could myself solve the problem and maybe it can also help other people. This was a part of the ovpn file:

    client
    dev tun
    proto tcp
    verify-x509-name "C=DE, L=Friedrichshafen, O=Indra Avitech GmbH, CN=*.indra-avitech.aero"
    route remote_host 255.255.255.255 net_gateway
    resolv-retry infinite
    nobind
    persist-key
    persist-tun

    The solution was to remove/comment the line "route remote_host 255.255.255.255 net_gateway" and it did the trick using openvpn. 

Unfiltered HTML