Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 7 replies
  • Subscribers 27 subscribers
  • Views 7138 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SSL Remote Access does'nt work with Port 443

HL2

Hi,

at home i use an XG Firewall with Firmware SFOS 16.01.2.

My customers has all UTM 9.x with configured SSL VPN. Every UTM is configured with an random Port e.g. 4422, 4323, 4343 ....

One customer has an UTM with Port 443 configured for the SSL Connection.

With my XG Firewall i can connect to all customers with Port 4422, 4323, 4343 .... Only to the costumer with Port 443 i can't connect. If i change the Port on customer UTM to 4422, 4323, 4343 .... the connection works flawless.


I doesn't have any https scanning active nevertheless i created an exeption for that.

Sadly it doesn't work. I can't see any blocked connection in log.
Https in webbrowser works without problems

Can anybody help me?
Thanks!



This thread was automatically locked due to age.
Parents
  • 0

    HL2,

    from the console, type drop-packet capture "host x.x.x.x" and see if something is blocked to remote ip.

    Post the result.

    Thanks

  • 0 in reply to lferrara

    Hi Luk,

    there is no blocked connection.

    Here my SSL VPN Log

    Wed Nov 30 18:52:24 2016 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
    Wed Nov 30 18:52:24 2016 Socket Buffers: R=[8192->8192] S=[8192->8192]
    Wed Nov 30 18:52:24 2016 MANAGEMENT: >STATE:1480528344,RESOLVE,,,
    Wed Nov 30 18:52:24 2016 Attempting to establish TCP connection with [AF_INET]X.X.X.X:443 [nonblock]
    Wed Nov 30 18:52:24 2016 MANAGEMENT: >STATE:1480528344,TCP_CONNECT,,,
    Wed Nov 30 18:52:25 2016 TCP connection established with [AF_INET]X.X.X.X:443
    Wed Nov 30 18:52:25 2016 TCPv4_CLIENT link local: [undef]
    Wed Nov 30 18:52:25 2016 TCPv4_CLIENT link remote: [AF_INET]X.X.X.X:443
    Wed Nov 30 18:52:25 2016 MANAGEMENT: >STATE:1480528345,WAIT,,,
    Wed Nov 30 18:52:25 2016 Connection reset, restarting [-1]
    Wed Nov 30 18:52:25 2016 SIGUSR1[soft,connection-reset] received, process restarting
    Wed Nov 30 18:52:25 2016 MANAGEMENT: >STATE:1480528345,RECONNECTING,connection-reset,,
    Wed Nov 30 18:52:25 2016 Restart pause, 5 second(s)

    and the capture log at the same time

Reply
  • 0 in reply to lferrara

    Hi Luk,

    there is no blocked connection.

    Here my SSL VPN Log

    Wed Nov 30 18:52:24 2016 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
    Wed Nov 30 18:52:24 2016 Socket Buffers: R=[8192->8192] S=[8192->8192]
    Wed Nov 30 18:52:24 2016 MANAGEMENT: >STATE:1480528344,RESOLVE,,,
    Wed Nov 30 18:52:24 2016 Attempting to establish TCP connection with [AF_INET]X.X.X.X:443 [nonblock]
    Wed Nov 30 18:52:24 2016 MANAGEMENT: >STATE:1480528344,TCP_CONNECT,,,
    Wed Nov 30 18:52:25 2016 TCP connection established with [AF_INET]X.X.X.X:443
    Wed Nov 30 18:52:25 2016 TCPv4_CLIENT link local: [undef]
    Wed Nov 30 18:52:25 2016 TCPv4_CLIENT link remote: [AF_INET]X.X.X.X:443
    Wed Nov 30 18:52:25 2016 MANAGEMENT: >STATE:1480528345,WAIT,,,
    Wed Nov 30 18:52:25 2016 Connection reset, restarting [-1]
    Wed Nov 30 18:52:25 2016 SIGUSR1[soft,connection-reset] received, process restarting
    Wed Nov 30 18:52:25 2016 MANAGEMENT: >STATE:1480528345,RECONNECTING,connection-reset,,
    Wed Nov 30 18:52:25 2016 Restart pause, 5 second(s)

    and the capture log at the same time

Children
No Data