[7.450][BUG][NOTABUG] SSL-VPN does not work as expected

Hi,

I've a problem connecting to my home-astaro with vpn-ssl. The VPN works, I get an ip-adress and I'm able to ping my pc at home. But...
- I can not connect with rdp to my server...
- I can connect with ultra-vnc to my pc...
- I can not use any network ressource on the network at work...
- I can not use anything on the web (behind our asg-320 at work)

The old behavior (7.402) was:
No problem with connections to home-server via rdp/vnc and servers at work via rdp/vnc at the same time. Websurfing via asg-320 at work without problems...

Regards,
Rainer

0 Knudel over 16 years ago in reply to Tim_Astaro

Hi Tom,

As I posted yesterday, I've switch back to version 7.402 for testing. Now I'm at work, so a swap to 7.45 isn't possible at the moment. I do this after work today.

Yesterday, I've done a route print with 7.45 and one with 7.402. Here are the results:

This is the routing table with 7.45:
H:\>route print
===========================================================================
Schnittstellenliste
0x1 ........................... MS TCP Loopback interface
0x2 ...00 50 56 c0 00 08 ...... VMware Virtual Ethernet Adapter for VMnet8
0x3 ...00 50 56 c0 00 01 ...... VMware Virtual Ethernet Adapter for VMnet1
0x4 ...00 30 05 3f c3 9a ...... Intel(R) PRO/100 VE Network Connection - Paketplaner-Miniport
0x5 ...00 ff 14 8a 18 8d ...... Astaro SSL VPN Adapter - Paketplaner-Miniport
===========================================================================
===========================================================================
Aktive Routen:
     Netzwerkziel    Netzwerkmaske          Gateway   Schnittstelle  Anzahl
          0.0.0.0          0.0.0.0     10.100.25.11   10.100.25.137       20
      10.100.25.0    255.255.255.0    10.100.25.137   10.100.25.137       20
    10.100.25.137  255.255.255.255        127.0.0.1       127.0.0.1       20
       10.242.2.1  255.255.255.255       10.242.2.5      10.242.2.6       1
       10.242.2.4  255.255.255.252       10.242.2.6      10.242.2.6       30
       10.242.2.6  255.255.255.255        127.0.0.1       127.0.0.1       30
   10.255.255.255  255.255.255.255    10.100.25.137   10.100.25.137       20
   10.255.255.255  255.255.255.255       10.242.2.6      10.242.2.6       30
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1       1
       172.16.0.0    255.255.255.0       10.242.2.5      10.242.2.6       1
       172.21.1.0    255.255.255.0       172.21.1.1      172.21.1.1       20
       172.21.1.1  255.255.255.255        127.0.0.1       127.0.0.1       20
       172.21.8.0    255.255.255.0       172.21.8.1      172.21.8.1       20
       172.21.8.1  255.255.255.255        127.0.0.1       127.0.0.1       20
   172.21.255.255  255.255.255.255       172.21.1.1      172.21.1.1       20
   172.21.255.255  255.255.255.255       172.21.8.1      172.21.8.1       20
        224.0.0.0        240.0.0.0    10.100.25.137   10.100.25.137       20
        224.0.0.0        240.0.0.0       10.242.2.6      10.242.2.6       30
        224.0.0.0        240.0.0.0       172.21.1.1      172.21.1.1       20
        224.0.0.0        240.0.0.0       172.21.8.1      172.21.8.1       20
  255.255.255.255  255.255.255.255    10.100.25.137   10.100.25.137       1
  255.255.255.255  255.255.255.255       10.242.2.6      10.242.2.6       1
  255.255.255.255  255.255.255.255       172.21.1.1      172.21.1.1       1
  255.255.255.255  255.255.255.255       172.21.8.1      172.21.8.1       1
Standardgateway:      10.100.25.11
===========================================================================
Ständige Routen:
  Keine

This routing table comes from 7.402:

  H:\>route print
===========================================================================
Schnittstellenliste
0x1 ........................... MS TCP Loopback interface
0x2 ...00 50 56 c0 00 08 ...... VMware Virtual Ethernet Adapter for VMnet8
0x3 ...00 50 56 c0 00 01 ...... VMware Virtual Ethernet Adapter for VMnet1
0x4 ...00 30 05 3f c3 9a ...... Intel(R) PRO/100 VE Network Connection - Paketplaner-Miniport
0x5 ...00 ff 14 8a 18 8d ...... Astaro SSL VPN Adapter - Paketplaner-Miniport
===========================================================================
===========================================================================
Aktive Routen:
     Netzwerkziel    Netzwerkmaske          Gateway   Schnittstelle  Anzahl
          0.0.0.0          0.0.0.0     10.100.25.11   10.100.25.137       20
      10.100.25.0    255.255.255.0    10.100.25.137   10.100.25.137       20
    10.100.25.137  255.255.255.255        127.0.0.1       127.0.0.1       20
       10.242.2.1  255.255.255.255       10.242.2.5      10.242.2.6       1
       10.242.2.4  255.255.255.252       10.242.2.6      10.242.2.6       30
       10.242.2.6  255.255.255.255        127.0.0.1       127.0.0.1       30
   10.255.255.255  255.255.255.255    10.100.25.137   10.100.25.137       20
   10.255.255.255  255.255.255.255       10.242.2.6      10.242.2.6       30
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1       1
       172.16.0.0    255.255.255.0       10.242.2.5      10.242.2.6       1
       172.21.1.0    255.255.255.0       172.21.1.1      172.21.1.1       20
       172.21.1.1  255.255.255.255        127.0.0.1       127.0.0.1       20
       172.21.8.0    255.255.255.0       172.21.8.1      172.21.8.1       20
       172.21.8.1  255.255.255.255        127.0.0.1       127.0.0.1       20
   172.21.255.255  255.255.255.255       172.21.1.1      172.21.1.1       20
   172.21.255.255  255.255.255.255       172.21.8.1      172.21.8.1       20
        224.0.0.0        240.0.0.0    10.100.25.137   10.100.25.137       20
        224.0.0.0        240.0.0.0       10.242.2.6      10.242.2.6       30
        224.0.0.0        240.0.0.0       172.21.1.1      172.21.1.1       20
        224.0.0.0        240.0.0.0       172.21.8.1      172.21.8.1       20
  255.255.255.255  255.255.255.255    10.100.25.137   10.100.25.137       1
  255.255.255.255  255.255.255.255       10.242.2.6      10.242.2.6       1
  255.255.255.255  255.255.255.255       172.21.1.1      172.21.1.1       1
  255.255.255.255  255.255.255.255       172.21.8.1      172.21.8.1       1
Standardgateway:      10.100.25.11
===========================================================================
Ständige Routen:
  Keine

@Bob
I can connect to my Astaro at home from work.

Question: I've just discovered a problem with our proxy-auto-config with wpad (dhcp-option 252). Could this cause the problem?

Greets,
Rainer.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 BAlfson over 16 years ago in reply to Knudel

Is this related? "Automatically Detect Settings" Does Not Work if You Configure DHCP Option 252
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Knudel over 16 years ago in reply to BAlfson

No.

off-topic:
We have a weird configuration.
One internal server named wpad for autoconfiguration of IE and Firefox wich works perfect. At home, in my own domain, there's also a server called wpad wich delivers the settings for IE and Firefox (and dhcp configured with option 252). This works perfect for my own clients. There's also a wpad c-name in our external dns-namespace (not my idea), wich causes me a lot of problems...

Rainer.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

0 Astaro Beta Bot over 16 years ago in reply to Knudel

Astaro Beta Report
--------------------------------
Version: 7.450
Type: BUG
State: NOTABUG
Reporter: Knudel
Contributor: 
MantisID: 
--------------------------------

0 andyk007 over 16 years ago

hi,

are you using the ssl vpn client provided by 7.5 or are you using only the configuration of 7.5? Further do you have any dropped packets at /var/log/packetfilter.log if for example the rdp session is not possible?

Greetings
Andreas
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel