my ssl s2s vpn on the client utm lost it's route to the remote network. I had to re-download the client config and reconfigure the client utm in order to repair it. No other changes were required, but this should be fixed before GA release
Did you update the s2s client or the server side? And what version is the other UTM running?
Both client and server are at 9.100-8. The client was actually running the 9.1 betas for the past 2 months and worked fine, it wasn't until the server was updated from 9.06 to 9.1 when it stopped.
To resolve all I needed to do was login to the server, download the s2s ssl client config (no changes made), then login to the client and upload the config to the existing s2s ssl setup and it started working.
previous to this the s2s vpn status overview would display as:
So, your problem was the "unknown" remote network? Besides that the connection was displayed as green/connected, but no traffic was passing through?
Correct, because it no longer knew what the remote network was, there was no route to it so the traffic wasn't going across the vpn. Other than that it looked fine as yes it connected and showed as green at both ends, just simply didn't work.
That's strange. The remote network operation is not part of the client configuration package, but it's pushed to the client on a per connection base. Could you check the log file for errors from back when it didn't work.
Could you check if there's any errors in confd-debug.log for the time when the tunnel wasn't working. You can search for openvpn to find where something has been queued that lead to an error (lines with an E or W prefix may be interesting here).
