I am trying to connect SSL VPN from AWS VPC to SSL VPN (UTM) On-Prem Network. The SSL VPN client (on-prem UTM) is not able to connect to SSL VPN Server UTM.
Its failing and trying to reconnect without any success.
The SSL VPN has been configured on TCP port 443 and ensured that firewall is open for inbound and outbound on SSL VPN Server and outbound on SSL VPN Client
When I check Routing rules on UTM, I see error on both Server and client:
unreachable default dev lo table unspec proto kernel metric 4294967295 error -101
unreachable default dev lo table unspec proto kernel metric 4294967295 error -101
local ::1 dev lo table local proto none metric 0
unreachable default dev lo table unspec proto kernel metric 4294967295 error -101
I see similar errors on client also.
SSL VPN live logs on client UTM shows below:
2018:02:06-15:41:57 chi2pdidmcon01 openvpn[1283]: pull = ENABLED
2018:02:06-15:41:57 chi2pdidmcon01 openvpn[1283]: auth_user_pass_file = '/etc/openvpn/client/REF_SslClihubnon/credentials'
2018:02:06-15:41:57 chi2pdidmcon01 openvpn[1283]: OpenVPN 2.3.10 i686-suse-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Jun 29 2017
2018:02:06-15:41:57 chi2pdidmcon01 openvpn[1283]: library versions: OpenSSL 1.0.2j-fips 26 Sep 2016, LZO 2.09
2018:02:06-15:41:57 chi2pdidmcon01 openvpn[1283]: Restart pause, 10 second(s)
2018:02:06-15:42:07 chi2pdidmcon01 openvpn[1283]: PLUGIN_INIT: POST /usr/lib/openvpn/plugins/openvpn-plugin-utm.so '[/usr/lib/openvpn/plugins/openvpn-plugin-utm.so] [REF_SslClihubnon]' intercepted=PLUGIN_UP|PLUGIN_DOWN|PLUGIN_ROUTE_UP|PLUGIN_ROUTE_PREDOWN
2018:02:06-15:42:07 chi2pdidmcon01 openvpn[1283]: LZO compression initialized
2018:02:06-15:42:07 chi2pdidmcon01 openvpn[1283]: Control Channel MTU parms [ L:1560 D:1210 EF:40 EB:0 ET:0 EL:3 ]
2018:02:06-15:42:07 chi2pdidmcon01 openvpn[1283]: Socket Buffers: R=[87380->87380] S=[16384->16384]
2018:02:06-15:42:07 chi2pdidmcon01 openvpn[1283]: Data Channel MTU parms [ L:1560 D:1450 EF:60 EB:143 ET:0 EL:3 AF:3/1 ]
2018:02:06-15:42:07 chi2pdidmcon01 openvpn[1283]: Local Options String: 'V4,dev-type tun,link-mtu 1560,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
2018:02:06-15:42:07 chi2pdidmcon01 openvpn[1283]: Expected Remote Options String: 'V4,dev-type tun,link-mtu 1560,tun-mtu 1500,proto TCPv4_SERVER,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
2018:02:06-15:42:07 chi2pdidmcon01 openvpn[1283]: Local Options hash (VER=V4): 'bc07730e'
2018:02:06-15:42:07 chi2pdidmcon01 openvpn[1283]: Expected Remote Options hash (VER=V4): 'b695cb4a'
2018:02:06-15:42:07 chi2pdidmcon01 openvpn[1283]: Attempting to establish TCP connection with [AF_INET]dummyhost.com:443 [nonblock]
2018:02:06-15:42:18 chi2pdidmcon01 openvpn[1283]: PLUGIN_INIT: POST /usr/lib/openvpn/plugins/openvpn-plugin-utm.so '[/usr/lib/openvpn/plugins/openvpn-plugin-utm.so] [REF_SslClihubnon]' intercepted=PLUGIN_UP|PLUGIN_DOWN|PLUGIN_ROUTE_UP|PLUGIN_ROUTE_PREDOWN
2018:02:06-15:42:18 chi2pdidmcon01 openvpn[1283]: LZO compression initialized
2018:02:06-15:42:18 chi2pdidmcon01 openvpn[1283]: Control Channel MTU parms [ L:1560 D:1210 EF:40 EB:0 ET:0 EL:3 ]
2018:02:06-15:42:18 chi2pdidmcon01 openvpn[1283]: Socket Buffers: R=[87380->87380] S=[16384->16384]
2018:02:06-15:42:18 chi2pdidmcon01 openvpn[1283]: Data Channel MTU parms [ L:1560 D:1450 EF:60 EB:143 ET:0 EL:3 AF:3/1 ]
2018:02:06-15:42:18 chi2pdidmcon01 openvpn[1283]: Local Options String: 'V4,dev-type tun,link-mtu 1560,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
2018:02:06-15:42:18 chi2pdidmcon01 openvpn[1283]: Expected Remote Options String: 'V4,dev-type tun,link-mtu 1560,tun-mtu 1500,proto TCPv4_SERVER,comp-lzo,cipher AES-128-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
2018:02:06-15:42:18 chi2pdidmcon01 openvpn[1283]: Local Options hash (VER=V4): 'bc07730e'
2018:02:06-15:42:18 chi2pdidmcon01 openvpn[1283]: Expected Remote Options hash (VER=V4): 'b695cb4a'
2018:02:06-15:42:18 chi2pdidmcon01 openvpn[1283]: Attempting to establish TCP connection with [AF_INET]dummyhost.com:443 [nonblock]
I tried to ping Server IP from Client and was successfully able to do so But somehow I am not able to SSL VPN connection to Server.
Has anyone seen the error with routing earlier and the issue with SSL VPN Connectivity
This thread was automatically locked due to age.
