Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 8 replies
  • Answers 1 answer
  • Subscribers 6 subscribers
  • Views 14487 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Problem with UTM9 Remote access after upgrading to 9.408-4

Shay Rybak

I'm getting disconnected for all users after successfull connection. when I check the logs I see this messages every few minutes.

 

2016:12:14-09:28:13 fw openvpn[4590]: MANAGEMENT: Client connected from /var/run/openvpn_mgmt
2016:12:14-09:28:13 fw openvpn[4590]: MANAGEMENT: CMD 'kill <user 1>'
2016:12:14-09:28:13 fw openvpn[4590]: MANAGEMENT: CMD 'kill<user 2>'
2016:12:14-09:28:13 fw openvpn[4590]: MANAGEMENT: CMD 'kill<user 3>'
2016:12:14-09:28:13 fw openvpn[4590]: MANAGEMENT: CMD 'kill<user 4>'
2016:12:14-09:28:13 fw openvpn[4590]: MANAGEMENT: CMD 'kill<user 5>'
2016:12:14-09:28:13 fw openvpn[4590]: MANAGEMENT: CMD 'kill<user 6>'
2016:12:14-09:28:13 fw openvpn[4590]: MANAGEMENT: CMD 'kill<user 7>'
2016:12:14-09:28:13 fw openvpn[4590]: MANAGEMENT: CMD 'kill<user 8>'
2016:12:14-09:28:13 fw openvpn[4590]: MANAGEMENT: CMD 'kill<user 9>'

 

 

Looks like there is something killing the users every few minutes (I changed the user name to <user>)

 

Anyone has any idea what can be causing this?



This thread was automatically locked due to age.
Parents
  • 0

    I'm having this same issue.  I just reported it to Sophos tech support and waiting to hear back from them.

    We have SSL VPN setup, and access using the Windows Sophos SSL VPN client.

    2017:04:26-13:38:54 asg-1 openvpn[16512]: MANAGEMENT: Client connected from /var/run/openvpn_mgmt
    2017:04:26-13:38:54 asg-1 openvpn[16512]: MANAGEMENT: CMD 'kill <user1>'
    2017:04:26-13:38:54 asg-1 openvpn[16512]: MANAGEMENT: CMD 'kill <user2>'

    2017:04:26-13:38:54 asg-1 openvpn[16512]: MANAGEMENT: CMD 'kill <user3>'
    2017:04:26-13:38:54 asg-1 openvpn[16512]: <user3>/x.x.197.24:32186 SIGTERM[soft,] received, client-instance exiting
    2017:04:26-13:38:54 asg-1 openvpn[16512]: id="2202" severity="info" sys="SecureNet" sub="vpn" event="Connection terminated" username="<user3>" variant="ssl" srcip="x.x.197.24" virtual_ip="y.y.2.5" rx="367567" tx="1100292"
    2017:04:26-13:38:54 asg-1 openvpn[16512]: PLUGIN_CALL: POST /usr/lib/openvpn/plugins/openvpn-plugin-utm.so/PLUGIN_CLIENT_DISCONNECT status=0

    2017:04:26-13:38:54 asg-1 openvpn[16512]: MANAGEMENT: CMD 'kill <user4>'
    2017:04:26-13:38:54 asg-1 openvpn[16512]: <user4>/x.x.197.24:40683 SIGTERM[soft,] received, client-instance exiting
    2017:04:26-13:38:54 asg-1 openvpn[16512]: id="2202" severity="info" sys="SecureNet" sub="vpn" event="Connection terminated" username="<user4>" variant="ssl" srcip="x.x.197.24" virtual_ip="y.y.2.12" rx="7257335" tx="5004481"
    2017:04:26-13:38:54 asg-1 openvpn[16512]: PLUGIN_CALL: POST /usr/lib/openvpn/plugins/openvpn-plugin-utm.so/PLUGIN_CLIENT_DISCONNECT status=0

  • 0 in reply to Sam Malone

    Hi,

    we have the same Problem.

    The UTM "Kill" all users in my VPN Group

    The UTM do this sometimes 3 times a day or more.

     

    The users are synced from ActiveDirectory and in an Group in UTM.

     

    MANAGEMENT: Client connected from /var/run/openvpn_mgmt

    MANAGEMENT: CMD 'kill USER1'

    MANAGEMENT: CMD 'kill USER2'

    MANAGEMENT: CMD 'kill USER3'

    MANAGEMENT: CMD 'kill  ......

     

    Have someone an idea?

  • 0 in reply to DenisSchröder

    Denis, have you tried the restore suggested above by sachingurung?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Hi,

    no because we have the problem long time ago. But we recognize the problem when we started to use OTP vor some user.

     

    With OTP there is no automatic reconnection.

    First problem i found was that the UserPortal and VPN was conigurated on port 443. So i change the port for the userportal.

    And from 01.11.2017 i see the CMD"kill" logs.

     

    Best regards

     

  • 0 in reply to DenisSchröder

    I understand that you can't permanently go back to a backup from before 01.11.2017 (01-NOV, correct?).  Consider restoring an older backup as a test to see if that resolves the issue and then restore a backup of your current configuration.  Just curious, does the version command at the command line show an Up2Date applied on 01.11.2017?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0 in reply to DenisSchröder

    I understand that you can't permanently go back to a backup from before 01.11.2017 (01-NOV, correct?).  Consider restoring an older backup as a test to see if that resolves the issue and then restore a backup of your current configuration.  Just curious, does the version command at the command line show an Up2Date applied on 01.11.2017?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?

Unfiltered HTML