Hello All,
We are having a problem with client machines accessing an external VPN(another company that is a customer). We can successfully connect/authenticate/establish the VPN connection to the customers device(assumed ASA in this case). After the first connection the VPN automatically enrolls the client machine for a cert process(this part is fuzzy right now) and then auth is done via Cert and not RSA in the VPN client. The issue occurs during this certification enrollment.
When we remove the Sophos UTM from the equation by using an MIFI hotspot on a PC(including one that previously failed this process). The cert enrollment succeeds without a hitch.
so far i have tried the following
exemptions for destination (hostname) and source device(IP) in IPS with all boxes checked.
exemptions for source device(IP) in Web Protection>Filtering Options
exemptions for source device(IP) in Transparent Mode Skiplist (We are using Transparent Mode)
Firewall rules for https to destination(hostname)
Scanning through the logs(IPS,Web Filtering, and Firewall) while its trying to connect hasn't shown any drops/blocks associated with the client IP or the destination of the VPN.
Any advice would be greatly appreciated.
This thread was automatically locked due to age.
