Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 2 replies
  • Answers 1 answer
  • Subscribers 4 subscribers
  • Views 10919 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Users can no longer log in to SSL VPN / User Portal

PierceMacMillan

After the most recent update my SSL VPN on my SG 230 is completely non-functional.  I tried rolling back but that did nothing.

If I try to log into the user portal, there is no option for VPN Access.  The SSL VPN never authenticates.  It now always craps out with bad username / password for every user in my company. 

I think this must have something to do with the AD connector.  As the logs look funny.  But I checked the connection to AD with the AD Admin account and it says it passed the test.  I also noticed somebody calling from Paris is trying to get in.  Would that be causing these problems?  Thanks in advance for your help.

Here are some logs:
Live Log: SSL VPN
Filter:
Autoscroll
Reload

2017:04:10-10:26:22 utm01 openvpn[7014]: "Local computer IP":50957 Local Options hash (VER=V4): '00bc425f'

2017:04:10-10:26:22 utm01 openvpn[7014]: "Local computer IP":50957 Expected Remote Options hash (VER=V4): 'ec542dd5'

2017:04:10-10:26:22 utm01 openvpn[7014]: "Local computer IP":50957 UDPv4 READ [14] from [AF_INET]"Local computer IP":50957 (via [AF_INET]"SOPHOS UTM IP"%ppp0): P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ] pid=0 DATA len=0

2017:04:10-10:26:22 utm01 openvpn[7014]: "Local computer IP":50957 TLS: Initial packet from [AF_INET]"Local computer IP":50957 (via [AF_INET]"SOPHOS UTM IP"%ppp0), sid=647eacc8 b3e1a73b

2017:04:10-10:26:22 utm01 openvpn[7014]: "Local computer IP":50957 UDPv4 WRITE [26] to [AF_INET]"Local computer IP":50957 (via [AF_INET]"SOPHOS UTM IP"%ppp0): P_CONTROL_HARD_RESET_SERVER_V2 kid=0 [ 0 ] pid=0 DATA len=0

2017:04:10-10:26:22 utm01 openvpn[7014]: "Local computer IP":50957 UDPv4 READ [22] from [AF_INET]"Local computer IP":50957 (via [AF_INET]"SOPHOS UTM IP"%ppp0): P_ACK_V1 kid=0 [ 0 ]

2017:04:10-10:26:25 utm01 openvpn[7014]: "Local computer IP":50956 SIGTERM[soft,delayed-exit] received, client-instance exiting

2017:04:10-10:27:23 utm01 openvpn[7014]: "Local computer IP":50957 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)

2017:04:10-10:27:23 utm01 openvpn[7014]: "Local computer IP":50957 TLS Error: TLS handshake failed

2017:04:10-10:27:23 utm01 openvpn[7014]: "Local computer IP":50957 SIGUSR1[soft,tls-error] received, client-instance restarting

 

Live Log: User authentication daemon


2017:04:10-10:40:35 utm01 aua[3731]: id="3005" severity="warn" sys="System" sub="auth" name="Authentication failed" srcip="212.83.160.203" host="" user="guest" caller="sshd" reason="Too many failures from client 212.83.160.203, still blocked for 587 seconds"

2017:04:10-10:40:36 utm01 aua[3731]: id="3005" severity="warn" sys="System" sub="auth" name="Authentication failed" srcip="212.83.160.203" host="" user="ubnt" caller="sshd" reason="Too many failures from client 212.83.160.203, still blocked for 586 seconds"

2017:04:10-10:40:41 utm01 aua[3731]: id="3005" severity="warn" sys="System" sub="auth" name="Authentication failed" srcip="212.83.160.203" host="" user="support" caller="sshd" reason="Too many failures from client 212.83.160.203, still blocked for 581 seconds"

2017:04:10-10:44:20 utm01 aua[21131]: id="3006" severity="info" sys="System" sub="auth" name="Bad password"

2017:04:10-10:44:20 utm01 aua[21131]: id="3006" severity="info" sys="System" sub="auth" name="Trying "LOCAL SUBNET".10 (adirectory)"

2017:04:10-10:44:20 utm01 aua[21131]: id="3005" severity="warn" sys="System" sub="auth" name="Authentication failed" srcip=""OTHER SUBNET".65" host="" user="admin" caller="webadmin" reason="DENIED"

2017:04:10-10:44:36 utm01 aua[21183]: id="3004" severity="info" sys="System" sub="auth" name="Authentication successful" srcip=""OTHER SUBNET".65" host="" user="admin" caller="webadmin" engine="local"

2017:04:10-10:47:15 utm01 aua[3731]: id="3006" severity="info" sys="System" sub="auth" name="Child 21183 is running too long. Terminating child"

2017:04:10-10:47:15 utm01 aua[21683]: id="3006" severity="info" sys="System" sub="auth" name="Trying "LOCAL SUBNET".10 (adirectory)"

2017:04:10-10:47:15 utm01 aua[21683]: id="3004" severity="info" sys="System" sub="auth" name="Authentication successful" srcip=""EXTERNAL SUBNET"" host="" user="test.user" caller="portal" engine="adirectory"

 



This thread was automatically locked due to age.
Parents
  • 0

    You said that you tried rolling back - did you mean that you restored the configuration backup made prior to the installation of the Up2Date(s)?  Try that first.  If it doesn't work, reboot.  If the problem persists, create a new AD Server definition on the 'Servers' tab and then delete the old one.  If those don't resolve your issue, try rebooting the Windows Server running AD.

    Any luck?

    Cheers - Bob

Reply
  • 0

    You said that you tried rolling back - did you mean that you restored the configuration backup made prior to the installation of the Up2Date(s)?  Try that first.  If it doesn't work, reboot.  If the problem persists, create a new AD Server definition on the 'Servers' tab and then delete the old one.  If those don't resolve your issue, try rebooting the Windows Server running AD.

    Any luck?

    Cheers - Bob

Children
No Data