Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 4 subscribers
  • Views 14421 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SSL VPN

tony gonzalez

Hello -

 

I've been trying to setup SSL VPN remote connectivity for some time now to no avail. Can someone tell me what this means? I followed the steps to the tee, I can connect from the internal network, but not when I'm in a different network.

 

Sun Apr 30 16:19:12 2017 DEPRECATED OPTION: --tls-remote, please update your configuration
Sun Apr 30 16:19:12 2017 OpenVPN 2.3.8 i686-w64-mingw32 [SSL (OpenSSL)] [LZO] [IPv6] built on Jun 25 2016
Sun Apr 30 16:19:12 2017 library versions: OpenSSL 1.0.1t 3 May 2016, LZO 2.09
Sun Apr 30 16:19:12 2017 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Sun Apr 30 16:19:12 2017 Need hold release from management interface, waiting...
Sun Apr 30 16:19:13 2017 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Sun Apr 30 16:19:13 2017 MANAGEMENT: CMD 'state on'
Sun Apr 30 16:19:13 2017 MANAGEMENT: CMD 'log all on'
Sun Apr 30 16:19:13 2017 MANAGEMENT: CMD 'hold off'
Sun Apr 30 16:19:13 2017 MANAGEMENT: CMD 'hold release'
Sun Apr 30 16:19:21 2017 MANAGEMENT: CMD 'username "Auth" "Gonzo"'
Sun Apr 30 16:19:21 2017 MANAGEMENT: CMD 'password [...]'
Sun Apr 30 16:19:21 2017 Socket Buffers: R=[8192->8192] S=[8192->8192]
Sun Apr 30 16:19:21 2017 Attempting to establish TCP connection with [AF_INET]192.168.0.1:443 [nonblock]
Sun Apr 30 16:19:21 2017 MANAGEMENT: >STATE:1493590761,TCP_CONNECT,,,,,,
Sun Apr 30 16:19:31 2017 TCP: connect to [AF_INET]192.168.0.1:443 failed, will try again in 5 seconds: The system tried to join a drive to a directory on a joined drive.
Sun Apr 30 16:19:36 2017 MANAGEMENT: >STATE:1493590776,TCP_CONNECT,,,,,,
Sun Apr 30 16:19:46 2017 TCP: connect to [AF_INET]192.168.0.1:443 failed, will try again in 5 seconds: The system tried to join a drive to a directory on a joined drive.
Sun Apr 30 16:19:51 2017 MANAGEMENT: >STATE:1493590791,TCP_CONNECT,,,,,,



This thread was automatically locked due to age.
Parents
  • 0

    Hi Tony,

    Sun Apr 30 16:19:21 2017 Attempting to establish TCP connection with [AF_INET]192.168.0.1:443 [nonblock]

    The connection attempt is over a private IP address, this should be a public IP of WAN interface on the UTM? Show me the configuration of the page, Interface & Routing | interfaces. 

    Thank You

  • 0 in reply to sachingurung

    I'm trying to connect at work, also on the client I was told to use the manual option and enter my WAN IP and port. 

  • 0 in reply to tony gonzalez

    Edit the SSL VPN config file in a notepad and edit the line "remote 192.168.x.x 443" to remote x.x.x.x(UTM WAN interface IP) 443.

    Any helps?

  • 0 in reply to sachingurung

    Thanks but no luck

     

    Thu May 04 11:05:04 2017 OpenVPN 2.3.8 i686-w64-mingw32 [SSL (OpenSSL)] [LZO] [IPv6] built on Jun 25 2016
    Thu May 04 11:05:04 2017 library versions: OpenSSL 1.0.1t 3 May 2016, LZO 2.09
    Enter Management Password:
    Thu May 04 11:05:04 2017 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
    Thu May 04 11:05:04 2017 Need hold release from management interface, waiting...
    Thu May 04 11:05:04 2017 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
    Thu May 04 11:05:04 2017 MANAGEMENT: CMD 'state on'
    Thu May 04 11:05:04 2017 MANAGEMENT: CMD 'log all on'
    Thu May 04 11:05:04 2017 MANAGEMENT: CMD 'hold off'
    Thu May 04 11:05:04 2017 MANAGEMENT: CMD 'hold release'
    Thu May 04 11:05:12 2017 MANAGEMENT: CMD 'username "Auth" "Gonzo"'
    Thu May 04 11:05:12 2017 MANAGEMENT: CMD 'password [...]'
    Thu May 04 11:05:12 2017 Socket Buffers: R=[8192->8192] S=[8192->8192]
    Thu May 04 11:05:12 2017 Attempting to establish TCP connection with [AF_INET]73.217.XX.XX:443 [nonblock]
    Thu May 04 11:05:12 2017 MANAGEMENT: >STATE:1493917512,TCP_CONNECT,,,,,,
    Thu May 04 11:05:13 2017 TCP connection established with [AF_INET]73.217.XX.XX:443
    Thu May 04 11:05:13 2017 TCPv4_CLIENT link local: [undef]
    Thu May 04 11:05:13 2017 TCPv4_CLIENT link remote: [AF_INET]73.217.XX.XX:443
    Thu May 04 11:05:13 2017 MANAGEMENT: >STATE:1493917513,WAIT,,,,,,
    Thu May 04 11:05:13 2017 Connection reset, restarting [-1]
    Thu May 04 11:05:13 2017 SIGUSR1[soft,connection-reset] received, process restarting
    Thu May 04 11:05:13 2017 MANAGEMENT: >STATE:1493917513,RECONNECTING,connection-reset,,,,,
    Thu May 04 11:05:13 2017 Restart pause, 5 second(s)
    Thu May 04 11:05:18 2017 Socket Buffers: R=[8192->8192] S=[8192->8192]
    Thu May 04 11:05:18 2017 Attempting to establish TCP connection with [AF_INET]73.217.XX.XX:443 [nonblock]
    Thu May 04 11:05:18 2017 MANAGEMENT: >STATE:1493917518,TCP_CONNECT,,,,,,
    Thu May 04 11:05:19 2017 TCP connection established with [AF_INET]73.217.XX.XX:443
    Thu May 04 11:05:19 2017 TCPv4_CLIENT link local: [undef]
    Thu May 04 11:05:19 2017 TCPv4_CLIENT link remote: [AF_INET]73.217.XX.XX:443
    Thu May 04 11:05:19 2017 MANAGEMENT: >STATE:1493917519,WAIT,,,,,,
    Thu May 04 11:05:19 2017 Connection reset, restarting [-1]
    Thu May 04 11:05:19 2017 SIGUSR1[soft,connection-reset] received, process restarting
    Thu May 04 11:05:19 2017 MANAGEMENT: >STATE:1493917519,RECONNECTING,connection-reset,,,,,
    Thu May 04 11:05:19 2017 Restart pause, 5 second(s)
    Thu May 04 11:05:24 2017 Socket Buffers: R=[8192->8192] S=[8192->8192]
    Thu May 04 11:05:24 2017 Attempting to establish TCP connection with [AF_INET]73.217.XX.XX:443 [nonblock]
    Thu May 04 11:05:24 2017 MANAGEMENT: >STATE:1493917524,TCP_CONNECT,,,,,,
    Thu May 04 11:05:25 2017 TCP connection established with [AF_INET]73.217.XX.XX:443
    Thu May 04 11:05:25 2017 TCPv4_CLIENT link local: [undef]
    Thu May 04 11:05:25 2017 TCPv4_CLIENT link remote: [AF_INET]73.217.XX.XX:443
    Thu May 04 11:05:25 2017 MANAGEMENT: >STATE:1493917525,WAIT,,,,,,
    Thu May 04 11:05:25 2017 Connection reset, restarting [-1]
    Thu May 04 11:05:25 2017 SIGUSR1[soft,connection-reset] received, process restarting
    Thu May 04 11:05:25 2017 MANAGEMENT: >STATE:1493917525,RECONNECTING,connection-reset,,,,,
    Thu May 04 11:05:25 2017 Restart pause, 5 second(s)
    Thu May 04 11:05:30 2017 Socket Buffers: R=[8192->8192] S=[8192->8192]
    Thu May 04 11:05:30 2017 Attempting to establish TCP connection with [AF_INET]73.217.XX.XX:443 [nonblock]
    Thu May 04 11:05:30 2017 MANAGEMENT: >STATE:1493917530,TCP_CONNECT,,,,,,
    Thu May 04 11:05:31 2017 TCP connection established with [AF_INET]73.217.XX.XX:443
    Thu May 04 11:05:31 2017 TCPv4_CLIENT link local: [undef]
    Thu May 04 11:05:31 2017 TCPv4_CLIENT link remote: [AF_INET]73.217.XX.XX:443
    Thu May 04 11:05:31 2017 MANAGEMENT: >STATE:1493917531,WAIT,,,,,,
    Thu May 04 11:05:31 2017 Connection reset, restarting [-1]
    Thu May 04 11:05:31 2017 SIGUSR1[soft,connection-reset] received, process restarting
    Thu May 04 11:05:31 2017 MANAGEMENT: >STATE:1493917531,RECONNECTING,connection-reset,,,,,
    Thu May 04 11:05:31 2017 Restart pause, 5 second(s)

  • 0 in reply to tony gonzalez

    Hi Tony,

    Looking at the present log lines below, the connection seems to be established.

    Thu May 04 11:05:12 2017 Attempting to establish TCP connection with [AF_INET]73.217.XX.XX:443 [nonblock]
    Thu May 04 11:05:12 2017 MANAGEMENT: >STATE:1493917512,TCP_CONNECT,,,,,,
    Thu May 04 11:05:13 2017 TCP connection established with [AF_INET]73.217.XX.XX:443

    But, you are disconnected with a soft connection reset:

    Thu May 04 11:05:31 2017 SIGUSR1[soft,connection-reset] received, process restarting

    This might be caused due to several reasons, please show me the SSL VPN configuration and the picture of the Advanced tab. Alongside, do you have any DNAT policy mapping the 443 port? Show me the openvpn.log from the UTM shell.

    Thank You

Reply
  • 0 in reply to tony gonzalez

    Hi Tony,

    Looking at the present log lines below, the connection seems to be established.

    Thu May 04 11:05:12 2017 Attempting to establish TCP connection with [AF_INET]73.217.XX.XX:443 [nonblock]
    Thu May 04 11:05:12 2017 MANAGEMENT: >STATE:1493917512,TCP_CONNECT,,,,,,
    Thu May 04 11:05:13 2017 TCP connection established with [AF_INET]73.217.XX.XX:443

    But, you are disconnected with a soft connection reset:

    Thu May 04 11:05:31 2017 SIGUSR1[soft,connection-reset] received, process restarting

    This might be caused due to several reasons, please show me the SSL VPN configuration and the picture of the Advanced tab. Alongside, do you have any DNAT policy mapping the 443 port? Show me the openvpn.log from the UTM shell.

    Thank You

Children
No Data