Hello!
I have a problem with my SSL VPN that has worked without problems until yesterday. Yesterday i played a little with the web application firewall and set up a virtual and real webserver on https. I thought I had some problems with the certs but it turned out it was my webserver that was the problem. Because of the problems I tried to do a DNAT-rule to the server instead, including a firewall rule. Got this to work but inactivated the dnat rule and firewall rule again.
The day after I tried to connect to my SSL VPN from my laptop outside the network. Got no server response. I have also tried to connect to the VPN from inside the network without luck. I deleted all rules I created yesterday and all dnat-rules that maybe was a problem because they was using the same port (443).
I can still not connect to the VPN after this. I have also tried to reboot the firewall without luck.
The firewall logs is as follows;
firewall ulogd[24911]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1.2" srcmac="b8:e8:56:33:4b:32" dstmac="a0:36:9f:7d:93:d2" srcip="10.xx.x.29" dstip=“xx.70.xx.137" proto="17" length="42" tos="0x00" prec="0x00" ttl="64" srcport="57461" dstport=“443”
(In this case I tried to connect to the VPN from inside my network connected to one of my VLANs (VLAN 2).
I do not know what to do because I have manually restored the firewall to before I configured https traffic to one of my webservers.
Unfortunately I have no real backup of the configuration so my hope is that I can solve this.
As I said, the SSL VPN connection worked very good before this and I have set it up with help from sophos guides. I have not touched the SSL VPN config at all lately but maybe something got broken when I did a DNAT to a server on the same port as the SSL VPN used? This is, as said, removed but the SSL VPN did not work anyway.
I have also tried to change port on the SSL VPN to another port, no luck. Same 60001 rule hitting in the firewall :/
Can anyone help me with this? What can possible be the problem??
Thanks in advance!
UPDATE: Additional information about my SSL VPN setup:
Remote access -> SSL
Profiles:
Users and group: admin
Local Networks: Any and Internet IPv4
Automatic firewall rules turned ON.
Settings:
Server settings:
Procotol: UDP
Port: 443
Override hostname: Empty
Virtual IP Pool:
Pool network: VPN Pool (SSL)
Duplicate CN:
Allow multiple concurrent connections per user is turned ON.
Network protection:
Masquerading:
NAT:
VPN Pool (SSL) -> Internet 1 (WAN)
Position: 3
Interface: Internet 1 (WAN)
Use address: << Primary address >>
No DNAT-rules existing anymore. No firewall rules regarding this.
This issue drives me crazy :( I do not understand why rule 60001 is used in this case?! What does it mean?
This thread was automatically locked due to age.
