Hi folks. I am trying to establish a Remote Access VPN tunnel on my newly deployed UTM 9 Home. The configuration for the SSL VPN is pretty straightforward and I've followed all of the instructions that Sophos published here.
The remote browser gives a different error message depending on the browser used, but I found this in the Live Log while trying to connect. I've sanitized the output. 1.1.1.1 is the remote client browser and 2.2.2.2 is the public IP of the UTM.
I'm not sure what the MTU would have to do with anything. Strangely the MTU on my external interface was 576. I upped it to 1475.
10:23-22:20:59 home-utm openvpn[1574]: TCP connection established with [AF_INET]1.1.1.1:2652 (via [AF_INET]2.2.2.2:443)
2016:10:23-22:20:59 home-utm openvpn[1574]: 1.1.1.1:2652 WARNING: Bad encapsulated packet length from peer (5635), which must be > 0 and <= 1563 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]
2016:10:23-22:20:59 home-utm openvpn[1574]: 1.1.1.1:2652 Connection reset, restarting [0]
2016:10:23-22:20:59 home-utm openvpn[1574]: 1.1.1.1:2652 SIGUSR1[soft,connection-reset] received, client-instance restarting
2016:10:23-22:20:59 home-utm openvpn[1574]: TCP connection established with [AF_INET]1.1.1.1:2317 (via [AF_INET]2.2.2.2:443)
2016:10:23-22:20:59 home-utm openvpn[1574]: 1.1.1.1:2317 WARNING: Bad encapsulated packet length from peer (5635), which must be > 0 and <= 1563 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]
2016:10:23-22:20:59 home-utm openvpn[1574]: 1.1.1.1:2317 Connection reset, restarting [0]
2016:10:23-22:20:59 home-utm openvpn[1574]: 1.1.1.1:2317 SIGUSR1[soft,connection-reset] received, client-instance restarting
This thread was automatically locked due to age.
