Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 1 subscriber
  • Views 1472 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SSL VPN Error: VPN tries connecting all the time

deoli
Hi Guys,

i've installed the new Astaro Security Gateway 7.0, and i'm very lucky to say the new web interface is great. Much better to work with.

After installing and configuring, i thougt i'll give the ssl-vpn a try, recording to:
http://portal.knowledgebase.net/display/2n/kb/article.asp?aid=228445

Now i'have been testing the connection from inside the lan over the external dyndns address, the connection won't go up, it tries connecting all the time.
Can i test it in this constellation, requesting from inside the lan over dyndns again back into the net?

Could someone help me?

I'll provide the two logfiles, one form the astaro ssl debug log, and one from the winxp client.

http://www.deoli.de/astaro-openvpn_astaro.txt
http://www.deoli.de/astaro-openvpn_winxpclient.txt

Please help me, thank you very much ...

Best Regards,
Oliver


This thread was automatically locked due to age.
  • 0
    You are using special characters (umlauts) in your certificates, which breaks SSL VPN in 7.001. Until a fix is there for this issue, please use the following workaround. In your .ovpn file (\Program files\Astaro\Astaro SSL VPN Client\config), modify line 47 (remote) and replace all '\' characters by '_'.

    Example:
    R\xC3\xB6dermark
    R_xC3_xB6dermark

    Stephan
  • 0 in reply to Stephan_Scholz
    Thank you Stephan,

    yesterday I took a closer look to the .ovpn, and fixed the problem be reinstalling the firewall on the "final" hardware. After the closer look i'am not using anymore "German-Umlaute" like "ö" in Rödermark...

    Thank you very much.

    But one question is still open, after i have successfully established the ssl vpn, what else has to be configured?

    - Some packet filter rules?
    - etc?

    After that i can successfully access local area network ressources?

    Best Regards,
    Oliver
  • 0 in reply to deoli
    If you have enabled "Automatic packet filter rules" (in SSL Advanced), then you should be able to access all hosts in the networks which you have specified in the "Local networks" config.

    As an alternative, create packet filter rules with the VPN user objects (which are automatically created). These rules become active automatically as soon as the user logs in, and they disappear again when he logs off.

    Stephan
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?

Unfiltered HTML