This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UTM v9 SSLVPN Client hangs on SENt CONTROL 'PUSH_REQUEST'

Hi,

after upgrading the ASG v8.306 to to UTM v9.003 some users can't connect with the SSLVPN Client. In the Client Log we can see the last line

SENT CONTROL [utm]: 'PUSH_REQUEST' (status=1)

On the UTM we can see that the openvpn server will push the routing information the client:

test/xx.xx.xx.120:56858 SENT CONTROL [test]: 'PUSH_REPLY,route ...

The push_request never receives the client. The client hangs.

This happens with the UTM v9 SSL-Client downloaded form the user portal. Same config file with an old ASG SSLVPN Client (I don't konw the version, but the date of the openvpn-gui.exe is 2012-03-17) sets the routes correctly.

Cheers

Ben

This thread was automatically locked due to age.

0 BAlfson over 12 years ago

I googled site:astaro.org "'PUSH_REQUEST' (status=1)" and the first result after your post was the one I remembered.

One of the developers commented:
You can get around the problem until the client is fixed, by generating a new SSL VPN server certificate on the UTM. Use the exact same strings for the X.509 subject (Country to Common Name fields) that you have in your current server certificate. Then select the newly generated cert as your server cert in "Remote Access » SSL » Advanced" and your clients will be able to connect without modification.

I think this is ID22375 that's supposed to be fixed in 9.004 according to http://www.astaro.com/lists/Known_Issues-UTM-V9.txt which is found on the Support page in WebAdmin.

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel
0 bschwitzer over 12 years ago

Hi,

the Astaro guys found the error. The customer has about 50 Routes in the config. The v9.003 SSLVPN clients have a bug when more than 25 routes set. We got a new client from the Astaro Support which has fixed this issue.

Ben
Cancel
Vote Up 0 Vote Down

Cancel