Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 1 subscriber
  • Views 4411 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SSL OSX VPN troubleshooting

jengle21
Good Morning, 
   
I am trying to configure OSX (10.9) to connect back to Sophos UTM (9.106-17). I have tried playing around with the SSL module in UTM and have tried connecting using the Viscosity(openvpn) client. I am able to connect but receive the following errors (and cannot browse to the Internet or any local services when connected). In addition the tunnel periodically terminates then reestablishes itself every 1-2 minutes. Any thoughts or recommendations are greatly appreciated. I am also interested in what VPN client(s) this forum would recommend. 

UTM Log:

2013:12:08-09:54:20 ISPa openvpn[3723]: remoteUser/10.x.x.x:53251 Authenticate/Decrypt packet error: cipher final failed

Client Log:

Dec 08 09:53:06: Viscosity OpenVPN Engine Started
Dec 08 09:53:06: Running on Mac OS X 10.9.0
Dec 08 09:53:06: ---------
Dec 08 09:53:06: Checking reachability status of connection...
Dec 08 09:53:07: Connection is reachable. Starting connection attempt.
Dec 08 09:53:10: OpenVPN 2.3.2 i386-apple-darwin [SSL (OpenSSL)] [LZO] [PKCS11] [MH] [IPv6] built on Jun  7 2013
Dec 08 09:53:30: WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Dec 08 09:53:34: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Dec 08 09:53:34: UDPv4 link local: [undef]
Dec 08 09:53:34: UDPv4 link remote: [AF_INET]72.x.x.x:443
Dec 08 09:53:35: WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1542', remote='link-mtu 1558'
Dec 08 09:53:35: WARNING: 'cipher' is used inconsistently, local='cipher BF-CBC', remote='cipher AES-256-CBC'
Dec 08 09:53:35: WARNING: 'keysize' is used inconsistently, local='keysize 128', remote='keysize 256'
Dec 08 09:53:35: [User-DynDNS.com] Peer Connection Initiated with [AF_INET]72.x.x.x:443
Dec 08 09:53:38: TUN/TAP device /dev/tun0 opened
Dec 08 09:53:38: do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Dec 08 09:53:38: /sbin/ifconfig tun0 delete
Dec 08 09:53:38: NOTE: Tried to delete pre-existing tun/tap instance -- No Problem if failure
Dec 08 09:53:38: /sbin/ifconfig tun0 10.242.2.6 10.242.2.5 mtu 1500 netmask 255.255.255.255 up
Dec 08 09:53:38: Initialization Sequence Completed
Dec 08 09:53:48: Authenticate/Decrypt packet error: cipher final failed
Dec 08 09:53:58: Authenticate/Decrypt packet error: cipher final failed
Dec 08 09:54:08: Authenticate/Decrypt packet error: cipher final failed


This thread was automatically locked due to age.
Parents
  • 0
    That would be either an error in the User Portal configuration and/or an error in the SSL VPN definition.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0
    That would be either an error in the User Portal configuration and/or an error in the SSL VPN definition.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?

Unfiltered HTML