HELP - Error with SSL VPN when outside network

Question

Hi guys,

This is my first time here, and I very newbee at this....

I have the Sophos Release 9.200-11 and configured the Remote Access for Windows 7.

If I tried to connect the vpn when inside the network, it works perfectly....

but when I tried to connect outside the network (for the real use) it appears an error saying something about drivers in a directory.

The remote access profile is jr.vicente>>internal network (firewall rule checkd)
Settings - port 443
override hostname - 192.168.1.20

Pool Network - VPN Pool (SSL)

Masquerading - VPN Pool >> External network

Anyone can help me with this?

The client log - outside network:

Mon Apr 07 11:47:21 2014 OpenVPN 2.3.0 i686-w64-mingw32 [SSL (OpenSSL)] [LZO] [IPv6] built on Aug 23 2013
Mon Apr 07 11:47:21 2014 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Mon Apr 07 11:47:21 2014 Need hold release from management interface, waiting...
Mon Apr 07 11:47:21 2014 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Mon Apr 07 11:47:21 2014 MANAGEMENT: CMD 'state on'
Mon Apr 07 11:47:21 2014 MANAGEMENT: CMD 'log all on'
Mon Apr 07 11:47:21 2014 MANAGEMENT: CMD 'hold off'
Mon Apr 07 11:47:21 2014 MANAGEMENT: CMD 'hold release'
Mon Apr 07 11:47:27 2014 MANAGEMENT: CMD 'username "Auth" "jr.vicente"'
Mon Apr 07 11:47:27 2014 MANAGEMENT: CMD 'password [...]'
Mon Apr 07 11:47:27 2014 WARNING: Make sure you understand the semantics of --tls-remote before using it (see the man page).
Mon Apr 07 11:47:27 2014 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Mon Apr 07 11:47:28 2014 Socket Buffers: R=[8192->8192] S=[8192->8192]
Mon Apr 07 11:47:28 2014 Attempting to establish TCP connection with [AF_INET]192.168.1.20:443 [nonblock]
Mon Apr 07 11:47:28 2014 MANAGEMENT: >STATE:1396882048,TCP_CONNECT,,,
Mon Apr 07 11:47:38 2014 TCP: connect to [AF_INET]192.168.1.20:443 failed, will try again in 5 seconds: The system tried to join a drive to a directory on a joined drive.
Mon Apr 07 11:47:43 2014 MANAGEMENT: >STATE:1396882063,TCP_CONNECT,,,
Mon Apr 07 11:47:53 2014 TCP: connect to [AF_INET]192.168.1.20:443 failed, will try again in 5 seconds: The system tried to join a drive to a directory on a joined drive.

I also tried to use a different VPN Client and get this error:

Try to start OpenVPN connection jr.vicente@192.168.1.20
Mon Apr 07 11:10:12 2014 DEPRECATED OPTION: --tls-remote, please update your configuration
Mon Apr 07 11:10:12 2014 OpenVPN 2.3.2 i686-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [eurephia] [IPv6] built on Jun 3 2013

Mon Apr 07 11:10:20 2014 Socket Buffers: R=[8192->8192] S=[8192->8192]
Mon Apr 07 11:10:20 2014 Attempting to establish TCP connection with [AF_INET]192.168.1.20:443
Mon Apr 07 11:10:41 2014 TCP: connect to [AF_INET]192.168.1.20:443 failed, will try again in 5 seconds: Connection refused (WSAECONNREFUSED)
Mon Apr 07 11:11:07 2014 TCP: connect to [AF_INET]192.168.1.20:443 failed, will try again in 5 seconds: Connection refused (WSAECONNREFUSED)
Mon Apr 07 11:11:33 2014 TCP: connect to [AF_INET]192.168.1.20:443 failed, will try again in 5 seconds: Connection refused (WSAECONNREFUSED)

Client Log - inside network

Mon Apr 07 12:10:45 2014 MANAGEMENT: CMD 'hold release'
Mon Apr 07 12:10:52 2014 MANAGEMENT: CMD 'username "Auth" "jr.vicente"'
Mon Apr 07 12:10:52 2014 MANAGEMENT: CMD 'password [...]'
Mon Apr 07 12:10:52 2014 WARNING: Make sure you understand the semantics of --tls-remote before using it (see the man page).
Mon Apr 07 12:10:52 2014 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Mon Apr 07 12:10:52 2014 Socket Buffers: R=[8192->8192] S=[8192->8192]
Mon Apr 07 12:10:52 2014 Attempting to establish TCP connection with [AF_INET]192.168.1.20:443 [nonblock]
Mon Apr 07 12:10:52 2014 MANAGEMENT: >STATE:1396883452,TCP_CONNECT,,,
Mon Apr 07 12:10:53 2014 TCP connection established with [AF_INET]192.168.1.20:443
Mon Apr 07 12:10:53 2014 TCPv4_CLIENT link local: [undef]
Mon Apr 07 12:10:53 2014 TCPv4_CLIENT link remote: [AF_INET]192.168.1.20:443
Mon Apr 07 12:10:53 2014 MANAGEMENT: >STATE:1396883453,WAIT,,,
Mon Apr 07 12:10:53 2014 MANAGEMENT: >STATE:1396883453,AUTH,,,
Mon Apr 07 12:10:53 2014 TLS: Initial packet from [AF_INET]192.168.1.20:443, sid=0cc20853 5ae6458e
Mon Apr 07 12:10:53 2014 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Mon Apr 07 12:10:53 2014 VERIFY OK: depth=1, C=br, L=Sao Paulo, O=QI, CN=QI VPN CA, emailAddress=bruno.campilongo@gmail.com
Mon Apr 07 12:10:53 2014 VERIFY X509NAME OK: C=br, L=Sao Paulo, O=QI, CN=192.168.1.1, emailAddress=bruno.campilongo@gmail.com
Mon Apr 07 12:10:53 2014 VERIFY OK: depth=0, C=br, L=Sao Paulo, O=QI, CN=192.168.1.1, emailAddress=bruno.campilongo@gmail.com
Mon Apr 07 12:10:54 2014 Data Channel Encrypt: Cipher 'AES-192-CBC' initialized with 192 bit key
Mon Apr 07 12:10:54 2014 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Apr 07 12:10:54 2014 Data Channel Decrypt: Cipher 'AES-192-CBC' initialized with 192 bit key
Mon Apr 07 12:10:54 2014 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Apr 07 12:10:54 2014 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Mon Apr 07 12:10:54 2014 [192.168.1.1] Peer Connection Initiated with [AF_INET]192.168.1.20:443
Mon Apr 07 12:10:55 2014 MANAGEMENT: >STATE:1396883455,GET_CONFIG,,,
Mon Apr 07 12:10:56 2014 SENT CONTROL [192.168.1.1]: 'PUSH_REQUEST' (status=1)
Mon Apr 07 12:10:57 2014 PUSH: Received control message: 'PUSH_REPLY,route 10.242.2.1,topology net30,ping 10,ping-restart 120,redirect-gateway def1,ifconfig 10.242.2.6 10.242.2.5'
Mon Apr 07 12:10:57 2014 OPTIONS IMPORT: timers and/or timeouts modified
Mon Apr 07 12:10:57 2014 OPTIONS IMPORT: --ifconfig/up options modified
Mon Apr 07 12:10:57 2014 OPTIONS IMPORT: route options modified
Mon Apr 07 12:10:57 2014 ROUTE_GATEWAY 192.168.1.1/255.255.255.0 I=10 HWADDR=00:e0:66:03:34:4a
Mon Apr 07 12:10:57 2014 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Mon Apr 07 12:10:57 2014 MANAGEMENT: >STATE:1396883457,ASSIGN_IP,,10.242.2.6,
Mon Apr 07 12:10:57 2014 open_tun, tt->ipv6=0
Mon Apr 07 12:10:57 2014 TAP-WIN32 device [Conexão local 3] opened: \.\Global\{75B98B00-F0BB-40E4-B270-91DCBF1C105C}.tap
Mon Apr 07 12:10:57 2014 TAP-Windows Driver Version 9.9
Mon Apr 07 12:10:57 2014 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.242.2.6/255.255.255.252 on interface {75B98B00-F0BB-40E4-B270-91DCBF1C105C} [DHCP-serv: 10.242.2.5, lease-time: 31536000]
Mon Apr 07 12:10:57 2014 Successful ARP Flush on interface [28] {75B98B00-F0BB-40E4-B270-91DCBF1C105C}
Mon Apr 07 12:11:01 2014 TEST ROUTES: 3/3 succeeded len=2 ret=1 a=0 u/d=up
Mon Apr 07 12:11:01 2014 C:\Windows\system32\route.exe ADD 192.168.1.20 MASK 255.255.255.255 192.168.1.1 IF 10
Mon Apr 07 12:11:01 2014 Route addition via service succeeded
Mon Apr 07 12:11:01 2014 C:\Windows\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.242.2.5
Mon Apr 07 12:11:01 2014 Route addition via service succeeded
Mon Apr 07 12:11:01 2014 C:\Windows\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 10.242.2.5
Mon Apr 07 12:11:01 2014 Route addition via service succeeded
Mon Apr 07 12:11:01 2014 MANAGEMENT: >STATE:1396883461,ADD_ROUTES,,,
Mon Apr 07 12:11:01 2014 C:\Windows\system32\route.exe ADD 192.168.1.20 MASK 255.255.255.255 192.168.1.1 IF 10
Mon Apr 07 12:11:01 2014 ROUTE: route addition failed using service: O objeto já existe. [status=5010 if_index=10]
Mon Apr 07 12:11:01 2014 Route addition via service failed
Mon Apr 07 12:11:01 2014 C:\Windows\system32\route.exe ADD 10.242.2.1 MASK 255.255.255.255 10.242.2.5
Mon Apr 07 12:11:01 2014 Route addition via service succeeded
Mon Apr 07 12:11:01 2014 Initialization Sequence Completed
Mon Apr 07 12:11:01 2014 MANAGEMENT: >STATE:1396883461,CONNECTED,SUCCESS,10.242.2.6,192.168.1.20

This thread was automatically locked due to age.