Hi,
We have encountered an issue with our Sophos UTMs, in particular with the SSL VPN Remote Access functionality. Version we are using is 9.201-025 and the issue is affecting both of our UTMs and has caused disruption for all of today.
Today, we have an issue where only one user is able to access the site at a time through a UTM via SSL VPN (Remote Access). When one user has logged in, no other user can connect and instead is presented with the login box repeatedly. A user will attempt to log in, it will fail and the login box returns. Users are connecting via the SSL VPN client. The astaro is on the internet and not behind a firewall so we see different external addresses when they connect.
From checking forum posts, we have checked the necessary settings under SSL and tried different configs to resolve. No luck. The VPN Pool used is the default with the range starting at X.X.X.96 with a netmask /29.
A few forum posts suggested recreating the VPN Pool so we set up a new VPN Pool with a new range starting at X.X.X.80 with a netmask of /28 and since that change. Now only 2 users are able to connect at a time. Anyone else after will get the same issue as before. The logs show that no free addresses are available when a third tries to connect and that authentication fails "AUTH.FAILED"
2014:05:29-15:10:34 rugast openvpn[4612]: alec.davis/80.87.30.5:11780 MULTI: no free --ifconfig-pool addresses are available
2014:05:29-15:10:37 rugast openvpn[4612]: alec.davis/80.87.30.5:11780 SENT CONTROL [alec.davis]: 'AUTH_FAILED' (status=1)
I have attached a .txt file with more of the log from today.
How can we resolve so that we can have a number of users log on successfully and correctly fill up the range of IPs that should be available to them?
Any advice will be appreciated
Thanks
Alec
This thread was automatically locked due to age.
