Hi,
I manage 2 UTM 9 connected one another with site-to-site SSL vpn. Apart from this, both are also reachable through SSL VPN client.
I updated this weekend one of them from to v 9.309-3 and left the other one still at v 9.308-16. Result is that site-to-site between the two still works fine but if i try to do ssl vpn from any computer through vpn client to the one with v 9.309-3, i can get connected (light turns green) but cannot reach and/or ping any of the devices behind its internal network. SSL vpn on the other one v 9.308-16 still works without any issue.
Keeping in mind that:
-I didn't change anything in the configuration...i merely performed the update
-If i log the traffic going to the vpn, i see that the pings (or eg rdp requests) are marked green and the destination addresses are correct
-I compared the configuration side-by-side of the working one with the other and i don't see any difference...dns and so remained the same on both sides
-I reissued the configuration file for the existing user I was trying and even created a new user on a nother computer, tryed to connect but...no joy
I repeat, The client connects and the requests and packets actually reach the utm (I can see that through the green logs) but I cannot do anything...no rdp, no shared folders, negative pings.
I searched around but didn't find any useful article so fare and is quite surprising that i am the only one having this issue.
Can anyone please shed some light on this or suggest what possible other steps i can take other then restoring a conifg previous to the upgrade.
Of coure also all the packet filterings rules had been turned off during the tests (and i didn't expect to have any benefit, since they have been always on even before the upgrade).
Braking my head on this. Need some advice.
Thanks
Ed
This thread was automatically locked due to age.
Guest User!
You are not Sophos Staff.
