Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 8 replies
  • Answers 1 answer
  • Subscribers 2 subscribers
  • Views 33422 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SSL VPN not connecting

gcraenen
Hello,

I've setup a user and a SSL VPN server. Through the user portal I downloaded the ovpn file and loaded that in Tunnelblick (working on OS X). When I try ti connect it keeps on trying, but no connection is made.

In tunnelblick I can see the following error: 


9 VERIFY ERROR: could not extract CN from X509 subject string ('C=XX, L=yy, O=zz') -- note that the username length is limited to 64 characters

2015-11-02 20:20:39 TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

2015-11-02 20:20:39 TLS Error: TLS object -> incoming plaintext read error

2015-11-02 20:20:39 TLS Error: TLS handshake failed

2015-11-02 20:20:39 Fatal TLS error (check_tls_errors_co), restarting

2015-11-02 20:20:39 SIGUSR1[soft,tls-error] received, process restarting


And in the log files of the UTM I can see: 


2015:11:02-20:20:38 utm openvpn[9066]: TCP connection established with [AF_INET]192.168.88.198:53020 (via [AF_INET]192.168.88.1:443)

2015:11:02-20:20:39 utm openvpn[9066]: 192.168.88.198:53020 TLS: Initial packet from [AF_INET]192.168.88.198:53020 (via [AF_INET]192.168.88.1:443), sid=794b7437 fad4f1d7

2015:11:02-20:20:39 utm openvpn[9066]: 192.168.88.198:53020 Connection reset, restarting [0]

2015:11:02-20:20:39 utm openvpn[9066]: 192.168.88.198:53020 SIGUSR1[soft,connection-reset] received, client-instance restarting

2015:11:02-20:20:39 utm openvpn[9066]: TCP connection established with [AF_INET]192.168.88.198:53022 (via [AF_INET]192.168.88.1:443)

2015:11:02-20:20:40 utm openvpn[9066]: 192.168.88.198:53022 TLS: Initial packet from [AF_INET]192.168.88.198:53022 (via [AF_INET]192.168.88.1:443), sid=2f1c0009 48c48bd2

2015:11:02-20:20:40 utm openvpn[9066]: 192.168.88.198:53022 Connection reset, restarting [0]

2015:11:02-20:20:40 utm openvpn[9066]: 192.168.88.198:53022 SIGUSR1[soft,connection-reset] received, client-instance restarting

2015:11:02-20:20:40 utm openvpn[9066]: TCP connection established with [AF_INET]192.168.88.198:53024 (via [AF_INET]192.168.88.1:443)

2015:11:02-20:20:41 utm openvpn[9066]: 192.168.88.198:53024 Connection reset, restarting [0]

2015:11:02-20:20:41 utm openvpn[9066]: 192.168.88.198:53024 SIGUSR1[soft,connection-reset] received, client-instance restarting


Any idea what is going wrong? It looks like errors in the certificate of the UTM. Do I have to delete all certificates and create new ones?


This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to Scott_Klassen
    Ok, I'll try that. Hope they can help, because our business needs this. I'm on the verge of installing a separate VPN server and just forward all traffic to that.


    I've created VPN connections withe OSX versions prior to Yosemite and El Capitan.  Try contacting Viscosity support.  In the past they've been very good at providing assistance/patches for their client with UTM.
Unfiltered HTML