Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 20 replies
  • Subscribers 6 subscribers
  • Views 41915 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Update 9.405 breaks VPN

sergeanttman

upon installing the up2date version 9.405 I was no longer able to authenticate to my surveillance system over the CISCO/IOS Remote Access VPN. The firewall live log shows a successful connection to my surveillance controller, but the authentication itself fails. Upon rolling back to 9.404 and restoring my backup, my authentication works again over the VPN. The 9.405 update appears to break/interfere authentication over the VPN tunnel....



This thread was automatically locked due to age.
Parents
  • 0

    Same issue here. Ever since the update my site to site VPN (Sophos UTM to Sophos UTM) comes up and allows each device to ping each other but not connect. I have tried disabled all the security services and rebuilding the VPN profiles but nothing works. Logs show traffic going back and forth but nothing happens after the first packet. Rolling back to 9.404 indeed fixes the issue.

  • 0 in reply to Emotive

    I am having a similar issue, perhaps. What type of traffic is it that is getting lost? In my case it is anything using SSL (https, SSH, MS remote desktop)

    TIA--Matt

  • 0 in reply to MatthewSodano

    It's hard to pinpoint why or what traffic is dropped. For instance I have a network printer I can access just fine via the HTTP web interface but my Synology NAS is inaccessible via HTTP or HTTPS. MY QNAP gives the exact same symptoms. I can also access my network AV receiver over the VPN without issue. SMB to the NAS works for the initial folder population but once I try to browse a sub folder it hangs and then times out. All logs on the UTM itself show nothing being dropped and only show the initial request I make. All security services were turned off on both sides and still nothing.

    The odd thing is it all started when I updated my remote UTM to 9.405 while holding off my local UTM since I couldn't upgrade it for a while so I know it's this update causing the issues.

  • 0 in reply to Emotive

    That sounds somewhat like what I am seeing, but so far has only been HTTPS and SSSH/SSL traffic that I have had issues with. I did not have the tunnels set up before up2date made the upgrade to 9.405. Sophos support tells me that I have to reimage to downgrade? My case has supposedly been escalated but I have not heard anything for days. This is the first Sophos appliance I am using, coming from a Cisco/Juniper/Brocade background, I am definitely disappointed in the support in general. One or two of the support guys have been very helpful, but this has been going on for over a week with no end in sight. 

  • 0 in reply to MatthewSodano

    I currently use the home UTM edition on custom hardware. While it's been great nearly all around, the VPN aspect shows typical performance issues like other upcoming firewall companies. I use Cisco and Juniper at work and an old ASA5505 (heck even a 2811) blows away my skylake i3s in terms of throughput with the UTM software. Hopefully they push an update to correct the VPN issues so I can at least get traffic moving again even if it's at a slower pace than other vendors.

Reply
  • 0 in reply to MatthewSodano

    I currently use the home UTM edition on custom hardware. While it's been great nearly all around, the VPN aspect shows typical performance issues like other upcoming firewall companies. I use Cisco and Juniper at work and an old ASA5505 (heck even a 2811) blows away my skylake i3s in terms of throughput with the UTM software. Hopefully they push an update to correct the VPN issues so I can at least get traffic moving again even if it's at a slower pace than other vendors.

Children
No Data
Unfiltered HTML