Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 20 replies
  • Subscribers 6 subscribers
  • Views 41912 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Update 9.405 breaks VPN

sergeanttman

upon installing the up2date version 9.405 I was no longer able to authenticate to my surveillance system over the CISCO/IOS Remote Access VPN. The firewall live log shows a successful connection to my surveillance controller, but the authentication itself fails. Upon rolling back to 9.404 and restoring my backup, my authentication works again over the VPN. The 9.405 update appears to break/interfere authentication over the VPN tunnel....



This thread was automatically locked due to age.
Parents
  • 0

    sachingurung 

    I made mistake of updating to 9.407 based on multiple VPN fix statements in the narrative, but it broke my authentication again. Based on my log search, I cannot find any indication of the problem. what logs should I post that will aid Sophos in correcting this software issue? I do not want to downgrade to 9.404 again.

    Thank you,

Reply
  • 0

    sachingurung 

    I made mistake of updating to 9.407 based on multiple VPN fix statements in the narrative, but it broke my authentication again. Based on my log search, I cannot find any indication of the problem. what logs should I post that will aid Sophos in correcting this software issue? I do not want to downgrade to 9.404 again.

    Thank you,

Children
  • 0 in reply to sergeanttman

    Serge, have you already tried my suggestion above?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Hey Bob,

    How do you restore from backup from before?  Is that from Management / Backup/Restore and click on restore from the available backup 9.405-5?

    Thanks

  • 0 in reply to PatrickLee

    That's it, Patrick.  Doing so kicks you out of WebAdmin - just log back in a few seconds later.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Tried all of Bob suggestions, but to no avail.  Even re-create all VPN profile.  Anyone figure it out on how to get VPN working again.  In my case is SSL, L2TP, and Cisco VPN Client all breaks.

    Thanks

  • +1 in reply to PatrickLee

    If you watch the SSL VPN Live Log, do you see the client trying to login?  If not, then mayybe your public IP has changed.  If you do see activity, show us the result of one connection attempt.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Thanks Bob,

    You're right the WAN IP did changed.  Now I'm able to get SSL and Cisco VPN Client to work except L2TP.  On the L2TP live log, I'm getting this

  • 0 in reply to PatrickLee

    What is the 172.56.x.151 IP?  Are you sure you have the correct Pre-Shared Key?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    BAlfson said:

    What is the 172.56.x.151 IP?  Are you sure you have the correct Pre-Shared Key?

    Cheers - Bob

     

    The 172.56.x.x IP is the iPhone I'm connecting from.  Re-typing the Pre-Shared Key seems to nudge a bit.  I'm now able to connect L2TP via internal network only, but when connecting from external still getting the same msg "sending encrypted notification INVALID_MESSAGE_ID"

    Thanks

  • 0 in reply to BAlfson

    i have tried your suggestions.

    This issue is how the the VPN handles traffic since 9.405. I can connect to my security cameras over the VPN using SSL over the browser, but when i use the iphone app (which connects via the same IP and port #) the authentication fails. when i watch a TCPdump and the live log i can see the connection established, but auth fails. I do not know what logs or debugging options will allow me to see deeper in the weeds on this to identify a work around or pinpoint how the update(s) are causing the issue.

  • 0 in reply to sergeanttman

    Start the SSL VPN Live Log.  After it has displayed 10 lines, it's ready.  Make a single connection attempt and show us the log lines from that.   Also, tell us whether the user is Locally Authenticated or by which authentication server.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Unfiltered HTML