Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 20 replies
  • Subscribers 6 subscribers
  • Views 41920 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Update 9.405 breaks VPN

sergeanttman

upon installing the up2date version 9.405 I was no longer able to authenticate to my surveillance system over the CISCO/IOS Remote Access VPN. The firewall live log shows a successful connection to my surveillance controller, but the authentication itself fails. Upon rolling back to 9.404 and restoring my backup, my authentication works again over the VPN. The 9.405 update appears to break/interfere authentication over the VPN tunnel....



This thread was automatically locked due to age.
Parents Reply
  • 0 in reply to PatrickLee

    That's it, Patrick.  Doing so kicks you out of WebAdmin - just log back in a few seconds later.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
  • 0 in reply to BAlfson

    Tried all of Bob suggestions, but to no avail.  Even re-create all VPN profile.  Anyone figure it out on how to get VPN working again.  In my case is SSL, L2TP, and Cisco VPN Client all breaks.

    Thanks

  • +1 in reply to PatrickLee

    If you watch the SSL VPN Live Log, do you see the client trying to login?  If not, then mayybe your public IP has changed.  If you do see activity, show us the result of one connection attempt.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Thanks Bob,

    You're right the WAN IP did changed.  Now I'm able to get SSL and Cisco VPN Client to work except L2TP.  On the L2TP live log, I'm getting this

  • 0 in reply to PatrickLee

    What is the 172.56.x.151 IP?  Are you sure you have the correct Pre-Shared Key?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    BAlfson said:

    What is the 172.56.x.151 IP?  Are you sure you have the correct Pre-Shared Key?

    Cheers - Bob

     

    The 172.56.x.x IP is the iPhone I'm connecting from.  Re-typing the Pre-Shared Key seems to nudge a bit.  I'm now able to connect L2TP via internal network only, but when connecting from external still getting the same msg "sending encrypted notification INVALID_MESSAGE_ID"

    Thanks

Unfiltered HTML