mobile ssl vpn immediate disconnects
I have an odd problem with some installs of Mobile SSL vpn. The client authenticates, connects, adds routes and then immediately disconnects. This happens on only 3 of our clients so far, different machines, different operating systems. Client uninstall and re-install does not resolve the issue. Can anybody shed any light?
0
Sign In to comment.
Comments
What firewall model & XTM version do you have?
What are the OSes of the problem devices?
Anything obvious in Traffic Monitor for these problem connections?
You can turn on diagnostic logging for SSLVPN which may show something to help:
In WSM Policy Manager: Setup -> Logging -> Diagnostic Log Level -> VPN -> SSL
In the Web UI: System -> Diagnostic Log
Set the slider to Information or higher
Also, anything obvious in the SSLVPN client logs?
Right click on the icon in the Windows System tray, select View Logs
Check that you have the TAP driver installed. We had this issue and it was due to installing the software silently which did not automatically install the TAP driver like is requested when installed manually.
If you use Windows 10, run the installer as Administrator or else the TAP driver may not install correctly.
Gregg Hill
Did you resolve the problem? I have exactly the same problem. I discovered that it happens with some internet home connections (FTTH connections, Movistar, Vodaphone...). The same client (laptop) connected from a FTTH connection (does not works) and then connected througt 4G (with his smartphone) works, or connected from a professional office (FTTO connection) works. Thanks
Hi @Jaume
That type of disconnect would suggest that you're getting a reset sent to you when you try to connect.
-Make sure that you're using the standard port (443/tcp)
-If you're using a mobile router, make sure that any options that look like "allow VPN pass-thru" are enabled.
If you continue to run into that issue, I'd suggest opening a support case.
-James Carson
WatchGuard Customer Support
I ran into an issue connecting after installing a SOPHOs VPN client. Ended up reinstall the Watchguard SSL VPN client and it started to work again. SOPHOS must have tweaked the TAP client.
Hi @Bill_F
Looking at Sophos' SSLVPN client, theirs appears to be based on OpenVPN (lots of vendors do this for compatibility.) -- Your assessment is likely correct.
I can't speak to Sophos' implementation, but our SSLVPN installer does have an option to not install (and ergo, use the existing installed) TAP driver. Reinstalling our client would have also registered it with the correct one.
If both clients are working, they should be registered with the correct driver they're using.
-James Carson
WatchGuard Customer Support