Mobile VPN with SSL Connection Disconnected
Hello,
I have the T80 Firewall installed, and about 30 users are using Mobile VPN with SSL.
I have 1 user who cannot use VPN on a Microsoft Surface. When connecting, it stops and says Connection Disconnected.
The Log is:
2024-02-02T11:55:20.971 OVPN:>LOG:1706874920,,TLS: Initial packet from [AF_INET] REMOVED IP , sid=98a1a228 54ab9182
2024-02-02T11:55:20.976 OVPN:>LOG:1706874920,W,WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2024-02-02T11:55:21.073 OVPN:>LOG:1706874921,,VERIFY OK: depth=1, O=WatchGuard_Technologies, OU=Fireware, CN=Fireware SSLVPN (SN REMOVED SN 2021-03-13 05:52:22 UTC) CA
2024-02-02T11:55:21.073 OVPN:>LOG:1706874921,,Validating certificate extended key usage
2024-02-02T11:55:21.073 OVPN:>LOG:1706874921,,++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2024-02-02T11:55:21.073 OVPN:>LOG:1706874921,,VERIFY EKU OK
2024-02-02T11:55:21.073 OVPN:>LOG:1706874921,,VERIFY X509NAME OK: O=WatchGuard_Technologies, OU=Fireware, CN=Fireware SSLVPN Server
2024-02-02T11:55:21.073 OVPN:>LOG:1706874921,,VERIFY OK: depth=0, O=WatchGuard_Technologies, OU=Fireware, CN=Fireware SSLVPN Server
2024-02-02T11:55:21.256 OVPN:>LOG:1706874921,,Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-CHACHA20-POLY1305, 2048 bit RSA
2024-02-02T11:55:21.257 OVPN:>LOG:1706874921,I,[Fireware SSLVPN Server] Peer Connection Initiated with [AF_INET REMOVED IP
2024-02-02T11:55:22.476 OVPN:>LOG:1706874922,,MANAGEMENT: >STATE:1706874922,GET_CONFIG,,,,,,
2024-02-02T11:55:22.483 OVPN:>STATE:1706874922,GET_CONFIG,,,,,,
2024-02-02T11:55:22.492 OVPN:>LOG:1706874922,,SENT CONTROL [Fireware SSLVPN Server]: 'PUSH_REQUEST' (status=1)
2024-02-02T11:55:22.552 Connection Closed.
What can I do to solve this problem?
Thank you.
Comments
Hi @Gnitrops
If you post logs on the forums in the future, please ensure you've removed any identifying information like your IP address, or serial number. If you're unsure if there is any sensitive information in your log, please create a support case. I've removed those things from your post.
The logs here aren't really providing a reason. for this disconnection. If this is happening on one specific PC, it's very likely something on that PC that is preventing the connection.
-You are using nonstandard port 4443 for your VPN. Ensure any software firewall(s) on the PC are configured to allow that.
-If this is coming from a user's home, ensure any options on their home router to allow VPN pass-thru are allowed.
-Check your firewall's logs to see if there is any additional information about the connection.
-SSLVPN is built on OpenVPN. Ensure that there is just one TAP adapter in your network devices (Start button -> type in 'ncpa.cpl' and press enter.) If you see more than one TAP adapter, you likely have multiple OpenVPN apps installed. Uninstall what is there, once all of them are gone, reinstall the SSLVPN.
If you're not able to get the VPN working via any of those steps, I'd suggest opening a support case using the support center button at the top right of this page.
-James Carson
WatchGuard Customer Support