Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
siskel
Explorer

SSL VPN stopped working all of the sudden

This is my scenario, R81.10 Ongoing take 55, with 3 VSX, 2 of them with SSL VPN.

SSL VPN with SNX were working fine the entire day but suddenly it stopped working on 1 of the VSX, the behaviour is that we log in to the SSL Portal, press connect and it thinks for 2-3 seconds and the shows no errors and the connect button lights up again.

We checked the logs on the client side and see this on the cshell.elg

31/05/2022 23:22:14 INFORMACIÓN [global] (Log log) [Messaging] Sending INIT_DATA message:
31/05/2022 23:22:14 INFORMACIÓN [global] (Log log) [Messaging] Gateway IP: XX.XXX.X.X
31/05/2022 23:22:14 INFORMACIÓN [global] (Log log) [Messaging] Gateway name: XX.XXX.X.X
31/05/2022 23:22:14 INFORMACIÓN [global] (Log log) [Messaging] Gateway port: 443
31/05/2022 23:22:14 INFORMACIÓN [global] (Log log) [Messaging] Proxy IP: 0.0.0.0
31/05/2022 23:22:14 INFORMACIÓN [global] (Log log) [Messaging] Proxy port: 0
31/05/2022 23:22:14 INFORMACIÓN [global] (Log log) [Messaging] Server CN: FW_XXXXX VPN Certificate
31/05/2022 23:22:14 INFORMACIÓN [global] (Log log) [Messaging] User Name: XXXXXX
31/05/2022 23:22:14 INFORMACIÓN [global] (Log log) [Messaging] Server fingerprint: BULB HIND MASK KATE EVIL MIN TOE CRAY BLAT SAYS FRAU FIND
31/05/2022 23:22:14 INFORMACIÓN [global] (Log log) [Messaging] Automatic proxy replacement: true
31/05/2022 23:22:14 INFORMACIÓN [global] (Log log) [Messaging] Sending INIT_DATA_EX message:
31/05/2022 23:22:14 INFORMACIÓN [global] (Log log) [Messaging] Allow only packets from sws: false
31/05/2022 23:22:14 INFORMACIÓN [global] (Log log) [CShell] Initialized successfully
31/05/2022 23:22:14 INFORMACIÓN [CShellHTTPHandler] (CShellHTTPHandler proceedHandleRequest) Method name: get_is_connected
31/05/2022 23:22:14 INFORMACIÓN [CShellHTTPHandler] (CShellHTTPHandler proceedHandleRequest) Method name: get_finished
31/05/2022 23:22:22 INFORMACIÓN [global] (Log log) [Messaging] Received DISCONNECTED message, Error 201: Authentication failed
31/05/2022 23:22:22 INFORMACIÓN [CpComponent] (CpComponent run) Received 'Disconnect' message from SNX:

Have anyone encounter this? I already have a case on the TAC but so far no solution...

0 Kudos
4 Replies
NorthernNetGuy
Advisor

Sorry to revive an old post, did you find out the solution? I have the same issue, pending on TAC.

0 Kudos
Lesley
Leader Leader
Leader

Version and jumbo take on gateway?

-------
If you like this post please give a thumbs up(kudo)! 🙂
0 Kudos
NorthernNetGuy
Advisor

TAC got back to me this morning and had a fix. they needed to modify the vpn general.php, one of the latest jumbofixes caused an issue with the IP and name being sent in the snx params. we changed it to the hardcoded ip of the interface being used instead of the name resolution for the hostname of the firewall.

siskel
Explorer

Actually had to work with the TAC, the issue required to rework the SSL Portal files with post scripts.

Basically we ran:

 

- cd $CVPNDIR/scripts

- Script ./cvpn_post_utility.csh

Since we had VSX we had to do the following

- Copy of the htdocs folder from context 0 to context 5

- Fix permissions on this folder (group owner from users to root)

- Copy the phpincs folder from context 0 to context 5

- Fix permissions on this folder (group owner from users to root)

- Restart the cvpnd daemon

 

Also this got crossed with the issues of the JS throttling for chromium based browsers and for that I needed to apply the patch from this link: https://support.checkpoint.com/results/download/122009 but I believed this was now applied inside a JHF.

 

Hope this helps. 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events