Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
jdoe1979
Contributor

Remote Access VPN stuck on reconnect

 

Running R81.20 (i know, but it's a lab)
When connecting from WAN - RA VPN client connects the first time after adding the site fine. But if I disconnect and try again - stuck like this and fails with Site is not responding

Workaround is to delete the site and add again. Works till first reconnect. 

Connecting and reconnecting from LAN side works just fine.

I've done the whole refresh the cert routine too.

Screenshot 2022-11-22 at 19.52.49.png

 

0 Kudos
6 Replies
PhoneBoy
Admin
Admin

How precisely are you defining the site when you connect the first time?
Note that if you use an FQDN, the IP resolved is cached and stored as part of the site definition.

0 Kudos
jdoe1979
Contributor

just by IP address. no FQDN.

0 Kudos
PhoneBoy
Admin
Admin

0 Kudos
jdoe1979
Contributor

no, after reading the article - I still don't understand what values need to be configured to get this working...
Jeez is that really the only way to fix this in CP world? 

0 Kudos
_Val_
Admin
Admin

Before anything else, does any of this apply to your case? Quoting from the SK @PhoneBoy mentioned:

...IP address is different from the IP address that was originally defined when creating the new VPN site, especially in scenarios where the Security Gateway is behind a NAT device, or when the Security Gateway object is defined with an internal IP address, or a Management IP address that is not reachable from the Internet.

0 Kudos
jdoe1979
Contributor

It got fixed by nuking the old VM and starting over.

0 Kudos