Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
RichUK
Contributor
Jump to solution

SSL VPN Native Apps Disconnections

Hi all,

We use the SNX SSL VPN portal with Native Apps for our 3rd party support to access servers they support. Since the upgrade to R81.10 back in November, we are constantly having reports of the RDP session disconnecting. I have spent many hours trying to reproduce the issue, but every time I connected to the same server as someone with disconnection issues my RDP session was stable, until today.

Remote viewing via Teams, I could see a 3rd party being disconnected every 20 / 30 seconds. I asked him to load task manager and to resize the RDP session so I could keep an eye on task manager. After 5 minutes it hadn't disconnected, so I asked him to maximum the RDP to full screen and within 20 seconds the connected had dropped.

I can now reproduce the disconnection on my own equipment by running RDP in full screen. Something I didn't do before as I was always running Wireshark, etc.

After the connection drops in full screen, there is a error in the Application event log.

event.log.jpg

I also get the following error in cshell.elg on the client

16/02/2022 14:33:45 CONFIG [TunnelChecker] (TunnelChecker$DisconnectChecker run) Existed tunnel is valid. Internal Activities: 0.
16/02/2022 14:33:50 CONFIG [TunnelChecker] (TunnelChecker$DisconnectChecker run) Existed tunnel is valid. Internal Activities: 0.
16/02/2022 14:33:55 CONFIG [TunnelChecker] (TunnelChecker$DisconnectChecker run) Existed tunnel is valid. Internal Activities: 0.
16/02/2022 14:34:00 CONFIG [TunnelChecker] (TunnelChecker$DisconnectChecker run) Existed tunnel is valid. Internal Activities: 0.
16/02/2022 14:34:05 CONFIG [TunnelChecker] (TunnelChecker$DisconnectChecker run) Existed tunnel is valid. Internal Activities: 0.
16/02/2022 14:34:10 CONFIG [TunnelChecker] (TunnelChecker$DisconnectChecker run) Existed tunnel is valid. Internal Activities: 0.
16/02/2022 14:34:15 INFO [TunnelChecker] (TunnelChecker$DisconnectChecker run) Reached tunnel connection timeout. Disconnecting...
16/02/2022 14:34:15 INFO [global] (Log log) [Director] Disconnecting the component.
16/02/2022 14:34:15 INFO [global] (Log log) [Messaging] Sending DISCONNECT message
16/02/2022 14:34:15 SEVERE [CpComponent] (CpComponent run) Failed to get response from SNX.
java.net.SocketException: Socket closed
at java.base/sun.nio.ch.NioSocketImpl.endRead(NioSocketImpl.java:248)
at java.base/sun.nio.ch.NioSocketImpl.implRead(NioSocketImpl.java:327)
at java.base/sun.nio.ch.NioSocketImpl.read(NioSocketImpl.java:350)
at java.base/sun.nio.ch.NioSocketImpl$1.read(NioSocketImpl.java:803)
at java.base/java.net.Socket$SocketInputStream.read(Socket.java:981)
at java.base/java.io.BufferedInputStream.fill(BufferedInputStream.java:244)
at java.base/java.io.BufferedInputStream.read(BufferedInputStream.java:263)
at java.base/java.io.DataInputStream.readUnsignedByte(DataInputStream.java:292)
at PaddedReader.readInt(PaddedReader.java:52)
at PipeMessage.readMessage(PipeMessage.java:44)
at CpComponent.run(CpComponent.java:208)
at java.base/java.lang.Thread.run(Thread.java:832)

16/02/2022 14:34:15 INFO [TunnelChecker] (TunnelChecker$StopChecker run) Disconnect checker process has been stopped.
16/02/2022 14:34:21 INFO [CShellHTTPHandler] (CShellHTTPHandler proceedHandleRequest) Method name: Uninitialize
16/02/2022 14:34:21 WARNING [TunnelChecker] (TunnelChecker disconnectTunnel) Can't disconnect tunnel, client director is not defined.
16/02/2022 14:34:21 WARNING [TunnelChecker] (TunnelChecker stop) Can't stop disconnect checker, processed handle is not defined.

 

STALog.txt

17896 16752][16 Feb 14:35:21][apijack] apijack_GetProcAddress: Check for notify procaddr
[ 17896 16752][16 Feb 14:35:21][apijack] apijack_GetProcAddress: return address: 352bafd0
[ 17896 16752][16 Feb 14:35:21][apijack] apijack_GetProcAddress: Called - new ver
[ 17896 16752][16 Feb 14:35:21][apijack] apijack_GetProcAddress: modname=C:\WINDOWS\SYSTEM32\ntdll.dll, pszProcName=34869ce8
[ 17896 16752][16 Feb 14:35:21][apijack] apijack_GetProcAddress: Load by name NtQueryWnfStateData
[ 17896 16752][16 Feb 14:35:21][apijack] apijack_GetProcAddress: Go get hook
[ 17896 16752][16 Feb 14:35:21][apijack] apijack_GetProcAddress: Check for notify procaddr
[ 17896 16752][16 Feb 14:35:21][apijack] apijack_GetProcAddress: return address: 35306470
[ 17896 16752][16 Feb 14:35:21][sta] DLLMain: started !!!
[ 17896 16752][16 Feb 14:35:21][sta] DllMain has been called during process termination
[ 8892 7688][16 Feb 14:35:21][sta] WaitForStaProcess: process ended
[ 8892 7688][16 Feb 14:35:21][STAPipeClient] PipeClient::DoPipeQuery: Entered. msgID==2
[ 8892 7688][16 Feb 14:35:21][STAPipeClient] PipeClient::FillRequest: Entered
[ 8892 7688][16 Feb 14:35:21][STAPipeClient] Request structure:
[2],[len=4]:

[ 8892 7688][16 Feb 14:35:21][STAPipeClient] Initial answer structure:
[3],[len=8]:

[ 8892 7688][16 Feb 14:35:21][STAPipeClient] WriteFile failed (cbWritten==0). rqstMsg.msgData:[2]
[ 8892 7688][16 Feb 14:35:21][STAPipeClient] PipeClient::PipeServerCommunicationFailure: Entered
[ 8892 7688][16 Feb 14:35:21][STAPipeClient] PipeClient::RconnectPipeClient: Entered
[ 8892 7688][16 Feb 14:35:21][STAPipeClient] PipeClient::DestroyPipeClient: Entered
[ 8892 7688][16 Feb 14:35:21][STAPipeClient] PipeClient::DestroyPipeClient: hPipe == INVALID_HANDLE_VALUE
[ 8892 7688][16 Feb 14:35:21][STAPipeClient] PipeClient::CreatePipeClient: Entered
[ 8892 7688][16 Feb 14:35:21][STAPipeClient] PipeClient::CreatePipeClient: Could not open pipe: The system cannot find the file specified.
[ 8892 12808][16 Feb 14:35:21][apijack] apijack_fini_process_cxt: finalized process context
[ 8892 12808][16 Feb 14:35:21][sta] DLLMain: started !!!
[ 8892 12808][16 Feb 14:35:21][sta] DllMain has been called by using FreeLibrary

 

Thanks

Rich

0 Kudos
(1)
2 Solutions

Accepted Solutions
Alexander_Konon
Contributor

Hello. I'm also have the same problem.

R81 without updates. This problem persist in any browsers except IE.

Installing take 65 doesn't solve.

My SR 6-0003271671.

View solution in original post

rafjustino
Explorer

Hello, i have the same issue.

I installed the version 81.10 yesterday, and the users, when connect to the VPN, they have same problem, 20 sec the connection down.

I update de the VPN gateway: Jumbo take 94. Problem, persist.

View solution in original post

0 Kudos
8 Replies
PhoneBoy
Admin
Admin

Have you opened a TAC case?

0 Kudos
RichUK
Contributor

Yes, they have pointed me towards sk173765 and are going to sort out a hotfix.

The workaround is to either use Internet Explorer 11, which is not possible as some of our suppliers are already using Windows 11, or to change the behaviour of the website to not allow multiple portal browser tabs. 

0 Kudos
Alexander_Konon
Contributor

Hello. I'm also have the same problem.

R81 without updates. This problem persist in any browsers except IE.

Installing take 65 doesn't solve.

My SR 6-0003271671.

rafjustino
Explorer

Hello, i have the same issue.

I installed the version 81.10 yesterday, and the users, when connect to the VPN, they have same problem, 20 sec the connection down.

I update de the VPN gateway: Jumbo take 94. Problem, persist.

0 Kudos
Timothy_Hall
Legend Legend
Legend

The default login time out is usually 20 seconds for the VPN client, and if it doesn't complete in time you will see that behavior.  Do you have "Support connectivity enhancement for gateways with multiple external interfaces" set for Office Mode? See: sk97688: Endpoint connect disconnects after 20 seconds the first time it connects when SecureXL is e...

Gateway Performance Optimization R81.20 Course
now available at maxpowerfirewalls.com
(1)
rafjustino
Explorer

Updating

I updated the VPN gateway again, to version 81.10, installed jumbo hotfix 110.
The problem remains, when users connect to the VPN via mobile access, the connection is successful and they remain connected, but when they open the available application, which is RDP, the connection drops after a few seconds.

The TAC has already been opened, awaiting a response

0 Kudos
RichGrant
Participant

Have you reinstalled the same hotfix. It is still required even after an upgrade.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events