SSL VPN authentication failure

Security Gateway Discussions
Post Reply
wally76
Posts: 40
Joined: 21 Jul 2010, 10:49

SSL VPN authentication failure

Post by wally76 » 20 Jun 2011, 12:13

Hi guys,
I cannot set up an SSL vpn because of authentication failure on the web page. The SG is behind a router which makes NAT tasks and I can browse the authentication page, but when I try to log in I get the message "wrong username or password". Here follows my configuration:

Remote Management:
- http/https on port TCP 81/444

SSL VPN Interface:
- Name: SSLserver
- Inner IP: 192.168.59.1
- Outer Interface: VLAN 467
- Server IP: 172.22.1.27 (shared IP of the VLAN 467 if)
- Server Port: 443
- IP Pool: 192.168.59.2-192.168.59.254
- Proxy ARP Interfaces: VLAN 467

User Authentication Rules:
- Authentication Agent: L2TP/PPTP/SSLVPN
- Authentication Source: Local (created a new local DB)
- Interface: SSLserver
- Originator IP: all-nets
- Terminator IP: 172.22.1.27
- Local User DB: mySSLdatabase
- Agent Options: PAP, CHAP, MS-CHAP, MS-CHAPv2

IP Rules:
- Action=allow , service=ping-outbound , srcif=SSLserver , srcip=192.168.59.0/24 , destif=core , destip=192.168.59.1

IP Access:
- Action=expect , if=SSLserver , network=192.168.59.0/24

There is another user authentication rules, which is an HTTPS type, used for other purposes (other source/destination interfaces involved).

oschmidt
Posts: 3
Joined: 11 May 2010, 17:28
Location: north germany

Re: SSL VPN authentication failure

Post by oschmidt » 27 Jul 2011, 11:54

Hi,

take a look at the manual for SSL VPN;

Page 531: In the current CorePlus version, the outer interface cannot be a VLAN interface.

greetings Oli

Post Reply