VPN via MacOSX Secu extender
I got 2 external offices to which id like to use User VPN-Access through Secuexteneder.
Im using this allready for the Office #1 (USG 110 V4.33(AAAA.0) )
And this is working without any problems.
Now i added the Office #2 (USG40 V4.35(AALA.0) )
to my Secu extender and i copied the Settings form above USG 110.
Now the Problem is: the 2nd Connection (to USG 40) never gets past the token request.
Im allways gettin:
2019-11-05 16:16:21: SSL handshake failed: Error Domain=NSOSStatusErrorDomain Code=-9806 "errSSLClosedAbort: connection closed via error "
Here the 2 logs from secu exetender:
Working from unupdated USG 110:
2019-11-05 16:15:48: Viscosity Mac 1.1.9 (1293)
2019-11-05 16:15:48: Viscosity ZyXEL SSL Engine Started
2019-11-05 16:15:48: Running on Mac OS X 10.15.1
2019-11-05 16:15:48: ---------
2019-11-05 16:15:48: State changed to Connecting
2019-11-05 16:15:48: Checking reachability status of connection...
2019-11-05 16:15:48: Connection is reachable. Starting connection attempt.
2019-11-05 16:15:48: Attempting to resolve server address xxx.xx.xxx.xxx:443
2019-11-05 16:15:48: Server address resolved to IPv4 address xxx.xx.xxx.xxx:443
2019-11-05 16:15:48: Requesting authentication token from client
2019-11-05 16:15:48: No authentication token present, requesting authentication details
2019-11-05 16:15:48: Requesting authentication token from server
2019-11-05 16:15:48: Requesting token from xxx.xx.xxx.xxx
2019-11-05 16:15:48: Attempting to establish a connection to the remote server xxx.xx.xxx.xxx:443
2019-11-05 16:15:48: Waiting for reply from remote authentication server
2019-11-05 16:15:50: Authentication token present
2019-11-05 16:15:50: Starting connection negotiation with server
2019-11-05 16:15:50: Attempting to establish a connection to the remote server xxx.xx.xxx.xxx:443
2019-11-05 16:15:50: Setting socket flag: TCP_NODELAY
2019-11-05 16:15:50: Remote connection established xxx.xx.xxx.xxx:443
2019-11-05 16:15:50: Starting SSL/TLS negotiation
2019-11-05 16:15:50: Cipher: TLSv1.2, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
2019-11-05 16:15:50: Requesting configuration
2019-11-05 16:15:50: Connection negotiation completed
2019-11-05 16:15:50: Local IPv4 Address: 192.168.2.2
2019-11-05 16:15:50: Local IPv4 Mask: 255.255.255.0
2019-11-05 16:15:50: Server IPv4 Address: 192.168.200.1
2019-11-05 16:15:50: DNS Server sent by server: 192.168.200.1
2019-11-05 16:15:50: Bringing up VPN interface
2019-11-05 16:15:51: Interface up
2019-11-05 16:15:51: VPN Interface: utun10
2019-11-05 16:15:51: DNS mode set to Full
2019-11-05 16:15:51: State changed to Connected
2019-11-05 16:15:59: State changed to Disconnecting
2019-11-05 16:15:59: Logging out from xxx.xx.xxx.xxx
2019-11-05 16:15:59: Attempting to establish a connection to the remote server xxx.xx.xxx.xxx:443
2019-11-05 16:16:01: VPN connection disconnected
2019-11-05 16:16:01: State changed to Disconnected
The Log from the USG 40 (updated latest release)
2019-11-05 16:16:05: Viscosity Mac 1.1.9 (1293)
2019-11-05 16:16:05: Viscosity ZyXEL SSL Engine Started
2019-11-05 16:16:05: Running on Mac OS X 10.15.1
2019-11-05 16:16:05: ---------
2019-11-05 16:16:05: State changed to Connecting
2019-11-05 16:16:05: Checking reachability status of connection...
2019-11-05 16:16:05: Connection is reachable. Starting connection attempt.
2019-11-05 16:16:05: Attempting to resolve server address xxx.xx.xxx.xxx:443
2019-11-05 16:16:05: Server address resolved to IPv4 address xxx.xx.xxx.xxx
2019-11-05 16:16:05: Requesting authentication token from client
2019-11-05 16:16:05: No authentication token present, requesting authentication details
2019-11-05 16:16:11: Requesting authentication token from server
2019-11-05 16:16:11: Requesting token fromxxx.xx.xxx.xxx:443
2019-11-05 16:16:11: Attempting to establish a connection to the remote server xxx.xx.xxx.xxx:443
2019-11-05 16:16:21: SSL handshake failed: Error Domain=NSOSStatusErrorDomain Code=-9806 "errSSLClosedAbort: connection closed via error "
2019-11-05 16:16:21: Sending login details to the remote authentication server failed
2019-11-05 16:16:21: Authentication attempt aborted
2019-11-05 16:16:21: State changed to Disconnected
Am i missing something?
Could it be the new Version that is broken?
Any help would be highly appreciated.
cheers Sagemal
All Replies
-
Hi @Sagemal,
Mac OS 10.15 with Mac SecuExtender 1.1.9 is able to build SSL VPN to USG40 with firmware 4.35(AALA.0) successfully in our lab.
We need the configuration file of your USG40 to check the symptom. I'll contacted you in private message for more information.
0
Zyxel Employee
Categories
- All Categories
- 383 Beta Program
- 2.1K Nebula
- 116 Nebula Ideas
- 80 Nebula Status and Incidents
- 5.1K Security
- 75 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 69 Switch Ideas
- 907 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 209 Service & License
- 335 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 1.9K FAQ
- 889 Nebula FAQ
- 415 Security FAQ
- 232 Switch FAQ
- 203 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 137 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 73 About Community
- 62 Security Highlight
