Secure extender VPN dos not work

Options
Fabio
Fabio Posts: 16  Freshman Member
First Anniversary 10 Comments
edited April 2021 in Security
we have 2 Zywall 300 with the vpn, I cannot connect to one of them, from the same pc that connect to the other ( so no pc problem)
The logs shows:
################################################################################################
[ 2018/08/19 11:42:57 ][SecuExtender Agent][DETAIL]  Build Datetime: Dec 22 2016/15:25:36
[ 2018/08/19 11:42:57 ][SecuExtender Agent][DEBUG]   SecuExtender.log: C:\Users\fabio\SecuExtender.log
[ 2018/08/19 11:42:57 ][SecuExtender Agent][DEBUG]   osvi.dwPlatformId = 2, osvi.dwMajorVersion = 6, osvi.dwMinorVersion = 2
[ 2018/08/19 11:42:57 ][SecuExtender Agent][DEBUG]   interface guid: {4B0C5C27-E6A4-4D2D-968B-FEA405DF4152}, idx: 2
[ 2018/08/19 11:42:57 ][SecuExtender Agent][DEBUG]   tBuf : (\DEVICE\TCPIP_{4B0C5C27-E6A4-4D2D-968B-FEA405DF4152})
[ 2018/08/19 11:42:57 ][SecuExtender Agent][DEBUG]   network name got, idx: 8
[ 2018/08/19 11:43:08 ][SecuExtender Agent][DETAIL]  Checking service (first) ...
[ 2018/08/19 11:43:08 ][SecuExtender Agent][DETAIL]  SecuExtender Helper is running
[ 2018/08/19 11:43:08 ][SecuExtender Agent][DETAIL]  Try to connect to SecuExtender Helper
[ 2018/08/19 11:43:08 ][SecuExtender Agent][DETAIL]  SecuExtender Helper is connected
[ 2018/08/19 11:43:08 ][SecuExtender Agent][INFO]    [admin] try to login xxxxxxxxxx:443
[ 2018/08/19 11:43:08 ][SecuExtender Agent][INFO]    Connect to 1113640099:443
[ 2018/08/19 11:43:08 ][SecuExtender Agent][INFO]    Local address is 2887746158
[ 2018/08/19 11:43:08 ][SecuExtender Agent][DEBUG]   Connect success.
[ 2018/08/19 11:43:08 ][SecuExtender Agent][DETAIL]  Handshake LoopCounter: 0
[ 2018/08/19 11:43:08 ][SecuExtender Agent][DETAIL]  808 bytes of handshake data received
[ 2018/08/19 11:43:08 ][SecuExtender Agent][DETAIL]  InitializeSecurityContext returns 0x90312
[ 2018/08/19 11:43:08 ][SecuExtender Agent][DETAIL]  Send 126 bytes of handshake data
[ 2018/08/19 11:43:08 ][SecuExtender Agent][DETAIL]  Handshake LoopCounter: 1
[ 2018/08/19 11:43:08 ][SecuExtender Agent][DETAIL]  274 bytes of handshake data received
[ 2018/08/19 11:43:08 ][SecuExtender Agent][DETAIL]  InitializeSecurityContext returns 0x0
[ 2018/08/19 11:43:08 ][SecuExtender Agent][DETAIL]  SSL Handshake is successful
[ 2018/08/19 11:43:08 ][SecuExtender Agent][DETAIL]  STREAM_SIZE: Header: 13 Trailer: 16, MaxMessage: 16384
[ 2018/08/19 11:43:08 ][SecuExtender Agent][DETAIL]  Protocol: TLS1.2
[ 2018/08/19 11:43:08 ][SecuExtender Agent][DETAIL]  Cipher: AES256
[ 2018/08/19 11:43:08 ][SecuExtender Agent][DETAIL]  Cipher strength: 256
[ 2018/08/19 11:43:08 ][SecuExtender Agent][DETAIL]  Hash: SHA384
[ 2018/08/19 11:43:08 ][SecuExtender Agent][DETAIL]  Hash strength: 0
[ 2018/08/19 11:43:08 ][SecuExtender Agent][DETAIL]  Key exchange: 0xae06
[ 2018/08/19 11:43:08 ][SecuExtender Agent][DETAIL]  Key exchange strength: 256
[ 2018/08/19 11:43:08 ][SecuExtender Agent][INFO]    Server subject: CN=zw310_4C9EFF6D15C1
[ 2018/08/19 11:43:08 ][SecuExtender Agent][INFO]    Server issuer: CN=zw310_4C9EFF6D15C1
[ 2018/08/19 11:43:08 ][SecuExtender Agent][ERROR]   **** Error 0x800b0109 authenticating server credentials! (0x0)
[ 2018/08/19 11:43:09 ][SecuExtender Agent][DETAIL]  SSL session is created
[ 2018/08/19 11:43:27 ][SecuExtender Agent][DEBUG]   SSL Connection is going to be closed
[ 2018/08/19 11:43:27 ][SecuExtender Agent][INFO]    user login device success
[ 2018/08/19 11:43:27 ][SecuExtender Agent][INFO]    Creating secure tunnel to external.etere.com:443
[ 2018/08/19 11:43:27 ][SecuExtender Agent][INFO]    Connect to 1113640099:443
[ 2018/08/19 11:43:27 ][SecuExtender Agent][INFO]    Local address is 2887746158
[ 2018/08/19 11:43:27 ][SecuExtender Agent][DEBUG]   Connect success.
[ 2018/08/19 11:43:27 ][SecuExtender Agent][DETAIL]  Handshake LoopCounter: 0
[ 2018/08/19 11:43:27 ][SecuExtender Agent][DETAIL]  808 bytes of handshake data received
[ 2018/08/19 11:43:27 ][SecuExtender Agent][DETAIL]  InitializeSecurityContext returns 0x90312
[ 2018/08/19 11:43:27 ][SecuExtender Agent][DETAIL]  Send 126 bytes of handshake data
[ 2018/08/19 11:43:27 ][SecuExtender Agent][DETAIL]  Handshake LoopCounter: 1
[ 2018/08/19 11:43:27 ][SecuExtender Agent][DETAIL]  274 bytes of handshake data received
[ 2018/08/19 11:43:27 ][SecuExtender Agent][DETAIL]  InitializeSecurityContext returns 0x0
[ 2018/08/19 11:43:27 ][SecuExtender Agent][DETAIL]  SSL Handshake is successful
[ 2018/08/19 11:43:27 ][SecuExtender Agent][DETAIL]  STREAM_SIZE: Header: 13 Trailer: 16, MaxMessage: 16384
[ 2018/08/19 11:43:27 ][SecuExtender Agent][DETAIL]  Secure session is created
[ 2018/08/19 11:43:27 ][SecuExtender Agent][DETAIL]  Secure session negotiation begin
[ 2018/08/19 11:43:37 ][SecuExtender Agent][ERROR]   timeout (0x0)
[ 2018/08/19 11:43:37 ][SecuExtender Agent][ERROR]   Failed to create security tunnel (0x0)
[ 2018/08/19 11:43:37 ][SecuExtender Agent][DEBUG]   SSL Connection is going to be closed
[ 2018/08/19 11:43:37 ][SecuExtender Agent][INFO]    Connect to 1113640099:443
[ 2018/08/19 11:43:37 ][SecuExtender Agent][INFO]    Local address is 2887746158
[ 2018/08/19 11:43:37 ][SecuExtender Agent][DEBUG]   Connect success.
[ 2018/08/19 11:43:37 ][SecuExtender Agent][DETAIL]  Handshake LoopCounter: 0
[ 2018/08/19 11:43:37 ][SecuExtender Agent][DETAIL]  808 bytes of handshake data received
[ 2018/08/19 11:43:37 ][SecuExtender Agent][DETAIL]  InitializeSecurityContext returns 0x90312
[ 2018/08/19 11:43:37 ][SecuExtender Agent][DETAIL]  Send 126 bytes of handshake data
[ 2018/08/19 11:43:37 ][SecuExtender Agent][DETAIL]  Handshake LoopCounter: 1
[ 2018/08/19 11:43:37 ][SecuExtender Agent][DETAIL]  274 bytes of handshake data received
[ 2018/08/19 11:43:37 ][SecuExtender Agent][DETAIL]  InitializeSecurityContext returns 0x0
[ 2018/08/19 11:43:37 ][SecuExtender Agent][DETAIL]  SSL Handshake is successful
[ 2018/08/19 11:43:37 ][SecuExtender Agent][DETAIL]  STREAM_SIZE: Header: 13 Trailer: 16, MaxMessage: 16384
[ 2018/08/19 11:43:37 ][SecuExtender Agent][INFO]    logout message has sent
[ 2018/08/19 11:43:37 ][SecuExtender Agent][DEBUG]   SSL Connection is going to be closed
[ 2018/08/19 11:43:37 ][SecuExtender Agent][DETAIL]  Connection ends.

All Replies

  • Zyxel_Stanley
    Zyxel_Stanley Posts: 1,366  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Options

    Hi @Fabio

    The log that you provided to us:

    [ 2018/08/19 11:43:27 ][SecuExtender Agent][DETAIL]  Secure session negotiation begin
    [ 2018/08/19 11:43:37 ][SecuExtender Agent][ERROR]   timeout (0x0)
    [ 2018/08/19 11:43:37 ][SecuExtender Agent][ERROR]   Failed to create security tunnel (0x0)

     

    According this log is coming from the SSL VPN process without response. So leads VPN tunnel is unable establishing successfully.

    Does this symptom still exist after reboot this device?

  • Fabio
    Fabio Posts: 16  Freshman Member
    First Anniversary 10 Comments
    Options
    yes I already reboot  but no changes

  • Zyxel_Stanley
    Zyxel_Stanley Posts: 1,366  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Options
    Hi @Fabio
    I have send you private message for check this issue more detail.
  • Fabio
    Fabio Posts: 16  Freshman Member
    First Anniversary 10 Comments
    Options
    It seems it does not work, i try several time but with the same result.
    what i notice tht access Zywall on the public address is very slow ( it is connected to 1GB line) 
    when everything works the access of console was  very fast as it must be.

  • Zyxel_Stanley
    Zyxel_Stanley Posts: 1,366  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Options

    Hi Fabio 

    As our discussion by private message.

    The reason of this issue is because you are using admin type user to login to SSL VPN.

    But admin type user is not allowed in SSL VPN.


Categories

Security Highlight


Read more

Security Help Center

EnglishTiếng ViệtРусскийไทย中文(台灣)