VPN just suddenly down
-
@JonathanLee If that's the case, at least it would answer why it was so random and sudden, while I was working, without making any cert changes.
I'll give it a try and report back.
-
I tried renew/reissue in Certificate Authorities for the vpn CA and I renewed the clients certs then picked up the config for each and we're back online.
I didn't expect it to simply disconnect me without any warning but there it is.
Thanks for your help!
-
@lewis said in VPN just suddenly down:
The TLS Error: TLS key negotiation failed to occur within 60 seconds and TLS Error:
TLS handshake failedI will just point out for future reference that that error is not necessarily a certificate problem. It could be, as was seemingly the case here, but all that actually tells you is the the negotiation didn't succeed within the 60s time limit. Usually that's just because the other side didn't respond at all.
-
I looked at the logs too and didn't find anything obvious. I could not find anything else but once I renewed the certs and used the new config files, all went back to normal.
What other reasons might this kind of thing happen? I assume not hacking?
-
@lewis yeah that fixed it!!!
-
@JonathanLee What's an upvote? I gave the person who helped me a thumbs up :)
-
@lewis said in VPN just suddenly down:
I assume not hacking?
Very unlikely. There are any number of reasons it might fail to connect. Including the cert(s) expiring.
More commonly some general connectivity issue would present like that as I said but here you were still able to connect to the firewall webgui outside the VPN so that's unlikely.
If you found a cert that had expired then that was almost certainly the cause.
I only pointed out it might not be that because a lot of users see the 'TLS Error' log and assume a crypto issue of some sort when it isn't. And google's probably going to send them to this thread.
-
@stephenw10 Got it. Thanks for the additional information.
-
@lewis said in VPN just suddenly down:
@JonathanLee What's an upvote? I gave the person who helped me a thumbs up :)
(It is this thumb with a zero it means it is lonely and needs a upvote)
haha
-
