Frequently encountered problems

Symptom:

The SSL tunnel will not set up and the client’s log file shows the following messages:

Fri Feb 07 16:30:42 2014 TEST ROUTES: 0/0 succeeded len=2 ret=0 a=0 u/d=down

Fri Feb 07 16:30:42 2014 Route: Waiting f or TUN/TAP interface to come up...

Solution:

Open the Windows Network and Sharing Center and click on the menu Change adapter settings. Right-click on the TAP-Windows Adapter interface and select Diagnose.

 

 

Symptom:

The tunnel will not set up and the client displays the message “Unable to connect to UTM: Socket operation timed out”.

Solution:

Check that the IP address specified in the Firewall address field of the Stormshield Network SSL VPN Client is correct.

 

 

Symptom:

The tunnel will not set up and the client displays the message “Unable to connect to UTM: User not allowed”.

Solutions:
  • Check that the login and password specified in the Login and Password fields of the Stormshield Network SSL VPN Client are correct,
  • On the Firewall, check that the user is allowed to set up SSL VPN tunnels (Detailed access tab in the menu Users > Access privileges).

 

 

Symptom:

The SSL tunnel has been set up, but I cannot access an authorized resource (example: could not access an intranet server).

Solutions:
  • On the Firewall:
  • Check that the filter rules indeed allow access to this resource,
  • Check the filter logs in order to determine any possible traffic blocks (menu Logs > Logs > Filter).
  • Check that the requested resource is physically available,
  • Clear the arp cache on the client machine: in console mode, type the command “arp -d *”.

 

 

Symptom:

The SSL tunnel will not set up and the client displays the message: “Error on service connection: Connection refused”.

Solution:

Check that the Stormshield SSL VPN Service has been started. Restart it if necessary.