Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Where can I get a user cert for my GVC

GrahamHGrahamH Newbie ✭
edited October 1 in VPN Client
Thank you for reading! Maybe you can help me.
I have installed a new godaddy ssl cert on my tz270 and it seems to be working fine when I log into the web managemment page.

I have now assigned the cert to the Wan group vpn because I don't want to use PSKeys anymore.
I exported my new cert "vpn.domain.com" from the tz270 and installed this on the GVC, it appears to install correctly, but when I try connect the gvc it gets stuck on authenticating, so I am assuming that I am generating the user cert from the wrong place
Any help would be appreiciateed.
Category: VPN Client
Reply

Answers

  • GrahamHGrahamH Newbie ✭

    Thanks , I cant figure out how to get the .pfx unfortunately

  • GrahamHGrahamH Newbie ✭

    Sorry i can produce the .pfx file from the certificates on the TZ and I can import it into GVC, that all looks good, when i then try connect the gvc it gets stuck on authenticating.

    See the GVC log Below-

    The connection "vpn.mydomain.ie" has been enabled.

    2021/09/28 17:58:01:186 Information <local host> Restricting first ISAKMP packet size to avoid fragmentation.

    2021/09/28 17:58:01:212 Information xxx.xxx.xxx.xxx Starting ISAKMP phase 1 negotiation.

    2021/09/28 17:58:01:259 Information xxx.xxx.xxx.xxx Starting aggressive mode phase 1 exchange.

    2021/09/28 17:58:01:259 Information xxx.xxx.xxx.xxx NAT Detected: Local host is behind a NAT device.

    2021/09/28 17:58:01:259 Information xxx.xxx.xxx.xxx The SA lifetime for phase 1 is 28800 seconds.

    2021/09/28 17:58:01:259 Information xxx.xxx.xxx.xxx Phase 1 has completed.

    2021/09/28 17:58:07:011 Warning   xxx.xxx.xxx.xxx Received an unencrypted packet but encryption keys have already been established.

    2021/09/28 17:58:07:011 Error    xxx.xxx.xxx.xxx Failed to decrypt buffer.

    2021/09/28 17:58:07:011 Information <local host> An incoming ISAKMP packet from xxx.xxx.xxx.xxx was ignored.

    2021/09/28 17:58:16:001 Warning   xxx.xxx.xxx.xxx Received an unencrypted packet but encryption keys have already been established.

    2021/09/28 17:58:16:003 Error    xxx.xxx.xxx.xxx Failed to decrypt buffer.

    2021/09/28 17:58:16:005 Information <local host> An incoming ISAKMP packet from xxx.xxx.xxx.xxx was ignored.

    2021/09/28 17:58:34:000 Warning   xxx.xxx.xxx.xxx Received an unencrypted packet but encryption keys have already been established.

    2021/09/28 17:58:34:000 Error    xxx.xxx.xxx.xxx Failed to decrypt buffer.

    2021/09/28 17:58:34:000 Information <local host> An incoming ISAKMP packet from xxx.xxx.xxx.xxx was ignored.



    Thanks - Maybe its a Support request?


    Graham

  • TKWITSTKWITS All-Knowing Sage ✭✭✭✭

    What does the log on the firewall show? Does it see the connection attempts?

Sign In or Register to comment.