Netextender, can't connect
We recently acquired a TZ 570 firewall for our corporate offices (100-150 users).
Now I'm trying to setup a VPN connection between the FW and our AWS environment in order to monitor several resources. Since I kind of don't like diving into a IPSec VPN, I'm trying to use the NetExtender option, since it seems fairly simple to use. Or so I thought...
Well, I configured it as per the documentation at
but it's not working. There are several things here:
a) When I attempt to connect NetExtender, either from a Linux device or a Windows device (for the sake of checking in both worlds, just in case), I'm automatically logged out from the admin session at the firewall I have in the browser. This really puzzles and annoys me.
b) If I go to https://X.X.X.X:4433 I can log-in with the user credentials (and it asks me to download NetExtender, etc). So it's clear that, up to some point, it works... at least partially.
c) NetExtender from Windows connection log is:
d) NetExtender from Linux connection log is:
# netExtender -u ********* -p ********* -d LocalDomain X.X.X.X:4433 NetExtender for Linux - Version 8.6.799 SonicWall Copyright (c) 2017 SonicWall Connecting to X.X.X.X:4433... ERROR: SSL_connect: Connection reset by peer (104) Retrying... ERROR: SSL_connect: Success (0) Authentication failure: Connection failed. Check log for details. NetExtender connection failed. SSL VPN logging out... ERROR: SSL_connect: Connection reset by peer (104) Retrying... ERROR: SSL_connect: Success (0) Logout command failed SSL VPN connection is terminated. Exiting NetExtender client
Could you share netextender logs and firewall ssl-vpn logs.
your message includes some authantication errors.
It seems SSL Connection is ok.
User authantication has problem.
Well, I added no more logs, because there are no more logs from the client side. Under Linux (the part I'm interested in) the contents of .netExtender.log are, unfortunately, completely useless:
Regarding the firewall-side logs, frankly, firewalls are not my thing and I can't find where should I get those logs from, because maybe there there would be more information.
Sometimes under Linux, the information displayed about the connection attempt is different:
I'm aware of the "error verifing server's certificate" and "X509_V_ERR_INVALID_CA" parts, but I don't know what to do about it, since the FW's documentation states that the self-signed certificate has to work just fine.
Also, with those 2 tries I made to put the information in this post, I was logged-out both times from the admin session via HTTPS the very moment the connection attempt was done.
I have checked your logs. and there is a Authantication error.
could you check authantication systems, settings on sonicwall and sonicwall logs.
Browsing to https://x.x.x.x:4433 and logging-in with the user, works. So it's, effectively, authenticated properly (at least vía http).
Also, as I said in the OP, the setup is done meticulously according to Sonicwall's instructions. I'm not new with systems, just I don't use to deal with firewalls and have never dealt with this one before.
Also, I have trouble both setting up those logs and finding them, since the instructions in Sonicwall's website are for SonicOS 6.5, and this device runs a 7 version.
In Device -> Log -> Settings I have this:
As you can see in the last column, there are events there. But when I click on "View Logs" at the top:
For the last 10 minutes, and I just tried the VPN connection 7 minutes ago with this result:
all I get is:
So.. Where are those events then? More clearly, filtering by category:
Sorry if this looks dumb, I just don't know how this device works, and I've been tasked with making a VPN.
Also, if I try to log-in with a purposely wrong password:
but when done with the right password:
I am stuck with the same issue in my Linux machine and I was wondering when you solved this issue on your end.
I would really appreciate your help on this regard.
Nope, sorry. What I was trying to do, I just tried a different approach.
You should filter as USERS option. and you will see user authantication process logs. please change the log settings to DEBUG mode for a few minutes test it and share us please