FLEX 700: update to 5.30 and SSL VPN disconnecting problem

pka
pka Posts: 2
in Security
After updating to 5.30, our SSL VPN connections are disconnected if there is no traffic over the VPN tunnel for a couple of minutes.

This means users are disconnected if they do some work outside the VPN tunnel, or take a short break.

The VPN connection stays open fine if we ping a host on the internal network every few seconds so there is traffic over the tunnel.

Has this problem been identified already?  How can we fix this?


«1

All Replies

  • PeterUK
    PeterUK Posts: 3,390  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary

    I think someone else has reported this too and I can confirm on my VPN300 V5.30 that the tunnel disconnects when idle but there is some oddness to it where one interface for a given zone is fine but another is not...

    Just a quick test avoid using zone “LAN” something odd is happening with that I think.


  • Fred_77
    Fred_77 Posts: 120  Ally Member
    5 Answers First Comment Friend Collector Fourth Anniversary
    Hi all

    after fw upgrade to 5.30 on my ATP i found this configuration enabled...



    as Bart Simpson says: "i didn't do it..."


  • Omnia
    Omnia Posts: 51  Ally Member
    First Comment Friend Collector Fifth Anniversary
    @PeterUK have this Active?
  • Omnia
    Omnia Posts: 51  Ally Member
    First Comment Friend Collector Fifth Anniversary
    Fred_77 said:
    Hi all

    after fw upgrade to 5.30 on my ATP i found this configuration enabled...



    as Bart Simpson says: "i didn't do it..."


    I don't have this flag but the problem Is the same, After 1/2 minute the VPN disconnect by yourself 
  • PeterUK
    PeterUK Posts: 3,390  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary
    edited May 2022
    Never had it set here too still with disconnects I try is set to 60 mins and see what that does.
    Edit still disconnects 

    but having the client with a 2mins lease by DHCP  does something but I guess its no better then pinging down the VPN to keep alive 
  • Omnia
    Omnia Posts: 51  Ally Member
    First Comment Friend Collector Fifth Anniversary
    so if from the pc ping the gateway of the SSL VPN the tunnel remains active?
  • Omnia
    Omnia Posts: 51  Ally Member
    First Comment Friend Collector Fifth Anniversary
    I confirm, if I ping the gateway of the VPN (192.168.200.1). the vpn tunnel remains active
  • Omnia
    Omnia Posts: 51  Ally Member
    First Comment Friend Collector Fifth Anniversary
    Omnia said:
    I confirm, if I ping the gateway of the VPN (192.168.200.1). the vpn tunnel remains active
    after 30 minute we close ping, and the vpn tunnel still remain active
  • PeterUK
    PeterUK Posts: 3,390  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary

    With a USG40 on V4.71 the SSL VPN is stable on a given set port so their does seem to be a problem with V5.30.

  • Zyxel_Jeff
    Zyxel_Jeff Posts: 1,230  Zyxel Employee
    100 Answers 500 Comments Friend Collector Fourth Anniversary
    Hi @pka

    What SSL VPN SecuExtender version and OS version you are using? 
    Can you provide the complete Monitor log screenshots of USG Flex 700 (during the SSL VPN connections disconnecting) and SecuExtenderHelper.log(you can find it in this path on your PC C:\SecuExtenderHelper.log) to us?
    Thanks.


    241015_Speak-up,-Win-WiFi-7_Community-CSO-signature_1920x200.jpg

    Share your feedback through our survey, make your voice heard, and win a WiFi 7 AP! https://bit.ly/2024_Survey_Community

Categories

Security Highlight


Read more

Security Help Center

EnglishTiếng ViệtРусскийไทย中文(台灣)