ssl vpn problem with usg flex 50W (ex USG20W-VPN)

supportpc

Hello everyone,
I have a problem connecting my Windows 11 pro computer to SSL VPN with ZywallSecuExtender 4.0.5.0.
the VPN connects, receives an IP and disconnects directly.

Here the user SecuExtender.log :

[ 2024/09/20 21:41:56 ][SecuExtender Agent][DETAIL] Checking service (first) ...
[ 2024/09/20 21:41:56 ][SecuExtender Agent][DETAIL] SecuExtender Helper is running
[ 2024/09/20 21:41:56 ][SecuExtender Agent][DETAIL] Try to connect to SecuExtender Helper
[ 2024/09/20 21:41:56 ][SecuExtender Agent][DETAIL] SecuExtender Helper is connected
[ 2024/09/20 21:41:56 ][SecuExtender Agent][INFO] [test] try to login gwhome.supportpc.intra:1443
[ 2024/09/20 21:41:56 ][SecuExtender Agent][INFO] Connect to 1837482520:1443
[ 2024/09/20 21:41:56 ][SecuExtender Agent][INFO] Local address is 3232246532
[ 2024/09/20 21:41:56 ][SecuExtender Agent][DEBUG] Connect success.
[ 2024/09/20 21:41:56 ][SecuExtender Agent][DETAIL] Handshake LoopCounter: 0
[ 2024/09/20 21:41:56 ][SecuExtender Agent][DETAIL] 2678 bytes of handshake data received
[ 2024/09/20 21:41:56 ][SecuExtender Agent][DETAIL] InitializeSecurityContext returns 0x90312
[ 2024/09/20 21:41:56 ][SecuExtender Agent][DETAIL] Handshake LoopCounter: 1
[ 2024/09/20 21:41:56 ][SecuExtender Agent][DETAIL] InitializeSecurityContext returns 0x80090318
[ 2024/09/20 21:41:56 ][SecuExtender Agent][DETAIL] Handshake LoopCounter: 2
[ 2024/09/20 21:41:56 ][SecuExtender Agent][DETAIL] 968 bytes of handshake data received
[ 2024/09/20 21:41:56 ][SecuExtender Agent][DETAIL] InitializeSecurityContext returns 0x90312
[ 2024/09/20 21:41:56 ][SecuExtender Agent][DETAIL] Send 93 bytes of handshake data
[ 2024/09/20 21:41:56 ][SecuExtender Agent][DETAIL] Handshake LoopCounter: 3
[ 2024/09/20 21:41:56 ][SecuExtender Agent][DETAIL] 51 bytes of handshake data received
[ 2024/09/20 21:41:56 ][SecuExtender Agent][DETAIL] InitializeSecurityContext returns 0x0
[ 2024/09/20 21:41:56 ][SecuExtender Agent][DETAIL] SSL Handshake is successful
[ 2024/09/20 21:41:56 ][SecuExtender Agent][DETAIL] STREAM_SIZE: Header: 13 Trailer: 16, MaxMessage: 16384
[ 2024/09/20 21:41:56 ][SecuExtender Agent][DETAIL] Protocol: TLS1.2
[ 2024/09/20 21:41:56 ][SecuExtender Agent][DETAIL] Cipher: AES256
[ 2024/09/20 21:41:56 ][SecuExtender Agent][DETAIL] Cipher strength: 256
[ 2024/09/20 21:41:56 ][SecuExtender Agent][DETAIL] Hash: SHA384
[ 2024/09/20 21:41:56 ][SecuExtender Agent][DETAIL] Hash strength: 0
[ 2024/09/20 21:41:56 ][SecuExtender Agent][DETAIL] Key exchange: 0xae06
[ 2024/09/20 21:41:56 ][SecuExtender Agent][DETAIL] Key exchange strength: 255
[ 2024/09/20 21:41:56 ][SecuExtender Agent][INFO] Server subject: C=BE, S=Hainaut, L=Morlanwelz, O=SUPPORT PC, OU=IT, CN=gwhome.supportpc.intra
[ 2024/09/20 21:41:56 ][SecuExtender Agent][INFO] Server issuer: DC=intra, DC=supportpc, CN=supportpc-CA
[ 2024/09/20 21:41:56 ][SecuExtender Agent][INFO] CA subject: DC=intra, DC=supportpc, CN=supportpc-CA
[ 2024/09/20 21:41:56 ][SecuExtender Agent][INFO] CA issuer: DC=intra, DC=supportpc, CN=supportpc-CA
[ 2024/09/20 21:41:56 ][SecuExtender Agent][DETAIL] SSL session is created
[ 2024/09/20 21:41:57 ][SecuExtender Agent][DEBUG] SSL Connection is going to be closed
[ 2024/09/20 21:41:57 ][SecuExtender Agent][INFO] user login device success
[ 2024/09/20 21:41:57 ][SecuExtender Agent][INFO] Creating secure tunnel to gwhome.supportpc.intra:1443
[ 2024/09/20 21:41:57 ][SecuExtender Agent][INFO] Connect to 1837482520:1443
[ 2024/09/20 21:41:57 ][SecuExtender Agent][INFO] Local address is 3232246532
[ 2024/09/20 21:41:57 ][SecuExtender Agent][DEBUG] Connect success.
[ 2024/09/20 21:41:57 ][SecuExtender Agent][DETAIL] Handshake LoopCounter: 0
[ 2024/09/20 21:41:57 ][SecuExtender Agent][DETAIL] 1339 bytes of handshake data received
[ 2024/09/20 21:41:57 ][SecuExtender Agent][DETAIL] InitializeSecurityContext returns 0x90312
[ 2024/09/20 21:41:57 ][SecuExtender Agent][DETAIL] Handshake LoopCounter: 1
[ 2024/09/20 21:41:57 ][SecuExtender Agent][DETAIL] InitializeSecurityContext returns 0x80090318
[ 2024/09/20 21:41:57 ][SecuExtender Agent][DETAIL] Handshake LoopCounter: 2
[ 2024/09/20 21:41:57 ][SecuExtender Agent][DETAIL] 2307 bytes of handshake data received
[ 2024/09/20 21:41:57 ][SecuExtender Agent][DETAIL] InitializeSecurityContext returns 0x90312
[ 2024/09/20 21:41:57 ][SecuExtender Agent][DETAIL] Send 93 bytes of handshake data
[ 2024/09/20 21:41:57 ][SecuExtender Agent][DETAIL] Handshake LoopCounter: 3
[ 2024/09/20 21:41:57 ][SecuExtender Agent][DETAIL] 51 bytes of handshake data received
[ 2024/09/20 21:41:57 ][SecuExtender Agent][DETAIL] InitializeSecurityContext returns 0x0
[ 2024/09/20 21:41:57 ][SecuExtender Agent][DETAIL] SSL Handshake is successful
[ 2024/09/20 21:41:57 ][SecuExtender Agent][DETAIL] STREAM_SIZE: Header: 13 Trailer: 16, MaxMessage: 16384
[ 2024/09/20 21:41:57 ][SecuExtender Agent][DETAIL] Secure session is created
[ 2024/09/20 21:41:57 ][SecuExtender Agent][DETAIL] Secure session negotiation begin
[ 2024/09/20 21:41:57 ][SecuExtender Agent][DETAIL] stage 1...done
[ 2024/09/20 21:41:57 ][SecuExtender Agent][DETAIL] stage 2...done
[ 2024/09/20 21:41:57 ][SecuExtender Agent][DETAIL] stage 3...done
[ 2024/09/20 21:41:57 ][SecuExtender Agent][DETAIL] stage 4...done
[ 2024/09/20 21:41:57 ][SecuExtender Agent][DETAIL] Secure session negotiation end
[ 2024/09/20 21:41:57 ][SecuExtender Agent][DETAIL] Bring up virtual interface...
[ 2024/09/20 21:41:57 ][SecuExtender Agent][DEBUG] XML configuration is: <configuration><node><ip>192.168.200.11</ip><mask>255.255.255.255</mask><localip>192.168.200.1</localip></node><dns>10.200.2.151</dns><dns>10.200.2.152</dns><wins>0.0.0.0</wins><wins>0.0.0.0</wins><area><ip>0.0.0.0</ip><mask>0.0.0.0</mask></area></configuration>
[ 2024/09/20 21:41:57 ][SecuExtender Agent][DEBUG] nodeip 192.168.200.11
[ 2024/09/20 21:41:57 ][SecuExtender Agent][DEBUG] netmask 255.255.255.255
[ 2024/09/20 21:41:57 ][SecuExtender Agent][DEBUG] localip 192.168.200.1
[ 2024/09/20 21:41:57 ][SecuExtender Agent][DEBUG] wins0 0.0.0.0
[ 2024/09/20 21:41:57 ][SecuExtender Agent][DEBUG] wins1 0.0.0.0
[ 2024/09/20 21:41:57 ][SecuExtender Agent][DEBUG] dns1 10.200.2.151
[ 2024/09/20 21:41:57 ][SecuExtender Agent][DEBUG] dns2 10.200.2.152
[ 2024/09/20 21:41:57 ][SecuExtender Agent][DEBUG] area 0 ip 0.0.0.0
[ 2024/09/20 21:41:57 ][SecuExtender Agent][DEBUG] areamask 0.0.0.0
[ 2024/09/20 21:41:57 ][SecuExtender Agent][DETAIL] Successfully retrieve network configuration.
[ 2024/09/20 21:41:57 ][SecuExtender Agent][INFO] ConfigSet.nodeip = 192.168.200.11
[ 2024/09/20 21:41:57 ][SecuExtender Agent][INFO] ConfigSet.localip = 192.168.200.1
[ 2024/09/20 21:41:57 ][SecuExtender Agent][INFO] ConfigSet.netmask = 255.255.255.255
[ 2024/09/20 21:41:57 ][SecuExtender Agent][DEBUG] Virtual network interface: \.\Global{D290D4DF-2451-492B-B60E-560873C7169D}.tap
[ 2024/09/20 21:41:57 ][SecuExtender Agent][DEBUG] TAP-Windows Driver Version 9.9
[ 2024/09/20 21:41:57 ][SecuExtender Agent][DEBUG] TAP-Windows MTU = 1370
[ 2024/09/20 21:41:57 ][SecuExtender Agent][INFO] security tunnel is created!
[ 2024/09/20 21:41:57 ][SecuExtender Agent][DEBUG] Entering main loop
[ 2024/09/20 21:41:57 ][SecuExtender Agent][INFO] GetOverlappedResult success, agentState.aState = 2, agentState.aError = 0, dwReadBytes = 8
[ 2024/09/20 21:41:59 ][SecuExtender Agent][INFO] GetOverlappedResult success, agentState.aState = 3, agentState.aError = 0, dwReadBytes = 8
[ 2024/09/20 21:41:59 ][SecuExtender Agent][ERROR] Connection to ZyWALL is going to be shut down. (0x0)
[ 2024/09/20 21:41:59 ][SecuExtender Agent][DEBUG] SSL Connection is going to be closed
[ 2024/09/20 21:41:59 ][SecuExtender Agent][INFO] Connect to 1837482520:1443
[ 2024/09/20 21:41:59 ][SecuExtender Agent][INFO] Local address is 3232246532
[ 2024/09/20 21:41:59 ][SecuExtender Agent][DEBUG] Connect success.
[ 2024/09/20 21:41:59 ][SecuExtender Agent][DETAIL] Handshake LoopCounter: 0
[ 2024/09/20 21:41:59 ][SecuExtender Agent][DETAIL] 1339 bytes of handshake data received
[ 2024/09/20 21:41:59 ][SecuExtender Agent][DETAIL] InitializeSecurityContext returns 0x90312
[ 2024/09/20 21:41:59 ][SecuExtender Agent][DETAIL] Handshake LoopCounter: 1
[ 2024/09/20 21:41:59 ][SecuExtender Agent][DETAIL] InitializeSecurityContext returns 0x80090318
[ 2024/09/20 21:41:59 ][SecuExtender Agent][DETAIL] Handshake LoopCounter: 2
[ 2024/09/20 21:41:59 ][SecuExtender Agent][DETAIL] 2307 bytes of handshake data received
[ 2024/09/20 21:41:59 ][SecuExtender Agent][DETAIL] InitializeSecurityContext returns 0x90312
[ 2024/09/20 21:41:59 ][SecuExtender Agent][DETAIL] Send 93 bytes of handshake data
[ 2024/09/20 21:41:59 ][SecuExtender Agent][DETAIL] Handshake LoopCounter: 3
[ 2024/09/20 21:41:59 ][SecuExtender Agent][DETAIL] 51 bytes of handshake data received
[ 2024/09/20 21:41:59 ][SecuExtender Agent][DETAIL] InitializeSecurityContext returns 0x0
[ 2024/09/20 21:41:59 ][SecuExtender Agent][DETAIL] SSL Handshake is successful
[ 2024/09/20 21:41:59 ][SecuExtender Agent][DETAIL] STREAM_SIZE: Header: 13 Trailer: 16, MaxMessage: 16384
[ 2024/09/20 21:41:59 ][SecuExtender Agent][INFO] logout message has sent
[ 2024/09/20 21:41:59 ][SecuExtender Agent][DEBUG] SSL Connection is going to be closed
[ 2024/09/20 21:41:59 ][SecuExtender Agent][DETAIL] Connection ends.

Do you have any idea where the problem is coming from?

Zyxel_Judy

Hi @supportpc ,

Please check if the SSL VPN IP pool overlaps with any of the firewall interfaces.

To successfully establish a VPN connection, ensure that the VPN's IP pool does not overlap with any firewall interface.

supportpc

Hi @Zyxel_Judy,

The IP pool is not overlap. The range is only use with ssl vpn.

But, i change "ssl vpn server port" on "10443" and i add this port in "Policy Control".

Now the SSL VPN is connected but no packets are passing through the VPN connection.

You can see that I am transmitting but I am not receiving anything

Here my route table, you can see the ip range 10.200.2.0/24 can use the 192.168.200.11 gateway.

IPv4 Table de routage

Itinéraires actifs :
Destination réseau Masque réseau Adr. passerelle Adr. interface Métrique
0.0.0.0 0.0.0.0 192.168.43.1 192.168.43.4 55
10.200.2.0 255.255.255.0 192.168.200.1 192.168.200.11 50
10.200.2.151 255.255.255.255 192.168.200.1 192.168.200.11 50
10.200.3.0 255.255.255.0 192.168.200.1 192.168.200.11 50
109.133.194.24 255.255.255.255 192.168.43.1 192.168.43.4 55
127.0.0.0 255.0.0.0 On-link 127.0.0.1 331
127.0.0.1 255.255.255.255 On-link 127.0.0.1 331
127.255.255.255 255.255.255.255 On-link 127.0.0.1 331
192.168.43.0 255.255.255.0 On-link 192.168.43.4 311
192.168.43.4 255.255.255.255 On-link 192.168.43.4 311
192.168.43.255 255.255.255.255 On-link 192.168.43.4 311
192.168.100.0 255.255.255.0 192.168.200.1 192.168.200.11 50
192.168.200.1 255.255.255.255 192.168.200.1 192.168.200.11 50
192.168.200.11 255.255.255.255 On-link 192.168.200.11 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 331
224.0.0.0 240.0.0.0 On-link 192.168.43.4 311
255.255.255.255 255.255.255.255 On-link 127.0.0.1 331
255.255.255.255 255.255.255.255 On-link 192.168.43.4 311

In the firewall logs, I don't see any blocking and the VPN connection is automatically disconnect after 3 minutes.

Here a tracert :

Here new logs :

[ 2024/09/24 18:57:28 ][SecuExtender Agent][DETAIL] Checking service (first) ...
[ 2024/09/24 18:57:28 ][SecuExtender Agent][DETAIL] SecuExtender Helper is running
[ 2024/09/24 18:57:28 ][SecuExtender Agent][DETAIL] Try to connect to SecuExtender Helper
[ 2024/09/24 18:57:28 ][SecuExtender Agent][DETAIL] SecuExtender Helper is connected
[ 2024/09/24 18:57:28 ][SecuExtender Agent][INFO] [test] try to login gwhome.supportpc.intra:10443
[ 2024/09/24 18:57:28 ][SecuExtender Agent][INFO] Connect to 1837482520:10443
[ 2024/09/24 18:57:28 ][SecuExtender Agent][INFO] Local address is 3232246532
[ 2024/09/24 18:57:28 ][SecuExtender Agent][DEBUG] Connect success.
[ 2024/09/24 18:57:28 ][SecuExtender Agent][DETAIL] Handshake LoopCounter: 0
[ 2024/09/24 18:57:29 ][SecuExtender Agent][DETAIL] 2678 bytes of handshake data received
[ 2024/09/24 18:57:29 ][SecuExtender Agent][DETAIL] InitializeSecurityContext returns 0x90312
[ 2024/09/24 18:57:29 ][SecuExtender Agent][DETAIL] Handshake LoopCounter: 1
[ 2024/09/24 18:57:29 ][SecuExtender Agent][DETAIL] InitializeSecurityContext returns 0x80090318
[ 2024/09/24 18:57:29 ][SecuExtender Agent][DETAIL] Handshake LoopCounter: 2
[ 2024/09/24 18:57:29 ][SecuExtender Agent][DETAIL] 968 bytes of handshake data received
[ 2024/09/24 18:57:29 ][SecuExtender Agent][DETAIL] InitializeSecurityContext returns 0x90312
[ 2024/09/24 18:57:29 ][SecuExtender Agent][DETAIL] Send 93 bytes of handshake data
[ 2024/09/24 18:57:29 ][SecuExtender Agent][DETAIL] Handshake LoopCounter: 3
[ 2024/09/24 18:57:29 ][SecuExtender Agent][DETAIL] 51 bytes of handshake data received
[ 2024/09/24 18:57:29 ][SecuExtender Agent][DETAIL] InitializeSecurityContext returns 0x0
[ 2024/09/24 18:57:29 ][SecuExtender Agent][DETAIL] SSL Handshake is successful
[ 2024/09/24 18:57:29 ][SecuExtender Agent][DETAIL] STREAM_SIZE: Header: 13 Trailer: 16, MaxMessage: 16384
[ 2024/09/24 18:57:29 ][SecuExtender Agent][DETAIL] Protocol: TLS1.2
[ 2024/09/24 18:57:29 ][SecuExtender Agent][DETAIL] Cipher: AES256
[ 2024/09/24 18:57:29 ][SecuExtender Agent][DETAIL] Cipher strength: 256
[ 2024/09/24 18:57:29 ][SecuExtender Agent][DETAIL] Hash: SHA384
[ 2024/09/24 18:57:29 ][SecuExtender Agent][DETAIL] Hash strength: 0
[ 2024/09/24 18:57:29 ][SecuExtender Agent][DETAIL] Key exchange: 0xae06
[ 2024/09/24 18:57:29 ][SecuExtender Agent][DETAIL] Key exchange strength: 255
[ 2024/09/24 18:57:29 ][SecuExtender Agent][INFO] Server subject: C=BE, S=Hainaut, L=Morlanwelz, O=SUPPORT PC, OU=IT, CN=gwhome.supportpc.intra
[ 2024/09/24 18:57:29 ][SecuExtender Agent][INFO] Server issuer: DC=intra, DC=supportpc, CN=supportpc-CA
[ 2024/09/24 18:57:29 ][SecuExtender Agent][INFO] CA subject: DC=intra, DC=supportpc, CN=supportpc-CA
[ 2024/09/24 18:57:29 ][SecuExtender Agent][INFO] CA issuer: DC=intra, DC=supportpc, CN=supportpc-CA
[ 2024/09/24 18:57:29 ][SecuExtender Agent][DETAIL] SSL session is created
[ 2024/09/24 18:57:29 ][SecuExtender Agent][DEBUG] SSL Connection is going to be closed
[ 2024/09/24 18:57:29 ][SecuExtender Agent][INFO] user login device success
[ 2024/09/24 18:57:29 ][SecuExtender Agent][INFO] Creating secure tunnel to gwhome.supportpc.intra:10443
[ 2024/09/24 18:57:29 ][SecuExtender Agent][INFO] Connect to 1837482520:10443
[ 2024/09/24 18:57:29 ][SecuExtender Agent][INFO] Local address is 3232246532
[ 2024/09/24 18:57:29 ][SecuExtender Agent][DEBUG] Connect success.
[ 2024/09/24 18:57:29 ][SecuExtender Agent][DETAIL] Handshake LoopCounter: 0
[ 2024/09/24 18:57:29 ][SecuExtender Agent][DETAIL] 2678 bytes of handshake data received
[ 2024/09/24 18:57:29 ][SecuExtender Agent][DETAIL] InitializeSecurityContext returns 0x90312
[ 2024/09/24 18:57:29 ][SecuExtender Agent][DETAIL] Handshake LoopCounter: 1
[ 2024/09/24 18:57:29 ][SecuExtender Agent][DETAIL] InitializeSecurityContext returns 0x80090318
[ 2024/09/24 18:57:29 ][SecuExtender Agent][DETAIL] Handshake LoopCounter: 2
[ 2024/09/24 18:57:29 ][SecuExtender Agent][DETAIL] 968 bytes of handshake data received
[ 2024/09/24 18:57:29 ][SecuExtender Agent][DETAIL] InitializeSecurityContext returns 0x90312
[ 2024/09/24 18:57:29 ][SecuExtender Agent][DETAIL] Send 93 bytes of handshake data
[ 2024/09/24 18:57:29 ][SecuExtender Agent][DETAIL] Handshake LoopCounter: 3
[ 2024/09/24 18:57:29 ][SecuExtender Agent][DETAIL] 51 bytes of handshake data received
[ 2024/09/24 18:57:29 ][SecuExtender Agent][DETAIL] InitializeSecurityContext returns 0x0
[ 2024/09/24 18:57:29 ][SecuExtender Agent][DETAIL] SSL Handshake is successful
[ 2024/09/24 18:57:29 ][SecuExtender Agent][DETAIL] STREAM_SIZE: Header: 13 Trailer: 16, MaxMessage: 16384
[ 2024/09/24 18:57:29 ][SecuExtender Agent][DETAIL] Secure session is created
[ 2024/09/24 18:57:29 ][SecuExtender Agent][DETAIL] Secure session negotiation begin
[ 2024/09/24 18:57:29 ][SecuExtender Agent][DETAIL] stage 1...done
[ 2024/09/24 18:57:29 ][SecuExtender Agent][DETAIL] stage 2...done
[ 2024/09/24 18:57:30 ][SecuExtender Agent][DETAIL] stage 3...done
[ 2024/09/24 18:57:30 ][SecuExtender Agent][DETAIL] stage 4...done
[ 2024/09/24 18:57:30 ][SecuExtender Agent][DETAIL] Secure session negotiation end
[ 2024/09/24 18:57:30 ][SecuExtender Agent][DETAIL] Bring up virtual interface...
[ 2024/09/24 18:57:30 ][SecuExtender Agent][DEBUG] XML configuration is: <configuration><node><ip>192.168.200.11</ip><mask>255.255.255.255</mask><localip>192.168.200.1</localip></node><dns>10.200.2.151</dns><dns>10.200.2.152</dns><wins>0.0.0.0</wins><wins>0.0.0.0</wins><area><ip>192.168.100.0</ip><mask>255.255.255.0</mask></area><area><ip>10.200.2.0</ip><mask>255.255.255.0</mask></area><area><ip>10.200.3.0</ip><mask>255.255.255.0</mask></area><area><ip>10.200.2.151</ip><mask>255.255.255.255</mask></area></configuration>
[ 2024/09/24 18:57:30 ][SecuExtender Agent][DEBUG] nodeip 192.168.200.11
[ 2024/09/24 18:57:30 ][SecuExtender Agent][DEBUG] netmask 255.255.255.255
[ 2024/09/24 18:57:30 ][SecuExtender Agent][DEBUG] localip 192.168.200.1
[ 2024/09/24 18:57:30 ][SecuExtender Agent][DEBUG] wins0 0.0.0.0
[ 2024/09/24 18:57:30 ][SecuExtender Agent][DEBUG] wins1 0.0.0.0
[ 2024/09/24 18:57:30 ][SecuExtender Agent][DEBUG] dns1 10.200.2.151
[ 2024/09/24 18:57:30 ][SecuExtender Agent][DEBUG] dns2 10.200.2.152
[ 2024/09/24 18:57:30 ][SecuExtender Agent][DEBUG] area 0 ip 192.168.100.0
[ 2024/09/24 18:57:30 ][SecuExtender Agent][DEBUG] areamask 255.255.255.0
[ 2024/09/24 18:57:30 ][SecuExtender Agent][DEBUG] area 1 ip 10.200.2.0
[ 2024/09/24 18:57:30 ][SecuExtender Agent][DEBUG] areamask 255.255.255.0
[ 2024/09/24 18:57:30 ][SecuExtender Agent][DEBUG] area 2 ip 10.200.3.0
[ 2024/09/24 18:57:30 ][SecuExtender Agent][DEBUG] areamask 255.255.255.0
[ 2024/09/24 18:57:30 ][SecuExtender Agent][DEBUG] area 3 ip 10.200.2.151
[ 2024/09/24 18:57:30 ][SecuExtender Agent][DEBUG] areamask 255.255.255.255
[ 2024/09/24 18:57:30 ][SecuExtender Agent][DETAIL] Successfully retrieve network configuration.
[ 2024/09/24 18:57:30 ][SecuExtender Agent][INFO] ConfigSet.nodeip = 192.168.200.11
[ 2024/09/24 18:57:30 ][SecuExtender Agent][INFO] ConfigSet.localip = 192.168.200.1
[ 2024/09/24 18:57:30 ][SecuExtender Agent][INFO] ConfigSet.netmask = 255.255.255.255
[ 2024/09/24 18:57:30 ][SecuExtender Agent][DEBUG] Virtual network interface: \.\Global{78D758B5-95E9-4383-B560-7E1C79F3CC66}.tap
[ 2024/09/24 18:57:30 ][SecuExtender Agent][DEBUG] TAP-Windows Driver Version 9.9
[ 2024/09/24 18:57:30 ][SecuExtender Agent][DEBUG] TAP-Windows MTU = 1370
[ 2024/09/24 18:57:30 ][SecuExtender Agent][INFO] security tunnel is created!
[ 2024/09/24 18:57:30 ][SecuExtender Agent][DEBUG] Entering main loop
[ 2024/09/24 18:57:30 ][SecuExtender Agent][INFO] GetOverlappedResult success, agentState.aState = 2, agentState.aError = 0, dwReadBytes = 8
[ 2024/09/24 18:57:30 ][SecuExtender Agent][INFO] GetOverlappedResult success, agentState.aState = 3, agentState.aError = 0, dwReadBytes = 8
[ 2024/09/24 19:00:30 ][SecuExtender Agent][ERROR] Connection to ZyWALL is going to be shut down. (0x0)
[ 2024/09/24 19:00:30 ][SecuExtender Agent][DEBUG] SSL Connection is going to be closed
[ 2024/09/24 19:00:30 ][SecuExtender Agent][INFO] Connect to 1837482520:10443
[ 2024/09/24 19:00:30 ][SecuExtender Agent][INFO] Local address is 3232246532
[ 2024/09/24 19:00:30 ][SecuExtender Agent][DEBUG] Connect success.
[ 2024/09/24 19:00:30 ][SecuExtender Agent][DETAIL] Handshake LoopCounter: 0
[ 2024/09/24 19:00:30 ][SecuExtender Agent][DETAIL] 2678 bytes of handshake data received
[ 2024/09/24 19:00:30 ][SecuExtender Agent][DETAIL] InitializeSecurityContext returns 0x90312
[ 2024/09/24 19:00:30 ][SecuExtender Agent][DETAIL] Handshake LoopCounter: 1
[ 2024/09/24 19:00:30 ][SecuExtender Agent][DETAIL] InitializeSecurityContext returns 0x80090318
[ 2024/09/24 19:00:30 ][SecuExtender Agent][DETAIL] Handshake LoopCounter: 2
[ 2024/09/24 19:00:30 ][SecuExtender Agent][DETAIL] 968 bytes of handshake data received
[ 2024/09/24 19:00:30 ][SecuExtender Agent][DETAIL] InitializeSecurityContext returns 0x90312
[ 2024/09/24 19:00:30 ][SecuExtender Agent][DETAIL] Send 93 bytes of handshake data
[ 2024/09/24 19:00:30 ][SecuExtender Agent][DETAIL] Handshake LoopCounter: 3
[ 2024/09/24 19:00:30 ][SecuExtender Agent][DETAIL] 51 bytes of handshake data received
[ 2024/09/24 19:00:30 ][SecuExtender Agent][DETAIL] InitializeSecurityContext returns 0x0
[ 2024/09/24 19:00:30 ][SecuExtender Agent][DETAIL] SSL Handshake is successful
[ 2024/09/24 19:00:30 ][SecuExtender Agent][DETAIL] STREAM_SIZE: Header: 13 Trailer: 16, MaxMessage: 16384
[ 2024/09/24 19:00:30 ][SecuExtender Agent][INFO] logout message has sent
[ 2024/09/24 19:00:30 ][SecuExtender Agent][DEBUG] SSL Connection is going to be closed
[ 2024/09/24 19:00:30 ][SecuExtender Agent][DETAIL] Connection ends.

Do you have any idea where the problem is coming from?

PeterUK

Have you made a Policy Control rule from Zone SSL to given Zone LAN?

supportpc

Hi @PeterUK

Yes, i create a Policy Control entry but i see nothing in logs.

Here is the last entry I tested:

Zyxel_Judy

Hi @supportpc ,

You can see that I am transmitting but I am not receiving anything

Please review the relevant security policies and routing rules to identify any that might be blocking the connection.

the VPN connection is automatically disconnect after 3 minutes.

There appears to be an overlapping log entry. Could you provide the IP address assigned to the PC? Please capture the SSL VPN log from connection establishment to disconnection.

You also can share the remote session information with us to access to your firewall directly for further investigation? If yes, please check the steps on your Community inbox.

supportpc

Hi @Zyxel_Judy

All policy is open for ssl vpn.

The computer ip from ssl vpn is 192.168.200.11.

Here the ssl vpn logs from usg :

Zyxel_Judy

Hi @supportpc ,

Thank you for providing the remote access information.
Upon investigation, we identified a misconfiguration in your SSL VPN setup. 2FA was enabled without an associated email address for the account. This prevented proper authentication.
To resolve the issue, we have temporarily disabled the 2FA feature. As a result, your SSL VPN connection should now be functioning correctly.

supportpc

Hi @Zyxel_Judy ,

Thanks for your investiguation and now SecuExtender can connect.

But now when I go to the login web page, I get a 403 error.

The connection with SecuExtender works so it's not a problem but it is strange.
In the meantime I activated mfa and filled in the email address.

Thanks for all.

Zyxel_Judy

Hi @supportpc ,

To better support you, could you share the screenshot of the login web page with 403 error?

supportpc

Hi @Zyxel_Judy

Here the screenshot :