SSL VPN Problem

LCIT
LCIT Posts: 1  Freshman Member
edited April 2021 in Security
Hello I'm experiencing difficulties to connect to my SSL VPN (USG210).

SecuExtender.log:
[ 2020/09/29 17:31:04 ][SecuExtender Helper] ######## Build Datetime: Sep  5 2018/13:29:07 ########
[ 2020/09/29 17:31:04 ][SecuExtender Helper] osvi.dwPlatformId = 2, osvi.dwMajorVersion = 6, osvi.dwMinorVersion = 2
[ 2020/09/29 17:31:04 ][SecuExtender Helper] shared memory is create
[ 2020/09/29 17:31:04 ][SecuExtender Helper] Get a valid selfsigned certificate.
[ 2020/09/29 17:31:04 ][SecuExtender Helper] certificate fingerprint: ******
[ 2020/09/29 17:31:04 ][SecuExtender Helper] https server init success
[ 2020/09/29 17:31:58 ][SecuExtender Helper] Request(102): REMOVE 234989760/180461133 14 4294967295 4294967295
[ 2020/09/29 17:31:58 ][SecuExtender Helper] Remove Routing
[ 2020/09/29 17:31:58 ][SecuExtender Helper] Remove prioritize routing
[ 2020/09/29 17:31:58 ][SecuExtender Helper] Get netsh path = powershell
[ 2020/09/29 17:31:58 ][SecuExtender Helper] ia is null
[ 2020/09/29 17:31:58 ][SecuExtender Helper] Failed to read from client(2): 109, 0
[ 2020/09/29 17:31:58 ][SecuExtender Helper] Start to Disconnect pipe...
[ 2020/09/29 17:31:58 ][SecuExtender Helper] Shutting down a pipe connection instance...
[ 2020/09/29 17:31:58 ][SecuExtender Helper] ==============================</code>[ 2020/09/29 17:31:35 ][SecuExtender Agent][DETAIL]&nbsp; Build Datetime: Sep&nbsp; 5 2018/13:28:56<br>[ 2020/09/29 17:31:35 ][SecuExtender Agent][DEBUG]&nbsp;&nbsp; SecuExtender.log: C:\Users\******\SecuExtender.log<br>[ 2020/09/29 17:31:35 ][SecuExtender Agent][DEBUG]&nbsp;&nbsp; osvi.dwPlatformId = 2, osvi.dwMajorVersion = 6, osvi.dwMinorVersion = 2<br>[ 2020/09/29 17:31:35 ][SecuExtender Agent][DEBUG]&nbsp;&nbsp; interface guid: {FD33527B-80B5-4465-A357-F794156A1515}, idx: 10<br>[ 2020/09/29 17:31:35 ][SecuExtender Agent][DEBUG]&nbsp;&nbsp; tBuf : (\DEVICE\TCPIP_{FD33527B-80B5-4465-A357-F794156A1515})<br>[ 2020/09/29 17:31:35 ][SecuExtender Agent][DEBUG]&nbsp;&nbsp; network name got, idx: 11<br>[ 2020/09/29 17:31:57 ][SecuExtender Agent][DETAIL]&nbsp; Checking service (first) ...<br>[ 2020/09/29 17:31:57 ][SecuExtender Agent][DETAIL]&nbsp; SecuExtender Helper is running<br>[ 2020/09/29 17:31:57 ][SecuExtender Agent][DETAIL]&nbsp; Try to connect to SecuExtender Helper<br>[ 2020/09/29 17:31:57 ][SecuExtender Agent][DETAIL]&nbsp; SecuExtender Helper is connected<br>[ 2020/09/29 17:31:57 ][SecuExtender Agent][INFO]&nbsp;&nbsp;&nbsp; [******] try to login vpn.******.com:8443<br>[ 2020/09/29 17:31:57 ][SecuExtender Agent][INFO]&nbsp;&nbsp;&nbsp; Connect to ******<br>[ 2020/09/29 17:31:57 ][SecuExtender Agent][INFO]&nbsp;&nbsp;&nbsp; Local address is ******<br>[ 2020/09/29 17:31:57 ][SecuExtender Agent][DEBUG]&nbsp;&nbsp; Connect success.<br>[ 2020/09/29 17:31:57 ][SecuExtender Agent][DETAIL]&nbsp; Handshake LoopCounter: 0<br>[ 2020/09/29 17:31:57 ][SecuExtender Agent][DETAIL]&nbsp; 1200 bytes of handshake data received<br>[ 2020/09/29 17:31:57 ][SecuExtender Agent][DETAIL]&nbsp; InitializeSecurityContext returns 0x90312<br>[ 2020/09/29 17:31:57 ][SecuExtender Agent][DETAIL]&nbsp; Send 126 bytes of handshake data<br>[ 2020/09/29 17:31:57 ][SecuExtender Agent][DETAIL]&nbsp; Handshake LoopCounter: 1<br>[ 2020/09/29 17:31:57 ][SecuExtender Agent][DETAIL]&nbsp; 274 bytes of handshake data received<br>[ 2020/09/29 17:31:57 ][SecuExtender Agent][DETAIL]&nbsp; InitializeSecurityContext returns 0x0<br>[ 2020/09/29 17:31:57 ][SecuExtender Agent][DETAIL]&nbsp; SSL Handshake is successful<br>[ 2020/09/29 17:31:57 ][SecuExtender Agent][DETAIL]&nbsp; STREAM_SIZE: Header: 13&nbsp;&nbsp;&nbsp; Trailer: 16, MaxMessage: 16384<br>[ 2020/09/29 17:31:57 ][SecuExtender Agent][DETAIL]&nbsp; Protocol: TLS1.2<br>[ 2020/09/29 17:31:57 ][SecuExtender Agent][DETAIL]&nbsp; Cipher: AES256<br>[ 2020/09/29 17:31:57 ][SecuExtender Agent][DETAIL]&nbsp; Cipher strength: 256<br>[ 2020/09/29 17:31:57 ][SecuExtender Agent][DETAIL]&nbsp; Hash: SHA384<br>[ 2020/09/29 17:31:57 ][SecuExtender Agent][DETAIL]&nbsp; Hash strength: 0<br>[ 2020/09/29 17:31:57 ][SecuExtender Agent][DETAIL]&nbsp; Key exchange: 0xae06<br>[ 2020/09/29 17:31:57 ][SecuExtender Agent][DETAIL]&nbsp; Key exchange strength: 256<br>[ 2020/09/29 17:31:57 ][SecuExtender Agent][INFO]&nbsp;&nbsp;&nbsp; Server subject: CN=usg210_******<br>[ 2020/09/29 17:31:57 ][SecuExtender Agent][INFO]&nbsp;&nbsp;&nbsp; Server issuer: CN=usg210_******<br>[ 2020/09/29 17:31:57 ][SecuExtender Agent][ERROR]&nbsp;&nbsp; **** Error 0x800b0109 authenticating server credentials! (0x0)<br>[ 2020/09/29 17:31:58 ][SecuExtender Agent][DETAIL]&nbsp; SSL session is created<br>[ 2020/09/29 17:31:58 ][SecuExtender Agent][DETAIL]&nbsp; Can't get authentication token(1)<br>[ 2020/09/29 17:31:58 ][SecuExtender Agent][DEBUG]&nbsp;&nbsp; SSL Connection is going to be closed<br>[ 2020/09/29 17:31:58 ][SecuExtender Agent][ERROR]&nbsp;&nbsp; user login device failed (0x0)<br>[ 2020/09/29 17:31:58 ][SecuExtender Agent][DEBUG]&nbsp;&nbsp; SSL Connection is going to be closed<br>[ 2020/09/29 17:31:58 ][SecuExtender Agent][DETAIL]&nbsp; Connection ends.</pre><br><div>SecuExtenderHelper.log:</div><div><pre class="CodeBlock"><code>
(I replaced what I believe to be sensitive data with "******")

I tried everything (ports opening in firewall, disable windows defender, DISM and SFC repairs, reset network settings, test with another network card, internet box and computer resets, etc).
Whatever I try I keep getting these "Can't get authentication token(1)" and "ia is null" errors.

Any help appreciated thank you.

Comments

  • Hi 
    I have same problem today, have you find the cause ?
    Thank you
  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,510  Zyxel Employee
    100 Answers Sixth Anniversary 1000 Comments Zyxel Certified Sales Associate
    Hi @LCIT, and @bYAdmin
    Welcome to Zyxel Community. =)
    Is the SSL VPN connection issue only on specific client ? Assume it is general to all windows client.
    Please send  my your configuration file in PM for further checking.

    Don't miss this great chance to upgrade your Nebula org. for free!

Security Highlight