loss connection zywall ssl vpn

sl2711
sl2711 Posts: 14
Hello everyone, for a few weeks, I have been unable to maintain a VPN connection with my Zyxel ATP200.
I connect correctly through the Zywall SecuExtender, then I open an RDP connection with my office computer where I connect correctly, but as soon as I start to use my computer, it starts to get laggy and cuts off the RDP connection and automatically disconnects me of the SECUEXTENDER.
It is a VPN that has always worked well for me from the beginning and I don't remember changing anything since then...
It is a complicated situation indeed.

Attached some logs and screenshots.


last lines of secuextenderhelper.log

[ 2022/04/13 10:08:42 ][SecuExtender Helper] Request(100): REMOVE 2550245568/1841555412 29 180884490 29889546
[ 2022/04/13 10:08:42 ][SecuExtender Helper] Remove Routing
[ 2022/04/13 10:08:42 ][SecuExtender Helper] Remove prioritize routing
[ 2022/04/13 10:08:42 ][SecuExtender Helper] Succeed to delete prioritize route to 212.231.195.109
[ 2022/04/13 10:08:42 ][SecuExtender Helper] Get netsh path = powershell
[ 2022/04/13 10:08:42 ][SecuExtender Helper] Set-NetIPInterface -InterfaceAlias "Ethernet 2" -InterfaceMetric 30
[ 2022/04/13 10:08:42 ][SecuExtender Helper] ZyShellExecute start.
[ 2022/04/13 10:08:43 ][SecuExtender Helper] ZyShellExecute WaitForSingleObject() result = 0
[ 2022/04/13 10:08:43 ][SecuExtender Helper] GetExitCodeProcess
[ 2022/04/13 10:08:43 ][SecuExtender Helper] lpszFile = powershell, lpszParam = Set-NetIPInterface -InterfaceAlias "Ethernet 2" -InterfaceMetric 30, dwExitCode = 1, dwError = 0
[ 2022/04/13 10:08:43 ][SecuExtender Helper] Failed to read from client(2): 109, 0
[ 2022/04/13 10:08:43 ][SecuExtender Helper] Start to Disconnect pipe...
[ 2022/04/13 10:08:43 ][SecuExtender Helper] Shutting down a pipe connection instance...
[ 2022/04/13 10:08:43 ][SecuExtender Helper] ==============================




Greetings to all.
«1

All Replies

  • PeterUK
    PeterUK Posts: 1,384  Guru Member
    edited April 13

    Are your subnets different for the VPN and LAN's at each end?


  • sl2711
    sl2711 Posts: 14
    PeterUK said:

    Are your subnets different for the VPN and LAN's at each end?


    that's how it is.
    My local network on client computer is 192.168.1.1
    the vpn network is 10.20.200.1 and other networks within the vpn (already in the office) is 10.20.5 - 10.20.10 - 10.20.15 (I have several vlan's)
  • PeterUK
    PeterUK Posts: 1,384  Guru Member
    What firmware are you on maybe try a older firmware like 5.20
    Download Library | ZyXEL

  • sl2711
    sl2711 Posts: 14
    What firmware are you on maybe try a older firmware like 5.20
    I am currently using 5.10.

    I have yet to update to 5.21, which is the one that tells me that it is currently available...
  • PeterUK
    PeterUK Posts: 1,384  Guru Member
    edited April 14
    Ok so update and see if that fixes it

    Tested here with a USG40 SSLVPN then RDP seems fine with secuextender 4.0.4.0

    Try with and without:
    Force all client traffic to enter SSL VPN tunnel

    Do use port 443 for SSLVPN? maybe change it
  • Zyxel_Jeff
    Zyxel_Jeff Posts: 305  Zyxel Employee

    Is this symptom” cannot establish SSL VPN connection” or” can establish VPN for a while but it seems SSL VPN connection is log out suddenly “? 
    What is your SecuExtender SSL VPN client’s version?
    Are the SSL VPN IP range numbers enough?
    Do you use a specific port for SSL VPN connection?
    If so, you should adjust the SecuExtender SSL VPN client’s port, as below:
    The SSL VPN Service port is specific port number: 5566.

    And the SecuExtender SSL VPN client’s port needs to be adjusted.

    Thanks.
  • sl2711
    sl2711 Posts: 14
    the port I use is 11443.
    I get to connect and work for a while. the problem is that after a few minutes the securextender disconnects.
  • mMontana
    mMontana Posts: 733  Guru Member
    @sl2711 which OS are you using?
    If it's Windows, are you using 4.0.4.0 SecuExtender?
  • sl2711
    sl2711 Posts: 14
    If windows and I use 4.0.4
  • Zyxel_Jeff
    Zyxel_Jeff Posts: 305  Zyxel Employee

    Can you provide the device config file and the SSL VPN connection related information to us via private message?
    We would like to establish the SSL VPN connection to your site for further verification.
    Thanks.

Security Highlight