Connected __________ # diag debug res __________ # diag debug application sslvpn -1 Debug messages will be on for 30 minutes. __________ # diag debug application fnbamd -1 Debug messages will be on for 30 minutes. __________ # diag vpn ssl debug-filter src-addr4 000.000.000.000 __________ # diag debug enable __________ # [193:root:70e]allocSSLConn:280 sconn 0x36186600 (0:root) [193:root:70e]SSL state:before SSL initialization (000.000.000.000) [193:root:70e]SSL state:before SSL initialization:DH lib(000.000.000.000) [193:root:70e]SSL_accept failed, 5:(null) [193:root:70e]Destroy sconn 0x36186600, connSize=1. (root) [11005:root:35b]allocSSLConn:280 sconn 0x360e0f00 (0:root) [11005:root:35b]SSL state:before SSL initialization (000.000.000.000) [11005:root:35b]SSL state:before SSL initialization (000.000.000.000) [11005:root:35b]SSL state:SSLv3/TLS read client hello (000.000.000.000) [11005:root:35b]SSL state:SSLv3/TLS write server hello (000.000.000.000) [11005:root:35b]SSL state:SSLv3/TLS write certificate (000.000.000.000) [11005:root:35b]SSL state:SSLv3/TLS write key exchange (000.000.000.000) [11005:root:35b]SSL state:SSLv3/TLS write server done (000.000.000.000) [11005:root:35b]SSL state:SSLv3/TLS write server done:system lib(000.000.000.000) [11005:root:35b]SSL state:SSLv3/TLS write server done:DH lib(000.000.000.000) [11005:root:35b]SSL_accept failed, 5:(null) [11005:root:35b]Destroy sconn 0x360e0f00, connSize=2. (root) [195:root:70d]allocSSLConn:280 sconn 0x361a6f00 (0:root) [195:root:70d]SSL state:before SSL initialization (000.000.000.000) [195:root:70d]SSL state:before SSL initialization (000.000.000.000) [195:root:70d]SSL state:SSLv3/TLS read client hello (000.000.000.000) [195:root:70d]SSL state:SSLv3/TLS write server hello (000.000.000.000) [195:root:70d]SSL state:SSLv3/TLS write certificate (000.000.000.000) [195:root:70d]SSL state:SSLv3/TLS write key exchange (000.000.000.000) [195:root:70d]SSL state:SSLv3/TLS write server done (000.000.000.000) [195:root:70d]SSL state:SSLv3/TLS write server done:system lib(000.000.000.000) [195:root:70d]SSL state:SSLv3/TLS write server done (000.000.000.000) [195:root:70d]SSL state:SSLv3/TLS read client key exchange (000.000.000.000) [195:root:70d]SSL state:SSLv3/TLS read change cipher spec (000.000.000.000) [195:root:70d]SSL state:SSLv3/TLS read finished (000.000.000.000) [195:root:70d]SSL state:SSLv3/TLS write session ticket (000.000.000.000) [195:root:70d]SSL state:SSLv3/TLS write change cipher spec (000.000.000.000) [195:root:70d]SSL state:SSLv3/TLS write finished (000.000.000.000) [195:root:70d]SSL state:SSL negotiation finished successfully (000.000.000.000) [195:root:70d]SSL established: TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 [195:root:70d]req: /remote/info [195:root:70d]req: /remote/login [195:root:70d]rmt_web_auth_info_parser_common:433 no session id in auth info [195:root:70d]rmt_web_get_access_cache:752 invalid cache, ret=4103 [195:root:70d]req: /remote/logincheck [195:root:70d]rmt_web_auth_info_parser_common:433 no session id in auth info [195:root:70d]rmt_web_access_check:678 access failed, uri=[/remote/logincheck],ret=4103, [195:root:70d]rmt_logincheck_cb_handler:890 user '_______' has a matched local entry. [195:root:70d]sslvpn_auth_check_usrgroup:1762 forming user/group list from policy. [195:root:70d]sslvpn_auth_check_usrgroup:1804 got user (0) group (1:0). [195:root:70d]sslvpn_validate_user_group_list:1432 validating with SSL VPN authentication rules (2), realm (). [195:root:70d]sslvpn_validate_user_group_list:1480 checking rule 1 cipher. [195:root:70d]sslvpn_validate_user_group_list:1488 checking rule 1 realm. [195:root:70d]sslvpn_validate_user_group_list:1499 checking rule 1 source intf. [195:root:70d]sslvpn_validate_user_group_list:1538 checking rule 1 vd source intf. [195:root:70d]sslvpn_validate_user_group_list:1610 rule 1 done, got user (0) group (0:0). [195:root:70d]sslvpn_validate_user_group_list:1480 checking rule 2 cipher. [195:root:70d]sslvpn_validate_user_group_list:1488 checking rule 2 realm. [195:root:70d]sslvpn_validate_user_group_list:1499 checking rule 2 source intf. [195:root:70d]sslvpn_validate_user_group_list:1610 rule 2 done, got user (0) group (1:0). [195:root:70d]sslvpn_validate_user_group_list:1698 got user (0), group (1:0). [195:root:70d]two factor check for _______: off [195:root:70d]sslvpn_authenticate_user:167 authenticate user: [_______] [195:root:70d]sslvpn_authenticate_user:174 create fam state [195:root:70d]fam_auth_send_req:559 with server blacklist: [195:root:70d]fam_auth_send_req_internal:442 fnbam_auth return: 0 [195:root:70d]fam_auth_send_req_internal:448 authentication OK [195:root:70d]fam_do_cb:478 fnbamd return auth success. [195:root:70d]SSL VPN login matched rule (2). [195:root:70d]rmt_bind_oif:562 bind device,sock=32,if=[wan1] [195:root:70d]login_succeeded:382 redirect to hostcheck [195:root:70d]deconstruct_session_id:375 decode session id ok, user=[_______],group=[GENEL],portal=[TUNNEL],host=[000.000.000.000],realm=[],idx=5,auth=1,sid=184cb8d8, login=1633414118, access=1633414118 [195:root:70d]deconstruct_session_id:375 decode session id ok, user=[_______],group=[GENEL],portal=[TUNNEL],host=[000.000.000.000],realm=[],idx=5,auth=1,sid=184cb8d8, login=1633414118, access=1633414118 [195:root:70d]deconstruct_session_id:375 decode session id ok, user=[_______],group=[GENEL],portal=[TUNNEL],host=[000.000.000.000],realm=[],idx=5,auth=1,sid=184cb8d8, login=1633414118, access=1633414118 [195:root:70d]deconstruct_session_id:375 decode session id ok, user=[_______],group=[GENEL],portal=[TUNNEL],host=[000.000.000.000],realm=[],idx=5,auth=1,sid=184cb8d8, login=1633414118, access=1633414118 [195:root:70d]req: /remote/fortisslvpn [195:root:70d]deconstruct_session_id:375 decode session id ok, user=[_______],group=[GENEL],portal=[TUNNEL],host=[000.000.000.000],realm=[],idx=5,auth=1,sid=184cb8d8, login=1633414118, access=1633414118 [195:root:70d]rmt_bind_oif:562 bind device,sock=32,if=[wan1] [195:root:70d]deconstruct_session_id:375 decode session id ok, user=[_______],group=[GENEL],portal=[TUNNEL],host=[000.000.000.000],realm=[],idx=5,auth=1,sid=184cb8d8, login=1633414118, access=1633414118 [195:root:70d]form_ipv4_split_tunnel_addr:1555 Matched policy (id = 30) to add split tunnel routing address [195:root:70d]form_ipv4_split_tunnel_addr:1555 Matched policy (id = 29) to add split tunnel routing address [195:root:70d]req: /remote/fortisslvpn_xml [195:root:70d]deconstruct_session_id:375 decode session id ok, user=[_______],group=[GENEL],portal=[TUNNEL],host=[000.000.000.000],realm=[],idx=5,auth=1,sid=184cb8d8, login=1633414118, access=1633414118 [195:root:70d]rmt_bind_oif:562 bind device,sock=32,if=[wan1] [195:root:70d]deconstruct_session_id:375 decode session id ok, user=[_______],group=[GENEL],portal=[TUNNEL],host=[000.000.000.000],realm=[],idx=5,auth=1,sid=184cb8d8, login=1633414118, access=1633414118 [195:root:70d]sslvpn_reserve_dynip:1118 tunnel vd[root] ip[172.16.199.6] [195:root:70d]form_ipv4_split_tunnel_addr:1555 Matched policy (id = 30) to add split tunnel routing address [195:root:70d]form_ipv4_split_tunnel_addr:1555 Matched policy (id = 29) to add split tunnel routing address [193:root:70f]allocSSLConn:280 sconn 0x36186600 (0:root) [193:root:70f]SSL state:before SSL initialization (000.000.000.000) [193:root:70f]SSL state:before SSL initialization (000.000.000.000) [193:root:70f]SSL state:SSLv3/TLS read client hello (000.000.000.000) [193:root:70f]SSL state:SSLv3/TLS write server hello (000.000.000.000) [193:root:70f]SSL state:SSLv3/TLS write certificate (000.000.000.000) [193:root:70f]SSL state:SSLv3/TLS write key exchange (000.000.000.000) [193:root:70f]SSL state:SSLv3/TLS write server done (000.000.000.000) [193:root:70f]SSL state:SSLv3/TLS write server done:system lib(000.000.000.000) [193:root:70f]SSL state:SSLv3/TLS write server done (000.000.000.000) [193:root:70f]SSL state:SSLv3/TLS read client key exchange (000.000.000.000) [193:root:70f]SSL state:SSLv3/TLS read change cipher spec (000.000.000.000) [193:root:70f]SSL state:SSLv3/TLS read finished (000.000.000.000) [193:root:70f]SSL state:SSLv3/TLS write session ticket (000.000.000.000) [193:root:70f]SSL state:SSLv3/TLS write change cipher spec (000.000.000.000) [193:root:70f]SSL state:SSLv3/TLS write finished (000.000.000.000) [193:root:70f]SSL state:SSL negotiation finished successfully (000.000.000.000) [193:root:70f]SSL established: TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 [193:root:70f]req: /remote/fortisslvpn_xml [193:root:70f]deconstruct_session_id:375 decode session id ok, user=[_______],group=[GENEL],portal=[TUNNEL],host=[000.000.000.000],realm=[],idx=5,auth=1,sid=184cb8d8, login=1633414118, access=1633414118 [193:root:70f]rmt_bind_oif:562 bind device,sock=29,if=[wan1] [193:root:70f]deconstruct_session_id:375 decode session id ok, user=[_______],group=[GENEL],portal=[TUNNEL],host=[000.000.000.000],realm=[],idx=5,auth=1,sid=184cb8d8, login=1633414118, access=1633414118 [193:root:70f]form_ipv4_split_tunnel_addr:1555 Matched policy (id = 30) to add split tunnel routing address [193:root:70f]form_ipv4_split_tunnel_addr:1555 Matched policy (id = 29) to add split tunnel routing address [193:root:70f]req: /remote/sslvpn-tunnel2?dns0=10.35.1.1&dn [193:root:70f]sslvpn_tunnel2_handler,50, Calling rmt_conn_access_ex. [193:root:70f]deconstruct_session_id:375 decode session id ok, user=[_______],group=[GENEL],portal=[TUNNEL],host=[000.000.000.000],realm=[],idx=5,auth=1,sid=184cb8d8, login=1633414118, access=1633414118 [193:root:70f]rmt_bind_oif:562 bind device,sock=29,if=[wan1] [193:root:70f]client sent request without hostname (see RFC2616 section 14.23): /. [193:root:70f]sslConnGotoNextState:296 error (last state: 1, closeOp: 0) [193:root:70f]Destroy sconn 0x36186600, connSize=1. (root) [195:root:70d]Timeout for connection 0x361a6f00. [195:root:70d]Destroy sconn 0x361a6f00, connSize=2. (root) [11005:root:0]RCV: LCP Configure_Request id(1) len(14) [Maximum_Received_Unit 1354] [Magic_Number 1248C00C] [11005:root:0]SND: LCP Configure_Request id(1) len(10) [Magic_Number 4C94A4AE] [11005:root:0]lcp_reqci: returning CONFACK. [11005:root:0]SND: LCP Configure_Ack id(1) len(14) [Maximum_Received_Unit 1354] [Magic_Number 1248C00C] [11005:root:0]RCV: LCP Configure_Ack id(1) len(10) [Magic_Number 4C94A4AE] [11005:root:0]lcp_up: with mtu 1354 [11005:root:0]SND: IPCP Configure_Request id(1) [IP_Address 195.175.82.30] [11005:root:0]RCV: IPCP Configure_Request id(0) [IP_Address 0.0.0.0] [Primary_DNS_IP_Address 0.0.0.0] [Seconday_DNS_IP_Address 0.0.0.0] [11005:root:0]ipcp: returning Configure-NAK [11005:root:0]SND: IPCP Configure_Nak id(0) [IP_Address 172.16.199.6] [Primary_DNS_IP_Address 192.168.16.8] [Seconday_DNS_IP_Address 192.168.16.1] [11005:root:0]RCV: IPCP Configure_Ack id(1) [IP_Address 195.175.82.30] [11005:root:0]RCV: IPCP Configure_Request id(1) [IP_Address 172.16.199.6] [Primary_DNS_IP_Address 192.168.16.8] [Seconday_DNS_IP_Address 192.168.16.1] [11005:root:0]ipcp: returning Configure-ACK [11005:root:0]SND: IPCP Configure_Ack id(1) [IP_Address 172.16.199.6] [Primary_DNS_IP_Address 192.168.16.8] [Seconday_DNS_IP_Address 192.168.16.1] [11005:root:0]ipcp: up ppp:0x361ac000 caller:0x360e0f00 tun:37 [11005:root:0]Cannot determine ethernet address for proxy ARP [11005:root:0]local IP address 195.175.82.30 [11005:root:0]remote IP address 172.16.199.6