Register Now

Login

Lost Password

Lost your password? Please enter your email address. You will receive a link and will create a new password via email.

SSL VPN downloading 0Kb file from user portal

Issue: When user downloading SSL VPN client from the user portal, it is downloading as 0Kb file.

Resolution-1: Fill the default certificate

Make sure to fill default certificate under certificate authorities

Default certificate

Leaving default certificate empty might cause this issue.

Resolution-2: Regenerate the Default certificate

If the default certificate is already filled, identify the concerned user certificate under certificates section

Peer User certificate

Step-1:

Delete the concerned user certificate.

Next time the user login to the user portal, certificate will be regenerated again.

Step-2:

Go to the certificates>> certificate authorities section

Default certificate

Click on the pencil icon beside the default certificate and save it again.

This will regenerate the certificate.

Try to download again.

Resolution-3: Check in /tmp folder for SSl VPN

Connect to sophos XG firewall using putty. You can refer to the following article for that:

https://support.sophos.com/support/s/article/KB-000038697?language=en_US

Navigate to the /tmp partition and investigate if the following SSL VPN files are present

  • # cd tmp
  • # cd /content/sslvpn
  • # ls
    • Confirm if the following SSL VPN files are present in /content/sslvpn:
    • rw-rr- 1 1000 100 413 Apr 24 2015 client-config-template.ovpn
    • rw-rr- 1 1000 100 111.1K Jun 17 19:35 ssl-vpn-config-installer.exe
    • rw-rr- 1 1000 100 1.4M Jun 17 19:35 ssl-vpn-client-installer.exe
    • rw-rr- 1 1000 100 72 Jun 17 19:49 U2DVERSION

If they are not present try to manually update the pattern file using this article:

https://docs.sophos.com/nsg/sophos-firewall/18.0/Help/en-us/webhelp/onlinehelp/nsg/sfos/concepts/PatternManage.html?hl=pattern

Then try to download the SSL VPN configuration again from the user portal

Resolution-4: Issue could also arise if symbolic link broke.

The link /content/sslvpn might be broken. It might not be pointing to the correct directory

For example:

The symbolic link /content/sslvpn was broken.

It was pointing to not existing directory /content/sslvpn_1.01/0 and it was supposed to point to /content/sslvpn_1.01/1.0.008/

Commands to check the symbolic link and fix the issue in Advanced shell:

Directories with installed Patterns:

SG310_WP01_SFOS 17.5.14 MR-14-1# ls -ald /content/sslvpn_/
drwxr-xr-x 2 root 0 1024 Jan 2 2020 /content/sslvpn_1.00/1.0.007
drwxr-xr-x 2 root 0 1024 Nov 26 10:27 /content/sslvpn_1.01/1.0.008

Get where symbolic is pointing if it exists. It should point to one of the directories with installed Patterns, so:

SG310_WP01_SFOS 17.5.14 MR-14-1# ls -altr /content/sslvpn
lrwxrwxrwx 1 root 0 29 Nov 26 10:27 /content/sslvpn -> /content/sslvpn_1.01/1.0.008/

In my case, the symbolic link existed, but it was not correct:

SG310_WP01_SFOS 17.5.14 MR-14-1# ls -altr /content/sslvpn
lrwxrwxrwx 1 root 0 22 Sep 10 20:48 sslvpn -> /content/sslvpn_1.01/0

To fix this situation, I deleted old symbolic link and created new one:

cd /content/
rm sslvpn
ln -s /content/sslvpn_1.01/1.0.008/ sslvpn

After making these changes to point SSL VPN directory to correct link, SSL VPN directory will point to correct directory and the issue will be resolved

Hope this article will be helpful