Environment
Novell Access Management 3 SSLVPN Server
Access Manager 3 Support Pack 1 Release candidate 2 applied
Situation
Setup Access Manager with SSLVPN services enabled. With the SSL
enterprise VPN client, users get a 'can't connect' error as the
SSLVPN client is initialising. The kiosk mode works without
problems.
Looking at the novell-openvpn.log file on the SSLVPN server, the following information was presented:
14.09.2007 13:07:20:LOG6:PID 2904 :KB 3008 Created the thread for service window
14.09.2007 13:07:20:LOG6:PID 2904 :KB 4076 Service thread has started.
14.09.2007 13:07:20:LOG6:PID 2904 :KB 3152 In - ServiceExecutionThread
14.09.2007 13:07:20:LOG6:PID 2904 :KB 3152 Got a free port 1334
14.09.2007 13:07:20:LOG6:PID 2904 :KB 3152 UpdateServicePortIntoFile(): successfully updated the port.
14.09.2007 13:07:20:LOG6:PID 2904 :KB 3152 Waiting for a client to connect...
14.09.2007 13:07:21:LOG6:PID 2904 :KB 3152 Client is connected.
14.09.2007 13:07:21:LOG6:PID 2904 :KB 3152 Succeeded executing GETVERSION: Protocol version is 3.01
14.09.2007 13:07:21:LOG6:PID 2904 :KB 3152 Failed to move OpenVPN folder. Error is 17
14.09.2007 13:07:21:LOG3:PID 2904 :KB 3152 Failed to verify the signature
14.09.2007 13:07:21:LOG6:PID 2904 :KB 3152 Received exit command. Shutting down the connection...
14.09.2007 13:07:22:LOG6:PID 2904 :KB 3152 Waiting for a client to connect...
Using Firefox, one can see, from the logs, that the client tries to get the free port from D:\Windows\novell-sslvpn-serv-conf.txt. There is a D: Drive but the windows installation is on C: and all the environment variables point to c:. No Windows directory exists on D:. The only thing on drive D: is the profile path.
Looking at the novell-openvpn.log file on the SSLVPN server, the following information was presented:
14.09.2007 13:07:20:LOG6:PID 2904 :KB 3008 Created the thread for service window
14.09.2007 13:07:20:LOG6:PID 2904 :KB 4076 Service thread has started.
14.09.2007 13:07:20:LOG6:PID 2904 :KB 3152 In - ServiceExecutionThread
14.09.2007 13:07:20:LOG6:PID 2904 :KB 3152 Got a free port 1334
14.09.2007 13:07:20:LOG6:PID 2904 :KB 3152 UpdateServicePortIntoFile(): successfully updated the port.
14.09.2007 13:07:20:LOG6:PID 2904 :KB 3152 Waiting for a client to connect...
14.09.2007 13:07:21:LOG6:PID 2904 :KB 3152 Client is connected.
14.09.2007 13:07:21:LOG6:PID 2904 :KB 3152 Succeeded executing GETVERSION: Protocol version is 3.01
14.09.2007 13:07:21:LOG6:PID 2904 :KB 3152 Failed to move OpenVPN folder. Error is 17
14.09.2007 13:07:21:LOG3:PID 2904 :KB 3152 Failed to verify the signature
14.09.2007 13:07:21:LOG6:PID 2904 :KB 3152 Received exit command. Shutting down the connection...
14.09.2007 13:07:22:LOG6:PID 2904 :KB 3152 Waiting for a client to connect...
Using Firefox, one can see, from the logs, that the client tries to get the free port from D:\Windows\novell-sslvpn-serv-conf.txt. There is a D: Drive but the windows installation is on C: and all the environment variables point to c:. No Windows directory exists on D:. The only thing on drive D: is the profile path.
Resolution
Make sure that the profile path points to the same drive as Windows
is installed on. SSL VPN Enterprise client will work only if the
user profile path is in the Windows drive which is the default
case.
An enhancement to address this has been made to engineering.
An enhancement to address this has been made to engineering.