Unable To Contact The Ssl Vpn Server; Unable To Get Authentication Headers; The Ssl Vpn Connection Is Successful But There Is No Data Transfer - Novell ACCESS MANAGER 3.1 SP1 - SSL VPN SERVER GUIDE 03-17-2010 Manual

31.7 Unable to Contact the SSL VPN Server

In the client browser, if you encounter the message
message
SSLVPN Gateway is not available
Error Status: Check the status at
var/log/novell-openvpn.log
SSL VPN Status: At the command prompt, enter the following command:
/etc/init.d/novell-sslvpn status
Message Log: Check the

31.8 Unable to Get Authentication Headers

If the browser displays the
SSL VPN URL, check whether the custom HTTP headers required for SSL VPN are configured and
enabled in the Access Gateway. In the Administration Console, click Access Gateways >
[Configuration Link] > [Name of Reverse Proxy] > [Name of SSL VPN Proxy Service] > [Name of
SSL VPN Protected Resource] > Identity Injection.
The SSLVPN_Default policy should be enabled. This policy injects an authentication header and
two custom headers (X-SSLVPN-PROXY-SESSION-COOKIE and X-SSLVPN-ROLE).
31.9 The SSL VPN Connection Is Successful But
There Is No Data Transfer
Possible Cause: If this issue appears in Kiosk mode, the private address specified during the server
configuration might be incorrect.
Action: In the Administration Console, click Devices > SSL VPNs > Edit > Gateway Configuration,
then check the private address configuration. Make sure that this is the IP address of the private
interface of the SSL VPN server.
Possible Cause: This issue might occur in both Kiosk and Enterprise modes of SSL VPN. If the
SSL VPN server is behind a NAT, the external IP address specified during server configuration
might be incorrect.
Action: In the Administration Console, click Devices > SSL VPNs > Edit > Gateway
Configuration. Make sure that the external IP address is configured to be the IP address of a NAT
through which the external user on the Internet can access the SSL VPN server.
Possible Cause: If this issue appears in Enterprise mode, it could be because the NAT configuration
is wrong.
Action: At the command prompt, enter
information, see
Possible Cause: If this issue appears in Enterprise mode, it could be because the router
configuration is wrong.
Action: Check the router configuration. For more information, see
Address, Port, and NAT," on page
164 Novell Access Manager 3.1 SP1 SSL VPN Server Guide
/var/log/messages
.
/var/log/messages
Unable to Get Authentication Headers
iptable -L
Section 11, "Configuring the IP Address, Port, and NAT," on page
75.
SSLVPN Gateway is in bad state
, verify the following:
,
/var/log/stunnel.log,
file for more information.
to check the configuration details. For more
Section 11, "Configuring the IP
or the
and
/
error while accessing the
75.