Hot!SSLVPN Error: code=-30008000(v1.0.1037) with Windows Store App

Author
Weatherlights
New Member
  • Total Posts : 14
  • Scores: 0
  • Reward points: 0
  • Joined: 2018/03/30 13:35:48
  • Status: offline
2019/01/07 12:56:08 (permalink)
0

SSLVPN Error: code=-30008000(v1.0.1037) with Windows Store App

Hello
 
I am using the Windows Store Plugin with Intune to use a Windows VPN Profile. The first connection attempt (after reboot) is successfull and works fine. However when the connection is interrupted by anything a reconnect fails with the message
SSLVPN Error: code=-30008000(v1.0.1037).
Invalid authentication cookie. Authentication failed.

A restart of the computer or manually closing the background service (using the taskmanager) resolves the issue until the connection is interrupted again.
On the fortigate is not much to see:

[165:root:110d3]allocSSLConn:280 sconn 0x7f4fd2891400 (0:root)
[165:root:110d3]SSL state:before SSL initialization (123.123.123.123)
[165:root:110d3]SSL state:before SSL initialization (123.123.123.123)
[165:root:110d3]SSL state:SSLv3/TLS read client hello (123.123.123.123)
[165:root:110d3]SSL state:SSLv3/TLS write server hello (123.123.123.123)
[165:root:110d3]SSL state:SSLv3/TLS write change cipher spec (123.123.123.123)
[165:root:110d3]SSL state:SSLv3/TLS write finished (123.123.123.123)
[165:root:110d3]SSL state:SSLv3/TLS write finished:system lib(123.123.123.123)
[165:root:110d3]SSL state:SSLv3/TLS write finished (123.123.123.123)
[165:root:110d3]SSL state:SSLv3/TLS read change cipher spec (123.123.123.123)
[165:root:110d3]SSL state:SSLv3/TLS read finished (123.123.123.123)
[165:root:110d3]SSL state:SSL negotiation finished successfully (123.123.123.123)
[165:root:110d3]SSL established: TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
[165:root:110d3]req: /
[165:root:110d3]mza: 0x2510890 /rmt_index.html
[165:root:110d3]def: 0x2510890 /rmt_index.html
[165:root:110d3]req: /remote/login
[165:root:110d3]deconstruct_session_id:378 decode session id ok, user=[STH_USER_CERTS,cn=UserCN],group=[adgroup],authserver=[domain.local],portal=[full-access],host=[123.123.123.123],realm=[],idx=4,auth=32,sid=31cbbb9a, login=1546890385, access=1546890385
[165:root:110d3]deconstruct_session_id:378 decode session id ok, user=[STH_USER_CERTS,cn=UserCN],group=[adgroup],authserver=[domain.local],portal=[full-access],host=[123.123.123.123],realm=[],idx=4,auth=32,sid=31cbbb9a, login=1546890385, access=1546890385
[165:root:110d3]req: /remote/logincheck?username=&credential=
[165:root:110d3]deconstruct_session_id:378 decode session id ok, user=[STH_USER_CERTS,cn=UserCN],group=[adgroup],authserver=[domain.local],portal=[full-access],host=[123.123.123.123],realm=[],idx=4,auth=32,sid=31cbbb9a, login=1546890385, access=1546890385
[165:root:110d3]req: /sslvpn/portal.html
[165:root:110d3]mza: 0x2510930 /sslvpn/portal.html
[165:root:110d3]deconstruct_session_id:378 decode session id ok, user=[STH_USER_CERTS,cn=UserCN],group=[adgroup],authserver=[domain.local],portal=[full-access],host=[123.123.123.123],realm=[],idx=4,auth=32,sid=31cbbb9a, login=1546890385, access=1546890385
[165:root:110d3]Timeout for connection 0x7f4fd2891400.

[165:root:110d3]Destroy sconn 0x7f4fd2891400, connSize=14. (root)
[165:root:110d3]allocSSLConn:280 sconn 0x7f4fd2891400 (0:root)

 
The url configured on the client is quiet simple:https://vpn.domain.com?cert=UserCN&nup=1
 
Someone else has a solution for this? Guess in the end it is a bug in the client.
 
post edited by Weatherlights - 2019/01/07 13:05:57
#1
Weatherlights
New Member
  • Total Posts : 14
  • Scores: 0
  • Reward points: 0
  • Joined: 2018/03/30 13:35:48
  • Status: offline
Re: SSLVPN Error: code=-30008000(v1.0.1037) with Windows Store App 2019/01/08 09:10:57 (permalink)
0
OK Fortinet support told me that they no longer support the windows store app… so I guess this is a dead end.
#2
Jump to:
© 2019 APG vNext Commercial Version 5.5