SSL negotiation failed (error 243)

Hello,

We would need the entire Zip file.  There should be a file called AgnLog (todays dae).zip

Thank You

Hello. when I press 'view support log' from the screen (see attached screen shot), an internet tab pops up and it creates an .htm filed located at file:///C:/ProgramData/AGNS/NetClient/Support.htm. i have attached this file. Where else can I look for the zip file? i have searched that file name and nothing appears in my C directory.

There are also other .log files in that same directory. Please let me know if you would like to see those.

Hello,

This support log is in HTM format we should be able to review it now and see what may be going on.

Thank You

ok, so there is nothing else you need from me? I will be waiting for further console.

Thanks,

Laura

Could I please have a status update on this issue?

Thank you,

Laura

Hello Laura,

The logs indicate no internet connection is present. This could be becasue the proxy you are using (proxy.cupey.bppr.com:8080 ) is not allowing the SSLT VPN connection.
If this is an authenticating proxy you will have to provide credentials to allow internet access. You may want to check with local IT support on the Proxy logs to help determine why traffic is not flowing.

Thank You

Many users have been sending the logs, but solution still doesn't seem to have been obtained.

I am following this issue, but no resolution to the problem.

I am attaching my today's log.

Thank you in advance to resolve this issue.

Regards,

Sriram

I am also facing the same issue when I am on client site.

Could you please check my logs and tell me the problem too..

My client network team confirms that they have allowed IPSEC and SSL both with the firewall and proxy. My other team members are able to connect to German VPN Atnt server. But some how mine is not working.

Can some body please reply to my post

I have followed your advise about changing some login details and it has worked, but does that affect the security of the VPN , I have done this at home, not through my IT department. I am just afraid if what I have done breaches security in any way.

Could you please mention what is the change you did on the login details.

Thanks in advance,

Sriram

What changes did you make?  If you are referring to changing your service to SSL then yes, this service is just as secure.

You can read more about the SSL service starting on page 95 of our Admin guide.

http://www.corp.att.com/agnc/windows/documentation/adminguide.pdf

Thank you.

On settings , login preferences, I checked overide defaults and also checked under VPN Details - use ephemeral source ports for IPSec. Is that OK , security wise?

Yes, that is ok.    This option is enabled by default in versions 9.3 and higher.

When enabled, the AT&T Global Network Client will NOT stop Microsoft’s IPSec service and will use ephemeral

source ports (1024+). This enables Microsoft to have sole ownership of IPSec source ports 500 and 4500.

Thank you.