4.8.1 update stops vpns working

I have had TEF 4.8 running perfectly for several months now and have been extremely happy with it. However a couple of days ago, following a simple rule update, all of our vpns stopped working. I couldn’t find the cause of the problem but reinstalling and reconfiguring seemed to work. However the exact same thing happened today, and taking a bit more time I spotted that TEF had updated itself (again) to 4.8.1.

I have installed the 4.8.1 client, and checked that all the advanced VPN settings match my existing vpn configuration, but the initiating firewall reports the TEF cookie as 0x0000000000000000, with no response. Has anyone had similar problems?

Send the output of ipsec ■■■■ from the server to this email id: tef@comodo.com.


Trustix Team


I had a quick look at the “ipsec ■■■■” output and I was able to fix this issue by turning off the “strict” requirement at the other end, it would appear that SHA authentication doesn’t work between these two firewalls.

I’ve noticed that the bottom half of the server menu is a bit screwy, you have to select the menu option below the one you want. This happens even on a clean install of TEF 4.8.1. I don’t know if there is something I can do to correct this?

Other than that, the updates to the client are great, keep up the good work!

Regarding the server menu, you can use administration menu from the Client.
We are working on the server menu.

Your comments and suggestions are always welcome.

Trustix Team

Server Menu bug has been fixed.
Upgrade the server by using “swup --upgrade”.
Restart the server after the upgarde.

Trustix Team

I am new to to the TEF/TSL community but have worked with several other vendors’ VPN/Firewall products. I have read the manual and searched Google and this forum for relevant information to my problem.

I am trying to use TEF 4.8.1 to connect a couple of remote LANs using a Netgear Prosafe VPN Firewall (FVS114) and also a Watchguard X10e Edge firewall over IPSEC VPN tunnels.

Using the Netgear unit, I am able to establish a tunnel, but cannot pass traffic from a host on one LAN to a host on the other LAN.

Using the Watchguard unit, I am unable to establish a tunnel.

In both situations, I have tried several combinations of parameters to try to solve my problem. Could someone please post a “step-by-step” configuration guide for establishing a “LAN-to-LAN” IPSEC VPN tunnel (including any needed rules) using a dissimilar unit on the other end?

Are there any known interoperability problems?

Thanks for your help!

Hi Jeromey,

Check the output of ipsec ■■■■ to figure out the problem.
If you still need further help, send the output of ipsec ■■■■ from the server to this email id: tef[ at ]comodo.com.


Trustix Team