Jump to content


Photo

VPN Won't Authenticate

VPN AD authentication ssl

  • Please log in to reply
2 replies to this topic

#1 Scott Larsen

Scott Larsen
  • Members
  • 1 posts

Posted 15 May 2014 - 04:08 PM

Setting up SSL VPN using active directory.  Have configured and using test to connect to active directory and all is good.  Configure SSL and no one can log in - no ones credentials work.

 

Worked with support on this for 2 1/2 hours and had to back out of the installation.  Have scheduled downtime tomorrow night to try and resolve, but thought I would check and see if anyone else had ideas. The tech I was working with had to go off shift, and told me I would have had to wait 3 to 4 hours until a tech would be available to pick up the ticket.   (this was at 12:30am).  Then he wanted to schedule time during the day for us to troubleshoot - never mind that we would have to take down the entire office network to troubleshoot.  So finally got a downtime scheduled, and he says he may or may not be available so I may just have to call in and not sure how long it will be to get someone if they are busy... 

 

This is the 3rd or 4th problem I have had with this firewall - the first problem required me to completely reset to factory specs and start over (after following the "install" wizard).  Been doing IT for 20 years and was very impressed the with Barracuda Spam Filter i had installed a few years ago - not so much based on my experience so far with the firewall...

 

Thanks in advance for any advice.

 

S



#2 Robert Cabrera

Robert Cabrera
  • Members
  • 9 posts

Posted 15 May 2014 - 04:40 PM

Man Scott I feel your pain on the tight and elusive windows to work in.  Really do not know if this will help as I have not implemented SSL just yet but a quick thought in that for my network with a SLD (Single Level Domain) I found that we had to use a lower case base DN descriptor for it to authenticate properly with our AD dc=domain

 

Would also insure most updated firmware of course.  Good luck!



#3 Colin Hassey

Colin Hassey
  • Members
  • 18 posts
  • LocationCanada

Posted 16 May 2014 - 03:55 PM

I get the feeling this product was launched too early.  There is a bug where hairpin nat does not work on dynamic interfaces.  A $100 firewall can do this.  Bug was reported months ago but apparently still not fixed in 6.5.