TSA users don't show up on users menu
brunogabriel
Newbie ✭
Configured TSA 4.0.16 on a SonicWALL TZ300, firmware version 6.5.4.4 but RDP users don't show up on logged users.
I logged with some random users, but on TSA agent it seems that he only recognises user SISTEMA:
Any ideas?
03/26/20:16:25:40 Debug Id:5900 Snooper IOCTL Events 03/26/20:16:25:40 Debug Id:5900 handleOpenAddress: TCP 10.192.42.29:54415 SISTEMA@AUTORIDADE NT [S-1-5-18] pid = 900, pending = 0, fileobj = 0 03/26/20:16:25:40 Debug Id:5900 handleOpenAddress: Remote IP Address: '104.80.2.183:80' SessionId: '0' 03/26/20:16:25:40 Debug Id:5900 handleOpenAddress: 10.192.42.29:54415 is already in use for fileobj 0 03/26/20:16:25:40 Debug Id:5900 handleOpenAddress: Queuing Pkt for Dispatching 10.192.42.29:36820 -> 104.80.2.183:20480 03/26/20:16:25:40 Debug Id:2864 TSAPkt: Non User Connection:'SISTEMA' ServerName:'srv-wts_01' 03/26/20:16:25:40 Debug Id:2864 TSAPkt: Adding Random IV. 03/26/20:16:25:40 Debug Id:2864 TSAPkt: Adding SessionID TLV for User:'SISTEMA' SessionID:'0' 03/26/20:16:25:40 Debug Id:2864 TSAPkt: Encrypting pkt... 03/26/20:16:25:40 Debug Id:2864 TSAPkt: Added Id[13186] To R-Q 03/26/20:16:25:40 Debug Id:2864 HashMap:Add Hash:412, Rqst:13186 03/26/20:16:25:40 Debug Id:2864 [Notification] SourceCount(1), ClientPkg: 10.192.42.29:54415 -> 104.80.2.183:80 TSAPkg: 10.192.42.29:0 -> 10.192.42.15:2259 03/26/20:16:25:40 Debug Id:2864 TSAPkt: 104 bytes sent to 10.192.42.15:2259 from 0.0.0.0:0 03/26/20:16:25:40 Debug Id:5656 UTM Resp: Processing response from UTM.ResponseLen:'32' 03/26/20:16:25:40 Debug Id:5656 UTM Resp: Header::Version:'2'MsgType:'Response'Signature:'0x92003563'ReqstId:'13186'Length:'9'. 03/26/20:16:25:40 Debug Id:5656 UTM Resp: Got SessionId TLV. SessionId:'0' ConnectionType:'Non User' 03/26/20:16:25:40 Warning Id:5656 UTM Resp: Could not find entry for SessionId:'0'
Category: Entry Level Firewalls
0
Best Answer
-
CORRECT ANSWER
KaranM
Administrator
Hello @brunogabriel
I hope you are well!
Can you please follow https://www.sonicwall.com/support/knowledge-base/user-not-identified-by-tsa-or-only-default-cfs-policy-applied-to-user/170804105035691/. it tells to disable proxy functionality of your endpoint protection suite and check if that helps.
Thank You
Knowledge Management Senior Analyst at SonicWall.
5
Answers
It worked, thanks!
@brunogabriel ,
Always happy to help.
Take Care
Knowledge Management Senior Analyst at SonicWall.