Traffic not allowed post user authentication/login
I have a sonicwall TZ350 that connects a smaller network A(LAN) to a bigger network B(WAN). A DMZ Zone exists between the two.
We have setup a firewall such that Traffic is allowed from WAN--> DMZ, if a TrustedUser logs in.
We have setup users and they login using a web browser, complete multifactor authentication and are allowed to access DMZ Services(RDP, HTTP etc). This has worked for more than an year, except that recently the firewall occasionally does not allow the traffic from from(WAN--> DMZ) even after a user successfully logs in.
Post login, I do see a popup that mentions the time until the user would stay logged in. What is surprising is this issue goes away randomly and keeps coming back again.
What I have tried:(and nothing worked)
-- resetup the firewall rules, checked their priority.
--Restarted the firewall
--Upgrade firmware to 18.104.22.168
--turned off the failover internet connection.
--physically checked if the DMZ services were accessible from within DMZ.
--tried to login using Chrome, Edge, IE,
To verify if nothing was wrong with NAT, I temporarily changed the WAN-->DMZ rule, such that instead of TrustedUsers, the traffic would be allowed for all users, and everything start to work immediately, this means the only thing causing trouble is the fact that Sonicwall fails to recognize that a trusted user has logged in.
(One thing I noticed was, if I login using the web browser, and immediately open a new tab, and access the firewall WAN IP(the login page), it again displays the login page instead of showing that the user is already logged in.)
Any leads on what could be causing this issue and what could be done to further investigate this issue would help.
Thank you for visiting SonicWall.
As you have mentioned the issue happens randomly, we need to perform a packet capture on the SonicWall for working and non-working scenarios. This would help diagnose the issue. It would be better if you can get in touch with our support team for real-time assistance.
For packet capture understanding, please refer below KB article web-link.
Technical Support Advisor - Premier Services
Hi Saravan, I have run a packet capture and shared with technical support aswell, but so far there has not been any resolution. ANy leads on what could be causing this would be welcome, do you suggest we factory reset the device once?