SSL VPN and LDAP OTP issues after 7.0.1-5111 FW update.
Since applying the latest FW update to our TZ670 HA Pair a few weeks ago, we are noticing 2 issues;
- Users accessing the site with either Net Extender or Mobile connect, are seeing unusually unreliable connection to site. When using the upstream from site, the VPN will throttle to 0, then sometime hang with a range of errors on the client side. "Remote access Service Error". And none of the KB's i've found relating to these errors have made any issue in testing a fix to this. On the client, the Log details "Unload ssl core" before it collapses among other logs, but this one seems consistent in testing. Sometimes the speed throttle back up and it continues. This happens to individual users, it doesn't affect all at the same time and I've been able to recreate this and confirm ample bandwidth on site as it happens, so there is no congestion as such.
- We have users authentication using their AD credentials via LDAP and a OTP via email. With this Firmware, as soon as the OTP is entered... the firewall crashes and reboots. Quite unbelievable.
I have read a few other instances of this while researching. We have disabled OTP for now as it's unusable when in place.
I have read that there is a hotfix available to address point 2 above at least. But I cannot find this anywhere. Hase anyone else experienced this and managed to fix it?