Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".


SSL-VPN connected devices generating Event ID:4 "Security-Kerberos" for each connected device


when checking in event viewer on Domain controller it is flooded with Event id:4 issues. when check in detail found it is generated by SSL-VPN device with same IP and different device name see example below.

The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server z1526$. The target name used was cifs/ This indicates that the target server failed to decrypt the ticket provided by the client. This can occur when the target server principal name (SPN) is registered on an account other than the account the target service is using. Ensure that the target SPN is only registered on the account used by the server. This error can also happen if the target service account password is different than what is configured on the Kerberos Key Distribution Center for that target service. Ensure that the service on the server and the KDC are both configured to use the same password. If the server name is not fully qualified, and the target domain ( is different from the client domain (, check if there are identically named server accounts in these two domains, or use the fully-qualified name to identify the server.

is there a way to flush out this spn every time SSL-VPN connect? I called support but they cannot reserve IP to NetExtender, cause NetExtender does not have any MAC

Category: SSL VPN
Sign In or Register to comment.