Menu

Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Sign In Register
Options

2 issues; .local domain suffix issue & “greyed out” username web interface when using VPN

kdymanagerkdymanager Newbie ✭
in Entry Level Firewalls

Hi,

Tried the Mid-level Firewall section but no one answered.. So I try you guy in hope someone has an answer.

FireWall: SONICWALL TZ400

Current firmware: SonicOS Enhanced SonicOS Enhanced 6.5.4.13-105n

1. Problem (which is "solved" (work around) by using remote desktop to a server):

When I access our network using the SonicWall Global VPN client on my PC I cannot change the username on the web interface for the FireWall (TZ400) when accessing the web interface directly from my remote PC (VPN connected)?!

The username is already filled out (and wrong which related to the next issue).

But why is the username already filled out and greyed out? I would like to change the username which relates to the admin.

greyout.png



2. problem: (which I know is the case because of the 1. Issue):

I synchronize all users using LDAP protocol. I sync. the users towards a NAS server which is acting as and an AD.

Problem is the NAS inherited the old domain .local suffix from a Windows 2012 server when migrated.

We have no issues within the local network and we log into our PCs using usernames only (no @doiman.local etc.). All PCs log into the domain as domain\username where domain is pre-present.

The NAS server handles this very well.

I see this full userPrincipalName with @domin.local due to issue 1 and though that that might be the issue why I can´t access some SMB shares when remote using the VPN but I can when within the local network. It´s seem I try to access the shares with the @domain.local suffix.

This only happens when connected through the VPN.

.local domain inherited from LDAP + .local name follows the user (=access denied)

So first off I need to be able to change the username for the web interface when connected remotely using VPN as this would still be an issue if domain suffix is removed (admin is not a domain user).

Secondly I need to change that name which is passed through to the network once connected to the VPN.

ldap.png

Bonus info: Once connected to the VPN I also have to use username@domain.local to connect to the remote desktop. This is not the case when I am within the local network. here username works just fine.

For some reason the domain.local suffix become mandatory when connected using the SonicWall Global VPN client.



Any thoughts?

I was hoping the last image was the place to solve it.

I have had no luck finding any solution online so I thought I give the comunity a change.

I look forward to your input!


Thanks :-)

Category: Entry Level Firewalls
Reply
Tagged:

Answers

  • Options
    TonyATonyA SonicWall Employee

    Hi @kdymanager

    This is expected behavior when connecting with Global VPN client. When you access the firewall management, it will pre populate with the user you have used to authenticate with the VPN.

Sign In or Register to comment.