Is the firewall up to date on firmware (7.0.1-5065 is the latest for Gen 7 and 6.5.4.10-95n for Gen6 firewalls)
Are you able to connect to anything else in the networks behind the firewall?
What is the SSLVPN Pool range? Does it overlap or match any other network behind the firewall?
If you can, please set up a packet monitor then try to access the management page and see if there is any packet drops. You can set up the capture as follows:
Monitor filter tab:
Ether: IP
IP Type: TCP,UDP
Destination: 192.168.168.168
Enable - Enable Bidirectional Address and Port Matching
All other check boxes, leave unticked
Display filter:
Leave fields blank and check all checkboxes at the bottom
Advanced monitor filter:
Check all boxes except - Restore original ports on SSL decrypted traffic.
I just need users to be able to login and get the QR code for 2fa.
My manager setup 2fa for netextender with our Sonicwall. Everything seemed to be going well. Then suddenly, I am unable to login with any end-user accounts anymore. I get "unknown error".
I can still login with my admin account.
The manager who set this up left and now I need to figure this out.
Im sure Tonya's questions above are all very reasonable, but I have no idea what any of that means.
It was working so I imagine its something simple?
Is there a simple change in config that can cause end-user non-admin logins to suddenly start failing with "Unknown Error"?
Is there something I can compare between my admin account and end user account?
Answers
Hey @YMobile
Is the firewall up to date on firmware (7.0.1-5065 is the latest for Gen 7 and 6.5.4.10-95n for Gen6 firewalls)
Are you able to connect to anything else in the networks behind the firewall?
What is the SSLVPN Pool range? Does it overlap or match any other network behind the firewall?
If you can, please set up a packet monitor then try to access the management page and see if there is any packet drops. You can set up the capture as follows:
Monitor filter tab:
Ether: IP
IP Type: TCP,UDP
Destination: 192.168.168.168
Enable - Enable Bidirectional Address and Port Matching
All other check boxes, leave unticked
Display filter:
Leave fields blank and check all checkboxes at the bottom
Advanced monitor filter:
Check all boxes except - Restore original ports on SSL decrypted traffic.
Im having this same issue. Or similar?
I just need users to be able to login and get the QR code for 2fa.
My manager setup 2fa for netextender with our Sonicwall. Everything seemed to be going well. Then suddenly, I am unable to login with any end-user accounts anymore. I get "unknown error".
I can still login with my admin account.
The manager who set this up left and now I need to figure this out.
Im sure Tonya's questions above are all very reasonable, but I have no idea what any of that means.
It was working so I imagine its something simple?
Is there a simple change in config that can cause end-user non-admin logins to suddenly start failing with "Unknown Error"?
Is there something I can compare between my admin account and end user account?
PLS disregard. I was accessing management web site, not virtual office web site.