Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

SSL VPN and LDAP OTP issues after 7.0.1-5111 FW update.

Hi

Since applying the latest FW update to our TZ670 HA Pair a few weeks ago, we are noticing 2 issues;

  1. Users accessing the site with either Net Extender or Mobile connect, are seeing unusually unreliable connection to site. When using the upstream from site, the VPN will throttle to 0, then sometime hang with a range of errors on the client side. "Remote access Service Error". And none of the KB's i've found relating to these errors have made any issue in testing a fix to this. On the client, the Log details "Unload ssl core" before it collapses among other logs, but this one seems consistent in testing. Sometimes the speed throttle back up and it continues. This happens to individual users, it doesn't affect all at the same time and I've been able to recreate this and confirm ample bandwidth on site as it happens, so there is no congestion as such.
  2. We have users authentication using their AD credentials via LDAP and a OTP via email. With this Firmware, as soon as the OTP is entered... the firewall crashes and reboots. Quite unbelievable.

I have read a few other instances of this while researching. We have disabled OTP for now as it's unusable when in place.

I have read that there is a hotfix available to address point 2 above at least. But I cannot find this anywhere. Hase anyone else experienced this and managed to fix it?

Category: Mid Range Firewalls
Reply

Best Answer

  • CORRECT ANSWER
    MustafaAMustafaA SonicWall Employee
    Answer ✓

    Hi @Xero , we have a hotfix available for this issue. As you indicated, this issue came to our attention after the release of 7.0.-1-5111 firmware. Please create a web case with a reference to GEN7-39015, and we will share the hotfix firmware.

Answers

  • XeroXero Newbie ✭

    Thanks

    Does this also fix the SSL VPN reliability issue? I have a case open for this one already and the technician has so far reported no issue based on the logs and symptoms.

  • MustafaAMustafaA SonicWall Employee

    This requires deep dive into the logs you provided, but I can certainly suggest as the first step, using the hotfix firmware and observing if that also adds stability to your SSLVPN connection.

  • XeroXero Newbie ✭

    Thanks. I have raised a case.

    I'll be sure to feed back here if only to help others. It's been a very stressful episode having only found 1 thread with any reference to this hotfix existing.

  • MustafaAMustafaA SonicWall Employee

    I am glad you posted this so that I could give you some guidance.

  • XeroXero Newbie ✭

    @MustafaA Do you know how long this case will take to get assigned, typically. We could really do with this HotFix as a matter of urgency. Or is there any other place I can download it from?

  • MustafaAMustafaA SonicWall Employee

    The HF firmware will be uploaded to your case itself.

Sign In or Register to comment.