Comments
-
@Darshil With the tunnel clients the SMA server FQDN will be remembered. Once that is set it should not be a problem. With web access is where the risk is more prominent. I think the best tool we have to solve your issue on the client side, before a VPN is established, is the Sonicwall Capture Client product. If you use…
-
Hi @shultis, Does the AD attribute for those two users contain the necessary information to send the OTP? e.g. the phone number for SMS notification
-
Hi @CheeseGrater, 1) The login process is best secured by configuring AD over SSL. In the 12.4 Admin Guide, starting on page 171, is the description for 'Microsoft Active Directory configuration options' https://www.sonicwall.com/techdocs/pdf/sonicwall-secure-mobile-access-12-4-administration-guide.pdf 2) The SMA caches…
-
@Nat For a detailed analysis for why a specific situation failed EPC please open a case with support.
-
@Nat The problem with Chrome is the Secure Endpoint Manager (SEM) agent. For Chrome to participate in the client side of the EPC evaluation it has to run the SEM agent. When the client logs in they have to agree to the SEM being downloaded. They have to install it the one time. When the agent needs to be activated to for…
-
@Nat There are a couple of questions to narrow that. First, is your EPC database current? 20.04.08.71 is the current version. The EPC database is downloaded from Mysonciwall downloads page and is independent of the firmware version. Second, what is the exact version of your Symantec SEP? Is that specific value in the EPC…
-
@Nat No. The SMA determines whether the user system met the requirements. Here is how it goes. At login the SMA passes to the client side EPC agent the values to be evaluated, not the desired values. The client EPC agent captures the elements and forwards them to the SMA to be evaluated. On the client side you will only be…
-
"Interrogation completed with result [0]." means the EPC ran successfully on the client side. This does not mean the client matched the EPC device profile on the SMA. The client reports the elements to the SMA EPC process where they are evaluated. The SMA logs will show the flow of the evaluation.
-
@Darshil The error is saying the certificate is not correct. There are common fields in a certificate that identify things like the purpose of the certificate. The Key Usage field: This field lists the valid cryptographic uses of the certificate's public key. Basically what can the certificate's public key be used to do.…
-
To complete the information: Following the Admin guide you create the needed static IP address pools. On logging into a Realm, Group Membership can control which Community the user gets. The Community controls which IP Address Pool the user pulls an IP address from.
-
@AWB we have this process in a KB article:
-
@ittech99 Unfortunately there is not much you can do. The SRA 1200 went past all support on the first of April 2016. Firmware that would run on the SRA 1200, out of support around the same time, would not support the modern browser environment. The current hardware relatively equivalent to the SRA 1200 would be the SMA 200…
-
The Virtual Host IP Address field need not be filled out on the Portals / Portals / Edit Portal / Virtual Host tab. This is typically left blank. The Virtual Host IP Address field is only used if you selected a Virtual Host Interface. If your SMA is installed as recommended there is only one active interface (X0), so this…
-
@Darshil Yes.
-
The FQDN needs to be in the Virtual Hosts tab. that same one that connects to the SMA from the public network.