Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 3 subscribers
  • Views 4814 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Problem with SSL VPN

BerndFeist

Helllo,

we have a strange and not reproducible problem with our SSL-VPN Remote Acces with 2 Factor Authentication with Sophos Authenticator. We are currently using Firmware version 9.413-4 on a clustered sophos SG330.

Sometimes users that are already two-factor enabled can not login. Everything seems okay and the QR in the sophos authentication database seems to be valid and correct (we also compared it with a second device - the numbers shown are exacly the same ....).

If a user with such an issue is logging on to the user portal with his account and password (without the second factor) he is shown a new QR code immeadetely. This code is different from the old one. If he scans the code he gets new numbers and can login again.

For me it looks like the connection of the user to his old QR code gets lost in some way (still visible in the authentication services) and everything needs to be reinitialised. We have no clue when and why this happens but we get 1-2 cases every week (usually 10-20 users are connected concurrently).

We have opened a support case with sophos 2 1/2 weeks ago and besides being informed that the issue is escalated nothing happens. We have also seen very poor support in the past with another unresolved issue.

Has somebody seen this issue as wall and can give us some hints how to resolve it ...

Best regards,
Bernd Feist



This thread was automatically locked due to age.
  • 0

    Hi, Bernd, and welcome to the UTM Community!

    I've not seen this issue discussed here recently, so that may account for the slowness of Support.  In any case, if this is not already resolved, you should push harder to get your issue escalated again.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0

    The only problem I have ever seen so far using 2FA is that the token offset shifts too far and then no access is possible anymore.

    From webadmin you can check the offset, which then automatically adjusts the offset and then the tokens work again. Maybe that's also what's happening in your case?

    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

Unfiltered HTML