Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 40 subscribers
  • Views 1033 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

WAF Authentication timeout and life-time without function?

dirkkotte

Hi all,

i use XG (home) with WebServer protection and authentication.
Yesterday i open the page, authenticate and got the content.
Notebook was powered off for 12 hours afterwards.
This morning i am able to access the webpages without authentication.
The only one Authentication policy has configured a session time-out with 20 minutes and a session lifetime with 2 hours.
Any idea where I have a configuration error?
Have you seen someone like this?



This thread was automatically locked due to age.
Parents
  • 0

    Dirk,

    check the reverseproxy.log from advanced shell and report here the logs. Regards

  • 0 in reply to lferrara

    Hi,

    here is the log from this day, looks as i am able to continue without authenticated user after timeout ...:

    [Fri Mar 20 10:03:31.252025 2020] [authnz_aua:error] [pid 32379:tid 140372323714816] [client 195.50.111.22:52867] [myUser] timeout check failed, referer: https://web.mypage.de:8443/myapp/myapp_prod/


    [Fri Mar 20 10:03:31.245756 2020] timestamp="1584695011" srcip="195.50.111.22" localip="192.168.178.222" user="myUser" method="GET" statuscode="302" reason="-" extra="-" exceptions="-" duration="11743" url="/myapp/" server="web.mypage.de:8443" referer="web.mypage.de:8443/.../" cookie="SID=gSuPQsyySilIvFfpsgCl" set-cookie="bfnnqlexchfjczb_cookie=Gqaxf3Jr231TwIJn1+lHJJnKWDe0YEZay4a1/tmj74+SsZ9BeDJYnq076ckLoCDxycZlk5bHspBQEIxqvVGbEIbai3sHFJXLPSk7QnNJBWCa9wzAbDuW5ZNMPGAbkjAU44G3o50z+rz39tP+6osaNrRWcMrXbUcqRZVE6YMYs/5VSJ1A0e/MGw==;path=/;httponly;secure" recvbytes="1286" sentbytes="2626" protocol="HTTP/1.1" ctype="text/html" uagent="Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" querystring="?XHR=1&_=1584612261106" websocket_scheme="-" websocket_protocol="-" websocket_key="-" websocket_version="-" ruleid="19"


    [Fri Mar 20 10:03:31.286794 2020] timestamp="1584695011" srcip="195.50.111.22" localip="192.168.178.222" user="-" method="GET" statuscode="200" reason="-" extra="-" exceptions="SkipURLHardening, SkipFormHardening, SkipFormHardeningMissingToken" duration="10609" url="/_bfnnqlexchfjczb_form" server="web.mypage.de:8443" referer="web.mypage.de:8443/.../" cookie="SID=gSuPQsyySilIvFfpsgCl" set-cookie="bfnnqlexchfjczb_cookie=yJ3QVr6/A2MHFzIA7JlHt4e4W0b6z7wOIwZ7jtugT3x+OKHOU59PVBteE7HPZOFvuaemGu8lvN7uBtAVVEqSZlwqNvWSb6ZKQlTE47O5m6+UnxPgGY2d1a1vUD2KYQ1eibNm6u8JfdGjPGadvle36fk3KHGGkDeLwTSPCqiaKPAM4sYkyLILZg==;path=/;httponly;secure" recvbytes="638" sentbytes="1545" protocol="HTTP/1.1" ctype="text/html" uagent="Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" querystring="" websocket_scheme="-" websocket_protocol="-" websocket_key="-" websocket_version="-" ruleid="19"


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

Reply
  • 0 in reply to lferrara

    Hi,

    here is the log from this day, looks as i am able to continue without authenticated user after timeout ...:

    [Fri Mar 20 10:03:31.252025 2020] [authnz_aua:error] [pid 32379:tid 140372323714816] [client 195.50.111.22:52867] [myUser] timeout check failed, referer: https://web.mypage.de:8443/myapp/myapp_prod/


    [Fri Mar 20 10:03:31.245756 2020] timestamp="1584695011" srcip="195.50.111.22" localip="192.168.178.222" user="myUser" method="GET" statuscode="302" reason="-" extra="-" exceptions="-" duration="11743" url="/myapp/" server="web.mypage.de:8443" referer="web.mypage.de:8443/.../" cookie="SID=gSuPQsyySilIvFfpsgCl" set-cookie="bfnnqlexchfjczb_cookie=Gqaxf3Jr231TwIJn1+lHJJnKWDe0YEZay4a1/tmj74+SsZ9BeDJYnq076ckLoCDxycZlk5bHspBQEIxqvVGbEIbai3sHFJXLPSk7QnNJBWCa9wzAbDuW5ZNMPGAbkjAU44G3o50z+rz39tP+6osaNrRWcMrXbUcqRZVE6YMYs/5VSJ1A0e/MGw==;path=/;httponly;secure" recvbytes="1286" sentbytes="2626" protocol="HTTP/1.1" ctype="text/html" uagent="Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" querystring="?XHR=1&_=1584612261106" websocket_scheme="-" websocket_protocol="-" websocket_key="-" websocket_version="-" ruleid="19"


    [Fri Mar 20 10:03:31.286794 2020] timestamp="1584695011" srcip="195.50.111.22" localip="192.168.178.222" user="-" method="GET" statuscode="200" reason="-" extra="-" exceptions="SkipURLHardening, SkipFormHardening, SkipFormHardeningMissingToken" duration="10609" url="/_bfnnqlexchfjczb_form" server="web.mypage.de:8443" referer="web.mypage.de:8443/.../" cookie="SID=gSuPQsyySilIvFfpsgCl" set-cookie="bfnnqlexchfjczb_cookie=yJ3QVr6/A2MHFzIA7JlHt4e4W0b6z7wOIwZ7jtugT3x+OKHOU59PVBteE7HPZOFvuaemGu8lvN7uBtAVVEqSZlwqNvWSb6ZKQlTE47O5m6+UnxPgGY2d1a1vUD2KYQ1eibNm6u8JfdGjPGadvle36fk3KHGGkDeLwTSPCqiaKPAM4sYkyLILZg==;path=/;httponly;secure" recvbytes="638" sentbytes="1545" protocol="HTTP/1.1" ctype="text/html" uagent="Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" querystring="" websocket_scheme="-" websocket_protocol="-" websocket_key="-" websocket_version="-" ruleid="19"


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

Children
No Data
Unfiltered HTML