SSL VPN locks user on failed password


Using XGS 6500 with Sophos connect client (2.1/2.2). If someone mistypes their password just once whilst logging in to the VPN it locks the AD account. AD logs suggest 4 failed attempts by the firewall to authenticate against 2 domain controllers.

Is this a setting anywhere? Surely one failed attempt (0x0000234) should result in a rejected login?

I've not attempted to increase the domain setting for failed attempts before lockout but has anyone had any experience of this issue?

Edited Tags
[edited by: Erick Jan at 7:06 AM (GMT -7) on 7 Sep 2022]
Parents Reply Children