hi,
i have XGS2100 (SFOS 20.0.2 MR-2-Build378).very wired issue is being faced. i am using STAS for user authentication. user rule is down in the rules. on top of all i have created rule in which i added mac address of few users. this rule is not working. when a user came whose mac in not entered in rule then it passes through any user rule. in log viewer it shows mac address and email address of any domain user. while this mac is not part of any domain PC. this is not normal. from user rule that user shoudl pass who was called in that rule.
i also created new mac address rule but it is not working. i noticed that when any user came whose mac is not in allowed rule it take ip from dhcp , that ip was previously used by some authenticated user then this user is considered as authenticated user and goes through user rule.
as a work around i enabled Enable user inactivity under STAS, configured inactivity timer 120 Min. and Data transfer Threshold 100 Bytes. but with this setting the user whose mac in not entered is not allowed to go to internet while the user who are authenticated start being logged off either they are idle or not for 120 Min.
please advise..
Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.