We use Sophos UTM 9.7 as our Gateway. It is connected to our Active Directory via LDAP.
When a user logs into our VPN portal, the user is created automatically in our gateway with their AD credentials.
In the Authentication Services --> Global Settings, "End User Portal" is activated.
We have One-Time Password activated and we Drag and Drop any new User into the "Authentication Settings"
"Auto-create OTP tokens for users" is activated.
Afterwards any user, which is dragged in, gets a QR code to scan with an Authentication App. Then They login by adding the 6-digit code to their usual Password.
Now to the Problem:
We have 2-3 Users, created completely equal to all the others, for which the 6 digit code doesn't work. After Scanning the QR code, the Authentication App shows a 6 digit code, but any conceivable way of entering it, results in "invalid username/password (or access denied by policy)".
We deleted the users from the Gateway, let them login to our End User Portal again and do redo the whole procedure. Sadly, this resulted in the same Error. Wrong Password/Username is already ruled out, since we tested it on site as well.
Is there any way to get a more detailed explanation on why the login didn't work?
This thread was automatically locked due to age.
