Action Ssl Login Fail Reason Sslvpn_login_unknown_user

By | May 28, 2022

The information you are about to copy is INTERNAL! DO NOT share it with anyone outside Check Point.

LDAP Endpoint Security VPN users and/or Mobile Access users are not able to login Technical Level


Symptoms

  • Mobile Access users are not able to login.
  • Authentication timeout (waiting for server)
    Users receive:
    "access denied - wrong username and password"
  • in SmartView Monitor/SmartLog,
    “unknown user”
    logs can be found.
    If you run
    pdp monitor user “username”, it shows user information.
  • Cannot expand Account Unit tree and fetch users information from there, but can only fetch the domain.
  • Output of
    adlog a dc
    command shows that the DC is connected and the number of events is increasing.
  • cvpnd
    logs shows:


    [ PID][17 DATE TIME]User not found: Username
    [ PID][17 DATE TIME]cpsc_get_msg_by_id: Cache HIT for CPSC_UNKNOWN_USER
    [ PID][17 DATE TIME]cpsc_get_msg_by_id: Cache HIT for CPSC_INTERNAL_ACCESS_DENIED
    [ PID][DATE TIME]auth_failed(au=a443f50): start
    [ PID][DATE TIME]cvpn_extract_groups_from_user: No user object
    [ PID][17 DATE TIME][CVPN_ERROR] Cvpn::AuthSession::extractUserAttributes: Did not find user principal name of user record.
    [ PID][17 DATE TIME]cvpn_auth_end_session: WARNING: Authentication failed for user 'username'
    [CVPN_INFO] Cvpn::CvpnSessionManager::getGatewayDefaultCert: The ICA's DN is: 'O=USNJPYDCFRM01.FINANCE.COMPANY.COM.ee5gda'
    [ PID][DATE TIME]OutResultSet = void*(NULL), OutResult = Request succeeded, but the object was not found
    [ PID][DATE TIME][CVPN_ERROR] Cvpn::AuthSession::isAuthenticated: Authentication failed (credentials or other reason)
    [ PID][DATE TIME][CVPN_INFO] Cvpn::AuthSession::getUsername: Extracted Username: alimUsername 'username' is not authenticated [ PID][DATE TIME][CVPN_INFO] Cvpn::AuthnManager::doneCb: authSession not authenticated - failed login
    [ PID][DATE TIME][CVPN_INFO] Cvpn::AuthrManager::askForNewSession: Called for given username: 'username', fetched as: 'username', authenticated: false

  • For Endpoint VPN users, in
    vpnd.elg, log shows:

    [vpnd PID]@GATEWAY[DATE TIME] InResultSet = void*(NULL), InResult = Request succeeded, but the object was not found, Index = 0

    [vpnd PID]@GATEWAY[DATE TIME] All sub-requests replied

    [vpnd PID]@GATEWAY[DATE TIME] OutResultSet = void*(NULL), OutResult = Request succeeded, but the object was not found

    [vpnd PID]@GATEWAY[DATE TIME] CLdapResponse::CLdapResponse (0x9fc1e98): new Response object

    [vpnd PID]@GATEWAY[DATE TIME] EntryId = 28 found

    [vpnd PID]@GATEWAY[DATE TIME] [RootId = 169] AU = AU_NAME

    [vpnd PID]@GATEWAY[DATE TIME] EntryId = 169 found

    [vpnd PID]@GATEWAY[DATE TIME] Passing response for Lookup 169

    [vpnd PID]@GATEWAY[DATE TIME] User not found: USERNAME

    [vpnd PID]@GATEWAY[DATE TIME] Current time in millisec: 1.58635e+12

    [vpnd PID]@GATEWAY[DATE TIME] Found parent: 1.1.1.2 for: 1.1.1.2.5

    [vpnd PID]@GATEWAY[DATE TIME] Update existing object with incoming object:1.1.1.2.5,Active Lookup Events to container: 1.1.1.2,Active Lookup Events

    [vpnd PID]@GATEWAY[DATE TIME] Added event statistics data to1.1.1.2.5,User Not Found

    [vpnd PID]@GATEWAY[DATE TIME] Found parent: 1.1.1 for: 1.1.1.3

    [vpnd PID]@GATEWAY[DATE TIME] Update existing object with incoming object:1.1.1.3,User to container: 1.1.1,User

    [vpnd PID]@GATEWAY[DATE TIME] Added value statistics data to:1.1.1.3,Total Lookup Time (millisec)

    [vpnd PID]@GATEWAY[DATE TIME][CPLDAPCL] CLdapResponse::CLdapResponse (0xab24cb8): new Response object

Cause

LDAP account unit has mismatch on branch name.

This could happen if the fingerprint is changed on the AD server. Since it is necessary to fetch branches and fingerprints to fix this issue, this will cause the domain to not be fully added.




Solution



Note: To view this solution you need to

Sign In

.

Action Ssl Login Fail Reason Sslvpn_login_unknown_user

Source: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk143052

Popular:   Queen of Heaven Academy Populi Login