Action Ssl Login Fail Reason Sslvpn_login_unknown_user

By | May 28, 2022

The information you are about to copy is INTERNAL! DO NOT share it with anyone outside Check Point.

LDAP Endpoint Security VPN users and/or Mobile Access users are not able to login Technical Level


Symptoms

  • Mobile Access users are not able to login.
  • Authentication timeout (waiting for server)
    Users receive:
    "access denied - wrong username and password"
  • in SmartView Monitor/SmartLog,
    “unknown user”
    logs can be found.
    If you run
    pdp monitor user “username”, it shows user information.
  • Cannot expand Account Unit tree and fetch users information from there, but can only fetch the domain.
  • Output of
    adlog a dc
    command shows that the DC is connected and the number of events is increasing.
  • cvpnd
    logs shows:


    [ PID][17 DATE TIME]User not found: Username
    [ PID][17 DATE TIME]cpsc_get_msg_by_id: Cache HIT for CPSC_UNKNOWN_USER
    [ PID][17 DATE TIME]cpsc_get_msg_by_id: Cache HIT for CPSC_INTERNAL_ACCESS_DENIED
    [ PID][DATE TIME]auth_failed(au=a443f50): start
    [ PID][DATE TIME]cvpn_extract_groups_from_user: No user object
    [ PID][17 DATE TIME][CVPN_ERROR] Cvpn::AuthSession::extractUserAttributes: Did not find user principal name of user record.
    [ PID][17 DATE TIME]cvpn_auth_end_session: WARNING: Authentication failed for user 'username'
    [CVPN_INFO] Cvpn::CvpnSessionManager::getGatewayDefaultCert: The ICA's DN is: 'O=USNJPYDCFRM01.FINANCE.COMPANY.COM.ee5gda'
    [ PID][DATE TIME]OutResultSet = void*(NULL), OutResult = Request succeeded, but the object was not found
    [ PID][DATE TIME][CVPN_ERROR] Cvpn::AuthSession::isAuthenticated: Authentication failed (credentials or other reason)
    [ PID][DATE TIME][CVPN_INFO] Cvpn::AuthSession::getUsername: Extracted Username: alimUsername 'username' is not authenticated [ PID][DATE TIME][CVPN_INFO] Cvpn::AuthnManager::doneCb: authSession not authenticated - failed login
    [ PID][DATE TIME][CVPN_INFO] Cvpn::AuthrManager::askForNewSession: Called for given username: 'username', fetched as: 'username', authenticated: false

  • For Endpoint VPN users, in
    vpnd.elg, log shows:

    [vpnd PID]@GATEWAY[DATE TIME] InResultSet = void*(NULL), InResult = Request succeeded, but the object was not found, Index = 0

    [vpnd PID]@GATEWAY[DATE TIME] All sub-requests replied

    [vpnd PID]@GATEWAY[DATE TIME] OutResultSet = void*(NULL), OutResult = Request succeeded, but the object was not found

    [vpnd PID]@GATEWAY[DATE TIME] CLdapResponse::CLdapResponse (0x9fc1e98): new Response object

    [vpnd PID]@GATEWAY[DATE TIME] EntryId = 28 found

    [vpnd PID]@GATEWAY[DATE TIME] [RootId = 169] AU = AU_NAME

    [vpnd PID]@GATEWAY[DATE TIME] EntryId = 169 found

    [vpnd PID]@GATEWAY[DATE TIME] Passing response for Lookup 169

    [vpnd PID]@GATEWAY[DATE TIME] User not found: USERNAME

    [vpnd PID]@GATEWAY[DATE TIME] Current time in millisec: 1.58635e+12

    [vpnd PID]@GATEWAY[DATE TIME] Found parent: 1.1.1.2 for: 1.1.1.2.5

    [vpnd PID]@GATEWAY[DATE TIME] Update existing object with incoming object:1.1.1.2.5,Active Lookup Events to container: 1.1.1.2,Active Lookup Events

    [vpnd PID]@GATEWAY[DATE TIME] Added event statistics data to1.1.1.2.5,User Not Found

    [vpnd PID]@GATEWAY[DATE TIME] Found parent: 1.1.1 for: 1.1.1.3

    [vpnd PID]@GATEWAY[DATE TIME] Update existing object with incoming object:1.1.1.3,User to container: 1.1.1,User

    [vpnd PID]@GATEWAY[DATE TIME] Added value statistics data to:1.1.1.3,Total Lookup Time (millisec)

    [vpnd PID]@GATEWAY[DATE TIME][CPLDAPCL] CLdapResponse::CLdapResponse (0xab24cb8): new Response object

Cause




Solution



Note: To view this solution you need to

Sign In

.

Action Ssl Login Fail Reason Sslvpn_login_unknown_user

Source: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk143052