Support Center > Search Results > SecureKnowledge Details
After authentication to Mobile Access Blade, cannot access internal resources with error "Unauthorized SSL vpn traffic " Technical Level
Symptoms
  • After authentication to Mobile Access Blade, cannot access internal resources with error in SmartView Tracker: "Unauthorized SSL vpn traffic"
  • If the user logs out and logs back in, he/she can access internal resource.
  • Issue is random.
  • This issue is seen even after sk97811 is implemented
Cause

This can happen if users are duplicated/exist in multiple LDAP Account Units.

This issue is a classic case of duplicate AD user.

Search the following in vpnd.elg:

combine_src_dst_results: rule is
and look for:
combine_src_dst_results: rule is relevant for both. To which AD should specific user belong in order to be authorized?

*****************************************************
[ 31616][4 Dec 9:17:27][userupdate] is_relevant_rule: check rule no. 798
[ 31616][4 Dec 9:17:27][userupdate] is_relevant_rule: ccc or snx client check relevance by Protection Level
[ 31616][4 Dec 9:17:27][userupdate] is_cvpn_PL_match_rule: there is no acces_profile - use default
[ 31616][4 Dec 9:17:27][userupdate] is_relevant_rule: The user matches the rule's PL
[ 31616][4 Dec 9:17:27][userupdate] is_relevant_rule: src is any, go check on dst
[ 31616][4 Dec 9:17:27][userupdate] src_result_and_call_dst: Rule number 290 - rule_GUID = 12 - vpn_current_GUID = 12
[ 31616][4 Dec 9:17:27][userupdate] src_result_and_call_dst: add value relevant for src to rule
[ 31616][4 Dec 9:17:27][userupdate] is_relevant_for_dst: dst is any, is relevant for dst
[ 31616][4 Dec 9:17:27][userupdate] get_userc_rules_A: Rule number 290 - rule_GUID = 12 - vpn_current_GUID = 12
[ 31616][4 Dec 9:17:27][userupdate] get_userc_rules_A: dst_res = 1
[ 31616][4 Dec 9:17:27][userupdate] combine_src_dst_results: in combine dst_res= 1
[ 31616][4 Dec 9:17:27][userupdate] combine_src_dst_results: rule is relevant for both
[ 31616][4 Dec 9:17:27][userupdate] get_userc_rules_A: appending rule
[ 31616][4 Dec 9:17:27][userupdate] next_relevant_rule: Rule number 291 - rule_GUID = 12 - vpn_current_GUID = 12
[ 31616][4 Dec 9:17:27][userupdate] is_relevant_rule: entering with rule number = 291
*****************************************************


Solution
Note: To view this solution you need to Sign In .