The information you are about to copy is INTERNAL!
DO NOT share it with anyone outside Check Point.
'User unknown' in SmartView Tracker log when connecting to VPN site
Technical Level
Solution ID
sk124514
Technical Level
Product
IPSec VPN
Version
R80.10
OS
Windows
Date Created
16-Apr-2018
Last Modified
07-May-2019
Symptoms
After upgrading from R77.30 Security Gateway and R77.30 Security Management to R80.10, the user cannot connect to a VPN site.
SmartView Tracker log shows "user unknown".
Some of the LDAP queries result in response codes 32 and 11:
(LDAP_NO_SUCH_OBJECT, https://confluence.atlassian.com/stashkb/ldap-error-code-32-659785640.html):
[vpnd PID]@...[DATE TIME][CPLDAPSDK] res_errno: 32, res_error: < 0000208D: NameErr: DSID-0310020A, problem 2001 (NO_OBJECT), data 0, best match of:
'DC=name,DC=sad' >, res_matched: < DC=name,DC=sad >
[vpnd PID]@...[DATE TIME][CPLDAPSDK] server = SNLDC01, SDK Response < code = -11, message = Connect error , Error Message = >
[vpnd PID]@...[DATE TIME][CPLDAPCL] server = SNLDC01, Connect result = Failed to open connection
LDAP fetch fails:
[vpnd PID]@...[DATE TIME][CPLDAPCL] EntryId = 18 not found in the repository
[vpnd PID]@...[DATE TIME][CPLDAPCL] CLdapResponse::ScheduledCallToHandler (0xa558128):
[vpnd PID]@...[DATE TIME][CPLDAPCL] EntryId = 18 not found in the repository
Cause
There is an issue with the parenthesis (") in the user/group names.