Mobile Access / Remote Access fails, failure to authenticate with an LDAP server located behind a remote Security Gateway

Support Center > Search Results > SecureKnowledge Details

Technical Level

Solution ID	sk26059
Technical Level
Product	IPSec VPN, Identity Awareness
Version	R80.20 (EOL), R80.30 (EOL), R80.40, R81, R81.10
Platform / Model	All
Date Created	29-Apr-2004
Last Modified	21-Nov-2022

Symptoms

Mobile Access / Remote Access fails.
Identity Awareness / Users cannot authenticate using Captive Portal and see this error message:
"Login failed. If the issue persists please contact your administrator."
When users access IPSec VPN with SecureClient / SecuRemote, a "Wrong Username or PW" error appears.
"Test could not be completed. Check connectivity between the Management and the Gateway and try again."

Cause

The problem is caused by a failure to authenticate with an LDAP address that is located behind a remote Security Gateway.

LDAP queries are defined as connections originating at the Security gateway and destined for the LDAP server.

When users attempt to authenticate, the remote Security Gateway sends LDAP queries to the LDAP server. These LDAP queries are considered part of Security Gateway Control Connections. Therefore, these LDAP queries are performed before any rules in the Rule Base. LDAP queries are sent in clear text.

Solution

Note: To view this solution you need to Sign In .