Info 2FA ZYXEL FIREWALL VPN100
Hello everyone, we have a zyxel vpn 100 firewall and we are having a problem with 2 factor authentication, we are unable to receive email on active directory domain users. By doing a test we saw that the daily firewall reports arrive via email but the emails to authorize users to enter our domain do not. Can you explain the problem to us? Thank you, Greetings
Accepted Solution
-
Hi @Marcointegrated,
After VPN100 is upgraded to 536ABFV1ITS-23WK21-0525-230501004, SSL VPN with 2FA is working. Please monitor the status and check if the issue is resolved.
0
All Replies
-
Hi @integratedsolutions,
The issue appears when Two-factor Authentication > VPN Access > User/Group > Selected User/Group contains user object. We will release 5.36 patch 1 to fix the issue this week. Before the firmware is released, please remove the individual user objects from Selected User/Group and use "any" temporarily.0 -
good evening, the problem remains the same even if you remove the "test" user. On the contrary, if I leave the local test user, the email arrives regularly, while if I connect with an ACTIVE DIRECTORY domain user, no email arrives. Can you give a solution please? Thank you
0 -
5.36(ABFV.1) is officially released. It contains fix of 2FA mail issue. Please upgrade VPN100 to 5.36(ABFV.1) and check if 2FA mail is able to be delivered to the user's email.
0 -
5.36(ABFV.1) is officially released. You can upgrade VPN100 to 5.36(ABFV.1) and check if 2FA mail is able to be delivered to the user's email. If the AD user is still not able to receive 2FA mail, please send the remote access of your VPN100 in private message. Thanks!
0 -
Good evening,
I upgraded to version 5.36(ABFV.1) but the firewall still doesn't send 2fa emails with active directory users who are on the domain controller. If, on the other hand, I create a user, for example the one in the "test" photo and within the email arrives and authorizes access. Can we maybe do a remote session to understand the problem?0 -
Hi Marcointegrated,
Let's arrange the remote session in private message.
0 -
Hi @Marcointegrated,
Per our talk on the Skype, we already fixed the issue and will upgrade your VPN100 to the latest firmware tomorrow. Then you can start running the test and check if AD users are able to receive 2FA mail.
0 -
Hi @Marcointegrated,
After VPN100 is upgraded to 536ABFV1ITS-23WK21-0525-230501004, SSL VPN with 2FA is working. Please monitor the status and check if the issue is resolved.
0 -
Hi @Zyxel_Emily , sorry to use @Marcointegrated thread but I've the same problem on my vpn300 (FW VERSION V5.36(ABFC.2) / 2023-05-24 02:17:06)
Local users are properly receiving 2fa emails while AD users don't.Logs for local users:
387 2023-07-12 16:26:09info authentication-server two-factor auth.send E-mail to user: vpnxxx, email:mas********************com. User(vpnxxx) is waiting to authorize388 2023-07-12 16:26:10info userTwo-factor Authentication mail has been sent to user(vpnxxx) successfully.
Logs for AD users:
739 2023-07-12 16:32:04info authentication-server two-factor auth.send E-mail to user: firstname.lastname, email:mas********************com. User(firstname.lastname) is waiting to authorizeAS YOU CAN SEE HERE ISN'T WORKING (EMAIL DOESN'T ARRIVE) AND IS ALSO MISSING A CONFIRMATION LOG, SAME AS #388 FOR LOCAL USER (the mail address is the same)
The problem occurred suddenly, i've tried to reboot and reset the firewall too (imported last working configuration after reset)
Could you help me? Thanks!
0 -
Hi @massimo_alonzi,
We already fixed the issue in 5.37. You can upgrade the device to 5.37 to check if the issue is resolved.
0
Categories
- All Categories
- 415 Beta Program
- 2.3K Nebula
- 141 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.5K Security
- 216 USG FLEX H Series
- 262 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1K Wireless
- 39 Wireless Ideas
- 6.3K Consumer Product
- 243 Service & License
- 382 News and Release
- 81 Security Advisories
- 27 Education Center
- 8 [Campaign] Zyxel Network Detective
- 3K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight