User SSO Logout

Options

Greetings,
For some time we have been having problems with automatic disconnections in some clients connected to AD Windwos Server 2019 integrated with web authentication with SSO.
Specifically, 3 clients, after logging in with the ad user in Windows, navigate without problems, but after a period of 10-15 minutes the client loses the connection and from the web browser requires authentication on the USG.
This only happens on 3 clients, while all the others work normally.

Can you help me?

All Replies

  • smb_corp_user
    smb_corp_user Posts: 161  Master Member
    First Anniversary 10 Comments Friend Collector First Answer
    Options

    Looks like it would be necessary with more details from your scenario, like:

    • What is your router/gw/firewall model name?
    • Have you looked for differences between the 3 problem clients and the others?
    • Are the user clients external to your site, or internal?

    Sorry that I don't have a suggestion for a solution, it just feels like some information is missing.

  • Zyxel_Jeff
    Zyxel_Jeff Posts: 1,101  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Options

    Hi @Pippo

    What is your SSO agent version? What kind of end device would be logout unexpectedly(such as Windows PC, or mobile phone)? What is the end device's OS version? Are you utilizing Captive Portal for web authentication with AD accounts? If so, what is your firewall and its firmware version? Please assist in confirming the above information for us, thank you.

  • Pippo
    Pippo Posts: 11
    First Anniversary Friend Collector First Comment
    Options

    I apologize if I left more information.

    As the firewall in use we use USG-FLEX700 with firmware 5.36.
    Standard Windows server 2019 AD server with SSO agent installed, Agent application version V2.0.0. SSO Agent Service V1.0.3

    The client devices are Windows 10 professional release 22H2 desktops, configured and inserted into the domain and connected via cable and are part of the internal organization of the network.

    I specify that only 3 clients have disconnection problems, while the others, which are more than 300 devices, have no problems of this type.

    Let me know if you need to know anything else.

  • Zyxel_Jeff
    Zyxel_Jeff Posts: 1,101  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Options

    Hi @Pippo

    OK, noted. Could you assist in updating USG Flex 700's firmware to 5.37 and upgrading the SSO agent version to 2.1.0 then verify it again? If there is still a problem, please let us know. Thanks.

  • Pippo
    Pippo Posts: 11
    First Anniversary Friend Collector First Comment
    Options

    ok I'll see about planning the update in the next few days.
    They seem like the same thing to me, if it were a version problem I would have the problem spread throughout the entire infrastructure.

  • Zyxel_Jeff
    Zyxel_Jeff Posts: 1,101  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Options

    OK, thank you for your update.

Security Highlight