Operational Defect Database
BugZero found this defect 1411 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
WatchGuard Technologies | kA10H000000boygSAA
After upgrade to Fireware v12.5.4, LDAP/AD user groups used by Mobile VPN no longer appear
Last update date:
8/4/2020
Affected products:
Firebox M200
Firebox M300
Firebox M270
Firebox M370
Firebox M470
Firebox M570
Firebox M670
Firebox M290
Firebox M390
Firebox M400
Firebox M500
Firebox M440
Affected releases:
All
Fireware
12.x
12.5.x
Fixed releases:
v12.6.2
Description:
Issue
After you upgrade a Firebox to Fireware v12.5.4, the LDAP/AD (and possibly Radius) groups that are used for SSL and/or IKEv2 Mobile VPN no longer appear in the User and Groups dialog box. This issue seems to occur when third-party servers are in use.To verify whether you have this issue: In the SSL/IKEv2 Mobile VPN settings, review the groups on the Authentication tab. Select Setup > Authentication > User and Groups and check if the groups appear in the Users and Groups dialog box. If a group that appears in the Mobile VPN settings does not appear in the User and Groups dialog box, this bug is present.
Workaround/Solution
You must complete these workaround steps in WatchGuard System Manager (WSM). In Policy Manager, in the SSL/IKEv2 Mobile VPN settings, Authentication tab, clear the check box for the missing group.Select Setup > Authentication > User and Groups and add the missing group.In the SSL/IKEv2 Mobile VPN settings, Authentication tab, enable the group again.Save the changes to the Firebox. Note: To avoid this issue, you can perform these steps before you upgrade to Fireware 12.5.4.
