Operational Defect Database
BugZero found this defect 3476 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
WatchGuard Technologies | kA10H000000g3jsSAA
Mobile VPN with SSL auto-reconnect does not prompt for two-factor authentication
Last update date:
3/24/2021
Affected products:
Firebox M200
Firebox M300
Firebox M270
Firebox M370
Firebox M470
Firebox M570
Firebox M670
Firebox M290
Firebox M390
Firebox M400
Firebox M500
Firebox M440
Affected releases:
All
Fireware
11.x
11.1.x
11.10.x
11.10
11.10.1
11.10.2
11.10.3
11.10.4
11.10.5
11.10.6
Fixed releases:
All
Description:
Issue
When a Mobile VPN with SSL session is renegotiated because of a session timeout or an interrupted internet connection, the client uses the cached user passphrase and does not prompt for user authentication. With multi-factor authentication (MFA), such as the AuthPoint one-time password (OTP) method, the passphrase changes each time you connect, which means that authentication fails.
Workaround/Solution
No workaround exists at this time. The user must manually reconnect.
