Operational Defect Database
BugZero found this defect 175 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
WatchGuard Technologies | kA16S000000bz28SAA
AuthPoint integration with mobile VPN fails after upgrade to Fireware 12.10.1
Last update date:
12/15/2023
Affected products:
AuthPoint
Firebox M200
Firebox M300
Firebox M270
Firebox M370
Firebox M470
Firebox M570
Firebox M670
Firebox M290
Firebox M390
Firebox M400
Firebox M500
Affected releases:
All
Fireware
12.x
12.10.x
Fixed releases:
v12.10.1 Update 1
Description:
Issue
After you upgrade to Fireware v12.10.1, authentication to the Firebox or mobile VPN with the AuthPoint server might fail. When this issue occurs, you see this entry in the audit log: Error: 201.145.010 - Timeout to authenticate second factor. A defect in Fireware v12.10.1 Build 688941 prevents the Firebox from updating WatchGuard Cloud with device status and information, including AuthPoint authentication capabilities. A Firebox attempts to update its status in WatchGuard Cloud after you make changes to the configuration with Policy Manager, Fireware Web UI, or other management methods. In response to this issue, WatchGuard has removed Fireware v12.10.1 from distribution. AuthPoint authentications that use RADIUS resources are unaffected.
Workaround/Solution
There are three temporary workarounds to this issue: Reboot the Firebox. For more information, go to Reboot or Shut Down Your Device in Fireware Help.Disable WatchGuard Cloud on the Firebox, wait 30 seconds, then re-enable it.Recreate the Firebox resource in AuthPoint. For more information, go to Configure MFA for a Firebox in AuthPoint Help. Any subsequent configuration change, or disruption to the WatchGuard Cloud connection, reintroduces the AuthPoint authentication problem. If this happens frequently, consider configuring a scheduled reboot for early morning or downgrade to Fireware v12.10. WatchGuard will re-release Fireware v12.10.1 as soon as a fix for this issue is available.
