Create a Post
Showing results for 
Search instead for 
Did you mean: 

Not able to access native applications for AD users


Version:R80.10 with TAKE_56

AD authentication for SSL VPN users stopped working after AD password expiry of non-admin user.

We were not able to see complete AD tree,we have manually added subdomain with parent domain,after that user is able to authenticate,but not able to access native applications. 

It is working for local users,it will also work AD users if I add 'All uers" in source column of Mobile access policy.

But if I am adding specific AD users or LDAP groups,traffic is dropping with MAB policy with non-existant rule which is showing in logs.

When I am checking for drops with #fw ctl zdebug + drop | grep <ip>,can see drops as per MAB policy rule number which doesn't exist in MAB policy.

The rule number will be changing randomly,but the drop rule number in logs and zdebug output shows same rule number.

Any suggestions on this ?

0 Kudos
1 Reply

I would engage with the TAC.

0 Kudos


Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events