• Status: Solved
  • Priority: Low
  • Security: Public
  • Views: 42
  • Last Modified:

Replacement Sonicwall 3600 won't authenticate RADIUS users using UPN to login.

So my sonicwall 3600 went down. Sonicwall sent a replacement. I uploaded the saved configuration into the replacement and didn't notice any problems.

The next day, users say they can't access the VPN. After a half day talking to Sonicwall support, we figured out that users cannot access the VPN using their UPN as they used to on the old 3600 but can access it using their SAM.

L2TP / IPSEC with RADIUS (NPS) authentication. Funny thing is, the RADIUS server shows success (reasoncode 0) with both the UPN and SAM. Sonicwall's "Test" area in RADIUS shows Success when testing with UPN.

Thanks in advance!
0
Member_2_6377788
Asked:
Member_2_6377788
1 Solution
 
Blue Street TechLast KnightCommented:
Hi Member_2_6377788,

In general I prefer to reconfigure everything from scratch. Initially to get everyone back online ASAP - I understand migrating settings but as soon as you have a maintenance window I'd reset to factory defaults and configure everything from scratch provided that you take good notes of the settings. This insures that there are no issues with the old settings. It is the same philosophy of upgrading OSes opposed to clean installs...I always prefer the later in all aspects.

There is most likely a difference between the SonicOS versions from your old unit vs the replacement and that could be the difference. I'd check the Release Notes of the current firmware to see if there are any known bugs related to this. Then I'd upgrade the SonicOS so that its on the most current release.

Also, re-inspect the NPS and make sure the objects are still correct for the SonicWALL. You may have to remove them and re-create them. Same with the RADIUS authentication on the SonicWALL. You'll most likely need to break the entire existing link and re-establish it between the SonicWALL and the NPS. On the SonicWALL remove the RADIUS settings, reboot and re-create the link again. NPS should take a reboot too.

Let me know if you have any questions!
0

Join & Write a Comment

Featured Post

Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now