Loading...
Loading...
Endpoint VPN users cannot authenticate using Dynamic ID as the second factor and receive error message "DynamicID sending failure. To retry, please type r and select Submit." ;The $FWDIR/log/vpnd.elg or $FWDIR/log/iked.elg logs shows: [AU] s_handleSenderResponse: DynamicIDSession (75666438) state 100 rc_code - -3 [AU] DynamicIDSession::setState new_state -103 client_code 60 server_code 0 log_msg SSL certificate problem: unable to get local issuer certificate [AU] .--> DynamicIDManager::handleServerResponse [AU] DynamicIDManager::handleServerResponse: trigger callback [AU] dynamic_id_manager_callback state: -103 [AU] dynamic_id_manager_callback(au=75593620): ePRIVATE_DID_SENDING_ERROR [CPSC] cpsc_get_msg_by_id: Cache HIT for CPSC_DID_SENDING_ERROR [MSGOBJ] msg_obj_init: msg_obj: OK [AU] call_io_func(au=75593620): prompt sent [AUTHENTICATION_MANAGER] AuthenticationManager::makeAuIoFunc: result = DynamicID sending failure. To retry, please type r and select Submit. ; Pcap capture on the Security Gateway for the IP address of the Security Management/Email Server shows "Unknown CA" after Security Management/Email Server sends "Server Hello".
The Security Gateway cannot verify the Certificate Authority that was used to sign the certificate presented by the Short Message Service (SMS)/Email Server during the SSL handshake.
Gaia
Check Point Integration
Learn more about where this data comes from
Bug Scrub Advisor
Streamline upgrades with automated vendor bug scrubs
BugZero Enterprise
Wish you caught this bug sooner? Get proactive today.