BugZero | WatchGuard Technologies BugID kA16S000000bzJ4SAI - Mobile VPN with SSL

OPERATIONAL DEFECT DATABASE

...

BugZero | WatchGuard Technologies BugID kA16S000000bzJ4SAI - Mobile VPN with SSL - AuthPoint Push/OTP authentic...

WatchGuard Technologies - Defect ID: kA16S000000bzJ4SAI

Mobile VPN with SSL - AuthPoint Push/OTP authentications fail with Android OpenVPN v3.4.0 (9755)

WatchGuard Technologies - Defect ID: kA16S000000bzJ4SAI

Mobile VPN with SSL - AuthPoint Push/OTP authentications fail with Android OpenVPN v3.4.0 (9755)

Last updated on January 30th, 2024

BugZero Risk Score
0.0 Coming soon

Overall: N/A

Severity: N/A

Community: N/A

Lifecycle: N/A

What is the BugZero Risk Score?

WatchGuard Technologies Integration

Learn more about where this data comes from

WatchGuard Technologies Integration

Learn more

Bug Scrub Advisor

Streamline upgrades with automated vendor bug scrubs

Bug Scrub Advisor

Learn more

BugZero Enterprise

Wish you caught this bug sooner? Get proactive today.

BugZero Enterprise

Learn more

Bug Details

Priority: Unspecified
Status: Open
Article View Count: 963

Description

Issue

For Mobile VPN with SSL, AuthPoint authentication fails in Android OpenVPN v3.4.0 (9755) when the Firebox resource in AuthPoint is configured to use the OTP authentication method.

Workaround/Solution

Configure the authentication policy for the Firebox resource in AuthPoint to use only the password and push authentication methods (not OTP). If you need to use OTP authentication for the VPN, you have three options: Downgrade Android OpenVPN to v3.3.0.Use a RADIUS client resource (instead of a Firebox resource) for AuthPoint MFA. For detailed steps to configure a RADIUS client resource for your VPN, see the Configure AuthPoint MFA for Firebox Mobile VPN with SSL (Fireware v12.6.x and Lower) section of Firebox Mobile VPN with SSL Integration with AuthPoint.Move your OpenVPN users to a new AuthPoint group, then create a new authentication policy for the OpenVPN users and the Firebox resource with only the password and push authentication methods. With this setup, OpenVPN users have an authentication policy that requires the password and push authentication methods, and you can have a second authentication policy for users that need OTP authentication and do not use OpenVPN. If you sync users from Active Directory, this requires you to create a new OpenVPN user group in Active Directory and a new AuthPoint group sync to sync those users.

Change history

2025-03-21 Added: 11.1.x, 11.10, 11.10.1, 11.10.2, 11.10.3, 11.10.4, 11.10.5, 11.10.6, 11.10.7, 11.11, 11.11.1, 11.11.2, 11.11.4, 11.12, 11.12.1, 11.12.2, 11.12.4, 11.2.x, 11.3.1, 11.3.2, 11.3.3, 11.3.4, 11.3.5, 11.3.6, 11.4, 11.4.1, 11.4.2, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.6, 11.6.1, 11.6.3, 11.6.5, 11.6.6, 11.7, 11.7.2, 11.7.3, 11.7.4, 11.7.5, 11.8, 11.8.1, 11.8.3, 11.8.4, 11.9, 11.9.1, 11.9.3, 11.9.4, 11.9.5, 11.9.6, 12.0.x, 12.1, 12.1.1, 12.1.3, 12.10.x, 12.11.x, 12.2.x, 12.3.x, 12.4.x, 12.5.x, 12.6.x, 12.7.x, 12.8.x, 12.9.x, AuthPoint

Links

Original Vendor Announcement

Relevant Products

Click on a version to see all relevant bugs

Affected versions:11.1.x, 11.10, 11.10.1, 11.10.2, 11.10.3, 11.10.4, 11.10.5, 11.10.6, 11.10.7, 11.11, 11.11.1, 11.11.2, 11.11.4, 11.12, 11.12.1, 11.12.2, 11.12.4, 11.2.x, 11.3.1, 11.3.2, 11.3.3, 11.3.4, 11.3.5, 11.3.6, 11.4, 11.4.1, 11.4.2, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.6, 11.6.1, 11.6.3, 11.6.5, 11.6.6, 11.7, 11.7.2, 11.7.3, 11.7.4, 11.7.5, 11.8, 11.8.1, 11.8.3, 11.8.4, 11.9, 11.9.1, 11.9.3, 11.9.4, 11.9.5, 11.9.6, 12.0.x, 12.1, 12.1.1, 12.1.3, 12.10.x, 12.11.x, 12.2.x, 12.3.x, 12.4.x, 12.5.x, 12.6.x, 12.7.x, 12.8.x, 12.9.x, AuthPoint

Fixed versions: No known fixed versions

Relevant Products

Click on a version to see all relevant bugs

Fixed versions: No known fixed versions

Top WatchGuard Technologies Defects

No bugs this month

WatchGuard Technologies Integration

Learn more about where this data comes from

WatchGuard Technologies Integration

Learn more

Bug Scrub Advisor

Streamline upgrades with automated vendor bug scrubs

Bug Scrub Advisor

Learn more

BugZero Enterprise

Wish you caught this bug sooner? Get proactive today.

BugZero Enterprise

Learn more

Ready to prevent the next vendor outage?

Get a demo

OPERATIONAL DEFECT DATABASE

WatchGuard Technologies - Defect ID: kA16S000000bzJ4SAI

Mobile VPN with SSL - AuthPoint Push/OTP authentications fail with Android OpenVPN v3.4.0 (9755)

WatchGuard Technologies - Defect ID: kA16S000000bzJ4SAI

Mobile VPN with SSL - AuthPoint Push/OTP authentications fail with Android OpenVPN v3.4.0 (9755)

Last updated on January 30th, 2024

BugZero Risk Score0.0 Coming soon

Bug Details

Issue

Workaround/Solution

Links

Top WatchGuard Technologies Defects

Ready to prevent the next vendor outage?

BugZero Risk Score
0.0 Coming soon