- Products
- Network Security
- Threat Protection
- Secure Access Service Edge (SASE)
- Cloud Security
- Endpoint Security
- Email Security
- Secure Access
-
Wi-Fi 6 Access Points
SonicWall SonicWave 600 series access points provide always-on, always-secure connectivity for complex, multi-device environments.
Read More
- Solutions
- Industries
- Use Cases
- Solutions Widgets
- Solutions Content Widgets
Federal
Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
- Solutions Image Widgets
-
- Partners
- SonicWall Partners
- Partner Resources
- Partner Widgets
- Custom HTML : Partners Content WIdgets
Partner Portal
Access to deal registration, MDF, sales and marketing tools, training and more
- Partners Image Widgets
-
- Support
- Support
- Resources
- Capture Labs
- Support Widget
- Custom HTML : Support Content WIdgets
Support Portal
Find answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials
- Support Image Widgets
-
- COMPANY
- PROMOTIONS
- MANAGED SERVICES
- Contact Sales
-
- Menu
- Solutions
- Solutions Widgets
- Solutions Image Widgets
-
- Solutions Widgets
- Partners
- Partner Widgets
- Partners Image Widgets
-
- Partner Widgets
- Support
- Support Widget
- Support Image Widgets
-
- Support Widget
- Solutions
- Solutions Widgets
- Solutions Image Widgets
-
- Solutions Widgets
- Partners
- Partner Widgets
- Partners Image Widgets
-
- Partner Widgets
- Support
- Support Widget
- Support Image Widgets
-
- Support Widget
Disable storage of last logged in username or disable Caching Username in Connect Tunnel.
03/26/2020 
4 People found this article helpful
194,340 Views
Description
Connect Tunnel Not to store last logged in username or not to Cache Username.
Cause
As per security policy for certain organization's post logout of Users Connect Tunnel session they would prefer not to display the username field (Last logged in Username).
Post logout Username field to be cleared or empty.
Resolution
Requisites:
- SMA 1000 Series Appliance to be with 11.4.0-486 and to be applied with Pform-hotfix-686 and Clt-hotfix-686.
- Connect Tunnel Client to be downloaded from specific appliance which has above hotfix. (11.4.0.421 or above). or upgrade to specific client version post applying of hotfix.
- Select Secure Mobile Access| Management Console| User Access | Realms | Select desired Realm | Specific community| Access Methods| Tunnel (IP Protocol) | configure| User Cached credentials set to Never.
Eg: Connect Tunnel options for desired community:
- CEM Keyname set to EVPN_DISABLE_USERNAME_CACHE and Value set to 1. (Recommended to be applied under SonicWALL Technical Support Guidance).
Once the above pre-requisites and Configuration changes are made, All consecutive logins will have Username field empty or cleared.
Troubleshooting steps:
How to verify if the CEM Value is applied correctly or not?
SSH to the appliance and execute below script displays the CEM Value?
Post tunnel Connection on local users Machine a key value gets added to the registry:
As Dont Cache Uname set to 1.
This solution has been tested and verified to be functional.
Corrupt Connect Tunnel Installers could be uninstalled or cleared with help of Clientcleanup Utility.
NOTE: Info that needs to be provided for Technical Support for Troubleshooting:
- Client Operating System version and updates applied to the Operating System.
- Connect Tunnel Client Version.
- CEM Value applied Screenshot from GUI as well as SSH.
- This fix would work with all proper Connect Tunnel Client Laptops / Desktop installs.
ISSUE ID:
DTS 190273
Related Articles
- Printer Redirection with RDP through Secure Mobile Access
- EPC check based on Windows version
- SMA1000: How to manage Connect Tunnel client Auto-updates
YES
NO