- Products
- Network Security
Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
Security ServicesComprehensive security for your network security solution
Network Security ManagerModern Security Management for today’s security landscape
- Advanced Threat Protection
Capture ATPMulti-engine advanced threat detection
Capture Security applianceAdvanced Threat Protection for modern threat landscape
- Access Security
Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
Secure Mobile AccessRemote, best-in-class, secure access
Wireless Access PointsEasy to manage, fast and secure Wi-FI
SwitchesHigh-speed network switching for business connectivity
- Email Security
Email SecurityProtect against today’s advanced email threats
- Cloud Security
Cloud App SecurityVisibility and security for Cloud Apps
Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
- Endpoint Security
Capture ClientStop advanced threats and rollback the damage caused by malware
Content Filtering ClientControl access to unwanted and unsecure web content
- Product Widgets
- Product Menu Right Image
- Network Security
- Solutions
- Solutions Widgets
- Solutions Image Widgets
- Solutions Widgets
- Partners
- Partner Widgets
- Partners Image Widgets
- Partner Widgets
- Support
- Support Widget
- Support Image Widgets
- Support Widget
- Products
- Network Security
- Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
- Security ServicesComprehensive security for your network security solution
- Network Security ManagerModern Security Management for today’s security landscape
- Advanced Threat Protection
- Capture ATPMulti-engine advanced threat detection
- Capture Security applianceAdvanced Threat Protection for modern threat landscape
- Access Security
- Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
- Secure Mobile AccessRemote, best-in-class, secure access
- Wireless Access PointsEasy to manage, fast and secure Wi-FI
- SwitchesHigh-speed network switching for business connectivity
- Email Security
- Email SecurityProtect against today’s advanced email threats
- Cloud Security
- Cloud App SecurityVisibility and security for Cloud Apps
- Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
- Endpoint Security
- Capture ClientStop advanced threats and rollback the damage caused by malware
- Content Filtering ClientControl access to unwanted and unsecure web content
- Product Widgets
- Product Menu Right Image
- Network Security
- Solutions
- Solutions Widgets
- Solutions Image Widgets
- Solutions Widgets
- Partners
- Partner Widgets
- Partners Image Widgets
- Partner Widgets
- Support
- Support Widget
- Support Image Widgets
- Support Widget
Disable storage of last logged in username or disable Caching Username in Connect Tunnel.
03/26/2020 
4 People found this article helpful
40,683 Views
Description
Connect Tunnel Not to store last logged in username or not to Cache Username.
Cause
As per security policy for certain organization's post logout of Users Connect Tunnel session they would prefer not to display the username field (Last logged in Username).
Post logout Username field to be cleared or empty.
Resolution
Requisites:
- SMA 1000 Series Appliance to be with 11.4.0-486 and to be applied with Pform-hotfix-686 and Clt-hotfix-686.
- Connect Tunnel Client to be downloaded from specific appliance which has above hotfix. (11.4.0.421 or above). or upgrade to specific client version post applying of hotfix.
- Select Secure Mobile Access| Management Console| User Access | Realms | Select desired Realm | Specific community| Access Methods| Tunnel (IP Protocol) | configure| User Cached credentials set to Never.
Eg: Connect Tunnel options for desired community:
- CEM Keyname set to EVPN_DISABLE_USERNAME_CACHE and Value set to 1. (Recommended to be applied under SonicWALL Technical Support Guidance).
Once the above pre-requisites and Configuration changes are made, All consecutive logins will have Username field empty or cleared.
Troubleshooting steps:
How to verify if the CEM Value is applied correctly or not?
SSH to the appliance and execute below script displays the CEM Value?
Post tunnel Connection on local users Machine a key value gets added to the registry:
As Dont Cache Uname set to 1.
This solution has been tested and verified to be functional.
Corrupt Connect Tunnel Installers could be uninstalled or cleared with help of Clientcleanup Utility.
NOTE: Info that needs to be provided for Technical Support for Troubleshooting:
- Client Operating System version and updates applied to the Operating System.
- Connect Tunnel Client Version.
- CEM Value applied Screenshot from GUI as well as SSH.
- This fix would work with all proper Connect Tunnel Client Laptops / Desktop installs.
ISSUE ID:
DTS 190273
Related Articles
- How to secure Virtual Office portal from all external access
- NetExtender users fail to get connected throwing an Error Failed to get vpn protocol on firmware 10.2.1.2 or above due to misconfigured protocol
- Is SRA/SMA appliance vulnerable to CVE-2016-2183 and CVE-2016-5915?
YES
NO