EX SSL-VPN: Users are able to login to Workplace even though max session limit is reached and it do
03/26/2020 9 10687
EX SSL-VPN: Users are able to login to Workplace even though max session limit is reached and it doesn't throw the message on only with HA pair
Users are able to login to Aventail Worokplace even though max session limit is reached if the source IP is different and this is reported only with HA setup appliance. Standalone setup appliances work as expecrted in prompting users when they exceed the configured session limit. This issue is reported if the users are using different internet connection or shared internet and set maximum session up to 2 in the Realms. If it works as expected, user will get the following message "Your session is reached the maximum, click OK or terminate the session". However this doesn't happen on Cluster environment and this properly works on Standalone.
SonicWall Support has confirmed this issue only on HA cluster setup and this will be addressed in upcoming firmware version-10.6.
How to Test:
- Setup HA Pair
- Configure AD or local authentication
- Create a new Realm and set the maximum sesison to 2
- Login to workplace on PC1 test1, he is able to login to WP sucessfully request goes to Node1
- Login to workplace on PC2 test1, he is able to login to WP sucessfully request goes to Node2
- Login to workplace on PC2 test1, he still be able to login to WP sucessfully, request goes to Node1 thats was the reason he is able to login, this user suppose to get the message "your session is reached limit "click to OK or terminate the session
- As per the scenario if 5th user login to workplace he will get a message to terminate the user, since this request again goes to Node1, and this will be 3rd user for that node.
- But with HA cluster pair he is able to launch workplace sucessfully, even though set the max sessions to 2 not suppose to login.
We need to check the access_servers.log and check #policinfo on both the nodes, how many users consumed the users session
Tracking ID: 92046