Issue with SSL VPN (NetExtender 10.3.x) connectivity to SonicWall when configured with RADIUS and MFA solutions

Following the upgrade to SonicWall Firewall Firmware version SonicOS 7.2.0-7015, some users have reported issues with SSL VPN connectivity using NetExtender when RADIUS is configured with MFA solutions such as Duo or Azure MFA.

Specifically, if the user approves the MFA push notification within 5 seconds, the VPN connection is established successfully. However, if the approval takes longer than 5 seconds, the connection fails with the error: "Failed to login to server" on the NetExtender client.

When operating on Firewalls with firmwares earlier than 7.2.0-7015, remote users had up to 30 seconds to approve the MFA request, and the VPN connection would succeed even with a delayed response.

This issue is not observed when using NetExtender version 10.2.341 (Build 44), which correctly handles delayed MFA approvals.

However, the problem is isolated to NetExtender version 10.3.2 (Build 27). In this version, if the MFA approval is delayed, the authentication fails and the VPN connection is not established. 

NOTE: SonicWall Engineering has addressed this issue and provided a patched firmware (Hotfix) to resolve it. 

If the symptoms and behavior described match your environment, please contact SonicWall Support and reference BUG ID: GEN7-54316 to request the appropriate Hotfix firmware.