Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 26 subscribers
  • Views 5791 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

WAN - Admin Login Captcha saying authentication failed but logged in anyways?

Brandon Roy

When I go to the web admin portal through WAN and enter the username, password and the captcha to login. After clicking login It tells me authentication failed but after a few seconds it logs in anyways.

 

Has this happened to anyone else?



This thread was automatically locked due to age.
Parents
  • FormerMember
    0 FormerMember

    Hi  

    Thank you for reaching out to the Community! 

    Could you please share the hardware model, current firmware, and hotfix version of your firewall? 

    Thanks,

  • 0 in reply to FormerMember

    Hello,

     

    I have the following:

    -XG105

    -FW version: SFOS 17.5.11 MR-11

    Hotfix version: HF051220.1

     

    Thank you,

     

    Brandon

  • FormerMember
    0 FormerMember in reply to Brandon Roy

    Hi  

    I tried to replicate this issue in my LAB with firmware version SFOS 17.5.11 and Hotfix version: HF051220.1, but I am not experiencing this issue. The only difference is I have an XG firewall running as VM.

    I would suggest you Open a Support Case and PM me the case number. 

    Could you please provide access_server, CSC, and tomcat logs in debug, that would help us investigate this issue further. 

    SSH into the firewall by following this KB Article: Sophos XG Firewall: How to SSH to the firewall using PuTTY utility

    • Type 5 and then 3 to access the Advanced shell.
    • Run the owing command to put access_server service in debug mode: service access_server:debug -d -s nosync
    • Run the following command to put CSC service in debug: csc custom debug 

    Note: You could use the same commands to remove service from debugging. 

    Steps to put tomcat service in debug are different than other services in XG firewall:

    To Enable debug:

    • touch /log/tomcat_debug
    • service tomcat:restart –ds nosync 
    • tomcat.log file now shows logs in debug.

    To Disable: 

    • rm /log/tomcat_debug
    • service tomcat:restart –ds nosync 

    Try to replicate the issue and collect the logs in debug.

    Thanks,

Reply
  • FormerMember
    0 FormerMember in reply to Brandon Roy

    Hi  

    I tried to replicate this issue in my LAB with firmware version SFOS 17.5.11 and Hotfix version: HF051220.1, but I am not experiencing this issue. The only difference is I have an XG firewall running as VM.

    I would suggest you Open a Support Case and PM me the case number. 

    Could you please provide access_server, CSC, and tomcat logs in debug, that would help us investigate this issue further. 

    SSH into the firewall by following this KB Article: Sophos XG Firewall: How to SSH to the firewall using PuTTY utility

    • Type 5 and then 3 to access the Advanced shell.
    • Run the owing command to put access_server service in debug mode: service access_server:debug -d -s nosync
    • Run the following command to put CSC service in debug: csc custom debug 

    Note: You could use the same commands to remove service from debugging. 

    Steps to put tomcat service in debug are different than other services in XG firewall:

    To Enable debug:

    • touch /log/tomcat_debug
    • service tomcat:restart –ds nosync 
    • tomcat.log file now shows logs in debug.

    To Disable: 

    • rm /log/tomcat_debug
    • service tomcat:restart –ds nosync 

    Try to replicate the issue and collect the logs in debug.

    Thanks,

Children
  • 0 in reply to FormerMember

    Hello,

    I apologize for the delay in response.

    I have not opened a ticket yet as it has not happened again on the device. It happened a couple of times but it is not a consistent issue.

    I did want to bring it up and see if anyone else had experienced this with the captcha but it could be a one off type of situation as well.

    Thank you,

    Brandon