Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 31 replies
  • Answers 1 answer
  • Subscribers 35 subscribers
  • Views 90099 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Client Authentication Agent disconnects each firewall rules changes

NoelZamora

I do not know if this happens to others, but every time I edit a firewall policy that applies to a user, the authentication client disconnects.

Noel Zamora



Edited Tags
[edited by: Erick Jan at 11:52 PM (GMT -7) on 15 Sep 2022]
  • 0 in reply to DaveLe

    Hi Dave,

    You can send the community thread link to support team, indicating that this is tested and confirmed.

    Please DM me the case#.

    Thanks

  • 0

    I have tested the Client Authentication Agent in a Linux PC in verbose mode, and always I edit the policy rule it also disconnects but reconnects again, here are the logs:

    caa started in foreground mode.
    Connecting to host 1.2.3.4 ...
    Connected with AES256-SHA encryption.
    Login was accepted.
    PONG sent!
    1 IPv4 addresses sent!
    1 IPv6 addresses sent!
    1 MAC addresses sent!
    OK Notification received.
    OK Notification received.
    OK Notification received.
    PING received.
    PONG sent!
    Type 23 Message received (5 Bytes): 23 0 1 0 10
    Function SSL_read() failed! Error code: 6
    Connecting to host 1.2.3.4 ...
    Connected with AES256-SHA encryption.
    Login was accepted.
    PONG sent!
    1 IPv4 addresses sent!
    1 IPv6 addresses sent!
    1 MAC addresses sent!
    OK Notification received.
    OK Notification received.
    OK Notification received.
    PING received.
    PONG sent!
    Function SSL_read() failed! Error code: 6
    Connecting to host 1.2.3.4 ...
    Connected with AES256-SHA encryption.
    Login was accepted.
    PONG sent!
    1 IPv4 addresses sent!
    1 IPv6 addresses sent!
    1 MAC addresses sent!
    OK Notification received.
    OK Notification received.
    OK Notification received.
    PING received.
    PONG sent!
    PING received.
    PONG sent!
    PING received.
    PONG sent!
    PING received.
    PONG sent!
    Function SSL_read() failed! Error code: 6
    Connecting to host 1.2.3.4 ...
    Connected with AES256-SHA encryption.
    Login was accepted.
    PONG sent!
    1 IPv4 addresses sent!
    1 IPv6 addresses sent!
    1 MAC addresses sent!
    OK Notification received.
    OK Notification received.
    OK Notification received.
    PING received.
    PONG sent!
    PING received.
    PONG sent!
    PING received.
    PONG sent!
    PING received.
    PONG sent!
    PING received.
    PONG sent!
    PING received.
    PONG sent!
    PING received.
    PONG sent!
    PING received.
    PONG sent!
    PING received.
    PONG sent!
    Function SSL_read() failed! Error code: 6
    Connecting to host 1.2.3.4 ...
    Connected with AES256-SHA encryption.
    Login was accepted.
    PONG sent!
    1 IPv4 addresses sent!
    1 IPv6 addresses sent!
    1 MAC addresses sent!
    OK Notification received.
    OK Notification received.
    OK Notification received.

    In Windows 7 machines the CAA does not reconnects again altough there is no antivirus installed.

  • 0 in reply to sachingurung

    Sachin,

    We are still waiting for feedback regarding this case. I did as you suggested and updated our case with this forum post. I also sent you the case #

    I will keep everyone up to date when I get an answer on our open case.

    Dave

  • 0 in reply to DaveLe

    Just wanted to give anyone watching this thread an update:

    Case has been open for almost 2 months and was escalated to the Development Team. No other information has been given.

    Dave

  • 0 in reply to DaveLe

    Hi Dave,

    The behavior is reported in NC-5322. Our development team is working on a fix. Unfortunately, I do not have any update about when the fix will be completed.

    Thanks for your patience. 

  • 0

    I have been using XG for some time, and recently switched to the beta16 load.  I also recently started turning on some of the firewall features, including using CAA on all non-server PCs, laptops, and mobile devices.  For the Windows 10 systems, I believe I've seen the same issues as those listed here, but I cannot verify that it is always a firewall policy change that causes the disconnect.  There are times that CAA becomes disconnected (most notably recently after a firmware upgrade which restarted XG).  I have been changing policies quite a bit lately, so it is possible that is also a cause of the disconnect, but I haven't made any direct observations about that. 

    What is annoying is that CAA does not try to reconnect on its own.  It will connect automatically when the user logs in, but a disconnect on a running system requires the user to open CAA and confirm their login credentials.  It seems to me that CAA should try to reconnect to the firewall on its own.

    Fortunately I've only turned this on for about 5 or so clients.  This would really be annoying on a large user base.

    So I would expect this to be fixed sometime soon.  And, if this can be fixed on CAA only, please release and provide new CAA executables and instructions for replacing the CAA instance in the firewall so the new version is presented on the client portal.

  • 0 in reply to sachingurung

    Any updates on this issue?

    Thanks

  • 0 in reply to Ishwarsingh

    Hi Kumar,

    It is still under development.

    Thanks

  • 0

    Can anyone confirm if this has been corrected in v16?

  • 0 in reply to DaveLe

    Since v16, I am not experiencing this issue anymore.
    Using CAA on MAC OSX 10.10.5