3 Replies Latest reply on Oct 15, 2014 4:03 AM by asabban

    authentication required to access the internet

    anas 14

      Hello All.

       

      I have a problem with the authentication, it appears suddenly to some users in the organization, requests supposed to use the Windows credentials to access  the internet, but every time the user wants to use the internet a popup appears with authentication required massage to the user, however MWG is integrated with the active directory and is joined on the domain.

       

      and when performing the authentication test in the auth rule it gives authentication ok!!

       

      i tried to use NTLM v1 instead of v2, it does not work

       

      I don't know how to troubleshoot the problem to figure out that its a MWG problem or AC problem?!

       

      thanks in advance

      regards

      Anas

        • 1. Re: authentication required to access the internet
          asabban

          Hello,

           

          you can try to log the property "Authentication.FailureReason" to see why authentication failed. This will show if for example an account was locked. If is only happens from time to time and the user account is OK you can enable debug logging on Configration -> Troubleshooting -> Authentiaction Troubleshooting. Here you can write all authentication events for a specific client IP.

           

          Please note that this is a DEBUG log, therefore it writes a lot of data and should not be left enabled for a long time!

           

          If those details do not contain something useful for you file an SR with support.

           

          Best,

          Andre

          • 2. Re: authentication required to access the internet
            anas 14

            Thank you Andre, this is exactly what I need to see. but Andre I have not found any document or article including how to use the mentioned property!!

            could you please help me how to use it and where I would find the desired log files ?

             

            Thanks in advance

            Anas.

            • 3. Re: authentication required to access the internet
              asabban

              Hello,

               

              you need to create an additional log file. Take a look at how the "access_denied" log is written in MWG. You will find it in Policy -> Log Handlers. Similar to the policy the log files are written by rules and the values written are just a bunch of properties whose content gets printed to the log.

               

              The access denied log is written when the status code is 403 to make sure we only write a log line when an error occurs. We want to do a similar thing, but we want to write a log line if Authentication.FailureReasonID is not 0 (0 = All fine).

               

              So you could create a new rule set "Authentication Log". You add a rule with a criteria like "Authentication.FailureReasonID greater than 0" and add some Events to write a log file. You should be able to get the idea how to write the log from the access_denied.log for example. You want to log the Time/Date, client IP address and the "Authentication:FailureReason" properties.

               

              Then MWG will write a log line to the new log whenever authentication failed for whatever reason. It hopefully helps to define the next steps.

               

              Best,

              Andre