SSL VPN authentication will not work correctly currently on a Smoothwall Filter and Firewall using the multitenant feature.
Problem
Due to authentication being restricted to the subnets configured for the tenants, requests from the SSL VPN subnet are lost and will not authenticate correctly.
Solution
Smoothwall has addressed this issue but the change hasn't yet been pushed out in an update. Please contact support and they will assist in applying the hot-fix for this until such time as the feature becomes officially supported.
The additional steps that need to be taken after the hot-fix has been applied is:
- Create a new tenant for the SSL VPN and add the subnet used by the SSL VPN configuration in the "Network - VPN - Global" section.
- Edit each AD entry in "Services - Authentication - Directories" that needs to authenticate SSL VPN users and add the new SSL VPN Tenant.
NOTE: The reference bug number is 8596.