Issue
Mobile VPN with SSL users cannot authenticate and you might see these symptoms:
Random users attempting to authenticate to the Mobile VPN with SSL authentication portal.Connections to the Mobile VPN with SSL authentication portal from outside those countries where you have legitimate users.admd log messages similar to:2024-10-10 12:53:08 wgcgi User authentication request failed - Resource temporarily unavailable DebugIn Firebox System Manager, the Status Report, System Health section shows this status:admd bad 1Fault Reports such as:Failed Assertion CGI Oct 10, 2024, 3:43:10 PM YesUserSpace Crash fcgi-cgi Oct 10, 2024, 4:00:17 PM YesUserSpace Crash fcgi-cgi Oct 10, 2024, 4:05:18 PM Yes
Workaround/Solution
To enable users to authenticate again, reboot the Firebox.To prevent authentication attempts from unknown users, follow the guidance in https://techsearch.watchguard.com/KB?type=Article&SFDCID=kA16S000000BcPmSAK&lang=en_US.Upgrade to Fireware 12.10.4 U2 or higher and enable the Block Failed Login Attempts feature on the Firebox.If the source IP address that tries to make the unauthorized Mobile VPN with SSL connections is outside your country, configure a Geolocation action for the WatchGuard SSLVPN policy to deny the connections.
