AD Authentication in Policy not working. Firebox Auth does

I have configured a Policy to allow port 1433 externally to a SQL server using SNAT. In the Allow I have configured both a Firebox User and an AD User (Duo MFA). Both can login to the Authentication Portal just fine. But when I test the port using Telnet, only the Firebox user can connect. On the Traffic Monitor the I can see the attempt by the AD user but it registers as an Unhandled External Packet.


  • james.carsonjames.carson Moderator, WatchGuard Representative

    Hi @KevCar

    Does the Duo user show up in the authentication list?
    (In FIrebox System Manager, look in the Authenticated Users tab, in WebUI, look in System Status -> Authentication List.)

    The user you put in the group must match what is in authentication list exactly.

    (JAMES is not the same as James is not the same as james is not the same as

    -James Carson
    WatchGuard Customer Support

  • You are correct. I thought it had to match the AD credentials, which had capitals. Thank you very much.

Sign In to comment.