Wrong role seems to get applied by connection manager causing problems with SSLVPN traffic rules

  • 7005159
  • 15-Jan-2010
  • 26-Apr-2012

Environment

Novell Access Manager 3 Support Pack 4 Interim Release 4 3.0.4-94

Situation

  • Since upgrading from Novell Access manager 3 Support Pack4 to Novell Access Manager 3 Support Pack 4 Interim Release 4 3.0.4-94 users connecting to the configured SSLVPN server using the enterprise mode client will not always retrieve the all of the assigned roles.
  • This problems comes up randomly and does not show any real pattern

Resolution

This issue has been reported to engineering and has been already fixed.  A field test patch can be requested from Novell Technical Support if needed.

Additional Information

  • In the situation all roles (for examplerole[1,2,3,4]) work as expected the "/var/log/messages" file on the SSLVPN server logs the following messages:

    Nov 10 11:05:36 [servername] SSLVPN: UserName for connection: USER1

    Nov 10 11:05:36
    [servername] SSLVPN: Role for this new connection = role1,role2,role3,role4

  • At the same time the "/var/log/novell-openvpn.log" includes the following messages:

    Tue Nov 10 11:05:49 2009 10.20.30.40:11339 Role returned by connman: role1,role2,role3,role4

  • In the case not all expected roles "/var/log/novell-openvpn.log" will report

    Tue Nov 10 11:00:49 2009 10.20.30.40:11054 Role returned by connman: role1,role2