Hi everyone,
I'm experiencing an issue with a WatchGuard VPN that uses SAML authentication (via Azure AD / Entra ID). The VPN connection works perfectly under the following conditions:
- Cisco Umbrella Roaming Client is disabled
However, when Cisco umbrella is enabled, the VPN connection fails right after the SAML authentication completes successfully. Here's what happens:
- The SAML authentication flow completes (SAML Auth OK)
- The OpenVPN client initiates the connection
- The TLS handshake with the VPN server succeeds
- Then, the client receives:
AUTH: Received control message: AUTH_FAILED
I’ve already tried the following:
- Whitelisting all relevant domains in Umbrella
- Disabling HTTPS inspection
- Modifying the OrgInfo.json to include bypassDomains for DNS
- Confirming with the firewall admin that no traffic is being blocked server-side
Despite all this, the issue only occurs when Umbrella is active. It seems that Umbrella is interfering with the SAML token exchange or the final authentication step, even though the TLS connection is established.
Has anyone encountered a similar issue or found a way to configure Umbrellato fully bypass VPN-related traffic?
Any help or guidance would be greatly appreciated!
Thanks
