Bidirectionally Bound Users Who Are Exempted from Authentication Cannot Access Network Resources

The user object of the top executive does not exist.

Possible causes and the troubleshooting procedure are as follows:

1. Matching conditions in the authentication policy are incorrectly configured.

   Choose Object > User > Authentication Policy, enter the source address or security zone of a top executive to search for all matched authentication policies, verify that the matching conditions are correct, and make sure that the authentication policy can match traffic from the top executive.

2. The action in the authentication policy is incorrectly configured.

   Choose Object > User > Authentication Policy and verify that the action in the authentication policy that matches a top executive is No-auth/Authentication exemption.

3. The top executive does not use the PC at the specified IP and MAC addresses.

   Check for the IP and MAC addresses of the PC used by the top executive. The IP and MAC addresses must be those bound to the user object of the top executive.

4. The number of online users reaches the upper limit.

   Choose Object > User > Online User and check whether the number of online users reaches the upper limit.

The user object of the top executive exists.

Possible causes and the troubleshooting procedure are as follows:

1. The user object of the top executive is locked out.

   Choose Object > User > Online User and check for the user objects that are locked out. If the user object of the top executive is locked out, unlock the user object.

2. The security policy is incorrectly configured.

   Choose Monitor > Log > Policy Matching Log, enter the user name or source address of a top executive to search for all matched security policies, and verify that the security policies and profiles do not block traffic from the top executive.