Device Registration Behind SonicWall Firewall Fails

Symptom

The devices are detected by the UMS during a scan, but registration fails. UMS console shows an error message like "Unexpected end of input stream found at ...". 

Possible Causes

The following causes have been reported with firewalls by SonicWall; 

  • Large packets: See Thin Client Registration fails with Error Message "Unexpected end of input stream".
  • SonicWall DPI-SSL replaces the UMS certificate: If SonicWall DPI-SSL is enabled, it functions as intermediate CA and sends its own certificate to the devices instead of the original UMS certificate. As a consequence, the devices refuse to register because they would only accept the original UMS certificate. 

Solution

  1. In SonicWall, under DPI-SSL Status, add the IP address of the UMS server to the list of DPI-SSL exclusions.
  2. Restart the VPN tunnel.
Last update: February 26, 2019