Customer reported that when a client does not have the SNAC agent installed the client is not redirected to ODC download page automatically when Proxy server is set in Internet Explorer settings of client. After remove Proxy settings in IE, redirection to ODC download page is fine when trying to access internet.
Client sends <SYN> packet to Proxy server several times but no response from Proxy server then timed out.
When ODC is enabled on GW Enforcer, if there's a HTTP get request from client, Enforcer will generate a response with HTTP code 302, telling client object has been moved to Enforcer's internal IP.
If proxy is enabled on client, when it receives the 302 code, it will generate a new URL request to Enfocer's IP, but it will send this URL to proxy's IP instead of Enforcer's IP. This will trigger Enforcer return 302 again.
Enforcer is listening port 80 ONLY for HTTP traffic
There's an workaround, please follow these steps on client machine, assume IE is used:
1. Open IE
2. Menu Tools -> Internet Options->Tab "Connections"
3. Click button "LAN settings"
4. Make sure proxy server's port is 80, other ports are not supported
5. Click button "Advanced"
6. Add Enforcer's internal IP in "Exceptions"
Symantec Endpoint Protection Manager with Symantec Network Access Control version RU5
Gateway Enforcer RU5 with On-Demand Client feature enabled.
Rate this Article
This is machine translated content
Login to Subscribe
Please login to set up your subscription.
Didn't find the article you were looking for? Try these resources.