Not authorized to log in from your current location
search cancel

Not authorized to log in from your current location

book

Article ID: 164702

calendar_today

Updated On:

Products

Email Security.cloud Email Threat Detection and Response

Issue/Introduction

Users are unable to access the Symantec.cloud portal when going through a proxy server after enabling IP restrictions under Access Control.

You are not authorized to log in from your current location. Please contact your adminsitrator.

Environment

Symantec.cloud Management Portal

Cause

This is due to the http request containing a HTTP_X_FORWARDED_FOR,  which means that the traffic was forwaded from one or more IP addresses. This will cause for the Symantec.Cloud Portal authentication servers to see that the last hop is the HTTP_X_FORWARDED_FOR, changing the IP address(es) that the traffic is coming from the IP address(es) added in the portal under Access Control > IP Restrictions.

Example:

REMOTE_ADDR=193.34.0.82
HTTP_X_FORWARDED_FOR=10.111.0.111

Where REMOTE_ADDR=193.34.0.82 is the client's IP adddress and HTTP_X_FORWARDED_FOR=10.111.0.111 is the successive proxy that passed the request adding the IP address where it received the request from.

Resolution

The proxy administratior will need to have the HTTP_X_FORWARDED_FOR statements removed from the HTTP request or apply a proxy bypass for the following domains:

  • clients.messagelabs.com
  • identity.symanteccloud.com
     

Note: This restriction provides a limited measure of security, as IP addresses could potentially be spoofed. For example, IP-based restricted access cannot detect instances in which the HTTP_FORWARDED_FOR header has been spoofed. We recommend that you set up two factor authentication in conjunction with IP restrictions for a comprehensive approach to access control.