It has been confirmed that the Auth Connector is working correctly but users show up as an "unauthenticated user" when going through an IPSEC tunnel.
The exception page for blocked websites show the client IP address as the router or firewalls address
In Sept 2011 the Cloud Security Service was upgraded with an end result of providing the possibility of more firewalls/routers to connect IPSEC to the Cloud Security Service. Part of this change now allows for internal IP addresses to be NAT'ed before placed into the IPSEC tunnel (if the device allows it).
If traffic is NAT'ed before being placed into the tunnel it will break the ability for the Cloud service to identify the user. It is required for the Cloud service to see the real IP address of the workstation making the HTTP or HTTPS request.
Imported Document ID: 000014330
Subscribing will provide email updates when this Article is updated. Login is required.
Thanks for your feedback. Let us know if you have additional comments below. (requires login)
Subscribed to the Article.
Unable to subscribe
Thanks for your additional feedback !!!
Enterprise Support Virtual Agent
Rate Me :
Tell us more:
Welcome! My name is Sami, the Enterprise Support Virtual Agent answering technical support questions.