Support Center > Search Results > SecureKnowledge Details
Virtual System sends requests to authentication server with source IP address of VSX Gateway
Symptoms
  • Authentication requests sent from a Virtual System to 3rd party authentication servers fail.
    IP address of this Virtual System is configured on authentication servers as the Client IP address.

  • Traffic capture on VSX Gateway shows that requests to authentication servers are sent with source IP address of VSX Gateway / VSX Cluster.

  • When VSX deployment is forwarding authentication requests (RADIUS, LDAP, etc.) the requests are sourced from the IP of VS0 instead of the Virtual System.
Cause

The default configuration for a Virtual System is to send requests to authentication servers with source IP address of VSX Gateway / VSX Cluster:

In SmartDashboard, open Virtual System object - expand "Other" in the left pane - click on "Legacy Authentication" - refer to section "Authentication Servers Accessibility (including LDAP)" - the default is "Shared (servers are accessible from the VSX gateway/cluster".

Example:


Solution
Note: To view this solution you need to Sign In .